[hcoop/config/exim.git] / conf.d / main / 01_exim4-config_listmacrosdefs

######################################################################
#      Runtime configuration file for Exim 4 (Debian Packaging)      #
######################################################################

######################################################################
# /etc/exim4/exim4.conf.template is only used with the non-split
#   configuration scheme.
# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
#   with the split configuration scheme.
# If you find this comment anywhere else, somebody copied it there.
# Documentation about the Debian exim4 configuration scheme can be
# found in /usr/share/doc/exim4-base/README.Debian.gz.
######################################################################

######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################

# Just for reference and scripts. 
# On Debian systems, the main binary is installed as exim4 to avoid
# conflicts with the exim 3 packages.
exim_path = /usr/sbin/exim4

# Macro defining the main configuration directory.
# We do not use absolute paths.
.ifndef CONFDIR
CONFDIR = /etc/exim4
.endif

# debconf-driven macro definitions get inserted after this line
UPEX4CmacrosUPEX4C = 1

# Create domain and host lists for relay control
# '@' refers to 'the name of the local host'

# List of domains considered local for exim. Domains not listed here
# need to be deliverable remotely.
# hcoop-change: comment out, provided by domtool
# domainlist local_domains = MAIN_LOCAL_DOMAINS

# List of recipient domains to relay _to_. Use this list if you're -
# for example - fallback MX or mail gateway for domains.
# hcoop-change: comment out, provided by domtool
# domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS

# hcoop-change: List of domains that accept mail from local users.
# Mail sent to other domains we manage will be transformed into a
# local address by /etc/aliases.
domainlist unix_domains = hcoop.net:deleuze.hcoop.net:outpost.hcoop.net:hopper.hcoop.net:navajos.hcoop.net:bog.hcoop.net:fritz.hcoop.net:mccarthy.hcoop.net:gibran.hcoop.net:marsh.hcoop.net:minsky.hcoop.net:shelob.hcoop.net:lovelace.hcoop.net:localhost

# List of sender networks (IP addresses) to _unconditionally_ relay
# _for_. If you intend to be SMTP AUTH server, you do not need to enter
# anything here.
hostlist relay_from_hosts = MAIN_RELAY_NETS


# Decide which domain to use to add to all unqualified addresses.
# If MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN is defined, the primary
# hostname is used. If not, but MAIN_QUALIFY_DOMAIN is set, the value
# of MAIN_QUALIFY_DOMAIN is used. If both macros are not defined,
# the first line of /etc/mailname is used.
.ifndef MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN
.ifndef MAIN_QUALIFY_DOMAIN
qualify_domain = ETC_MAILNAME
.else
qualify_domain = MAIN_QUALIFY_DOMAIN
.endif
.endif

# listen on all all interfaces?
.ifdef MAIN_LOCAL_INTERFACES
local_interfaces = MAIN_LOCAL_INTERFACES
.endif

.ifndef LOCAL_DELIVERY
# The default transport, set in /etc/exim4/update-exim4.conf.conf,
# defaulting to mail_spool. See CONFDIR/conf.d/transport/ for possibilities
LOCAL_DELIVERY=mail_spool
.endif

# The gecos field in /etc/passwd holds not only the name. see passwd(5).
gecos_pattern = ^([^,:]*)
gecos_name = $1

# define macros to be used in acl/30_exim4-config_check_rcpt to check
# recipient local parts for strange characters.

# This macro definition really should be in
# acl/30_exim4-config_check_rcpt but cannot be there due to
# http://www.exim.org/bugzilla/show_bug.cgi?id=101 as of exim 4.62.

# These macros are documented in acl/30_exim4-config_check_rcpt,
# can be changed here or overridden by a locally added configuration
# file as described in README.Debian section "Using Exim Macros to control
# the configuration".

.ifndef CHECK_RCPT_LOCAL_LOCALPARTS
CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
.endif

.ifndef CHECK_RCPT_REMOTE_LOCALPARTS
CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
.endif

# always log tls_peerdn as we use TLS for outgoing connects by default
.ifndef MAIN_LOG_SELECTOR
MAIN_LOG_SELECTOR = +smtp_protocol_error +smtp_syntax_error +tls_certificate_verified +tls_peerdn
.endif

# always log tls_peerdn as we use TLS for outgoing connects by default
# hcoop-change: add +tls_ciper
.ifndef MAIN_LOG_SELECTOR
MAIN_LOG_SELECTOR = +tls_cipher +tls_peerdn
.endif

# hcoop-change: use file_transport = address_file for /etc/aliases
# delivery, as per old configuration
SYSTEM_ALIASES_FILE_TRANSPORT = address_file

# hcoop-change: deliver mail to AFS
MAILDIR_HOME_MAILDIR_LOCATION = /afs/hcoop.net/common/email

# hcoop-change: enable TLS
MAIN_TLS_ENABLE = yes

# hcoop-change: enabled sender verification
CHECK_RCPT_VERIFY_SENDER = true
CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org
CHECK_RCPT_REVERSE_DNS = true
CHECK_RCPT_SPF = true

# hcoop-change: use hcoop cert 2015-05-04 clinton
MAIN_TLS_CERTKEY = /etc/hcoop-ssl/hcoop.pem

# hcoop-change: uncomment and set to mailman host if this server does not host mailman
#HCOOP_MAILMAN_RELAY_HOST = minsky.hcoop.net

# hcoop-change: all mail for users < 1000 to logs, reject entirely from untrusted remote hosts
FIRST_USER_ACCOUNT_UID = 1000
HCOOP_SYSTEM_ACCOUNT_ALIAS = logs@hcoop.net

# hcoop-change: ignore smtp line length restrictions as it rejects valid mail
IGNORE_SMTP_LINE_LENGTH_LIMIT = yes
Commit	Line	Data
725c9874	1	######################################################################
	2	# Runtime configuration file for Exim 4 (Debian Packaging) #
	3	######################################################################
	4
	5	######################################################################
d2b0a567	6	# /etc/exim4/exim4.conf.template is only used with the non-split
	7	# configuration scheme.
	8	# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
	9	# with the split configuration scheme.
	10	# If you find this comment anywhere else, somebody copied it there.
	11	# Documentation about the Debian exim4 configuration scheme can be
	12	# found in /usr/share/doc/exim4-base/README.Debian.gz.
725c9874	13	######################################################################
	14
	15	######################################################################
	16	# MAIN CONFIGURATION SETTINGS #
	17	######################################################################
	18
	19	# Just for reference and scripts.
	20	# On Debian systems, the main binary is installed as exim4 to avoid
	21	# conflicts with the exim 3 packages.
	22	exim_path = /usr/sbin/exim4
	23
	24	# Macro defining the main configuration directory.
	25	# We do not use absolute paths.
	26	.ifndef CONFDIR
	27	CONFDIR = /etc/exim4
	28	.endif
	29
d21ec910 CE	30	# debconf-driven macro definitions get inserted after this line
d21ec910 CE	31	UPEX4CmacrosUPEX4C = 1
725c9874	32
	33	# Create domain and host lists for relay control
	34	# '@' refers to 'the name of the local host'
	35
d2b0a567	36	# List of domains considered local for exim. Domains not listed here
d2b0a567	37	# need to be deliverable remotely.
d21ec910 CE	38	# hcoop-change: comment out, provided by domtool
d21ec910 CE	39	# domainlist local_domains = MAIN_LOCAL_DOMAINS
725c9874	40
d2b0a567	41	# List of recipient domains to relay _to_. Use this list if you're -
d2b0a567	42	# for example - fallback MX or mail gateway for domains.
d21ec910 CE	43	# hcoop-change: comment out, provided by domtool
d21ec910 CE	44	# domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
725c9874	45
11dd947c	46	# hcoop-change: List of domains that accept mail from local users.
	47	# Mail sent to other domains we manage will be transformed into a
	48	# local address by /etc/aliases.
34151f2d	49	domainlist unix_domains = hcoop.net:deleuze.hcoop.net:outpost.hcoop.net:hopper.hcoop.net:navajos.hcoop.net:bog.hcoop.net:fritz.hcoop.net:mccarthy.hcoop.net:gibran.hcoop.net:marsh.hcoop.net:minsky.hcoop.net:shelob.hcoop.net:lovelace.hcoop.net:localhost
11dd947c	50
d2b0a567	51	# List of sender networks (IP addresses) to _unconditionally_ relay
	52	# _for_. If you intend to be SMTP AUTH server, you do not need to enter
	53	# anything here.
d2b0a567	54	hostlist relay_from_hosts = MAIN_RELAY_NETS
725c9874	55
725c9874	56
d21ec910 CE	57	# Decide which domain to use to add to all unqualified addresses.
	58	# If MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN is defined, the primary
	59	# hostname is used. If not, but MAIN_QUALIFY_DOMAIN is set, the value
	60	# of MAIN_QUALIFY_DOMAIN is used. If both macros are not defined,
	61	# the first line of /etc/mailname is used.
	62	.ifndef MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN
	63	.ifndef MAIN_QUALIFY_DOMAIN
	64	qualify_domain = ETC_MAILNAME
	65	.else
	66	qualify_domain = MAIN_QUALIFY_DOMAIN
725c9874	67	.endif
725c9874	68	.endif
	69
	70	# listen on all all interfaces?
	71	.ifdef MAIN_LOCAL_INTERFACES
	72	local_interfaces = MAIN_LOCAL_INTERFACES
725c9874	73	.endif
	74
	75	.ifndef LOCAL_DELIVERY
	76	# The default transport, set in /etc/exim4/update-exim4.conf.conf,
	77	# defaulting to mail_spool. See CONFDIR/conf.d/transport/ for possibilities
d21ec910	78	LOCAL_DELIVERY=mail_spool
725c9874	79	.endif
	80
	81	# The gecos field in /etc/passwd holds not only the name. see passwd(5).
	82	gecos_pattern = ^([^,:]*)
	83	gecos_name = $1
	84
725c9874	85	# define macros to be used in acl/30_exim4-config_check_rcpt to check
d2b0a567	86	# recipient local parts for strange characters.
	87
	88	# This macro definition really should be in
	89	# acl/30_exim4-config_check_rcpt but cannot be there due to
	90	# http://www.exim.org/bugzilla/show_bug.cgi?id=101 as of exim 4.62.
	91
	92	# These macros are documented in acl/30_exim4-config_check_rcpt,
	93	# can be changed here or overridden by a locally added configuration
c6ffa96a CE	94	# file as described in README.Debian section "Using Exim Macros to control
c6ffa96a CE	95	# the configuration".
725c9874	96
725c9874	97	.ifndef CHECK_RCPT_LOCAL_LOCALPARTS
d2b0a567	98	CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/\|`#&?]
725c9874	99	.endif
725c9874	100
725c9874	101	.ifndef CHECK_RCPT_REMOTE_LOCALPARTS
d2b0a567	102	CHECK_RCPT_REMOTE_LOCALPARTS = ^[./\|] : ^.[@%!`#&?] : ^./\\.\\./
	103	.endif
	104
	105	# always log tls_peerdn as we use TLS for outgoing connects by default
c6ffa96a CE	106	.ifndef MAIN_LOG_SELECTOR
c6ffa96a CE	107	MAIN_LOG_SELECTOR = +smtp_protocol_error +smtp_syntax_error +tls_certificate_verified +tls_peerdn
725c9874	108	.endif
54efacdd CE	109
54efacdd CE	110	# always log tls_peerdn as we use TLS for outgoing connects by default
06b25c81	111	# hcoop-change: add +tls_ciper
d2b0a567	112	.ifndef MAIN_LOG_SELECTOR
06b25c81	113	MAIN_LOG_SELECTOR = +tls_cipher +tls_peerdn
725c9874	114	.endif
06b25c81	115
	116	# hcoop-change: use file_transport = address_file for /etc/aliases
	117	# delivery, as per old configuration
	118	SYSTEM_ALIASES_FILE_TRANSPORT = address_file
cf08a29f	119
cf08a29f	120	# hcoop-change: deliver mail to AFS
8f42d430	121	MAILDIR_HOME_MAILDIR_LOCATION = /afs/hcoop.net/common/email
0140c711	122
	123	# hcoop-change: enable TLS
	124	MAIN_TLS_ENABLE = yes
049ff5b8 CE	125
	126	# hcoop-change: enabled sender verification
	127	CHECK_RCPT_VERIFY_SENDER = true
	128	CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org
	129	CHECK_RCPT_REVERSE_DNS = true
	130	CHECK_RCPT_SPF = true
190d8042 CE	131
	132	# hcoop-change: use hcoop cert 2015-05-04 clinton
	133	MAIN_TLS_CERTKEY = /etc/hcoop-ssl/hcoop.pem
	134
a8e066fe	135	# hcoop-change: uncomment and set to mailman host if this server does not host mailman
8ed91a79	136	#HCOOP_MAILMAN_RELAY_HOST = minsky.hcoop.net
f16924af	137
33484f9a CE	138	# hcoop-change: all mail for users < 1000 to logs, reject entirely from untrusted remote hosts
33484f9a CE	139	FIRST_USER_ACCOUNT_UID = 1000
961984f5 CE	140	HCOOP_SYSTEM_ACCOUNT_ALIAS = logs@hcoop.net
	141
	142	# hcoop-change: ignore smtp line length restrictions as it rejects valid mail
	143	IGNORE_SMTP_LINE_LENGTH_LIMIT = yes