Commit | Line | Data |
---|---|---|
725c9874 | 1 | ###################################################################### |
2 | # Runtime configuration file for Exim 4 (Debian Packaging) # | |
3 | ###################################################################### | |
4 | ||
5 | ###################################################################### | |
d2b0a567 | 6 | # /etc/exim4/exim4.conf.template is only used with the non-split |
7 | # configuration scheme. | |
8 | # /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used | |
9 | # with the split configuration scheme. | |
10 | # If you find this comment anywhere else, somebody copied it there. | |
11 | # Documentation about the Debian exim4 configuration scheme can be | |
12 | # found in /usr/share/doc/exim4-base/README.Debian.gz. | |
725c9874 | 13 | ###################################################################### |
14 | ||
15 | ###################################################################### | |
16 | # MAIN CONFIGURATION SETTINGS # | |
17 | ###################################################################### | |
18 | ||
19 | # Just for reference and scripts. | |
20 | # On Debian systems, the main binary is installed as exim4 to avoid | |
21 | # conflicts with the exim 3 packages. | |
22 | exim_path = /usr/sbin/exim4 | |
23 | ||
24 | # Macro defining the main configuration directory. | |
25 | # We do not use absolute paths. | |
26 | .ifndef CONFDIR | |
27 | CONFDIR = /etc/exim4 | |
28 | .endif | |
29 | ||
d21ec910 CE |
30 | # debconf-driven macro definitions get inserted after this line |
31 | UPEX4CmacrosUPEX4C = 1 | |
725c9874 | 32 | |
33 | # Create domain and host lists for relay control | |
34 | # '@' refers to 'the name of the local host' | |
35 | ||
d2b0a567 | 36 | # List of domains considered local for exim. Domains not listed here |
37 | # need to be deliverable remotely. | |
d21ec910 CE |
38 | # hcoop-change: comment out, provided by domtool |
39 | # domainlist local_domains = MAIN_LOCAL_DOMAINS | |
725c9874 | 40 | |
d2b0a567 | 41 | # List of recipient domains to relay _to_. Use this list if you're - |
42 | # for example - fallback MX or mail gateway for domains. | |
d21ec910 CE |
43 | # hcoop-change: comment out, provided by domtool |
44 | # domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS | |
725c9874 | 45 | |
11dd947c | 46 | # hcoop-change: List of domains that accept mail from local users. |
47 | # Mail sent to other domains we manage will be transformed into a | |
48 | # local address by /etc/aliases. | |
aa12254f | 49 | domainlist unix_domains = hcoop.net:deleuze.hcoop.net:outpost.hcoop.net:hopper.hcoop.net:navajos.hcoop.net:bog.hcoop.net:fritz.hcoop.net:mccarthy.hcoop.net:gibran.hcoop.net:marsh.hcoop.net:localhost |
11dd947c | 50 | |
d2b0a567 | 51 | # List of sender networks (IP addresses) to _unconditionally_ relay |
52 | # _for_. If you intend to be SMTP AUTH server, you do not need to enter | |
53 | # anything here. | |
d2b0a567 | 54 | hostlist relay_from_hosts = MAIN_RELAY_NETS |
725c9874 | 55 | |
56 | ||
d21ec910 CE |
57 | # Decide which domain to use to add to all unqualified addresses. |
58 | # If MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN is defined, the primary | |
59 | # hostname is used. If not, but MAIN_QUALIFY_DOMAIN is set, the value | |
60 | # of MAIN_QUALIFY_DOMAIN is used. If both macros are not defined, | |
61 | # the first line of /etc/mailname is used. | |
62 | .ifndef MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN | |
63 | .ifndef MAIN_QUALIFY_DOMAIN | |
64 | qualify_domain = ETC_MAILNAME | |
65 | .else | |
66 | qualify_domain = MAIN_QUALIFY_DOMAIN | |
725c9874 | 67 | .endif |
725c9874 | 68 | .endif |
69 | ||
70 | # listen on all all interfaces? | |
71 | .ifdef MAIN_LOCAL_INTERFACES | |
72 | local_interfaces = MAIN_LOCAL_INTERFACES | |
725c9874 | 73 | .endif |
74 | ||
75 | .ifndef LOCAL_DELIVERY | |
76 | # The default transport, set in /etc/exim4/update-exim4.conf.conf, | |
77 | # defaulting to mail_spool. See CONFDIR/conf.d/transport/ for possibilities | |
d21ec910 | 78 | LOCAL_DELIVERY=mail_spool |
725c9874 | 79 | .endif |
80 | ||
81 | # The gecos field in /etc/passwd holds not only the name. see passwd(5). | |
82 | gecos_pattern = ^([^,:]*) | |
83 | gecos_name = $1 | |
84 | ||
725c9874 | 85 | # define macros to be used in acl/30_exim4-config_check_rcpt to check |
d2b0a567 | 86 | # recipient local parts for strange characters. |
87 | ||
88 | # This macro definition really should be in | |
89 | # acl/30_exim4-config_check_rcpt but cannot be there due to | |
90 | # http://www.exim.org/bugzilla/show_bug.cgi?id=101 as of exim 4.62. | |
91 | ||
92 | # These macros are documented in acl/30_exim4-config_check_rcpt, | |
93 | # can be changed here or overridden by a locally added configuration | |
94 | # file as described in README.Debian chapter 2.1.2 | |
725c9874 | 95 | |
725c9874 | 96 | .ifndef CHECK_RCPT_LOCAL_LOCALPARTS |
d2b0a567 | 97 | CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?] |
725c9874 | 98 | .endif |
99 | ||
725c9874 | 100 | .ifndef CHECK_RCPT_REMOTE_LOCALPARTS |
d2b0a567 | 101 | CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./ |
102 | .endif | |
103 | ||
104 | # always log tls_peerdn as we use TLS for outgoing connects by default | |
06b25c81 | 105 | # hcoop-change: add +tls_ciper |
d2b0a567 | 106 | .ifndef MAIN_LOG_SELECTOR |
06b25c81 | 107 | MAIN_LOG_SELECTOR = +tls_cipher +tls_peerdn |
725c9874 | 108 | .endif |
06b25c81 | 109 | |
110 | # hcoop-change: use file_transport = address_file for /etc/aliases | |
111 | # delivery, as per old configuration | |
112 | SYSTEM_ALIASES_FILE_TRANSPORT = address_file | |
cf08a29f | 113 | |
114 | # hcoop-change: deliver mail to AFS | |
8f42d430 | 115 | MAILDIR_HOME_MAILDIR_LOCATION = /afs/hcoop.net/common/email |
0140c711 | 116 | |
117 | # hcoop-change: enable TLS | |
118 | MAIN_TLS_ENABLE = yes | |
049ff5b8 CE |
119 | |
120 | # hcoop-change: enabled sender verification | |
121 | CHECK_RCPT_VERIFY_SENDER = true | |
122 | CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org | |
123 | CHECK_RCPT_REVERSE_DNS = true | |
124 | CHECK_RCPT_SPF = true | |
190d8042 CE |
125 | |
126 | # hcoop-change: use hcoop cert 2015-05-04 clinton | |
127 | MAIN_TLS_CERTKEY = /etc/hcoop-ssl/hcoop.pem | |
128 | ||
a8e066fe | 129 | # hcoop-change: uncomment and set to mailman host if this server does not host mailman |
f16924af CE |
130 | #HCOOP_MAILMAN_RELAY_HOST = deleuze.hcoop.net |
131 | ||
33484f9a CE |
132 | # hcoop-change: all mail for users < 1000 to logs, reject entirely from untrusted remote hosts |
133 | FIRST_USER_ACCOUNT_UID = 1000 | |
134 | HCOOP_SYSTEM_ACCOUNT_ALIAS = logs@hcoop.net |