[hcoop/config/exim.git] / conf.d / main / 01_exim4-config_listmacrosdefs

######################################################################
#      Runtime configuration file for Exim 4 (Debian Packaging)      #
######################################################################

######################################################################
# /etc/exim4/exim4.conf.template is only used with the non-split
#   configuration scheme.
# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
#   with the split configuration scheme.
# If you find this comment anywhere else, somebody copied it there.
# Documentation about the Debian exim4 configuration scheme can be
# found in /usr/share/doc/exim4-base/README.Debian.gz.
######################################################################

######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################

# Just for reference and scripts. 
# On Debian systems, the main binary is installed as exim4 to avoid
# conflicts with the exim 3 packages.
exim_path = /usr/sbin/exim4

# Macro defining the main configuration directory.
# We do not use absolute paths.
.ifndef CONFDIR
CONFDIR = /etc/exim4
.endif

# debconf-driven macro definitions get inserted after this line
UPEX4CmacrosUPEX4C = 1

# Create domain and host lists for relay control
# '@' refers to 'the name of the local host'

# List of domains considered local for exim. Domains not listed here
# need to be deliverable remotely.
# hcoop-change: comment out, provided by domtool
# domainlist local_domains = MAIN_LOCAL_DOMAINS

# List of recipient domains to relay _to_. Use this list if you're -
# for example - fallback MX or mail gateway for domains.
# hcoop-change: comment out, provided by domtool
# domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS

# hcoop-change: List of domains that accept mail from local users.
# Mail sent to other domains we manage will be transformed into a
# local address by /etc/aliases.
domainlist unix_domains = hcoop.net:deleuze.hcoop.net:outpost.hcoop.net:hopper.hcoop.net:navajos.hcoop.net:bog.hcoop.net:fritz.hcoop.net:mccarthy.hcoop.net:gibran.hcoop.net:marsh.hcoop.net:minsky.hcoop.net:shelob.hcoop.net:lovelace.hcoop.net:localhost

# List of sender networks (IP addresses) to _unconditionally_ relay
# _for_. If you intend to be SMTP AUTH server, you do not need to enter
# anything here.
hostlist relay_from_hosts = MAIN_RELAY_NETS


# Decide which domain to use to add to all unqualified addresses.
# If MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN is defined, the primary
# hostname is used. If not, but MAIN_QUALIFY_DOMAIN is set, the value
# of MAIN_QUALIFY_DOMAIN is used. If both macros are not defined,
# the first line of /etc/mailname is used.
.ifndef MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN
.ifndef MAIN_QUALIFY_DOMAIN
qualify_domain = ETC_MAILNAME
.else
qualify_domain = MAIN_QUALIFY_DOMAIN
.endif
.endif

# listen on all all interfaces?
.ifdef MAIN_LOCAL_INTERFACES
local_interfaces = MAIN_LOCAL_INTERFACES
.endif

.ifndef LOCAL_DELIVERY
# The default transport, set in /etc/exim4/update-exim4.conf.conf,
# defaulting to mail_spool. See CONFDIR/conf.d/transport/ for possibilities
LOCAL_DELIVERY=mail_spool
.endif

# The gecos field in /etc/passwd holds not only the name. see passwd(5).
gecos_pattern = ^([^,:]*)
gecos_name = $1

# always log tls_peerdn as we use TLS for outgoing connects by default
# hcoop-change: add +tls_cipher
.ifndef MAIN_LOG_SELECTOR
MAIN_LOG_SELECTOR = +smtp_protocol_error +smtp_syntax_error +tls_certificate_verified +tls_peerdn +tls_cipher
.endif
# hcoop-change: use file_transport = address_file for /etc/aliases
# delivery, as per old configuration
SYSTEM_ALIASES_FILE_TRANSPORT = address_file

# hcoop-change: deliver mail to AFS
MAILDIR_HOME_MAILDIR_LOCATION = /afs/hcoop.net/common/email

# hcoop-change: enable TLS
MAIN_TLS_ENABLE = yes

# hcoop-change: enabled sender verification
CHECK_RCPT_VERIFY_SENDER = true
CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org
CHECK_RCPT_REVERSE_DNS = true
CHECK_RCPT_SPF = true

# hcoop-change: use hcoop cert 2015-05-04 clinton
MAIN_TLS_CERTKEY = /etc/hcoop-ssl/hcoop.pem

# hcoop-change: uncomment and set to mailman host if this server does not host mailman
#HCOOP_MAILMAN_RELAY_HOST = minsky.hcoop.net

# hcoop-change: all mail for users < 1000 to logs, reject entirely from untrusted remote hosts
FIRST_USER_ACCOUNT_UID = 1000
HCOOP_SYSTEM_ACCOUNT_ALIAS = logs@hcoop.net

# hcoop-change: ignore smtp line length restrictions as it rejects valid mail
IGNORE_SMTP_LINE_LENGTH_LIMIT = yes
Commit	Line	Data
725c9874	1	######################################################################
	2	# Runtime configuration file for Exim 4 (Debian Packaging) #
	3	######################################################################
	4
	5	######################################################################
d2b0a567	6	# /etc/exim4/exim4.conf.template is only used with the non-split
	7	# configuration scheme.
	8	# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
	9	# with the split configuration scheme.
	10	# If you find this comment anywhere else, somebody copied it there.
	11	# Documentation about the Debian exim4 configuration scheme can be
	12	# found in /usr/share/doc/exim4-base/README.Debian.gz.
725c9874	13	######################################################################
	14
	15	######################################################################
	16	# MAIN CONFIGURATION SETTINGS #
	17	######################################################################
	18
	19	# Just for reference and scripts.
	20	# On Debian systems, the main binary is installed as exim4 to avoid
	21	# conflicts with the exim 3 packages.
	22	exim_path = /usr/sbin/exim4
	23
	24	# Macro defining the main configuration directory.
	25	# We do not use absolute paths.
	26	.ifndef CONFDIR
	27	CONFDIR = /etc/exim4
	28	.endif
	29
d21ec910 CE	30	# debconf-driven macro definitions get inserted after this line
d21ec910 CE	31	UPEX4CmacrosUPEX4C = 1
725c9874	32
	33	# Create domain and host lists for relay control
	34	# '@' refers to 'the name of the local host'
	35
d2b0a567	36	# List of domains considered local for exim. Domains not listed here
d2b0a567	37	# need to be deliverable remotely.
d21ec910 CE	38	# hcoop-change: comment out, provided by domtool
d21ec910 CE	39	# domainlist local_domains = MAIN_LOCAL_DOMAINS
725c9874	40
d2b0a567	41	# List of recipient domains to relay _to_. Use this list if you're -
d2b0a567	42	# for example - fallback MX or mail gateway for domains.
d21ec910 CE	43	# hcoop-change: comment out, provided by domtool
d21ec910 CE	44	# domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
725c9874	45
11dd947c	46	# hcoop-change: List of domains that accept mail from local users.
	47	# Mail sent to other domains we manage will be transformed into a
	48	# local address by /etc/aliases.
34151f2d	49	domainlist unix_domains = hcoop.net:deleuze.hcoop.net:outpost.hcoop.net:hopper.hcoop.net:navajos.hcoop.net:bog.hcoop.net:fritz.hcoop.net:mccarthy.hcoop.net:gibran.hcoop.net:marsh.hcoop.net:minsky.hcoop.net:shelob.hcoop.net:lovelace.hcoop.net:localhost
11dd947c	50
d2b0a567	51	# List of sender networks (IP addresses) to _unconditionally_ relay
	52	# _for_. If you intend to be SMTP AUTH server, you do not need to enter
	53	# anything here.
d2b0a567	54	hostlist relay_from_hosts = MAIN_RELAY_NETS
725c9874	55
725c9874	56
d21ec910 CE	57	# Decide which domain to use to add to all unqualified addresses.
	58	# If MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN is defined, the primary
	59	# hostname is used. If not, but MAIN_QUALIFY_DOMAIN is set, the value
	60	# of MAIN_QUALIFY_DOMAIN is used. If both macros are not defined,
	61	# the first line of /etc/mailname is used.
	62	.ifndef MAIN_PRIMARY_HOSTNAME_AS_QUALIFY_DOMAIN
	63	.ifndef MAIN_QUALIFY_DOMAIN
	64	qualify_domain = ETC_MAILNAME
	65	.else
	66	qualify_domain = MAIN_QUALIFY_DOMAIN
725c9874	67	.endif
725c9874	68	.endif
	69
	70	# listen on all all interfaces?
	71	.ifdef MAIN_LOCAL_INTERFACES
	72	local_interfaces = MAIN_LOCAL_INTERFACES
725c9874	73	.endif
	74
	75	.ifndef LOCAL_DELIVERY
	76	# The default transport, set in /etc/exim4/update-exim4.conf.conf,
	77	# defaulting to mail_spool. See CONFDIR/conf.d/transport/ for possibilities
d21ec910	78	LOCAL_DELIVERY=mail_spool
725c9874	79	.endif
	80
	81	# The gecos field in /etc/passwd holds not only the name. see passwd(5).
	82	gecos_pattern = ^([^,:]*)
	83	gecos_name = $1
	84
54efacdd	85	# always log tls_peerdn as we use TLS for outgoing connects by default
7b83f2a3	86	# hcoop-change: add +tls_cipher
d2b0a567	87	.ifndef MAIN_LOG_SELECTOR
7b83f2a3	88	MAIN_LOG_SELECTOR = +smtp_protocol_error +smtp_syntax_error +tls_certificate_verified +tls_peerdn +tls_cipher
725c9874	89	.endif
06b25c81	90	# hcoop-change: use file_transport = address_file for /etc/aliases
	91	# delivery, as per old configuration
	92	SYSTEM_ALIASES_FILE_TRANSPORT = address_file
cf08a29f	93
cf08a29f	94	# hcoop-change: deliver mail to AFS
8f42d430	95	MAILDIR_HOME_MAILDIR_LOCATION = /afs/hcoop.net/common/email
0140c711	96
	97	# hcoop-change: enable TLS
	98	MAIN_TLS_ENABLE = yes
049ff5b8 CE	99
	100	# hcoop-change: enabled sender verification
	101	CHECK_RCPT_VERIFY_SENDER = true
	102	CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org
	103	CHECK_RCPT_REVERSE_DNS = true
	104	CHECK_RCPT_SPF = true
190d8042 CE	105
	106	# hcoop-change: use hcoop cert 2015-05-04 clinton
	107	MAIN_TLS_CERTKEY = /etc/hcoop-ssl/hcoop.pem
	108
a8e066fe	109	# hcoop-change: uncomment and set to mailman host if this server does not host mailman
8ed91a79	110	#HCOOP_MAILMAN_RELAY_HOST = minsky.hcoop.net
f16924af	111
33484f9a CE	112	# hcoop-change: all mail for users < 1000 to logs, reject entirely from untrusted remote hosts
33484f9a CE	113	FIRST_USER_ACCOUNT_UID = 1000
961984f5 CE	114	HCOOP_SYSTEM_ACCOUNT_ALIAS = logs@hcoop.net
	115
	116	# hcoop-change: ignore smtp line length restrictions as it rejects valid mail
	117	IGNORE_SMTP_LINE_LENGTH_LIMIT = yes