# hcoop-change: List of domains that accept mail from local users.
# Mail sent to other domains we manage will be transformed into a
# local address by /etc/aliases.
-domainlist unix_domains = hcoop.net:deleuze.hcoop.net:mire.hcoop.net:outpost.hcoop.net:localhost
+domainlist unix_domains = hcoop.net:deleuze.hcoop.net:outpost.hcoop.net:hopper.hcoop.net:navajos.hcoop.net:bog.hcoop.net:fritz.hcoop.net:mccarthy.hcoop.net:gibran.hcoop.net:marsh.hcoop.net:minsky.hcoop.net:localhost
# List of sender networks (IP addresses) to _unconditionally_ relay
# _for_. If you intend to be SMTP AUTH server, you do not need to enter
# These macros are documented in acl/30_exim4-config_check_rcpt,
# can be changed here or overridden by a locally added configuration
-# file as described in README.Debian chapter 2.1.2
+# file as described in README.Debian section "Using Exim Macros to control
+# the configuration".
.ifndef CHECK_RCPT_LOCAL_LOCALPARTS
CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
.endif
+# always log tls_peerdn as we use TLS for outgoing connects by default
+.ifndef MAIN_LOG_SELECTOR
+MAIN_LOG_SELECTOR = +smtp_protocol_error +smtp_syntax_error +tls_certificate_verified +tls_peerdn
+.endif
+
# always log tls_peerdn as we use TLS for outgoing connects by default
# hcoop-change: add +tls_ciper
.ifndef MAIN_LOG_SELECTOR
CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org
CHECK_RCPT_REVERSE_DNS = true
CHECK_RCPT_SPF = true
+
+# hcoop-change: use hcoop cert 2015-05-04 clinton
+MAIN_TLS_CERTKEY = /etc/hcoop-ssl/hcoop.pem
+
+# hcoop-change: uncomment and set to mailman host if this server does not host mailman
+HCOOP_MAILMAN_RELAY_HOST = mccarthy.hcoop.net
+
+# hcoop-change: all mail for users < 1000 to logs, reject entirely from untrusted remote hosts
+FIRST_USER_ACCOUNT_UID = 1000
+HCOOP_SYSTEM_ACCOUNT_ALIAS = logs@hcoop.net
\ No newline at end of file
HCoop / hcoop / config / exim.git / blobdiff