X-Git-Url: https://git.hcoop.net/hcoop/config/exim.git/blobdiff_plain/049ff5b8ce023dbb84059d41808e33605dc78e5e..78833306ab9859e5189809f64063aadc0f5d54ec:/conf.d/main/01_exim4-config_listmacrosdefs

diff --git a/conf.d/main/01_exim4-config_listmacrosdefs b/conf.d/main/01_exim4-config_listmacrosdefs
index c02cd3b..f4e9fb3 100644
--- a/conf.d/main/01_exim4-config_listmacrosdefs
+++ b/conf.d/main/01_exim4-config_listmacrosdefs
@@ -46,7 +46,7 @@ UPEX4CmacrosUPEX4C = 1
 # hcoop-change: List of domains that accept mail from local users.
 # Mail sent to other domains we manage will be transformed into a
 # local address by /etc/aliases.
-domainlist unix_domains = hcoop.net:deleuze.hcoop.net:mire.hcoop.net:outpost.hcoop.net:localhost
+domainlist unix_domains = hcoop.net:deleuze.hcoop.net:outpost.hcoop.net:hopper.hcoop.net:navajos.hcoop.net:bog.hcoop.net:fritz.hcoop.net:mccarthy.hcoop.net:gibran.hcoop.net:marsh.hcoop.net:minsky.hcoop.net:localhost
 
 # List of sender networks (IP addresses) to _unconditionally_ relay
 # _for_. If you intend to be SMTP AUTH server, you do not need to enter
@@ -91,7 +91,8 @@ gecos_name = $1
 
 # These macros are documented in acl/30_exim4-config_check_rcpt,
 # can be changed here or overridden by a locally added configuration
-# file as described in README.Debian chapter 2.1.2
+# file as described in README.Debian section "Using Exim Macros to control
+# the configuration".
 
 .ifndef CHECK_RCPT_LOCAL_LOCALPARTS
 CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
@@ -101,6 +102,11 @@ CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
 CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
 .endif
 
+# always log tls_peerdn as we use TLS for outgoing connects by default
+.ifndef MAIN_LOG_SELECTOR
+MAIN_LOG_SELECTOR = +smtp_protocol_error +smtp_syntax_error +tls_certificate_verified +tls_peerdn
+.endif
+
 # always log tls_peerdn as we use TLS for outgoing connects by default
 # hcoop-change: add +tls_ciper
 .ifndef MAIN_LOG_SELECTOR
@@ -122,3 +128,13 @@ CHECK_RCPT_VERIFY_SENDER = true
 CHECK_RCPT_IP_DNSBLS = zen.spamhaus.org
 CHECK_RCPT_REVERSE_DNS = true
 CHECK_RCPT_SPF = true
+
+# hcoop-change: use hcoop cert 2015-05-04 clinton
+MAIN_TLS_CERTKEY = /etc/hcoop-ssl/hcoop.pem
+
+# hcoop-change: uncomment and set to mailman host if this server does not host mailman
+HCOOP_MAILMAN_RELAY_HOST = mccarthy.hcoop.net
+
+# hcoop-change: all mail for users < 1000 to logs, reject entirely from untrusted remote hosts
+FIRST_USER_ACCOUNT_UID = 1000
+HCOOP_SYSTEM_ACCOUNT_ALIAS = logs@hcoop.net
\ No newline at end of file