--- /dev/null
+
+### acl/30_exim4-config_check_mail
+#################################
+
+# This access control list is used for every MAIL command in an incoming
+# SMTP message. The tests are run in order until the address is either
+# accepted or denied.
+#
+acl_check_mail:
+ .ifdef CHECK_MAIL_HELO_ISSUED
+ deny
+ message = no HELO given before MAIL command
+ condition = ${if def:sender_helo_name {no}{yes}}
+ .endif
+
+ accept
!verify = sender
.endif
+ # hcoop-change: Add recommended lines from
+ # /usr/share/doc/mailman/README.EXIM.gz so that bounce messages
+ # get through, even if they are from a malformed address
+
+ # Accept bounces to lists even if callbacks or other checks would fail
+ warn
+ message = X-WhitelistedRCPT-nohdrfromcallback: Yes
+ condition = ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
+ {exists {MAILMAN_LISTCHK}}} \
+ {yes}{no}}
+
+ accept
+ condition = ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
+ {exists {MAILMAN_LISTCHK}}} \
+ {yes}{no}}
+
# Verify senders listed in local_sender_callout with a callout.
#
# In smarthost and satellite setups, this causes the callout to be
# X-Spam_bar: $spam_bar\n\
# X-Spam_report: $spam_report
+ # hcoop-change: Our more-competent solution
+ warn
+ # Only run through spamassassin if the user wants this
+ condition = ${if exists{/etc/spamassassin/addrs/${local_part}@${domain}}\
+ {yes}{no}}
+ spam = nobody:true
+ add_header = X-Spam-Score: $spam_score ($spam_bar)
+ add_header = X-Spam-Report: $spam_report
+
# This hook allows you to hook in your own ACLs without having to
# modify this file. If you do it like we suggest, you'll end up with
client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
-plain:
+# hcoop-change: Authenticate against /etc/courier/exim.dat
+userdb_plain:
driver = plaintext
public_name = PLAIN
-.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
- client_send = "${if !eq{$tls_cipher}{}{\
- ^${extract{1}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
- ^${extract{2}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
- }fail}"
-.else
- client_send = "^${extract{1}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
- ^${extract{2}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}"
-.endif
+ server_condition = \
+ ${if \
+ crypteq {$3} \
+ {${extract{systempw}{${tr{${lookup{$2} \
+ dbm{/etc/courier/exim.dat} \
+ }}{|}{ }}}}} \
+ {yes} \
+ {no} \
+ }
+ server_set_id = $2
+
+# hcoop-change: Comment out plain authenticator
+# plain:
+# driver = plaintext
+# public_name = PLAIN
+# .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+# client_send = "${if !eq{$tls_cipher}{}{\
+# ^${extract{1}{::}\
+# {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
+# ^${extract{2}{::}\
+# {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
+# }fail}"
+# .else
+# client_send = "^${extract{1}{::}\
+# {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
+# ^${extract{2}{::}\
+# {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}"
+# .endif
login:
driver = plaintext
# List of domains considered local for exim. Domains not listed here
# need to be deliverable remotely.
-.ifndef MAIN_LOCAL_DOMAINS
-MAIN_LOCAL_DOMAINS = DEBCONFlocal_domainsDEBCONF
-.endif
-domainlist local_domains = MAIN_LOCAL_DOMAINS
+# hcoop-change: comment out
+#.ifndef MAIN_LOCAL_DOMAINS
+#MAIN_LOCAL_DOMAINS = DEBCONFlocal_domainsDEBCONF
+#.endif
+#domainlist local_domains = MAIN_LOCAL_DOMAINS
# List of recipient domains to relay _to_. Use this list if you're -
# for example - fallback MX or mail gateway for domains.
-.ifndef MAIN_RELAY_TO_DOMAINS
-MAIN_RELAY_TO_DOMAINS = DEBCONFrelay_domainsDEBCONF
-.endif
-domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
+# hcoop-change: comment out
+#.ifndef MAIN_RELAY_TO_DOMAINS
+#MAIN_RELAY_TO_DOMAINS = DEBCONFrelay_domainsDEBCONF
+#.endif
+#domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
# List of sender networks (IP addresses) to _unconditionally_ relay
# _for_. If you intend to be SMTP AUTH server, you do not need to enter
.endif
# always log tls_peerdn as we use TLS for outgoing connects by default
+# hcoop-change: add +tls_ciper
.ifndef MAIN_LOG_SELECTOR
-MAIN_LOG_SELECTOR = +tls_peerdn
+MAIN_LOG_SELECTOR = +tls_cipher +tls_peerdn
.endif
+
+# hcoop-change: use file_transport = address_file for /etc/aliases
+# delivery, as per old configuration
+SYSTEM_ALIASES_FILE_TRANSPORT = address_file
--- /dev/null
+# Home dir for your Mailman installation -- aka Mailman's prefix
+# directory.
+# By default this is set to "/usr/local/mailman"
+# On a Red Hat/Fedora system using the RPM use "/var/mailman"
+# On Debian using the deb package use "/var/lib/mailman"
+# This is normally the same as ~mailman
+MAILMAN_HOME=/var/lib/mailman
+
+# The path of the Mailman mail wrapper script
+MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
+
+# User and group for Mailman, should match your --with-mail-gid
+# switch to Mailman's configure script.
+# Value is normally "mailman"
+MAILMAN_USER=mail
+MAILMAN_GROUP=mail
+
+# Domains that your lists are in - colon separated list
+# you may wish to add these into local_domains as well
+#
+# These are auto-generated by domtool.
+#
+# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
+
+# These values are derived from the ones above and should not need
+# editing unless you have munged your mailman installation
+
+# The path of the list config file (used as a required file when
+# verifying list addresses)
+MAILMAN_LISTCHK=MAILMAN_HOME/lists/${lc::$local_part}/config.pck
--- /dev/null
+
+### main/90_exim4-config_log_selector
+#################################
+
+# uncomment this for debugging
+# MAIN_LOG_SELECTOR == MAIN_LOG_SELECTOR +all -subject -arguments
+
+.ifdef MAIN_LOG_SELECTOR
+log_selector = MAIN_LOG_SELECTOR
+.endif
--- /dev/null
+# hcoop-change: Route mail for hosted domains
+
+virtual_user:
+ driver = accept
+ transport = virtual_delivery
+ require_files = /home/vmail/${domain}/${local_part}
--- /dev/null
+# hcoop-change: Route mail for mailing lists
+mailman_router:
+ driver = accept
+ domains = +mm_domains
+ require_files = MAILMAN_LISTCHK
+ condition = ${run{/bin/sh -c \"/usr/local/sbin/checklist ${local_part} ${doma\
+in}\""}{1}{0}}
+ local_part_suffix_optional
+ local_part_suffix = -admin : \
+ -bounces : -bounces+* : \
+ -confirm : -confirm+* : \
+ -join : -leave : \
+ -owner : -request : \
+ -subscribe : -unsubscribe
+ transport = mailman_transport
--- /dev/null
+# hcoop-change: default_aliases rule for various domains; mostly seems
+# to be used by Adam
+default_aliases:
+ debug_print = "R: default_aliases for $local_part@$domain"
+ driver = redirect
+ domains = +local_domains
+ allow_fail
+ allow_defer
+ data = ${lookup{$local_part@$domain}lsearch*@{/etc/aliases.default}}
+ .ifdef SYSTEM_ALIASES_USER
+ user = SYSTEM_ALIASES_USER
+ .endif
+ .ifdef SYSTEM_ALIASES_GROUP
+ group = SYSTEM_ALIASES_GROUP
+ .endif
+ .ifdef SYSTEM_ALIASES_FILE_TRANSPORT
+ file_transport = SYSTEM_ALIASES_FILE_TRANSPORT
+ .endif
+ .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT
+ pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT
+ .endif
+ .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT
+ directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT
+ .endif
--- /dev/null
+# hcoop-change: Transport for mailman lists
+mailman_transport:
+ debug_print = "T: mailman for $local_part@$domain"
+ driver = pipe
+ command = MAILMAN_WRAP \
+ '${if def:local_part_suffix \
+ {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
+ {post}}' \
+ $local_part
+ current_directory = MAILMAN_HOME
+ home_directory = MAILMAN_HOME
+ user = MAILMAN_USER
+ group = MAILMAN_GROUP
--- /dev/null
+# hcoop-change: This transport is used to deliver mail to virtual
+# mailboxes (i.e. email accounts which have been granted to non-hcoop
+# members by the owner of the domain)
+
+# Warning: This is currently known to not work for some domains.
+# Perhaps we should be using a postgresql/mysql lookup here.
+
+virtual_delivery:
+ debug_print = "T: virtual_delivery for $local_part@$domain"
+ driver = appendfile
+ user = ${extract{uid}{${tr{${lookup{$local_part@$domain} \
+ dbm{/etc/courier/exim.dat} \
+ }}{|}{ }}}}
+ group = mail
+ mode = 0660
+ mode_fail_narrower = false
+ envelope_to_add
+ return_path_add
+ directory = /home/vmail/${domain}/${local_part}
+ maildir_format
# This is a Debian specific file
dc_eximconfig_configtype='internet'
-dc_other_hostnames='localhost.localdomain'
-dc_local_interfaces='127.0.0.1'
+dc_other_hostnames='hcoop.net:deleuze.hcoop.net'
+dc_local_interfaces=''
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='maildir_home'
+
+# hcoop-change: Additional nonstandard items
+
+# sets qualify_domain
+dc_visiblename='hcoop.net'