Commit | Line | Data |
---|---|---|
de45f55a AM |
1 | |
2 | ### main/02_exim4-config_options | |
3 | ################################# | |
4 | ||
5 | ||
6 | # Defines the access control list that is run when an | |
7 | # SMTP MAIL command is received. | |
8 | # | |
9 | .ifndef MAIN_ACL_CHECK_MAIL | |
10 | MAIN_ACL_CHECK_MAIL = acl_check_mail | |
11 | .endif | |
12 | acl_smtp_mail = MAIN_ACL_CHECK_MAIL | |
13 | ||
14 | ||
15 | # Defines the access control list that is run when an | |
16 | # SMTP RCPT command is received. | |
17 | # | |
18 | .ifndef MAIN_ACL_CHECK_RCPT | |
19 | MAIN_ACL_CHECK_RCPT = acl_check_rcpt | |
20 | .endif | |
21 | acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT | |
22 | ||
23 | ||
24 | # Defines the access control list that is run when an | |
25 | # SMTP DATA command is received. | |
26 | # | |
27 | .ifndef MAIN_ACL_CHECK_DATA | |
28 | MAIN_ACL_CHECK_DATA = acl_check_data | |
29 | .endif | |
30 | acl_smtp_data = MAIN_ACL_CHECK_DATA | |
31 | ||
32 | ||
33 | # Message size limit. The default (used when MESSAGE_SIZE_LIMIT | |
34 | # is unset) is 50 MB | |
35 | .ifdef MESSAGE_SIZE_LIMIT | |
36 | message_size_limit = MESSAGE_SIZE_LIMIT | |
37 | .endif | |
38 | ||
39 | ||
40 | # If you are running exim4-daemon-heavy or a custom version of Exim that | |
41 | # was compiled with the content-scanning extension, you can cause incoming | |
42 | # messages to be automatically scanned for viruses. You have to modify the | |
43 | # configuration in two places to set this up. The first of them is here, | |
44 | # where you define the interface to your scanner. This example is typical | |
45 | # for ClamAV; see the manual for details of what to set for other virus | |
46 | # scanners. The second modification is in the acl_check_data access | |
47 | # control list. | |
48 | ||
49 | # av_scanner = clamd:/var/run/clamav/clamd.ctl | |
50 | ||
51 | ||
52 | # For spam scanning, there is a similar option that defines the interface to | |
53 | # SpamAssassin. You do not need to set this if you are using the default, which | |
54 | # is shown in this commented example. As for virus scanning, you must also | |
55 | # modify the acl_check_data access control list to enable spam scanning. | |
56 | ||
57 | # spamd_address = 127.0.0.1 783 | |
58 | ||
59 | # Domain used to qualify unqualified recipient addresses | |
60 | # If this option is not set, the qualify_domain value is used. | |
61 | # qualify_recipient = <value of qualify_domain> | |
62 | ||
63 | ||
64 | # Allow Exim to recognize addresses of the form "user@[10.11.12.13]", | |
65 | # where the domain part is a "domain literal" (an IP address) instead | |
66 | # of a named domain. The RFCs require this facility, but it is disabled | |
0baa7b9d | 67 | # in the default config since it is rarely used and frequently abused. |
de45f55a AM |
68 | # Domain literal support also needs a special router, which is automatically |
69 | # enabled if you use the enable macro MAIN_ALLOW_DOMAIN_LITERALS. | |
70 | # Additionally, you might want to make your local IP addresses (or @[]) | |
71 | # local domains. | |
72 | .ifdef MAIN_ALLOW_DOMAIN_LITERALS | |
73 | allow_domain_literals | |
74 | .endif | |
75 | ||
76 | ||
77 | # Do a reverse DNS lookup on all incoming IP calls, in order to get the | |
78 | # true host name. If you feel this is too expensive, the networks for | |
79 | # which a lookup is done can be listed here. | |
80 | .ifndef DC_minimaldns | |
81 | .ifndef MAIN_HOST_LOOKUP | |
82 | MAIN_HOST_LOOKUP = * | |
83 | .endif | |
84 | host_lookup = MAIN_HOST_LOOKUP | |
85 | .endif | |
86 | ||
01e60269 AM |
87 | # The setting below causes Exim to try to initialize the system resolver |
88 | # library with DNSSEC support. It has no effect if your library lacks | |
89 | # DNSSEC support. | |
90 | dns_dnssec_ok = 1 | |
de45f55a AM |
91 | |
92 | # In a minimaldns setup, update-exim4.conf guesses the hostname and | |
93 | # dumps it here to avoid DNS lookups being done at Exim run time. | |
94 | .ifdef MAIN_HARDCODE_PRIMARY_HOSTNAME | |
95 | primary_hostname = MAIN_HARDCODE_PRIMARY_HOSTNAME | |
96 | .endif | |
97 | ||
0baa7b9d SB |
98 | # The settings below cause Exim to make RFC 1413 (ident) callbacks |
99 | # for all incoming SMTP calls. You can limit the hosts to which these | |
100 | # calls are made, and/or change the timeout that is used. If you set | |
101 | # the timeout to zero, all RFC 1413 calls are disabled. RFC 1413 calls | |
102 | # are cheap and can provide useful information for tracing problem | |
103 | # messages, but some hosts and firewalls have problems with them. | |
104 | # This can result in a timeout instead of an immediate refused | |
105 | # connection, leading to delays on starting up SMTP sessions. | |
106 | # (The default was reduced from 30s to 5s for release 4.61. and to | |
107 | # disabled for release 4.86) | |
108 | # | |
109 | #rfc1413_hosts = * | |
110 | #rfc1413_query_timeout = 5s | |
111 | ||
112 | ||
113 | # Enable an efficiency feature. We advertise the feature; clients | |
114 | # may request to use it. For multi-recipient mails we then can | |
115 | # reject or accept per-user after the message is received. | |
116 | # | |
117 | prdr_enable = true | |
de45f55a AM |
118 | |
119 | # When using an external relay tester (such as rt.njabl.org and/or the | |
120 | # currently defunct relay-test.mail-abuse.org, the test may be aborted | |
121 | # since exim complains about "too many nonmail commands". If you want | |
122 | # the test to complete, add the host from where "your" relay tester | |
123 | # connects from to the MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS macro. | |
124 | # Please note that a non-empty setting may cause extra DNS lookups to | |
125 | # happen, which is the reason why this option is commented out in the | |
126 | # default settings. | |
127 | # MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS = !rt.njabl.org | |
128 | .ifdef MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS | |
129 | smtp_accept_max_nonmail_hosts = MAIN_SMTP_ACCEPT_MAX_NOMAIL_HOSTS | |
130 | .endif | |
131 | ||
132 | # By default, exim forces a Sender: header containing the local | |
133 | # account name at the local host name in all locally submitted messages | |
134 | # that don't have the local account name at the local host name in the | |
135 | # From: header, deletes any Sender: header present in the submitted | |
136 | # message and forces the envelope sender of all locally submitted | |
137 | # messages to the local account name at the local host name. | |
138 | # The following settings allow local users to specify their own envelope sender | |
139 | # in a locally submitted message. Sender: headers existing in a locally | |
140 | # submitted message are not removed, and no automatic Sender: headers | |
141 | # are added. These settings are fine for most hosts. | |
142 | # If you run exim on a classical multi-user systems where all users | |
143 | # have local mailboxes that can be reached via SMTP from the Internet | |
144 | # with the local FQDN as the domain part of the address, you might want | |
145 | # to disable the following three lines for traceability reasons. | |
146 | .ifndef MAIN_FORCE_SENDER | |
147 | local_from_check = false | |
148 | local_sender_retain = true | |
149 | untrusted_set_sender = * | |
150 | .endif | |
151 | ||
152 | ||
153 | # By default, Exim expects all envelope addresses to be fully qualified, that | |
154 | # is, they must contain both a local part and a domain. Configure exim | |
155 | # to accept unqualified addresses from certain hosts. When this is done, | |
156 | # unqualified addresses are qualified using the settings of qualify_domain | |
157 | # and/or qualify_recipient (see above). | |
158 | # sender_unqualified_hosts = <unset> | |
159 | # recipient_unqualified_hosts = <unset> | |
160 | ||
161 | ||
162 | # Configure Exim to support the "percent hack" for certain domains. | |
163 | # The "percent hack" is the feature by which mail addressed to x%y@z | |
164 | # (where z is one of the domains listed) is locally rerouted to x@y | |
165 | # and sent on. If z is not one of the "percent hack" domains, x%y is | |
166 | # treated as an ordinary local part. The percent hack is rarely needed | |
167 | # nowadays but frequently abused. You should not enable it unless you | |
168 | # are sure that you really need it. | |
169 | # percent_hack_domains = <unset> | |
170 | ||
171 | ||
172 | # Bounce handling | |
173 | .ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER | |
174 | MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d | |
175 | .endif | |
176 | ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER | |
177 | ||
178 | .ifndef MAIN_TIMEOUT_FROZEN_AFTER | |
179 | MAIN_TIMEOUT_FROZEN_AFTER = 7d | |
180 | .endif | |
181 | timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER | |
182 | ||
183 | .ifndef MAIN_FREEZE_TELL | |
184 | MAIN_FREEZE_TELL = postmaster | |
185 | .endif | |
186 | freeze_tell = MAIN_FREEZE_TELL | |
187 | ||
188 | ||
189 | # Define spool directory | |
190 | .ifndef SPOOLDIR | |
191 | SPOOLDIR = /var/spool/exim4 | |
192 | .endif | |
193 | spool_directory = SPOOLDIR | |
194 | ||
195 | ||
196 | # trusted users can set envelope-from to arbitrary values | |
197 | .ifndef MAIN_TRUSTED_USERS | |
198 | MAIN_TRUSTED_USERS = uucp | |
199 | .endif | |
200 | trusted_users = MAIN_TRUSTED_USERS | |
201 | .ifdef MAIN_TRUSTED_GROUPS | |
202 | trusted_groups = MAIN_TRUSTED_GROUPS | |
203 | .endif | |
204 | ||
205 | ||
206 | # users in admin group can do many other things | |
207 | # admin_groups = <unset> | |
208 | ||
209 | ||
210 | # SMTP Banner. The example includes the Debian version in the SMTP dialog | |
211 | # MAIN_SMTP_BANNER = "${primary_hostname} ESMTP Exim ${version_number} (Debian package MAIN_PACKAGE_VERSION) ${tod_full}" | |
212 | # smtp_banner = $smtp_active_hostname ESMTP Exim $version_number $tod_full | |
493d55f6 AM |
213 | |
214 | .ifdef MAIN_KEEP_ENVIRONMENT | |
215 | keep_environment = MAIN_KEEP_ENVIRONMENT | |
216 | .else | |
217 | # set option to empty value to avoid warning. | |
218 | keep_environment = | |
219 | .endif | |
220 | .ifdef MAIN_ADD_ENVIRONMENT | |
221 | add_environment = MAIN_ADD_ENVIRONMENT | |
222 | .endif |