conf.d/main/02_exim4-config_options

   1
   2 ### main/02_exim4-config_options
   3 #################################
   4
   5
   6 # Defines the access control list that is run when an
   7 # SMTP MAIL command is received.
   8 #
   9 .ifndef MAIN_ACL_CHECK_MAIL
  10 MAIN_ACL_CHECK_MAIL = acl_check_mail
  11 .endif
  12 acl_smtp_mail = MAIN_ACL_CHECK_MAIL
  13
  14
  15 # Defines the access control list that is run when an
  16 # SMTP RCPT command is received.
  17 #
  18 .ifndef MAIN_ACL_CHECK_RCPT
  19 MAIN_ACL_CHECK_RCPT = acl_check_rcpt
  20 .endif
  21 acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT
  22
  23
  24 # Defines the access control list that is run when an
  25 # SMTP DATA command is received.
  26 #
  27 .ifndef MAIN_ACL_CHECK_DATA
  28 MAIN_ACL_CHECK_DATA = acl_check_data
  29 .endif
  30 acl_smtp_data = MAIN_ACL_CHECK_DATA
  31
  32
  33 # Message size limit. The default (used when MESSAGE_SIZE_LIMIT
  34 # is unset) is 50 MB
  35 .ifdef MESSAGE_SIZE_LIMIT
  36 message_size_limit = MESSAGE_SIZE_LIMIT
  37 .endif
  38
  39
  40 # If you are running exim4-daemon-heavy or a custom version of Exim that
  41 # was compiled with the content-scanning extension, you can cause incoming
  42 # messages to be automatically scanned for viruses. You have to modify the
  43 # configuration in two places to set this up. The first of them is here,
  44 # where you define the interface to your scanner. This example is typical
  45 # for ClamAV; see the manual for details of what to set for other virus
  46 # scanners. The second modification is in the acl_check_data access
  47 # control list.
  48
  49 # av_scanner = clamd:/tmp/clamd
  50
  51
  52 # For spam scanning, there is a similar option that defines the interface to
  53 # SpamAssassin. You do not need to set this if you are using the default, which
  54 # is shown in this commented example. As for virus scanning, you must also
  55 # modify the acl_check_data access control list to enable spam scanning.
  56
  57 # spamd_address = 127.0.0.1 783
  58
  59 # Domain used to qualify unqualified recipient addresses
  60 # If this option is not set, the qualify_domain value is used.
  61 # qualify_recipient = <value of qualify_domain>
  62
  63
  64 # Allow Exim to recognize addresses of the form "user@[10.11.12.13]",
  65 # where the domain part is a "domain literal" (an IP address) instead
  66 # of a named domain. The RFCs require this facility, but it is disabled
  67 # in the default config since it is seldomly used and frequently abused.
  68 # Domain literal support also needs a special router, which is automatically
  69 # enabled if you use the enable macro MAIN_ALLOW_DOMAIN_LITERALS.
  70 .ifdef MAIN_ALLOW_DOMAIN_LITERALS
  71 allow_domain_literals
  72 .endif
  73
  74
  75 # Do a reverse DNS lookup on all incoming IP calls, in order to get the
  76 # true host name. If you feel this is too expensive, the networks for
  77 # which a lookup is done can be listed here.
  78 .ifndef DC_minimaldns
  79 .ifndef MAIN_HOST_LOOKUP
  80 MAIN_HOST_LOOKUP = *
  81 .endif
  82 host_lookup = MAIN_HOST_LOOKUP
  83 .endif
  84
  85
  86 # In a minimaldns setup, update-exim4.conf guesses the hostname and
  87 # dumps it here to avoid DNS lookups being done at Exim run time.
  88 DEBCONF_hardcode_primary_hostname_DEBCONF
  89
  90 # The settings below, which are actually the same as the defaults in the
  91 # code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
  92 # calls. You can limit the hosts to which these calls are made, and/or change
  93 # the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
  94 # are disabled. RFC 1413 calls are cheap and can provide useful information
  95 # for tracing problem messages, but some hosts and firewalls are
  96 # misconfigured to drop the requests instead of either answering or
  97 # rejecting them. This can result in a timeout instead of an immediate refused
  98 # connection, leading to delays on starting up SMTP sessions. (The default was
  99 # reduced from 30s to 5s for release 4.61.)
 100 # rfc1413_hosts = *
 101 # rfc1413_query_timeout = 5s
 102
 103
 104 # By default, exim forces a Sender: header containing the local
 105 # account name at the local host name in all locally submitted messages
 106 # that don't have the local account name at the local host name in the
 107 # From: header, deletes any Sender: header present in the submitted
 108 # message and forces the envelope sender of all locally submitted
 109 # messages to the local account name at the local host name.
 110 # The following settings allow local users to specify their own envelope sender
 111 # in a locally submitted message. Sender: headers existing in a locally
 112 # submitted message are not removed, and no automatic Sender: headers
 113 # are added. These settings are fine for most hosts.
 114 # If you run exim on a classical multi-user systems where all users
 115 # have local mailboxes that can be reached via SMTP from the Internet
 116 # with the local FQDN as the domain part of the address, you might want
 117 # to disable the following three lines for traceability reasons.
 118 .ifndef MAIN_FORCE_SENDER
 119 local_from_check = false
 120 local_sender_retain = true
 121 untrusted_set_sender = *
 122 .endif
 123
 124
 125 # By default, Exim expects all envelope addresses to be fully qualified, that
 126 # is, they must contain both a local part and a domain. Configure exim
 127 # to accept unqualified addresses from certain hosts. When this is done,
 128 # unqualified addresses are qualified using the settings of qualify_domain
 129 # and/or qualify_recipient (see above).
 130 # sender_unqualified_hosts = <unset>
 131 # recipient_unqualified_hosts = <unset>
 132
 133
 134 # Configure Exim to support the "percent hack" for certain domains.
 135 # The "percent hack" is the feature by which mail addressed to x%y@z
 136 # (where z is one of the domains listed) is locally rerouted to x@y
 137 # and sent on. If z is not one of the "percent hack" domains, x%y is
 138 # treated as an ordinary local part. The percent hack is rarely needed
 139 # nowadays but frequently abused. You should not enable it unless you
 140 # are sure that you really need it.
 141 # percent_hack_domains = <unset>
 142
 143
 144 # Bounce handling
 145 .ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER
 146 MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d
 147 .endif
 148 ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER
 149
 150 .ifndef MAIN_TIMEOUT_FROZEN_AFTER
 151 MAIN_TIMEOUT_FROZEN_AFTER = 7d
 152 .endif
 153 timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER
 154
 155 .ifndef MAIN_FREEZE_TELL
 156 MAIN_FREEZE_TELL = postmaster
 157 .endif
 158 freeze_tell = MAIN_FREEZE_TELL
 159
 160
 161 # Define spool directory
 162 .ifndef SPOOLDIR
 163 SPOOLDIR = /var/spool/exim4
 164 .endif
 165 spool_directory = SPOOLDIR
 166
 167
 168 # trusted users can set envelope-from to arbitrary values
 169 .ifndef MAIN_TRUSTED_USERS
 170 MAIN_TRUSTED_USERS = uucp
 171 .endif
 172 trusted_users = MAIN_TRUSTED_USERS
 173 .ifdef MAIN_TRUSTED_GROUPS
 174 trusted_groups = MAIN_TRUSTED_GROUPS
 175 .endif
 176
 177
 178 # users in admin group can do many other things
 179 # admin_groups = <unset>
 180
 181
 182 # SMTP Banner. The example includes the Debian version in the SMTP dialog
 183 # MAIN_SMTP_BANNER = "${primary_hostname} ESMTP Exim ${version_number} (Debian package DEBCONFpackageversionDEBCONF) ${tod_full}"
 184 # smtp_banner = $smtp_active_hostname ESMTP Exim $version_number $tod_full
 185
 186
 187 # hcoop-change: raise limit for incoming SMTP connections
 188 smtp_accept_max = 95
 189
 190 # hcoop-change: expire retry data after a single day
 191 retry_data_expire = 1d
 192
 193 # hcoop-change: don't penalize hosts past 4 hours
 194 retry_interval_max = 4h