######### # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # this file is generated dynamically from the files in # CONFDIR/conf.d/ or /etc/exim4/exim4.conf.template respectively and # /etc/exim4/update-exim4.conf.conf # Any changes you make here will be lost. # See /usr/share/doc/exim4-base/README.Debian.gz and update-exim4.conf(8) # for instructions of customization. # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING ######### primary_hostname = gw1.datadisk.co.uk CHECK_RCPT_DOMAIN_DNSBLS = smtp.dnsbl.sorbs.net : \ spam.dnsbl.sorbs.net : \ sbl-xbl.spamhaus.org : \ zombie.dnsbl.sorbs.net : \ web.dnsbl.sorbs.net : \ rhsbl.sorbs.net CHECK_RCPT_IP_DNSBLS = sbl-xbl.spamhaus.org : \ dnsbl.sorbs.net : \ cbl.abuseat.org exim_path = /usr/sbin/exim4 .ifndef CONFDIR CONFDIR = /etc/exim4 .endif .ifndef DC_minimaldns .endif .ifndef DC_visiblename DC_visiblename=datadisk.co.uk .endif .ifndef MAIN_LOCAL_DOMAINS MAIN_LOCAL_DOMAINS = @:localhost .endif domainlist local_domains = MAIN_LOCAL_DOMAINS .ifndef MAIN_RELAY_TO_DOMAINS MAIN_RELAY_TO_DOMAINS = datadisk.co.uk:datadiskcorp.co.uk .endif domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS .ifndef MAIN_RELAY_NETS MAIN_RELAY_NETS = 10.0.0.0/8:192.168.0.0/16 .endif hostlist relay_from_hosts = 127.0.0.1 : MAIN_RELAY_NETS .ifdef DC_visiblename qualify_domain = DC_visiblename .endif .ifndef DCreadhost DCreadhost = .endif .ifndef DCsmarthost DCsmarthost = .endif .ifdef MAIN_LOCAL_INTERFACES local_interfaces = MAIN_LOCAL_INTERFACES .else .endif .ifndef LOCAL_DELIVERY LOCAL_DELIVERY=mail_spool .endif gecos_pattern = ^([^,:]*) gecos_name = $1 .ifndef DCconfig_satellite .ifndef DCconfig_internet .ifndef DCconfig_local .ifndef DCconfig_smarthost DCconfig_internet = 1 .endif .endif .endif .endif .ifndef CHECK_RCPT_LOCAL_LOCALPARTS CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|\#&?] .endif .ifndef CHECK_RCPT_REMOTE_LOCALPARTS CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!\#&?] : ^.*/\\.\\./ .endif .ifndef MAIN_ACL_CHECK_RCPT MAIN_ACL_CHECK_RCPT = acl_check_rcpt .endif acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT .ifndef MAIN_ACL_CHECK_DATA MAIN_ACL_CHECK_DATA = acl_check_data .endif acl_smtp_data = MAIN_ACL_CHECK_DATA .ifdef MESSAGE_SIZE_LIMIT message_size_limit = MESSAGE_SIZE_LIMIT .endif .ifdef MAIN_ALLOW_DOMAIN_LITERALS allow_domain_literals .endif .ifndef DC_minimaldns .ifndef MAIN_HOST_LOOKUP MAIN_HOST_LOOKUP = * .endif host_lookup = MAIN_HOST_LOOKUP .endif rfc1413_hosts = * rfc1413_query_timeout = 0s .ifndef MAIN_FORCE_SENDER local_from_check = false local_sender_retain = true untrusted_set_sender = * .endif .ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d .endif ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER .ifndef MAIN_TIMEOUT_FROZEN_AFTER MAIN_TIMEOUT_FROZEN_AFTER = 7d .endif timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER .ifndef MAIN_FREEZE_TELL MAIN_FREEZE_TELL = postmaster .endif freeze_tell = MAIN_FREEZE_TELL .ifndef SPOOLDIR SPOOLDIR = /var/spool/exim4 .endif spool_directory = SPOOLDIR .ifndef MAIN_TRUSTED_USERS MAIN_TRUSTED_USERS = uucp .endif trusted_users = MAIN_TRUSTED_USERS .ifdef MAIN_TRUSTED_GROUPS trusted_groups = MAIN_TRUSTED_GROUPS .endif MAIN_SMTP_BANNER = "datadisk SMTP Daemon" smtp_banner = "datadisk SMTP Daemon" .ifdef MAIN_TLS_ENABLE .ifndef MAIN_TLS_ADVERTISE_HOSTS MAIN_TLS_ADVERTISE_HOSTS = * .endif tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS .ifndef MAIN_TLS_CERTIFICATE MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt .endif tls_certificate = MAIN_TLS_CERTIFICATE .ifndef MAIN_TLS_PRIVATEKEY MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key .endif tls_privatekey = MAIN_TLS_PRIVATEKEY .ifndef MAIN_TLS_VERIFY_CERTIFICATES MAIN_TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt}\ {/etc/ssl/certs/ca-certificates.crt}\ {/dev/null}} .endif tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES .ifdef MAIN_TLS_VERIFY_HOSTS tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS .endif .ifndef MAIN_TLS_TRY_VERIFY_HOSTS MAIN_TLS_TRY_VERIFY_HOSTS = * .endif tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS .endif begin acl acl_whitelist_local_deny: accept hosts = ${if exists{CONFDIR/local_host_whitelist}\ {CONFDIR/local_host_whitelist}\ {}} accept senders = ${if exists{CONFDIR/local_sender_whitelist}\ {CONFDIR/local_sender_whitelist}\ {}} .ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE .include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE .endif acl_check_rcpt: accept hosts = : warn hosts = +relay_from_hosts control = submission/sender_retain .ifdef CHECK_RCPT_LOCAL_LOCALPARTS deny domains = +local_domains local_parts = CHECK_RCPT_LOCAL_LOCALPARTS message = restricted characters in address .endif .ifdef CHECK_RCPT_REMOTE_LOCALPARTS deny domains = !+local_domains local_parts = CHECK_RCPT_REMOTE_LOCALPARTS message = restricted characters in address .endif accept .ifndef CHECK_RCPT_POSTMASTER local_parts = postmaster .else local_parts = CHECK_RCPT_POSTMASTER .endif domains = +local_domains : +relay_to_domains deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster !acl = acl_whitelist_local_deny senders = ${if exists{CONFDIR/local_sender_blacklist}\ {CONFDIR/local_sender_blacklist}\ {}} accept recipients = ${if exists{CONFDIR/local_rcpt_whitelist}\ {CONFDIR/local_rcpt_whitelist}\ {}} deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster !acl = acl_whitelist_local_deny hosts = ${if exists{CONFDIR/local_host_blacklist}\ {CONFDIR/local_host_blacklist}\ {}} .ifdef CHECK_RCPT_VERIFY_SENDER deny message = Sender verification failed !acl = acl_whitelist_local_deny !verify = sender .endif deny !acl = acl_whitelist_local_deny senders = ${if exists{CONFDIR/local_sender_callout}\ {CONFDIR/local_sender_callout}\ {}} !verify = sender/callout deny !acl = acl_whitelist_local_deny recipients = ${if exists{CONFDIR/local_rcpt_callout}\ {CONFDIR/local_rcpt_callout}\ {}} !verify = recipient/callout .ifdef CHECK_RCPT_REVERSE_DNS warn message = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}}) condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\ {yes}{no}} .endif .ifdef CHECK_RCPT_IP_DNSBLS deny message = X-Warning: IP $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = IP $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\ {CONFDIR/local_domain_dnsbl_whitelist}\ {}} dnslists = CHECK_RCPT_IP_DNSBLS delay = 4m .endif .ifdef CHECK_RCPT_DOMAIN_DNSBLS deny message = X-Warning: Domain $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = Domain $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text) !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\ {CONFDIR/local_domain_dnsbl_whitelist}\ {}} dnslists = CHECK_RCPT_DOMAIN_DNSBLS/$sender_address_domain delay = 4m .endif .ifdef CHECK_RCPT_LOCAL_ACL_FILE .include CHECK_RCPT_LOCAL_ACL_FILE .endif accept domains = +local_domains endpass message = unknown user verify = recipient accept domains = +relay_to_domains endpass .ifdef CHECK_RCPT_GIVE_UNKNOWN_USER message = ${if eq{$acl_verify_message}{Unrouteable address}{unknown user}{$acl_verify_message}} .else message = unrouteable address .endif verify = recipient accept hosts = +relay_from_hosts accept authenticated = * deny message = relay not permitted acl_check_data: .ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX deny message = Message headers fail syntax check !acl = acl_whitelist_local_deny !verify = header_syntax .endif .ifdef CHECK_DATA_VERIFY_HEADER_SENDER deny message = No verifiable sender address in message headers !acl = acl_whitelist_local_deny !verify = header_sender .endif .ifdef CHECK_DATA_LOCAL_ACL_FILE .include CHECK_DATA_LOCAL_ACL_FILE .endif accept begin routers .ifdef MAIN_ALLOW_DOMAIN_LITERALS domain_literal: debug_print = "R: domain_literal for $local_part@$domain" driver = ipliteral domains = ! +local_domains transport = remote_smtp headers_remove = received .endif hubbed_hosts: debug_print = "R: hubbed_hosts for $domain" driver = manualroute domains = "${if exists{CONFDIR/hubbed_hosts}\ {partial-lsearch;CONFDIR/hubbed_hosts}\ fail}" same_domain_copy_routing = yes route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}} transport = remote_smtp .ifdef DCconfig_internet dnslookup_relay_to_domains: debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain" driver = dnslookup domains = ! +local_domains : +relay_to_domains transport = remote_smtp same_domain_copy_routing = yes no_more dnslookup: debug_print = "R: dnslookup for $local_part@$domain" driver = dnslookup domains = ! +local_domains transport = remote_smtp headers_remove = received same_domain_copy_routing = yes ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 : 10.0.0.0/8 no_more .endif .ifdef DCconfig_local nonlocal: debug_print = "R: nonlocal for $local_part@$domain" driver = redirect domains = ! +local_domains allow_fail data = :fail: Mailing to remote domains not supported no_more .endif .ifdef DCconfig_smarthost DCconfig_satellite smarthost: debug_print = "R: smarthost for $local_part@$domain" driver = manualroute domains = ! +local_domains transport = remote_smtp_smarthost route_list = * DCsmarthost byname host_find_failed = defer same_domain_copy_routing = yes no_more .endif real_local: debug_print = "R: real_local for $local_part@$domain" driver = accept domains = +local_domains local_part_prefix = real- check_local_user transport = LOCAL_DELIVERY system_aliases: debug_print = "R: system_aliases for $local_part@$domain" driver = redirect domains = +local_domains allow_fail allow_defer data = ${lookup{$local_part}lsearch{/etc/aliases}} .ifdef SYSTEM_ALIASES_USER user = SYSTEM_ALIASES_USER .endif .ifdef SYSTEM_ALIASES_GROUP group = SYSTEM_ALIASES_GROUP .endif .ifdef SYSTEM_ALIASES_FILE_TRANSPORT file_transport = SYSTEM_ALIASES_FILE_TRANSPORT .endif .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT .endif .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT .endif .ifdef DCconfig_satellite hub_user: debug_print = "R: hub_user for $local_part@$domain" driver = redirect domains = +local_domains data = ${local_part}@DCreadhost check_local_user hub_user_smarthost: debug_print = "R: hub_user_smarthost for $local_part@$domain" driver = manualroute domains = DCreadhost transport = remote_smtp_smarthost route_list = * DCsmarthost byname host_find_failed = defer same_domain_copy_routing = yes check_local_user .endif userforward: debug_print = "R: userforward for $local_part@$domain" driver = redirect domains = +local_domains check_local_user file = $home/.forward no_verify no_expn check_ancestor allow_filter directory_transport = address_directory file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply skip_syntax_errors syntax_errors_to = real-$local_part@$domain syntax_errors_text = \ This is an automatically generated message. An error has\n\ been found in your .forward file. Details of the error are\n\ reported below. While this error persists, you will receive\n\ a copy of this message for every message that is addressed\n\ to you. If your .forward file is a filter file, or if it is\n\ a non-filter file containing no valid forwarding addresses,\n\ a copy of each incoming message will be put in your normal\n\ mailbox. If a non-filter file contains at least one valid\n\ forwarding address, forwarding to the valid addresses will\n\ happen, and those will be the only deliveries that occur. procmail: debug_print = "R: procmail for $local_part@$domain" driver = accept domains = +local_domains check_local_user transport = procmail_pipe require_files = ${local_part}:\ ${if exists{/etc/procmailrc}\ {/etc/procmailrc}{${home}/.procmailrc}}:\ +/usr/bin/procmail no_verify no_expn maildrop: debug_print = "R: maildrop for $local_part@$domain" driver = accept domains = +local_domains check_local_user transport = maildrop_pipe require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop no_verify no_expn local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains check_local_user local_parts = ! root transport = LOCAL_DELIVERY mail4root: debug_print = "R: mail4root for $local_part@$domain" driver = redirect domains = +local_domains data = /var/mail/mail file_transport = address_file local_parts = root user = mail group = mail begin transports address_file: debug_print = "T: address_file for $local_part@$domain" driver = appendfile delivery_date_add envelope_to_add return_path_add address_pipe: debug_print = "T: address_pipe for $local_part@$domain" driver = pipe return_fail_output address_reply: debug_print = "T: autoreply for $local_part@$domain" driver = autoreply mail_spool: debug_print = "T: appendfile for $local_part@$domain" driver = appendfile file = /var/mail/$local_part delivery_date_add envelope_to_add return_path_add group = mail mode = 0660 mode_fail_narrower = false maildir_home: debug_print = "T: maildir_home for $local_part@$domain" driver = appendfile .ifdef MAILDIR_HOME_MAILDIR_LOCATION directory = MAILDIR_HOME_MAILDIR_LOCATION .else directory = $home/Maildir .endif .ifdef MAILDIR_HOME_CREATE_DIRECTORY create_directory .endif .ifdef MAILDIR_HOME_CREATE_FILE create_file = MAILDIR_HOME_CREATE_FILE .endif delivery_date_add envelope_to_add return_path_add maildir_format .ifdef MAILDIR_HOME_DIRECTORY_MODE directory_mode = MAILDIR_HOME_DIRECTORY_MODE .else directory_mode = 0700 .endif .ifdef MAILDIR_HOME_MODE mode = MAILDIR_HOME_MODE .else mode = 0600 .endif mode_fail_narrower = false maildrop_pipe: debug_print = "T: maildrop_pipe for $local_part@$domain" driver = pipe path = "/bin:/usr/bin:/usr/local/bin" command = "/usr/bin/maildrop" return_path_add delivery_date_add envelope_to_add procmail_pipe: debug_print = "T: procmail_pipe for $local_part@$domain" driver = pipe path = "/bin:/usr/bin:/usr/local/bin" command = "/usr/bin/procmail" return_path_add delivery_date_add envelope_to_add remote_smtp: debug_print = "T: remote_smtp for $local_part@$domain" driver = smtp remote_smtp_smarthost: debug_print = "T: remote_smtp_smarthost for $local_part@$domain" driver = smtp hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}} tls_tempfail_tryclear = false address_directory: debug_print = "T: address_directory for $local_part@$domain" driver = appendfile envelope_to_add = true return_path_add = true check_string = "" escape_string = "" maildir_format begin retry * * F,2h,15m; G,16h,1h,1.5; F,4d,6h begin rewrite *@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses}\ {$value}fail}" Ffrs *@datadisk.com "${lookup {${local_part}} lsearch {/etc/email-addresses} {$value} fail }" Ffrs *@*.datadisk.co.uk $1@datadisk.co.uk *@datadiskcorp.co.uk $1@datadisk.co.uk Ffrsbc begin authenticators cram_md5: driver = cram_md5 public_name = CRAM-MD5 client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} client_secret = ${extract{2}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} plain: driver = plaintext public_name = PLAIN .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS client_send = "${if !eq{$tls_cipher}{}{\ ^${extract{1}{::}\ {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\ ^${extract{2}{::}\ {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\ }fail}" .else client_send = "^${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}" .endif login: driver = plaintext public_name = LOGIN .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS client_send = "${if and{\ {!eq{$tls_cipher}{}}\ {!eq\ {${lookup{$host}lsearch*{CONFDIR/passwd.client}\ {$value}fail}}\ {}}\ }\ {}fail}\ : ${extract{1}{::}\ {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \ : ${extract{2}{::}\ {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}" .else client_send = "${if !eq\ {${lookup\ {$host}lsearch*{CONFDIR/passwd.client}\ {$value}fail}}\ {}\ {}fail}\ : ${extract{1}{::}\ {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \ : ${extract{2}{::}\ {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}" .endif