drop snippets
This commit is contained in:
@@ -1,24 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: mx-hottis-de
|
||||
spec:
|
||||
secretName: mx-hottis-de-cert
|
||||
duration: 2160h
|
||||
renewBefore: 360h
|
||||
subject:
|
||||
organizations:
|
||||
- hottis-de
|
||||
isCA: false
|
||||
privateKey:
|
||||
algorithm: RSA
|
||||
encoding: PKCS1
|
||||
size: 2048
|
||||
usages:
|
||||
- server auth
|
||||
dnsNames:
|
||||
- mx.hottis.de
|
||||
issuerRef:
|
||||
name: letsencrypt-staging-http
|
||||
kind: ClusterIssuer
|
||||
group: cert-manager.io
|
||||
@@ -1,74 +0,0 @@
|
||||
domainlist forward_domains = lsearch;/etc/exim4/forward_domains
|
||||
|
||||
tls_advertise_hosts = *
|
||||
|
||||
|
||||
acl_smtp_connect = acl_connect
|
||||
acl_smtp_helo = acl_helo
|
||||
acl_smtp_rcpt = acl_rcpt
|
||||
acl_smtp_data = acl_data
|
||||
|
||||
begin acl
|
||||
|
||||
acl_connect:
|
||||
deny message = Reverse DNS required
|
||||
!verify = reverse_host_lookup
|
||||
accept
|
||||
|
||||
acl_helo:
|
||||
deny message = Invalid HELO/EHLO name
|
||||
condition = ${if match{$sender_helo_name}{\N^(localhost|localhost\.localdomain|\[?[0-9]{1,3}(\.[0-9]{1,3}){3}\]?)$\N}{yes}{no}}
|
||||
accept
|
||||
|
||||
acl_rcpt:
|
||||
require verify = recipient
|
||||
|
||||
# SPF check
|
||||
deny message = Access denied (1)
|
||||
spf = fail
|
||||
|
||||
# Greylisting
|
||||
defer message = Try again later
|
||||
!seen = 72h / key=${sender_address}_${local_part}@${domain}
|
||||
|
||||
# Rate limit
|
||||
deny message = Access denied (2)
|
||||
ratelimit = 10 / 10m / strict
|
||||
|
||||
accept condition = ${if match_domain{$domain}{+forward_domains}{yes}{no}}
|
||||
|
||||
deny message = Access denied (x)
|
||||
|
||||
acl_data:
|
||||
warn dkim_status = invalid
|
||||
add_header = X-DKIM-Status: invalid
|
||||
warn dkim_status = pass
|
||||
add_header = X-DKIM-Status: pass
|
||||
|
||||
accept
|
||||
|
||||
|
||||
begin routers
|
||||
|
||||
forward_aliases:
|
||||
driver = redirect
|
||||
domains = +forward_domains
|
||||
data = ${lookup{$local_part@$domain}lsearch{/etc/exim4/forward_addresses}}
|
||||
no_expn
|
||||
allow_defer
|
||||
allow_fail
|
||||
|
||||
dnslookup_out:
|
||||
driver = dnslookup
|
||||
domains = ! +forward_domains
|
||||
transport = remote_smtp
|
||||
no_more
|
||||
|
||||
|
||||
begin transports
|
||||
|
||||
remote_smtp:
|
||||
driver = smtp
|
||||
hosts_require_tls = *
|
||||
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
wn@mainscnt.eu: wolfgang.hottgenroth@icloud.com
|
||||
@@ -1,2 +0,0 @@
|
||||
mainscnt.eu
|
||||
|
||||
Reference in New Issue
Block a user