85 lines
1.7 KiB
Plaintext
85 lines
1.7 KiB
Plaintext
domainlist forward_domains = lsearch;/etc/exim/db/forward_domains
|
|
|
|
primary_hostname = home.of.the.smiling-proxy.de
|
|
|
|
tls_advertise_hosts = *
|
|
tls_certificate = /etc/exim/ssl/server.crt
|
|
tls_privatekey = /etc/exim/ssl/server.key
|
|
|
|
log_file_path = /var/log/exim
|
|
log_selector = -all
|
|
message_logs = true
|
|
|
|
|
|
# acl_smtp_connect = acl_connect
|
|
acl_smtp_helo = acl_helo
|
|
acl_smtp_rcpt = acl_rcpt
|
|
acl_smtp_data = acl_data
|
|
|
|
begin acl
|
|
|
|
# acl_connect:
|
|
# deny message = Reverse DNS required
|
|
# !verify = reverse_host_lookup
|
|
# accept
|
|
|
|
acl_helo:
|
|
deny message = Invalid HELO/EHLO name
|
|
condition = ${if match{$sender_helo_name}{\N^(localhost|localhost\.localdomain|\[?[0-9]{1,3}(\.[0-9]{1,3}){3}\]?)$\N}{yes}{no}}
|
|
accept
|
|
|
|
acl_rcpt:
|
|
# recipient verification
|
|
deny message = Access denied (1)
|
|
!verify = recipient
|
|
|
|
# SPF check
|
|
deny message = Access denied (2)
|
|
spf = fail
|
|
|
|
# Greylisting
|
|
defer message = Try again later
|
|
!seen = 72h / key=${sender_address}_${local_part}@${domain}
|
|
|
|
# Rate limit
|
|
deny message = Access denied (3)
|
|
ratelimit = 10 / 10m / strict
|
|
|
|
accept condition = ${if match_domain{$domain}{+forward_domains}{yes}{no}}
|
|
|
|
deny message = Access denied (4)
|
|
|
|
acl_data:
|
|
warn dkim_status = invalid
|
|
add_header = X-DKIM-Status: invalid
|
|
warn dkim_status = pass
|
|
add_header = X-DKIM-Status: pass
|
|
|
|
accept
|
|
|
|
|
|
begin routers
|
|
|
|
forward_aliases:
|
|
driver = redirect
|
|
domains = +forward_domains
|
|
data = ${lookup{$local_part@$domain}lsearch{/etc/exim/db/forward_addresses}}
|
|
no_expn
|
|
allow_defer
|
|
allow_fail
|
|
|
|
dnslookup_out:
|
|
driver = dnslookup
|
|
domains = ! +forward_domains
|
|
transport = remote_smtp
|
|
no_more
|
|
|
|
|
|
begin transports
|
|
|
|
remote_smtp:
|
|
driver = smtp
|
|
hosts_require_tls = *
|
|
|
|
|