| 1 | ###################################################################### |
| 2 | # Runtime configuration file for Exim # |
| 3 | ###################################################################### |
| 4 | |
| 5 | |
| 6 | # This is a default configuration file which will operate correctly in |
| 7 | # uncomplicated installations. Please see the manual for a complete list |
| 8 | # of all the runtime configuration options that can be included in a |
| 9 | # configuration file. There are many more than are mentioned here. The |
| 10 | # manual is in the file doc/spec.txt in the Exim distribution as a plain |
| 11 | # ASCII file. Other formats (PostScript, Texinfo, HTML, PDF) are available |
| 12 | # from the Exim ftp sites. The manual is also online at the Exim web sites. |
| 13 | |
| 14 | |
| 15 | # This file is divided into several parts, all but the first of which are |
| 16 | # headed by a line starting with the word "begin". Only those parts that |
| 17 | # are required need to be present. Blank lines, and lines starting with # |
| 18 | # are ignored. |
| 19 | |
| 20 | |
| 21 | ########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ########### |
| 22 | # # |
| 23 | # Whenever you change Exim's configuration file, you *must* remember to # |
| 24 | # HUP the Exim daemon, because it will not pick up the new configuration # |
| 25 | # until you do. However, any other Exim processes that are started, for # |
| 26 | # example, a process started by an MUA in order to send a message, will # |
| 27 | # see the new configuration as soon as it is in place. # |
| 28 | # # |
| 29 | # You do not need to HUP the daemon for changes in auxiliary files that # |
| 30 | # are referenced from this file. They are read every time they are used. # |
| 31 | # # |
| 32 | # It is usually a good idea to test a new configuration for syntactic # |
| 33 | # correctness before installing it (for example, by running the command # |
| 34 | # "exim -C /config/file.new -bV"). # |
| 35 | # # |
| 36 | ########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ########### |
| 37 | |
| 38 | |
| 39 | |
| 40 | ###################################################################### |
| 41 | # MAIN CONFIGURATION SETTINGS # |
| 42 | ###################################################################### |
| 43 | |
| 44 | # Specify your host's canonical name here. This should normally be the fully |
| 45 | # qualified "official" name of your host. If this option is not set, the |
| 46 | # uname() function is called to obtain the name. In many cases this does |
| 47 | # the right thing and you need not set anything explicitly. |
| 48 | |
| 49 | # primary_hostname = |
| 50 | |
| 51 | |
| 52 | # The next three settings create two lists of domains and one list of hosts. |
| 53 | # These lists are referred to later in this configuration using the syntax |
| 54 | # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They |
| 55 | # are all colon-separated lists: |
| 56 | |
| 57 | domainlist local_domains = @ |
| 58 | domainlist relay_to_domains = |
| 59 | hostlist relay_from_hosts = localhost |
| 60 | # (We rely upon hostname resolution working for localhost, because the default |
| 61 | # uncommented configuration needs to work in IPv4-only environments.) |
| 62 | |
| 63 | # Most straightforward access control requirements can be obtained by |
| 64 | # appropriate settings of the above options. In more complicated situations, |
| 65 | # you may need to modify the Access Control Lists (ACLs) which appear later in |
| 66 | # this file. |
| 67 | |
| 68 | # The first setting specifies your local domains, for example: |
| 69 | # |
| 70 | # domainlist local_domains = my.first.domain : my.second.domain |
| 71 | # |
| 72 | # You can use "@" to mean "the name of the local host", as in the default |
| 73 | # setting above. This is the name that is specified by primary_hostname, |
| 74 | # as specified above (or defaulted). If you do not want to do any local |
| 75 | # deliveries, remove the "@" from the setting above. If you want to accept mail |
| 76 | # addressed to your host's literal IP address, for example, mail addressed to |
| 77 | # "user@[192.168.23.44]", you can add "@[]" as an item in the local domains |
| 78 | # list. You also need to uncomment "allow_domain_literals" below. This is not |
| 79 | # recommended for today's Internet. |
| 80 | |
| 81 | # The second setting specifies domains for which your host is an incoming relay. |
| 82 | # If you are not doing any relaying, you should leave the list empty. However, |
| 83 | # if your host is an MX backup or gateway of some kind for some domains, you |
| 84 | # must set relay_to_domains to match those domains. For example: |
| 85 | # |
| 86 | # domainlist relay_to_domains = *.myco.com : my.friend.org |
| 87 | # |
| 88 | # This will allow any host to relay through your host to those domains. |
| 89 | # See the section of the manual entitled "Control of relaying" for more |
| 90 | # information. |
| 91 | |
| 92 | # The third setting specifies hosts that can use your host as an outgoing relay |
| 93 | # to any other host on the Internet. Such a setting commonly refers to a |
| 94 | # complete local network as well as the localhost. For example: |
| 95 | # |
| 96 | # hostlist relay_from_hosts = <; 127.0.0.1 ; ::1 ; 192.168.0.0/16 |
| 97 | # |
| 98 | # The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you |
| 99 | # have to include 127.0.0.1 if you want to allow processes on your host to send |
| 100 | # SMTP mail by using the loopback address. A number of MUAs use this method of |
| 101 | # sending mail. Often, connections are made to "localhost", which might be ::1 |
| 102 | # on IPv6-enabled hosts. Do not forget CIDR for your IPv6 networks. |
| 103 | |
| 104 | # All three of these lists may contain many different kinds of item, including |
| 105 | # wildcarded names, regular expressions, and file lookups. See the reference |
| 106 | # manual for details. The lists above are used in the access control lists for |
| 107 | # checking incoming messages. The names of these ACLs are defined here: |
| 108 | |
| 109 | acl_smtp_rcpt = acl_check_rcpt |
| 110 | acl_smtp_data = acl_check_data |
| 111 | |
| 112 | # You should not change those settings until you understand how ACLs work. |
| 113 | |
| 114 | |
| 115 | # If you are running a version of Exim that was compiled with the content- |
| 116 | # scanning extension, you can cause incoming messages to be automatically |
| 117 | # scanned for viruses. You have to modify the configuration in two places to |
| 118 | # set this up. The first of them is here, where you define the interface to |
| 119 | # your scanner. This example is typical for ClamAV; see the manual for details |
| 120 | # of what to set for other virus scanners. The second modification is in the |
| 121 | # acl_check_data access control list (see below). |
| 122 | |
| 123 | # av_scanner = clamd:/tmp/clamd |
| 124 | |
| 125 | |
| 126 | # For spam scanning, there is a similar option that defines the interface to |
| 127 | # SpamAssassin. You do not need to set this if you are using the default, which |
| 128 | # is shown in this commented example. As for virus scanning, you must also |
| 129 | # modify the acl_check_data access control list to enable spam scanning. |
| 130 | |
| 131 | # spamd_address = 127.0.0.1 783 |
| 132 | |
| 133 | |
| 134 | # If Exim is compiled with support for TLS, you may want to enable the |
| 135 | # following options so that Exim allows clients to make encrypted |
| 136 | # connections. In the authenticators section below, there are template |
| 137 | # configurations for plaintext username/password authentication. This kind |
| 138 | # of authentication is only safe when used within a TLS connection, so the |
| 139 | # authenticators will only work if the following TLS settings are turned on |
| 140 | # as well. |
| 141 | |
| 142 | # Allow any client to use TLS. |
| 143 | |
| 144 | # tls_advertise_hosts = * |
| 145 | |
| 146 | # Specify the location of the Exim server's TLS certificate and private key. |
| 147 | # The private key must not be encrypted (password protected). You can put |
| 148 | # the certificate and private key in the same file, in which case you only |
| 149 | # need the first setting, or in separate files, in which case you need both |
| 150 | # options. |
| 151 | |
| 152 | # tls_certificate = /etc/ssl/exim.crt |
| 153 | # tls_privatekey = /etc/ssl/exim.pem |
| 154 | |
| 155 | # In order to support roaming users who wish to send email from anywhere, |
| 156 | # you may want to make Exim listen on other ports as well as port 25, in |
| 157 | # case these users need to send email from a network that blocks port 25. |
| 158 | # The standard port for this purpose is port 587, the "message submission" |
| 159 | # port. See RFC 4409 for details. Microsoft MUAs cannot be configured to |
| 160 | # talk the message submission protocol correctly, so if you need to support |
| 161 | # them you should also allow TLS-on-connect on the traditional but |
| 162 | # non-standard port 465. |
| 163 | |
| 164 | # daemon_smtp_ports = 25 : 465 : 587 |
| 165 | # tls_on_connect_ports = 465 |
| 166 | |
| 167 | |
| 168 | # Specify the domain you want to be added to all unqualified addresses |
| 169 | # here. An unqualified address is one that does not contain an "@" character |
| 170 | # followed by a domain. For example, "caesar@rome.example" is a fully qualified |
| 171 | # address, but the string "caesar" (i.e. just a login name) is an unqualified |
| 172 | # email address. Unqualified addresses are accepted only from local callers by |
| 173 | # default. See the recipient_unqualified_hosts option if you want to permit |
| 174 | # unqualified addresses from remote sources. If this option is not set, the |
| 175 | # primary_hostname value is used for qualification. |
| 176 | |
| 177 | # qualify_domain = |
| 178 | |
| 179 | |
| 180 | # If you want unqualified recipient addresses to be qualified with a different |
| 181 | # domain to unqualified sender addresses, specify the recipient domain here. |
| 182 | # If this option is not set, the qualify_domain value is used. |
| 183 | |
| 184 | # qualify_recipient = |
| 185 | |
| 186 | |
| 187 | # The following line must be uncommented if you want Exim to recognize |
| 188 | # addresses of the form "user@[10.11.12.13]" that is, with a "domain literal" |
| 189 | # (an IP address) instead of a named domain. The RFCs still require this form, |
| 190 | # but it makes little sense to permit mail to be sent to specific hosts by |
| 191 | # their IP address in the modern Internet. This ancient format has been used |
| 192 | # by those seeking to abuse hosts by using them for unwanted relaying. If you |
| 193 | # really do want to support domain literals, uncomment the following line, and |
| 194 | # see also the "domain_literal" router below. |
| 195 | |
| 196 | # allow_domain_literals |
| 197 | |
| 198 | |
| 199 | # No deliveries will ever be run under the uids of users specified by |
| 200 | # never_users (a colon-separated list). An attempt to do so causes a panic |
| 201 | # error to be logged, and the delivery to be deferred. This is a paranoic |
| 202 | # safety catch. There is an even stronger safety catch in the form of the |
| 203 | # FIXED_NEVER_USERS setting in the configuration for building Exim. The list of |
| 204 | # users that it specifies is built into the binary, and cannot be changed. The |
| 205 | # option below just adds additional users to the list. The default for |
| 206 | # FIXED_NEVER_USERS is "root", but just to be absolutely sure, the default here |
| 207 | # is also "root". |
| 208 | |
| 209 | # Note that the default setting means you cannot deliver mail addressed to root |
| 210 | # as if it were a normal user. This isn't usually a problem, as most sites have |
| 211 | # an alias for root that redirects such mail to a human administrator. |
| 212 | |
| 213 | never_users = root |
| 214 | |
| 215 | |
| 216 | # The setting below causes Exim to do a reverse DNS lookup on all incoming |
| 217 | # IP calls, in order to get the true host name. If you feel this is too |
| 218 | # expensive, you can specify the networks for which a lookup is done, or |
| 219 | # remove the setting entirely. |
| 220 | |
| 221 | host_lookup = * |
| 222 | |
| 223 | |
| 224 | # The settings below cause Exim to make RFC 1413 (ident) callbacks |
| 225 | # for all incoming SMTP calls. You can limit the hosts to which these |
| 226 | # calls are made, and/or change the timeout that is used. If you set |
| 227 | # the timeout to zero, all RFC 1413 calls are disabled. RFC 1413 calls |
| 228 | # are cheap and can provide useful information for tracing problem |
| 229 | # messages, but some hosts and firewalls have problems with them. |
| 230 | # This can result in a timeout instead of an immediate refused |
| 231 | # connection, leading to delays on starting up SMTP sessions. |
| 232 | # (The default was reduced from 30s to 5s for release 4.61. and to |
| 233 | # disabled for release 4.86) |
| 234 | # |
| 235 | #rfc1413_hosts = * |
| 236 | #rfc1413_query_timeout = 5s |
| 237 | |
| 238 | |
| 239 | # Enable an efficiency feature. We advertise the feature; clients |
| 240 | # may request to use it. For multi-recipient mails we then can |
| 241 | # reject or accept per-user after the message is received. |
| 242 | # |
| 243 | prdr_enable = true |
| 244 | |
| 245 | |
| 246 | # By default, Exim expects all envelope addresses to be fully qualified, that |
| 247 | # is, they must contain both a local part and a domain. If you want to accept |
| 248 | # unqualified addresses (just a local part) from certain hosts, you can specify |
| 249 | # these hosts by setting one or both of |
| 250 | # |
| 251 | # sender_unqualified_hosts = |
| 252 | # recipient_unqualified_hosts = |
| 253 | # |
| 254 | # to control sender and recipient addresses, respectively. When this is done, |
| 255 | # unqualified addresses are qualified using the settings of qualify_domain |
| 256 | # and/or qualify_recipient (see above). |
| 257 | |
| 258 | |
| 259 | # Unless you run a high-volume site you probably want more logging |
| 260 | # detail than the default. Adjust to suit. |
| 261 | |
| 262 | log_selector = +smtp_protocol_error +smtp_syntax_error \ |
| 263 | +tls_certificate_verified |
| 264 | |
| 265 | |
| 266 | # If you want Exim to support the "percent hack" for certain domains, |
| 267 | # uncomment the following line and provide a list of domains. The "percent |
| 268 | # hack" is the feature by which mail addressed to x%y@z (where z is one of |
| 269 | # the domains listed) is locally rerouted to x@y and sent on. If z is not one |
| 270 | # of the "percent hack" domains, x%y is treated as an ordinary local part. This |
| 271 | # hack is rarely needed nowadays; you should not enable it unless you are sure |
| 272 | # that you really need it. |
| 273 | # |
| 274 | # percent_hack_domains = |
| 275 | # |
| 276 | # As well as setting this option you will also need to remove the test |
| 277 | # for local parts containing % in the ACL definition below. |
| 278 | |
| 279 | |
| 280 | # When Exim can neither deliver a message nor return it to sender, it "freezes" |
| 281 | # the delivery error message (aka "bounce message"). There are also other |
| 282 | # circumstances in which messages get frozen. They will stay on the queue for |
| 283 | # ever unless one of the following options is set. |
| 284 | |
| 285 | # This option unfreezes frozen bounce messages after two days, tries |
| 286 | # once more to deliver them, and ignores any delivery failures. |
| 287 | |
| 288 | ignore_bounce_errors_after = 2d |
| 289 | |
| 290 | # This option cancels (removes) frozen messages that are older than a week. |
| 291 | |
| 292 | timeout_frozen_after = 7d |
| 293 | |
| 294 | |
| 295 | # By default, messages that are waiting on Exim's queue are all held in a |
| 296 | # single directory called "input" which it itself within Exim's spool |
| 297 | # directory. (The default spool directory is specified when Exim is built, and |
| 298 | # is often /var/spool/exim/.) Exim works best when its queue is kept short, but |
| 299 | # there are circumstances where this is not always possible. If you uncomment |
| 300 | # the setting below, messages on the queue are held in 62 subdirectories of |
| 301 | # "input" instead of all in the same directory. The subdirectories are called |
| 302 | # 0, 1, ... A, B, ... a, b, ... z. This has two benefits: (1) If your file |
| 303 | # system degrades with many files in one directory, this is less likely to |
| 304 | # happen; (2) Exim can process the queue one subdirectory at a time instead of |
| 305 | # all at once, which can give better performance with large queues. |
| 306 | |
| 307 | # split_spool_directory = true |
| 308 | |
| 309 | |
| 310 | # If you're in a part of the world where ASCII is not sufficient for most |
| 311 | # text, then you're probably familiar with RFC2047 message header extensions. |
| 312 | # By default, Exim adheres to the specification, including a limit of 76 |
| 313 | # characters to a line, with encoded words fitting within a line. |
| 314 | # If you wish to use decoded headers in message filters in such a way |
| 315 | # that successful decoding of malformed messages matters, you may wish to |
| 316 | # configure Exim to be more lenient. |
| 317 | # |
| 318 | # check_rfc2047_length = false |
| 319 | # |
| 320 | # In particular, the Exim maintainers have had multiple reports of problems |
| 321 | # from Russian administrators of issues until they disable this check, |
| 322 | # because of some popular, yet buggy, mail composition software. |
| 323 | |
| 324 | |
| 325 | # If you wish to be strictly RFC compliant, or if you know you'll be |
| 326 | # exchanging email with systems that are not 8-bit clean, then you may |
| 327 | # wish to disable advertising 8BITMIME. Uncomment this option to do so. |
| 328 | |
| 329 | # accept_8bitmime = false |
| 330 | |
| 331 | |
| 332 | ###################################################################### |
| 333 | # ACL CONFIGURATION # |
| 334 | # Specifies access control lists for incoming SMTP mail # |
| 335 | ###################################################################### |
| 336 | |
| 337 | begin acl |
| 338 | |
| 339 | # This access control list is used for every RCPT command in an incoming |
| 340 | # SMTP message. The tests are run in order until the address is either |
| 341 | # accepted or denied. |
| 342 | |
| 343 | acl_check_rcpt: |
| 344 | |
| 345 | # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by |
| 346 | # testing for an empty sending host field. |
| 347 | |
| 348 | accept hosts = : |
| 349 | control = dkim_disable_verify |
| 350 | |
| 351 | ############################################################################# |
| 352 | # The following section of the ACL is concerned with local parts that contain |
| 353 | # @ or % or ! or / or | or dots in unusual places. |
| 354 | # |
| 355 | # The characters other than dots are rarely found in genuine local parts, but |
| 356 | # are often tried by people looking to circumvent relaying restrictions. |
| 357 | # Therefore, although they are valid in local parts, these rules lock them |
| 358 | # out, as a precaution. |
| 359 | # |
| 360 | # Empty components (two dots in a row) are not valid in RFC 2822, but Exim |
| 361 | # allows them because they have been encountered. (Consider local parts |
| 362 | # constructed as "firstinitial.secondinitial.familyname" when applied to |
| 363 | # someone like me, who has no second initial.) However, a local part starting |
| 364 | # with a dot or containing /../ can cause trouble if it is used as part of a |
| 365 | # file name (e.g. for a mailing list). This is also true for local parts that |
| 366 | # contain slashes. A pipe symbol can also be troublesome if the local part is |
| 367 | # incorporated unthinkingly into a shell command line. |
| 368 | # |
| 369 | # Two different rules are used. The first one is stricter, and is applied to |
| 370 | # messages that are addressed to one of the local domains handled by this |
| 371 | # host. The line "domains = +local_domains" restricts it to domains that are |
| 372 | # defined by the "domainlist local_domains" setting above. The rule blocks |
| 373 | # local parts that begin with a dot or contain @ % ! / or |. If you have |
| 374 | # local accounts that include these characters, you will have to modify this |
| 375 | # rule. |
| 376 | |
| 377 | deny message = Restricted characters in address |
| 378 | domains = +local_domains |
| 379 | local_parts = ^[.] : ^.*[@%!/|] |
| 380 | |
| 381 | # The second rule applies to all other domains, and is less strict. The line |
| 382 | # "domains = !+local_domains" restricts it to domains that are NOT defined by |
| 383 | # the "domainlist local_domains" setting above. The exclamation mark is a |
| 384 | # negating operator. This rule allows your own users to send outgoing |
| 385 | # messages to sites that use slashes and vertical bars in their local parts. |
| 386 | # It blocks local parts that begin with a dot, slash, or vertical bar, but |
| 387 | # allows these characters within the local part. However, the sequence /../ |
| 388 | # is barred. The use of @ % and ! is blocked, as before. The motivation here |
| 389 | # is to prevent your users (or your users' viruses) from mounting certain |
| 390 | # kinds of attack on remote sites. |
| 391 | |
| 392 | deny message = Restricted characters in address |
| 393 | domains = !+local_domains |
| 394 | local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ |
| 395 | ############################################################################# |
| 396 | |
| 397 | # Accept mail to postmaster in any local domain, regardless of the source, |
| 398 | # and without verifying the sender. |
| 399 | |
| 400 | accept local_parts = postmaster |
| 401 | domains = +local_domains |
| 402 | |
| 403 | # Deny unless the sender address can be verified. |
| 404 | |
| 405 | require verify = sender |
| 406 | |
| 407 | # Accept if the message comes from one of the hosts for which we are an |
| 408 | # outgoing relay. It is assumed that such hosts are most likely to be MUAs, |
| 409 | # so we set control=submission to make Exim treat the message as a |
| 410 | # submission. It will fix up various errors in the message, for example, the |
| 411 | # lack of a Date: header line. If you are actually relaying out out from |
| 412 | # MTAs, you may want to disable this. If you are handling both relaying from |
| 413 | # MTAs and submissions from MUAs you should probably split them into two |
| 414 | # lists, and handle them differently. |
| 415 | |
| 416 | # Recipient verification is omitted here, because in many cases the clients |
| 417 | # are dumb MUAs that don't cope well with SMTP error responses. If you are |
| 418 | # actually relaying out from MTAs, you should probably add recipient |
| 419 | # verification here. |
| 420 | |
| 421 | # Note that, by putting this test before any DNS black list checks, you will |
| 422 | # always accept from these hosts, even if they end up on a black list. The |
| 423 | # assumption is that they are your friends, and if they get onto a black |
| 424 | # list, it is a mistake. |
| 425 | |
| 426 | accept hosts = +relay_from_hosts |
| 427 | control = submission |
| 428 | control = dkim_disable_verify |
| 429 | |
| 430 | # Accept if the message arrived over an authenticated connection, from |
| 431 | # any host. Again, these messages are usually from MUAs, so recipient |
| 432 | # verification is omitted, and submission mode is set. And again, we do this |
| 433 | # check before any black list tests. |
| 434 | |
| 435 | accept authenticated = * |
| 436 | control = submission |
| 437 | control = dkim_disable_verify |
| 438 | |
| 439 | # Insist that any other recipient address that we accept is either in one of |
| 440 | # our local domains, or is in a domain for which we explicitly allow |
| 441 | # relaying. Any other domain is rejected as being unacceptable for relaying. |
| 442 | |
| 443 | require message = relay not permitted |
| 444 | domains = +local_domains : +relay_to_domains |
| 445 | |
| 446 | # We also require all accepted addresses to be verifiable. This check will |
| 447 | # do local part verification for local domains, but only check the domain |
| 448 | # for remote domains. The only way to check local parts for the remote |
| 449 | # relay domains is to use a callout (add /callout), but please read the |
| 450 | # documentation about callouts before doing this. |
| 451 | |
| 452 | require verify = recipient |
| 453 | |
| 454 | ############################################################################# |
| 455 | # There are no default checks on DNS black lists because the domains that |
| 456 | # contain these lists are changing all the time. However, here are two |
| 457 | # examples of how you can get Exim to perform a DNS black list lookup at this |
| 458 | # point. The first one denies, whereas the second just warns. |
| 459 | # |
| 460 | # deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text |
| 461 | # dnslists = black.list.example |
| 462 | # |
| 463 | # warn dnslists = black.list.example |
| 464 | # add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain |
| 465 | # log_message = found in $dnslist_domain |
| 466 | ############################################################################# |
| 467 | |
| 468 | ############################################################################# |
| 469 | # This check is commented out because it is recognized that not every |
| 470 | # sysadmin will want to do it. If you enable it, the check performs |
| 471 | # Client SMTP Authorization (csa) checks on the sending host. These checks |
| 472 | # do DNS lookups for SRV records. The CSA proposal is currently (May 2005) |
| 473 | # an Internet draft. You can, of course, add additional conditions to this |
| 474 | # ACL statement to restrict the CSA checks to certain hosts only. |
| 475 | # |
| 476 | # require verify = csa |
| 477 | ############################################################################# |
| 478 | |
| 479 | # At this point, the address has passed all the checks that have been |
| 480 | # configured, so we accept it unconditionally. |
| 481 | |
| 482 | accept |
| 483 | |
| 484 | |
| 485 | # This ACL is used after the contents of a message have been received. This |
| 486 | # is the ACL in which you can test a message's headers or body, and in |
| 487 | # particular, this is where you can invoke external virus or spam scanners. |
| 488 | # Some suggested ways of configuring these tests are shown below, commented |
| 489 | # out. Without any tests, this ACL accepts all messages. If you want to use |
| 490 | # such tests, you must ensure that Exim is compiled with the content-scanning |
| 491 | # extension (WITH_CONTENT_SCAN=yes in Local/Makefile). |
| 492 | |
| 493 | acl_check_data: |
| 494 | |
| 495 | # Deny if the message contains an overlong line. Per the standards |
| 496 | # we should never receive one such via SMTP. |
| 497 | # |
| 498 | deny condition = ${if > {$max_received_linelength}{998}} |
| 499 | |
| 500 | # Deny if the message contains a virus. Before enabling this check, you |
| 501 | # must install a virus scanner and set the av_scanner option above. |
| 502 | # |
| 503 | # deny malware = * |
| 504 | # message = This message contains a virus ($malware_name). |
| 505 | |
| 506 | # Add headers to a message if it is judged to be spam. Before enabling this, |
| 507 | # you must install SpamAssassin. You may also need to set the spamd_address |
| 508 | # option above. |
| 509 | # |
| 510 | # warn spam = nobody |
| 511 | # add_header = X-Spam_score: $spam_score\n\ |
| 512 | # X-Spam_score_int: $spam_score_int\n\ |
| 513 | # X-Spam_bar: $spam_bar\n\ |
| 514 | # X-Spam_report: $spam_report |
| 515 | |
| 516 | # Accept the message. |
| 517 | |
| 518 | accept |
| 519 | |
| 520 | |
| 521 | |
| 522 | ###################################################################### |
| 523 | # ROUTERS CONFIGURATION # |
| 524 | # Specifies how addresses are handled # |
| 525 | ###################################################################### |
| 526 | # THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! # |
| 527 | # An address is passed to each router in turn until it is accepted. # |
| 528 | ###################################################################### |
| 529 | |
| 530 | begin routers |
| 531 | |
| 532 | # This router routes to remote hosts over SMTP by explicit IP address, |
| 533 | # when an email address is given in "domain literal" form, for example, |
| 534 | # <user@[192.168.35.64]>. The RFCs require this facility. However, it is |
| 535 | # little-known these days, and has been exploited by evil people seeking |
| 536 | # to abuse SMTP relays. Consequently it is commented out in the default |
| 537 | # configuration. If you uncomment this router, you also need to uncomment |
| 538 | # allow_domain_literals above, so that Exim can recognize the syntax of |
| 539 | # domain literal addresses. |
| 540 | |
| 541 | # domain_literal: |
| 542 | # driver = ipliteral |
| 543 | # domains = ! +local_domains |
| 544 | # transport = remote_smtp |
| 545 | |
| 546 | |
| 547 | # This router routes addresses that are not in local domains by doing a DNS |
| 548 | # lookup on the domain name. The exclamation mark that appears in "domains = ! |
| 549 | # +local_domains" is a negating operator, that is, it can be read as "not". The |
| 550 | # recipient's domain must not be one of those defined by "domainlist |
| 551 | # local_domains" above for this router to be used. |
| 552 | # |
| 553 | # If the router is used, any domain that resolves to 0.0.0.0 or to a loopback |
| 554 | # interface address (127.0.0.0/8) is treated as if it had no DNS entry. Note |
| 555 | # that 0.0.0.0 is the same as 0.0.0.0/32, which is commonly treated as the |
| 556 | # local host inside the network stack. It is not 0.0.0.0/0, the default route. |
| 557 | # If the DNS lookup fails, no further routers are tried because of the no_more |
| 558 | # setting, and consequently the address is unrouteable. |
| 559 | |
| 560 | dnslookup: |
| 561 | driver = dnslookup |
| 562 | domains = ! +local_domains |
| 563 | transport = remote_smtp |
| 564 | ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 |
| 565 | # if ipv6-enabled then instead use: |
| 566 | # ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1 |
| 567 | no_more |
| 568 | |
| 569 | |
| 570 | # This alternative router can be used when you want to send all mail to a |
| 571 | # server which handles DNS lookups for you; an ISP will typically run such |
| 572 | # a server for their customers. If you uncomment "smarthost" then you |
| 573 | # should comment out "dnslookup" above. Setting a real hostname in route_data |
| 574 | # wouldn't hurt either. |
| 575 | |
| 576 | # smarthost: |
| 577 | # driver = manualroute |
| 578 | # domains = ! +local_domains |
| 579 | # transport = remote_smtp |
| 580 | # route_data = MAIL.HOSTNAME.FOR.CENTRAL.SERVER.EXAMPLE |
| 581 | # ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1 |
| 582 | # no_more |
| 583 | |
| 584 | |
| 585 | # The remaining routers handle addresses in the local domain(s), that is those |
| 586 | # domains that are defined by "domainlist local_domains" above. |
| 587 | |
| 588 | |
| 589 | # This router handles aliasing using a linearly searched alias file with the |
| 590 | # name SYSTEM_ALIASES_FILE. When this configuration is installed automatically, |
| 591 | # the name gets inserted into this file from whatever is set in Exim's |
| 592 | # build-time configuration. The default path is the traditional /etc/aliases. |
| 593 | # If you install this configuration by hand, you need to specify the correct |
| 594 | # path in the "data" setting below. |
| 595 | # |
| 596 | ##### NB You must ensure that the alias file exists. It used to be the case |
| 597 | ##### NB that every Unix had that file, because it was the Sendmail default. |
| 598 | ##### NB These days, there are systems that don't have it. Your aliases |
| 599 | ##### NB file should at least contain an alias for "postmaster". |
| 600 | # |
| 601 | # If any of your aliases expand to pipes or files, you will need to set |
| 602 | # up a user and a group for these deliveries to run under. You can do |
| 603 | # this by uncommenting the "user" option below (changing the user name |
| 604 | # as appropriate) and adding a "group" option if necessary. Alternatively, you |
| 605 | # can specify "user" on the transports that are used. Note that the transports |
| 606 | # listed below are the same as are used for .forward files; you might want |
| 607 | # to set up different ones for pipe and file deliveries from aliases. |
| 608 | |
| 609 | system_aliases: |
| 610 | driver = redirect |
| 611 | allow_fail |
| 612 | allow_defer |
| 613 | data = ${lookup{$local_part}lsearch{SYSTEM_ALIASES_FILE}} |
| 614 | # user = exim |
| 615 | file_transport = address_file |
| 616 | pipe_transport = address_pipe |
| 617 | |
| 618 | |
| 619 | # This router handles forwarding using traditional .forward files in users' |
| 620 | # home directories. If you want it also to allow mail filtering when a forward |
| 621 | # file starts with the string "# Exim filter" or "# Sieve filter", uncomment |
| 622 | # the "allow_filter" option. |
| 623 | |
| 624 | # The no_verify setting means that this router is skipped when Exim is |
| 625 | # verifying addresses. Similarly, no_expn means that this router is skipped if |
| 626 | # Exim is processing an EXPN command. |
| 627 | |
| 628 | # If you want this router to treat local parts with suffixes introduced by "-" |
| 629 | # or "+" characters as if the suffixes did not exist, uncomment the two local_ |
| 630 | # part_suffix options. Then, for example, xxxx-foo@your.domain will be treated |
| 631 | # in the same way as xxxx@your.domain by this router. Because this router is |
| 632 | # not used for verification, if you choose to uncomment those options, then you |
| 633 | # will *need* to make the same change to the localuser router. (There are |
| 634 | # other approaches, if this is undesirable, but they add complexity). |
| 635 | |
| 636 | # The check_ancestor option means that if the forward file generates an |
| 637 | # address that is an ancestor of the current one, the current one gets |
| 638 | # passed on instead. This covers the case where A is aliased to B and B |
| 639 | # has a .forward file pointing to A. |
| 640 | |
| 641 | # The three transports specified at the end are those that are used when |
| 642 | # forwarding generates a direct delivery to a file, or to a pipe, or sets |
| 643 | # up an auto-reply, respectively. |
| 644 | |
| 645 | userforward: |
| 646 | driver = redirect |
| 647 | check_local_user |
| 648 | # local_part_suffix = +* : -* |
| 649 | # local_part_suffix_optional |
| 650 | file = $home/.forward |
| 651 | # allow_filter |
| 652 | no_verify |
| 653 | no_expn |
| 654 | check_ancestor |
| 655 | file_transport = address_file |
| 656 | pipe_transport = address_pipe |
| 657 | reply_transport = address_reply |
| 658 | |
| 659 | |
| 660 | # This router matches local user mailboxes. If the router fails, the error |
| 661 | # message is "Unknown user". |
| 662 | |
| 663 | # If you want this router to treat local parts with suffixes introduced by "-" |
| 664 | # or "+" characters as if the suffixes did not exist, uncomment the two local_ |
| 665 | # part_suffix options. Then, for example, xxxx-foo@your.domain will be treated |
| 666 | # in the same way as xxxx@your.domain by this router. |
| 667 | |
| 668 | localuser: |
| 669 | driver = accept |
| 670 | check_local_user |
| 671 | # local_part_suffix = +* : -* |
| 672 | # local_part_suffix_optional |
| 673 | transport = local_delivery |
| 674 | cannot_route_message = Unknown user |
| 675 | |
| 676 | |
| 677 | |
| 678 | ###################################################################### |
| 679 | # TRANSPORTS CONFIGURATION # |
| 680 | ###################################################################### |
| 681 | # ORDER DOES NOT MATTER # |
| 682 | # Only one appropriate transport is called for each delivery. # |
| 683 | ###################################################################### |
| 684 | |
| 685 | # A transport is used only when referenced from a router that successfully |
| 686 | # handles an address. |
| 687 | |
| 688 | begin transports |
| 689 | |
| 690 | |
| 691 | # This transport is used for delivering messages over SMTP connections. |
| 692 | # Refuse to send any messsage with over-long lines, which could have |
| 693 | # been receved other than via SMTP. The use of message_size_limit to |
| 694 | # enforce this is a red herring. |
| 695 | |
| 696 | remote_smtp: |
| 697 | driver = smtp |
| 698 | message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} |
| 699 | |
| 700 | |
| 701 | # This transport is used for local delivery to user mailboxes in traditional |
| 702 | # BSD mailbox format. By default it will be run under the uid and gid of the |
| 703 | # local user, and requires the sticky bit to be set on the /var/mail directory. |
| 704 | # Some systems use the alternative approach of running mail deliveries under a |
| 705 | # particular group instead of using the sticky bit. The commented options below |
| 706 | # show how this can be done. |
| 707 | |
| 708 | local_delivery: |
| 709 | driver = appendfile |
| 710 | file = /var/mail/$local_part |
| 711 | delivery_date_add |
| 712 | envelope_to_add |
| 713 | return_path_add |
| 714 | # group = mail |
| 715 | # mode = 0660 |
| 716 | |
| 717 | |
| 718 | # This transport is used for handling pipe deliveries generated by alias or |
| 719 | # .forward files. If the pipe generates any standard output, it is returned |
| 720 | # to the sender of the message as a delivery error. Set return_fail_output |
| 721 | # instead of return_output if you want this to happen only when the pipe fails |
| 722 | # to complete normally. You can set different transports for aliases and |
| 723 | # forwards if you want to - see the references to address_pipe in the routers |
| 724 | # section above. |
| 725 | |
| 726 | address_pipe: |
| 727 | driver = pipe |
| 728 | return_output |
| 729 | |
| 730 | |
| 731 | # This transport is used for handling deliveries directly to files that are |
| 732 | # generated by aliasing or forwarding. |
| 733 | |
| 734 | address_file: |
| 735 | driver = appendfile |
| 736 | delivery_date_add |
| 737 | envelope_to_add |
| 738 | return_path_add |
| 739 | |
| 740 | |
| 741 | # This transport is used for handling autoreplies generated by the filtering |
| 742 | # option of the userforward router. |
| 743 | |
| 744 | address_reply: |
| 745 | driver = autoreply |
| 746 | |
| 747 | |
| 748 | |
| 749 | ###################################################################### |
| 750 | # RETRY CONFIGURATION # |
| 751 | ###################################################################### |
| 752 | |
| 753 | begin retry |
| 754 | |
| 755 | # This single retry rule applies to all domains and all errors. It specifies |
| 756 | # retries every 15 minutes for 2 hours, then increasing retry intervals, |
| 757 | # starting at 1 hour and increasing each time by a factor of 1.5, up to 16 |
| 758 | # hours, then retries every 6 hours until 4 days have passed since the first |
| 759 | # failed delivery. |
| 760 | |
| 761 | # WARNING: If you do not have any retry rules at all (this section of the |
| 762 | # configuration is non-existent or empty), Exim will not do any retries of |
| 763 | # messages that fail to get delivered at the first attempt. The effect will |
| 764 | # be to treat temporary errors as permanent. Therefore, DO NOT remove this |
| 765 | # retry rule unless you really don't want any retries. |
| 766 | |
| 767 | # Address or Domain Error Retries |
| 768 | # ----------------- ----- ------- |
| 769 | |
| 770 | * * F,2h,15m; G,16h,1h,1.5; F,4d,6h |
| 771 | |
| 772 | |
| 773 | |
| 774 | ###################################################################### |
| 775 | # REWRITE CONFIGURATION # |
| 776 | ###################################################################### |
| 777 | |
| 778 | # There are no rewriting specifications in this default configuration file. |
| 779 | |
| 780 | begin rewrite |
| 781 | |
| 782 | |
| 783 | |
| 784 | ###################################################################### |
| 785 | # AUTHENTICATION CONFIGURATION # |
| 786 | ###################################################################### |
| 787 | |
| 788 | # The following authenticators support plaintext username/password |
| 789 | # authentication using the standard PLAIN mechanism and the traditional |
| 790 | # but non-standard LOGIN mechanism, with Exim acting as the server. |
| 791 | # PLAIN and LOGIN are enough to support most MUA software. |
| 792 | # |
| 793 | # These authenticators are not complete: you need to change the |
| 794 | # server_condition settings to specify how passwords are verified. |
| 795 | # They are set up to offer authentication to the client only if the |
| 796 | # connection is encrypted with TLS, so you also need to add support |
| 797 | # for TLS. See the global configuration options section at the start |
| 798 | # of this file for more about TLS. |
| 799 | # |
| 800 | # The default RCPT ACL checks for successful authentication, and will accept |
| 801 | # messages from authenticated users from anywhere on the Internet. |
| 802 | |
| 803 | begin authenticators |
| 804 | |
| 805 | # PLAIN authentication has no server prompts. The client sends its |
| 806 | # credentials in one lump, containing an authorization ID (which we do not |
| 807 | # use), an authentication ID, and a password. The latter two appear as |
| 808 | # $auth2 and $auth3 in the configuration and should be checked against a |
| 809 | # valid username and password. In a real configuration you would typically |
| 810 | # use $auth2 as a lookup key, and compare $auth3 against the result of the |
| 811 | # lookup, perhaps using the crypteq{}{} condition. |
| 812 | |
| 813 | #PLAIN: |
| 814 | # driver = plaintext |
| 815 | # server_set_id = $auth2 |
| 816 | # server_prompts = : |
| 817 | # server_condition = Authentication is not yet configured |
| 818 | # server_advertise_condition = ${if def:tls_in_cipher } |
| 819 | |
| 820 | # LOGIN authentication has traditional prompts and responses. There is no |
| 821 | # authorization ID in this mechanism, so unlike PLAIN the username and |
| 822 | # password are $auth1 and $auth2. Apart from that you can use the same |
| 823 | # server_condition setting for both authenticators. |
| 824 | |
| 825 | #LOGIN: |
| 826 | # driver = plaintext |
| 827 | # server_set_id = $auth1 |
| 828 | # server_prompts = <| Username: | Password: |
| 829 | # server_condition = Authentication is not yet configured |
| 830 | # server_advertise_condition = ${if def:tls_in_cipher } |
| 831 | |
| 832 | |
| 833 | ###################################################################### |
| 834 | # CONFIGURATION FOR local_scan() # |
| 835 | ###################################################################### |
| 836 | |
| 837 | # If you have built Exim to include a local_scan() function that contains |
| 838 | # tables for private options, you can define those options here. Remember to |
| 839 | # uncomment the "begin" line. It is commented by default because it provokes |
| 840 | # an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS |
| 841 | # set in the Local/Makefile. |
| 842 | |
| 843 | # begin local_scan |
| 844 | |
| 845 | |
| 846 | # End of Exim configuration file |