blob: 55838b3db78e696f6384ce01705410efaa13dcf6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
# Exim test configuration 5910
SERVER=
# advertise REQUIRETLS unless commandline override
SRV= *
# set on commandline to add an extra rcpt-time acl condition
ACL=
exim_path = EXIM_PATH
keep_environment =
host_lookup_order = bydns
spool_directory = DIR/spool
.ifdef SERVER
log_file_path = DIR/spool/log/SERVER%slog
.else
log_file_path = DIR/spool/log/%slog
.endif
gecos_pattern = ""
gecos_name = CALLER_NAME
chunking_advertise_hosts =
.ifdef _HAVE_PIPE_CONNECT
pipelining_connect_advertise_hosts =
.endif
primary_hostname = myhost.test.ex
# ----- Main settings -----
acl_smtp_mail = m
acl_smtp_rcpt = r
acl_not_smtp = n
log_selector = +tls_peerdn +received_recipients
queue_only
queue_run_in_order
tls_advertise_hosts = *
tls_advertise_requiretls = SRV
# Set certificate only if server
tls_certificate = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
tls_privatekey = ${if eq {SERVER}{server}{DIR/aux-fixed/cert1}fail}
#tls_verify_hosts = *
#tls_verify_certificates = ${if eq {SERVER}{server}{DIR/aux-fixed/cert2}fail}
# ----- ACL -----
begin acl
m:
accept senders = :
deny condition = ${if eq {SERVER}{server}}
!sender_domains = test.ex : myhost.test.ex
accept
r:
warn condition = ${if eq {SERVER}{server}}
logwrite = requiretls: $requiretls
# define this to upgrade messages to REQUIRETLS
.ifdef OPT
warn
condition = ${if !bool{$requiretls}}
logwrite = upgrading
control = requiretls
.endif
accept ACL
n:
.ifdef OPT
accept
condition = ${if !bool{$requiretls}}
logwrite = upgrading
control = requiretls
.endif
accept
# ----- Routers -----
begin routers
bounces:
driver = redirect
condition = ${if !def:sender_address}
condition = ${if first_delivery}
data = :defer:
allow_defer
final:
driver = accept
condition = ${if eq {$received_ip_address}{HOSTIPV4} {yes}{no}}
transport = file_a_bounce
client:
driver = accept
transport = send_to_server
# ----- Transports -----
begin transports
file_a_bounce:
driver = appendfile
delivery_date_add
envelope_to_add
file = DIR/test-mail/$local_part
return_path_add
user = CALLER
send_to_server:
driver = smtp
allow_localhost
hosts = HOSTIPV4
port = PORT_D
tls_certificate = DIR/aux-fixed/cert2
tls_privatekey = DIR/aux-fixed/cert2
tls_verify_certificates = DIR/aux-fixed/cert2
tls_try_verify_hosts = :
# ----- Retry -----
begin retry
* * F,5d,10s
# End
|