diff options
-rw-r--r-- | exim.conf | 867 |
1 files changed, 867 insertions, 0 deletions
diff --git a/exim.conf b/exim.conf new file mode 100644 index 0000000..84e135d --- /dev/null +++ b/exim.conf | |||
@@ -0,0 +1,867 @@ | |||
1 | ###################################################################### | ||
2 | # Runtime configuration file for Exim # | ||
3 | ###################################################################### | ||
4 | |||
5 | |||
6 | # This is a default configuration file which will operate correctly in | ||
7 | # uncomplicated installations. Please see the manual for a complete list | ||
8 | # of all the runtime configuration options that can be included in a | ||
9 | # configuration file. There are many more than are mentioned here. The | ||
10 | # manual is in the file doc/spec.txt in the Exim distribution as a plain | ||
11 | # ASCII file. Other formats (PostScript, Texinfo, HTML, PDF) are available | ||
12 | # from the Exim ftp sites. The manual is also online at the Exim web sites. | ||
13 | |||
14 | |||
15 | # This file is divided into several parts, all but the first of which are | ||
16 | # headed by a line starting with the word "begin". Only those parts that | ||
17 | # are required need to be present. Blank lines, and lines starting with # | ||
18 | # are ignored. | ||
19 | |||
20 | |||
21 | ########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ########### | ||
22 | # # | ||
23 | # Whenever you change Exim's configuration file, you *must* remember to # | ||
24 | # HUP the Exim daemon, because it will not pick up the new configuration # | ||
25 | # until you do. However, any other Exim processes that are started, for # | ||
26 | # example, a process started by an MUA in order to send a message, will # | ||
27 | # see the new configuration as soon as it is in place. # | ||
28 | # # | ||
29 | # You do not need to HUP the daemon for changes in auxiliary files that # | ||
30 | # are referenced from this file. They are read every time they are used. # | ||
31 | # # | ||
32 | # It is usually a good idea to test a new configuration for syntactic # | ||
33 | # correctness before installing it (for example, by running the command # | ||
34 | # "exim -C /config/file.new -bV"). # | ||
35 | # # | ||
36 | ########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ########### | ||
37 | |||
38 | |||
39 | |||
40 | ###################################################################### | ||
41 | # MAIN CONFIGURATION SETTINGS # | ||
42 | ###################################################################### | ||
43 | # | ||
44 | |||
45 | # Specify your host's canonical name here. This should normally be the fully | ||
46 | # qualified "official" name of your host. If this option is not set, the | ||
47 | # uname() function is called to obtain the name. In many cases this does | ||
48 | # the right thing and you need not set anything explicitly. | ||
49 | |||
50 | # primary_hostname = | ||
51 | |||
52 | |||
53 | # The next three settings create two lists of domains and one list of hosts. | ||
54 | # These lists are referred to later in this configuration using the syntax | ||
55 | # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They | ||
56 | # are all colon-separated lists: | ||
57 | |||
58 | domainlist local_domains = @ | ||
59 | domainlist relay_to_domains = | ||
60 | hostlist relay_from_hosts = localhost | ||
61 | # (We rely upon hostname resolution working for localhost, because the default | ||
62 | # uncommented configuration needs to work in IPv4-only environments.) | ||
63 | |||
64 | # Most straightforward access control requirements can be obtained by | ||
65 | # appropriate settings of the above options. In more complicated situations, | ||
66 | # you may need to modify the Access Control Lists (ACLs) which appear later in | ||
67 | # this file. | ||
68 | |||
69 | # The first setting specifies your local domains, for example: | ||
70 | # | ||
71 | # domainlist local_domains = my.first.domain : my.second.domain | ||
72 | # | ||
73 | # You can use "@" to mean "the name of the local host", as in the default | ||
74 | # setting above. This is the name that is specified by primary_hostname, | ||
75 | # as specified above (or defaulted). If you do not want to do any local | ||
76 | # deliveries, remove the "@" from the setting above. If you want to accept mail | ||
77 | # addressed to your host's literal IP address, for example, mail addressed to | ||
78 | # "user@[192.168.23.44]", you can add "@[]" as an item in the local domains | ||
79 | # list. You also need to uncomment "allow_domain_literals" below. This is not | ||
80 | # recommended for today's Internet. | ||
81 | |||
82 | # The second setting specifies domains for which your host is an incoming relay. | ||
83 | # If you are not doing any relaying, you should leave the list empty. However, | ||
84 | # if your host is an MX backup or gateway of some kind for some domains, you | ||
85 | # must set relay_to_domains to match those domains. For example: | ||
86 | # | ||
87 | # domainlist relay_to_domains = *.myco.com : my.friend.org | ||
88 | # | ||
89 | # This will allow any host to relay through your host to those domains. | ||
90 | # See the section of the manual entitled "Control of relaying" for more | ||
91 | # information. | ||
92 | |||
93 | # The third setting specifies hosts that can use your host as an outgoing relay | ||
94 | # to any other host on the Internet. Such a setting commonly refers to a | ||
95 | # complete local network as well as the localhost. For example: | ||
96 | # | ||
97 | # hostlist relay_from_hosts = <; 127.0.0.1 ; ::1 ; 192.168.0.0/16 | ||
98 | # | ||
99 | # The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you | ||
100 | # have to include 127.0.0.1 if you want to allow processes on your host to send | ||
101 | # SMTP mail by using the loopback address. A number of MUAs use this method of | ||
102 | # sending mail. Often, connections are made to "localhost", which might be ::1 | ||
103 | # on IPv6-enabled hosts. Do not forget CIDR for your IPv6 networks. | ||
104 | |||
105 | # All three of these lists may contain many different kinds of item, including | ||
106 | # wildcarded names, regular expressions, and file lookups. See the reference | ||
107 | # manual for details. The lists above are used in the access control lists for | ||
108 | # checking incoming messages. The names of these ACLs are defined here: | ||
109 | |||
110 | acl_smtp_rcpt = acl_check_rcpt | ||
111 | acl_smtp_data = acl_check_data | ||
112 | |||
113 | # You should not change those settings until you understand how ACLs work. | ||
114 | |||
115 | |||
116 | # If you are running a version of Exim that was compiled with the content- | ||
117 | # scanning extension, you can cause incoming messages to be automatically | ||
118 | # scanned for viruses. You have to modify the configuration in two places to | ||
119 | # set this up. The first of them is here, where you define the interface to | ||
120 | # your scanner. This example is typical for ClamAV; see the manual for details | ||
121 | # of what to set for other virus scanners. The second modification is in the | ||
122 | # acl_check_data access control list (see below). | ||
123 | |||
124 | # av_scanner = clamd:/run/clamav/clamd.sock | ||
125 | |||
126 | |||
127 | # For spam scanning, there is a similar option that defines the interface to | ||
128 | # SpamAssassin. You do not need to set this if you are using the default, which | ||
129 | # is shown in this commented example. As for virus scanning, you must also | ||
130 | # modify the acl_check_data access control list to enable spam scanning. | ||
131 | |||
132 | # spamd_address = 127.0.0.1 783 | ||
133 | # spamd_address = 127.0.0.1 11333 variant=rspamd | ||
134 | |||
135 | |||
136 | # If Exim is compiled with support for TLS, you may want to enable the | ||
137 | # following options so that Exim allows clients to make encrypted | ||
138 | # connections. In the authenticators section below, there are template | ||
139 | # configurations for plaintext username/password authentication. This kind | ||
140 | # of authentication is only safe when used within a TLS connection, so the | ||
141 | # authenticators will only work if the following TLS settings are turned on | ||
142 | # as well. | ||
143 | |||
144 | # Allow any client to use TLS. | ||
145 | |||
146 | # tls_advertise_hosts = * | ||
147 | |||
148 | # Specify the location of the Exim server's TLS certificate and private key. | ||
149 | # The private key must not be encrypted (password protected). You can put | ||
150 | # the certificate and private key in the same file, in which case you only | ||
151 | # need the first setting, or in separate files, in which case you need both | ||
152 | # options. | ||
153 | |||
154 | # tls_certificate = /etc/ssl/exim.crt | ||
155 | # tls_privatekey = /etc/ssl/exim.pem | ||
156 | |||
157 | # In order to support roaming users who wish to send email from anywhere, | ||
158 | # you may want to make Exim listen on other ports as well as port 25, in | ||
159 | # case these users need to send email from a network that blocks port 25. | ||
160 | # The standard port for this purpose is port 587, the "message submission" | ||
161 | # port. See RFC 4409 for details. Microsoft MUAs cannot be configured to | ||
162 | # talk the message submission protocol correctly, so if you need to support | ||
163 | # them you should also allow TLS-on-connect on the traditional but | ||
164 | # non-standard port 465. | ||
165 | |||
166 | # daemon_smtp_ports = 25 : 465 : 587 | ||
167 | # tls_on_connect_ports = 465 | ||
168 | |||
169 | |||
170 | # Specify the domain you want to be added to all unqualified addresses | ||
171 | # here. An unqualified address is one that does not contain an "@" character | ||
172 | # followed by a domain. For example, "caesar@rome.example" is a fully qualified | ||
173 | # address, but the string "caesar" (i.e. just a login name) is an unqualified | ||
174 | # email address. Unqualified addresses are accepted only from local callers by | ||
175 | # default. See the recipient_unqualified_hosts option if you want to permit | ||
176 | # unqualified addresses from remote sources. If this option is not set, the | ||
177 | # primary_hostname value is used for qualification. | ||
178 | |||
179 | # qualify_domain = | ||
180 | |||
181 | |||
182 | # If you want unqualified recipient addresses to be qualified with a different | ||
183 | # domain to unqualified sender addresses, specify the recipient domain here. | ||
184 | # If this option is not set, the qualify_domain value is used. | ||
185 | |||
186 | # qualify_recipient = | ||
187 | |||
188 | |||
189 | # The following line must be uncommented if you want Exim to recognize | ||
190 | # addresses of the form "user@[10.11.12.13]" that is, with a "domain literal" | ||
191 | # (an IP address) instead of a named domain. The RFCs still require this form, | ||
192 | # but it makes little sense to permit mail to be sent to specific hosts by | ||
193 | # their IP address in the modern Internet. This ancient format has been used | ||
194 | # by those seeking to abuse hosts by using them for unwanted relaying. If you | ||
195 | # really do want to support domain literals, uncomment the following line, and | ||
196 | # see also the "domain_literal" router below. | ||
197 | |||
198 | # allow_domain_literals | ||
199 | |||
200 | |||
201 | # No deliveries will ever be run under the uids of users specified by | ||
202 | # never_users (a colon-separated list). An attempt to do so causes a panic | ||
203 | # error to be logged, and the delivery to be deferred. This is a paranoic | ||
204 | # safety catch. There is an even stronger safety catch in the form of the | ||
205 | # FIXED_NEVER_USERS setting in the configuration for building Exim. The list of | ||
206 | # users that it specifies is built into the binary, and cannot be changed. The | ||
207 | # option below just adds additional users to the list. The default for | ||
208 | # FIXED_NEVER_USERS is "root", but just to be absolutely sure, the default here | ||
209 | # is also "root". | ||
210 | |||
211 | # Note that the default setting means you cannot deliver mail addressed to root | ||
212 | # as if it were a normal user. This isn't usually a problem, as most sites have | ||
213 | # an alias for root that redirects such mail to a human administrator. | ||
214 | |||
215 | never_users = root | ||
216 | |||
217 | |||
218 | # The setting below causes Exim to do a reverse DNS lookup on all incoming | ||
219 | # IP calls, in order to get the true host name. If you feel this is too | ||
220 | # expensive, you can specify the networks for which a lookup is done, or | ||
221 | # remove the setting entirely. | ||
222 | |||
223 | host_lookup = * | ||
224 | |||
225 | |||
226 | # The settings below cause Exim to make RFC 1413 (ident) callbacks | ||
227 | # for all incoming SMTP calls. You can limit the hosts to which these | ||
228 | # calls are made, and/or change the timeout that is used. If you set | ||
229 | # the timeout to zero, all RFC 1413 calls are disabled. RFC 1413 calls | ||
230 | # are cheap and can provide useful information for tracing problem | ||
231 | # messages, but some hosts and firewalls have problems with them. | ||
232 | # This can result in a timeout instead of an immediate refused | ||
233 | # connection, leading to delays on starting up SMTP sessions. | ||
234 | # (The default was reduced from 30s to 5s for release 4.61. and to | ||
235 | # disabled for release 4.86) | ||
236 | # | ||
237 | #rfc1413_hosts = * | ||
238 | #rfc1413_query_timeout = 5s | ||
239 | |||
240 | |||
241 | # Enable an efficiency feature. We advertise the feature; clients | ||
242 | # may request to use it. For multi-recipient mails we then can | ||
243 | # reject or accept per-user after the message is received. | ||
244 | # | ||
245 | prdr_enable = true | ||
246 | |||
247 | |||
248 | # By default, Exim expects all envelope addresses to be fully qualified, that | ||
249 | # is, they must contain both a local part and a domain. If you want to accept | ||
250 | # unqualified addresses (just a local part) from certain hosts, you can specify | ||
251 | # these hosts by setting one or both of | ||
252 | # | ||
253 | # sender_unqualified_hosts = | ||
254 | # recipient_unqualified_hosts = | ||
255 | # | ||
256 | # to control sender and |