diff options
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | conf.d/000_local.conf.example | 68 | ||||
-rw-r--r-- | conf.d/010_main.conf | 71 | ||||
-rw-r--r-- | conf.d/020_acl.conf | 2 | ||||
-rw-r--r-- | conf.d/030_routers.conf | 2 | ||||
-rw-r--r-- | conf.d/040_transports.conf | 2 | ||||
-rw-r--r-- | exim.conf | 2 |
7 files changed, 77 insertions, 72 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..269565c --- /dev/null +++ b/.gitignore | |||
@@ -0,0 +1,2 @@ | |||
1 | conf.d/000_local.conf | ||
2 | |||
diff --git a/conf.d/000_local.conf.example b/conf.d/000_local.conf.example new file mode 100644 index 0000000..edb41fa --- /dev/null +++ b/conf.d/000_local.conf.example | |||
@@ -0,0 +1,68 @@ | |||
1 | ###################################################################### | ||
2 | # LOCAL CONFIGURATION # | ||
3 | # Specifies settings specific for the current host # | ||
4 | ###################################################################### | ||
5 | |||
6 | # Specify your host's canonical name here. This should normally be the fully | ||
7 | # qualified "official" name of your host. If this option is not set, the | ||
8 | # uname() function is called to obtain the name. In many cases this does | ||
9 | # the right thing and you need not set anything explicitly. | ||
10 | |||
11 | primary_hostname = | ||
12 | |||
13 | # The next three settings create two lists of domains and one list of hosts. | ||
14 | # These lists are referred to later in this configuration using the syntax | ||
15 | # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They | ||
16 | # are all colon-separated lists: | ||
17 | |||
18 | domainlist local_domains = @ | ||
19 | domainlist relay_to_domains = | ||
20 | hostlist relay_from_hosts = localhost | ||
21 | hostlist trusted_relay_hosts = | ||
22 | # (We rely upon hostname resolution working for localhost, because the default | ||
23 | # uncommented configuration needs to work in IPv4-only environments.) | ||
24 | |||
25 | # Most straightforward access control requirements can be obtained by | ||
26 | # appropriate settings of the above options. In more complicated situations, | ||
27 | # you may need to modify the Access Control Lists (ACLs) which appear later in | ||
28 | # this file. | ||
29 | |||
30 | # The first setting specifies your local domains, for example: | ||
31 | # | ||
32 | # domainlist local_domains = my.first.domain : my.second.domain | ||
33 | # | ||
34 | # You can use "@" to mean "the name of the local host", as in the default | ||
35 | # setting above. This is the name that is specified by primary_hostname, | ||
36 | # as specified above (or defaulted). If you do not want to do any local | ||
37 | # deliveries, remove the "@" from the setting above. If you want to accept mail | ||
38 | # addressed to your host's literal IP address, for example, mail addressed to | ||
39 | # "user@[192.168.23.44]", you can add "@[]" as an item in the local domains | ||
40 | # list. You also need to uncomment "allow_domain_literals" below. This is not | ||
41 | # recommended for today's Internet. | ||
42 | |||
43 | # The second setting specifies domains for which your host is an incoming relay. | ||
44 | # If you are not doing any relaying, you should leave the list empty. However, | ||
45 | # if your host is an MX backup or gateway of some kind for some domains, you | ||
46 | # must set relay_to_domains to match those domains. For example: | ||
47 | # | ||
48 | # domainlist relay_to_domains = *.myco.com : my.friend.org | ||
49 | # | ||
50 | # This will allow any host to relay through your host to those domains. | ||
51 | # See the section of the manual entitled "Control of relaying" for more | ||
52 | # information. | ||
53 | |||
54 | # The third setting specifies hosts that can use your host as an outgoing relay | ||
55 | # to any other host on the Internet. Such a setting commonly refers to a | ||
56 | # complete local network as well as the localhost. For example: | ||
57 | # | ||
58 | # hostlist relay_from_hosts = <; 127.0.0.1 ; ::1 ; 192.168.0.0/16 | ||
59 | # | ||
60 | # The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you | ||
61 | # have to include 127.0.0.1 if you want to allow processes on your host to send | ||
62 | # SMTP mail by using the loopback address. A number of MUAs use this method of | ||
63 | # sending mail. Often, connections are made to "localhost", which might be ::1 | ||
64 | # on IPv6-enabled hosts. Do not forget CIDR for your IPv6 networks. | ||
65 | |||
66 | # All three of these lists may contain many different kinds of item, including | ||
67 | # wildcarded names, regular expressions, and file lookups. See the reference | ||
68 | # manual for details. | ||
diff --git a/conf.d/010_main.conf b/conf.d/010_main.conf index 04ddd47..848304f 100644 --- a/conf.d/010_main.conf +++ b/conf.d/010_main.conf | |||
@@ -1,72 +1,9 @@ | |||
1 | ###################################################################### | 1 | ###################################################################### |
2 | # MAIN CONFIGURATION SETTINGS # | 2 | # MAIN CONFIGURATION SETTINGS # |
3 | ###################################################################### | 3 | ###################################################################### |
4 | # | ||
5 | |||
6 | # Specify your host's canonical name here. This should normally be the fully | ||
7 | # qualified "official" name of your host. If this option is not set, the | ||
8 | # uname() function is called to obtain the name. In many cases this does | ||
9 | # the right thing and you need not set anything explicitly. | ||
10 | |||
11 | primary_hostname = | ||
12 | SHORT_HOSTNAME = | ||
13 | |||
14 | # The next three settings create two lists of domains and one list of hosts. | ||
15 | # These lists are referred to later in this configuration using the syntax | ||
16 | # +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They | ||
17 | # are all colon-separated lists: | ||
18 | |||
19 | domainlist local_domains = @ | ||
20 | domainlist relay_to_domains = | ||
21 | hostlist relay_from_hosts = localhost | ||
22 | # (We rely upon hostname resolution working for localhost, because the default | ||
23 | # uncommented configuration needs to work in IPv4-only environments.) | ||
24 | |||
25 | # Most straightforward access control requirements can be obtained by | ||
26 | # appropriate settings of the above options. In more complicated situations, | ||
27 | # you may need to modify the Access Control Lists (ACLs) which appear later in | ||
28 | # this file. | ||
29 | |||
30 | # The first setting specifies your local domains, for example: | ||
31 | # | ||
32 | # domainlist local_domains = my.first.domain : my.second.domain | ||
33 | # | ||
34 | # You can use "@" to mean "the name of the local host", as in the default | ||
35 | # setting above. This is the name that is specified by primary_hostname, | ||
36 | # as specified above (or defaulted). If you do not want to do any local | ||
37 | # deliveries, remove the "@" from the setting above. If you want to accept mail | ||
38 | # addressed to your host's literal IP address, for example, mail addressed to | ||
39 | # "user@[192.168.23.44]", you can add "@[]" as an item in the local domains | ||
40 | # list. You also need to uncomment "allow_domain_literals" below. This is not | ||
41 | # recommended for today's Internet. | ||
42 | |||
43 | # The second setting specifies domains for which your host is an incoming relay. | ||
44 | # If you are not doing any relaying, you should leave the list empty. However, | ||
45 | # if your host is an MX backup or gateway of some kind for some domains, you | ||
46 | # must set relay_to_domains to match those domains. For example: | ||
47 | # | ||
48 | # domainlist relay_to_domains = *.myco.com : my.friend.org | ||
49 | # | ||
50 | # This will allow any host to relay through your host to those domains. | ||
51 | # See the section of the manual entitled "Control of relaying" for more | ||
52 | # information. | ||
53 | |||
54 | # The third setting specifies hosts that can use your host as an outgoing relay | ||
55 | # to any other host on the Internet. Such a setting commonly refers to a | ||
56 | # complete local network as well as the localhost. For example: | ||
57 | # | ||
58 | # hostlist relay_from_hosts = <; 127.0.0.1 ; ::1 ; 192.168.0.0/16 | ||
59 | # | ||
60 | # The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you | ||
61 | # have to include 127.0.0.1 if you want to allow processes on your host to send | ||
62 | # SMTP mail by using the loopback address. A number of MUAs use this method of | ||
63 | # sending mail. Often, connections are made to "localhost", which might be ::1 | ||
64 | # on IPv6-enabled hosts. Do not forget CIDR for your IPv6 networks. | ||
65 | 4 | ||
66 | # All three of these lists may contain many different kinds of item, including | 5 | # Access control lists for checking incoming messages. |
67 | # wildcarded names, regular expressions, and file lookups. See the reference | 6 | # The names of these ACLs are defined here: |
68 | # manual for details. The lists above are used in the access control lists for | ||
69 | # checking incoming messages. The names of these ACLs are defined here: | ||
70 | 7 | ||
71 | acl_smtp_rcpt = ${if ={587}{$interface_port} {acl_mua_rcpt} {acl_mta_rcpt}} | 8 | acl_smtp_rcpt = ${if ={587}{$interface_port} {acl_mua_rcpt} {acl_mta_rcpt}} |
72 | acl_smtp_mail = ${if ={587}{$interface_port} {acl_mua_mail} {accept}} | 9 | acl_smtp_mail = ${if ={587}{$interface_port} {acl_mua_mail} {accept}} |
@@ -325,7 +262,3 @@ timeout_frozen_after = 7d | |||
325 | 262 | ||
326 | # keep_environment = ^LDAP | 263 | # keep_environment = ^LDAP |
327 | # add_environment = PATH=/usr/bin::/bin | 264 | # add_environment = PATH=/usr/bin::/bin |
328 | |||
329 | |||
330 | # LMTP backend | ||
331 | LMTP_BACKENDS = | ||
diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf index 1701a12..3b1ce2a 100644 --- a/conf.d/020_acl.conf +++ b/conf.d/020_acl.conf | |||
@@ -41,7 +41,7 @@ acl_check_alias: | |||
41 | acl_check_rcpt_host_policy: | 41 | acl_check_rcpt_host_policy: |
42 | 42 | ||
43 | # Accept all messages from trusted hosts and relays. | 43 | # Accept all messages from trusted hosts and relays. |
44 | accept hosts = +redirected_from_hosts | 44 | accept hosts = +trusted_relay_hosts |
45 | 45 | ||
46 | # Deny messages from hosts known to be bad. | 46 | # Deny messages from hosts known to be bad. |
47 | deny dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net | 47 | deny dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net |
diff --git a/conf.d/030_routers.conf b/conf.d/030_routers.conf index c88b94c..a74fb44 100644 --- a/conf.d/030_routers.conf +++ b/conf.d/030_routers.conf | |||
@@ -164,6 +164,6 @@ local_user: | |||
164 | transport = dovecot_lmtp | 164 | transport = dovecot_lmtp |
165 | domains = +local_domains | 165 | domains = +local_domains |
166 | driver = manualroute | 166 | driver = manualroute |
167 | route_list = "* LMTP_BACKENDS byname" | 167 | route_data = ${lookup{$domain}lsearch*{LMTPMAP}} |
168 | host_find_failed = ignore | 168 | host_find_failed = ignore |
169 | host_all_ignored = defer | 169 | host_all_ignored = defer |
diff --git a/conf.d/040_transports.conf b/conf.d/040_transports.conf index af605d5..ec5c0ab 100644 --- a/conf.d/040_transports.conf +++ b/conf.d/040_transports.conf | |||
@@ -20,7 +20,7 @@ remote_smtp: | |||
20 | driver = smtp | 20 | driver = smtp |
21 | message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} | 21 | message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} |
22 | dkim_domain = $sender_address_domain | 22 | dkim_domain = $sender_address_domain |
23 | dkim_selector = SHORT_HOSTNAME | 23 | dkim_selector = $primary_hostname |
24 | dkim_private_key = DKIMDIR/$dkim_selector._domainkey.$dkim_domain.pem | 24 | dkim_private_key = DKIMDIR/$dkim_selector._domainkey.$dkim_domain.pem |
25 | dkim_canon = relaxed | 25 | dkim_canon = relaxed |
26 | dkim_strict = yes | 26 | dkim_strict = yes |
@@ -43,7 +43,9 @@ DKIMDIR = /etc/mail/dkim | |||
43 | 43 | ||
44 | USERLIST = /etc/mail/list.d/users.list | 44 | USERLIST = /etc/mail/list.d/users.list |
45 | ALIASMAP = /etc/mail/list.d/aliases.map | 45 | ALIASMAP = /etc/mail/list.d/aliases.map |
46 | LMTPMAP = /etc/mail/list.d/lmtp.map | ||
46 | 47 | ||
48 | .include CONFDIR/conf.d/000_local.conf | ||
47 | .include CONFDIR/conf.d/010_main.conf | 49 | .include CONFDIR/conf.d/010_main.conf |
48 | .include CONFDIR/conf.d/020_acl.conf | 50 | .include CONFDIR/conf.d/020_acl.conf |
49 | .include CONFDIR/conf.d/030_routers.conf | 51 | .include CONFDIR/conf.d/030_routers.conf |