projects
/
mirror
/
dsa-puppet.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch 'master' of ssh://handel.debian.org/srv/puppet.debian.org/git/dsa-puppet
[mirror/dsa-puppet.git]
/
modules
/
exim
/
templates
/
eximconf.erb
diff --git
a/modules/exim/templates/eximconf.erb
b/modules/exim/templates/eximconf.erb
index
db3674c
..
462daa8
100644
(file)
--- a/
modules/exim/templates/eximconf.erb
+++ b/
modules/exim/templates/eximconf.erb
@@
-27,10
+27,6
@@
# is much like a local domain, execpt that the delivery location
# and allowed set of users is controlled by a virtual domain
# alias file and not /etc/passwd. Wildcards are permitted
# is much like a local domain, execpt that the delivery location
# and allowed set of users is controlled by a virtual domain
# alias file and not /etc/passwd. Wildcards are permitted
-# rcpthosts - recipient hosts or relay domains. This is a list of
-# all hosts that we mail exchange for. All domains that list
-# this host in their MX records should be listed here. Wildcards
-# are permitted.
# relayhosts - Hostnames that can send any arbitarily addressed mail to
# us. This is primarily only usefull for emergancy 'queue
# flushing' operations, but should be populated with a list
# relayhosts - Hostnames that can send any arbitarily addressed mail to
# us. This is primarily only usefull for emergancy 'queue
# flushing' operations, but should be populated with a list
@@
-140,7
+136,6
@@
localpartlist postmasterish = postmaster : abuse : hostmaster : root
# Domains we relay for; that is domains that aren't considered local but we
# accept mail for them.
# Domains we relay for; that is domains that aren't considered local but we
# accept mail for them.
-domainlist rcpthosts = partial-lsearch;/etc/exim4/rcpthosts
hostlist debianhosts = 127.0.0.1 : net-lsearch;/var/lib/misc/thishost/debianhosts
<%=
out = ""
hostlist debianhosts = 127.0.0.1 : net-lsearch;/var/lib/misc/thishost/debianhosts
<%=
out = ""
@@
-219,7
+214,8
@@
delay_warning =
<% if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? %>
queue_run_max = 50
deliver_queue_load_max = 50
<% if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? %>
queue_run_max = 50
deliver_queue_load_max = 50
-queue_only_load = 15
+queue_only_load = 35
+smtp_load_reserve = 20
<% else %>
queue_run_max = 5
deliver_queue_load_max = 10
<% else %>
queue_run_max = 5
deliver_queue_load_max = 10
@@
-239,7
+235,7
@@
ports = []
out = "daemon_smtp_ports = "
ports << 25
out = "daemon_smtp_ports = "
ports << 25
-if nodeinfo['bugsmaster']
+if nodeinfo['bugsmaster']
or nodeinfo['bugsmx']
ports << 587
end
ports << 587
end
@@
-413,7
+409,6
@@
out
%>
<%=
%>
<%=
-out = ""
if nodeinfo['smarthost'].empty?
out = '
# These are in HELO acl so that they are only run once. They increment a counter,
if nodeinfo['smarthost'].empty?
out = '
# These are in HELO acl so that they are only run once. They increment a counter,
@@
-491,6
+486,12
@@
if nodeinfo['smarthost'].empty?
log_message = random HELO
set acl_c_scr = ${eval:$acl_c_scr+5}
'
log_message = random HELO
set acl_c_scr = ${eval:$acl_c_scr+5}
'
+else
+ out = '
+ drop !hosts = +debianhosts
+ log_message = mail from non-d.o host
+ message = Interesting. I doubt that should have happened.
+'
end
out
%>
end
out
%>
@@
-784,7
+785,7
@@
if has_variable?("greylistd") && greylistd == "true"
{/var/lib/greylistd/whitelist-hosts}{}}
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
{/var/lib/greylistd/whitelist-hosts}{}}
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
- domains = +handled_domains
: +rcpthosts
+ domains = +handled_domains
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
$sender_host_address \
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
$sender_host_address \
@@
-809,7
+810,7
@@
elsif has_variable?("postgrey") && postgrey == "true"
!hosts = : +debianhosts : WHITELIST
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
!hosts = : +debianhosts : WHITELIST
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
- domains = +handled_domains
: +rcpthosts
+ domains = +handled_domains
local_parts = GREYLIST_LOCAL_PARTS
set acl_m_pgr = request=smtpd_access_policy\n\
protocol_state=RCPT\n\
local_parts = GREYLIST_LOCAL_PARTS
set acl_m_pgr = request=smtpd_access_policy\n\
protocol_state=RCPT\n\
@@
-834,7
+835,7
@@
elsif has_variable?("postgrey") && postgrey == "true"
!hosts = : +debianhosts : WHITELIST
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
!hosts = : +debianhosts : WHITELIST
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
- domains = +handled_domains
: +rcpthosts
+ domains = +handled_domains
local_parts = GREYLIST_LOCAL_PARTS
condition = ${if eq{${uc:${substr_0_7:$acl_m_pgr}}}{PREPEND}}
message = ${sg{$acl_m_pgr}{^\\\\w+\\\\s*}{}}
local_parts = GREYLIST_LOCAL_PARTS
condition = ${if eq{${uc:${substr_0_7:$acl_m_pgr}}}{PREPEND}}
message = ${sg{$acl_m_pgr}{^\\\\w+\\\\s*}{}}
@@
-844,7
+845,7
@@
out
%>
accept local_parts = +postmasterish
%>
accept local_parts = +postmasterish
- domains = +handled_domains
: +rcpthosts
+ domains = +handled_domains
deny hosts = ${if exists{/etc/exim4/host_blacklist}{/etc/exim4/host_blacklist}{}}
message = I'm terribly sorry, but it seems you have been blacklisted
deny hosts = ${if exists{/etc/exim4/host_blacklist}{/etc/exim4/host_blacklist}{}}
message = I'm terribly sorry, but it seems you have been blacklisted
@@
-864,7
+865,7
@@
if nodeinfo['smarthost'].empty?
{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rbllist}}}{$value}{}}}{}}}\
{${lookup{$local_part}lsearch{/etc/exim4/rbllist}{$value}{}} : \
${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rbl}{$value}{}}}}
{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rbllist}}}{$value}{}}}{}}}\
{${lookup{$local_part}lsearch{/etc/exim4/rbllist}{$value}{}} : \
${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rbl}{$value}{}}}}
- domains = +handled_domains
: +rcpthosts
+ domains = +handled_domains
!hosts = +debianhosts : WHITELIST
'
end
!hosts = +debianhosts : WHITELIST
'
end
@@
-877,14
+878,14
@@
out
{${expand:${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rhsbllist}}}{$value}{}}}}{}}}\
{${expand:${lookup{$local_part}lsearch{/etc/exim4/rhsbllist}{$value}{}}} : \
${expand:${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rhsbl}{$value}{}}}}}
{${expand:${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rhsbllist}}}{$value}{}}}}{}}}\
{${expand:${lookup{$local_part}lsearch{/etc/exim4/rhsbllist}{$value}{}}} : \
${expand:${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rhsbl}{$value}{}}}}}
- domains = +handled_domains
: +rcpthosts
+ domains = +handled_domains
!hosts = +debianhosts : WHITELIST
<%=
out = ""
if nodeinfo['smarthost'].empty?
out = '
!hosts = +debianhosts : WHITELIST
<%=
out = ""
if nodeinfo['smarthost'].empty?
out = '
- deny domains = +handled_domains
: +rcpthosts
+ deny domains = +handled_domains
local_parts = ${if match_domain{$domain}{+virtual_domains}\
{${if exists {${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}\
{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}{$local_part}{}}}{}}}\
local_parts = ${if match_domain{$domain}{+virtual_domains}\
{${if exists {${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}\
{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}{$local_part}{}}}{}}}\
@@
-914,11
+915,6
@@
out
message = unknown user
verify = recipient/defer_ok
message = unknown user
verify = recipient/defer_ok
- accept domains = +rcpthosts
- endpass
- message = unrouteable address
- verify = recipient
-
accept hosts = +debianhosts
accept authenticated = *
accept hosts = +debianhosts
accept authenticated = *
@@
-1375,14
+1371,18
@@
out
<%=
out = ""
<%=
out = ""
-if nodeinfo['bugsmaster']
+if nodeinfo['bugsmaster'] or nodeinfo['bugsmx']
+ domain = 'bugs.debian.org'
+ if nodeinfo['bugsmaster']
+ domain = 'bugs-master.debian.org'
+ end
out = '
# This router delivers for bugs.d.o
bugs:
debug_print = "R: bugs for $local_part@$domain"
driver = accept
transport = bugs_pipe
out = '
# This router delivers for bugs.d.o
bugs:
debug_print = "R: bugs for $local_part@$domain"
driver = accept
transport = bugs_pipe
- domains =
bugs.debian.org
+ domains =
' + domain + '
cannot_route_message = Unknown or archived bug
require_files = /org/bugs.debian.org/mail/run-procmail
no_more
cannot_route_message = Unknown or archived bug
require_files = /org/bugs.debian.org/mail/run-procmail
no_more
@@
-1675,7
+1675,7
@@
bsmtp:
<%=
out = ""
<%=
out = ""
-if nodeinfo['bugsmaster']
+if nodeinfo['bugsmaster']
or nodeinfo['bugsmx']
out = '
bugs_pipe:
driver = pipe
out = '
bugs_pipe:
driver = pipe