# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
host_lookup = *
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
host_lookup = *
# If this option is set, then any process that is running as one of the
# listed users may pass a message to Exim and specify the sender's
# If this option is set, then any process that is running as one of the
# listed users may pass a message to Exim and specify the sender's
+acl_spamlovers:
+ # There are a few profiles that don't want much smtp time checking of
+ # mail. It's easier to track them in one place
+
+ accept condition = ${if eq {$acl_m_prf}{PopconMail}}
+ accept condition = ${if eq {$acl_m_prf}{BugsMail}}
+ deny
+
# This is a rough pass at preventing addres harvesting or other mail blasts.
defer log_message = Too many bad recipients ${eval:$rcpt_fail_count} out of $rcpt_count
# This is a rough pass at preventing addres harvesting or other mail blasts.
defer log_message = Too many bad recipients ${eval:$rcpt_fail_count} out of $rcpt_count
message = Too many bad recipients, try again later
!hosts = +debianhosts
condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
# Dump spambots that are so stupid they say helo as our IP address
message = Too many bad recipients, try again later
!hosts = +debianhosts
condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
# Dump spambots that are so stupid they say helo as our IP address
- drop !hosts = +debianhosts
- condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
- condition = ${if eq {$sender_helo_name}{$interface_address}{yes}{no}}
- message = HELO mismatch Forged HELO for ($sender_helo_name)
+ drop !hosts = +debianhosts
+ !acl = acl_spamlovers
+ condition = ${if eq {$sender_helo_name}{$interface_address}{yes}{no}}
+ message = HELO mismatch Forged HELO for ($sender_helo_name)
- drop !hosts = +debianhosts
- condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
- condition = ${if match_domain{$sender_helo_name}{$primary_hostname:+handled_domains}}
- condition = ${if !match{$sender_host_name}{${rxquote:$sender_helo_name}\N$\N}}
- message = HELO mismatch Forged HELO for ($sender_helo_name)
+ drop !hosts = +debianhosts
+ !acl = acl_spamlovers
+ condition = ${if match_domain{$sender_helo_name}{$primary_hostname:+handled_domains}}
+ condition = ${if !match{$sender_host_name}{${rxquote:$sender_helo_name}\N$\N}}
+ message = HELO mismatch Forged HELO for ($sender_helo_name)
# This is a failsafe in case DNS fails - we defer instead of hard reject if they
# say helo as a name in the list but we can't look them up
# This is a failsafe in case DNS fails - we defer instead of hard reject if they
# say helo as a name in the list but we can't look them up
- defer !hosts = +debianhosts
- condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
- condition = ${if eq{$acl_m_frg}{}{no}{yes}}
- condition = ${if eq{$sender_host_name}{}{yes}{no}}
- condition = ${if eq{$host_lookup_failed}{1}{no}{yes}}
- message = Access temporarily denied. Resolve failed PTR for $sender_host_address
+ defer !hosts = +debianhosts
+ !acl = acl_spamlovers
+ condition = ${if eq{$acl_m_frg}{}{no}{yes}}
+ condition = ${if eq{$sender_host_name}{}{yes}{no}}
+ condition = ${if eq{$host_lookup_failed}{1}{no}{yes}}
+ message = Access temporarily denied. Resolve failed PTR for $sender_host_address
- drop !hosts = +debianhosts
- condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
- condition = ${if and { {!eq{$acl_m_frg}{}}{!match{$sender_host_name}{${rxquote:$acl_m_frg}\N$\N}}}{yes}{no}}
- message = HELO mismatch Forged HELO for ($sender_helo_name)
+ drop !hosts = +debianhosts
+ !acl = acl_spamlovers
+ condition = ${if and { {!eq{$acl_m_frg}{}}{!match{$sender_host_name}{${rxquote:$acl_m_frg}\N$\N}}}{yes}{no}}
+ message = HELO mismatch Forged HELO for ($sender_helo_name)
- deny local_parts = lsearch;/var/lib/misc/$primary_hostname/mail-disable
- domains = +local_domains
- message = ${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-disable}{$value}}
-
- deny domains = +virtual_domains
- local_parts = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/localonly}}}\
- {${extract{directory}{VDOMAINDATA}{${value}/localonly}}}\
- {}}
- hosts = !+debianhosts
- message = mail for <$local_part@$domain> only accepted from debian.org machines
+ deny local_parts = lsearch;/var/lib/misc/$primary_hostname/mail-disable
+ domains = +local_domains
+ message = ${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-disable}{$value}}
+
+ deny domains = +virtual_domains
+ local_parts = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/localonly}}}\
+ {${extract{directory}{VDOMAINDATA}{${value}/localonly}}}\
+ {}}
+ hosts = !+debianhosts
+ message = mail for <$local_part@$domain> only accepted from debian.org machines
# Accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
# Accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
begin retry
debian.org * F,2h,10m; G,16h,2h,1.5; F,14d,8h
begin retry
debian.org * F,2h,10m; G,16h,2h,1.5; F,14d,8h
* rcpt_4xx F,2h,5m; F,4h,10m; F,4d,15m
* * F,2h,15m; G,16h,2h,1.5; F,4d,8h
* rcpt_4xx F,2h,5m; F,4h,10m; F,4d,15m
* * F,2h,15m; G,16h,2h,1.5; F,4d,8h