we also need to accept mail for local domains on 587, strangely

[mirror/dsa-puppet.git] / modules / exim / files / common / exim4.conf

diff --git a/modules/exim/files/common/exim4.conf b/modules/exim/files/common/exim4.conf
index c28545a..1d2c448 100644 (file)
--- a/modules/exim/files/common/exim4.conf
+++ b/modules/exim/files/common/exim4.conf
@@ -316,6 +316,9 @@ check_helo:
 #!!# ACL that is used after the RCPT command on the submission port
 check_submission:
 
+  # Accept if the source is local SMTP (i.e. not over TCP/IP).
+  # We do this by testing for an empty sending host field.
+  accept  hosts = : 127.0.0.1
   # Defer after too many bad RCPT TO's.  Legit MTAs will retry later.
   # This is a rough pass at preventing addres harvesting or other mail blasts.
 
@@ -331,6 +334,16 @@ check_submission:
           ratelimit      = 5 / 60m / per_rcpt / $sender_host_address
           message        = sorry, only 5 reports per hour for submission
 
+  accept  domains  = +localhost
+          endpass
+         message  = unknown user
+         verify   = recipient
+
+  accept  domains  = +mailhubdomains
+          endpass
+         message  = unknown user
+         verify   = recipient/callout=30s,defer_ok,use_sender,no_cache
+
   accept  domains  = +submission_domains
           endpass
          message  = unknown user
@@ -625,7 +638,7 @@ check_recipient:
   accept  domains  = +mailhubdomains
           endpass
          message  = unknown user
-         verify   = recipient/callout,defer_ok
+         verify   = recipient/callout=30s,defer_ok,use_sender,no_cache
 
   accept  domains  = +handled_domains
           endpass
@@ -1174,8 +1187,8 @@ remote_smtp:
 remote_smtp_smarthost:
   debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
   driver = smtp
-.ifdef SMARTHOST_PORT
-  port = SMARTHOST_PORT
+.ifdef SMARTHST_PORT
+  port = SMARTHST_PORT
 .endif
 .ifdef USE_TLS
   tls_tempfail_tryclear = false