smtp_accept_max = 300
smtp_accept_queue = 200
smtp_accept_queue_per_connection = 50
+smtp_accept_reserve = 25
<% else %>
smtp_accept_max = 30
smtp_accept_queue = 20
smtp_accept_queue_per_connection = 10
+smtp_accept_reserve = 5
<% end %>
-smtp_accept_reserve = 25
smtp_reserve_hosts = +debianhosts
split_spool_directory = true
warn domains = +virtual_domains
condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}}
condition = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}{$value}{}}}{markup}}
+ log_message = $local_part@$domain: markup
set acl_m_rprf = markup
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
warn condition = ${if eq{${lookup{$local_part}cdb{/var/lib/misc/${primary_hostname}/mail-contentinspectionaction.cdb}{$value}{}}}{markup}}
+ log_message = $local_part@$domain: markup
set acl_m_rprf = markup
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
warn condition = ${if eq{${lookup{$local_part}cdb{/var/lib/misc/${primary_hostname}/mail-contentinspectionaction.cdb}{$value}{}}}{blackhole}}
+ log_message = $local_part@$domain: blackhole
set acl_m_rprf = blackhole
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
warn domains = +virtual_domains
condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}}
condition = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}{$value}{}}}{blackhole}}
+ log_message = $local_part@$domain: blackhole
set acl_m_rprf = blackhole
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
condition = ${if eq {$acl_m_prf}{blackhole}}
set acl_m_srb = ${perl{surblspamcheck}}
condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
+ log_message = discarded surbl message for $recipients
warn condition = ${if <{$message_size}{256000}}
condition = ${if eq {$acl_m_prf}{markup}}
%>
acl_check_predata:
- deny condition = ${if eq{$acl_m_lcl}{localonly}}
+ deny condition = ${if eq{$acl_m_prf}{localonly}}
message = mail for $acl_m_lrc is only accepted internally
accept
#!!# ACL that is used after the DATA command
check_message:
- require verify = header_syntax
- message = Invalid syntax in the header
-
<%=
out=''
if nodeinfo['rtmaster']
}
message = Mail to this address needs to be PGP-signed
+ accept verify = certificate
+
+ require verify = header_syntax
+ message = Invalid syntax in the header
+
# RFC 822 and 2822 say that headers must be ASCII. This kinda emulates
# postfix's strict_7bit_headers option, but only checks a few common problem
# headers, as there doesn't appear to be an easy way to check them all.
out = ""
if has_variable?("clamd") && clamd == "true"
out = '
- discard condition = ${if eq {$acl_m_prf}{blackhole}{no}{yes}}
+ discard condition = ${if eq {$acl_m_prf}{blackhole}}
demime = *
malware = */defer_ok
+ log_message = discarded malware message for $recipients
deny condition = ${if eq {$acl_m_prf}{markup}{no}{yes}}
demime = *
condition = ${if eq {$acl_m_prf}{blackhole}}
set acl_m_srb = ${perl{surblspamcheck}}
condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
+ log_message = discarded surbl message for $recipients
warn condition = ${if <{$message_size}{256000}}
condition = ${if eq {$acl_m_prf}{markup}}