shrink size of reserve-list on ! busy-exim machines

[mirror/dsa-puppet.git] / modules / exim / templates / eximconf.erb

diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index f156a03..5d154af 100644 (file)
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -203,12 +203,13 @@ smtp_accept_max_per_host = ${if match_ip {$sender_host_address}{+debianhosts}{0}
 smtp_accept_max = 300
 smtp_accept_queue = 200
 smtp_accept_queue_per_connection = 50
+smtp_accept_reserve = 25
 <% else %>
 smtp_accept_max = 30
 smtp_accept_queue = 20
 smtp_accept_queue_per_connection = 10
+smtp_accept_reserve = 5
 <% end %>
-smtp_accept_reserve = 25
 smtp_reserve_hosts = +debianhosts
 
 split_spool_directory = true
@@ -372,16 +373,19 @@ out
   warn    domains        = +virtual_domains
           condition      = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}}
           condition      = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}{$value}{}}}{markup}}
+          log_message    = $local_part@$domain: markup
           set acl_m_rprf = markup
 
   accept  condition      = ${if eq {$acl_m_rprf}{}{no}{yes}}
 
   warn    condition      = ${if eq{${lookup{$local_part}cdb{/var/lib/misc/${primary_hostname}/mail-contentinspectionaction.cdb}{$value}{}}}{markup}}
+          log_message    = $local_part@$domain: markup
           set acl_m_rprf = markup
 
   accept  condition      = ${if eq {$acl_m_rprf}{}{no}{yes}}
 
   warn    condition      = ${if eq{${lookup{$local_part}cdb{/var/lib/misc/${primary_hostname}/mail-contentinspectionaction.cdb}{$value}{}}}{blackhole}}
+          log_message    = $local_part@$domain: blackhole
           set acl_m_rprf = blackhole
 
   accept  condition      = ${if eq {$acl_m_rprf}{}{no}{yes}}
@@ -389,6 +393,7 @@ out
   warn    domains        = +virtual_domains
           condition      = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}}
           condition      = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}{$value}{}}}{blackhole}}
+          log_message    = $local_part@$domain: blackhole
           set acl_m_rprf = blackhole
 
   accept  condition      = ${if eq {$acl_m_rprf}{}{no}{yes}}
@@ -914,7 +919,7 @@ out
 %>
 
 acl_check_predata:
-  deny   condition     = ${if eq{$acl_m_lcl}{localonly}}
+  deny   condition     = ${if eq{$acl_m_prf}{localonly}}
          message       = mail for $acl_m_lrc is only accepted internally
 
   accept
@@ -922,9 +927,6 @@ acl_check_predata:
 
 #!!# ACL that is used after the DATA command
 check_message:
-  require verify = header_syntax
-          message = Invalid syntax in the header
-
 <%=
 out=''
 if nodeinfo['rtmaster']
@@ -960,6 +962,11 @@ out
                             }
           message        = Mail to this address needs to be PGP-signed
 
+  accept verify  = certificate
+
+  require verify = header_syntax
+          message = Invalid syntax in the header
+
 # RFC 822 and 2822 say that headers must be ASCII.  This kinda emulates
 # postfix's strict_7bit_headers option, but only checks a few common problem
 # headers, as there doesn't appear to be an easy way to check them all.
@@ -978,7 +985,7 @@ out
 out = ""
 if has_variable?("clamd") && clamd == "true"
 out = '
-  discard condition       = ${if eq {$acl_m_prf}{blackhole}{no}{yes}}
+  discard condition       = ${if eq {$acl_m_prf}{blackhole}}
           demime          = *
           malware         = */defer_ok
           log_message     = discarded malware message for $recipients