# is much like a local domain, execpt that the delivery location
# and allowed set of users is controlled by a virtual domain
# alias file and not /etc/passwd. Wildcards are permitted
-# rcpthosts - recipient hosts or relay domains. This is a list of
-# all hosts that we mail exchange for. All domains that list
-# this host in their MX records should be listed here. Wildcards
-# are permitted.
# relayhosts - Hostnames that can send any arbitarily addressed mail to
# us. This is primarily only usefull for emergancy 'queue
# flushing' operations, but should be populated with a list
# Domains we relay for; that is domains that aren't considered local but we
# accept mail for them.
-domainlist rcpthosts = partial-lsearch;/etc/exim4/rcpthosts
hostlist debianhosts = 127.0.0.1 : net-lsearch;/var/lib/misc/thishost/debianhosts
<%=
out = ""
<% if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty? %>
queue_run_max = 50
deliver_queue_load_max = 50
-queue_only_load = 15
+queue_only_load = 35
+smtp_load_reserve = 20
<% else %>
queue_run_max = 5
deliver_queue_load_max = 10
out = "daemon_smtp_ports = "
ports << 25
-if nodeinfo['bugsmaster']
+if nodeinfo['bugsmaster'] or nodeinfo['bugsmx']
ports << 587
end
%>
<%=
-out = ""
if nodeinfo['smarthost'].empty?
out = '
# These are in HELO acl so that they are only run once. They increment a counter,
log_message = random HELO
set acl_c_scr = ${eval:$acl_c_scr+5}
'
+else
+ out = '
+ drop !hosts = +debianhosts
+ log_message = mail from non-d.o host
+ message = Interesting. I doubt that should have happened.
+'
end
out
%>
accept domains = +local_domains
hosts = +debianhosts
endpass
- message = unknown user
verify = recipient
<%=
out = '
accept domains = +mailhubdomains
endpass
- message = unknown user
verify = recipient/callout=30s,defer_ok,use_sender,no_cache
'
end
accept domains = +submission_domains
endpass
- message = unknown user
verify = recipient
deny message = relay not permitted
{/var/lib/greylistd/whitelist-hosts}{}}
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
- domains = +handled_domains : +rcpthosts
+ domains = +handled_domains
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
$sender_host_address \
!hosts = : +debianhosts : WHITELIST
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
- domains = +handled_domains : +rcpthosts
+ domains = +handled_domains
local_parts = GREYLIST_LOCAL_PARTS
set acl_m_pgr = request=smtpd_access_policy\n\
protocol_state=RCPT\n\
!hosts = : +debianhosts : WHITELIST
condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
!authenticated = *
- domains = +handled_domains : +rcpthosts
+ domains = +handled_domains
local_parts = GREYLIST_LOCAL_PARTS
condition = ${if eq{${uc:${substr_0_7:$acl_m_pgr}}}{PREPEND}}
message = ${sg{$acl_m_pgr}{^\\\\w+\\\\s*}{}}
%>
accept local_parts = +postmasterish
- domains = +handled_domains : +rcpthosts
+ domains = +handled_domains
deny hosts = ${if exists{/etc/exim4/host_blacklist}{/etc/exim4/host_blacklist}{}}
message = I'm terribly sorry, but it seems you have been blacklisted
{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rbllist}}}{$value}{}}}{}}}\
{${lookup{$local_part}lsearch{/etc/exim4/rbllist}{$value}{}} : \
${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rbl}{$value}{}}}}
- domains = +handled_domains : +rcpthosts
+ domains = +handled_domains
!hosts = +debianhosts : WHITELIST
'
end
{${expand:${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/rhsbllist}}}{$value}{}}}}{}}}\
{${expand:${lookup{$local_part}lsearch{/etc/exim4/rhsbllist}{$value}{}}} : \
${expand:${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-rhsbl}{$value}{}}}}}
- domains = +handled_domains : +rcpthosts
+ domains = +handled_domains
!hosts = +debianhosts : WHITELIST
<%=
out = ""
if nodeinfo['smarthost'].empty?
out = '
- deny domains = +handled_domains : +rcpthosts
+ deny domains = +handled_domains
local_parts = ${if match_domain{$domain}{+virtual_domains}\
{${if exists {${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}\
{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/callout_users}}}{$local_part}{}}}{}}}\
out = '
accept domains = +mailhubdomains
endpass
- message = unknown user
verify = recipient/callout=30s,defer_ok,use_sender,no_cache
'
end
%>
accept domains = +handled_domains
endpass
- message = unknown user
verify = recipient/defer_ok
- accept domains = +rcpthosts
- endpass
- message = unrouteable address
- verify = recipient
-
accept hosts = +debianhosts
accept authenticated = *
<%=
out = ""
-if nodeinfo['bugsmaster']
+if nodeinfo['bugsmaster'] or nodeinfo['bugsmx']
+ domain = 'bugs.debian.org'
+ if nodeinfo['bugsmaster']
+ domain = 'bugs-master.debian.org'
+ end
out = '
# This router delivers for bugs.d.o
bugs:
debug_print = "R: bugs for $local_part@$domain"
driver = accept
transport = bugs_pipe
- domains = bugs.debian.org
+ domains = ' + domain + '
cannot_route_message = Unknown or archived bug
require_files = /org/bugs.debian.org/mail/run-procmail
no_more
local_parts = ${if match\
{$local_part}\
- {\N^(\d+)(\d{2})(?:-(?:(?:submit|maintonly|quiet|forwarded|done|close|request|submitter)|(?:unsubscribe|ignore|(?:sub(?:scribe|help|yes|approve|reject))|unsubyes|bounce|probe|approve|reject|setlistyes|setlistsilentyes).*))?$\N}\
+ {\N^(\d+)(\d{2})(?:-(?:(?:submit|maintonly|quiet|forwarded|done|close|request|submitter)|(?:unsubscribe|ignore|help|(?:sub(?:scribe|help|yes|approve|reject))|unsubyes|bounce|probe|approve|reject|setlistyes|setlistsilentyes).*))?$\N}\
{${if exists{/org/bugs.debian.org/spool/db-h/$2/$1$2.summary}\
{$local_part}fail}}fail}
'
out
%>
-virt_alias_verify:
- debug_print = "R: virt_aliases for $local_part@$domain"
- driver = redirect
- data = ${if exists{\
- ${extract{directory}{VDOMAINDATA}{${value}/aliases}}}\
- {${lookup{$local_part}lsearch*{\
- ${extract{directory}{VDOMAINDATA}{$value/aliases}}\
- }}}}
- directory_transport = address_directory
- cannot_route_message = Unknown user
- domains = +virtual_domains
- file_transport = address_file
- pipe_transport = address_pipe
- qualify_preserve_domain
- retry_use_local_part
- transport_current_directory = ${extract{directory}{VDOMAINDATA}}
- transport_home_directory = ${extract{directory}{VDOMAINDATA}}
- verify_only
-
virt_direct_verify:
debug_print = "R: virt_direct for $local_part@$domain"
driver = redirect
retry_use_local_part
transport_current_directory = ${extract{directory}{VDOMAINDATA}}
transport_home_directory = ${extract{directory}{VDOMAINDATA}}
- no_verify
user = ${extract{user}{VDOMAINDATA}}
# This is a qmailesque deliver into a directory of .forward files
<%=
out = ""
-if nodeinfo['bugsmaster']
+if nodeinfo['bugsmaster'] or nodeinfo['bugsmx']
out = '
bugs_pipe:
driver = pipe