acl_smtp_helo = check_helo
acl_smtp_rcpt = ${if ={$interface_port}{587} {check_submission}{check_recipient}}
acl_smtp_data = check_message
+<%=
+out=''
+if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty?
+ out = "acl_smtp_mime = acl_check_mime"
+end
+out
+%>
# accept domain literal syntax in e-mail addresses. To actually make use of
# this a router is also required
out='
warn domains = rt.debian.org
set acl_m1 = RTMail
- set acl_m12 = ${if def:acl_m12 {$acl_m12} {${if or{{match{$local_part}{[^+]+\\+\\d+}}{match{$local_part}{[^+]+\\+new}}} {RTMailRecipientHasSubaddress}}}}
+ set acl_m12 = ${if def:acl_m12 {$acl_m12} {${if or{{match{$local_part}{\N[^+]+\+\d+\N}}{match{$local_part}{\N[^+]+\+new\N}}} {RTMailRecipientHasSubaddress}}}}
'
end
out
%>
<%=
out=''
-if nodeinfo['packagesmaster']
+if nodeinfo['packagesqamaster']
out='
warn domains = packages.qa.debian.org
set acl_m1 = PTSMail
deny message = relay not permitted
+<%=
+out=''
+if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty?
+out='
+acl_check_mime:
+
+ deny condition = ${if <{$message_size}{256000}}
+ set acl_m5 = ${perl{surblspamcheck}}
+ condition = ${if eq{$acl_m5}{false}{no}{yes}}
+ log_message = $acl_m5
+ message = $acl_m5
+
+ accept
+'
+end
+out
+%>
+
#!!# ACL that is used after the DATA command
check_message:
require verify = header_syntax
out='
deny condition = ${if eq {$acl_m1}{RTMail}}
condition = ${if and{{!match {${lc:$rh_Subject:}} {debian rt}} \
- {!match {${lc:$rh_Subject:]}} {\\[rt.debian.org }} \
+ {!match {${lc:$rh_Subject:]}} {\N\[rt.debian.org \N}} \
{!match {$acl_m12}{RTMailRecipientHasSubaddress}}}}
message = messages to the Request Tracker system require a subject tag or a subaddress
'
%>
<%=
out=''
-if nodeinfo['packagesmaster']
+if nodeinfo['packagesqamaster']
out='
deny !hosts = +debianhosts : 217.196.43.134
condition = ${if eq {$acl_m1}{PTSMail}}
projects / mirror / dsa-puppet.git / blobdiff