gecos_name = $1
# Do *not* include the body of the original message in a bounce
-# The combinaton of bounce_return_message and bounce_return_body
+# The combination of bounce_return_message and bounce_return_body
# allows us to return only the headers within a bounce
bounce_return_message = true
+queue_time_overall \
+deliver_time \
+received_recipients \
+ +sender_on_delivery \
+ +return_path_on_delivery \
+ +incoming_port \
+unknown_in_list \
+smtp_connection \
+smtp_incomplete_transaction \
hosts = !+debianhosts
message = mail from <$sender_address> not allowed externally
- deny condition = ${if match_domain{$sender_address_domain}{+virtual_domains}}
+ deny sender_domains= +virtual_domains
condition = ${if exists {${extract{directory}{VSENDERDOMAINDATA}{${value}/neversenders}}}}
condition = ${lookup{$sender_address_local_part}lsearch{${extract{directory}{VSENDERDOMAINDATA}{${value}/neversenders}}}{true}}
message = no mail should ever come from <$sender_address>
deny condition = ${if !eq {$acl_m_prf}{PopconMail}}
!verify = sender
+ warn !hosts = +debianhosts
+ condition = ${if !eq {$acl_m_prf}{PopconMail}}
+ condition = ${if >{${eval:$acl_c_scr+0}}{0}}
+ ratelimit = 10 / 60m / per_rcpt / strict / $sender_host_address
+ log_message = Sender rate $sender_rate / $sender_rate_period (limit: $sender_rate_limit)
+
defer !hosts = +debianhosts
condition = ${if !eq {$acl_m_prf}{PopconMail}}
condition = ${if >{${eval:$acl_c_scr+0}}{0}}
protocol_name=${uc:$received_protocol}\n\
instance=${acl_m_grey}\n\
helo_name=${sender_helo_name}\n\
-<%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%>
- client_address=${substr_-3:${mask:$sender_host_address/24}}\n\
-<%- else -%>
client_address=${sender_host_address}\n\
-<%- end -%>
client_name=${sender_host_name}\n\
sender=${sender_address}\n\
recipient=$local_part@$domain\n\n
<%- if has_variable?("clamd") && @clamd -%>
discard condition = ${if eq {$acl_m_prf}{blackhole}}
- <%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%>
- demime = *
- <%- end -%>
malware = */defer_ok
log_message = discarded malware message for $recipients
deny condition = ${if !eq {$acl_m_prf}{markup}}
condition = ${if !eq {$acl_m_prf}{PopconMail}}
- <%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%>
- demime = *
- <%- end -%>
malware = */defer_ok
message = malware detected: $malware_name: message rejected
warn condition = ${if eq {$acl_m_prf}{markup}}
- <%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%>
- demime = *
- <%- end -%>
malware = */defer_ok
message = X-malware detected: $malware_name
# RETRY CONFIGURATION #
######################################################################
-# This single retry rule applies to all domains and all errors. It specifies
-# retries every 15 minutes for 2 hours, then increasing retry intervals,
-# starting at 2 hours and increasing each time by a factor of 1.5, up to 16
-# hours, then retries every 8 hours until 4 days have passed since the first
-# failed delivery.
-
# Domain Error Retries
# ------ ----- -------
-
begin retry
+## Note that retry rules specify when an address / host / mail should
+## become eligible for retrying. They do not specify when the retry
+## attempt will actually occur, as this is dependent on queue run
+## frequency and timing.
+
+# For mail to debian.org addresses, this rule starts with
+# retries every 10 minutes for 2 hours, then increasing retry intervals,
+# starting at 2 hours and increasing each time by a factor of 1.5, up to 16
+# hours, then retries every 8 hours until 14 days have passed since the first
+# failed delivery.
debian.org * F,2h,10m; G,16h,2h,1.5; F,14d,8h
+
+# Bounces should get retried every 10 minutes for up to 2 hours
* * senders=: F,2h,10m
+
+# Temporary errors at RCPT TO get retried at 5 minute intervals for
+# 2 hours, then 10 minute intervals for 4 hours, and finally at 15
+# minute intervals for 4 days. This assumes that the cause of the
+# error will get resolved quickly in most cases.
* rcpt_4xx F,2h,5m; F,4h,10m; F,4d,15m
+
+# For all remaining mails, addresses and hosts, this rule starts with
+# retries every 15 minutes for 2 hours, then increasing retry intervals,
+# starting at 2 hours and increasing each time by a factor of 1.5, up to 16
+# hours, then retries every 8 hours until 4 days have passed since the first
+# failed delivery.
* * F,2h,15m; G,16h,2h,1.5; F,4d,8h
# End of Exim 4 configuration