localpartlist local_only_users = lsearch;/etc/exim4/localusers
+localpartlist postmasterish = postmaster : abuse : hostmaster : root
+
# Domains we relay for; that is domains that aren't considered local but we
# accept mail for them.
domainlist rcpthosts = partial-lsearch;/etc/exim4/rcpthosts
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
warn domains = +virtual_domains
- condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/mail-contentinspectionaction}}}}
- condition = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/mail-contentinspectionaction}}}{$value}{}}}{markup}}
+ condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}}
+ condition = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}{$value}{}}}{markup}}
set acl_m_rprf = markup
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
warn domains = +virtual_domains
- condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/mail-contentinspectionaction}}}}
- condition = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/mail-contentinspectionaction}}}{$value}{}}}{blackhole}}
+ condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}}
+ condition = ${if eq{${lookup{$local_part}lsearch*{${extract{directory}{VDOMAINDATA}{${value}/contentinspectionaction}}}{$value}{}}}{blackhole}}
set acl_m_rprf = blackhole
accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}}
out
%>
- accept local_parts = postmaster
+ accept local_parts = +postmasterish
domains = +handled_domains : +rcpthosts
+ deny hosts = ${if exists{/etc/exim4/host_blacklist}{/etc/exim4/host_blacklist}{}}
+ message = I'm terribly sorry, but it seems you have been blacklisted
+ log_message = blacklisted IP
+
deny log_message = <$sender_address> is blacklisted
senders = ${if exists{/etc/exim4/blacklist}{/etc/exim4/blacklist}{}}
message = We have blacklisted <$sender_address>. Please stop mailing us
out='
acl_check_mime:
+ discard condition = ${if <{$message_size}{256000}}
+ condition = ${if eq {$acl_m_prf}{blackhole}}
+ set acl_m_srb = ${perl{surblspamcheck}}
+ condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
+ log_message = discarded surbl message for $recipients
+
warn condition = ${if <{$message_size}{256000}}
condition = ${if eq {$acl_m_prf}{markup}}
set acl_m_srb = ${perl{surblspamcheck}}
condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
- message = X-Surbl-Hit: $acl_m_srb
+ message = X-Surbl-Hit: $primary_hostname: $acl_m_srb
accept condition = ${if eq {$acl_m_prf}{markup}}
out = ""
if has_variable?("clamd") && clamd == "true"
out = '
- # FIXME: make blackhole work
+ discard condition = ${if eq {$acl_m_prf}{blackhole}{no}{yes}}
+ demime = *
+ malware = */defer_ok
+ log_message = discarded malware message for $recipients
+
deny condition = ${if eq {$acl_m_prf}{markup}{no}{yes}}
demime = *
malware = */defer_ok
out=''
if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty?
out='
+ discard condition = ${if <{$message_size}{256000}}
+ condition = ${if eq {$acl_m_prf}{blackhole}}
+ set acl_m_srb = ${perl{surblspamcheck}}
+ condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
+ log_message = discarded surbl message for $recipients
+
warn condition = ${if <{$message_size}{256000}}
condition = ${if eq {$acl_m_prf}{markup}}
set acl_m_srb = ${perl{surblspamcheck}}
condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
- message = X-Surbl-Hit: $acl_m_srb
+ message = X-Surbl-Hit: $primary_hostname: $acl_m_srb
accept condition = ${if eq {$acl_m_prf}{markup}}
ignore_target_hosts = +reservedaddrs
no_more
+postmasterish:
+ debug_print = "R: postmasterish for $local_part@$domain"
+ driver = redirect
+ verify = false
+ unseen = true
+ expn = true
+ local_parts = +postmasterish
+ domains = +handled_domains
+ data = debian-admin@debian.org
+ headers_add = "Delivered-To: ${local_part}${local_part_suffix}@${domain}"
+
# This router handles aliasing using a traditional /etc/aliases file.
# If any of your aliases expand to pipes or files, you will need to set
# up a user and a group for these deliveries to run under. You can do