X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fexim%2Ffiles%2Fcommon%2Fexim4.conf;h=1d2c4481b7f4c56a976ab59cad0d242220a0a2e0;hb=14d14644e6a24663d0d09777c7988b9d32190637;hp=c28545a5ab36d7d9bc9db5958857fb169d6c87b5;hpb=54bd656455fc085756cf86a3d2b3ccb1b3924582;p=mirror%2Fdsa-puppet.git diff --git a/modules/exim/files/common/exim4.conf b/modules/exim/files/common/exim4.conf index c28545a5a..1d2c4481b 100644 --- a/modules/exim/files/common/exim4.conf +++ b/modules/exim/files/common/exim4.conf @@ -316,6 +316,9 @@ check_helo: #!!# ACL that is used after the RCPT command on the submission port check_submission: + # Accept if the source is local SMTP (i.e. not over TCP/IP). + # We do this by testing for an empty sending host field. + accept hosts = : 127.0.0.1 # Defer after too many bad RCPT TO's. Legit MTAs will retry later. # This is a rough pass at preventing addres harvesting or other mail blasts. @@ -331,6 +334,16 @@ check_submission: ratelimit = 5 / 60m / per_rcpt / $sender_host_address message = sorry, only 5 reports per hour for submission + accept domains = +localhost + endpass + message = unknown user + verify = recipient + + accept domains = +mailhubdomains + endpass + message = unknown user + verify = recipient/callout=30s,defer_ok,use_sender,no_cache + accept domains = +submission_domains endpass message = unknown user @@ -625,7 +638,7 @@ check_recipient: accept domains = +mailhubdomains endpass message = unknown user - verify = recipient/callout,defer_ok + verify = recipient/callout=30s,defer_ok,use_sender,no_cache accept domains = +handled_domains endpass @@ -1174,8 +1187,8 @@ remote_smtp: remote_smtp_smarthost: debug_print = "T: remote_smtp_smarthost for $local_part@$domain" driver = smtp -.ifdef SMARTHOST_PORT - port = SMARTHOST_PORT +.ifdef SMARTHST_PORT + port = SMARTHST_PORT .endif .ifdef USE_TLS tls_tempfail_tryclear = false