X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fexim%2Ftemplates%2Feximconf.erb;h=05d79fb0fc014e3763a53920922372f5b868049e;hb=cb406afb7d640308d5fc9b25fef6f8512d8e24b6;hp=71fc945fc0aa959bef06013f6e08a7b27ca9226e;hpb=71cc21394494ce9d3047caed725683c1f8beee23;p=mirror%2Fdsa-puppet.git diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb index 71fc945fc..05d79fb0f 100644 --- a/modules/exim/templates/eximconf.erb +++ b/modules/exim/templates/eximconf.erb @@ -211,7 +211,7 @@ queue_only_load = 8 <%- end -%> queue_list_requires_admin = false -<%- if has_variable?("clamd") && clamd == "true" -%> +<%- if has_variable?("clamd") && @clamd -%> av_scanner = clamd:/var/run/clamav/clamd.ctl <%- end -%> @@ -220,7 +220,7 @@ ports = [] out = "daemon_smtp_ports = " ports << 25 -if @is_bugsmaster or @is_bugsmx +if @is_bugsmx ports << 587 end @@ -317,7 +317,7 @@ acl_getprofile: accept condition = ${if eq {$acl_m_rprf}{}{no}{yes}} <%- end -%> -<%- if @is_bugsmaster or @is_bugsmx -%> +<%- if @is_bugsmx -%> warn domains = bugs.debian.org set acl_m_rprf = BugsMail @@ -663,7 +663,7 @@ check_recipient: ratelimit = 10 / 60m / per_rcpt / $sender_host_address message = slow down (no reverse dns, mismatched ehlo, dialup, or in blacklists) -<%- if has_variable?("policydweight") && policydweight == "true" -%> +<%- if has_variable?("policydweight") && @policydweight -%> # Check with policyd-weight - this only works with a version after etch's, # sadly. etch's version attempts to hold the socket open, since that's what # postfix expects. Exim, on the other hand, expects the remote side to close @@ -734,7 +734,7 @@ check_recipient: <%- end -%> -<%- if has_variable?("greylistd") && greylistd == "true" -%> +<%- if has_variable?("greylistd") && @greylistd -%> defer message = $sender_host_address is not yet authorized to deliver mail from <$sender_address> to <$local_part@$domain>. log_message = greylisted. @@ -759,7 +759,7 @@ check_recipient: $local_part@$domain}\ {5s}{}{false}} -<%- elsif has_variable?("postgrey") && postgrey == "true" -%> +<%- elsif has_variable?("postgrey") && @postgrey -%> # next three are greylisting, inspired by http://www.bebt.de/blog/debian/archives/2006/07/30/T06_12_27/index.html # this adds acl_m_grey if there isn't one (so unique per message) warn @@ -782,7 +782,11 @@ check_recipient: protocol_name=${uc:$received_protocol}\n\ instance=${acl_m_grey}\n\ helo_name=${sender_helo_name}\n\ +<%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%> client_address=${substr_-3:${mask:$sender_host_address/24}}\n\ +<%- else -%> + client_address=${sender_host_address}\n\ +<%- end -%> client_name=${sender_host_name}\n\ sender=${sender_address}\n\ recipient=$local_part@$domain\n\n @@ -956,20 +960,26 @@ check_message: condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}} message = Your mailer is not RFC 2047 compliant: message rejected -<%- if has_variable?("clamd") && clamd == "true" -%> +<%- if has_variable?("clamd") && @clamd -%> discard condition = ${if eq {$acl_m_prf}{blackhole}} + <%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%> demime = * + <%- end -%> malware = */defer_ok log_message = discarded malware message for $recipients deny condition = ${if eq {$acl_m_prf}{markup}{no}{yes}} condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}} + <%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%> demime = * + <%- end -%> malware = */defer_ok message = malware detected: $malware_name: message rejected warn condition = ${if eq {$acl_m_prf}{markup}} + <%- if scope.call_function('versioncmp', [@lsbmajdistrelease, '8']) <= 0 -%> demime = * + <%- end -%> malware = */defer_ok message = X-malware detected: $malware_name @@ -1025,7 +1035,6 @@ check_message: begin rewrite -\N^buildd_(.*)@franck\.debian\.org$\N buildd_$1@buildd.debian.org T \N^buildd_(.*)@fasolo\.debian\.org$\N buildd_$1@buildd.debian.org T *@debian.org ${lookup{$1}cdb{/var/lib/misc/${primary_hostname}/mail-forward.cdb}{$value}fail} T *@people.debian.org ${lookup{$1}cdb{/var/lib/misc/${primary_hostname}/mail-forward.cdb}{$value}fail} T @@ -1459,11 +1468,8 @@ virt_users: <%= out = "" -if @is_bugsmaster or @is_bugsmx +if @is_bugsmx domain = 'bugs.debian.org' - if @is_bugsmaster - domain = 'bugs-master.debian.org' - end out = ' # This router delivers for bugs.d.o bugs: @@ -1472,12 +1478,12 @@ bugs: transport = bugs_pipe domains = ' + domain + ' cannot_route_message = Unknown or archived bug - require_files = /org/bugs.debian.org/mail/run-procmail + require_files = /srv/bugs.debian.org/mail/run-procmail no_more local_parts = ${if match\ {$local_part}\ {\N^(\d+)(\d{2})(?:-(?:(?:submit|maintonly|quiet|forwarded|done|close|request|submitter)|(?:unsubscribe|ignore|help|(?:sub(?:scribe|help|yes|approve|reject))|unsubyes|bounce|probe|approve|reject|setlistyes|setlistsilentyes).*))?$\N}\ - {${if exists{/org/bugs.debian.org/spool/db-h/$2/$1$2.summary}\ + {${if exists{/srv/bugs.debian.org/spool/db-h/$2/$1$2.summary}\ {$local_part}fail}}fail} ' end @@ -1613,10 +1619,10 @@ bsmtp: {$value}fail}\ }} -<%- if @is_bugsmaster or @is_bugsmx -%> +<%- if @is_bugsmx -%> bugs_pipe: driver = pipe - command = /org/bugs.debian.org/mail/run-procmail + command = /srv/bugs.debian.org/mail/run-procmail environment = "EXTENSION=${substr_1:${local_part_suffix}}:\ EXT=${substr_1:${local_part_suffix}}:\ LOCAL=${local_part}${local_part_suffix}:\