X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fexim%2Ftemplates%2Feximconf.erb;h=93ec70865135c78922f5c8164212aefa7e6e9b80;hb=6f2e5fc86e49c12b12eef39fc69e0e810a32c318;hp=4158ff9c51212e23915484fa447b80d68e09e8b5;hpb=fc51b83a7a38c3e95e9d9a88ad93ca64e6acbb35;p=mirror%2Fdsa-puppet.git diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb index 4158ff9c5..93ec70865 100644 --- a/modules/exim/templates/eximconf.erb +++ b/modules/exim/templates/eximconf.erb @@ -77,7 +77,7 @@ ###################################################################### <%- if scope.lookupvar('site::nodeinfo').has_key?('heavy_exim') and scope.lookupvar('site::nodeinfo')['heavy_exim'] -%> -# perl_startup = do '/etc/exim4/exim_surbl.pl' + perl_startup = do '/etc/exim4/exim_surbl.pl' <%- end -%> # These options specify the Access Control Lists (ACLs) that @@ -211,7 +211,7 @@ queue_only_load = 8 <%- end -%> queue_list_requires_admin = false -<%- if has_variable?("clamd") && clamd == "true" -%> +<%- if has_variable?("clamd") && @clamd == "true" -%> av_scanner = clamd:/var/run/clamav/clamd.ctl <%- end -%> @@ -269,6 +269,9 @@ GREYLIST_LOCAL_PARTS = ${if match_domain{$domain}{+virtual_domains}\ ${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-greylist}{$local_part}{}} RT_QUEUE_MAP = /srv/rt.debian.org/mail/rt_queue_map +keep_environment = +add_environment = + ###################################################################### # ACL CONFIGURATION # ###################################################################### @@ -660,7 +663,7 @@ check_recipient: ratelimit = 10 / 60m / per_rcpt / $sender_host_address message = slow down (no reverse dns, mismatched ehlo, dialup, or in blacklists) -<%- if has_variable?("policydweight") && policydweight == "true" -%> +<%- if has_variable?("policydweight") && @policydweight == "true" -%> # Check with policyd-weight - this only works with a version after etch's, # sadly. etch's version attempts to hold the socket open, since that's what # postfix expects. Exim, on the other hand, expects the remote side to close @@ -731,7 +734,7 @@ check_recipient: <%- end -%> -<%- if has_variable?("greylistd") && greylistd == "true" -%> +<%- if has_variable?("greylistd") && @greylistd == "true" -%> defer message = $sender_host_address is not yet authorized to deliver mail from <$sender_address> to <$local_part@$domain>. log_message = greylisted. @@ -756,7 +759,7 @@ check_recipient: $local_part@$domain}\ {5s}{}{false}} -<%- elsif has_variable?("postgrey") && postgrey == "true" -%> +<%- elsif has_variable?("postgrey") && @postgrey == "true" -%> # next three are greylisting, inspired by http://www.bebt.de/blog/debian/archives/2006/07/30/T06_12_27/index.html # this adds acl_m_grey if there isn't one (so unique per message) warn @@ -868,25 +871,25 @@ acl_check_mime: accept verify = certificate accept hosts = +debianhosts -# discard condition = ${if <{$message_size}{256000}} -# condition = ${if eq {$acl_m_prf}{blackhole}} -# set acl_m_srb = ${perl{surblspamcheck}} -# condition = ${if eq{$acl_m_srb}{false}{no}{yes}} -# log_message = discarded surbl message for $recipients -# -# deny condition = ${if <{$message_size}{256000}} -# condition = ${if eq {$acl_m_prf}{markup}{no}{yes}} -# condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}} -# set acl_m_srb = ${perl{surblspamcheck}} -# condition = ${if eq{$acl_m_srb}{false}{no}{yes}} -# log_message = $acl_m_srb -# message = $acl_m_srb -# -# warn condition = ${if <{$message_size}{256000}} -# condition = ${if eq {$acl_m_prf}{markup}} -# set acl_m_srb = ${perl{surblspamcheck}} -# condition = ${if eq{$acl_m_srb}{false}{no}{yes}} -# message = X-Surbl-Hit: $primary_hostname: $acl_m_srb + discard condition = ${if <{$message_size}{256000}} + condition = ${if eq {$acl_m_prf}{blackhole}} + set acl_m_srb = ${perl{surblspamcheck}} + condition = ${if eq{$acl_m_srb}{false}{no}{yes}} + log_message = discarded surbl message for $recipients + + deny condition = ${if <{$message_size}{256000}} + condition = ${if eq {$acl_m_prf}{markup}{no}{yes}} + condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}} + set acl_m_srb = ${perl{surblspamcheck}} + condition = ${if eq{$acl_m_srb}{false}{no}{yes}} + log_message = $acl_m_srb + message = $acl_m_srb + + warn condition = ${if <{$message_size}{256000}} + condition = ${if eq {$acl_m_prf}{markup}} + set acl_m_srb = ${perl{surblspamcheck}} + condition = ${if eq{$acl_m_srb}{false}{no}{yes}} + message = X-Surbl-Hit: $primary_hostname: $acl_m_srb accept @@ -953,7 +956,7 @@ check_message: condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}} message = Your mailer is not RFC 2047 compliant: message rejected -<%- if has_variable?("clamd") && clamd == "true" -%> +<%- if has_variable?("clamd") && @clamd == "true" -%> discard condition = ${if eq {$acl_m_prf}{blackhole}} demime = * malware = */defer_ok @@ -972,25 +975,25 @@ check_message: <%- end -%> <%- if scope.lookupvar('site::nodeinfo').has_key?('heavy_exim') and scope.lookupvar('site::nodeinfo')['heavy_exim'] -%> -# discard condition = ${if <{$message_size}{256000}} -# condition = ${if eq {$acl_m_prf}{blackhole}} -# set acl_m_srb = ${perl{surblspamcheck}} -# condition = ${if eq{$acl_m_srb}{false}{no}{yes}} -# log_message = discarded surbl message for $recipients -# -# deny condition = ${if <{$message_size}{256000}} -# condition = ${if eq {$acl_m_prf}{markup}{no}{yes}} -# condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}} -# set acl_m_srb = ${perl{surblspamcheck}} -# condition = ${if eq{$acl_m_srb}{false}{no}{yes}} -# log_message = $acl_m_srb -# message = $acl_m_srb -# -# warn condition = ${if <{$message_size}{256000}} -# condition = ${if eq {$acl_m_prf}{markup}} -# set acl_m_srb = ${perl{surblspamcheck}} -# condition = ${if eq{$acl_m_srb}{false}{no}{yes}} -# message = X-Surbl-Hit: $primary_hostname: $acl_m_srb + discard condition = ${if <{$message_size}{256000}} + condition = ${if eq {$acl_m_prf}{blackhole}} + set acl_m_srb = ${perl{surblspamcheck}} + condition = ${if eq{$acl_m_srb}{false}{no}{yes}} + log_message = discarded surbl message for $recipients + + deny condition = ${if <{$message_size}{256000}} + condition = ${if eq {$acl_m_prf}{markup}{no}{yes}} + condition = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}} + set acl_m_srb = ${perl{surblspamcheck}} + condition = ${if eq{$acl_m_srb}{false}{no}{yes}} + log_message = $acl_m_srb + message = $acl_m_srb + + warn condition = ${if <{$message_size}{256000}} + condition = ${if eq {$acl_m_prf}{markup}} + set acl_m_srb = ${perl{surblspamcheck}} + condition = ${if eq{$acl_m_srb}{false}{no}{yes}} + message = X-Surbl-Hit: $primary_hostname: $acl_m_srb <%- end -%> # Check header_sender except for survey@popcon.d.o @@ -1022,7 +1025,7 @@ check_message: begin rewrite -\N^buildd_(.*)@franck\.debian\.org$\N buildd_$1@buildd.debian.org T +\N^buildd_(.*)@fasolo\.debian\.org$\N buildd_$1@buildd.debian.org T *@debian.org ${lookup{$1}cdb{/var/lib/misc/${primary_hostname}/mail-forward.cdb}{$value}fail} T *@people.debian.org ${lookup{$1}cdb{/var/lib/misc/${primary_hostname}/mail-forward.cdb}{$value}fail} T #*@${primary_hostname} "${if exists{/etc/exim4/email-addresses}{${lookup{$1}lsearch{/etc/exim4/email-addresses}{$value}fail}}fail}" fFs