From: Stephen Gran <steve@lobefin.net>
Date: Sun, 5 Apr 2009 12:50:03 +0000 (+0100)
Subject: Allow relaying by certs
X-Git-Url: https://git.adam-barratt.org.uk/?a=commitdiff_plain;h=c3b45e9d62f33d4825f42829e150be6a6ab1a85f;p=mirror%2Fdsa-puppet.git

Allow relaying by certs
Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/modules/exim/files/common/exim4.conf b/modules/exim/files/common/exim4.conf
index b84b4777c..979cefac4 100644
--- a/modules/exim/files/common/exim4.conf
+++ b/modules/exim/files/common/exim4.conf
@@ -197,7 +197,7 @@ queue_list_requires_admin = false
 av_scanner = CLAMAV
 .endif
 
-.ifdef HAVE_USER_DEBBUGS
+.ifdef HAVE_USER_DEBBUGS MAIL_RELAY
 daemon_smtp_ports = 25 : 587
 .endif
 
@@ -319,6 +319,10 @@ check_submission:
   # Defer after too many bad RCPT TO's.  Legit MTAs will retry later.
   # This is a rough pass at preventing addres harvesting or other mail blasts.
 
+.ifdef MAIL_RELAY
+  accept  verify   = certificate
+.endif
+
   defer  log_message   = Too many bad recipients ${eval:$rcpt_fail_count} out of $rcpt_count
          message       = Too many bad recipients, try again later
          condition     = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
@@ -337,6 +341,10 @@ check_submission:
 #!!# ACL that is used after the RCPT command
 check_recipient:
 
+.ifdef MAIL_RELAY
+  accept  verify   = certificate
+.endif
+
   # Defer after too many bad RCPT TO's.  Legit MTAs will retry later.
   # This is a rough pass at preventing addres harvesting or other mail blasts.