{${lookup{$local_part}lsearch{/etc/exim4/grey_users}{$local_part}{}}}} : \
${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-greylist}{$local_part}{}}
<%- if @is_rtmaster -%>
-RT_SUBJECT = Subject: ${if and {{first_delivery}{match {${sg {$rh_Subject:}{\N\n\s+\N}{ }}}{\N(?is)(.*?)\[?debian rt\]?[:\s]*(.*)\N}}} {$1$2}{$h_subject:}}
+# This subject rewrite is embedded in double-quoted strings. As such, some of
+# the items need more escaping than usual, otherwise \N becomes simply "N" and
+# the following \n a literal newline.
+RT_SUBJECT = Subject: ${if and {{first_delivery}{match {${sg{$rh_Subject:}{\\N\\n\[\\t \]\+\\N}{ }}}{\\N(?i)(.*?)\[?debian rt\]?[:\t ]*(.*)\\N}}} {$1$2}{$h_subject:}}
RT_QUEUE_MAP = /srv/rt.debian.org/mail/rt_queue_map
<%- end -%>
# These are in HELO acl so that they are only run once. They increment a counter,
# so we don't want it to increment per rcpt to.
+ # high trust
warn dnslists = list.dnswl.org&0.0.0.3
log_message = Hit on list.dnswl.org for $sender_host_address
set acl_c_scr = ${eval:$acl_c_scr-30}
+ # >= medium trust
warn dnslists = list.dnswl.org&0.0.0.2
log_message = Hit on list.dnswl.org for $sender_host_address
set acl_c_scr = ${eval:$acl_c_scr-20}
+ # any form of listing
warn dnslists = list.dnswl.org
log_message = Hit on list.dnswl.org for $sender_host_address
set acl_c_scr = ${eval:$acl_c_scr-10}
condition = ${if eq{$host_lookup_failed}{1}}
set acl_c_scr = ${eval:$acl_c_scr+20}
+ # HELO looks like a dynamic address (with RDNS match)
warn !hosts = +debianhosts
condition = ${if eq{$host_lookup_failed}{0}}
condition = ${if match{$sender_host_name}{\N(^[^\.]*[0-9]\-+[0-9]|^[^\.]*[0-9]{5,}[^\.]|^([^\.]+\.)?[0-9][^ \.]*\.[^\.]+\..+\.[a-z]|^[^\.]*[0-9]\.[^\.]*[0-9]-[0-9]|^(dyn|cable|dhcp|dialup|ppp|adsl)[^\.]*[0-9])\N}}
set acl_c_scr = ${eval:$acl_c_scr+20}
+ # HELO looks like a dynamic address
warn !hosts = +debianhosts
condition = ${if match{$sender_helo_name}{\N(^[^\.]*[0-9]\-+[0-9]|^[^\.]*[0-9]{5,}[^\.]|^([^\.]+\.)?[0-9][^ \.]*\.[^\.]+\..+\.[a-z]|^[^\.]*[0-9]\.[^\.]*[0-9]-[0-9]|^(dyn|cable|dhcp|dialup|ppp|adsl)[^\.]*[0-9])\N}}
set acl_c_scr = ${eval:$acl_c_scr+20}
+ # mail from a dynamic IP address range
warn !hosts = +debianhosts
dnslists = dul.dnsbl.sorbs.net
set acl_c_scr = ${eval:$acl_c_scr+15}
domains = +handled_domains
!hosts = +debianhosts : WHITELIST
+ deny message = host $sender_host_address is listed in $dnslist_domain; see $dnslist_text
+ dnslists = noserver.dnsbl.sorbs.net
+ domains = +handled_domains
+ !hosts = +debianhosts : WHITELIST
+
<%- end -%>
deny message = domain $sender_address_domain is listed in $dnslist_domain; see $dnslist_text
dnslists = ${if match_domain{$domain}{+virtual_domains}\
domains = +handled_domains
!hosts = +debianhosts : WHITELIST
+ deny message = domain $sender_address_domain is listed in $dnslist_domain; see $dnslist_text
+ dnslists = nomail.rhsbl.sorbs.net/$sender_address_domain
+ domains = +handled_domains
+ !hosts = +debianhosts : WHITELIST
+
<%- unless @use_smarthost -%>
deny domains = +handled_domains
local_parts = ${if match_domain{$domain}{+virtual_domains}\
projects / mirror / dsa-puppet.git / blobdiff