]>
Commit | Line | Data |
---|---|---|
6a7ed0b9 | 1 | ###################################################################### |
2 | # Runtime configuration file for Exim # | |
3 | ###################################################################### | |
4 | ||
5 | ||
6 | # This is a default configuration file which will operate correctly in | |
7 | # uncomplicated installations. Please see the manual for a complete list | |
8 | # of all the runtime configuration options that can be included in a | |
9 | # configuration file. There are many more than are mentioned here. The | |
10 | # manual is in the file doc/spec.txt in the Exim distribution as a plain | |
11 | # ASCII file. Other formats (PostScript, Texinfo, HTML) are available from | |
12 | # the Exim ftp sites. The manual is also online via the Exim web sites. | |
13 | ||
14 | ||
15 | # This file is divided into several parts, all but the last of which are | |
16 | # terminated by a line containing the word "end". The parts must appear | |
17 | # in the correct order, and all must be present (even if some of them are | |
18 | # in fact empty). Blank lines, and lines starting with # are ignored. | |
19 | ||
20 | ||
21 | ||
22 | ###################################################################### | |
23 | # MAIN CONFIGURATION SETTINGS # | |
24 | ###################################################################### | |
25 | ||
26 | # Specify your host's canonical name here. This should normally be the fully | |
27 | # qualified "official" name of your host. If this option is not set, the | |
28 | # uname() function is called to obtain the name. | |
29 | ||
30 | # primary_hostname = | |
31 | ||
32 | ||
33 | # Specify the domain you want to be added to all unqualified addresses | |
34 | # here. An unqualified address is one that does not contain an "@" character | |
35 | # followed by a domain. For example, "caesar@rome.ex" is a fully qualified | |
36 | # address, but the string "caesar" (i.e. just a login name) is an unqualified | |
37 | # email address. Unqualified addresses are accepted only from local callers by | |
38 | # default. See the receiver_unqualified_{hosts,nets} options if you want | |
39 | # to permit unqualified addresses from remote sources. If this option is | |
40 | # not set, the primary_hostname value is used for qualification. | |
41 | ||
42 | # qualify_domain = | |
43 | ||
44 | ||
45 | # If you want unqualified recipient addresses to be qualified with a different | |
46 | # domain to unqualified sender addresses, specify the recipient domain here. | |
47 | # If this option is not set, the qualify_domain value is used. | |
48 | ||
49 | # qualify_recipient = | |
50 | ||
51 | ||
52 | # Specify your local domains as a colon-separated list here. If this option | |
53 | # is not set (i.e. not mentioned in the configuration file), the | |
54 | # qualify_recipient value is used as the only local domain. If you do not want | |
55 | # to do any local deliveries, uncomment the following line, but do not supply | |
56 | # any data for it. This sets local_domains to an empty string, which is not | |
57 | # the same as not mentioning it at all. An empty string specifies that there | |
58 | # are no local domains; not setting it at all causes the default value (the | |
59 | # setting of qualify_recipient) to be used. | |
60 | ||
61 | # local_domains = | |
62 | ||
63 | ||
64 | # If you want to accept mail addressed to your host's literal IP address, for | |
65 | # example, mail addressed to "user@[111.111.111.111]", then uncomment the | |
66 | # following line, or supply the literal domain(s) as part of "local_domains" | |
67 | # above. | |
68 | ||
69 | # local_domains_include_host_literals | |
70 | ||
71 | ||
72 | # No local deliveries will ever be run under the uids of these users (a colon- | |
73 | # separated list). An attempt to do so gets changed so that it runs under the | |
74 | # uid of "nobody" instead. This is a paranoic safety catch. Note the default | |
75 | # setting means you cannot deliver mail addressed to root as if it were a | |
76 | # normal user. This isn't usually a problem, as most sites have an alias for | |
77 | # root that redirects such mail to a human administrator. | |
78 | ||
79 | never_users = root | |
80 | ||
81 | ||
9c228cad AM |
82 | # The use of your host as a mail relay by any host, including the local host |
83 | # calling its own SMTP port, is locked out by default. If you want to permit | |
84 | # relaying from the local host, you should set | |
85 | # | |
86 | host_accept_relay = localhost | |
87 | # | |
88 | # If you want to permit relaying through your host from certain hosts or IP | |
89 | # networks, you need to set the option appropriately, for example | |
90 | # | |
91 | # host_accept_relay = my.friends.host : 131.111.0.0/16 | |
92 | # | |
93 | # If you are an MX backup or gateway of some kind for some domains, you must | |
94 | # set relay_domains to match those domains. This will allow any host to | |
95 | # relay through your host to those domains. | |
96 | # | |
97 | # See the section of the manual entitled "Control of relaying" for more | |
98 | # information. | |
99 | ||
126184a3 | 100 | # The information bellow is used for configuring exim to use SMTP AUTH |
101 | # NOTICE: You will need to set "exim_user" to "root" for this to work | |
102 | # | |
103 | # If you want to permit relay for some hosts, but they need to authenticate: | |
104 | # host_auth_accept_relay = * | |
105 | # | |
106 | # If you want the some hosts to require authentication for anything: | |
107 | # auth_hosts = * | |
108 | # | |
109 | # This is the configuration for SSL/TLS support | |
110 | # | |
111 | # Which hosts you want exim to advertise the support for TLS to | |
112 | # | |
113 | # tls_advertise_hosts = * | |
114 | # | |
115 | # The full path to the certificate and private keys (you will need to | |
116 | # create these using openssl) | |
117 | # | |
118 | # tls_certificate = /var/lib/openssl/certs/exim.pem | |
119 | # tls_privatekey = /var/lib/openssl/certs/exim.pem | |
120 | # | |
121 | # Hosts that NEED to use tls to connect | |
122 | # | |
123 | # tls_hosts = foo.bar | |
124 | # | |
9c228cad | 125 | |
6a7ed0b9 | 126 | # The setting below causes Exim to do a reverse DNS lookup on all incoming |
127 | # IP calls, in order to get the true host name. If you feel this is too | |
128 | # expensive, you can specify the networks for which a lookup is done, or | |
129 | # remove the setting entirely. | |
130 | ||
9c228cad AM |
131 | host_lookup = 0.0.0.0/0 |
132 | ||
133 | ||
134 | # By default, Exim expects all envelope addresses to be fully qualified, that | |
135 | # is, they must contain both a local part and a domain. If you want to accept | |
136 | # unqualified addresses (just a local part) from certain hosts, you can specify | |
137 | # these hosts by setting one or both of | |
138 | # | |
139 | # receiver_unqualified_hosts = | |
140 | # sender_unqualified_hosts = | |
141 | # | |
142 | # to control sender and receiver addresses, respectively. When this is done, | |
143 | # unqualified addresses are qualified using the settings of qualify_domain | |
144 | # and/or qualify_recipient (see above). | |
6a7ed0b9 | 145 | |
146 | ||
147 | # Exim contains support for the Realtime Blocking List (RBL) that is being | |
148 | # maintained as part of the DNS. See http://maps.vix.com/rbl/ for background. | |
9c228cad AM |
149 | # Uncommenting the first line below will make Exim reject mail from any |
150 | # host whose IP address is blacklisted in the RBL at maps.vix.com. Some | |
151 | # others have followed the RBL lead and have produced other lists: DUL is | |
152 | # a list of dial-up addresses, and ORBS is a list of open relay systems. The | |
153 | # second line below checks all three lists. | |
6a7ed0b9 | 154 | |
155 | # rbl_domains = rbl.maps.vix.com | |
9c228cad | 156 | # rbl_domains = rbl.maps.vix.com:dul.maps.vix.com:relays.orbs.org |
6a7ed0b9 | 157 | |
158 | ||
159 | # If you want Exim to support the "percent hack" for all your local domains, | |
160 | # uncomment the following line. This is the feature by which mail addressed | |
161 | # to x%y@z (where z is one of your local domains) is locally rerouted to | |
162 | # x@y and sent on. Otherwise x%y is treated as an ordinary local part. | |
163 | ||
164 | # percent_hack_domains = * | |
165 | ||
9c228cad | 166 | |
6a7ed0b9 | 167 | # This emulates sendmails "newaliases". Keep in mind that the alias |
168 | # transport does use lsearch by default. remember to change this, | |
169 | # if you want to use DBM-Lookups. | |
170 | ||
171 | bi_command=/usr/bin/newaliases | |
9c228cad | 172 | |
6a7ed0b9 | 173 | end |
174 | ||
175 | ||
176 | ||
177 | ###################################################################### | |
178 | # TRANSPORTS CONFIGURATION # | |
179 | ###################################################################### | |
180 | # ORDER DOES NOT MATTER # | |
181 | # Only one appropriate transport is called for each delivery. # | |
182 | ###################################################################### | |
183 | ||
184 | # A transport is used only when referenced from a director or a router that | |
185 | # successfully handles an address. | |
186 | ||
187 | ||
188 | # This transport is used for delivering messages over SMTP connections. | |
189 | ||
190 | remote_smtp: | |
191 | driver = smtp | |
192 | ||
193 | ||
194 | # This transport is used for local delivery to user mailboxes. By default | |
195 | # it will be run under the uid and gid of the local user, and requires | |
196 | # the sticky bit to be set on the /var/mail directory. Some systems use | |
197 | # the alternative approach of running mail deliveries under a particular | |
198 | # group instead of using the sticky bit. The commented options below show | |
199 | # how this can be done. | |
200 | ||
201 | # Modification by Florian Wallner <wallner@speed-link.de> make use of | |
9c228cad | 202 | # procmail as director if a user has a .procmailrc to avoid breaking |
6a7ed0b9 | 203 | # something that worked before. |
9c228cad | 204 | |
6a7ed0b9 | 205 | procmail: |
206 | driver = pipe | |
207 | command = "/usr/bin/procmail -d ${local_part}" | |
320115b3 | 208 | # return_path_add |
1d0bb91c | 209 | # delivery_date_add |
210 | # envelope_to_add | |
320115b3 | 211 | # check_string = "From " |
212 | # escape_string = ">From " | |
1d0bb91c | 213 | user = $local_part |
214 | # group = mail | |
320115b3 | 215 | # group = $local_part |
9c228cad | 216 | |
6a7ed0b9 | 217 | local_delivery: |
218 | driver = appendfile | |
1d0bb91c | 219 | # file = /var/mail/${local_part} |
220 | file = ${home}/Mail/Mailbox | |
6a7ed0b9 | 221 | delivery_date_add |
222 | envelope_to_add | |
223 | return_path_add | |
9c228cad | 224 | group = mail |
6a7ed0b9 | 225 | # mode = 0660 |
226 | ||
227 | ||
9c228cad AM |
228 | # This transport is used for handling pipe deliveries generated by alias |
229 | # or .forward files. If the pipe generates any standard output, it is returned | |
230 | # to the sender of the message as a delivery error. Set return_fail_output | |
231 | # instead of return_output if you want this to happen only when the pipe fails | |
232 | # to complete normally. You can set different transports for aliases and | |
233 | # forwards if you want to - see the references to address_pipe below. | |
6a7ed0b9 | 234 | |
235 | address_pipe: | |
236 | driver = pipe | |
237 | return_output | |
238 | ||
239 | ||
9c228cad AM |
240 | # This transport is used for handling deliveries directly to files that are |
241 | # generated by aliassing or forwarding. | |
6a7ed0b9 | 242 | |
243 | address_file: | |
244 | driver = appendfile | |
245 | delivery_date_add | |
246 | envelope_to_add | |
247 | return_path_add | |
248 | ||
249 | ||
6a7ed0b9 | 250 | # This transport is used for handling autoreplies generated by the filtering |
9c228cad | 251 | # option of the forwardfile director. |
6a7ed0b9 | 252 | |
253 | address_reply: | |
254 | driver = autoreply | |
255 | ||
256 | ||
257 | end | |
258 | ||
259 | ||
260 | ||
261 | ###################################################################### | |
262 | # DIRECTORS CONFIGURATION # | |
263 | # Specifies how local addresses are handled # | |
264 | ###################################################################### | |
265 | # ORDER DOES MATTER # | |
266 | # A local address is passed to each in turn until it is accepted. # | |
267 | ###################################################################### | |
268 | ||
269 | # Local addresses are those with a domain that matches some item in the | |
270 | # "local_domains" setting above, or those which are passed back from the | |
271 | # routers because of a "self=local" setting (not used in this configuration). | |
272 | ||
273 | ||
274 | # This director handles aliasing using a traditional /etc/aliases file. | |
275 | # If any of your aliases expand to pipes or files, you will need to set | |
276 | # up a user and a group for these deliveries to run under. You can do | |
277 | # this by uncommenting the "user" option below (changing the user name | |
9c228cad AM |
278 | # as appropriate) and adding a "group" option if necessary. Alternatively, you |
279 | # can specify "user" on the transports that are used. Note that those | |
280 | # listed below are the same as are used for .forward files; you might want | |
281 | # to set up different ones for pipe and file deliveries from aliases. | |
6a7ed0b9 | 282 | |
283 | # Modification by Florian Wallner <wallner@speed-link.de> use dbm | |
9c228cad AM |
284 | # lookups for aliases to speed up and simulate Sendmail behaviour |
285 | ||
6a7ed0b9 | 286 | |
9c228cad | 287 | system_aliases: |
6a7ed0b9 | 288 | driver = aliasfile |
289 | file = /var/spool/exim/db/aliases | |
290 | search_type = dbm | |
9c228cad AM |
291 | user = mail |
292 | file_transport = address_file | |
293 | pipe_transport = address_pipe | |
6a7ed0b9 | 294 | |
295 | #system_aliases: | |
296 | # driver = aliasfile | |
297 | # file = /etc/aliases | |
298 | # search_type = lsearch | |
299 | # user = exim | |
9c228cad AM |
300 | # file_transport = address_file |
301 | # pipe_transport = address_pipe | |
6a7ed0b9 | 302 | |
303 | ||
304 | # This director handles forwarding using traditional .forward files. | |
305 | # If you want it also to allow mail filtering when a forward file | |
306 | # starts with the string "# Exim filter", uncomment the "filter" option. | |
307 | # The check_ancestor option means that if the forward file generates an | |
308 | # address that is an ancestor of the current one, the current one gets | |
309 | # passed on instead. This covers the case where A is aliased to B and B | |
9c228cad AM |
310 | # has a .forward file pointing to A. The three transports specified at the |
311 | # end are those that are used when forwarding generates a direct delivery | |
312 | # to a file, or to a pipe, or sets up an auto-reply, respectively. | |
6a7ed0b9 | 313 | |
314 | userforward: | |
315 | driver = forwardfile | |
316 | file = .forward | |
317 | no_verify | |
318 | no_expn | |
319 | check_ancestor | |
320 | # filter | |
9c228cad AM |
321 | file_transport = address_file |
322 | pipe_transport = address_pipe | |
323 | reply_transport = address_reply | |
324 | ||
325 | ||
326 | # This director matches local user mailboxes. | |
6a7ed0b9 | 327 | |
328 | # Modification by Florian Wallner <wallner@speed-link.de> make use of | |
329 | # procmail as director if a user has a .procmailrc to avoid breaking | |
9c228cad AM |
330 | # something that worked before. |
331 | ||
6a7ed0b9 | 332 | procmail: |
333 | driver = localuser | |
334 | require_files = ${local_part}:${home}/.procmailrc | |
9c228cad | 335 | transport = procmail |
6a7ed0b9 | 336 | |
337 | localuser: | |
338 | driver = localuser | |
339 | transport = local_delivery | |
340 | ||
341 | ||
342 | end | |
343 | ||
344 | ||
345 | ||
346 | ###################################################################### | |
347 | # ROUTERS CONFIGURATION # | |
348 | # Specifies how remote addresses are handled # | |
349 | ###################################################################### | |
350 | # ORDER DOES MATTER # | |
351 | # A remote address is passed to each in turn until it is accepted. # | |
352 | ###################################################################### | |
353 | ||
354 | # Remote addresses are those with a domain that does not match any item | |
355 | # in the "local_domains" setting above. | |
356 | ||
357 | ||
358 | # This router routes to remote hosts over SMTP using a DNS lookup with | |
359 | # default options. | |
360 | ||
361 | lookuphost: | |
362 | driver = lookuphost | |
363 | transport = remote_smtp | |
364 | ||
365 | ||
366 | # This router routes to remote hosts over SMTP by explicit IP address, | |
367 | # given as a "domain literal" in the form [nnn.nnn.nnn.nnn]. The RFCs | |
368 | # require this facility, which is why it is enabled by default in Exim. | |
369 | # If you want to lock it out, set forbid_domain_literals in the main | |
370 | # configuration section above. | |
371 | ||
372 | literal: | |
373 | driver = ipliteral | |
374 | transport = remote_smtp | |
375 | ||
376 | ||
377 | end | |
378 | ||
379 | ||
380 | ||
381 | ###################################################################### | |
382 | # RETRY CONFIGURATION # | |
383 | ###################################################################### | |
384 | ||
385 | # This single retry rule applies to all domains and all errors. It specifies | |
386 | # retries every 15 minutes for 2 hours, then increasing retry intervals, | |
387 | # starting at 1 hour and increasing each time by a factor of 1.5, up to 16 | |
388 | # hours, then retries every 8 hours until 4 days have passed since the first | |
389 | # failed delivery. | |
390 | ||
391 | # Domain Error Retries | |
392 | # ------ ----- ------- | |
393 | ||
394 | * * F,2h,15m; G,16h,1h,1.5; F,4d,8h | |
395 | ||
396 | end | |
397 | ||
398 | ||
399 | ||
400 | ###################################################################### | |
401 | # REWRITE CONFIGURATION # | |
402 | ###################################################################### | |
403 | ||
404 | # There are no rewriting specifications in this default configuration file. | |
126184a3 | 405 | end |
406 | ||
407 | ###################################################################### | |
408 | # AUTHENTICATION CONFIGURATION # | |
409 | ###################################################################### | |
410 | ||
411 | # There are no authenticator specifications in this default configuration file. | |
412 | # This authentication rules uses PAM. See the documentation for other methods | |
413 | ||
414 | #plain: | |
415 | # driver = plaintext | |
416 | # public_name = PLAIN | |
417 | # server_condition = "${if pam{$2:$3}{1}{0}}" | |
418 | # server_set_id = $2 | |
419 | ||
420 | #login: | |
421 | # driver = plaintext | |
422 | # public_name = LOGIN | |
423 | # server_prompts = "Username:: : Password::" | |
424 | # server_condition = "${if pam{$2:$3}{1}{0}}" | |
425 | # server_set_id = $1 | |
426 | ||
6a7ed0b9 | 427 | |
428 | # End of Exim configuration file | |
126184a3 | 429 |