# $Cambridge: hermes/conf/exim/etc/etc.hermes/configure,v 1.23 2004/11/23 14:00:01 fanf2 Exp $ # This configuration relies as much as possible on the message # submission server to do the clever stuff, including address # verification, SMTP error text, message fix-ups, and bounce address # tagging. We give it a bit of help by passing across the user's # authenticated identity, if it's available. ###################################################################### # MAIN CONFIGURATION SETTINGS # ###################################################################### qualify_domain = hermes.cam.ac.uk ## Privileged users deliver_drop_privilege = true never_users = root trusted_users = prayer ## Resource control # see also the cyrus LMTP limit and the smtp.hermes limit # message_size_limit = 25M ## Policy controls acl_smtp_rcpt = accept hosts = : @[] : # see discussion of authentication below rfc1413_hosts = : rfc1413_query_timeout = 0s ## Frozen, bounce, and warning messages auto_thaw = 24h bounce_return_body bounce_return_size_limit = 10K errors_reply_to = postmaster@cam.ac.uk ## Logging log_timezone = true message_logs = false print_topbitchars = true .ifdef DEBUG log_selector = +all .else log_selector = -retry_defer -skip_delivery -host_lookup_failed \ +smtp_confirmation +delivery_size \ +sender_on_delivery +return_path_on_delivery \ +received_recipients +all_parents +address_rewrite \ +deliver_time +queue_time \ +smtp_protocol_error +smtp_syntax_error .endif # tweaked for consistency with ppsw # received_header_text = Received: \ from ${if def:sender_rcvhost {$sender_rcvhost\n\t} \ {${if def:sender_ident {$sender_ident } {localhost } }\ ${if def:sender_helo_name {(helo=$sender_helo_name) } }} }\ by $primary_hostname ${if def:interface_address \ {(hermes.cam.ac.uk [$interface_address]:$interface_port)} \ {(hermes.cam.ac.uk)} }\n\t\ ${if def:received_protocol {with $received_protocol } }\ ${if eq{prayer}{$sender_ident} {(PRAYER:$sender_address_local_part) } }\ id $message_id (Exim $version_number)\ ${if def:received_for { for $received_for} }\n\t\ (return-path <$sender_address>) ###################################################################### # AUTHENTICATION CONFIGURATION # ###################################################################### begin authenticators # This authenticator communicates MUA user authentication to the # message submission server. If the user submitted the message # via webmail, trust it to pass us the authenticated username. # If the user wasn't authenticated, we will not authenticate. # # (Note that since prayer is a trusted user submitting a message on # behalf of another user with -f, Exim does not set $authenticated_id # so we have to use $sender_ident. This is OK so long as we don't do # ident callbacks and/or don't accept messages remotely.) EXTERNAL: driver = plaintext client_send = <| ${if eq{prayer}{$sender_ident} \ {$sender_address_local_part} \ {${if def:authenticated_id \ {$authenticated_id} \ fail }} } ###################################################################### # ROUTERS CONFIGURATION # ###################################################################### begin routers smtp: driver = accept transport = smtp ###################################################################### # TRANSPORTS CONFIGURATION # ###################################################################### begin transports # We have to limit the number of messages delivered down a connection # because SMTP authenticates connections not messages, and we are # authenticating on behalf of the message's sender not for ourself. smtp: driver = smtp hosts = smtp.hermes.cam.ac.uk hosts_try_auth = smtp.hermes.cam.ac.uk hosts_randomize connection_max_messages = 1 ###################################################################### # RETRY CONFIGURATION # ###################################################################### begin retry * * F,5d,5m # End of Exim 4 configuration