[Exim] Re: Exiscan and Spamassassin

Góra strony
Delete this message
Reply to this message
Autor: cjackson
Data:  
Dla: Peter Bowyer
CC: exim-users
Temat: [Exim] Re: Exiscan and Spamassassin
This is a MIME-formatted message. If you see this text it means that your
mail software cannot handle MIME-formatted messages.
--
Peter Bowyer writes:

> You're missing the point (again). What you consider extraneous is almost
> certainly what's causing the problem. If you knew where the problem was, you
> woudln't still be asking about it. Post the darned file!
>

Just trying to A) solve the problem mostly myself; B) not post a bunch of
stuff to the list that isn't related directly to the problem. But here are
the files with authentication info removed.

Thanks,
Craig Jackson
--
##################################################
#          The Exim mail transport agent         #
##################################################


# This is the template for Exim's main build-time configuration file. It
# contains settings that are independent of any operating system. These are
# things that are mostly sysadmin choices. The items below are divided into
# those you must specify, those you probably want to specify, those you might
# often want to specify, and those that you almost never need to mention.

# Edit this file and save the result to a file called Local/Makefile within the
# Exim distribution directory before running the "make" command.

# Things that depend on the operating system have default settings in
# OS/Makefile-Default, but these are overridden for some OS by files called
# called OS/Makefile-<osname>. You can further override these by creating files
# called Local/Makefile-<osname>, where "<osname>" stands for the name of your
# operating system - look at the names in the OS directory to see which names
# are recognized.

# However, if you are building Exim for a single OS only, you don't need to
# worry about setting up Local/Makefile-<osname>. Any build-time configuration
# settings you require can in fact be placed in the one file called
# Local/Makefile. It is only if you are building for several OS from the same
# source files that you need to worry about splitting off your own OS-dependent
# settings into separate files. (There's more explanation about how this all
# works in the toplevel README file, under "Modifying the building process", as
# well as in the Exim specification.)

# One OS-specific thing that may need to be changed is the command for running
# the C compiler; the overall default is gcc, but some OS Makefiles specify cc.
# You can override anything that is set by putting CC=whatever in your
# Local/Makefile.

# NOTE: You should never need to edit any of the distributed Makefiles; all
# overriding can be done in your Local/Makefile(s). This will make it easier
# for you when the next release comes along.

# The location of the X11 libraries is something else that is quite variable
# even between different versions of the same operating system (and indeed
# there are different versions of X11 as well, of course). The four settings
# concerned here are X11, XINCLUDE, XLFLAGS (linking flags) and X11_LD_LIB
# (dynamic run-time library). You need not worry about X11 unless you want to
# compile the Exim monitor utility. Exim itself does not use X11.

# Another area of variability between systems is the type and location of the
# DBM library package. Exim has support for ndbm, gdbm, tdb, and Berkeley DB.
# By default the code assumes ndbm; this often works with gdbm or DB, provided
# they are correctly installed, via their compatibility interfaces. However,
# Exim can also be configured to use the native calls for Berkeley DB (obsolete
# versions 1.85 and 2.x, or the current 3.x version) and also for gdbm.

# For some operating systems, a default DBM library (other than ndbm) is
# selected by a setting in the OS-specific Makefile. Most modern OS now have
# a DBM library installed as standard, and in many cases this will be selected
# for you by the OS-specific configuration. If Exim compiles without any
# problems, you probably do not have to worry about the DBM library. If you
# do want or need to change it, you should first read the discussion in the
# file doc/dbm.discuss.txt, which also contains instructions for testing Exim's
# interface to the DBM library.

# In Local/Makefiles blank lines and lines starting with # are ignored. It is
# also permitted to use the # character to add a comment to a setting, for
# example
#
# EXIM_GID=42 # the "mail" group
#
# However, with some versions of "make" this works only if there is no white
# space between the end of the setting and the #, so perhaps it is best
# avoided. A consequence of this facility is that it is not possible to have
# the # character present in any setting, but I can't think of any cases where
# this would be wanted.
###############################################################################



###############################################################################
#                    THESE ARE THINGS YOU MUST SPECIFY                        #
###############################################################################


# Exim will not build unless you specify BIN_DIRECTORY, CONFIGURE_FILE, and
# EXIM_USER. You also need EXIM_GROUP if EXIM_USER specifies a uid by number.

# If you don't specify SPOOL_DIRECTORY, Exim won't fail to build. However, it
# really is a very good idea to specify it here rather than at run time. This
# is particularly true if you let the logs go to their default location in the
# spool directory, because it means that the location of the logs is known
# before Exim has read the run time configuration file.

#------------------------------------------------------------------------------
# BIN_DIRECTORY defines where the exim binary will be installed by "make
# install". The path is also used internally by Exim when it needs to re-invoke
# itself, either to send an error message, or to recover root privilege. Exim's
# utility binaries and scripts are also installed in this directory. There is
# no "standard" place for the binary directory. Some people like to keep all
# the Exim files under one directory such as /usr/exim; others just let the
# Exim binaries go into an existing directory such as /usr/sbin or
# /usr/local/sbin. The installation script will try to create this directory,
# and any superior directories, if they do not exist.

BIN_DIRECTORY=/usr/exim/bin


#------------------------------------------------------------------------------
# CONFIGURE_FILE defines where Exim's run time configuration file is to be
# found. It is the complete pathname for the file, not just a directory. The
# location of all other run time files and directories can be changed in the
# run time configuration file. There is a lot of variety in the choice of
# location in different OS, and in the preferences of different sysadmins. Some
# common locations are in /etc or /etc/mail or /usr/local/etc or
# /usr/local/etc/mail. Another possibility is to keep all the Exim files under
# a single directory such as /usr/exim. Whatever you choose, the installation
# script will try to make the directory and any superior directories if they
# don't exist. It will also install a default runtime configuration if this
# file does not exist.

CONFIGURE_FILE=/usr/exim/configure

# It is possible to specify a colon-separated list of files for CONFIGURE_FILE.
# In this case, Exim will use the first of them that exists when it is run.
# However, if a list is specified, the installation script no longer tries to
# make superior directories or to install a default runtime configuration.


#------------------------------------------------------------------------------
# The Exim binary must normally be setuid root, so that it starts executing as
# root, but (depending on the options with which it is called) it does not
# always need to retain the root privilege. These settings define the user and
# group that is used for Exim processes when they no longer need to be root. In
# particular, this applies when receiving messages and when doing remote
# deliveries. (Local deliveries run as various non-root users, typically as the
# owner of a local mailbox.) Specifying these values as root is very strongly
# discouraged. These values are compiled into the binary.

EXIM_USER=mail

# If the setting of EXIM_USER is numeric (e.g. EXIM_USER=42), there must
# also be a setting of EXIM_GROUP. If, on the other hand, you use a name
# for EXIM_USER (e.g. EXIM_USER=exim), you don't need to set EXIM_GROUP unless
# you want to use a group other than the default group for the given user.

# EXIM_GROUP=

# Many sites define a user called "exim", with an appropriate default group,
# and use
#
# EXIM_USER=exim
#
# while leaving EXIM_GROUP unspecified (commented out).


#------------------------------------------------------------------------------
# SPOOL_DIRECTORY defines the directory where all the data for messages in
# transit is kept. It is strongly recommended that you define it here, though
# it is possible to leave this till the run time configuration.

# Exim creates the spool directory if it does not exist. The owner and group
# will be those defined by EXIM_USER and EXIM_GROUP, and this also applies to
# all the files and directories that are created in the spool directory.

# Almost all installations choose this:

SPOOL_DIRECTORY=/var/spool/exim



###############################################################################
#           THESE ARE THINGS YOU PROBABLY WANT TO SPECIFY                     #
###############################################################################


# You need to specify some routers and transports if you want the Exim that you
# are building to be capable of delivering mail. You almost certainly need at
# least one type of lookup. You should consider whether you want to build
# the Exim monitor or not.


#------------------------------------------------------------------------------
# These settings determine which individual router drivers are included in the
# Exim binary. There are no defaults in the code; those routers that are wanted
# must be defined here by setting the appropriate variables to the value "yes".
# Including a router in the binary does not cause it to be used automatically.
# It has also to be configured in the run time configuration file. By
# commenting out those you know you don't want to use, you can make the binary
# a bit smaller. If you are unsure, leave all of these included for now.

ROUTER_ACCEPT=yes
ROUTER_DNSLOOKUP=yes
ROUTER_IPLITERAL=yes
ROUTER_MANUALROUTE=yes
ROUTER_QUERYPROGRAM=yes
ROUTER_REDIRECT=yes

# This one is very special-purpose, so is not included by default.

# ROUTER_IPLOOKUP=yes


#------------------------------------------------------------------------------
# These settings determine which individual transport drivers are included in
# the Exim binary. There are no defaults; those transports that are wanted must
# be defined here by setting the appropriate variables to the value "yes".
# Including a transport in the binary does not cause it to be used
# automatically. It has also to be configured in the run time configuration
# file. By commenting out those you know you don't want to use, you can make
# the binary a bit smaller. If you are unsure, leave all of these included for
# now.

TRANSPORT_APPENDFILE=yes
TRANSPORT_AUTOREPLY=yes
TRANSPORT_PIPE=yes
TRANSPORT_SMTP=yes

# This one is special-purpose, and commonly not required, so it is not
# included by default.

# TRANSPORT_LMTP=yes


#------------------------------------------------------------------------------
# The appendfile transport can write messages to local mailboxes in a number
# of formats. The code for three specialist formats, maildir, mailstore, and
# MBX, is included only when requested. If you do not know what this is about,
# leave these settings commented out.

SUPPORT_MAILDIR=yes
# SUPPORT_MAILSTORE=yes
# SUPPORT_MBX=yes


#------------------------------------------------------------------------------
# These settings determine which file and database lookup methods are included
# in the binary. See the manual chapter entitled "File and database lookups"
# for discussion. DBM and lsearch (linear search) are included by default. If
# you are unsure about the others, leave them commented out for now.
# LOOKUP_DNSDB does *not* refer to general mail routing using the DNS. It is
# for the specialist case of using the DNS as a general database facility (not
# common).

LOOKUP_DBM=yes
LOOKUP_LSEARCH=yes

# LOOKUP_CDB=yes
# LOOKUP_DNSDB=yes
LOOKUP_DSEARCH=yes
LOOKUP_LDAP=yes
LOOKUP_MYSQL=yes
# LOOKUP_NIS=yes
# LOOKUP_NISPLUS=yes
# LOOKUP_ORACLE=yes
# LOOKUP_PASSWD=yes
# LOOKUP_PGSQL=yes
# LOOKUP_WHOSON=yes
# LOOKUP_WILDLSEARCH=yes


#------------------------------------------------------------------------------
# If you have set LOOKUP_LDAP=yes, you should set LDAP_LIB_TYPE to indicate
# which LDAP library you have. Unfortunately, though most of their functions
# are the same, there are minor differences. Currently Exim knows about four
# LDAP libraries: the one from the University of Michigan (also known as
# OpenLDAP 1), OpenLDAP 2, the Netscape SDK library, and the library that comes
# with Solaris 7 onwards. Uncomment whichever of these you are using.

# LDAP_LIB_TYPE=OPENLDAP1
LDAP_LIB_TYPE=OPENLDAP2
# LDAP_LIB_TYPE=NETSCAPE
# LDAP_LIB_TYPE=SOLARIS

# If you don't set any of these, Exim assumes the original University of
# Michigan (OpenLDAP 1) library.


#------------------------------------------------------------------------------
# Additional libraries and include directories may be required for some
# lookup styles (e.g. LDAP, MYSQL or PGSQL). LOOKUP_LIBS is included only on
# the command for linking Exim itself, not on any auxiliary programs. You
# don't need to set LOOKUP_INCLUDE if the relevant directories are already
# specified in INCLUDE.

LOOKUP_LIBS=-L/usr/local/etc/openldap/lib -L/usr/local/mysql/lib -L/lib -L/usr/lib -L/usr/local/lib -lldap -lmysqlclient -lz

LOOKUP_INCLUDE=-I /usr/local/etc/openldap/include -I /usr/local/mysql/include -I /usr/local/include -I /usr/include

# LOOKUP_INCLUDE=-I /usr/local/pgsql/include
# LOOKUP_LIBS=-L /usr/local/lib -L /usr/local/pgsql/lib -lpq

#------------------------------------------------------------------------------
# Compiling the Exim monitor: If you want to compile the Exim monitor, a
# program that requires an X11 display, then EXIM_MONITOR should be set to the
# value "eximon.bin". Comment out this setting to disable compilation of the
# monitor. The locations of various X11 directories for libraries and include
# files are defaulted in the OS/Makefile-Default file, but can be overridden in
# local OS-specific make files.

# EXIM_MONITOR=eximon.bin

###############################################################################
#                 THESE ARE THINGS YOU MIGHT WANT TO SPECIFY                  #
##############################################################################


# The items in this section are those that are commonly changed according to
# the sysadmin's preferences, but whose defaults are often acceptable.


#------------------------------------------------------------------------------
# Exim has support for the AUTH (authentication) extension of the SMTP
# protocol, as defined by RFC 2554. If you don't know what SMTP authentication
# is, you probably won't want to include this code, so you should leave these
# settings commented out. If you do want to make use of SMTP authentication,
# you must uncomment at least one of the following, so that appropriate code is
# included in the Exim binary. You will then need to set up the run time
# configuration to make use of the mechanism(s) selected.

# AUTH_CRAM_MD5=yes
AUTH_PLAINTEXT=yes
# AUTH_SPA=yes


#------------------------------------------------------------------------------
# The passwords for user accounts are normally encrypted with the crypt()
# function. Comparisons with encrypted passwords can be done using Exim's
# "crypteq" expansion operator. (This is commonly used as part of the
# configuration of an authenticator for use with SMTP AUTH.) At least one
# operating system has an extended function called crypt16(), which uses up to
# 16 characters of a password (the normal crypt() uses only the first 8). Exim
# supports the use of crypt16() as well as crypt().

# You can always indicate a crypt16-encrypted password by preceding it with
# "{crypt16}". If you want the default handling (without any preceding
# indicator) to use crypt16(), uncomment the following line:

# DEFAULT_CRYPT=crypt16

# If you do that, you can still access the basic crypt() function by preceding
# an encrypted password with "{crypt}". For more details, see the description
# of the "crypteq" condition in the manual chapter on string expansions.

# Since most operating systems do not include a crypt16() function (yet?), Exim
# has one of its own, which it uses unless HAVE_CRYPT16 is defined. Normally,
# that will be set in an OS-specific Makefile for the OS that have such a
# function, so you should not need to bother with it.


#------------------------------------------------------------------------------
# Exim can be built to support the SMTP STARTTLS command, which implements
# Transport Layer Security using SSL (Secure Sockets Layer). To do this, you
# must install the OpenSSL library package or the GnuTLS library. Exim contains
# no cryptographic code of its own. Uncomment the following lines if you want
# to build Exim with TLS support. If you don't know what this is all about,
# leave these settings commented out.

# This setting is required for any TLS support (either OpenSSL or GnuTLS)
# SUPPORT_TLS=yes

# Uncomment this setting if you are using OpenSSL
# TLS_LIBS=-lssl -lcrypto

# Uncomment these settings if you are using GnuTLS
# USE_GNUTLS=yes
# TLS_LIBS=-lgnutls -ltasn1 -lgcrypt

# If you are running Exim as a server, note that just building it with TLS
# support is not all you need to do. You also need to set up a suitable
# certificate, and tell Exim about it by means of the tls_certificate
# and tls_privatekey run time options. You also need to set tls_advertise_hosts
# to specify the hosts to which Exim advertises TLS support. On the other hand,
# if you are running Exim only as a client, building it with TLS support
# is all you need to do.

# Additional libraries and include files are required for both OpenSSL and
# GnuTLS. The TLS_LIBS settings above assume that the libraries are installed
# with all your other libraries. If they are in a special directory, you may
# need something like

# TLS_LIBS=-L/usr/local/ssl/lib -lssl -lcrypto
# or
# TLS_LIBS=-L/opt/gnu/lib -lgnutls -ltasn1 -lgcrypt

# TLS_LIBS is included only on the command for linking Exim itself, not on any
# auxiliary programs. If the include files are not in a standard place, you can
# set TLS_INCLUDE to specify where they are, for example:

# TLS_INCLUDE=-I/usr/local/ssl/include/
# or
# TLS_INCLUDE=-I/opt/gnu/include

# You don't need to set TLS_INCLUDE if the relevant directories are already
# specified in INCLUDE.


#------------------------------------------------------------------------------
# The default distribution of Exim contains only the plain text form of the
# documentation. Other forms are available separately. If you want to install
# the documentation in "info" format, first fetch the Texinfo documentation
# sources from the ftp directory and unpack them, which should create files
# with the extension "texinfo" in the doc directory. You may find that the
# version number of the texinfo files is different to your Exim version number,
# because the main documentation isn't updated as often as the code. For
# example, if you have Exim version 4.03, the source tarball upacks into a
# directory called exim-4.03, but the texinfo tarball unpacks into exim-4.00.
# In this case, move the contents of exim-4.00/doc into exim-4.03/doc after you
# have unpacked them. Then set INFO_DIRECTORY to the location of your info
# directory. This varies from system to system, but is often /usr/share/info.
# Once you have done this, "make install" will build the info files and
# install them in the directory you have defined.

# INFO_DIRECTORY=/usr/share/info


#------------------------------------------------------------------------------
# Exim log directory and files: Exim creates several log files inside a
# single log directory. You can define the directory and the form of the
# log file name here. If you do not set anything, Exim creates a directory
# called "log" inside its spool directory (see SPOOL_DIRECTORY above) and uses
# the filenames "mainlog", "paniclog", and "rejectlog". If you want to change
# this, you can set LOG_FILE_PATH to a path name containing one occurrence of
# %s. This will be replaced by one of the strings "main", "panic", or "reject"
# to form the final file names. Some installations may want something like this:

# LOG_FILE_PATH=/var/log/exim_%slog

# which results in files with names /var/log/exim_mainlog, etc. The directory
# in which the log files are placed must exist; Exim does not try to create
# it for itself. It is also your responsibility to ensure that Exim is capable
# of writing files using this path name. The Exim user (see EXIM_USER above)
# must be able to create and update files in the directory you have specified.

# You can also configure Exim to use syslog, instead of or as well as log
# files, by settings such as these

# LOG_FILE_PATH=syslog
# LOG_FILE_PATH=syslog:/var/log/exim_%slog

# The first of these uses only syslog; the second uses syslog and also writes
# to log files. Do not include white space in such a setting as it messes up
# the building process.


#------------------------------------------------------------------------------
# When logging to syslog, the following option caters for syslog replacements
# that are able to accept log entries longer than the 1024 characters allowed
# by RFC 3164. It is up to you to make sure your syslog daemon can handle this.
# Non-printable characters are usually unacceptable regardless, so log entries
# are still split on newline characters.

# SYSLOG_LONG_LINES=yes

# If you are not interested in the process identifier (pid) of the Exim that is
# making the call to syslog, then comment out the following line.

SYSLOG_LOG_PID=yes


#------------------------------------------------------------------------------
# Cycling log files: this variable specifies the maximum number of old
# log files that are kept by the exicyclog log-cycling script. You don't have
# to use exicyclog. If your operating system has other ways of cycling log
# files, you can use them instead. The exicyclog script isn't run by default;
# you have to set up a cron job for it if you want it.

EXICYCLOG_MAX=10


#------------------------------------------------------------------------------
# The compress command is used by the exicyclog script to compress old log
# files. Both the name of the command and the suffix that it adds to files
# need to be defined here. See also the EXICYCLOG_MAX configuration.

COMPRESS_COMMAND=/bin/gzip
COMPRESS_SUFFIX=gz


#------------------------------------------------------------------------------
# If the exigrep utility is fed compressed log files, it tries to uncompress
# them using this command.

ZCAT_COMMAND=/bin/zcat


#------------------------------------------------------------------------------
# Compiling in support for embedded Perl: If you want to be able to
# use Perl code in Exim's string manipulation language and you have Perl
# (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded
# Perl costs quite a lot of resources. Only do this if you really need it.

# EXIM_PERL=perl.o


#------------------------------------------------------------------------------
# Exim has support for PAM (Pluggable Authentication Modules), a facility
# which is available in the latest releases of Solaris and in some GNU/Linux
# distributions (see http://ftp.kernel.org/pub/linux/libs/pam/). The Exim
# support, which is intended for use in conjunction with the SMTP AUTH
# facilities, is included only when requested by the following setting:

# SUPPORT_PAM=yes

# You probably need to add -lpam to EXTRALIBS, and in some releases of
# GNU/Linux -ldl is also needed.


#------------------------------------------------------------------------------
# Support for authentication via Radius is also available. The Exim support,
# which is intended for use in conjunction with the SMTP AUTH facilities,
# is included only when requested by setting the following parameter to the
# location of your Radius configuration file:

# RADIUS_CONFIG_FILE=/etc/radiusclient/radiusclient.conf


#------------------------------------------------------------------------------
# Support for authentication via the Cyrus SASL pwcheck daemon is available.
# The Exim support, which is intented for use in conjunction with the SMTP AUTH
# facilities, is included only when requested by setting the following
# parameter to the location of the pwcheck daemon's socket directory.
#
# There is no need to install all of SASL on your system. You just need to run
# ./configure --with-pwcheck, cd to the pwcheck directory with sources, make
# and make install. You must create the socket directory (default /var/pwcheck)
# and chown it to exim's user and group. Once you have installed pwcheck, you
# should arrange for it to be started by root at boot time.

# CYRUS_PWCHECK_SOCKET=/var/pwcheck/pwcheck


#------------------------------------------------------------------------------
# TCP wrappers: If you want to use tcpwrappers from within Exim, uncomment
# this setting. See the manual section entitled "Use of tcpwrappers" in the
# chapter on building and installing Exim.

# USE_TCP_WRAPPERS=yes

# You may well also have to specify a local "include" file and an additional
# library for TCP wrappers, so you probably need something like this:

# USE_TCP_WRAPPERS=yes
# CFLAGS=-O -I/usr/local/include
# EXTRALIBS_EXIM=-L/usr/local/lib -lwrap

# but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM
# as well.


#------------------------------------------------------------------------------
# The default action of the exim_install script (which is run by "make
# install") is to install the Exim binary with a unique name such as
# exim-4.20-1, and then set up a symbolic link called "exim" to reference it,
# moving the symbolic link from any previous version. If you define NO_SYMLINK
# (the value doesn't matter), the symbolic link is not created or moved. You
# will then have to "turn Exim on" by setting up the link manually.

# NO_SYMLINK=yes


#------------------------------------------------------------------------------
# Another default action of the install script is to install a default runtime
# configuration file if one does not exist. This configuration has a router for
# expanding system aliases. The default assumes that these aliases are kept
# in the traditional file called /etc/aliases. If such a file does not exist,
# the installation script creates one that contains just comments (no actual
# aliases). The following setting can be changed to specify a different
# location for the system alias file.

SYSTEM_ALIASES_FILE=/etc/aliases



###############################################################################
#              THINGS YOU ALMOST NEVER NEED TO MENTION                        #
###############################################################################


# The settings in this section are available for use in special circumstances.
# In the vast majority of installations you need not change anything below.


#------------------------------------------------------------------------------
# The following commands live in different places in some OS. Either the
# ultimate default settings, or the OS-specific files should already point to
# the right place, but they can be overridden here if necessary. These settings
# are used when building various scripts to ensure that the correct paths are
# used when the scripts are run. They are not used in the Makefile itself. Perl
# is not necessary for running Exim unless you set EXIM_PERL (see above) to get
# it embedded, but there are some utilities that are Perl scripts. If you
# haven't got Perl, Exim will still build and run; you just won't be able to
# use those utilities.

# CHOWN_COMMAND=/usr/bin/chown
# CHGRP_COMMAND=/usr/bin/chgrp
# MV_COMMAND=/bin/mv
# RM_COMMAND=/bin/rm
# PERL_COMMAND=/usr/bin/perl


#------------------------------------------------------------------------------
# The following macro can be used to change the command for building a library
# of functions. By default the "ar" command is used, with options "cq".
# Only in rare circumstances should you need to change this.

# AR=ar cq


#------------------------------------------------------------------------------
# The following macros can be used to change the default modes that are used
# by the appendfile transport. In most installations the defaults are just
# fine, and in any case, you can change particular instances of the transport
# at run time if you want.

# APPENDFILE_MODE=0600
# APPENDFILE_DIRECTORY_MODE=0700
# APPENDFILE_LOCKFILE_MODE=0600


#------------------------------------------------------------------------------
# In some installations there may be multiple machines sharing file systems,
# where a different configuration file is required for Exim on the different
# machines. If CONFIGURE_FILE_USE_NODE is defined, then Exim will first look
# for a configuration file whose name is that defined by CONFIGURE_FILE,
# with the node name obtained by uname() tacked on the end, separated by a
# period (for example, /usr/exim/configure.host.in.some.domain). If this file
# does not exist, then the bare configuration file name is tried.

# CONFIGURE_FILE_USE_NODE=yes


#------------------------------------------------------------------------------
# In some esoteric configurations two different versions of Exim are run,
# with different setuid values, and different configuration files are required
# to handle the different cases. If CONFIGURE_FILE_USE_EUID is defined, then
# Exim will first look for a configuration file whose name is that defined
# by CONFIGURE_FILE, with the effective uid tacked on the end, separated by
# a period (for eximple, /usr/exim/configure.0). If this file does not exist,
# then the bare configuration file name is tried. In the case when both
# CONFIGURE_FILE_USE_EUID and CONFIGURE_FILE_USE_NODE are set, four files
# are tried: <name>.<euid>.<node>, <name>.<node>, <name>.<euid>, and <name>.

# CONFIGURE_FILE_USE_EUID=yes


#------------------------------------------------------------------------------
# The size of the delivery buffers: These specify the sizes (in bytes) of
# the buffers that are used when copying a message from the spool to a
# destination. There is rarely any need to change these values.

# DELIVER_IN_BUFFER_SIZE=8192
# DELIVER_OUT_BUFFER_SIZE=8192


#------------------------------------------------------------------------------
# The mode of the database directory: Exim creates a directory called "db"
# in its spool directory, to hold its databases of hints. This variable
# determines the mode of the created directory. The default value in the
# source is 0750.

# EXIMDB_DIRECTORY_MODE=0750


#------------------------------------------------------------------------------
# Database file mode: The mode of files created in the "db" directory defaults
# to 0640 in the source, and can be changed here.

# EXIMDB_MODE=0640


#------------------------------------------------------------------------------
# Database lock file mode: The mode of zero-length files created in the "db"
# directory to use for locking purposes defaults to 0640 in the source, and
# can be changed here.

# EXIMDB_LOCKFILE_MODE=0640


#------------------------------------------------------------------------------
# This parameter sets the maximum length of the header portion of a message
# that Exim is prepared to process. The default setting is one megabyte. The
# limit exists in order to catch rogue mailers that might connect to your SMTP
# port, start off a header line, and then just pump junk at it for ever. The
# message_size_limit option would also catch this, but it may not be set.
# The value set here is the default; it can be changed at runtime.

# HEADER_MAXSIZE="(1024*1024)"


#------------------------------------------------------------------------------
# The mode of the input directory: The input directory is where messages are
# kept while awaiting delivery. Exim creates it if necessary, using a mode
# which can be defined here (default 0750).

# INPUT_DIRECTORY_MODE=0750


#------------------------------------------------------------------------------
# The mode of Exim's log directory, when it is created by Exim inside the spool
# directory, defaults to 0750 but can be changed here.

# LOG_DIRECTORY_MODE=0750


#------------------------------------------------------------------------------
# The log files themselves are created as required, with a mode that defaults
# to 0640, but which can be changed here.

# LOG_MODE=0640


#------------------------------------------------------------------------------
# The TESTDB lookup is for performing tests on the handling of lookup results,
# and is not useful for general running. It should be included only when
# debugging the code of Exim.

# LOOKUP_TESTDB=yes


#------------------------------------------------------------------------------
# /bin/sh is used by default as the shell in which to run commands that are
# defined in the makefiles. This can be changed if necessary, by uncommenting
# this line and specifying another shell, but note that a Bourne-compatible
# shell is expected.

# MAKE_SHELL=/bin/sh


#------------------------------------------------------------------------------
# The maximum number of named lists of each type (address, domain, host, and
# local part) can be increased by changing this value. It should be set to
# a multiple of 16.

# MAX_NAMED_LIST=16


#------------------------------------------------------------------------------
# Network interfaces: Unless you set the local_interfaces option in the runtime
# configuration file to restrict Exim to certain interfaces only, it will run
# code to find all the interfaces there are on your host. Unfortunately,
# the call to the OS that does this requires a buffer large enough to hold
# data for all the interfaces - it was designed in the days when a host rarely
# had more than three or four interfaces. Nowadays hosts can have very many
# virtual interfaces running on the same hardware. If you have more than 250
# virtual interfaces, you will need to uncomment this setting and increase the
# value.

# MAXINTERFACES=250


#------------------------------------------------------------------------------
# Per-message logs: While a message is in the process of being delivered,
# comments on its progress are written to a message log, for the benefit of
# human administrators. These logs are held in a directory called "msglog"
# in the spool directory. Its mode defaults to 0750, but can be changed here.
# The message log directory is also used for storing files that are used by
# transports for returning data to a message's sender (see the "return_output"
# option for transports).

# MSGLOG_DIRECTORY_MODE=0750


#------------------------------------------------------------------------------
# There are three options which are used when compiling the Perl interface and
# when linking with Perl. The default values for these are placed automatically
# at the head of the Makefile by the script which builds it. However, if you
# want to override them, you can do so here.

# PERL_CC=
# PERL_CCOPTS=
# PERL_LIBS=


#------------------------------------------------------------------------------
# Identifying the daemon: When an Exim daemon starts up, it writes its pid
# (process id) to a file so that it can easily be identified. The path of the
# file can be specified here. Some installations may want something like this:

# PID_FILE_PATH=/var/lock/exim.pid

# If PID_FILE_PATH is not defined, Exim writes a file in its spool directory
# using the name "exim-daemon.pid".

# If you start up a daemon without the -bd option (for example, with just
# the -q15m option), a pid file is not written. Also, if you override the
# configuration file with the -oX option, no pid file is written. In other
# words, the pid file is written only for a "standard" daemon.


#------------------------------------------------------------------------------
# If Exim creates the spool directory, it is given this mode, defaulting in the
# source to 0750.

# SPOOL_DIRECTORY_MODE=0750


#------------------------------------------------------------------------------
# The mode of files on the input spool which hold the contents of messages can
# be changed here. The default is 0640 so that information from the spool is
# available to anyone who is a member of the Exim group.

# SPOOL_MODE=0640


#------------------------------------------------------------------------------
# Moving frozen messages: If the following is uncommented, Exim is compiled
# with support for automatically moving frozen messages out of the main spool
# directory, a facility that is found useful by some large installations. A
# run time option is required to cause the moving actually to occur. Such
# messages become "invisible" to the normal management tools.

# SUPPORT_MOVE_FROZEN_MESSAGES=yes

# End of EDITME for Exim 4.
--
#####################################################################
#                  Runtime configuration file for Exim               #
######################################################################



# It is usually a good idea to test a new configuration for syntactic      #
# correctness before installing it (for example, by running the command    #
# "exim -C /config/file.new -bV").                                         #


######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################


# Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name. In many cases this does
# the right thing and you need not set anything explicitly.

# primary_hostname =


# The next three settings create two lists of domains and one list of hosts.
# These lists are referred to later in this configuration using the syntax
# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
# are all colon-separated lists:

domainlist local_domains = localhost : mydomain.com
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1

# Most straightforward access control requirements can be obtained by
# appropriate settings of the above options. In more complicated situations, you
# may need to modify the Access Control List (ACL) which appears later in this
# file.

# The first setting specifies your local domains, for example:
#
# domainlist local_domains = my.first.domain : my.second.domain
#
# You can use "@" to mean "the name of the local host", as in the default
# setting above. This is the name that is specified by primary_hostname,
# as specified above (or defaulted). If you do not want to do any local
# deliveries, remove the "@" from the setting above. If you want to accept mail
# addressed to your host's literal IP address, for example, mail addressed to
# "user@???", you can add "@[]" as an item in the local domains
# list. You also need to uncomment "allow_domain_literals" below. This is not
# recommended for today's Internet.

# The second setting specifies domains for which your host is an incoming relay.
# If you are not doing any relaying, you should leave the list empty. However,
# if your host is an MX backup or gateway of some kind for some domains, you
# must set relay_to_domains to match those domains. For example:
#
# domainlist relay_to_domains = *.myco.com : my.friend.org
#
# This will allow any host to relay through your host to those domains.
# See the section of the manual entitled "Control of relaying" for more
# information.

# The third setting specifies hosts that can use your host as an outgoing relay
# to any other host on the Internet. Such a setting commonly refers to a
# complete local network as well as the localhost. For example:
#
# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
#
# The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you
# have to include 127.0.0.1 if you want to allow processes on your host to send
# SMTP mail by using the loopback address. A number of MUAs use this method of
# sending mail.


# All three of these lists may contain many different kinds of item, including
# wildcarded names, regular expressions, and file lookups. See the reference
# manual for details. The lists above are used in the access control list for
# incoming messages. The name of this ACL is defined here:


# GREYLISTING
# are they in the database already ?
GREYLIST_TEST = SELECT CASE \
WHEN now() - block_expires > 0 THEN 2 \
ELSE 1 \
END \
FROM greylist \
WHERE relay_ip = '${quote_mysql:$sender_host_address}' \
AND sender = '${quote_mysql:$sender_address}' \
AND recipient = '${quote_mysql:$local_part}'

# add them in, with 25 minute block
GREYLIST_ADD = INSERT INTO greylist (relay_ip, sender, recipient, block_expires) \
VALUES ( '${quote_mysql:$sender_host_address}', \
'${quote_mysql:$sender_address}', \
'${quote_mysql:$local_part}', \
DATE_ADD(now(), INTERVAL 25 MINUTE) \
)

# keep the entry fresh.
GREYLIST_UPDATE = UPDATE greylist SET \
block_expires = DATE_SUB(now(), INTERVAL 5 MINUTE) \
WHERE relay_ip = '${quote_mysql:$sender_host_address}' \
AND sender = '${quote_mysql:$sender_address}' \
AND recipient = '${quote_mysql:$local_part}'

hide mysql_servers = "localhost/greylist_db/ask_user/"

# You should not change that setting until you understand how ACLs work.

# The following ACL entries are used if you want to do content scanning with
# the exiscan-acl patch. When you uncomment one of these lines, you must also
# review the respective entries in the ACL section further below.

acl_smtp_rcpt = acl_check_rcpt
acl_smtp_mime = acl_check_mime
acl_smtp_data = acl_check_content

# This configuration variable defines the virus scanner that is used with
# the 'malware' ACL condition of the exiscan acl-patch. If you do not use
# virus scanning, leave it commented. Please read doc/exiscan-acl-readme.txt
# for a list of supported scanners.

# av_scanner = sophie:/var/run/sophie
av_scanner = clamd

# The following setting is only needed if you use the 'spam' ACL condition
# of the exiscan-acl patch. It specifies on which host and port the SpamAssassin
# "spamd" daemon is listening. If you do not use this condition, or you use
# the default of "127.0.0.1 783", you can omit this option.

# spamd_address = 127.0.0.1 783
# spamd_address = /var/run/spamd_socket

# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@???" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the recipient_unqualified_hosts option if you want to permit
# unqualified addresses from remote sources. If this option is not set, the
# primary_hostname value is used for qualification.

# qualify_domain =

# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.

# qualify_recipient =

# The following line must be uncommented if you want Exim to recognize
# addresses of the form "user@???" that is, with a "domain literal"
# (an IP address) instead of a named domain. The RFCs still require this form,
# but it makes little sense to permit mail to be sent to specific hosts by
# their IP address in the modern Internet. This ancient format has been used
# by those seeking to abuse hosts by using them for unwanted relaying. If you
# really do want to support domain literals, uncomment the following line, and
# see also the "domain_literal" router below.

# allow_domain_literals


# No deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so causes a panic error to be logged, and
# the delivery to be deferred. This is a paranoic safety catch. There is an
# even stronger safety catch in the form of the FIXED_NEVER_USERS setting
# in the configuration for building Exim. The list of users that it specifies
# is built into the binary, and cannot be changed. The option below just adds
# additional users to the list. The default for FIXED_NEVER_USERS is "root",
# but just to be absolutely sure, the default here is also "root".

# Note that the default setting means you cannot deliver mail addressed to root
# as if it were a normal user. This isn't usually a problem, as most sites have
# an alias for root that redirects such mail to a human administrator.

never_users = root


# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.

host_lookup = *


# The settings below, which are actually the same as the defaults in the
# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
# calls. You can limit the hosts to which these calls are made, and/or change
# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
# are disabled. RFC 1413 calls are cheap and can provide useful information
# for tracing problem messages, but some hosts and firewalls have problems
# with them. This can result in a timeout instead of an immediate refused
# connection, leading to delays on starting up an SMTP session.

rfc1413_hosts = *
rfc1413_query_timeout = 30s


# By default, Exim expects all envelope addresses to be fully qualified, that
# is, they must contain both a local part and a domain. If you want to accept
# unqualified addresses (just a local part) from certain hosts, you can specify
# these hosts by setting one or both of
#
# sender_unqualified_hosts =
# recipient_unqualified_hosts =
#
# to control sender and recipient addresses, respectively. When this is done,
# unqualified addresses are qualified using the settings of qualify_domain
# and/or qualify_recipient (see above).


# If you want Exim to support the "percent hack" for certain domains,
# uncomment the following line and provide a list of domains. The "percent
# hack" is the feature by which mail addressed to x%y@z (where z is one of
# the domains listed) is locally rerouted to x@y and sent on. If z is not one
# of the "percent hack" domains, x%y is treated as an ordinary local part. This
# hack is rarely needed nowadays; you should not enable it unless you are sure
# that you really need it.
#
# percent_hack_domains =
#
# As well as setting this option you will also need to remove the test
# for local parts containing % in the ACL definition below.


# When Exim can neither deliver a message nor return it to sender, it "freezes"
# the delivery error message (aka "bounce message"). There are also other
# circumstances in which messages get frozen. They will stay on the queue for
# ever unless one of the following options is set.

# This option unfreezes frozen bounce messages after two days, tries
# once more to deliver them, and ignores any delivery failures.

ignore_bounce_errors_after = 2d

# This option cancels (removes) frozen messages that are older than a week.

timeout_frozen_after = 7d



######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################


begin acl

# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.

acl_check_rcpt:

# Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
# testing for an empty sending host field.

accept hosts = :

#  deny      message      = Mail not accepted from local area network
#        hosts       = 192.168.0.0/16 : 206.30.0.0/16


  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]


######################################################################

  # Greylist ACL
  # set a variable marking whether they were in the database
    warn set acl_m2 = ${lookup mysql{GREYLIST_TEST}{$value}{0}}


  # new entry in database - defer, and add them
    defer condition = ${if eq{$acl_m2}{0}{1}}
    condition = ${lookup mysql{GREYLIST_ADD}{yes}{no}}


  # they are listed, but it is still too early
    defer condition = ${if eq{$acl_m2}{1}{1}}


  # freshen entry
    warn condition = ${lookup mysql{GREYLIST_UPDATE}{yes}{no}}


  # Deny unless the sender address can be verified.
    require verify        = sender



#############################################################################

# Accept mail to postmaster in any local domain, regardless of the source,
# and without verifying the sender.

  accept  local_parts   = postmaster
          domains       = +local_domains


# Deny unless the sender address can be verified.

  require verify        = sender


  #############################################################################
  # There are no checks on DNS "black" lists because the domains that contain
  # these lists are changing all the time. However, here are two examples of
  # how you could get Exim to perform a DNS black list lookup at this point.
  # The first one denies, while the second just warns.
  #
  # deny    message       = REJECTED: $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
  #         dnslists      = black.list.example


  deny    message = REJECT SPAM $sender_host_address - $dnslist_domain\n$dnslist_text
          dnslists = bl.spamcop.net
  #
  # warn    message       = X-Warning: $sender_host_address is in a black list at $dnslist_domain
  #         log_message   = found in $dnslist_domain
  #         dnslists      = black.list.example
  #############################################################################


# Accept if the address is in a local domain, but only if the recipient can
# be verified. Otherwise deny. The "endpass" line is the border between
# passing on to the next ACL statement (if tests above it fail) or denying
# access (if tests below it fail). This tests for local_part, system alaises
# and user aliases.

    accept  message       = User account unknown or disabled
            domains       = +local_domains
          endpass
            local_parts   =  \
          ${lookup ldapm {user="cn=manager,dc=mydomain,dc=com" \
          pass=PASS ldap:///cn=${quote_ldap:$local_part},\
          ou=${quote_ldap:$domain},dc=mydomain,dc=com?cn?}} : \
          ${lookup ldap {user="cn=manager,dc=mydomain,dc=com" \
          pass=PASS ldap:///alias=${quote_ldap:$local_part},ou=aliases,\
          ou=${quote_ldap:$domain},dc=mydomain,dc=com?alias?sub?}}


# Accept if the address is in a domain for which we are relaying, but again,
# only if the recipient can be verified.

  # accept  domains       = +relay_to_domains


# If control reaches this point, the domain is neither in +local_domains
# nor in +relay_to_domains.

# Accept if the message comes from one of the hosts for which we are an
# outgoing relay. Recipient verification is omitted here, because in many
# cases the clients are dumb MUAs that don't cope well with SMTP error
# responses. If you are actually relaying out from MTAs, you should probably
# add recipient verification here.

  # accept  hosts         = +relay_from_hosts


# Accept if the message arrived over an authenticated connection, from
# any host. Again, these messages are usually from MUAs, so recipient
# verification is omitted.

# accept authenticated = *

# Reaching the end of the ACL causes a "deny", but we might as well give
# an explicit message.

deny    message       = relay not permitted



# These access control lists are used for content scanning with the exiscan-acl
# patch. You must also uncomment the entries for acl_smtp_data and acl_smtp_mime
# (scroll up), otherwise the ACLs will not be used. IMPORTANT: the default entries here
# should be treated as EXAMPLES. You MUST read the file doc/exiscan-acl-spec.txt
# to fully understand what you are doing ...

acl_check_mime:

  # Reject messages with serious MIME container errors
    deny  message = REJECTED: MIME error ($demime_reason).
          demime = *
          condition = ${if >{$demime_errorlevel}{2}{1}{0}}


  # Reject known virus spreading file extensions.
  # Accepting these is pretty much braindead.
    deny message = Blacklisted file extension ($found_extension) detected. Zip the file then send.
         demime = com:btm:dll:cmd:lnk:msi:prf:reg:url:vbs:bat:pif:scr:exe:cpl


  # Reject virus using Clamd scan. See av_scanner line above
    deny message =  REJECTED: VIRUS DETECTED: ($malware_name)
         demime = *
         malware = */defer_ok


  # Reject messages that carry chinese character sets.
  # WARNING: This is an EXAMPLE.
  deny message = REJECTED: Invalid character set ($mime_charset)
        condition = ${if eq{$mime_charset}{gb2312}{1}{0}}


accept

acl_check_content:

# Accept messages that are too large, without scanning them.
accept condition = ${if >={$message_size}{512k}{1}{0}}

  # Put header in spam messages
  warn  message = X-Spam-Score: $spam_score ($spam_bar)
        spam = mail/defer_ok
      logwrite = :main: Spam Score: $spam_score


  warn  message = X-Spam-Report: $spam_report
        spam = mail/defer_ok


accept

######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################
#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
# An address is passed to each router in turn until it is accepted.  #
######################################################################


begin routers

dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
user = mail
file_transport = address_file
pipe_transport = address_pipe

user_aliases:
  driver = redirect
  allow_fail
  allow_defer
  hide data = ${lookup ldap {user="cn=manager,dc=mydomain,dc=com" pass=PASS \
    ldap:///alias=${quote_ldap:$local_part},ou=aliases,ou=${quote_ldap:$domain},\
    dc=mydomain,dc=com?maildrop?sub?}}
  user = mail


check_account_status:
  driver = accept
  hide condition = ${if eq {${lookup ldap {user="cn=manager,dc=mydomain,dc=com" \
  pass=PASS ldap:///cn=${quote_ldap:$local_part},ou=${quote_ldap:$domain}, \
    dc=mydomain,dc=com?accountStatus?}}}{false}{1}{0}}
  transport = account_disabled_autoreply


# dspam_route:
#   driver = accept
#   no_verify
#   condition = ${if and { \
#     {! def:h_X-FILTER-DSPAM:} \
#     {! def:h_X-Spam-Score:} \
#     {<={$message_size}{512k} \
#     }{1}{0}}
#   headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
#   transport = dspam_check


virtualuser:
  driver = accept
  condition = ${if and { \
    { eq {${lookup ldap {user="cn=manager,dc=mydomain,dc=com" \
        pass=PASS ldap:///cn=${quote_ldap:$local_part},ou=${quote_ldap:$domain}, \
    dc=mydomain,dc=com?forwardOnly?}}}{false}} \
    { or { \
      { eq {$h_X-DSPAM-Result:}{Spam} } \
      { def:h_X-Spam-Score:} \
         } } \
    }{1}{0}}
  transport = virtual_delivery
  no_more


save_copy:
driver = accept
transport = save_delivery
unseen

smarthost:
driver = manualroute
transport = remote_smtp
route_list = * 192.168.190.31

######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################


# A transport is used only when referenced from a router that successfully
# handles an address.

begin transports

remote_smtp:
driver = smtp

# dspam_check:
# driver = pipe
# command = "/usr/local/bin/dspam --mode=teft --deliver=innocent,spam --feature=chained,noise,whitelist --user ${lc:$local_part} -d ${lc:$local_part}"
# home_directory = "/home/vmail/dspam"
# current_directory = "/home/vmail/dspam"
# user = mail
# group = mail
# log_output = true
# return_fail_output = true
# return_path_add = false
# message_prefix =
# message_suffix =

save_delivery:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660
hide directory = /home/vmail/mydomain.com/s/saved/Maildir
create_directory
maildir_format=true
maildir_tag= ,S=$message_size

virtual_delivery:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add
  group = mail
  mode = 0660
  hide directory = ${lookup ldap {user="cn=manager,dc=mydomain,dc=com" pass=PASS \
    ldap:///cn=${quote_ldap:$local_part},ou=${quote_ldap:$domain},dc=mydomain,\
  dc=com?homeDirectory?}}/Maildir
  create_directory
  maildir_format=true
  maildir_tag= ,S=$message_size


account_disabled_autoreply:
driver = autoreply
user = mail
from = postmaster@$domain
to = $sender_address
subject = Account Disabled
text = Mail is not being accepted for this account at this time. The account has been disabled.
return_message

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_reply:
driver = autoreply

######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################


begin retry

# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.

# Address or Domain    Error       Retries
# -----------------    -----       -------


*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h




######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################


# There are no rewriting specifications in this default configuration file.

begin rewrite



######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################


# There are no authenticator specifications in this default configuration file.

begin authenticators



######################################################################
#                   CONFIGURATION FOR local_scan()                   #
######################################################################


# If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.

# begin local_scan


# End of Exim configuration file
--