Taint: reject or log more tainted list metadata elements
[exim.git] / test / confs / 0001
1 # Exim test configuration 0001
2
3 # This configuration sets every option that is not dependent on optional code
4 # in the binary, except for exim_user and exim_group, because setting them can
5 # mess up the creation of the spool directory etc.
6
7 exim_path = EXIM_PATH
8 keep_environment =
9 host_lookup_order = bydns
10 spool_directory = DIR/spool
11 log_file_path = DIR/spool/log/%slog
12 gecos_pattern = ""
13 gecos_name = CALLER_NAME
14
15
16 no_accept_8bitmime
17 acl_not_smtp = check_local_message
18 acl_smtp_auth = check_auth
19 acl_smtp_connect = check_connect
20 acl_smtp_data = check_message
21 acl_smtp_etrn = check_etrn
22 acl_smtp_expn = check_expn
23 acl_smtp_helo = check_helo
24 acl_smtp_mail = check_mail
25 acl_smtp_mailauth = check_mailauth
26 acl_smtp_quit = check_quit
27 acl_smtp_predata = check_predata
28 acl_smtp_rcpt = check_recipient
29 acl_smtp_vrfy = check_vrfy
30 admin_groups = 1234
31 allow_mx_to_ip
32 allow_utf8_domains
33 auth_advertise_hosts = a.a.h
34 auto_thaw = 1d
35 bi_command =
36 bounce_message_file =
37 bounce_message_text =
38 bounce_return_body = false
39 no_bounce_return_message
40 return_size_limit = 12K
41 bounce_return_size_limit = 10K
42 bounce_return_linesize_limit = 997
43 callout_domain_negative_expire = 1h
44 callout_domain_positive_expire = 1d
45 callout_negative_expire = 5h
46 callout_positive_expire = 1w
47 callout_random_local_part = xxx\
48                             xx
49 check_log_inodes = 0
50 check_log_space = 0
51 check_spool_inodes = 0
52 check_spool_space = 0
53 daemon_smtp_port =
54 daemon_smtp_ports =
55 daemon_startup_retries = 3
56 daemon_startup_sleep = 8s
57 debug_store
58 delay_warning = 1d
59 delay_warning_condition = ${if match{$h_precedence:}{(?i)bulk|list}{no}{yes}}
60 deliver_drop_privilege
61 deliver_queue_load_max = 6.2
62 delivery_date_remove
63 dns_again_means_nonexist = *.esri.com:jeni.com
64 dns_check_names_pattern = ^.*$
65 dns_ipv4_lookup = *
66 dns_retrans = 0s
67 dns_retry = 0
68 drop_cr
69 envelope_to_remove
70 errors_copy =
71 errors_reply_to = postmaster@cam.ac.uk
72 extra_local_interfaces = 1.2.3.4
73 no_extract_addresses_remove_arguments
74 finduser_retries = 0
75 allow_domain_literals
76 freeze_tell = postmaster
77 headers_charset = UTF-8
78 header_maxsize = 2M
79 header_line_maxsize = 2K
80 helo_accept_junk_hosts =
81 helo_allow_chars = _
82 helo_lookup_domains =
83 helo_verify_hosts = localhost
84 helo_try_verify_hosts = 1.2.3.4
85 hold_domains =
86 host_lookup = a.b.c.d
87 host_reject_connection = 10.9.8.7
88 hosts_connection_nolog = 127.0.0.1
89 hosts_treat_as_local =
90 ignore_bounce_errors_after = 2m
91 ignore_fromline_hosts = a.b.c.d
92 ignore_fromline_local
93 keep_malformed = 4d
94 no_local_from_check
95 local_from_prefix = *-
96 local_from_suffix = =*
97 local_interfaces =
98 local_sender_retain
99 localhost_number = "3 "
100 log_selector =  \
101               +address_rewrite \
102               -all \
103               +all_parents \
104               +arguments \
105               -connection_reject \
106               -delay_delivery \
107               +incoming_interface \
108               +incoming_port \
109               +lost_incoming_connection \
110               -queue_run \
111               +received_recipients \
112               +received_sender \
113               -retry_defer \
114               +return_path_on_delivery \
115               +sender_on_delivery \
116               +size_reject \
117               -skip_delivery \
118               +smtp_confirmation \
119               +smtp_connection \
120               +smtp_syntax_error \
121               +subject \
122               +tls_cipher \
123               +tls_peerdn
124 log_timezone
125 lookup_open_max = 16
126 max_username_length = 8
127 message_body_visible = 500
128 message_id_header_domain = a.b.c
129 message_id_header_text = x.y.z
130 no_message_logs
131 message_size_limit = 500K
132 mua_wrapper
133 never_users = root:0
134 panic_coredump
135 percent_hack_domains =
136 pipelining_advertise_hosts = *.b.c
137 pid_file_path = /some/thing
138 no_preserve_message_logs
139 primary_hostname = some.host.name
140 no_print_topbitchars
141 process_log_path = /a/b/c/d
142 prod_requires_admin
143 qualify_domain = some.dom.ain
144 qualify_recipient = some.dom.ain
145 queue_domains = a.b.c
146 queue_list_requires_admin
147 no_queue_only
148 no_queue_only_override
149 queue_only_file = /var/spool/exim/queue_only
150 queue_only_load = 8.2
151 no_queue_run_in_order
152 queue_run_max = ${if = {1}{1} {5}{10}}
153 queue_smtp_domains = x.y.z
154 receive_timeout = 0s
155 received_header_text = Received: ${if def:sender_rcvhost {from ${sender_rcvhost}\n\t}{${if def:sender_ident {from ${sender_ident} }}${if def:sender_helo_name {(helo=${sender_helo_name})\n\t}}}}by ${primary_hostname} ${if def:received_protocol {with ${received_protocol}}} (Exim ${version_number} #${compile_number})\n\tid ${message_id}${if def:received_for {\n\tfor $received_for}}
156 received_headers_max = 30
157 recipient_unqualified_hosts = localhost:some.host.name
158 recipients_max = 0
159 no_recipients_max_reject
160 remote_max_parallel = 1
161 remote_sort_domains =
162 retry_data_expire = 24h
163 retry_interval_max = 3d
164 return_path_remove
165 rfc1413_hosts =
166 sender_unqualified_hosts = localhost:some.host.name
167 smtp_accept_keepalive
168 smtp_accept_max = 20
169 smtp_accept_max_nonmail = 40
170 smtp_accept_max_nonmail_hosts = !       *.b.c
171 smtp_accept_max_per_connection = 20
172 smtp_accept_max_per_host = 4
173 smtp_accept_queue = 0
174 smtp_accept_queue_per_connection = 10
175 smtp_active_hostname = x.y.z
176 no_smtp_enforce_sync
177 smtp_max_synprot_errors = 11
178 smtp_max_unknown_commands = 10
179 smtp_ratelimit_hosts = *
180 smtp_ratelimit_mail = 1, 1s, 2, 10s
181 smtp_ratelimit_rcpt = 10, 2s, 5, 5m
182 smtp_accept_reserve = 0
183 smtp_banner = ${primary_hostname} ESMTP Exim ${version_number} #${compile_number} ${tod_full}
184 smtp_check_spool_space
185 smtp_connect_backlog = 5
186 smtp_etrn_command =
187 smtp_etrn_serialize
188 smtp_load_reserve = 2
189 smtp_receive_timeout = 1m
190 smtp_reserve_hosts =
191 smtp_return_error_details
192 no_split_spool_directory
193 no_strip_excess_angle_brackets
194 no_strip_trailing_dot
195 no_syslog_duplication
196 syslog_facility = uucp
197 no_syslog_pid
198 syslog_processname = mta-exim
199 no_syslog_timestamp
200 system_filter = /home/exim/test/filter
201 system_filter_directory_transport =
202 system_filter_file_transport =
203 system_filter_group = MAILGROUP
204 system_filter_pipe_transport =
205 system_filter_reply_transport =
206 system_filter_user = 99
207 tcp_nodelay = false
208 timeout_frozen_after = 7d
209 timezone = EDT
210 tls_advertise_hosts =
211 trusted_groups = 42
212 trusted_users = ${readfile{DIR/aux-var/TESTNUM.trusted}{:}}
213 unknown_login = unknownlogin
214 unknown_username = Exim Testing
215 untrusted_set_sender = *
216 uucp_from_pattern = ^From\s+(\S+)\s+(?:[a-zA-Z]{3},?\s+)?(?:[a-zA-Z]{3}\s+\d?\d|\d?\d\s+[a-zA-Z]{3}\s+\d\d(?:\d\d)?)\s+\d\d?:\d\d?
217 uucp_from_sender = $1
218 warn_message_file = /home/exim/test/warnmsg_file
219 write_rejectlog = false
220
221
222 # ----- Routers -----
223
224 begin routers
225
226 # The manualroute router
227
228 manualroute:
229   driver = manualroute
230   address_data = domainlist address data
231   cannot_route_message = can't route this address
232   caseful_local_part
233   condition =
234   debug_print =
235   disable_logging
236   domains =
237   errors_to =
238   no_fail_verify_recipient
239   no_fail_verify_sender
240   fallback_hosts = localhost
241   group = MAILGROUP
242   headers_add =
243   headers_remove =
244   host_find_failed = freeze
245   hosts_randomize
246   no_initgroups
247   local_parts =
248   more
249   no_pass_on_timeout
250   pass_router = manualroute2
251   redirect_router = manualroute2
252   require_files =
253   route_data = ${lookup{$local_part}lsearch{/}}
254   router_home_directory = /usr
255   self = freeze
256   senders =
257   transport = smtp
258   no_unseen
259   user = root
260   no_verify_only
261   verify_recipient
262   verify_sender
263
264 # Manualroute2 router, for mutually exclusive options
265
266 manualroute2:
267   driver = manualroute
268   domains = ! +local_domains
269   route_list = ^fax(\.cl(\.cam(\.ac\.uk)?)?)?$ cl.cam.ac.uk; \
270                *.uucp  britain.eu.net
271
272 # The redirect router, in "alias" mode
273
274 alias:
275   driver = redirect
276   address_data = aliasfile address data
277   allow_fail
278   allow_freeze
279   caseful_local_part
280   no_check_ancestor
281   condition =
282   data = ${lookup{$local_part}lsearch{/etc/aliases}}
283   debug_print =
284   directory_transport = dummy
285   domains =
286   errors_to =
287   expn
288   no_fail_verify_recipient
289   no_fail_verify_sender
290   fallback_hosts =
291   file_transport = dummy
292   forbid_blackhole
293   no_forbid_file
294   forbid_include
295   no_forbid_pipe
296   group = 100
297   headers_add =
298   headers_remove =
299   hide_child_in_errmsg
300   include_directory = /i/n/c
301   no_initgroups
302   local_part_prefix =
303   no_local_part_prefix_optional
304   local_part_suffix =
305   no_local_part_suffix_optional
306   local_parts =
307   more
308   no_one_time
309   pipe_transport = dummy
310   no_qualify_preserve_domain
311   no_repeat_use
312   qualify_domain = xxxx
313   redirect_router = aliasfile2
314   require_files =
315   retry_use_local_part
316   no_rewrite
317   senders =
318   sieve_vacation_directory = /thing/thong
319   sieve_subaddress = rhubarb
320   sieve_useraddress = custard
321   no_skip_syntax_errors
322   syntax_errors_to =
323   transport_current_directory =
324   transport_home_directory =
325   no_unseen
326   user = 100
327   no_verify_only
328   verify_recipient
329   verify_sender
330
331 # Aliasfile2 for mutually exclusive options
332
333 aliasfile2:
334   driver = redirect
335   allow_defer
336   caseful_local_part
337   check_group
338   check_owner
339   file = /some/file
340   retry_use_local_part
341
342 # The redirect router in "forward" mode
343
344 forward:
345   driver = redirect
346   allow_filter
347   forbid_exim_filter
348   forbid_sieve_filter
349   caseful_local_part
350   check_ancestor
351   check_local_user
352   condition =
353   debug_print =
354   directory_transport = dummy
355   domains =
356   errors_to =
357   expn
358   no_fail_verify_recipient
359   no_fail_verify_sender
360   fallback_hosts =
361   file = //.forward2
362   file_transport = dummy
363   no_forbid_file
364   forbid_blackhole
365   forbid_filter_existstest
366   no_forbid_filter_logwrite
367   forbid_filter_dlfunc
368   forbid_filter_lookup
369   forbid_filter_readfile
370   forbid_filter_readsocket
371   forbid_filter_reply
372   forbid_filter_run
373   no_forbid_include
374   no_forbid_pipe
375   group = MAILGROUP
376   headers_add =
377   headers_remove =
378   hide_child_in_errmsg
379   no_ignore_eacces
380   no_ignore_enotdir
381   no_initgroups
382   local_part_prefix = xxx-
383   local_part_prefix_optional
384   local_part_suffix =
385   no_local_part_suffix_optional
386   local_parts =
387   modemask = 022
388   more
389   no_one_time
390   owners = root
391   owngroups = MAILGROUP
392   pipe_transport = dummy
393   no_qualify_preserve_domain
394   redirect_router = aliasfile2
395   reply_transport = dummy
396   require_files =
397   rewrite
398   senders =
399   no_skip_syntax_errors
400   syntax_errors_text = rhubarb
401   syntax_errors_to =
402   transport_current_directory =
403   transport_home_directory =
404   no_unseen
405   user = root
406   no_verify_only
407   no_verify_recipient
408   no_verify_sender
409
410 # The accept router
411
412 localuser:
413   driver = accept
414   no_address_test
415   caseful_local_part
416   check_local_user
417   condition =
418   debug_print =
419   domains =
420   errors_to =
421   expn
422   no_fail_verify_recipient
423   no_fail_verify_sender
424   fallback_hosts =
425   group = MAILGROUP
426   headers_add = X-added: by localuser
427   headers_remove =
428   no_initgroups
429   local_part_prefix =
430   no_local_part_prefix_optional
431   local_part_suffix =
432   no_local_part_suffix_optional
433   local_parts =
434   no_log_as_local
435   more
436   redirect_router = smartuser
437   require_files =
438   senders =
439   transport = ${if eq{$local_part}{caller}{local_mbx_delivery}{local_delivery}}
440   transport_current_directory =
441   transport_home_directory =
442   no_unseen
443   user = 99
444   no_verify_only
445   verify_recipient
446   verify_sender
447
448 # The redirect router in "smartuser" mode
449
450 smartuser:
451   driver = redirect
452   caseful_local_part
453   condition =
454   data = user@domain
455   debug_print =
456   domains =
457   errors_to =
458   expn
459   no_fail_verify_recipient
460   no_fail_verify_sender
461   fallback_hosts =
462   file_transport = dummy
463   forbid_file
464   forbid_pipe
465   group = MAILGROUP
466   headers_add =
467   headers_remove =
468   hide_child_in_errmsg
469   no_initgroups
470   local_part_prefix =
471   no_local_part_prefix_optional
472   local_part_suffix =
473   no_local_part_suffix_optional
474   local_parts = abcd
475   log_as_local
476   more
477   pipe_transport = dummy
478   qualify_preserve_domain
479   redirect_router = localuser
480   require_files =
481   retry_use_local_part
482   no_rewrite
483   senders =
484   no_unseen
485   user = root
486   no_verify_only
487   verify_recipient
488   verify_sender
489
490
491 # ----- Transports -----
492
493 # Dummy transport, to refer back to
494
495 begin transports
496
497 dummy:
498   driver = pipe
499   disable_logging
500
501 # Appendfile Transport
502
503 appendfile:
504   driver = appendfile
505   allow_fifo
506   no_allow_symlink
507   batch_max = 100
508   batch_id = rhubarb
509   body_only
510   no_check_group
511   no_check_owner
512   check_string = abcd
513   create_directory
514   create_file = anywhere
515   current_directory =
516   debug_print =
517   delivery_date_add
518   directory_mode = 0700
519   envelope_to_add
520   escape_string = xyz
521   file = /home/$local_part/inbox
522   file_format = "From : appendfile"
523   no_file_must_exist
524   group = MAILGROUP
525   headers_add = X-original-domain: $original_domain\nX-original-localp: $original_local_part
526   headers_remove =
527   headers_rewrite = a@b c@d
528   lock_fcntl_timeout = 10s
529   lock_interval = 3s
530   lock_retries = 10
531   lockfile_mode = 0600
532   lockfile_timeout = 30m
533   mailbox_size = 1000
534   mailbox_filecount = 9999
535   message_size_limit = 1G
536   mode = 0600
537   mode_fail_narrower
538   no_notify_comsat
539   message_prefix = From ${if def:return_path{$return_path}{MAILER-DAEMON}} ${tod_bsdinbox}\n
540   quota =
541   no_quota_is_inclusive
542   quota_size_regex = (\d+)$
543   quota_warn_message = "A warning message"
544   quota_warn_threshold =
545   rcpt_include_affixes
546   retry_use_local_part
547   return_path = xxxx
548   return_path_add
549   shadow_condition = $h_return-receipt-to
550   shadow_transport = dummy
551   message_suffix = \n
552   transport_filter =
553   transport_filter_timeout = 10s
554   no_use_crlf
555   use_fcntl_lock
556   use_lockfile
557   user = root
558
559 # For options that are mutually exclusive with those above
560
561 appendfile2:
562   driver = appendfile
563   directory = /etc
564   directory_file = afilename
565   quota_directory = /some/directory
566   quota = 1M
567   quota_filecount = 10
568   use_bsmtp
569
570 # Ditto
571
572 appendfile4:
573   driver = appendfile
574   directory = /etc
575
576 # Smtp transport
577
578 smtp:
579   driver = smtp
580   authenticated_sender = abcde
581   authenticated_sender_force = true
582   no_allow_localhost
583   command_timeout = 5m
584   connect_timeout = 0s
585   connection_max_messages = 0
586   data_timeout = 5m
587   debug_print =
588   delay_after_cutoff
589   no_delivery_date_add
590   dns_qualify_single
591   no_dns_search_parents
592   no_envelope_to_add
593   fallback_hosts = localhost
594   final_timeout = 10m
595   no_gethostbyname
596   headers_add =
597   headers_remove =
598   helo_data = some.text
599   hosts = localhost
600   hosts_avoid_esmtp = x.y.z
601   hosts_max_try = 10
602   hosts_max_try_hardlimit = 20
603   hosts_override
604   hosts_randomize
605   hosts_require_auth = *
606   hosts_try_auth = *
607   interface = 127.0.0.1
608   max_rcpt = 0
609   multi_domain
610   port = 25
611   retry_include_ip_address
612   no_return_path_add
613   serialize_hosts =
614   size_addition = -1
615   transport_filter =
616
617 # End