-SRS (Sender Rewriting Scheme) Support (using libsrs_alt)
---------------------------------------------------------------
-See also below, for an alternative native support implementation.
-
-Exim currently includes SRS support via Miles Wilton's
-libsrs_alt library. The current version of the supported
-library is 0.5, there are reports of 1.0 working.
-
-In order to use SRS, you must get a copy of libsrs_alt from
-
-https://opsec.eu/src/srs/
-
-(not the original source, which has disappeared.)
-
-Unpack the tarball, then refer to MTAs/README.EXIM
-to proceed. You need to set
-
-EXPERIMENTAL_SRS=yes
-
-in your Local/Makefile.
-
-The following main-section options become available:
- srs_config string
- srs_hashlength int
- srs_hashmin int
- srs_maxage int
- srs_secrets string
- srs_usehash bool
- srs_usetimestamp bool
-
-The redirect router gains these options (all of type string, unset by default):
- srs
- srs_alias
- srs_condition
- srs_dbinsert
- srs_dbselect
-
-The following variables become available:
- $srs_db_address
- $srs_db_key
- $srs_orig_recipient
- $srs_orig_sender
- $srs_recipient
- $srs_status
-
-The predefined feature-macro _HAVE_SRS will be present.
-Additional delivery log line elements, tagged with "SRS=" will show the srs sender.
-For configuration information see https://github.com/Exim/exim/wiki/SRS .
-
-
-
-
-SRS (Sender Rewriting Scheme) Support (native)
---------------------------------------------------------------
-This is less full-featured than the libsrs_alt version above.
-
-The Exim build needs to be done with this in Local/Makefile:
-EXPERIMENTAL_SRS_NATIVE=yes
-
-The following are provided:
-- an expansion item "srs_encode"
- This takes three arguments:
- - a site SRS secret
- - the return_path
- - the pre-forwarding domain
-
-- an expansion condition "inbound_srs"
- This takes two arguments: the local_part to check, and a site SRS secret.
- If the secret is zero-length, only the pattern of the local_part is checked.
- The $srs_recipient variable is set as a side-effect.
-
-- an expansion variable $srs_recipient
- This gets the original return_path encoded in the SRS'd local_part
-
-- predefined macros _HAVE_SRS and _HAVE_NATIVE_SRS
-
-Sample usage:
-
- #macro
- SRS_SECRET = <pick something unique for your site for this>
-
- #routers
-
- outbound:
- driver = dnslookup
- # if outbound, and forwarding has been done, use an alternate transport
- domains = ! +my_domains
- transport = ${if eq {$local_part@$domain} \
- {$original_local_part@$original_domain} \
- {remote_smtp} {remote_forwarded_smtp}}
-
- inbound_srs:
- driver = redirect
- senders = :
- domains = +my_domains
- # detect inbound bounces which are SRS'd, and decode them
- condition = ${if inbound_srs {$local_part} {SRS_SECRET}}
- data = $srs_recipient
-
- inbound_srs_failure:
- driver = redirect
- senders = :
- domains = +my_domains
- # detect inbound bounces which look SRS'd but are invalid
- condition = ${if inbound_srs {$local_part} {}}
- allow_fail
- data = :fail: Invalid SRS recipient address
-
- #... further routers here
-
-
- # transport; should look like the non-forward outbound
- # one, plus the max_rcpt and return_path options
- remote_forwarded_smtp:
- driver = smtp
- # modify the envelope from, for mails that we forward
- max_rcpt = 1
- return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
-
-
-
-