# Enable an efficiency feature. We advertise the feature; clients
# may request to use it. For multi-recipient mails we then can
# reject or accept per-user after the message is received.
+# This supports recipient-dependent content filtering; without it
+# you have to temp-reject any recipients after the first that have
+# incompatible filtering, and do the filtering in the data ACL.
+# Even with this enabled, you must support the old style for peers
+# not flagging support for PRDR (visible via $prdr_requested).
#
.ifdef _HAVE_PRDR
prdr_enable = true
# detail than the default. Adjust to suit.
log_selector = +smtp_protocol_error +smtp_syntax_error \
- +tls_certificate_verified
+ +tls_certificate_verified
# If you want Exim to support the "percent hack" for certain domains,
# Insist that a HELO/EHLO was accepted.
- require message = nice hosts say HELO first
- condition = ${if def:sender_helo_name}
+ require message = nice hosts say HELO first
+ condition = ${if def:sender_helo_name}
# Insist that any other recipient address that we accept is either in one of
# our local domains, or is in a domain for which we explicitly allow
.ifdef _HAVE_PRDR
acl_check_prdr:
warn set acl_m_did_prdr = y
-.endif
#############################################################################
# do lookup on filtering, with $local_part@$domain, deny on filter match
#############################################################################
accept
+.endif
# This ACL is used after the contents of a message have been received. This
# is the ACL in which you can test a message's headers or body, and in
# Deny if the headers contain badly-formed addresses.
#
- deny !verify = header_syntax
- message = header syntax
- log_message = header syntax ($acl_verify_message)
+ deny !verify = header_syntax
+ message = header syntax
+ log_message = header syntax ($acl_verify_message)
# Deny if the message contains a virus. Before enabling this check, you
# must install a virus scanner and set the av_scanner option above.
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
# if ipv6-enabled then instead use:
# ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1
- dnssec_request_domains = *
no_more
# This closes the ROUTER_SMARTHOST ifdef around the choice of routing for
remote_smtp:
driver = smtp
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
-.ifdef _HAVE_DANE
- dnssec_request_domains = *
- hosts_try_dane = *
-.endif
.ifdef _HAVE_PRDR
hosts_try_prdr = *
.endif
local_delivery:
driver = appendfile
- file = /var/mail/$local_part
+ file = /var/mail/$local_part_verified
delivery_date_add
envelope_to_add
return_path_add