untrusted_set_sender = *
+# Some spam scanners (*cough* irritated *cough*) want the Sender field
+# to exist. Appease them by not actually adding a Sender field.
+
+local_from_check = false
+
# Some operating systems use the "gecos" field in the system password file
# to hold other information in addition to users' real names. Exim looks up
# this field when it is creating "sender" and "from" headers. If these options
# macro definitions.
# Do not wrap!
VDOMAINDATA = ${lookup{$domain}partial-lsearch{/etc/exim4/virtualdomains}{$value}}
+VSENDERDOMAINDATA = ${lookup{$sender_address_domain}partial-lsearch{/etc/exim4/virtualdomains}{$value}}
WHITELIST = ${if match_domain{$domain}{+virtual_domains}\
{${if exists {${extract{directory}{VDOMAINDATA}{${value}/whitelist}}}\
{${lookup{$local_part}lsearch{${extract{directory}{VDOMAINDATA}{${value}/whitelist}}}{$value}{}}}{}}}\
message = mail from <$sender_address> not allowed externally
deny sender_domains= +virtual_domains
- condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/localusers}}}}
- condition = ${lookup{$sender_address_local_part}lsearch{${extract{directory}{VDOMAINDATA}{${value}/localusers}}}{true}}
+ condition = ${if exists {${extract{directory}{VSENDERDOMAINDATA}{${value}/localusers}}}}
+ condition = ${lookup{$sender_address_local_part}lsearch{${extract{directory}{VSENDERDOMAINDATA}{${value}/localusers}}}{true}}
hosts = !+debianhosts
message = mail from <$sender_address> not allowed externally
deny condition = ${if match_domain{$sender_address_domain}{+virtual_domains}{1}{0}}
- condition = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/neversenders}}}{1}{0}}
- condition = ${lookup{$sender_address_local_part}lsearch{${extract{directory}{VDOMAINDATA}{${value}/neversenders}}{true}}
+ condition = ${if exists {${extract{directory}{VSENDERDOMAINDATA}{${value}/neversenders}}}{1}{0}}
+ condition = ${lookup{$sender_address_local_part}lsearch{${extract{directory}{VSENDERDOMAINDATA}{${value}/neversenders}}}{true}}
message = no mail should ever come from <$sender_address>
warn condition = ${if eq{$acl_m_prf}{localonly}}
message = ${sg{$acl_m_pgr}{^\\w+\\s*}{}}
<%- end -%>
- accept local_parts = +postmasterish
- domains = +virtual_domains : +bsmtp_domains
-
deny hosts = ${if exists{/etc/exim4/host_blacklist}{/etc/exim4/host_blacklist}{}}
message = I'm terribly sorry, but it seems you have been blacklisted
log_message = blacklisted IP
senders = ${if exists{/etc/exim4/blacklist}{/etc/exim4/blacklist}{}}
message = We have blacklisted <$sender_address>. Please stop mailing us
+ accept local_parts = +postmasterish
+ domains = +virtual_domains : +bsmtp_domains
+
<%- if scope.lookupvar('site::nodeinfo')['smarthost'].empty? -%>
deny message = host $sender_host_address is listed in $dnslist_domain; see $dnslist_text
dnslists = ${if match_domain{$domain}{+virtual_domains}\
local_parts = ${lookup{${sg{$local_part}{-comment}{}}}lsearch{RT_QUEUE_MAP}{$local_part}{}}
local_part_suffix = +new
pipe_transport = rt_pipe
- data = "|/usr/bin/rt-mailgate --queue '${lookup{${sg{$local_part}{-comment}{}}}lsearch{RT_QUEUE_MAP}}' --url https://rt.debian.org/ --action ${if match{$local_part}{.*-comment.*}{comment}{correspond}}"
+ data = "|/usr/bin/rt-mailgate --queue '${lookup{${sg{$local_part}{-comment}{}}}lsearch{RT_QUEUE_MAP}}' --url https://rt.debian.org/ --ca-file /etc/ssl/ca-debian/ca-certificates.crt --action ${if match{$local_part}{.*-comment.*}{comment}{correspond}}"
headers_remove = Subject
headers_add = "Delivered-To: ${local_part}${local_part_suffix}@${domain}\nSubject: ${if and {{first_delivery}{match {$h_subject:}{(?i)(.*?)\\\\[?debian rt\\\\]?[:\\s]*(.*)}}} {$1$2}{$h_subject:}}"
local_parts = ${lookup{${sg{$local_part}{-comment}{}}}lsearch{RT_QUEUE_MAP}{$local_part}{}}
local_part_suffix = +new-quiesce
pipe_transport = rt_pipe
- data = "|/usr/bin/rt-mailgate --queue '${lookup{${sg{$local_part}{-comment}{}}}lsearch{RT_QUEUE_MAP}}' --url https://rt.debian.org/ --action ${if match{$local_part}{.*-comment.*}{comment}{correspond}}"
+ data = "|/usr/bin/rt-mailgate --queue '${lookup{${sg{$local_part}{-comment}{}}}lsearch{RT_QUEUE_MAP}}' --url https://rt.debian.org/ --ca-file /etc/ssl/ca-debian/ca-certificates.crt --action ${if match{$local_part}{.*-comment.*}{comment}{correspond}}"
headers_remove = Subject
headers_add = "Delivered-To: ${local_part}${local_part_suffix}@${domain}\nX-RT-Mode: quiesce\nSubject: ${if and {{first_delivery}{match {$h_subject:}{(?i)(.*?)\\\\[?debian rt\\\\]?[:\\s]*(.*)}}} {$1$2}{$h_subject:}}"
local_part_suffix = +*
local_part_suffix_optional
pipe_transport = rt_pipe
- data = "|/usr/bin/rt-mailgate --queue '${lookup{${sg{$local_part}{-(comment|done)}{}}}lsearch{RT_QUEUE_MAP}}' --url https://rt.debian.org/ --extension ticket --action ${if match{$local_part}{.*-comment.*}{comment}{${if match{$local_part}{.*-done.*}{correspond-resolve}{correspond}}}}"
+ data = "|/usr/bin/rt-mailgate --queue '${lookup{${sg{$local_part}{-(comment|done)}{}}}lsearch{RT_QUEUE_MAP}}' --url https://rt.debian.org/ --ca-file /etc/ssl/ca-debian/ca-certificates.crt --extension ticket --action ${if match{$local_part}{.*-comment.*}{comment}{${if match{$local_part}{.*-done.*}{correspond-resolve}{correspond}}}}"
headers_remove = Subject
headers_add = "Delivered-To: ${local_part}${local_part_suffix}@${domain}\nSubject: ${if and {{first_delivery}{match {$h_subject:}{(?i)(.*?)\\\\[?debian rt\\\\]?[:\\s]*(.*)}}} {$1$2}{$h_subject:}}"
<%- end -%>