From: Stephen Gran <steve@lobefin.net>
Date: Sun, 18 Apr 2010 12:05:56 +0000 (+0100)
Subject: duplicate some functionality for virtual_domains
X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=f1a48dc8cd819d2700a3e96e7c3797bdbc60901c;p=dsa-puppet.git

duplicate some functionality for virtual_domains

Signed-off-by: Stephen Gran <steve@lobefin.net>
---

diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index b928409e..376d62da 100644
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -562,6 +562,12 @@ check_recipient:
          message       = HELO mismatch Forged HELO for ($sender_helo_name)
 
   # disabled accounts don't even get local mail.
+  deny   domains       = +virtual_domains
+         local_parts   = ${if exists {${extract{directory}{VDOMAINDATA}{${value}/mail-disable}}}\
+                                     {${extract{directory}{VDOMAINDATA}{${value}/mail-disable}}}\
+                                     {}}
+         message       = ${lookup{$local_part}lsearch{${extract{directory}{VDOMAINDATA}{${value}/mail-disable}}}{$value}}
+
   deny   local_parts   = lsearch;/var/lib/misc/$primary_hostname/mail-disable
          domains       = +local_domains
 	 message       = ${lookup{$local_part}lsearch{/var/lib/misc/$primary_hostname/mail-disable}{$value}}
@@ -572,6 +578,7 @@ check_recipient:
                                      {}}
          hosts         = !+debianhosts
          message       = mail for <$local_part@$domain> only accepted from debian.org machines
+
   # Accept if the source is local SMTP (i.e. not over TCP/IP).
   # We do this by testing for an empty sending host field.
   accept  hosts = :
@@ -589,7 +596,12 @@ check_recipient:
           message       = <mendoza@kenny.linuxsis.net> cannot forward here while mailer-daemon mail is not caught
 
   deny    condition     = ${lookup{$sender_address_local_part}lsearch{/etc/exim4/localusers}{true}}
-	  sender_domains= +local_domains : debian.org : debian.net : debian.com
+	  sender_domains= +local_domains
+	  hosts         = !+debianhosts
+	  message       = mail from <$sender_address> not allowed externally
+
+  deny    sender_domains= +virtual_domains
+          condition     = ${lookup{$sender_address_local_part}lsearch{${extract{directory}{VDOMAINDATA}{${value}/localusers}}}{true}}
 	  hosts         = !+debianhosts
 	  message       = mail from <$sender_address> not allowed externally
 
@@ -1366,6 +1378,27 @@ virt_direct:
   user = ${extract{user}{VDOMAINDATA}}
   #debug_print = .forward-${if exists {${home}/.forward-${local_part}} {${local_part}} {default}}
 
+# This router delivers to the LDAP generated mail-forward file.
+# It's only really useful for debian.org
+virt_users:
+  debug_print = "R: virt_users for $local_part@$domain"
+  driver = redirect
+  allow_defer
+  allow_fail
+  router_home_directory = ${extract{directory}{VDOMAINDATA}}
+  transport_current_directory = ${extract{directory}{VDOMAINDATA}}
+  file = ${extract{directory}{VDOMAINDATA}{${value}/mail-forward.cdb}}
+  user = ${extract{user}{VDOMAINDATA}}
+  group = ${extract{group}{VDOMAINDATA}}
+  data = ${if exists{${extract{directory}{VDOMAINDATA}{${value}/mail-forward.cdb}}}\
+             {${lookup{$local_part}cdb\
+             {${extract{directory}{VDOMAINDATA}{${value}/mail-forward.cdb}}}}}}
+  domains = +virtual_domains
+  file_transport = address_file
+  headers_add = "Delivered-To: ${local_part}${local_part_suffix}@${domain}"
+  pipe_transport = address_pipe
+  retry_use_local_part
+
 ######################################################################
 #                      TRANSPORTS CONFIGURATION                      #
 ######################################################################