exim-{retiolum,smarthost} module: simplify ACL
This commit is contained in:
parent
25c07e2c0a
commit
1bbeb858db
@ -43,7 +43,6 @@ let
|
|||||||
primary_hostname = ${cfg.primary_hostname}
|
primary_hostname = ${cfg.primary_hostname}
|
||||||
domainlist local_domains = ${concatStringsSep ":" cfg.local_domains}
|
domainlist local_domains = ${concatStringsSep ":" cfg.local_domains}
|
||||||
domainlist relay_to_domains = ${concatStringsSep ":" cfg.relay_to_domains}
|
domainlist relay_to_domains = ${concatStringsSep ":" cfg.relay_to_domains}
|
||||||
hostlist relay_from_hosts = <; 127.0.0.1 ; ::1
|
|
||||||
|
|
||||||
acl_smtp_rcpt = acl_check_rcpt
|
acl_smtp_rcpt = acl_check_rcpt
|
||||||
acl_smtp_data = acl_check_data
|
acl_smtp_data = acl_check_data
|
||||||
@ -61,41 +60,15 @@ let
|
|||||||
begin acl
|
begin acl
|
||||||
|
|
||||||
acl_check_rcpt:
|
acl_check_rcpt:
|
||||||
accept hosts = :
|
deny
|
||||||
control = dkim_disable_verify
|
|
||||||
|
|
||||||
deny message = Restricted characters in address
|
|
||||||
domains = +local_domains
|
|
||||||
local_parts = ^[.] : ^.*[@%!/|]
|
|
||||||
|
|
||||||
deny message = Restricted characters in address
|
|
||||||
domains = !+local_domains
|
|
||||||
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
||||||
|
message = restricted characters in address
|
||||||
accept local_parts = postmaster
|
|
||||||
domains = +local_domains
|
|
||||||
|
|
||||||
#accept
|
|
||||||
# hosts = *.r
|
|
||||||
# domains = *.r
|
|
||||||
# control = dkim_disable_verify
|
|
||||||
|
|
||||||
#require verify = sender
|
|
||||||
|
|
||||||
accept hosts = +relay_from_hosts
|
|
||||||
control = submission
|
|
||||||
control = dkim_disable_verify
|
|
||||||
|
|
||||||
accept authenticated = *
|
|
||||||
control = submission
|
|
||||||
control = dkim_disable_verify
|
|
||||||
|
|
||||||
require message = relay not permitted
|
|
||||||
domains = +local_domains : +relay_to_domains
|
|
||||||
|
|
||||||
require verify = recipient
|
|
||||||
|
|
||||||
accept
|
accept
|
||||||
|
domains = +local_domains : +relay_to_domains
|
||||||
|
|
||||||
|
deny
|
||||||
|
message = relay not permitted
|
||||||
|
|
||||||
|
|
||||||
acl_check_data:
|
acl_check_data:
|
||||||
@ -104,29 +77,19 @@ let
|
|||||||
|
|
||||||
begin routers
|
begin routers
|
||||||
|
|
||||||
retiolum:
|
local:
|
||||||
driver = manualroute
|
|
||||||
domains = ! +local_domains : +relay_to_domains
|
|
||||||
transport = remote_smtp
|
|
||||||
route_list = ^.* $0 byname
|
|
||||||
no_more
|
|
||||||
|
|
||||||
nonlocal:
|
|
||||||
debug_print = "R: nonlocal for $local_part@$domain"
|
|
||||||
driver = redirect
|
|
||||||
domains = ! +local_domains
|
|
||||||
allow_fail
|
|
||||||
data = :fail: Mailing to remote domains not supported
|
|
||||||
no_more
|
|
||||||
|
|
||||||
local_user:
|
|
||||||
# debug_print = "R: local_user for $local_part@$domain"
|
|
||||||
driver = accept
|
driver = accept
|
||||||
|
domains = +local_domains
|
||||||
check_local_user
|
check_local_user
|
||||||
# local_part_suffix = +* : -*
|
# local_part_suffix = +*
|
||||||
# local_part_suffix_optional
|
# local_part_suffix_optional
|
||||||
transport = home_maildir
|
transport = home_maildir
|
||||||
cannot_route_message = Unknown user
|
|
||||||
|
remote:
|
||||||
|
driver = manualroute
|
||||||
|
domains = +relay_to_domains
|
||||||
|
transport = remote_smtp
|
||||||
|
route_list = ^.* $0 byname
|
||||||
|
|
||||||
|
|
||||||
begin transports
|
begin transports
|
||||||
|
@ -157,39 +157,28 @@ let
|
|||||||
begin acl
|
begin acl
|
||||||
|
|
||||||
acl_check_rcpt:
|
acl_check_rcpt:
|
||||||
accept hosts = :
|
deny
|
||||||
control = dkim_disable_verify
|
|
||||||
|
|
||||||
deny message = Restricted characters in address
|
|
||||||
domains = +local_domains
|
|
||||||
local_parts = ^[.] : ^.*[@%!/|]
|
|
||||||
|
|
||||||
deny message = Restricted characters in address
|
|
||||||
domains = !+local_domains
|
|
||||||
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
||||||
|
message = restricted characters in address
|
||||||
accept local_parts = postmaster
|
|
||||||
domains = +local_domains
|
|
||||||
|
|
||||||
accept hosts = +relay_from_hosts
|
|
||||||
control = submission
|
|
||||||
control = dkim_disable_verify
|
|
||||||
|
|
||||||
accept authenticated = *
|
|
||||||
control = submission
|
|
||||||
control = dkim_disable_verify
|
|
||||||
|
|
||||||
accept message = relay not permitted 2
|
|
||||||
recipients = lsearch*@;${lsearch.internet-aliases}
|
|
||||||
|
|
||||||
require message = relay not permitted
|
|
||||||
domains = +local_domains : +relay_to_domains
|
|
||||||
|
|
||||||
require
|
|
||||||
message = unknown user
|
|
||||||
verify = recipient/callout
|
|
||||||
|
|
||||||
accept
|
accept
|
||||||
|
recipients = lsearch*@;${lsearch.internet-aliases}
|
||||||
|
|
||||||
|
accept
|
||||||
|
authenticated = *
|
||||||
|
control = dkim_disable_verify
|
||||||
|
control = submission
|
||||||
|
|
||||||
|
accept
|
||||||
|
control = dkim_disable_verify
|
||||||
|
control = submission
|
||||||
|
hosts = +relay_from_hosts
|
||||||
|
|
||||||
|
accept
|
||||||
|
domains = +local_domains : +relay_to_domains
|
||||||
|
|
||||||
|
deny
|
||||||
|
message = relay not permitted
|
||||||
|
|
||||||
|
|
||||||
acl_check_data:
|
acl_check_data:
|
||||||
|
Loading…
Reference in New Issue
Block a user