Fix Exim SRS configuration - smarthost delivery now works.
This commit is contained in:
Jim Hague
parent
0b936b4703
commit
f61543ea0f
|
|
@ -1,20 +1,40 @@
|
||||||
outbound:
|
fdef SRS_SECRET
|
||||||
|
|
||||||
|
.ifdef DCconfig_internet
|
||||||
|
|
||||||
|
outbound_srs:
|
||||||
|
debug_print = "R: SRS outbound for $local_part@$domain original $original_local_part@$original_domain"
|
||||||
driver = dnslookup
|
driver = dnslookup
|
||||||
# if outbound, and forwarding has been done, use an alternate transport
|
# if outbound, and forwarding has been done, use an alternate transport
|
||||||
domains = ! +local_domains
|
domains = ! +local_domains
|
||||||
transport = ${if eq {$local_part@$domain} \
|
condition = ${if !eq {$local_part@$domain} \
|
||||||
{$original_local_part@$original_domain} \
|
{$original_local_part@$original_domain}}
|
||||||
{remote_smtp} {remote_forwarded_smtp}}
|
transport = {remote_forwarded_smtp}
|
||||||
|
|
||||||
|
.elifdef DCconfig_smarthost DCconfig_satellite
|
||||||
|
|
||||||
|
outbound_srs_smarthost:
|
||||||
|
debug_print = "R: SRS outbound smarthost for $local_part@$domain original $original_local_part@$original_domain"
|
||||||
|
driver = dnslookup
|
||||||
|
# if outbound, and forwarding has been done, use an alternate transport
|
||||||
|
domains = ! +local_domains
|
||||||
|
condition = ${if !eq {$local_part@$domain} \
|
||||||
|
{$original_local_part@$original_domain}}
|
||||||
|
transport = {remote_forwarded_smtp_smarthost}
|
||||||
|
|
||||||
|
.endif
|
||||||
|
|
||||||
inbound_srs:
|
inbound_srs:
|
||||||
|
debug_print = "R: inbound_srs for $local_part@$domain"
|
||||||
driver = redirect
|
driver = redirect
|
||||||
senders = :
|
senders = :
|
||||||
domains = +local_domains
|
domains = +local_domains
|
||||||
# detect inbound bounces which are SRS'd, and decode them
|
# detect inbound bounces which are SRS'd, and decode them
|
||||||
condition = ${if inbound_srs {$local_part} {SRS_SECRET}}
|
condition = ${if inbound_srs {$local_part} {SRS_SECRET}}
|
||||||
data = $srs_recipient
|
data = $srs_recipient
|
||||||
|
|
||||||
inbound_srs_failure:
|
inbound_srs_failure:
|
||||||
|
debug_print = "R: inbound_srs_failure for $local_part@$domain"
|
||||||
driver = redirect
|
driver = redirect
|
||||||
senders = :
|
senders = :
|
||||||
domains = +local_domains
|
domains = +local_domains
|
||||||
|
|
@ -22,3 +42,5 @@
|
||||||
condition = ${if inbound_srs {$local_part} {}}
|
condition = ${if inbound_srs {$local_part} {}}
|
||||||
allow_fail
|
allow_fail
|
||||||
data = :fail: Invalid SRS recipient address
|
data = :fail: Invalid SRS recipient address
|
||||||
|
|
||||||
|
.endif
|
||||||
|
|
|
||||||
|
|
@ -1,7 +0,0 @@
|
||||||
# transport; should look like the non-forward outbound
|
|
||||||
# one, plus the max_rcpt and return_path options
|
|
||||||
remote_forwarded_smtp:
|
|
||||||
driver = smtp
|
|
||||||
# modify the envelope from, for mails that we forward
|
|
||||||
max_rcpt = 1
|
|
||||||
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
|
|
||||||
|
|
@ -0,0 +1,62 @@
|
||||||
|
# transport; should look like the non-forward outbound
|
||||||
|
# one, plus the max_rcpt and return_path options
|
||||||
|
remote_forwarded_smtp:
|
||||||
|
debug_print = "T: remote_forwarded_smtp for $local_part@$domain original domain $original_domain"
|
||||||
|
driver = smtp
|
||||||
|
# modify the envelope from, for mails that we forward
|
||||||
|
max_rcpt = 1
|
||||||
|
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
|
||||||
|
.ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
|
||||||
|
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HOSTS_AVOID_TLS
|
||||||
|
hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_RETURN_PATH
|
||||||
|
return_path = REMOTE_SMTP_RETURN_PATH
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HELO_DATA
|
||||||
|
helo_data=REMOTE_SMTP_HELO_DATA
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_INTERFACE
|
||||||
|
interface = REMOTE_SMTP_INTERFACE
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_DOMAIN
|
||||||
|
dkim_domain = DKIM_DOMAIN
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_SELECTOR
|
||||||
|
dkim_selector = DKIM_SELECTOR
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_PRIVATE_KEY
|
||||||
|
dkim_private_key = DKIM_PRIVATE_KEY
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_CANON
|
||||||
|
dkim_canon = DKIM_CANON
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_STRICT
|
||||||
|
dkim_strict = DKIM_STRICT
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_SIGN_HEADERS
|
||||||
|
dkim_sign_headers = DKIM_SIGN_HEADERS
|
||||||
|
.endif
|
||||||
|
.ifdef DKIM_TIMESTAMPS
|
||||||
|
dkim_timestamps = DKIM_TIMESTAMPS
|
||||||
|
.endif
|
||||||
|
.ifdef TLS_DH_MIN_BITS
|
||||||
|
tls_dh_min_bits = TLS_DH_MIN_BITS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_TLS_CERTIFICATE
|
||||||
|
tls_certificate = REMOTE_SMTP_TLS_CERTIFICATE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_PRIVATEKEY
|
||||||
|
tls_privatekey = REMOTE_SMTP_PRIVATEKEY
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HOSTS_REQUIRE_TLS
|
||||||
|
hosts_require_tls = REMOTE_SMTP_HOSTS_REQUIRE_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
headers_remove = REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
.endif
|
||||||
|
|
@ -0,0 +1,51 @@
|
||||||
|
# transport; should look like the non-forward outbound
|
||||||
|
# one, plus the max_rcpt and return_path options
|
||||||
|
remote_forwarded_smtp_smarthost:
|
||||||
|
debug_print = "T: remote_forwarded_smtp_smarthost for $local_part@$domain original domain $original_domain"
|
||||||
|
driver = smtp
|
||||||
|
# modify the envelope from, for mails that we forward
|
||||||
|
max_rcpt = 1
|
||||||
|
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}
|
||||||
|
multi_domain
|
||||||
|
.ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
|
||||||
|
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
|
||||||
|
.endif
|
||||||
|
hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
|
||||||
|
{\
|
||||||
|
${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
|
||||||
|
}\
|
||||||
|
{} \
|
||||||
|
}
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
|
||||||
|
hosts_avoid_tls = REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS
|
||||||
|
hosts_require_tls = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES
|
||||||
|
tls_verify_certificates = REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS
|
||||||
|
tls_verify_hosts = REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_RETURN_PATH
|
||||||
|
return_path = REMOTE_SMTP_RETURN_PATH
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_HELO_DATA
|
||||||
|
helo_data=REMOTE_SMTP_HELO_DATA
|
||||||
|
.endif
|
||||||
|
.ifdef TLS_DH_MIN_BITS
|
||||||
|
tls_dh_min_bits = TLS_DH_MIN_BITS
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
|
||||||
|
tls_certificate = REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_SMARTHOST_PRIVATEKEY
|
||||||
|
tls_privatekey = REMOTE_SMTP_SMARTHOST_PRIVATEKEY
|
||||||
|
.endif
|
||||||
|
.ifdef REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
headers_remove = REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE
|
||||||
|
.endif
|
||||||
Loading…
Reference in New Issue