[vhffs-dev] [654] That was funny, really, let's put usable config file.

[ Thread Index | Date Index | More vhffs.org/vhffs-dev Archives ]


Revision: 654
Author:   gradator
Date:     2007-07-03 14:39:58 +0000 (Tue, 03 Jul 2007)

Log Message:
-----------
That was funny, really, let's put usable config file.

Added Paths:
-----------
    trunk/vhffs-doc/config/exim4-mx1/exim4.conf
    trunk/vhffs-doc/config/exim4-mx2/exim4.conf

Removed Paths:
-------------
    trunk/vhffs-doc/config/exim4-mx1/conf.d/
    trunk/vhffs-doc/config/exim4-mx1/exim4.conf
    trunk/vhffs-doc/config/exim4-mx1/exim4.conf.hash
    trunk/vhffs-doc/config/exim4-mx1/exim4.conf.template
    trunk/vhffs-doc/config/exim4-mx1/host
    trunk/vhffs-doc/config/exim4-mx1/passwd.client
    trunk/vhffs-doc/config/exim4-mx1/update-exim4.conf.conf
    trunk/vhffs-doc/config/exim4-mx2/conf.d/
    trunk/vhffs-doc/config/exim4-mx2/exim4.conf
    trunk/vhffs-doc/config/exim4-mx2/exim4.conf.template
    trunk/vhffs-doc/config/exim4-mx2/passwd.client
    trunk/vhffs-doc/config/exim4-mx2/update-exim4.conf.conf


Deleted: trunk/vhffs-doc/config/exim4-mx1/exim4.conf
===================================================================
--- trunk/vhffs-doc/config/exim4-mx1/exim4.conf	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx1/exim4.conf	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,405 +0,0 @@
-hide pgsql_servers = DBHOST/vhffs/vhffs/DBPASS
-MAIL_HOME=/data/mail/boxes
-PGSQL_LOCAL_DOMAINS = ${lookup pgsql{SELECT DISTINCT domain FROM vhffs_mxdomain WHERE domain = '$domain'}}
-PGSQL_VIRTUAL_LOCAL_DOMAINS = ${lookup pgsql{select vhffs_boxes.domain from vhffs_boxes, vhffs_mxdomain where local_part = '$local_part' and vhffs_boxes.domain = vhffs_mxdomain.domain and vhffs_mxdomain.domain = '$domain'}}
-PGSQL_VIRTUAL_LOCAL_DIR = MAIL_HOME/${lookup pgsql{select boxes_path from vhffs_mxdomain where domain = '$domain'}{$value}fail}/${lookup pgsql{select mbox_name from vhffs_boxes where domain = '$domain' and local_part = '$local_part'}{$value}fail}/Maildir
-PGSQL_VIRTUAL_FORWARD_DATA = ${lookup pgsql{select remote_name from vhffs_forward, vhffs_mxdomain where local_part = '$local_part' and vhffs_forward.domain = vhffs_mxdomain.domain and vhffs_mxdomain.domain = '$domain'}}
-PGSQL_ML_EXIST = ${lookup pgsql{select domain from vhffs_ml where local_part='$local_part' and domain='$domain'}}
-PGSQL_VIRTUAL_CATCHALL = ${lookup pgsql{select catchall from vhffs_mxdomain where domain = '$domain' and catchall != ''}}
-PGSQL_GET_TX_USER = ${lookup pgsql{select mail from vhffs_users where username='$local_part' and 'tuxfamily.org'='$domain'}}
-#PGSQL_VIRTUAL_LOCAL_QUOTA = ${lookup pgsql{select quota from popbox where local_part = "$local_part" and domaine = "$domain"}}
-#PGSQL_VIRTUAL_LOCAL_QFILE = ${lookup pgsql{select quota_f from popbox where local_part = "$local_part" and domain = "$domain"}}
-#PGSQL_VIRTUAL_LOCAL_Q_WARN = ${lookup pgsql{select quota_warn from popbox where local_part = "$local_part" and domain = "$domain"}}
-#PGSQL_VIRTUAL_LOCAL_UP_QUOTA = ${lookup pgsql{update popbox set quota_f_used = "$quota_total_fcount", quota_used = "$quota_total_used" where local_part = "$local_part" and domain_name = "$domain"}}
-#PGSQL_VIRTUAL_SPAMCHECK = ${lookup pgsql{select domain_name from mxdomain where mxdomain.domain_name = "$domain" and scan = "1"}}
-
-LISTENGINE_HOME=/usr/lib/vhffs/listengine/
-LISTENGINE_QUEUE=LISTENGINE_HOME/listengine
-LISTENGINE_UID=Debian-exim
-LISTENGINE_GID=Debian-exim
-
-exim_path = /usr/sbin/exim4
-
-CONFDIR = /etc/exim4
-
-domainlist local_domains = PGSQL_LOCAL_DOMAINS:localhost:mx1.tuxfamily.net:tuxfamily.net:tuxfamily.com:mx1.tuxfamily.org
-
-domainlist relay_to_domains = 
-
-hostlist relay_from_hosts = 127.0.0.1 : 192.168.1.0/24 
-
-#av_scanner = clamd:192.168.3.50 7777 stream
-
-qualify_domain = staff.tuxfamily.org
-
-LOCAL_DELIVERY=mail_spool
-
-gecos_pattern = ^([^,:]*)
-gecos_name = $1
-
-acl_smtp_rcpt = acl_check_rcpt
-
-#acl_smtp_data = acl_check_data
-
-message_size_limit = 10M
-
-smtp_accept_max = 120
-
-host_lookup = *
-
-primary_hostname = mx1.tuxfamily.net
-
-rfc1413_query_timeout = 0s
-
-ignore_bounce_errors_after = 2d
-
-timeout_frozen_after = 7d
-
-freeze_tell = postmaster
-
-spool_directory = /var/spool/exim4
-
-trusted_users = Debian-exim 
-
-smtp_banner = "${primary_hostname} ESMTP Vhffs4 Mailer ${tod_full}"
-
-begin acl
-
-acl_whitelist_local_deny:
-  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
-                        {CONFDIR/local_host_whitelist}\
-                        {}}
-  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
-                        {CONFDIR/local_sender_whitelist}\
-                        {}}
-
-acl_check_rcpt:
-  accept hosts = : 127.0.0.1 : 192.168.1.0/24 : 213.246.36.36
-
-  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       senders = ${if exists{CONFDIR/local_sender_blacklist}\
-                             {CONFDIR/local_sender_blacklist}\
-                             {}}
-
-  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       hosts = ${if exists{CONFDIR/local_host_blacklist}\
-                             {CONFDIR/local_host_blacklist}\
-                             {}}
-
-  drop  condition = ${if eq{$sender_helo_name}{}{yes}{no}}
-	message = \
-		HELO/EHLO required by SMTP RFC.\n\
-		Bye dude!
-
-  accept  senders = ${if exists{CONFDIR/whitelist_sender}\
-		{CONFDIR/whitelist_sender}\
-		{}}
-
-  accept  hosts = ${if exists{CONFDIR/whitelist_host}\
-		{CONFDIR/whitelist_host}\
-		{}}
-
-  drop  !verify = sender/no_details
-	message = \
-		Unrouteable sender address.\n\
-		Bye dude!
-  
-  drop  !verify = sender/callout=45s
-	message = \
-		Your email address is rejected by your mail server.\n\
-		You can't send mail here with a fake address.\n\
-		Bye dude!
-
-  deny    domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-          message       = restricted characters in address
-
-  deny    domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-          message       = restricted characters in address
-
-  accept local_parts = postmaster
-         domains = +local_domains
-
-  warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
-       !verify = reverse_host_lookup
-
-  accept domains = +local_domains
-         endpass
-         message = unknown user
-         verify = recipient
-
-  accept domains = +relay_to_domains
-         endpass
-         message = unrouteable address
-         verify = recipient
-
-  accept hosts = +relay_from_hosts
-
-  accept authenticated = *
-
-  deny message = relay not permitted
-
-#acl_check_data:
-
-#  deny message = Message contains malware or a virus ($malware_name).
-#       log_message = $sender_host_address tried sending $malware_name
-#       demime = *
-#       malware = *
-#   warn condition = ${if !def:h_Message-ID: {1}}
-#        hosts = +relay_from_hosts
-#        message = Message-ID: <E$message_id@$primary_hostname>
-		      
-
-#   accept
-
-begin routers
-
-dnslookup_relay_to_domains:
-  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains : +relay_to_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  no_more
-
-dnslookup:
-  debug_print = "R: dnslookup for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
-                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
-  no_more
-#spamcheck_router:
-#	driver = accept
-#        no_verify
-#	domains = PGSQL_VIRTUAL_SPAMCHECK
-#        condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
-#        transport = spamcheck
-virtual_local:
-  driver = accept
-  domains = PGSQL_VIRTUAL_LOCAL_DOMAINS
-  transport = virtual_local
-virtual_forward:
-  driver = redirect
-  qualify_preserve_domain = true
-  data = PGSQL_VIRTUAL_FORWARD_DATA
-list_director:
-  driver = accept
-  domains = PGSQL_ML_EXIST
-  transport = list_transport
-
-#list_sub: 
-#   driver = accept
-#   local_part_suffix = -subscribe
-#   condition = PGSQL_ML_EXIST
-#   transport = list_sub_transport
-
-#list_unsub: 
-#   driver = accept
-#   local_part_suffix = -unsubscribe
-#   condition = PGSQL_ML_EXIST
-#   transport = list_unsub_transport
-
-#list_confirm:
-#   driver = accept
-#   local_part_suffix = -confirm
-#   condition = PGSQL_ML_EXIST
-#   transport = list_confirm_transport
-virtual_catchall:
-  driver = redirect
-  qualify_preserve_domain = true
-  data = PGSQL_VIRTUAL_CATCHALL
-virtual_tf_users:
-  driver = redirect
-  data = PGSQL_GET_TX_USER
-
-system_aliases:
-  debug_print = "R: system_aliases for $local_part@$domain"
-  driver = redirect
-  condition = ${if or { {eq {$domain} {$primary_hostname}} {eq {$domain} {$qualify_domain}}} {1} {0}}
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-  file_transport = address_file
-
-begin transports
-
-address_file:
-  debug_print = "T: address_file for $local_part@$domain"
-  driver = appendfile
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-
-address_pipe:
-  debug_print = "T: address_pipe for $local_part@$domain"
-  driver = pipe
-  return_fail_output
-
-address_reply:
-  debug_print = "T: autoreply for $local_part@$domain"
-  driver = autoreply
-
-mail_spool:
-  debug_print = "T: appendfile for $local_part@$domain"
-  driver = appendfile
-  file = /var/mail/$local_part
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  group = mail
-  mode = 0660
-  mode_fail_narrower = false
-
-maildrop_pipe:
-  debug_print = "T: maildrop_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/maildrop"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-procmail_pipe:
-  debug_print = "T: procmail_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/procmail"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-remote_smtp:
-  debug_print = "T: remote_smtp for $local_part@$domain"
-  driver = smtp
-#spamcheck:
-#                  debug_print = "T: spamassassin_pipe for $local_part@$domain"
-#                  driver = pipe
-#                  command = /usr/sbin/exim4 -oMr spam-scanned -bS
-#                  use_bsmtp
-#                  transport_filter = /usr/bin/spamc -d 192.168.3.50 -p 783
-#                  home_directory = "/tmp"
-#                  current_directory = "/tmp"
-#                  user = Debian-exim 
-#                  group = Debian-exim
-#                  return_fail_output
-#		  headers_remove = X-Spam-Flag : X-Spam-Status : X-Spam-Level : X-Spam-Scanned
-
-address_directory:
-  debug_print = "T: address_directory for $local_part@$domain"
-  driver = appendfile
-  envelope_to_add = true
-  return_path_add = true
-  check_string = ""
-  escape_string = ""
-  maildir_format
-
-virtual_local:
-  driver = appendfile
-  directory = PGSQL_VIRTUAL_LOCAL_DIR
-  maildir_format
-  user = Debian-exim
-  group = Debian-exim
-  mode = 0666
-  directory_mode = 0700
-  maildir_use_size_file
-#  quota = PGSQL_VIRTUAL_LOCAL_QUOTA
-#  quota_filecount = PGSQL_VIRTUAL_LOCAL_QFILE
-  maildir_quota_directory_regex = ^(?:cur|new|\..*)$
-#  quota_update = PGSQL_VIRTUAL_LOCAL_UP_QUOTA
-#  quota_warn_threshold = PGSQL_VIRTUAL_LOCAL_Q_WARN%
-#  quota_warn_message = "\
-#    To: $local_part@$domain\n\
-#    Subject: Important Votre Boite Mail\n\n\
-#    Votre seuil d'alerte est atteint.\n \
-#    Une fois que votre limire sera atteinte \
-#    tout nouveau message sera sauvegard\xE9 pendant jours tant\n \
-#    que vous n'aurez pas augment\xE9 votre quota ou supprim\xE9 quelques messages.\n \
-#    Pass\xE9 ce d\xE9lais, tout nouveau message \xE0 votre intention sera \
-#    automatiquement retourn\xE9 \xE0 son exp\xE9diteur.\n\n \
-#    Cordialement\n \
-#    Votre gestionnaire de courier"
-list_transport:
-           driver = pipe
-           command = LISTENGINE_QUEUE ${lc:$local_part} ${lc:$domain}
-           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-           user = LISTENGINE_UID
-
-#list_master_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-#           
-#list_sub_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action subscribe ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-#list_unsub_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action unsubscribe ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-#list_info_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action info ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-#list_confirm_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action confirm ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-begin retry
-
-*        quota_7d
-*        quota       F,2h,15m; F,3d,1h
-
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-
-begin rewrite
-
-*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
-                   {$value}fail} Ffrs
-
-*@+local_domains "${if exists {CONFDIR/email-addresses}\
-                    {${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
-		    {$value}fail}}fail}" Ffrs
-
-begin authenticators
-
- plain_server:
-   driver = plaintext
-   public_name = PLAIN
-   server_condition = ${if and {{!eq{$2}{}}{!eq{$3}{}}{eq {$3} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$2}' and domain = '${domain:$2}'} {$value}fail}}}}{1}{0}}
-   server_set_id = $2
-   server_prompts = :
-
- login_server:
-   driver = plaintext
-   public_name = LOGIN
-   server_prompts = "Username:: : Password::"
-   server_condition = ${if and {{!eq{$1}{}}{!eq{$2}{}}{eq {$2} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$1}' and domain = '${domain:$1}'} {$value}fail}}}}{1}{0}}
-   server_set_id = $1
-

Added: trunk/vhffs-doc/config/exim4-mx1/exim4.conf
===================================================================
--- trunk/vhffs-doc/config/exim4-mx1/exim4.conf	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx1/exim4.conf	2007-07-03 14:39:58 UTC (rev 654)
@@ -0,0 +1,432 @@
+hide pgsql_servers = PGHOST/PGDB/PGUSER/PGPASS
+MAIL_HOME=/data/mail/boxes
+PGSQL_LOCAL_DOMAINS = ${lookup pgsql{SELECT DISTINCT domain FROM vhffs_mxdomain WHERE domain = '$domain'}}
+PGSQL_VIRTUAL_LOCAL_DOMAINS = ${lookup pgsql{select vhffs_boxes.domain from vhffs_boxes, vhffs_mxdomain where local_part = '$local_part' and vhffs_boxes.domain = vhffs_mxdomain.domain and vhffs_mxdomain.domain = '$domain'}}
+PGSQL_VIRTUAL_LOCAL_DIR = MAIL_HOME/${lookup pgsql{select boxes_path from vhffs_mxdomain where domain = '$domain'}{$value}fail}/${lookup pgsql{select mbox_name from vhffs_boxes where domain = '$domain' and local_part = '$local_part'}{$value}fail}/Maildir
+PGSQL_VIRTUAL_FORWARD_DATA = ${lookup pgsql{select remote_name from vhffs_forward, vhffs_mxdomain where local_part = '$local_part' and vhffs_forward.domain = vhffs_mxdomain.domain and vhffs_mxdomain.domain = '$domain'}}
+PGSQL_ML_EXIST = ${lookup pgsql{select domain from vhffs_ml where local_part='$local_part' and domain='$domain'}}
+PGSQL_VIRTUAL_CATCHALL = ${lookup pgsql{select catchall from vhffs_mxdomain where domain = '$domain' and catchall != ''}}
+#PGSQL_GET_TX_USER = ${lookup pgsql{select vhffs_user_info.mail from vhffs_user_info, vhffs_users where vhffs_users.uid=vhffs_user_info.uid and vhffs_users.username='$local_part' and 'vhffs.org'='$domain'}}
+#PGSQL_VIRTUAL_LOCAL_QUOTA = ${lookup pgsql{select quota from popbox where local_part = "$local_part" and domaine = "$domain"}}
+#PGSQL_VIRTUAL_LOCAL_QFILE = ${lookup pgsql{select quota_f from popbox where local_part = "$local_part" and domain = "$domain"}}
+#PGSQL_VIRTUAL_LOCAL_Q_WARN = ${lookup pgsql{select quota_warn from popbox where local_part = "$local_part" and domain = "$domain"}}
+#PGSQL_VIRTUAL_LOCAL_UP_QUOTA = ${lookup pgsql{update popbox set quota_f_used = "$quota_total_fcount", quota_used = "$quota_total_used" where local_part = "$local_part" and domain_name = "$domain"}}
+#PGSQL_VIRTUAL_SPAMCHECK = ${lookup pgsql{select domain_name from mxdomain where mxdomain.domain_name = "$domain" and scan = "1"}}
+
+LISTENGINE_HOME=/usr/lib/vhffs/listengine/
+LISTENGINE_QUEUE=LISTENGINE_HOME/listengine.pl
+LISTENGINE_UID=www-data
+LISTENGINE_GID=www-data
+
+exim_path = /usr/sbin/exim4
+
+CONFDIR = /etc/exim4
+
+domainlist local_domains = PGSQL_LOCAL_DOMAINS:localhost
+
+domainlist relay_to_domains = 
+
+hostlist relay_from_hosts = 127.0.0.1
+
+#av_scanner = clamd:192.168.3.50 7777 stream
+
+qualify_domain = mx1.vhffs.org
+
+LOCAL_DELIVERY=mail_spool
+
+gecos_pattern = ^([^,:]*)
+gecos_name = $1
+
+acl_smtp_rcpt = acl_check_rcpt
+
+#acl_smtp_data = acl_check_data
+
+message_size_limit = 10M
+
+smtp_accept_max = 120
+
+smtp_accept_queue_per_connection = 100
+
+smtp_load_reserve = 50.0
+
+deliver_queue_load_max = 20.0
+
+queue_only_load = 20.0
+
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 0s
+
+primary_hostname = mx1.vhffs.org
+
+ignore_bounce_errors_after = 4h
+
+timeout_frozen_after = 7d
+
+remote_max_parallel = 35
+#freeze_tell = postmaster
+
+spool_directory = /var/spool/exim4
+
+trusted_users = Debian-exim 
+
+smtp_banner = "${primary_hostname} ESMTP Vhffs4 Mailer ${tod_full}"
+
+begin acl
+
+#acl_whitelist_local_deny:
+#  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
+#                        {CONFDIR/local_host_whitelist}\
+#                        {}}
+#  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
+#                        {CONFDIR/local_sender_whitelist}\
+#                        {}}
+
+acl_check_rcpt:
+  accept hosts = :
+
+#  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+#       !acl = acl_whitelist_local_deny
+#       senders = ${if exists{CONFDIR/local_sender_blacklist}\
+#                             {CONFDIR/local_sender_blacklist}\
+#                             {}}
+
+#  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+#       !acl = acl_whitelist_local_deny
+#       hosts = ${if exists{CONFDIR/local_host_blacklist}\
+#                             {CONFDIR/local_host_blacklist}\
+#                             {}}
+
+  drop    condition = ${if eq{$sender_helo_name}{}{yes}{no}}
+          message = HELO/EHLO required by SMTP RFC.\n\
+                    Bye dude!
+
+#  accept  senders = ${if exists{CONFDIR/whitelist_sender}\
+#		{CONFDIR/whitelist_sender}\
+#		{}}
+
+#  accept  hosts = ${if exists{CONFDIR/whitelist_host}\
+#		{CONFDIR/whitelist_host}\
+#		{}}
+
+  drop    !verify = sender/no_details
+          message = Unrouteable sender address.\n\
+                    Bye dude!
+
+  deny    local_parts   = ^[.] : ^.*[@%!/|]
+          message       = Restricted characters in address
+
+  accept   hosts = +relay_from_hosts
+
+#  deny    domains       = +local_domains
+#          local_parts   = ^[.] : ^.*[@%!/|]
+#          message       = Restricted characters in address
+
+#  deny    domains       = !+local_domains
+#          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+#          message       = Restricted characters in address
+
+#  drop  !verify = sender/callout=45s
+#	message = \
+#		Your email address is rejected by your mail server.\n\
+#		You can't send mail here with a fake address.\n\
+#		Bye dude!
+
+#  accept local_parts = postmaster
+#         domains = +local_domains : +relay_to_domains
+
+#  warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
+#       !verify = reverse_host_lookup
+
+#  accept authenticated = *
+
+  require  message = Relay not permitted
+           domains = +local_domains : +relay_to_domains
+
+  deny     message = Unknown user
+           domains = +local_domains : +relay_to_domains
+           !verify = recipient
+
+#  deny     message = Unrouteable address
+#           domains = +relay_to_domains
+#           !verify = recipient
+
+#  accept domains = +local_domains
+#         endpass
+#         message = unknown user
+#         verify = recipient
+
+#  accept domains = +relay_to_domains
+#         endpass
+#         message = unrouteable address
+#         verify = recipient
+
+#  deny message = relay not permitted
+
+#acl_check_data:
+
+#  deny message = Message contains malware or a virus ($malware_name).
+#       log_message = $sender_host_address tried sending $malware_name
+#       demime = *
+#       malware = *
+#   warn condition = ${if !def:h_Message-ID: {1}}
+#        hosts = +relay_from_hosts
+#        message = Message-ID: <E$message_id@$primary_hostname>
+
+   accept
+
+begin routers
+
+dnslookup_relay_to_domains:
+  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
+  driver = dnslookup
+  domains = ! +local_domains : +relay_to_domains
+  transport = remote_smtp
+  same_domain_copy_routing = yes
+  no_more
+
+dnslookup:
+  debug_print = "R: dnslookup for $local_part@$domain"
+  driver = dnslookup
+  domains = ! +local_domains
+  transport = remote_smtp
+  same_domain_copy_routing = yes
+  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
+                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
+  no_more
+
+#spamcheck_router:
+#	driver = accept
+#        no_verify
+#	domains = PGSQL_VIRTUAL_SPAMCHECK
+#        condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
+#        transport = spamcheck
+
+virtual_local:
+  driver = accept
+  domains = PGSQL_VIRTUAL_LOCAL_DOMAINS
+  transport = virtual_local
+
+virtual_forward:
+  driver = redirect
+  qualify_preserve_domain = true
+  data = PGSQL_VIRTUAL_FORWARD_DATA
+
+list_director:
+  driver = accept
+  domains = PGSQL_ML_EXIST
+  transport = list_transport
+
+list_sub: 
+   driver = accept
+   local_part_suffix = -request
+   condition = PGSQL_ML_EXIST
+   transport = list_sub_transport
+
+#list_unsub: 
+#   driver = accept
+#   local_part_suffix = -unsubscribe
+#   condition = PGSQL_ML_EXIST
+#   transport = list_unsub_transport
+
+#list_confirm:
+#   driver = accept
+#   local_part_suffix = -confirm
+#   condition = PGSQL_ML_EXIST
+#   transport = list_confirm_transport
+
+virtual_catchall:
+  driver = redirect
+  qualify_preserve_domain = true
+  data = PGSQL_VIRTUAL_CATCHALL
+
+#virtual_tf_users:
+#  driver = redirect
+#  data = PGSQL_GET_TX_USER
+
+system_aliases:
+  debug_print = "R: system_aliases for $local_part@$domain"
+  driver = redirect
+  condition = ${if or { {eq {$domain} {$primary_hostname}} {eq {$domain} {$qualify_domain}}} {1} {0}}
+  allow_fail
+  allow_defer
+  data = ${lookup{$local_part}lsearch{/etc/aliases}}
+  file_transport = address_file
+
+begin transports
+
+address_file:
+  debug_print = "T: address_file for $local_part@$domain"
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_pipe:
+  debug_print = "T: address_pipe for $local_part@$domain"
+  driver = pipe
+  return_fail_output
+
+address_reply:
+  debug_print = "T: autoreply for $local_part@$domain"
+  driver = autoreply
+
+mail_spool:
+  debug_print = "T: appendfile for $local_part@$domain"
+  driver = appendfile
+  file = /var/mail/$local_part
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  group = mail
+  mode = 0660
+  mode_fail_narrower = false
+
+maildrop_pipe:
+  debug_print = "T: maildrop_pipe for $local_part@$domain"
+  driver = pipe
+  path = "/bin:/usr/bin:/usr/local/bin"
+  command = "/usr/bin/maildrop"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+
+procmail_pipe:
+  debug_print = "T: procmail_pipe for $local_part@$domain"
+  driver = pipe
+  path = "/bin:/usr/bin:/usr/local/bin"
+  command = "/usr/bin/procmail"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+
+remote_smtp:
+  debug_print = "T: remote_smtp for $local_part@$domain"
+  driver = smtp
+
+#spamcheck:
+#                  debug_print = "T: spamassassin_pipe for $local_part@$domain"
+#                  driver = pipe
+#                  command = /usr/sbin/exim4 -oMr spam-scanned -bS
+#                  use_bsmtp
+#                  transport_filter = /usr/bin/spamc -d 192.168.3.50 -p 783
+#                  home_directory = "/tmp"
+#                  current_directory = "/tmp"
+#                  user = Debian-exim 
+#                  group = Debian-exim
+#                  return_fail_output
+#		  headers_remove = X-Spam-Flag : X-Spam-Status : X-Spam-Level : X-Spam-Scanned
+
+address_directory:
+  debug_print = "T: address_directory for $local_part@$domain"
+  driver = appendfile
+  envelope_to_add = true
+  return_path_add = true
+  check_string = ""
+  escape_string = ""
+  maildir_format
+
+virtual_local:
+  driver = appendfile
+  directory = PGSQL_VIRTUAL_LOCAL_DIR
+  maildir_format
+  user = Debian-exim
+  group = Debian-exim
+  mode = 0666
+  directory_mode = 0700
+  maildir_use_size_file
+#  quota = PGSQL_VIRTUAL_LOCAL_QUOTA
+#  quota_filecount = PGSQL_VIRTUAL_LOCAL_QFILE
+  maildir_quota_directory_regex = ^(?:cur|new|\..*)$
+#  quota_update = PGSQL_VIRTUAL_LOCAL_UP_QUOTA
+#  quota_warn_threshold = PGSQL_VIRTUAL_LOCAL_Q_WARN%
+#  quota_warn_message = "\
+#    To: $local_part@$domain\n\
+#    Subject: Important Votre Boite Mail\n\n\
+#    Votre seuil d'alerte est atteint.\n \
+#    Une fois que votre limire sera atteinte \
+#    tout nouveau message sera sauvegard\xE9 pendant jours tant\n \
+#    que vous n'aurez pas augment\xE9 votre quota ou supprim\xE9 quelques messages.\n \
+#    Pass\xE9 ce d\xE9lais, tout nouveau message \xE0 votre intention sera \
+#    automatiquement retourn\xE9 \xE0 son exp\xE9diteur.\n\n \
+#    Cordialement\n \
+#    Votre gestionnaire de courier"
+
+list_transport:
+           driver = pipe
+           command = LISTENGINE_QUEUE bounce ${lc:$local_part} ${lc:$domain}
+           current_directory = LISTENGINE_HOME
+#           home_directory = LISTENGINE_HOME
+           user = LISTENGINE_UID
+
+#list_master_transport:
+#           driver = pipe
+#           command = LISTENGINE_QUEUE
+#           current_directory = LISTENGINE_HOME
+#           home_directory = LISTENGINE_HOME
+#           user = LISTENGINE_UID
+#           group = LISTENGINE_GID
+#           
+
+list_sub_transport:
+           driver = pipe
+           command = LISTENGINE_QUEUE request ${lc:$local_part} ${lc:$domain}
+           current_directory = LISTENGINE_HOME
+           home_directory = LISTENGINE_HOME
+           user = LISTENGINE_UID
+           group = LISTENGINE_GID
+
+#list_unsub_transport:
+#           driver = pipe
+#           command = LISTENGINE_QUEUE action unsubscribe ${lc:$local_part}_${lc:$domain}
+#           current_directory = LISTENGINE_HOME
+#           home_directory = LISTENGINE_HOME
+#           user = LISTENGINE_UID
+#           group = LISTENGINE_GID
+
+#list_info_transport:
+#           driver = pipe
+#           command = LISTENGINE_QUEUE action info ${lc:$local_part}_${lc:$domain}
+#           current_directory = LISTENGINE_HOME
+#           home_directory = LISTENGINE_HOME
+#           user = LISTENGINE_UID
+#           group = LISTENGINE_GID
+
+#list_confirm_transport:
+#           driver = pipe
+#           command = LISTENGINE_QUEUE action confirm ${lc:$local_part}_${lc:$domain}
+#           current_directory = LISTENGINE_HOME
+#           home_directory = LISTENGINE_HOME
+#           user = LISTENGINE_UID
+#           group = LISTENGINE_GID
+
+begin retry
+
+#*        quota_7d
+#*        quota       F,2h,15m; F,3d,1h
+*         *           F,4h,1h; G,20h,1h,1.5; F,3d,12h
+
+begin rewrite
+
+#*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
+#                   {$value}fail} Ffrs
+
+#*@+local_domains "${if exists {CONFDIR/email-addresses}\
+#                    {${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
+#		    {$value}fail}}fail}" Ffrs
+
+begin authenticators
+
+# plain_server:
+#   driver = plaintext
+#   public_name = PLAIN
+#   server_condition = ${if and {{!eq{$2}{}}{!eq{$3}{}}{eq {$3} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$2}' and domain = '${domain:$2}'} {$value}fail}}}}{1}{0}}
+#   server_set_id = $2
+#   server_prompts = :
+
+# login_server:
+#   driver = plaintext
+#   public_name = LOGIN
+#   server_prompts = "Username:: : Password::"
+#   server_condition = ${if and {{!eq{$1}{}}{!eq{$2}{}}{eq {$2} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$1}' and domain = '${domain:$1}'} {$value}fail}}}}{1}{0}}
+#   server_set_id = $1

Deleted: trunk/vhffs-doc/config/exim4-mx1/exim4.conf.hash
===================================================================
--- trunk/vhffs-doc/config/exim4-mx1/exim4.conf.hash	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx1/exim4.conf.hash	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,405 +0,0 @@
-hide pgsql_servers = DBHOST/vhffs/vhffs/DBPASS
-MAIL_HOME=/data/mail/boxes/
-PGSQL_LOCAL_DOMAINS = ${lookup pgsql{SELECT DISTINCT domain FROM vhffs_mxdomain WHERE domain = '$domain'}}
-PGSQL_VIRTUAL_LOCAL_DOMAINS = ${lookup pgsql{select vhffs_boxes.domain from vhffs_boxes, vhffs_mxdomain where local_part = '$local_part' and vhffs_boxes.domain = vhffs_mxdomain.domain and vhffs_mxdomain.domain = '$domain'}}
-PGSQL_VIRTUAL_LOCAL_DIR = MAIL_HOME/${lookup pgsql{select domain_hash from vhffs_boxes where domain = '$domain'}{$value}fail}/${lookup pgsql{select mbox_name from vhffs_boxes where domain = '$domain' and local_part = '$local_part'}{$value}fail}/Maildir
-PGSQL_VIRTUAL_FORWARD_DATA = ${lookup pgsql{select remote_name from vhffs_forward, vhffs_mxdomain where local_part = '$local_part' and vhffs_forward.domain = vhffs_mxdomain.domain and vhffs_mxdomain.domain = '$domain'}}
-PGSQL_ML_EXIST = ${lookup pgsql{select domain from mail_list where listname = '$local_part' and domain = '$domain'}}
-PGSQL_VIRTUAL_CATCHALL = ${lookup pgsql{select catchall from vhffs_mxdomain where domain = '$domain' and catchall != ''}}
-PGSQL_GET_TX_USER = ${lookup pgsql{select mail from vhffs_users where username='$local_part' and 'tuxfamily.org'='$domain'}}
-#PGSQL_VIRTUAL_LOCAL_QUOTA = ${lookup pgsql{select quota from popbox where local_part = "$local_part" and domaine = "$domain"}}
-#PGSQL_VIRTUAL_LOCAL_QFILE = ${lookup pgsql{select quota_f from popbox where local_part = "$local_part" and domain = "$domain"}}
-#PGSQL_VIRTUAL_LOCAL_Q_WARN = ${lookup pgsql{select quota_warn from popbox where local_part = "$local_part" and domain = "$domain"}}
-#PGSQL_VIRTUAL_LOCAL_UP_QUOTA = ${lookup pgsql{update popbox set quota_f_used = "$quota_total_fcount", quota_used = "$quota_total_used" where local_part = "$local_part" and domain_name = "$domain"}}
-#PGSQL_VIRTUAL_SPAMCHECK = ${lookup pgsql{select domain_name from mxdomain where mxdomain.domain_name = "$domain" and scan = "1"}}
-
-LISTENGINE_HOME=/vhffs/mail/listengine
-LISTENGINE_QUEUE=LISTENGINE_HOME/listengine.pl
-LISTENGINE_UID=Debian-exim
-LISTENGINE_GID=vhffs
-
-exim_path = /usr/sbin/exim4
-
-CONFDIR = /etc/exim4
-
-domainlist local_domains = PGSQL_LOCAL_DOMAINS:localhost:mx1.tuxfamily.net
-
-domainlist relay_to_domains = 
-
-hostlist relay_from_hosts = 127.0.0.1 : 192.168.1.0/24 
-
-#av_scanner = clamd:192.168.3.50 7777 stream
-
-qualify_domain = tuxfamily.org
-
-LOCAL_DELIVERY=mail_spool
-
-gecos_pattern = ^([^,:]*)
-gecos_name = $1
-
-acl_smtp_rcpt = acl_check_rcpt
-
-#acl_smtp_data = acl_check_data
-
-message_size_limit = 10M
-
-smtp_accept_max = 120
-
-host_lookup = *
-
-primary_hostname = mx1.tuxfamily.net
-
-rfc1413_query_timeout = 0s
-
-ignore_bounce_errors_after = 2d
-
-timeout_frozen_after = 7d
-
-freeze_tell = postmaster
-
-spool_directory = /var/spool/exim4
-
-trusted_users = Debian-exim 
-
-smtp_banner = "${primary_hostname} ESMTP Vhffs4 Mailer ${tod_full}"
-
-begin acl
-
-acl_whitelist_local_deny:
-  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
-                        {CONFDIR/local_host_whitelist}\
-                        {}}
-  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
-                        {CONFDIR/local_sender_whitelist}\
-                        {}}
-
-acl_check_rcpt:
-  accept hosts = : 127.0.0.1 : 192.168.1.0/24 : 213.246.36.36
-
-  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       senders = ${if exists{CONFDIR/local_sender_blacklist}\
-                             {CONFDIR/local_sender_blacklist}\
-                             {}}
-
-  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       hosts = ${if exists{CONFDIR/local_host_blacklist}\
-                             {CONFDIR/local_host_blacklist}\
-                             {}}
-
-  drop  condition = ${if eq{$sender_helo_name}{}{yes}{no}}
-	message = \
-		HELO/EHLO required by SMTP RFC.\n\
-		Bye dude!
-
-  accept  senders = ${if exists{CONFDIR/whitelist_sender}\
-		{CONFDIR/whitelist_sender}\
-		{}}
-
-  accept  hosts = ${if exists{CONFDIR/whitelist_host}\
-		{CONFDIR/whitelist_host}\
-		{}}
-
-  drop  !verify = sender/no_details
-	message = \
-		Unrouteable sender address.\n\
-		Bye dude!
-  
-  drop  !verify = sender/callout=45s
-	message = \
-		Your email address is rejected by your mail server.\n\
-		You can't send mail here with a fake address.\n\
-		Bye dude!
-
-  deny    domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-          message       = restricted characters in address
-
-  deny    domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-          message       = restricted characters in address
-
-  accept local_parts = postmaster
-         domains = +local_domains
-
-  warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
-       !verify = reverse_host_lookup
-
-  accept domains = +local_domains
-         endpass
-         message = unknown user
-         verify = recipient
-
-  accept domains = +relay_to_domains
-         endpass
-         message = unrouteable address
-         verify = recipient
-
-  accept hosts = +relay_from_hosts
-
-  accept authenticated = *
-
-  deny message = relay not permitted
-
-#acl_check_data:
-
-#  deny message = Message contains malware or a virus ($malware_name).
-#       log_message = $sender_host_address tried sending $malware_name
-#       demime = *
-#       malware = *
-#   warn condition = ${if !def:h_Message-ID: {1}}
-#        hosts = +relay_from_hosts
-#        message = Message-ID: <E$message_id@$primary_hostname>
-		      
-
-#   accept
-
-begin routers
-
-dnslookup_relay_to_domains:
-  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains : +relay_to_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  no_more
-
-dnslookup:
-  debug_print = "R: dnslookup for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
-                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
-  no_more
-#spamcheck_router:
-#	driver = accept
-#        no_verify
-#	domains = PGSQL_VIRTUAL_SPAMCHECK
-#        condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
-#        transport = spamcheck
-virtual_local:
-  driver = accept
-  domains = PGSQL_VIRTUAL_LOCAL_DOMAINS
-  transport = virtual_local
-virtual_forward:
-  driver = redirect
-  qualify_preserve_domain = true
-  data = PGSQL_VIRTUAL_FORWARD_DATA
-#list_director:
-#  driver = accept
-#  domains = PGSQL_ML_EXIST
-#  transport = list_transport
-
-#list_sub: 
-#   driver = accept
-#   local_part_suffix = -subscribe
-#   condition = PGSQL_ML_EXIST
-#   transport = list_sub_transport
-
-#list_unsub: 
-#   driver = accept
-#   local_part_suffix = -unsubscribe
-#   condition = PGSQL_ML_EXIST
-#   transport = list_unsub_transport
-
-#list_confirm:
-#   driver = accept
-#   local_part_suffix = -confirm
-#   condition = PGSQL_ML_EXIST
-#   transport = list_confirm_transport
-virtual_catchall:
-  driver = redirect
-  qualify_preserve_domain = true
-  data = PGSQL_VIRTUAL_CATCHALL
-virtual_tf_users:
-  driver = redirect
-  data = PGSQL_GET_TX_USER
-
-system_aliases:
-  debug_print = "R: system_aliases for $local_part@$domain"
-  driver = redirect
-  condition = ${if or { {eq {$domain} {$primary_hostname}} {eq {$domain} {$qualify_domain}}} {1} {0}}
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-  file_transport = address_file
-
-begin transports
-
-address_file:
-  debug_print = "T: address_file for $local_part@$domain"
-  driver = appendfile
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-
-address_pipe:
-  debug_print = "T: address_pipe for $local_part@$domain"
-  driver = pipe
-  return_fail_output
-
-address_reply:
-  debug_print = "T: autoreply for $local_part@$domain"
-  driver = autoreply
-
-mail_spool:
-  debug_print = "T: appendfile for $local_part@$domain"
-  driver = appendfile
-  file = /var/mail/$local_part
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  group = mail
-  mode = 0660
-  mode_fail_narrower = false
-
-maildrop_pipe:
-  debug_print = "T: maildrop_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/maildrop"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-procmail_pipe:
-  debug_print = "T: procmail_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/procmail"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-remote_smtp:
-  debug_print = "T: remote_smtp for $local_part@$domain"
-  driver = smtp
-#spamcheck:
-#                  debug_print = "T: spamassassin_pipe for $local_part@$domain"
-#                  driver = pipe
-#                  command = /usr/sbin/exim4 -oMr spam-scanned -bS
-#                  use_bsmtp
-#                  transport_filter = /usr/bin/spamc -d 192.168.3.50 -p 783
-#                  home_directory = "/tmp"
-#                  current_directory = "/tmp"
-#                  user = Debian-exim 
-#                  group = Debian-exim
-#                  return_fail_output
-#		  headers_remove = X-Spam-Flag : X-Spam-Status : X-Spam-Level : X-Spam-Scanned
-
-address_directory:
-  debug_print = "T: address_directory for $local_part@$domain"
-  driver = appendfile
-  envelope_to_add = true
-  return_path_add = true
-  check_string = ""
-  escape_string = ""
-  maildir_format
-
-virtual_local:
-  driver = appendfile
-  directory = PGSQL_VIRTUAL_LOCAL_DIR
-  maildir_format
-  user = Debian-exim
-  group = Debian-exim
-  mode = 0666
-  directory_mode = 0700
-  maildir_use_size_file
-#  quota = PGSQL_VIRTUAL_LOCAL_QUOTA
-#  quota_filecount = PGSQL_VIRTUAL_LOCAL_QFILE
-  maildir_quota_directory_regex = ^(?:cur|new|\..*)$
-#  quota_update = PGSQL_VIRTUAL_LOCAL_UP_QUOTA
-#  quota_warn_threshold = PGSQL_VIRTUAL_LOCAL_Q_WARN%
-#  quota_warn_message = "\
-#    To: $local_part@$domain\n\
-#    Subject: Important Votre Boite Mail\n\n\
-#    Votre seuil d'alerte est atteint.\n \
-#    Une fois que votre limire sera atteinte \
-#    tout nouveau message sera sauvegard\xE9 pendant jours tant\n \
-#    que vous n'aurez pas augment\xE9 votre quota ou supprim\xE9 quelques messages.\n \
-#    Pass\xE9 ce d\xE9lais, tout nouveau message \xE0 votre intention sera \
-#    automatiquement retourn\xE9 \xE0 son exp\xE9diteur.\n\n \
-#    Cordialement\n \
-#    Votre gestionnaire de courier"
-#list_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-
-#list_master_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-#           
-#list_sub_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action subscribe ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-#list_unsub_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action unsubscribe ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-#list_info_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action info ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-#list_confirm_transport:
-#           driver = pipe
-#           command = LISTENGINE_QUEUE action confirm ${lc:$local_part}_${lc:$domain}
-#           current_directory = LISTENGINE_HOME
-#           home_directory = LISTENGINE_HOME
-#           user = LISTENGINE_UID
-#           group = LISTENGINE_GID
-
-begin retry
-
-*        quota_7d
-*        quota       F,2h,15m; F,3d,1h
-
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-
-begin rewrite
-
-*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
-                   {$value}fail} Ffrs
-
-*@+local_domains "${if exists {CONFDIR/email-addresses}\
-                    {${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
-		    {$value}fail}}fail}" Ffrs
-
-begin authenticators
-
- plain_server:
-   driver = plaintext
-   public_name = PLAIN
-   server_condition = ${if and {{!eq{$2}{}}{!eq{$3}{}}{eq {$3} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$2}' and domain = '${domain:$2}'} {$value}fail}}}}{1}{0}}
-   server_set_id = $2
-   server_prompts = :
-
- login_server:
-   driver = plaintext
-   public_name = LOGIN
-   server_prompts = "Username:: : Password::"
-   server_condition = ${if and {{!eq{$1}{}}{!eq{$2}{}}{eq {$2} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$1}' and domain = '${domain:$1}'} {$value}fail}}}}{1}{0}}
-   server_set_id = $1
-

Deleted: trunk/vhffs-doc/config/exim4-mx1/exim4.conf.template
===================================================================
--- trunk/vhffs-doc/config/exim4-mx1/exim4.conf.template	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx1/exim4.conf.template	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,1289 +0,0 @@
-#####################################################
-### main/01_exim4-config_listmacrosdefs
-#####################################################
-
-######################################################################
-#                  Runtime configuration file for Exim               #
-######################################################################
-
-######################################################################
-#                    MAIN CONFIGURATION SETTINGS                     #
-######################################################################
-
-# Just for reference and scripts, on debian, the main binary is
-# installed as exim4
-exim_path = /usr/sbin/exim4
-
-# Macro defining the main configuration directory, we use no abolute
-# paths.
-CONFDIR = /etc/exim4
-
-# Define a macro DC_minimaldns if dc_minimaldns=true, to use in
-# .ifdef-statements otherwise this expands to an empty line
-DEBCONFminimaldnsDEBCONF
-
-# The next three settings create two lists of domains and one list of hosts.
-# These lists are referred to later in this configuration using the syntax
-# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
-# are all colon-separated lists:
-
-# '@' refers to 'the name of the local host'
-
-### EXPANSION-begins ######################
-domainlist local_domains = DEBCONFlocal_domainsDEBCONF
-
-domainlist relay_to_domains = DEBCONFrelay_domainsDEBCONF
-
-hostlist relay_from_hosts = 127.0.0.1 : ::::1 : DEBCONFrelay_netsDEBCONF
-
-
-# Specify the domain you want to be added to all unqualified addresses
-# here. An unqualified address is one that does not contain an "@" character
-# followed by a domain. For example, "caesar@rome.example" is a fully qualified
-# address, but the string "caesar" (i.e. just a login name) is an unqualified
-# email address. Unqualified addresses are accepted only from local callers by
-# default. See the recipient_unqualified_hosts option if you want to permit
-# unqualified addresses from remote sources. If this option is not set, the
-# primary_hostname value is used for qualification.
-qualify_domain = DEBCONFvisiblenameDEBCONF
-
-# only used for satellite-system
-.ifndef DCreadhost
-DCreadhost = DEBCONFreadhostDEBCONF
-.endif
-
-#for satellite and smarthost-systems
-.ifndef DCsmarthost
-DCsmarthost = DEBCONFsmarthostDEBCONF
-.endif
-
-# listen on all all interfaces?
-DEBCONFlistenonpublicDEBCONF
-### EXPANSION-ends   ######################
-
-# The default transport, set in /etc/exim4/update-exim4.conf.conf. See
-# CONFDIR/conf.d/transport/ for possibilities
-LOCAL_DELIVERY=DEBCONFlocaldeliveryDEBCONF
-
-# The gecos field in /etc/passwd holds not only the name. see passwd(5).
-gecos_pattern = ^([^,:]*)
-gecos_name = $1
-
-
-# define a macro DCconfig_smarthost, DCconfig_satellite, etc. we need this
-# for .ifdef ... .endif
-DCconfig_DEBCONFconfigtypeDEBCONF = 1
-#####################################################
-### end main/01_exim4-config_listmacrosdefs
-#####################################################
-#####################################################
-### main/02_exim4-config_options
-#####################################################
-
-### main/02_exim4-config_options
-#################################
-
-# This option defines the access control list that is run when an
-# SMTP RCPT command is received.
-#
-acl_smtp_rcpt = acl_check_rcpt
-
-# This option defines the access control list that is run when an
-# SMTP DATA command is received.
-#
-acl_smtp_data = acl_check_data
-
-# Define a message size limit. You can either change it here, or set the
-# MESSAGE_SIZE_LIMIT macro. The default (used when MESSAGE_SIZE_LIMIT
-# is unset and/or message_size_limit is unset) is 50 MB
-.ifdef MESSAGE_SIZE_LIMIT
-message_size_limit = MESSAGE_SIZE_LIMIT
-.endif
-
-# If you want unqualified recipient addresses to be qualified with a different
-# domain to unqualified sender addresses, specify the recipient domain here.
-# If this option is not set, the qualify_domain value is used.
-#
-# qualify_recipient = 
-
-# The following line must be uncommented if you want Exim to recognize
-# addresses of the form "user@[10.11.12.13]" that is, with a "domain literal"
-# (an IP address) instead of a named domain. The RFCs still require this form,
-# but it makes little sense to permit mail to be sent to specific hosts by
-# their IP address in the modern Internet. This ancient format has been used
-# by those seeking to abuse hosts by using them for unwanted relaying. If you
-# really do want to support domain literals, uncomment the following line, and
-# see also the "domain_literal" router.
-#
-# allow_domain_literals
-
-.ifndef DC_minimaldns
-# The setting below causes Exim to do a reverse DNS lookup on all incoming
-# IP calls, in order to get the true host name. If you feel this is too
-# expensive, you can specify the networks for which a lookup is done, or
-# remove the setting entirely.
-#
-host_lookup = *
-.endif
-
-# For minimaldns try to guess the primary_hostname only once at startup, when
-# running update-exim4.conf
-DEBCONF_hardcode_primary_hostname_DEBCONF
-
-# The settings below, which are actually the same as the defaults in the
-# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
-# calls. You can limit the hosts to which these calls are made, and/or change
-# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
-# are disabled. RFC 1413 calls are cheap and can provide useful information
-# for tracing problem messages, but some hosts and firewalls have problems
-# with them. This can result in a timeout instead of an immediate refused
-# connection, leading to delays on starting up an SMTP session.
-#
-rfc1413_hosts = *
-rfc1413_query_timeout = 30s
-
-# By default, exim forces a Sender: header containing the local
-# account name at the local host name in all locally submitted messages
-# that don't have the local account name at the local host name in the
-# From: header, deletes any Sender: header present in the submitted
-# message and forces the envelope sender of all locally submitted
-# messages to the local account name at the local host name.
-# The following settings allow local users to specify their own envelope sender
-# in a locally submitted message. Sender: headers existing in a locally
-# submitted message are not removed, and no automatic Sender: headers
-# are added. These settings are fine for most hosts.
-# If you run exim on a classical multi-user systems where all users
-# have local mailboxes that can be reached via SMTP from the Internet
-# with the local FQDN as the domain part of the address, you might want
-# to disable the following three lines for traceability reasons.
-local_from_check = false
-local_sender_retain = true
-untrusted_set_sender = *
-
-# By default, Exim expects all envelope addresses to be fully qualified, that
-# is, they must contain both a local part and a domain. If you want to accept
-# unqualified addresses (just a local part) from certain hosts, you can specify
-# these hosts by setting one or both of
-#
-# sender_unqualified_hosts =
-# recipient_unqualified_hosts =
-#
-# to control sender and recipient addresses, respectively. When this is done,
-# unqualified addresses are qualified using the settings of qualify_domain
-# and/or qualify_recipient (see above).
-
-# If you want Exim to support the "percent hack" for certain domains,
-# uncomment the following line and provide a list of domains. The "percent
-# hack" is the feature by which mail addressed to x%y@z (where z is one of
-# the domains listed) is locally rerouted to x@y and sent on. If z is not one
-# of the "percent hack" domains, x%y is treated as an ordinary local part. This
-# hack is rarely needed nowadays; you should not enable it unless you are sure
-# that you really need it.
-#
-# percent_hack_domains =
-
-# When Exim can neither deliver a message nor return it to sender, it "freezes"
-# the delivery error message (aka "bounce message"). There are also other
-# circumstances in which messages get frozen. They will stay on the queue for
-# ever unless one of the following options is set.
-
-# This option unfreezes frozen bounce messages after two days, tries
-# once more to deliver them, and ignores any delivery failures.
-#
-ignore_bounce_errors_after = 2d
-
-# This option cancels (removes) frozen messages that are older than a week.
-#
-timeout_frozen_after = 7d
-
-freeze_tell = postmaster
-
-# Only for interacting with other packages, to make it possible to use
-# -DSPOOLDIR to override it on the command line
-.ifndef SPOOLDIR
-SPOOLDIR = /var/spool/exim4
-.endif
-spool_directory = SPOOLDIR
-
-# uucp should be able to set envelope-from to arbitrary values
-trusted_users = uucp
-
-# uncomment this to get the Debian version in the SMTP dialog
-# smtp_banner = "${primary_hostname} ESMTP Exim ${version_number} (Debian package DEBCONFpackageversionDEBCONF) ${tod_full}"
-
-#####################################################
-### end main/02_exim4-config_options
-#####################################################
-#####################################################
-### main/03_exim4-config_tlsoptions
-#####################################################
-# Example for TLS/SSL configuration.
-
-# See /usr/share/doc/exim4-base/README.TLS* for explanations.
-
-# Defines that you want to log what cipher your exim and the peer's mailer
-# uses to encrypt the transaction. It also defines you want to log the 'DN'
-# (Distinguished Name) of the certificate of the peer.
-#
-# log_selector = +tls_cipher +tls_peerdn
-
-# Defines what hosts to 'advertise' STARTTLS functionality to. Setting this
-# to * will advertise to all hosts that connect with EHLO, and this is a
-# good default
-#
-# tls_advertise_hosts = *
-
-# Defines where your SSL-certificate and SSL-Private Key are located.
-# This requires a full path. The files pointed to must be kept 'secret'
-# and should be owned my root.Debian-exim mode 640 (-rw-r-----). Usually the
-# exim-gencert script takes care of these prerequisites.
-#
-# tls_certificate = CONFDIR/exim.crt
-# tls_privatekey = CONFDIR/exim.key
-
-# A file which contains the certificates of the trusted CAs (Certification
-# Authorities) against which host certificates can be checked (through the
-# `tls_verify_hosts' and `tls_try_verify_hosts' lists below).
-# /etc/ssl/certs/ca-certificates.crt is generated by
-# the "ca-certificates" package's update-ca-certificates(8) command.
-#
-#tls_verify_certificates = /etc/ssl/certs/ca-certificates.crt
-
-# A list of hosts which are constrained by `tls_verify_certificates'. A host
-# that matches `tls_verify_host' must present a certificate that's
-# verifyable through `tls_verify_certificates' in order to be accepted as an
-# SMTP client. If it does not, the connection is aborted.
-#
-#tls_verify_hosts = 
-
-# A weaker form of checking: if a client matches `tls_try_verify_hosts' (but
-# not `tls_verify_hosts'), request a certificate and check it against
-# `tls_verify_certificates' but do not abort the connection if there is no
-# certificate or if the certificate presented does not match. (This
-# condition can be tested for in ACLs through `verify = certificate')
-#
-#tls_try_verify_hosts = *
-#####################################################
-### end main/03_exim4-config_tlsoptions
-#####################################################
-#####################################################
-### acl/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                       ACL CONFIGURATION                            #
-#         Specifies access control lists for incoming SMTP mail      #
-######################################################################
-begin acl
-
-
-#####################################################
-### end acl/00_exim4-config_header
-#####################################################
-#####################################################
-### acl/20_exim4-config_whitelist_local_deny
-#####################################################
-# This access control list is used to determine whitelisted senders and
-# hosts. It checks for CONFDIR/local_host_whitelist and
-# CONFDIR/local_sender_whitelist.
-#
-# It is meant to be used from some other acl entry.
-#
-# For example,
-# deny message = local blacklist example
-#      !acl = acl_whitelist
-#      dnslist = some.dns.list.example
-# will allow messages with envelope sender listed in local_sender_whitelist
-# or messages coming in from hosts listed in local_host_whitelist to be
-# accepted even if the delivering host is listed in the dns list.
-#
-# Whitelisting can also be configured by including negative items in the
-# black list. See /usr/share/doc/exim4-config/default_acl for details.
-#
-# If the files do not exist, the white list never matches, which is
-# the desired behaviour.
-
-acl_whitelist_local_deny:
-  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
-                        {CONFDIR/local_host_whitelist}\
-                        {}}
-  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
-                        {CONFDIR/local_sender_whitelist}\
-                        {}}
-
-
-#####################################################
-### end acl/20_exim4-config_whitelist_local_deny
-#####################################################
-#####################################################
-### acl/30_exim4-config_check_rcpt
-#####################################################
-# This access control list is used for every RCPT command in an incoming
-# SMTP message. The tests are run in order until the address is either
-# accepted or denied.
-#
-acl_check_rcpt:
-  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
-  # testing for an empty sending host field.
-  accept hosts = :
-
-  # The following section of the ACL is concerned with local parts that contain
-  # @ or % or ! or / or | or dots in unusual places.
-  #
-  # The characters other than dots are rarely found in genuine local parts, but
-  # are often tried by people looking to circumvent relaying restrictions.
-  # Therefore, although they are valid in local parts, these rules lock them
-  # out, as a precaution.
-  #
-  # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
-  # allows them because they have been encountered. (Consider local parts
-  # constructed as "firstinitial.secondinitial.familyname" when applied to
-  # someone like me, who has no second initial.) However, a local part starting
-  # with a dot or containing /../ can cause trouble if it is used as part of a
-  # file name (e.g. for a mailing list). This is also true for local parts that
-  # contain slashes. A pipe symbol can also be troublesome if the local part is
-  # incorporated unthinkingly into a shell command line.
-  #
-  # Two different rules are used. The first one is stricter, and is applied to
-  # messages that are addressed to one of the local domains handled by this
-  # host. It blocks local parts that begin with a dot or contain @ % ! / or |.
-  # If you have local accounts that include these characters, you will have to
-  # modify this rule.
-  deny    domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-          message       = restricted characters in address
-
-  # The second rule applies to all other domains, and is less strict. This
-  # allows your own users to send outgoing messages to sites that use slashes
-  # and vertical bars in their local parts. It blocks local parts that begin
-  # with a dot, slash, or vertical bar, but allows these characters within the
-  # local part. However, the sequence /../ is barred. The use of @ % and ! is
-  # blocked, as before. The motivation here is to prevent your users (or
-  # your users' viruses) from mounting certain kinds of attack on remote sites.
-
-  deny    domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-          message       = restricted characters in address
-
-  # Accept mail to postmaster in any local domain, regardless of the source,
-  # and without verifying the sender.
-  #
-  accept local_parts = postmaster
-         domains = +local_domains
-
-  # deny bad senders (envelope sender)
-  # CONFDIR/local_sender_blacklist holds a list of envelope senders that
-  # should have their access denied to the local host. Incoming messages
-  # with one of these senders are rejected at RCPT time.
-  #
-  # The explicit white lists are honored as well as negative items in
-  # the black list. See /usr/share/doc/exim4-config/default_acl for details.
-  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       senders = ${if exists{CONFDIR/local_sender_blacklist}\
-                             {CONFDIR/local_sender_blacklist}\
-                             {}}
-
-  # deny bad sites (IP address)
-  # CONFDIR/local_host_blacklist holds a list of host names, IP addresses
-  # and networks (CIDR notation)  that should have their access denied to
-  # The local host. Messages coming in from a listed host will have all
-  # RCPT statements rejected.
-  #
-  # The explicit white lists are honored as well as negative items in
-  # the black list. See /usr/share/doc/exim4-config/default_acl for details.
-  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       hosts = ${if exists{CONFDIR/local_host_blacklist}\
-                             {CONFDIR/local_host_blacklist}\
-                             {}}
-
-
-  # Deny unless the sender address can be verified.
-  #
-  # This is disabled by default so that DNSless systems don't break. If
-  # your system can do DNS lookups without delay or cost, you might want
-  # to enable the following line.
-  # deny message = Sender verification failed
-  #      !acl = acl_whitelist_local_deny
-  #      !verify = sender
-
-  # Warn if the sender host does not have valid reverse DNS.
-  # 
-  # This is disabled by default so that DNSless systems don't break. If
-  # your system can do DNS lookups without delay or cost, you might want
-  # to enable the following lines.
-  # warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
-  #      !verify = reverse_host_lookup
-
-
-  #############################################################################
-  # There are no checks on DNS "black" lists because the domains that contain
-  # these lists are changing all the time. You can find examples of
-  # how to use dnslists in /usr/share/doc/exim4-config/examples/acl
-  #############################################################################
-
-  # Accept if the address is in a local domain, but only if the recipient can
-  # be verified. Otherwise deny. The "endpass" line is the border between
-  # passing on to the next ACL statement (if tests above it fail) or denying
-  # access (if tests below it fail).
-  #
-  accept domains = +local_domains
-         endpass
-         message = unknown user
-         verify = recipient
-
-  # Accept if the address is in a domain for which we are relaying, but again,
-  # only if the recipient can be verified.
-  #
-  accept domains = +relay_to_domains
-         endpass
-         message = unrouteable address
-         verify = recipient
-
-  # If control reaches this point, the domain is neither in +local_domains
-  # nor in +relay_to_domains.
-
-  # Accept if the message comes from one of the hosts for which we are an
-  # outgoing relay. Recipient verification is omitted here, because in many
-  # cases the clients are dumb MUAs that don't cope well with SMTP error
-  # responses. If you are actually relaying out from MTAs, you should probably
-  # add recipient verification here.
-  #
-  accept hosts = +relay_from_hosts
-
-  # Accept if the message arrived over an authenticated connection, from
-  # any host. Again, these messages are usually from MUAs, so recipient
-  # verification is omitted.
-  #
-  accept authenticated = *
-
-  # Reaching the end of the ACL causes a "deny", but we might as well give
-  # an explicit message.
-  #
-  deny message = relay not permitted
-
-
-
-#####################################################
-### end acl/30_exim4-config_check_rcpt
-#####################################################
-#####################################################
-### acl/40_exim4-config_check_data
-#####################################################
-# 40_exim4-config_check_data
-
-acl_check_data:
-   # Add Message-ID if missing
-   warn condition = ${if !def:h_Message-ID: {1}}
-        hosts = +relay_from_hosts
-        message = Message-ID: <E$message_id@$primary_hostname>
-		      
-   # Deny unless the address list headers are syntactically correct.
-   #
-   # This is disabled by default because it might reject legitimate mail.
-   # If you want your system to insist on syntactically valid address
-   # headers, you might want to enable the following lines.
-   # deny message = Message headers fail syntax check
-   #	!acl = acl_whitelist_local_deny
-   #    !verify = header_syntax
-
-   # require that there is a verifiable sender address in at least
-   # one of the "Sender:", "Reply-To:", or "From:" header lines.
-   # deny message = No verifiable sender address in message headers
-   #	!acl = acl_whitelist_local_deny
-   #    !verify = header_sender
-
-   # accept otherwise
-   accept
-#####################################################
-### end acl/40_exim4-config_check_data
-#####################################################
-#####################################################
-### router/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      ROUTERS CONFIGURATION                         #
-#               Specifies how addresses are handled                  #
-######################################################################
-#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
-# An address is passed to each router in turn until it is accepted.  #
-######################################################################
-
-begin routers
-
-#####################################################
-### end router/00_exim4-config_header
-#####################################################
-#####################################################
-### router/100_exim4-config_domain_literal
-#####################################################
-
-# This router routes to remote hosts over SMTP by explicit IP address,
-# when an email address is given in "domain literal" form, for example,
-# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
-# little-known these days, and has been exploited by evil people seeking
-# to abuse SMTP relays. Consequently it is commented out in the default
-# configuration. If you uncomment this router, you also need to uncomment
-# allow_domain_literals above, so that Exim can recognize the syntax of
-# domain literal addresses.
-
-# domain_literal:
-#   debug_print = "R: domain_literal for $local_part@$domain"
-#   driver = ipliteral
-#   domains = ! +local_domains
-#   transport = remote_smtp
-
-#####################################################
-### end router/100_exim4-config_domain_literal
-#####################################################
-#####################################################
-### router/150_exim4-config_hubbed_hosts
-#####################################################
-
-# router/150_exim4-config_hubbed_hosts
-#################################
-
-# route specific domains manually.
-#
-# The most common application of this router is to handle relaying to nonlocal
-# domains that the local host is primary MX for. That means that local
-# information needs to be present for a domain to be handled correctly.
-#
-# That information is put into the optional file /etc/exim4/hubbed_hosts
-# which contains key-value pairs of domain pattern and route data.
-#
-# foo.example: internal.mail.example.com
-# bar.example: 192.168.183.3
-#
-# will cause mail for foo.example to be sent to the host
-# internal.mail.example (IP address derived from A record only), and
-# mail to bar.example to be sent to 192.168.183.3.
-#
-# If the file /etc/exim4/hubbed_hosts does not exist, this router is a
-# no-op.
-
-hubbed_hosts:
-  debug_print = "R: hubbed_hosts for $domain"
-  driver = manualroute
-  domains = "${if exists{CONFDIR/hubbed_hosts}\
-                   {partial-lsearch;CONFDIR/hubbed_hosts}\
-              fail}"
-  route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
-  transport = remote_smtp
-#####################################################
-### end router/150_exim4-config_hubbed_hosts
-#####################################################
-#####################################################
-### router/200_exim4-config_primary
-#####################################################
-
-### router/200_exim4-config_primary
-#################################
-# This file holds the primary router, responsible for nonlocal mails
-
-.ifdef DCconfig_internet
-# configtype=internet
-#
-# deliver mail to the recipient if recipient domain is a domain we
-# relay for. We do not ignore any target hosts here since delivering to
-# a site local or even a link local address might be wanted here, and if
-# such an address has found its way into the MX record of such a domain,
-# the local admin is probably in a place where that broken MX record
-# could be fixed.
-
-dnslookup_relay_to_domains:
-  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains : +relay_to_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  no_more
-
-# deliver mail directly to the recipient. This router is only reached
-# for domains that we do not relay for. Since we most probably can't
-# have broken MX records pointing to site local or link local IP
-# addresses fixed, we ignore target hosts pointing to these addresses.
-
-dnslookup:
-  debug_print = "R: dnslookup for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  # ignore private rfc1918 and APIPA addresses
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
-                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
-  no_more
-
-.endif
-
-
-.ifdef DCconfig_local
-# configtype=local
-#
-# Stand-alone system, so generate an error for mail to a non-local domain
-nonlocal:
-  debug_print = "R: nonlocal for $local_part@$domain"
-  driver = redirect
-  domains = ! +local_domains
-  allow_fail
-  data = :fail: Mailing to remote domains not supported
-  no_more
-
-.endif
-
-
-.ifdef DCconfig_smarthost DCconfig_satellite
-# configtype=smarthost or configtype=satellite
-#
-# Send all non-local mail to a single other machine (smarthost).
-#
-# This means _ALL_ non-local mail goes to the smarthost. This will most
-# probably not do what you want for domains that are listed in
-# relay_domains. The most typical use for relay_domains is to control
-# relaying for incoming e-mail on secondary MX hosts. In that case,
-# it doesn't make sense to send the mail to the smarthost since the
-# smarthost will probably send the message right back here, causing a
-# loop.
-#
-# If you want to use a smarthost while being secondary MX for some
-# domains, you'll need to copy the dnslookup_relay_to_domains router
-# here so that mail to relay_domains is handled separately.
-
-smarthost:
-  debug_print = "R: smarthost for $local_part@$domain"
-  driver = manualroute
-  domains = ! +local_domains
-  transport = remote_smtp_smarthost
-  route_list = * DCsmarthost byname
-  host_find_failed = defer
-  same_domain_copy_routing = yes
-  no_more
-
-.endif
-
-
-# The "no_more" above means that all later routers are for
-# domains in the local_domains list, i.e. just like Exim 3 directors.
-#####################################################
-### end router/200_exim4-config_primary
-#####################################################
-#####################################################
-### router/300_exim4-config_real_local
-#####################################################
-
-real_local:
-  debug_print = "R: real_local for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  local_part_prefix = real-
-  check_local_user
-  transport = LOCAL_DELIVERY
-
-#####################################################
-### end router/300_exim4-config_real_local
-#####################################################
-#####################################################
-### router/400_exim4-config_system_aliases
-#####################################################
-
-# This router handles aliasing using a traditional /etc/aliases file.
-#
-##### NB  You must ensure that /etc/aliases exists. It used to be the case
-##### NB  that every Unix had that file, because it was the Sendmail default.
-##### NB  These days, there are systems that don't have it. Your aliases
-##### NB  file should at least contain an alias for "postmaster".
-#
-# Piping to programs in /etc/aliases is disabled per default.
-# If that is a problem for you, see
-#   /usr/share/doc/exim4-config/README.system_aliases
-# or explanation and some workarounds.
-#
-# Note that the transports listed below are the same as are used for
-# .forward files; you might want to set up different ones for pipe and
-# file deliveries from aliases.
-
-system_aliases:
-  debug_print = "R: system_aliases for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-#  user = list
-#  group = mail
-  file_transport = address_file
-# pipe_transport = address_pipe
-# directory_transport = address_directory
-#####################################################
-### end router/400_exim4-config_system_aliases
-#####################################################
-#####################################################
-### router/500_exim4-config_hubuser
-#####################################################
-
-### router/500_exim4-config_hubuser
-#################################
-
-.ifdef DCconfig_satellite
-# This router is only used for configtype=satellite.
-# It takes care to route all mail targetted to <somelocaluser@this.machine>
-# to the host where we read our mail
-#
-hub_user:
-  debug_print = "R: hub_user for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  data = ${local_part}@DCreadhost
-  check_local_user
-
-.endif
-
-
-#####################################################
-### end router/500_exim4-config_hubuser
-#####################################################
-#####################################################
-### router/600_exim4-config_userforward
-#####################################################
-
-# router/600_exim4-config_userforward
-#################################
-
-# This router handles forwarding using traditional .forward files in users'
-# home directories and filtering with exim's builtin filter language. 
-#
-# The no_verify setting means that this router is skipped when Exim is
-# verifying addresses. Similarly, no_expn means that this router is skipped if
-# Exim is processing an EXPN command.
-#
-# The check_ancestor option means that if the forward file generates an
-# address that is an ancestor of the current one, the current one gets
-# passed on instead. This covers the case where A is aliased to B and B
-# has a .forward file pointing to A.
-#
-# The four transports specified at the end are those that are used when
-# forwarding generates a direct delivery to a directory, or a file, or to a
-# pipe, or sets up an auto-reply, respectively.
-#
-userforward:
-  debug_print = "R: userforward for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  check_local_user
-  file = $home/.forward
-  no_verify
-  no_expn
-  check_ancestor
-  allow_filter
-  directory_transport = address_directory
-  file_transport = address_file
-  pipe_transport = address_pipe
-  reply_transport = address_reply
-  skip_syntax_errors
-  syntax_errors_to = real-$local_part@$domain
-  syntax_errors_text = \
-    This is an automatically generated message. An error has\n\
-    been found in your .forward file. Details of the error are\n\
-    reported below. While this error persists, you will receive\n\
-    a copy of this message for every message that is addressed\n\
-    to you. If your .forward file is a filter file, or if it is\n\
-    a non-filter file containing no valid forwarding addresses,\n\
-    a copy of each incoming message will be put in your normal\n\
-    mailbox. If a non-filter file contains at least one valid\n\
-    forwarding address, forwarding to the valid addresses will\n\
-    happen, and those will be the only deliveries that occur.
-
-#####################################################
-### end router/600_exim4-config_userforward
-#####################################################
-#####################################################
-### router/700_exim4-config_procmail
-#####################################################
-
-procmail:
-  debug_print = "R: procmail for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  check_local_user
-  transport = procmail_pipe
-  # emulate OR with "if exists"-expansion
-  require_files = ${local_part}:\
-                  ${if exists{/etc/procmailrc}\
-                    {/etc/procmailrc}{${home}/.procmailrc}}:\
-                  +/usr/bin/procmail
-  no_verify
-  no_expn
-
-#####################################################
-### end router/700_exim4-config_procmail
-#####################################################
-#####################################################
-### router/800_exim4-config_maildrop
-#####################################################
-
-### router/800_exim4-config_maildrop
-#################################
-
-maildrop:
-  debug_print = "R: maildrop for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  check_local_user
-  transport = maildrop_pipe
-  require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
-  no_verify
-  no_expn
-
-#####################################################
-### end router/800_exim4-config_maildrop
-#####################################################
-#####################################################
-### router/900_exim4-config_local_user
-#####################################################
-
-### router/900_exim4-config_local_user
-#################################
-
-local_user:
-  debug_print = "R: local_user for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  check_local_user
-  local_parts = ! root
-  transport = LOCAL_DELIVERY
-
-
-
-#####################################################
-### end router/900_exim4-config_local_user
-#####################################################
-#####################################################
-### router/mmm_mail4root
-#####################################################
-
-### router/mmm_mail4root
-#################################
-# deliver mail addressed to root to /var/mail/mail as user mail:mail
-# if it was not redirected in /etc/aliases or by other means
-# Exim cannot deliver as root since 4.24 (FIXED_NEVER_USERS)
-
-mail4root:
-  debug_print = "R: mail4root for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  data = /var/mail/mail
-  file_transport = address_file
-  local_parts = root
-  user = mail
-  group = mail
-
-#####################################################
-### end router/mmm_mail4root
-#####################################################
-#####################################################
-### transport/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      TRANSPORTS CONFIGURATION                      #
-######################################################################
-#                       ORDER DOES NOT MATTER                        #
-#     Only one appropriate transport is called for each delivery.    #
-######################################################################
-
-# A transport is used only when referenced from a router that successfully
-# handles an address.
-
-begin transports
-
-#####################################################
-### end transport/00_exim4-config_header
-#####################################################
-#####################################################
-### transport/30_exim4-config_address_file
-#####################################################
-
-# This transport is used for handling deliveries directly to files that are
-# generated by aliasing or forwarding.
-#
-address_file:
-  debug_print = "T: address_file for $local_part@$domain"
-  driver = appendfile
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-
-#####################################################
-### end transport/30_exim4-config_address_file
-#####################################################
-#####################################################
-### transport/30_exim4-config_address_pipe
-#####################################################
-
-# This transport is used for handling pipe deliveries generated by alias or
-# .forward files. If the commands fails and produces any output on standard
-# output or standard error streams, the output is returned to the sender
-# of the message as a delivery error.
-# You can set different transports for aliases and forwards if you want to
-# - see the references to address_pipe in the routers section above.
-address_pipe:
-  debug_print = "T: address_pipe for $local_part@$domain"
-  driver = pipe
-  return_fail_output
-
-#####################################################
-### end transport/30_exim4-config_address_pipe
-#####################################################
-#####################################################
-### transport/30_exim4-config_address_reply
-#####################################################
-
-# This transport is used for handling autoreplies generated by the filtering
-# option of the userforward router.
-#
-address_reply:
-  debug_print = "T: autoreply for $local_part@$domain"
-  driver = autoreply
-
-#####################################################
-### end transport/30_exim4-config_address_reply
-#####################################################
-#####################################################
-### transport/30_exim4-config_mail_spool
-#####################################################
-
-### transport/30_exim4-config_mail_spool
-
-# This transport is used for local delivery to user mailboxes in traditional
-# BSD mailbox format.
-#
-mail_spool:
-  debug_print = "T: appendfile for $local_part@$domain"
-  driver = appendfile
-  file = /var/mail/$local_part
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  group = mail
-  mode = 0660
-  mode_fail_narrower = false
-
-#####################################################
-### end transport/30_exim4-config_mail_spool
-#####################################################
-#####################################################
-### transport/30_exim4-config_maildir_home
-#####################################################
-
-### transport/30_exim4-config_maildir_home
-
-# Use this instead of mail_spool if you want to to deliver to Maildir in
-# home-directory - change the definition of LOCAL_DELIVERY
-#
-maildir_home:
-  debug_print = "T: maildir_home for $local_part@$domain"
-  driver = appendfile
-  directory = $home/Maildir
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  maildir_format
-  mode = 0600
-  mode_fail_narrower = false
-
-#####################################################
-### end transport/30_exim4-config_maildir_home
-#####################################################
-#####################################################
-### transport/30_exim4-config_maildrop_pipe
-#####################################################
-
-maildrop_pipe:
-  debug_print = "T: maildrop_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/maildrop"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-#####################################################
-### end transport/30_exim4-config_maildrop_pipe
-#####################################################
-#####################################################
-### transport/30_exim4-config_procmail_pipe
-#####################################################
-
-procmail_pipe:
-  debug_print = "T: procmail_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/procmail"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-#####################################################
-### end transport/30_exim4-config_procmail_pipe
-#####################################################
-#####################################################
-### transport/30_exim4-config_remote_smtp
-#####################################################
-
-### transport/30_exim4-config_remote_smtp
-#################################
-# This transport is used for delivering messages over SMTP connections.
-remote_smtp:
-  debug_print = "T: remote_smtp for $local_part@$domain"
-  driver = smtp
-#####################################################
-### end transport/30_exim4-config_remote_smtp
-#####################################################
-#####################################################
-### transport/30_exim4-config_remote_smtp_smarthost
-#####################################################
-
-### transport/30_exim4-config_remote_smtp_smarthost
-#################################
-
-# This transport is used for delivering messages over SMTP connections
-# to a smarthost. The local host tries to authenticate and does some
-# modification in headers and return-path.
-# This transport is used for smarthost and satellite configurations.
-
-remote_smtp_smarthost:
-  debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
-  driver = smtp
-  hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}}
-  tls_tempfail_tryclear = false
-  DEBCONFheaders_rewriteDEBCONF
-  DEBCONFreturn_pathDEBCONF
-#####################################################
-### end transport/30_exim4-config_remote_smtp_smarthost
-#####################################################
-#####################################################
-### transport/35_exim4-config_address_directory
-#####################################################
-# This transport is used for handling file addresses generated by alias
-# or .forward files if the path ends in "/", which causes it to be treated
-# as a directory name rather than a file name.
-
-address_directory:
-  debug_print = "T: address_directory for $local_part@$domain"
-  driver = appendfile
-  envelope_to_add = true
-  return_path_add = true
-  check_string = ""
-  escape_string = ""
-  maildir_format
-
-#####################################################
-### end transport/35_exim4-config_address_directory
-#####################################################
-#####################################################
-### retry/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      RETRY CONFIGURATION                           #
-######################################################################
-
-begin retry
-
-#####################################################
-### end retry/00_exim4-config_header
-#####################################################
-#####################################################
-### retry/30_exim4-config
-#####################################################
-
-# This single retry rule applies to all domains and all errors. It specifies
-# retries every 15 minutes for 2 hours, then increasing retry intervals,
-# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
-# hours, then retries every 6 hours until 4 days have passed since the first
-# failed delivery.
-
-# Please note that these rules only limit the frequenzy of retries, the
-# effective retry-time depends on the frequenzy of queue-running, too.
-# See QUEUEINTERVAL in /etc/default/exim4.
-
-# Domain               Error       Retries
-# ------               -----       -------
-
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-
-
-
-#####################################################
-### end retry/30_exim4-config
-#####################################################
-#####################################################
-### rewrite/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      REWRITE CONFIGURATION                         #
-######################################################################
-
-begin rewrite
-
-#####################################################
-### end rewrite/00_exim4-config_header
-#####################################################
-#####################################################
-### rewrite/31_exim4-config_rewriting
-#####################################################
-
-### rewrite/31_exim4-config_rewriting
-#################################
-
-# This rewriting rule is particularily useful for dialup users who
-# don't have their own domain, but could be useful for anyone.
-# It looks up the real address of all local users in a file
-*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
-                   {$value}fail} Ffrs
-
-# The same as above, using outdated /etc/exim4/email-addresses, please
-# move its contents to /etc/email-addresses and delete
-# /etc/exim4/email-addresses
-*@+local_domains "${if exists {CONFDIR/email-addresses}\
-                    {${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
-		    {$value}fail}}fail}" Ffrs
-
-
-#####################################################
-### end rewrite/31_exim4-config_rewriting
-#####################################################
-#####################################################
-### auth/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                   AUTHENTICATION CONFIGURATION                     #
-######################################################################
-
-begin authenticators
-
-
-#####################################################
-### end auth/00_exim4-config_header
-#####################################################
-#####################################################
-### auth/30_exim4-config_examples
-#####################################################
-
-### auth/30_exim4-config_examples
-#################################
-
-# The examples below are for server side authentication; they allow two
-# styles of plain-text authentication against an CONFDIR/passwd file
-# which should have user names in the first column and crypted passwords
-# in the second. The columns need to be separated by ':'. For CRAM-MD5
-# exim needs access to the UNECRYPTED passwd - the example below assumes
-# it is available in the third column of CONFDIR/passwd
-
-# plain_server:
-#   driver = plaintext
-#   public_name = PLAIN
-#   server_condition = "${if crypteq{$3}{${extract{1}{:}{${lookup{$2}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
-#   server_set_id = $2
-#   server_prompts = :
-#
-# login_server:
-#   driver = plaintext
-#   public_name = LOGIN
-#   server_prompts = "Username:: : Password::"
-#   server_condition = "${if crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
-#   server_set_id = $1
-#
-# cram_md5_server:
-#   driver = cram_md5
-#   public_name = CRAM-MD5
-#   server_secret = ${extract{2}{:}{${lookup{$1}lsearch{CONFDIR/passwd}{$value}fail}}}
-#   server_set_id = $1
-
-# Here is an example of CRAM-MD5 authentication against PostgreSQL:
-#
-# psqldb_auth:
-#   driver = cram_md5
-#   public_name = CRAM-MD5
-#   server_secret = ${lookup pgsql{SELECT pw FROM users WHERE username = '${quote_pgsql:$1}'}{$value}fail}
-#   server_set_id = $1
-
-# Authenticate against local passwords using sasl2-bin
-# Requires exim_uid to be a member of sasl group, see README.SMTP-AUTH
-# plain_saslauthd:
-#   driver = plaintext
-#   public_name = PLAIN
-#   # don't send system passwords over unencrypted connections
-#   server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
-#   server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
-#   server_set_id = $2
-#   server_prompts = :
-#
-# login_saslauthd:
-#   driver = plaintext
-#   public_name = LOGIN
-#   # don't send system passwords over unencrypted connections
-#   server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
-#   server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
-#   server_set_id = $1
-
-##############
-# See /usr/share/doc/exim4-base/README.SMTP-AUTH
-##############
-
-# These examples below are the equivalent for client side authentication.
-# They get the passwords from CONFDIR/passwd.client. This file should have
-# three columns separated by colons, the first contains the name of the
-# mailserver to authenticate against, the second the username and the third
-# contains the password.
-
-### # example for CONFDIR/passwd.client
-### mail.server:blah:secret
-### # default entry:
-### *:bar:foo
-
-cram_md5:
-  driver = cram_md5
-  public_name = CRAM-MD5
-  client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
-  client_secret = ${extract{2}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
-
-# Because AUTH PLAIN sends the password in clear, per default we only allow it
-# over encrypted connections. If you want to change this disable the existing
-# "client send" entry and enable the one below without the "if !eq{$tls_cipher}{}"
-# by removing the hash-mark (#) at the beginning of the line.
-plain:
-  driver = plaintext
-  public_name = PLAIN
-  client_send = "${if !eq{$tls_cipher}{}{\
-                     ^${extract{1}{::}\
-		       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
-		     ^${extract{2}{::}\
-		       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
-		   }fail}"
-#  client_send = "^${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
-
-# Because AUTH LOGIN sends the password in clear, per default we only allow it
-# over encrypted connections. If you want to change this disable the existing
-# "client send" entry and enable the one below without the "if !eq{$tls_cipher}{}"
-# by removing the hash-mark (#) at the beginning of the line.
-login:
-  driver = plaintext
-  public_name = LOGIN
-  client_send = "${if !eq{$tls_cipher}{}{}fail}\
-                 : ${extract{1}{::}\
-		        {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
-		 : ${extract{2}{::}\
-		     {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
-#  client_send = ": ${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} : ${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
-
-
-
-#####################################################
-### end auth/30_exim4-config_examples
-#####################################################

Deleted: trunk/vhffs-doc/config/exim4-mx1/host
===================================================================
--- trunk/vhffs-doc/config/exim4-mx1/host	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx1/host	2007-07-03 14:39:58 UTC (rev 654)
@@ -1 +0,0 @@
-#empty file

Deleted: trunk/vhffs-doc/config/exim4-mx1/passwd.client
===================================================================
--- trunk/vhffs-doc/config/exim4-mx1/passwd.client	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx1/passwd.client	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,7 +0,0 @@
-### CONFDIR/passwd.client
-#
-# Format:
-#targetmailserver.example:login:password
-#
-# default entry:
-### *:bar:foo

Deleted: trunk/vhffs-doc/config/exim4-mx1/update-exim4.conf.conf
===================================================================
--- trunk/vhffs-doc/config/exim4-mx1/update-exim4.conf.conf	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx1/update-exim4.conf.conf	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,16 +0,0 @@
-# /etc/exim4/update-exim4.conf.conf
-#
-# Edit this file and /etc/mailname by hand and execute update-exim4.conf
-# yourself or use 'dpkg-reconfigure exim4-config'
-
-dc_eximconfig_configtype='internet'
-dc_other_hostnames=''
-dc_local_interfaces='127.0.0.1'
-dc_readhost=''
-dc_relay_domains=''
-dc_minimaldns='false'
-dc_relay_nets=''
-dc_smarthost=''
-CFILEMODE='640'
-dc_use_split_config='false'
-dc_hide_mailname=''

Deleted: trunk/vhffs-doc/config/exim4-mx2/exim4.conf
===================================================================
--- trunk/vhffs-doc/config/exim4-mx2/exim4.conf	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx2/exim4.conf	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,247 +0,0 @@
-hide pgsql_servers = DBHOST/vhffs/vhffs/DBPASS
-RELAY_DOMAINS = ${lookup pgsql{SELECT DISTINCT domain FROM vhffs_mxdomain WHERE domain = '$domain'}}
-RELAY_LIST_DOMAINS = ${lookup pgsql{SELECT domain from vhffs_ml where local_part='$local_part' and domain='$domain'}}
-
-exim_path = /usr/sbin/exim4
-
-CONFDIR = /etc/exim4
-
-domainlist local_domains = localhost:mx2.tuxfamily.net:mx2.tuxfamily.org:mx2.tuxfamily.com
-
-domainlist relay_to_domains = RELAY_DOMAINS:staff.tuxfamily.org:tuxfamily.net:tuxfamily.net:tuxfamily.org:tuxfamily.com
-
-hostlist relay_from_hosts = 127.0.0.1  
-
-#av_scanner = clamd:192.168.3.50 7777 stream
-
-qualify_domain = mx2.tuxfamily.net
-
-
-gecos_pattern = ^([^,:]*)
-gecos_name = $1
-
-acl_smtp_rcpt = acl_check_rcpt
-
-#acl_smtp_data = acl_check_data
-
-message_size_limit = 10M
-
-smtp_accept_max = 120
-
-host_lookup = *
-
-primary_hostname = mx2.tuxfamily.net
-
-rfc1413_query_timeout = 0s
-
-ignore_bounce_errors_after = 2d
-
-timeout_frozen_after = 7d
-
-freeze_tell = postmaster
-
-spool_directory = /var/spool/exim4
-
-trusted_users = Debian-exim 
-
-smtp_banner = "${primary_hostname} ESMTP Vhffs4 Mailer ${tod_full}"
-
-begin acl
-acl_whitelist_local_deny:
-  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
-                          {CONFDIR/local_host_whitelist}\
-			  {}}
-accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
-    {CONFDIR/local_sender_whitelist}\
-{}}
-
-acl_check_rcpt:
-  accept hosts = : 127.0.0.1 
-
-   deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-   
-          !acl = acl_whitelist_local_deny
- senders = ${if exists{CONFDIR/local_sender_blacklist}\
-	      {CONFDIR/local_sender_blacklist}\
-		   {}}
-deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-              hosts = ${if exists{CONFDIR/local_host_blacklist}\
-{CONFDIR/local_host_blacklist}\
-							{}}
-
-drop  condition = ${if eq{$sender_helo_name}{}{yes}{no}}
-message = \
-HELO/EHLO required by SMTP RFC.\n\
-Bye dude!
-
-accept  senders = ${if exists{CONFDIR/whitelist_sender}\
-                {CONFDIR/whitelist_sender}\
-		                {}}
-
-accept  hosts = ${if exists{CONFDIR/whitelist_host}\
-{CONFDIR/whitelist_host}\
-{}}
-
-drop  !verify = sender/no_details
-message = \
-Unrouteable sender address.\n\
-Bye dude!
-
-drop  !verify = sender/callout=45s
-message = \
-Your email address is rejected by your mail server.\n\
-You can't send mail here with a fake address.\n\
-Bye dude!
-
-deny    domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-message       = restricted characters in address
-
-deny    domains       = !+local_domains
-local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-message       = restricted characters in address
-
-accept local_parts = postmaster
-domains = +local_domains
-warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
-!verify = reverse_host_lookup
-
-  
-  accept domains = +local_domains
-         endpass
-         message = unknown user
-         verify = recipient
-
-  accept domains = +relay_to_domains
-         endpass
-         message = unrouteable address
-         verify = recipient
-
-  accept hosts = +relay_from_hosts
-
-  accept authenticated = *
-
-  deny message = relay not permitted
-
-
-begin routers
-
-dnslookup_relay_to_domains:
-  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains : +relay_to_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  no_more
-
-dnslookup:
-  debug_print = "R: dnslookup for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
-                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
-  no_more
-system_aliases:
-  debug_print = "R: system_aliases for $local_part@$domain"
-  driver = redirect
-  condition = ${if or { {eq {$domain} {$primary_hostname}} {eq {$domain} {$qualify_domain}}} {1} {0}}
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-  file_transport = address_file
-
-begin transports
-
-address_file:
-  debug_print = "T: address_file for $local_part@$domain"
-  driver = appendfile
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-
-address_pipe:
-  debug_print = "T: address_pipe for $local_part@$domain"
-  driver = pipe
-  return_fail_output
-
-address_reply:
-  debug_print = "T: autoreply for $local_part@$domain"
-  driver = autoreply
-
-mail_spool:
-  debug_print = "T: appendfile for $local_part@$domain"
-  driver = appendfile
-  file = /var/mail/$local_part
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  group = mail
-  mode = 0660
-  mode_fail_narrower = false
-
-maildrop_pipe:
-  debug_print = "T: maildrop_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/maildrop"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-procmail_pipe:
-  debug_print = "T: procmail_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/procmail"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-remote_smtp:
-  debug_print = "T: remote_smtp for $local_part@$domain"
-  driver = smtp
-
-address_directory:
-  debug_print = "T: address_directory for $local_part@$domain"
-  driver = appendfile
-  envelope_to_add = true
-  return_path_add = true
-  check_string = ""
-  escape_string = ""
-  maildir_format
-
-begin retry
-
-*        quota_7d
-*        quota       F,2h,15m; F,3d,1h
-
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-
-begin rewrite
-
-*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
-                   {$value}fail} Ffrs
-
-*@+local_domains "${if exists {CONFDIR/email-addresses}\
-                    {${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
-		    {$value}fail}}fail}" Ffrs
-
-begin authenticators
-
- plain_server:
-   driver = plaintext
-   public_name = PLAIN
-   server_condition = ${if and {{!eq{$2}{}}{!eq{$3}{}}{eq {$3} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$2}' and domain = '${domain:$2}'} {$value}fail}}}}{1}{0}}
-   server_set_id = $2
-   server_prompts = :
-
- login_server:
-   driver = plaintext
-   public_name = LOGIN
-   server_prompts = "Username:: : Password::"
-   server_condition = ${if and {{!eq{$1}{}}{!eq{$2}{}}{eq {$2} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$1}' and domain = '${domain:$1}'} {$value}fail}}}}{1}{0}}
-   server_set_id = $1
-

Added: trunk/vhffs-doc/config/exim4-mx2/exim4.conf
===================================================================
--- trunk/vhffs-doc/config/exim4-mx2/exim4.conf	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx2/exim4.conf	2007-07-03 14:39:58 UTC (rev 654)
@@ -0,0 +1,309 @@
+hide pgsql_servers = PGHOST/PGDB/PGUSER/PGPASS
+PGSQL_RELAY_DOMAIN = ${lookup pgsql{SELECT DISTINCT domain FROM vhffs_mxdomain WHERE domain = '$domain'}}
+PGSQL_RELAY_CHECKLOCALPART = ${lookup pgsql{SELECT d.domain FROM vhffs_mxdomain d WHERE d.domain = '$domain' AND (d.catchall != '' OR EXISTS (SELECT domain FROM vhffs_boxes WHERE domain = '$domain' AND local_part = '$local_part') OR EXISTS (SELECT domain FROM vhffs_forward WHERE domain = '$domain' AND local_part = '$local_part') OR EXISTS (SELECT domain FROM vhffs_ml WHERE domain = '$domain' AND (local_part = '$local_part' OR local_part || '-request' = '$local_part')))}}
+
+exim_path = /usr/sbin/exim4
+
+CONFDIR = /etc/exim4
+
+domainlist local_domains = localhost
+
+domainlist relay_to_domains = 
+
+domainlist relay_this_domain = PGSQL_RELAY_DOMAIN
+
+hostlist relay_from_hosts = 127.0.0.1
+
+#av_scanner = clamd:192.168.3.50 7777 stream
+
+qualify_domain = mx2.vhffs.org
+
+gecos_pattern = ^([^,:]*)
+gecos_name = $1
+
+acl_smtp_rcpt = acl_check_rcpt
+
+#acl_smtp_data = acl_check_data
+
+message_size_limit = 10M
+
+smtp_accept_max = 120
+
+smtp_accept_queue_per_connection = 100
+
+smtp_load_reserve = 40.0
+
+deliver_queue_load_max = 2.0
+
+queue_only_load = 2.0
+
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 0s
+
+primary_hostname = mx2.vhffs.org
+
+ignore_bounce_errors_after = 4h
+
+timeout_frozen_after = 30d
+
+remote_max_parallel = 35
+#freeze_tell = postmaster
+
+spool_directory = /var/spool/exim4
+
+trusted_users = Debian-exim
+
+smtp_banner = "${primary_hostname} ESMTP Vhffs4 Mailer ${tod_full}"
+
+begin acl
+
+#acl_whitelist_local_deny:
+#  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
+#                        {CONFDIR/local_host_whitelist}\
+#                        {}}
+#  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
+#                        {CONFDIR/local_sender_whitelist}\
+#                        {}}
+
+acl_check_rcpt:
+  accept hosts = :
+
+#  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+#       !acl = acl_whitelist_local_deny
+#       senders = ${if exists{CONFDIR/local_sender_blacklist}\
+#                             {CONFDIR/local_sender_blacklist}\
+#                             {}}
+
+#  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
+#       !acl = acl_whitelist_local_deny
+#       hosts = ${if exists{CONFDIR/local_host_blacklist}\
+#                             {CONFDIR/local_host_blacklist}\
+#                             {}}
+
+  drop    condition = ${if eq{$sender_helo_name}{}{yes}{no}}
+          message = HELO/EHLO required by SMTP RFC.\n\
+                    Bye dude!
+
+#  accept  senders = ${if exists{CONFDIR/whitelist_sender}\
+#		{CONFDIR/whitelist_sender}\
+#		{}}
+
+#  accept  hosts = ${if exists{CONFDIR/whitelist_host}\
+#		{CONFDIR/whitelist_host}\
+#		{}}
+
+  drop    !verify = sender/no_details
+          message = Unrouteable sender address.\n\
+                    Bye dude!
+
+  deny    local_parts   = ^[.] : ^.*[@%!/|]
+          message       = Restricted characters in address
+
+  accept   hosts = +relay_from_hosts
+
+#  deny    domains       = +local_domains
+#          local_parts   = ^[.] : ^.*[@%!/|]
+#          message       = Restricted characters in address
+
+#  deny    domains       = !+local_domains
+#          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+#          message       = Restricted characters in address
+
+#  drop  !verify = sender/callout=45s
+#	message = \
+#		Your email address is rejected by your mail server.\n\
+#		You can't send mail here with a fake address.\n\
+#		Bye dude!
+
+#  accept local_parts = postmaster
+#         domains = +local_domains : +relay_to_domains : +relay_this_domain
+
+#  warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
+#       !verify = reverse_host_lookup
+
+#  accept authenticated = *
+
+  require  message = Relay not permitted
+           domains = +local_domains : +relay_to_domains : +relay_this_domain
+
+  deny     message = Unknown user
+           domains = +local_domains : +relay_to_domains : +relay_this_domain
+           !verify = recipient
+
+#  deny     message = Unrouteable address
+#           domains = +relay_to_domains : +relay_this_domain
+#           !verify = recipient
+
+#  accept domains = +local_domains
+#         endpass
+#         message = unknown user
+#         verify = recipient
+
+#  accept domains = +relay_to_domains : +relay_this_domain
+#         endpass
+#         message = unrouteable address
+#         verify = recipient
+
+#  deny message = relay not permitted
+
+#acl_check_data:
+
+#  deny message = Message contains malware or a virus ($malware_name).
+#       log_message = $sender_host_address tried sending $malware_name
+#       demime = *
+#       malware = *
+#   warn condition = ${if !def:h_Message-ID: {1}}
+#        hosts = +relay_from_hosts
+#        message = Message-ID: <E$message_id@$primary_hostname>
+
+   accept
+
+begin routers
+
+dnslookup_relay_to_domains:
+  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
+  driver = dnslookup
+  domains = ! +local_domains : +relay_to_domains
+  transport = remote_smtp
+  same_domain_copy_routing = yes
+  no_more
+
+dnslookup:
+  debug_print = "R: dnslookup for $local_part@$domain"
+  driver = dnslookup
+  domains = ! +local_domains : ! +relay_this_domain
+  transport = remote_smtp
+  same_domain_copy_routing = yes
+  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
+                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
+  no_more
+
+dnslookup_relay_this_domain:
+  debug_print = "R: dnslookup_relay_this_domain for $local_part@$domain"
+  driver = dnslookup
+  domains = PGSQL_RELAY_CHECKLOCALPART
+  transport = remote_smtp
+  same_domain_copy_routing = yes
+  ignore_target_hosts = !212.85.158.8 : *
+  no_more
+
+#spamcheck_router:
+#	driver = accept
+#        no_verify
+#	domains = PGSQL_VIRTUAL_SPAMCHECK
+#        condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
+#        transport = spamcheck
+
+system_aliases:
+  debug_print = "R: system_aliases for $local_part@$domain"
+  driver = redirect
+  condition = ${if or { {eq {$domain} {$primary_hostname}} {eq {$domain} {$qualify_domain}}} {1} {0}}
+  allow_fail
+  allow_defer
+  data = ${lookup{$local_part}lsearch{/etc/aliases}}
+  file_transport = address_file
+
+begin transports
+
+address_file:
+  debug_print = "T: address_file for $local_part@$domain"
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+
+address_pipe:
+  debug_print = "T: address_pipe for $local_part@$domain"
+  driver = pipe
+  return_fail_output
+
+address_reply:
+  debug_print = "T: autoreply for $local_part@$domain"
+  driver = autoreply
+
+mail_spool:
+  debug_print = "T: appendfile for $local_part@$domain"
+  driver = appendfile
+  file = /var/mail/$local_part
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  group = mail
+  mode = 0660
+  mode_fail_narrower = false
+
+maildrop_pipe:
+  debug_print = "T: maildrop_pipe for $local_part@$domain"
+  driver = pipe
+  path = "/bin:/usr/bin:/usr/local/bin"
+  command = "/usr/bin/maildrop"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+
+procmail_pipe:
+  debug_print = "T: procmail_pipe for $local_part@$domain"
+  driver = pipe
+  path = "/bin:/usr/bin:/usr/local/bin"
+  command = "/usr/bin/procmail"
+  return_path_add
+  delivery_date_add
+  envelope_to_add
+
+remote_smtp:
+  debug_print = "T: remote_smtp for $local_part@$domain"
+  driver = smtp
+
+#spamcheck:
+#                  debug_print = "T: spamassassin_pipe for $local_part@$domain"
+#                  driver = pipe
+#                  command = /usr/sbin/exim4 -oMr spam-scanned -bS
+#                  use_bsmtp
+#                  transport_filter = /usr/bin/spamc -d 192.168.3.50 -p 783
+#                  home_directory = "/tmp"
+#                  current_directory = "/tmp"
+#                  user = Debian-exim 
+#                  group = Debian-exim
+#                  return_fail_output
+#		  headers_remove = X-Spam-Flag : X-Spam-Status : X-Spam-Level : X-Spam-Scanned
+
+address_directory:
+  debug_print = "T: address_directory for $local_part@$domain"
+  driver = appendfile
+  envelope_to_add = true
+  return_path_add = true
+  check_string = ""
+  escape_string = ""
+  maildir_format
+
+begin retry
+
+#*        quota_7d
+#*        quota       F,2h,15m; F,3d,1h
+*         *           F,4h,1h; G,20h,1h,1.5; F,6d,12h; F,24d,1d
+
+begin rewrite
+
+#*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
+#                   {$value}fail} Ffrs
+
+#*@+local_domains "${if exists {CONFDIR/email-addresses}\
+#                    {${lookup{${local_part}}lsearch{CONFDIR/email-addresses}\
+#		    {$value}fail}}fail}" Ffrs
+
+begin authenticators
+
+# plain_server:
+#   driver = plaintext
+#   public_name = PLAIN
+#   server_condition = ${if and {{!eq{$2}{}}{!eq{$3}{}}{eq {$3} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$2}' and domain = '${domain:$2}'} {$value}fail}}}}{1}{0}}
+#   server_set_id = $2
+#   server_prompts = :
+
+# login_server:
+#   driver = plaintext
+#   public_name = LOGIN
+#   server_prompts = "Username:: : Password::"
+#   server_condition = ${if and {{!eq{$1}{}}{!eq{$2}{}}{eq {$2} {${lookup pgsql{select password from vhffs_boxes where local_part = '${local_part:$1}' and domain = '${domain:$1}'} {$value}fail}}}}{1}{0}}
+#   server_set_id = $1

Deleted: trunk/vhffs-doc/config/exim4-mx2/exim4.conf.template
===================================================================
--- trunk/vhffs-doc/config/exim4-mx2/exim4.conf.template	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx2/exim4.conf.template	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,1297 +0,0 @@
-#####################################################
-### main/01_exim4-config_listmacrosdefs
-#####################################################
-
-######################################################################
-#                  Runtime configuration file for Exim               #
-######################################################################
-
-######################################################################
-#                    MAIN CONFIGURATION SETTINGS                     #
-######################################################################
-
-# Just for reference and scripts, on debian, the main binary is
-# installed as exim4
-exim_path = /usr/sbin/exim4
-
-# Macro defining the main configuration directory, we use no abolute
-# paths.
-CONFDIR = /etc/exim4
-
-# Define a macro DC_minimaldns if dc_minimaldns=true, to use in
-# .ifdef-statements otherwise this expands to an empty line
-DEBCONFminimaldnsDEBCONF
-
-# The next three settings create two lists of domains and one list of hosts.
-# These lists are referred to later in this configuration using the syntax
-# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
-# are all colon-separated lists:
-
-# '@' refers to 'the name of the local host'
-
-### EXPANSION-begins ######################
-domainlist local_domains = DEBCONFlocal_domainsDEBCONF
-
-domainlist relay_to_domains = DEBCONFrelay_domainsDEBCONF
-
-hostlist relay_from_hosts = 127.0.0.1 : ::::1 : DEBCONFrelay_netsDEBCONF
-
-
-# Specify the domain you want to be added to all unqualified addresses
-# here. An unqualified address is one that does not contain an "@" character
-# followed by a domain. For example, "caesar@rome.example" is a fully qualified
-# address, but the string "caesar" (i.e. just a login name) is an unqualified
-# email address. Unqualified addresses are accepted only from local callers by
-# default. See the recipient_unqualified_hosts option if you want to permit
-# unqualified addresses from remote sources. If this option is not set, the
-# primary_hostname value is used for qualification.
-qualify_domain = DEBCONFvisiblenameDEBCONF
-
-# only used for satellite-system
-.ifndef DCreadhost
-DCreadhost = DEBCONFreadhostDEBCONF
-.endif
-
-#for satellite and smarthost-systems
-.ifndef DCsmarthost
-DCsmarthost = DEBCONFsmarthostDEBCONF
-.endif
-
-# listen on all all interfaces?
-DEBCONFlistenonpublicDEBCONF
-### EXPANSION-ends   ######################
-
-# The default transport, set in /etc/exim4/update-exim4.conf.conf. See
-# CONFDIR/conf.d/transport/ for possibilities
-LOCAL_DELIVERY=DEBCONFlocaldeliveryDEBCONF
-
-# The gecos field in /etc/passwd holds not only the name. see passwd(5).
-gecos_pattern = ^([^,:]*)
-gecos_name = $1
-
-
-# define a macro DCconfig_smarthost, DCconfig_satellite, etc. we need this
-# for .ifdef ... .endif
-DCconfig_DEBCONFconfigtypeDEBCONF = 1
-#####################################################
-### end main/01_exim4-config_listmacrosdefs
-#####################################################
-#####################################################
-### main/02_exim4-config_options
-#####################################################
-
-### main/02_exim4-config_options
-#################################
-
-# This option defines the access control list that is run when an
-# SMTP RCPT command is received.
-#
-acl_smtp_rcpt = acl_check_rcpt
-
-# This option defines the access control list that is run when an
-# SMTP DATA command is received.
-#
-acl_smtp_data = acl_check_data
-
-# Define a message size limit. You can either change it here, or set the
-# MESSAGE_SIZE_LIMIT macro. The default (used when MESSAGE_SIZE_LIMIT
-# is unset and/or message_size_limit is unset) is 50 MB
-.ifdef MESSAGE_SIZE_LIMIT
-message_size_limit = MESSAGE_SIZE_LIMIT
-.endif
-
-# If you want unqualified recipient addresses to be qualified with a different
-# domain to unqualified sender addresses, specify the recipient domain here.
-# If this option is not set, the qualify_domain value is used.
-#
-# qualify_recipient = 
-
-# The following line must be uncommented if you want Exim to recognize
-# addresses of the form "user@[10.11.12.13]" that is, with a "domain literal"
-# (an IP address) instead of a named domain. The RFCs still require this form,
-# but it makes little sense to permit mail to be sent to specific hosts by
-# their IP address in the modern Internet. This ancient format has been used
-# by those seeking to abuse hosts by using them for unwanted relaying. If you
-# really do want to support domain literals, uncomment the following line, and
-# see also the "domain_literal" router.
-#
-# allow_domain_literals
-
-.ifndef DC_minimaldns
-# The setting below causes Exim to do a reverse DNS lookup on all incoming
-# IP calls, in order to get the true host name. If you feel this is too
-# expensive, you can specify the networks for which a lookup is done, or
-# remove the setting entirely.
-#
-host_lookup = *
-.endif
-
-# For minimaldns try to guess the primary_hostname only once at startup, when
-# running update-exim4.conf
-DEBCONF_hardcode_primary_hostname_DEBCONF
-
-# The settings below, which are actually the same as the defaults in the
-# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
-# calls. You can limit the hosts to which these calls are made, and/or change
-# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
-# are disabled. RFC 1413 calls are cheap and can provide useful information
-# for tracing problem messages, but some hosts and firewalls have problems
-# with them. This can result in a timeout instead of an immediate refused
-# connection, leading to delays on starting up an SMTP session.
-#
-rfc1413_hosts = *
-rfc1413_query_timeout = 30s
-
-# By default, exim forces a Sender: header containing the local
-# account name at the local host name in all locally submitted messages
-# that don't have the local account name at the local host name in the
-# From: header, deletes any Sender: header present in the submitted
-# message and forces the envelope sender of all locally submitted
-# messages to the local account name at the local host name.
-# The following settings allow local users to specify their own envelope sender
-# in a locally submitted message. Sender: headers existing in a locally
-# submitted message are not removed, and no automatic Sender: headers
-# are added. These settings are fine for most hosts.
-# If you run exim on a classical multi-user systems where all users
-# have local mailboxes that can be reached via SMTP from the Internet
-# with the local FQDN as the domain part of the address, you might want
-# to disable the following three lines for traceability reasons.
-local_from_check = false
-local_sender_retain = true
-untrusted_set_sender = *
-
-# By default, Exim expects all envelope addresses to be fully qualified, that
-# is, they must contain both a local part and a domain. If you want to accept
-# unqualified addresses (just a local part) from certain hosts, you can specify
-# these hosts by setting one or both of
-#
-# sender_unqualified_hosts =
-# recipient_unqualified_hosts =
-#
-# to control sender and recipient addresses, respectively. When this is done,
-# unqualified addresses are qualified using the settings of qualify_domain
-# and/or qualify_recipient (see above).
-
-# If you want Exim to support the "percent hack" for certain domains,
-# uncomment the following line and provide a list of domains. The "percent
-# hack" is the feature by which mail addressed to x%y@z (where z is one of
-# the domains listed) is locally rerouted to x@y and sent on. If z is not one
-# of the "percent hack" domains, x%y is treated as an ordinary local part. This
-# hack is rarely needed nowadays; you should not enable it unless you are sure
-# that you really need it.
-#
-# percent_hack_domains =
-
-# When Exim can neither deliver a message nor return it to sender, it "freezes"
-# the delivery error message (aka "bounce message"). There are also other
-# circumstances in which messages get frozen. They will stay on the queue for
-# ever unless one of the following options is set.
-
-# This option unfreezes frozen bounce messages after two days, tries
-# once more to deliver them, and ignores any delivery failures.
-#
-ignore_bounce_errors_after = 2d
-
-# This option cancels (removes) frozen messages that are older than a week.
-#
-timeout_frozen_after = 7d
-
-freeze_tell = postmaster
-
-# Only for interacting with other packages, to make it possible to use
-# -DSPOOLDIR to override it on the command line
-.ifndef SPOOLDIR
-SPOOLDIR = /var/spool/exim4
-.endif
-spool_directory = SPOOLDIR
-
-# uucp should be able to set envelope-from to arbitrary values
-trusted_users = uucp
-
-# uncomment this to get the Debian version in the SMTP dialog
-# smtp_banner = "${primary_hostname} ESMTP Exim ${version_number} (Debian package DEBCONFpackageversionDEBCONF) ${tod_full}"
-
-#####################################################
-### end main/02_exim4-config_options
-#####################################################
-#####################################################
-### main/03_exim4-config_tlsoptions
-#####################################################
-# Example for TLS/SSL configuration.
-
-# See /usr/share/doc/exim4-base/README.TLS* for explanations.
-
-# Defines that you want to log what cipher your exim and the peer's mailer
-# uses to encrypt the transaction. It also defines you want to log the 'DN'
-# (Distinguished Name) of the certificate of the peer.
-#
-# log_selector = +tls_cipher +tls_peerdn
-
-# Defines what hosts to 'advertise' STARTTLS functionality to. Setting this
-# to * will advertise to all hosts that connect with EHLO, and this is a
-# good default
-#
-# tls_advertise_hosts = *
-
-# Defines where your SSL-certificate and SSL-Private Key are located.
-# This requires a full path. The files pointed to must be kept 'secret'
-# and should be owned my root.Debian-exim mode 640 (-rw-r-----). Usually the
-# exim-gencert script takes care of these prerequisites.
-#
-# tls_certificate = CONFDIR/exim.crt
-# tls_privatekey = CONFDIR/exim.key
-
-# A file which contains the certificates of the trusted CAs (Certification
-# Authorities) against which host certificates can be checked (through the
-# `tls_verify_hosts' and `tls_try_verify_hosts' lists below).
-# /etc/ssl/certs/ca-certificates.crt is generated by
-# the "ca-certificates" package's update-ca-certificates(8) command.
-#
-#tls_verify_certificates = /etc/ssl/certs/ca-certificates.crt
-
-# A list of hosts which are constrained by `tls_verify_certificates'. A host
-# that matches `tls_verify_host' must present a certificate that's
-# verifyable through `tls_verify_certificates' in order to be accepted as an
-# SMTP client. If it does not, the connection is aborted.
-#
-#tls_verify_hosts = 
-
-# A weaker form of checking: if a client matches `tls_try_verify_hosts' (but
-# not `tls_verify_hosts'), request a certificate and check it against
-# `tls_verify_certificates' but do not abort the connection if there is no
-# certificate or if the certificate presented does not match. (This
-# condition can be tested for in ACLs through `verify = certificate')
-#
-#tls_try_verify_hosts = *
-#####################################################
-### end main/03_exim4-config_tlsoptions
-#####################################################
-#####################################################
-### acl/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                       ACL CONFIGURATION                            #
-#         Specifies access control lists for incoming SMTP mail      #
-######################################################################
-begin acl
-
-
-#####################################################
-### end acl/00_exim4-config_header
-#####################################################
-#####################################################
-### acl/20_exim4-config_whitelist_local_deny
-#####################################################
-# This access control list is used to determine whitelisted senders and
-# hosts. It checks for CONFDIR/local_host_whitelist and
-# CONFDIR/local_sender_whitelist.
-#
-# It is meant to be used from some other acl entry.
-#
-# For example,
-# deny message = local blacklist example
-#      !acl = acl_whitelist
-#      dnslist = some.dns.list.example
-# will allow messages with envelope sender listed in local_sender_whitelist
-# or messages coming in from hosts listed in local_host_whitelist to be
-# accepted even if the delivering host is listed in the dns list.
-#
-# Whitelisting can also be configured by including negative items in the
-# black list. See /usr/share/doc/exim4-config/default_acl for details.
-#
-# If the files do not exist, the white list never matches, which is
-# the desired behaviour.
-
-acl_whitelist_local_deny:
-  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
-                        {CONFDIR/local_host_whitelist}\
-                        {}}
-  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
-                        {CONFDIR/local_sender_whitelist}\
-                        {}}
-
-
-#####################################################
-### end acl/20_exim4-config_whitelist_local_deny
-#####################################################
-#####################################################
-### acl/30_exim4-config_check_rcpt
-#####################################################
-# This access control list is used for every RCPT command in an incoming
-# SMTP message. The tests are run in order until the address is either
-# accepted or denied.
-#
-acl_check_rcpt:
-  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
-  # testing for an empty sending host field.
-  accept hosts = :
-
-  # The following section of the ACL is concerned with local parts that contain
-  # @ or % or ! or / or | or dots in unusual places.
-  #
-  # The characters other than dots are rarely found in genuine local parts, but
-  # are often tried by people looking to circumvent relaying restrictions.
-  # Therefore, although they are valid in local parts, these rules lock them
-  # out, as a precaution.
-  #
-  # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
-  # allows them because they have been encountered. (Consider local parts
-  # constructed as "firstinitial.secondinitial.familyname" when applied to
-  # someone like me, who has no second initial.) However, a local part starting
-  # with a dot or containing /../ can cause trouble if it is used as part of a
-  # file name (e.g. for a mailing list). This is also true for local parts that
-  # contain slashes. A pipe symbol can also be troublesome if the local part is
-  # incorporated unthinkingly into a shell command line.
-  #
-  # Two different rules are used. The first one is stricter, and is applied to
-  # messages that are addressed to one of the local domains handled by this
-  # host. It blocks local parts that begin with a dot or contain @ % ! / or |.
-  # If you have local accounts that include these characters, you will have to
-  # modify this rule.
-  deny    domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-          message       = restricted characters in address
-
-  # The second rule applies to all other domains, and is less strict. This
-  # allows your own users to send outgoing messages to sites that use slashes
-  # and vertical bars in their local parts. It blocks local parts that begin
-  # with a dot, slash, or vertical bar, but allows these characters within the
-  # local part. However, the sequence /../ is barred. The use of @ % and ! is
-  # blocked, as before. The motivation here is to prevent your users (or
-  # your users' viruses) from mounting certain kinds of attack on remote sites.
-
-  deny    domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-          message       = restricted characters in address
-
-  # Accept mail to postmaster in any local domain, regardless of the source,
-  # and without verifying the sender.
-  #
-  accept local_parts = postmaster
-         domains = +local_domains
-
-  # deny bad senders (envelope sender)
-  # CONFDIR/local_sender_blacklist holds a list of envelope senders that
-  # should have their access denied to the local host. Incoming messages
-  # with one of these senders are rejected at RCPT time.
-  #
-  # The explicit white lists are honored as well as negative items in
-  # the black list. See /usr/share/doc/exim4-config/default_acl for details.
-  deny message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       senders = ${if exists{CONFDIR/local_sender_blacklist}\
-                             {CONFDIR/local_sender_blacklist}\
-                             {}}
-
-  # deny bad sites (IP address)
-  # CONFDIR/local_host_blacklist holds a list of host names, IP addresses
-  # and networks (CIDR notation)  that should have their access denied to
-  # The local host. Messages coming in from a listed host will have all
-  # RCPT statements rejected.
-  #
-  # The explicit white lists are honored as well as negative items in
-  # the black list. See /usr/share/doc/exim4-config/default_acl for details.
-  deny message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
-       !acl = acl_whitelist_local_deny
-       hosts = ${if exists{CONFDIR/local_host_blacklist}\
-                             {CONFDIR/local_host_blacklist}\
-                             {}}
-
-
-  # Deny unless the sender address can be verified.
-  #
-  # This is disabled by default so that DNSless systems don't break. If
-  # your system can do DNS lookups without delay or cost, you might want
-  # to enable the following line.
-  # deny message = Sender verification failed
-  #      !acl = acl_whitelist_local_deny
-  #      !verify = sender
-
-  # Warn if the sender host does not have valid reverse DNS.
-  # 
-  # This is disabled by default so that DNSless systems don't break. If
-  # your system can do DNS lookups without delay or cost, you might want
-  # to enable the following lines.
-  # warn message = X-Broken-Reverse-DNS: no host name found for IP address $sender_host_address
-  #      !verify = reverse_host_lookup
-
-
-  #############################################################################
-  # There are no checks on DNS "black" lists because the domains that contain
-  # these lists are changing all the time. You can find examples of
-  # how to use dnslists in /usr/share/doc/exim4-config/examples/acl
-  #############################################################################
-
-  # Accept if the address is in a local domain, but only if the recipient can
-  # be verified. Otherwise deny. The "endpass" line is the border between
-  # passing on to the next ACL statement (if tests above it fail) or denying
-  # access (if tests below it fail).
-  #
-  accept domains = +local_domains
-         endpass
-         message = unknown user
-         verify = recipient
-
-  # Accept if the address is in a domain for which we are relaying, but again,
-  # only if the recipient can be verified.
-  #
-  accept domains = +relay_to_domains
-         endpass
-         message = unrouteable address
-         verify = recipient
-
-  # If control reaches this point, the domain is neither in +local_domains
-  # nor in +relay_to_domains.
-
-  # Accept if the message comes from one of the hosts for which we are an
-  # outgoing relay. Recipient verification is omitted here, because in many
-  # cases the clients are dumb MUAs that don't cope well with SMTP error
-  # responses. If you are actually relaying out from MTAs, you should probably
-  # add recipient verification here.
-  #
-  accept hosts = +relay_from_hosts
-
-  # Accept if the message arrived over an authenticated connection, from
-  # any host. Again, these messages are usually from MUAs, so recipient
-  # verification is omitted.
-  #
-  accept authenticated = *
-
-  # Reaching the end of the ACL causes a "deny", but we might as well give
-  # an explicit message.
-  #
-  deny message = relay not permitted
-
-
-
-#####################################################
-### end acl/30_exim4-config_check_rcpt
-#####################################################
-#####################################################
-### acl/40_exim4-config_check_data
-#####################################################
-# 40_exim4-config_check_data
-
-acl_check_data:
-   # Add Message-ID if missing
-   warn condition = ${if !def:h_Message-ID: {1}}
-        hosts = +relay_from_hosts
-        message = Message-ID: <E$message_id@$primary_hostname>
-		      
-   # Deny unless the address list headers are syntactically correct.
-   #
-   # This is disabled by default because it might reject legitimate mail.
-   # If you want your system to insist on syntactically valid address
-   # headers, you might want to enable the following lines.
-   # deny message = Message headers fail syntax check
-   #	!acl = acl_whitelist_local_deny
-   #    !verify = header_syntax
-
-   # require that there is a verifiable sender address in at least
-   # one of the "Sender:", "Reply-To:", or "From:" header lines.
-   # deny message = No verifiable sender address in message headers
-   #	!acl = acl_whitelist_local_deny
-   #    !verify = header_sender
-
-   # accept otherwise
-   accept
-#####################################################
-### end acl/40_exim4-config_check_data
-#####################################################
-#####################################################
-### router/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      ROUTERS CONFIGURATION                         #
-#               Specifies how addresses are handled                  #
-######################################################################
-#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
-# An address is passed to each router in turn until it is accepted.  #
-######################################################################
-
-begin routers
-
-#####################################################
-### end router/00_exim4-config_header
-#####################################################
-#####################################################
-### router/100_exim4-config_domain_literal
-#####################################################
-
-# This router routes to remote hosts over SMTP by explicit IP address,
-# when an email address is given in "domain literal" form, for example,
-# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
-# little-known these days, and has been exploited by evil people seeking
-# to abuse SMTP relays. Consequently it is commented out in the default
-# configuration. If you uncomment this router, you also need to uncomment
-# allow_domain_literals above, so that Exim can recognize the syntax of
-# domain literal addresses.
-
-# domain_literal:
-#   debug_print = "R: domain_literal for $local_part@$domain"
-#   driver = ipliteral
-#   domains = ! +local_domains
-#   transport = remote_smtp
-
-#####################################################
-### end router/100_exim4-config_domain_literal
-#####################################################
-#####################################################
-### router/150_exim4-config_hubbed_hosts
-#####################################################
-
-# router/150_exim4-config_hubbed_hosts
-#################################
-
-# route specific domains manually.
-#
-# The most common application of this router is to handle relaying to nonlocal
-# domains that the local host is primary MX for. That means that local
-# information needs to be present for a domain to be handled correctly.
-#
-# That information is put into the optional file /etc/exim4/hubbed_hosts
-# which contains key-value pairs of domain pattern and route data.
-#
-# foo.example: internal.mail.example.com
-# bar.example: 192.168.183.3
-#
-# will cause mail for foo.example to be sent to the host
-# internal.mail.example (IP address derived from A record only), and
-# mail to bar.example to be sent to 192.168.183.3.
-#
-# If the file /etc/exim4/hubbed_hosts does not exist, this router is a
-# no-op.
-
-hubbed_hosts:
-  debug_print = "R: hubbed_hosts for $domain"
-  driver = manualroute
-  domains = "${if exists{CONFDIR/hubbed_hosts}\
-                   {partial-lsearch;CONFDIR/hubbed_hosts}\
-              fail}"
-  route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
-  transport = remote_smtp
-#####################################################
-### end router/150_exim4-config_hubbed_hosts
-#####################################################
-#####################################################
-### router/200_exim4-config_primary
-#####################################################
-
-### router/200_exim4-config_primary
-#################################
-# This file holds the primary router, responsible for nonlocal mails
-
-.ifdef DCconfig_internet
-# configtype=internet
-#
-# deliver mail to the recipient if recipient domain is a domain we
-# relay for. We do not ignore any target hosts here since delivering to
-# a site local or even a link local address might be wanted here, and if
-# such an address has found its way into the MX record of such a domain,
-# the local admin is probably in a place where that broken MX record
-# could be fixed.
-
-dnslookup_relay_to_domains:
-  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains : +relay_to_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  no_more
-
-# deliver mail directly to the recipient. This router is only reached
-# for domains that we do not relay for. Since we most probably can't
-# have broken MX records pointing to site local or link local IP
-# addresses fixed, we ignore target hosts pointing to these addresses.
-
-dnslookup:
-  debug_print = "R: dnslookup for $local_part@$domain"
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  same_domain_copy_routing = yes
-  # ignore private rfc1918 and APIPA addresses
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
-                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
-  no_more
-
-.endif
-
-
-.ifdef DCconfig_local
-# configtype=local
-#
-# Stand-alone system, so generate an error for mail to a non-local domain
-nonlocal:
-  debug_print = "R: nonlocal for $local_part@$domain"
-  driver = redirect
-  domains = ! +local_domains
-  allow_fail
-  data = :fail: Mailing to remote domains not supported
-  no_more
-
-.endif
-
-
-.ifdef DCconfig_smarthost DCconfig_satellite
-# configtype=smarthost or configtype=satellite
-#
-# Send all non-local mail to a single other machine (smarthost).
-#
-# This means _ALL_ non-local mail goes to the smarthost. This will most
-# probably not do what you want for domains that are listed in
-# relay_domains. The most typical use for relay_domains is to control
-# relaying for incoming e-mail on secondary MX hosts. In that case,
-# it doesn't make sense to send the mail to the smarthost since the
-# smarthost will probably send the message right back here, causing a
-# loop.
-#
-# If you want to use a smarthost while being secondary MX for some
-# domains, you'll need to copy the dnslookup_relay_to_domains router
-# here so that mail to relay_domains is handled separately.
-
-smarthost:
-  debug_print = "R: smarthost for $local_part@$domain"
-  driver = manualroute
-  domains = ! +local_domains
-  transport = remote_smtp_smarthost
-  route_list = * DCsmarthost byname
-  host_find_failed = defer
-  same_domain_copy_routing = yes
-  no_more
-
-.endif
-
-
-# The "no_more" above means that all later routers are for
-# domains in the local_domains list, i.e. just like Exim 3 directors.
-#####################################################
-### end router/200_exim4-config_primary
-#####################################################
-#####################################################
-### router/300_exim4-config_real_local
-#####################################################
-
-real_local:
-  debug_print = "R: real_local for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  local_part_prefix = real-
-  check_local_user
-  transport = LOCAL_DELIVERY
-
-#####################################################
-### end router/300_exim4-config_real_local
-#####################################################
-#####################################################
-### router/400_exim4-config_system_aliases
-#####################################################
-
-# This router handles aliasing using a traditional /etc/aliases file.
-#
-##### NB  You must ensure that /etc/aliases exists. It used to be the case
-##### NB  that every Unix had that file, because it was the Sendmail default.
-##### NB  These days, there are systems that don't have it. Your aliases
-##### NB  file should at least contain an alias for "postmaster".
-#
-# Piping to programs in /etc/aliases is disabled per default.
-# If that is a problem for you, see
-#   /usr/share/doc/exim4-config/README.system_aliases
-# or explanation and some workarounds.
-#
-# Note that the transports listed below are the same as are used for
-# .forward files; you might want to set up different ones for pipe and
-# file deliveries from aliases.
-
-system_aliases:
-  debug_print = "R: system_aliases for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-#  user = list
-#  group = mail
-  file_transport = address_file
-# pipe_transport = address_pipe
-# directory_transport = address_directory
-#####################################################
-### end router/400_exim4-config_system_aliases
-#####################################################
-#####################################################
-### router/500_exim4-config_hubuser
-#####################################################
-
-### router/500_exim4-config_hubuser
-#################################
-
-.ifdef DCconfig_satellite
-# This router is only used for configtype=satellite.
-# It takes care to route all mail targetted to <somelocaluser@this.machine>
-# to the host where we read our mail
-#
-hub_user:
-  debug_print = "R: hub_user for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  data = ${local_part}@DCreadhost
-  check_local_user
-
-# Grab the redirected mail and deliver it.
-# This is a duplicate of the smarthost router, needed because
-# DCreadhost might end up as part of +local_domains
-hub_user_smarthost:
-  debug_print = "R: hub_user_smarthost for $local_part@$domain"
-  driver = manualroute
-  domains = DCreadhost
-  transport = remote_smtp_smarthost
-  route_list = * DCsmarthost byname
-  host_find_failed = defer
-  same_domain_copy_routing = yes
-  check_local_user
-.endif
-
-
-#####################################################
-### end router/500_exim4-config_hubuser
-#####################################################
-#####################################################
-### router/600_exim4-config_userforward
-#####################################################
-
-# router/600_exim4-config_userforward
-#################################
-
-# This router handles forwarding using traditional .forward files in users'
-# home directories and filtering with exim's builtin filter language. 
-#
-# The no_verify setting means that this router is skipped when Exim is
-# verifying addresses. Similarly, no_expn means that this router is skipped if
-# Exim is processing an EXPN command.
-#
-# The check_ancestor option means that if the forward file generates an
-# address that is an ancestor of the current one, the current one gets
-# passed on instead. This covers the case where A is aliased to B and B
-# has a .forward file pointing to A.
-#
-# The four transports specified at the end are those that are used when
-# forwarding generates a direct delivery to a directory, or a file, or to a
-# pipe, or sets up an auto-reply, respectively.
-#
-userforward:
-  debug_print = "R: userforward for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  check_local_user
-  file = $home/.forward
-  no_verify
-  no_expn
-  check_ancestor
-  allow_filter
-  directory_transport = address_directory
-  file_transport = address_file
-  pipe_transport = address_pipe
-  reply_transport = address_reply
-  skip_syntax_errors
-  syntax_errors_to = real-$local_part@$domain
-  syntax_errors_text = \
-    This is an automatically generated message. An error has\n\
-    been found in your .forward file. Details of the error are\n\
-    reported below. While this error persists, you will receive\n\
-    a copy of this message for every message that is addressed\n\
-    to you. If your .forward file is a filter file, or if it is\n\
-    a non-filter file containing no valid forwarding addresses,\n\
-    a copy of each incoming message will be put in your normal\n\
-    mailbox. If a non-filter file contains at least one valid\n\
-    forwarding address, forwarding to the valid addresses will\n\
-    happen, and those will be the only deliveries that occur.
-
-#####################################################
-### end router/600_exim4-config_userforward
-#####################################################
-#####################################################
-### router/700_exim4-config_procmail
-#####################################################
-
-procmail:
-  debug_print = "R: procmail for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  check_local_user
-  transport = procmail_pipe
-  # emulate OR with "if exists"-expansion
-  require_files = ${local_part}:\
-                  ${if exists{/etc/procmailrc}\
-                    {/etc/procmailrc}{${home}/.procmailrc}}:\
-                  +/usr/bin/procmail
-  no_verify
-  no_expn
-
-#####################################################
-### end router/700_exim4-config_procmail
-#####################################################
-#####################################################
-### router/800_exim4-config_maildrop
-#####################################################
-
-### router/800_exim4-config_maildrop
-#################################
-
-maildrop:
-  debug_print = "R: maildrop for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  check_local_user
-  transport = maildrop_pipe
-  require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
-  no_verify
-  no_expn
-
-#####################################################
-### end router/800_exim4-config_maildrop
-#####################################################
-#####################################################
-### router/900_exim4-config_local_user
-#####################################################
-
-### router/900_exim4-config_local_user
-#################################
-
-local_user:
-  debug_print = "R: local_user for $local_part@$domain"
-  driver = accept
-  domains = +local_domains
-  check_local_user
-  local_parts = ! root
-  transport = LOCAL_DELIVERY
-
-
-
-#####################################################
-### end router/900_exim4-config_local_user
-#####################################################
-#####################################################
-### router/mmm_mail4root
-#####################################################
-
-### router/mmm_mail4root
-#################################
-# deliver mail addressed to root to /var/mail/mail as user mail:mail
-# if it was not redirected in /etc/aliases or by other means
-# Exim cannot deliver as root since 4.24 (FIXED_NEVER_USERS)
-
-mail4root:
-  debug_print = "R: mail4root for $local_part@$domain"
-  driver = redirect
-  domains = +local_domains
-  data = /var/mail/mail
-  file_transport = address_file
-  local_parts = root
-  user = mail
-  group = mail
-
-#####################################################
-### end router/mmm_mail4root
-#####################################################
-#####################################################
-### transport/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      TRANSPORTS CONFIGURATION                      #
-######################################################################
-#                       ORDER DOES NOT MATTER                        #
-#     Only one appropriate transport is called for each delivery.    #
-######################################################################
-
-# A transport is used only when referenced from a router that successfully
-# handles an address.
-
-begin transports
-
-#####################################################
-### end transport/00_exim4-config_header
-#####################################################
-#####################################################
-### transport/30_exim4-config_address_file
-#####################################################
-
-# This transport is used for handling deliveries directly to files that are
-# generated by aliasing or forwarding.
-#
-address_file:
-  debug_print = "T: address_file for $local_part@$domain"
-  driver = appendfile
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-
-#####################################################
-### end transport/30_exim4-config_address_file
-#####################################################
-#####################################################
-### transport/30_exim4-config_address_pipe
-#####################################################
-
-# This transport is used for handling pipe deliveries generated by alias or
-# .forward files. If the commands fails and produces any output on standard
-# output or standard error streams, the output is returned to the sender
-# of the message as a delivery error.
-# You can set different transports for aliases and forwards if you want to
-# - see the references to address_pipe in the routers section above.
-address_pipe:
-  debug_print = "T: address_pipe for $local_part@$domain"
-  driver = pipe
-  return_fail_output
-
-#####################################################
-### end transport/30_exim4-config_address_pipe
-#####################################################
-#####################################################
-### transport/30_exim4-config_address_reply
-#####################################################
-
-# This transport is used for handling autoreplies generated by the filtering
-# option of the userforward router.
-#
-address_reply:
-  debug_print = "T: autoreply for $local_part@$domain"
-  driver = autoreply
-
-#####################################################
-### end transport/30_exim4-config_address_reply
-#####################################################
-#####################################################
-### transport/30_exim4-config_mail_spool
-#####################################################
-
-### transport/30_exim4-config_mail_spool
-
-# This transport is used for local delivery to user mailboxes in traditional
-# BSD mailbox format.
-#
-mail_spool:
-  debug_print = "T: appendfile for $local_part@$domain"
-  driver = appendfile
-  file = /var/mail/$local_part
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  group = mail
-  mode = 0660
-  mode_fail_narrower = false
-
-#####################################################
-### end transport/30_exim4-config_mail_spool
-#####################################################
-#####################################################
-### transport/30_exim4-config_maildir_home
-#####################################################
-
-### transport/30_exim4-config_maildir_home
-
-# Use this instead of mail_spool if you want to to deliver to Maildir in
-# home-directory - change the definition of LOCAL_DELIVERY
-#
-maildir_home:
-  debug_print = "T: maildir_home for $local_part@$domain"
-  driver = appendfile
-  directory = $home/Maildir
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  maildir_format
-  mode = 0600
-  mode_fail_narrower = false
-
-#####################################################
-### end transport/30_exim4-config_maildir_home
-#####################################################
-#####################################################
-### transport/30_exim4-config_maildrop_pipe
-#####################################################
-
-maildrop_pipe:
-  debug_print = "T: maildrop_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/maildrop"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-#####################################################
-### end transport/30_exim4-config_maildrop_pipe
-#####################################################
-#####################################################
-### transport/30_exim4-config_procmail_pipe
-#####################################################
-
-procmail_pipe:
-  debug_print = "T: procmail_pipe for $local_part@$domain"
-  driver = pipe
-  path = "/bin:/usr/bin:/usr/local/bin"
-  command = "/usr/bin/procmail"
-  return_path_add
-  delivery_date_add
-  envelope_to_add
-
-#####################################################
-### end transport/30_exim4-config_procmail_pipe
-#####################################################
-#####################################################
-### transport/30_exim4-config_remote_smtp
-#####################################################
-
-### transport/30_exim4-config_remote_smtp
-#################################
-# This transport is used for delivering messages over SMTP connections.
-remote_smtp:
-  debug_print = "T: remote_smtp for $local_part@$domain"
-  driver = smtp
-#####################################################
-### end transport/30_exim4-config_remote_smtp
-#####################################################
-#####################################################
-### transport/30_exim4-config_remote_smtp_smarthost
-#####################################################
-
-### transport/30_exim4-config_remote_smtp_smarthost
-#################################
-
-# This transport is used for delivering messages over SMTP connections
-# to a smarthost. The local host tries to authenticate and does some
-# modification in headers and return-path.
-# This transport is used for smarthost and satellite configurations.
-
-remote_smtp_smarthost:
-  debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
-  driver = smtp
-  hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}}
-  tls_tempfail_tryclear = false
-  DEBCONFheaders_rewriteDEBCONF
-  DEBCONFreturn_pathDEBCONF
-#####################################################
-### end transport/30_exim4-config_remote_smtp_smarthost
-#####################################################
-#####################################################
-### transport/35_exim4-config_address_directory
-#####################################################
-# This transport is used for handling file addresses generated by alias
-# or .forward files if the path ends in "/", which causes it to be treated
-# as a directory name rather than a file name.
-
-address_directory:
-  debug_print = "T: address_directory for $local_part@$domain"
-  driver = appendfile
-  envelope_to_add = true
-  return_path_add = true
-  check_string = ""
-  escape_string = ""
-  maildir_format
-
-#####################################################
-### end transport/35_exim4-config_address_directory
-#####################################################
-#####################################################
-### retry/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      RETRY CONFIGURATION                           #
-######################################################################
-
-begin retry
-
-#####################################################
-### end retry/00_exim4-config_header
-#####################################################
-#####################################################
-### retry/30_exim4-config
-#####################################################
-
-# This single retry rule applies to all domains and all errors. It specifies
-# retries every 15 minutes for 2 hours, then increasing retry intervals,
-# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
-# hours, then retries every 6 hours until 4 days have passed since the first
-# failed delivery.
-
-# Please note that these rules only limit the frequenzy of retries, the
-# effective retry-time depends on the frequenzy of queue-running, too.
-# See QUEUEINTERVAL in /etc/default/exim4.
-
-# Domain               Error       Retries
-# ------               -----       -------
-
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-
-
-
-#####################################################
-### end retry/30_exim4-config
-#####################################################
-#####################################################
-### rewrite/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                      REWRITE CONFIGURATION                         #
-######################################################################
-
-begin rewrite
-
-#####################################################
-### end rewrite/00_exim4-config_header
-#####################################################
-#####################################################
-### rewrite/31_exim4-config_rewriting
-#####################################################
-
-### rewrite/31_exim4-config_rewriting
-#################################
-
-# This rewriting rule is particularily useful for dialup users who
-# don't have their own domain, but could be useful for anyone.
-# It looks up the real address of all local users in a file
-*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}\
-                   {$value}fail} Ffrs
-# identical rewriting rule for /etc/mailname
-DEBCONFrewriteemailaddresses_mailnameDEBCONF
-
-
-#####################################################
-### end rewrite/31_exim4-config_rewriting
-#####################################################
-#####################################################
-### auth/00_exim4-config_header
-#####################################################
-
-######################################################################
-#                   AUTHENTICATION CONFIGURATION                     #
-######################################################################
-
-begin authenticators
-
-
-#####################################################
-### end auth/00_exim4-config_header
-#####################################################
-#####################################################
-### auth/30_exim4-config_examples
-#####################################################
-
-### auth/30_exim4-config_examples
-#################################
-
-# The examples below are for server side authentication; they allow two
-# styles of plain-text authentication against an CONFDIR/passwd file
-# which should have user names in the first column and crypted passwords
-# in the second. The columns need to be separated by ':'. For CRAM-MD5
-# exim needs access to the UNECRYPTED passwd - the example below assumes
-# it is available in the third column of CONFDIR/passwd
-
-# plain_server:
-#   driver = plaintext
-#   public_name = PLAIN
-#   server_condition = "${if crypteq{$3}{${extract{1}{:}{${lookup{$2}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
-#   server_set_id = $2
-#   server_prompts = :
-#
-# login_server:
-#   driver = plaintext
-#   public_name = LOGIN
-#   server_prompts = "Username:: : Password::"
-#   server_condition = "${if crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
-#   server_set_id = $1
-#
-# cram_md5_server:
-#   driver = cram_md5
-#   public_name = CRAM-MD5
-#   server_secret = ${extract{2}{:}{${lookup{$1}lsearch{CONFDIR/passwd}{$value}fail}}}
-#   server_set_id = $1
-
-# Here is an example of CRAM-MD5 authentication against PostgreSQL:
-#
-# psqldb_auth:
-#   driver = cram_md5
-#   public_name = CRAM-MD5
-#   server_secret = ${lookup pgsql{SELECT pw FROM users WHERE username = '${quote_pgsql:$1}'}{$value}fail}
-#   server_set_id = $1
-
-# Authenticate against local passwords using sasl2-bin
-# Requires exim_uid to be a member of sasl group, see README.SMTP-AUTH
-# plain_saslauthd:
-#   driver = plaintext
-#   public_name = PLAIN
-#   # don't send system passwords over unencrypted connections
-#   server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
-#   server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
-#   server_set_id = $2
-#   server_prompts = :
-#
-# login_saslauthd:
-#   driver = plaintext
-#   public_name = LOGIN
-#   server_prompts = "Username:: : Password::"
-#   # don't send system passwords over unencrypted connections
-#   server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
-#   server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
-#   server_set_id = $1
-
-##############
-# See /usr/share/doc/exim4-base/README.SMTP-AUTH
-##############
-
-# These examples below are the equivalent for client side authentication.
-# They get the passwords from CONFDIR/passwd.client. This file should have
-# three columns separated by colons, the first contains the name of the
-# mailserver to authenticate against, the second the username and the third
-# contains the password.
-
-### # example for CONFDIR/passwd.client
-### mail.server:blah:secret
-### # default entry:
-### *:bar:foo
-
-cram_md5:
-  driver = cram_md5
-  public_name = CRAM-MD5
-  client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
-  client_secret = ${extract{2}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
-
-# Because AUTH PLAIN sends the password in clear, per default we only allow it
-# over encrypted connections. If you want to change this disable the existing
-# "client send" entry and enable the one below without the "if !eq{$tls_cipher}{}"
-# by removing the hash-mark (#) at the beginning of the line.
-plain:
-  driver = plaintext
-  public_name = PLAIN
-  client_send = "${if !eq{$tls_cipher}{}{\
-                     ^${extract{1}{::}\
-		       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
-		     ^${extract{2}{::}\
-		       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
-		   }fail}"
-#  client_send = "^${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
-
-# Because AUTH LOGIN sends the password in clear, per default we only allow it
-# over encrypted connections. If you want to change this disable the existing
-# "client send" entry and enable the one below without the "if !eq{$tls_cipher}{}"
-# by removing the hash-mark (#) at the beginning of the line.
-login:
-  driver = plaintext
-  public_name = LOGIN
-  client_send = "${if !eq{$tls_cipher}{}{}fail}\
-                 : ${extract{1}{::}\
-		        {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
-		 : ${extract{2}{::}\
-		     {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
-#  client_send = ": ${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} : ${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
-
-
-
-#####################################################
-### end auth/30_exim4-config_examples
-#####################################################

Deleted: trunk/vhffs-doc/config/exim4-mx2/passwd.client
===================================================================
--- trunk/vhffs-doc/config/exim4-mx2/passwd.client	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx2/passwd.client	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,7 +0,0 @@
-### CONFDIR/passwd.client
-#
-# Format:
-#targetmailserver.example:login:password
-#
-# default entry:
-### *:bar:foo

Deleted: trunk/vhffs-doc/config/exim4-mx2/update-exim4.conf.conf
===================================================================
--- trunk/vhffs-doc/config/exim4-mx2/update-exim4.conf.conf	2007-07-03 14:17:18 UTC (rev 653)
+++ trunk/vhffs-doc/config/exim4-mx2/update-exim4.conf.conf	2007-07-03 14:39:58 UTC (rev 654)
@@ -1,17 +0,0 @@
-# /etc/exim4/update-exim4.conf.conf
-#
-# Edit this file and /etc/mailname by hand and execute update-exim4.conf
-# yourself or use 'dpkg-reconfigure exim4-config'
-
-dc_eximconfig_configtype='internet'
-dc_other_hostnames='tetsuo'
-dc_local_interfaces=''
-dc_readhost=''
-dc_relay_domains='mx1.tuxfamily.net:mx1.tuxfamily.org:localost'
-dc_minimaldns='false'
-dc_relay_nets=''
-dc_smarthost=''
-CFILEMODE='644'
-dc_use_split_config='false'
-dc_hide_mailname=''
-dc_mailname_in_oh='true'


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/