X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;ds=sidebyside;f=src%2Fsrc%2Fconfigure.default;h=3223bffae402882df28427663c83a375e49480a3;hb=ff1c79bc224878d274eebc592750e525d1a98f9b;hp=73fbc0ce8130bdc17ff49d2a56b88ef38d2d72d0;hpb=6901c5962fbad16ca6010db5a3efd4bd8993125a;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/configure.default b/src/src/configure.default index 73fbc0ce8..3223bffae 100644 --- a/src/src/configure.default +++ b/src/src/configure.default @@ -1,5 +1,3 @@ -# $Cambridge: exim/src/src/configure.default,v 1.15 2010/06/03 08:19:13 pdp Exp $ - ###################################################################### # Runtime configuration file for Exim # ###################################################################### @@ -58,7 +56,9 @@ domainlist local_domains = @ domainlist relay_to_domains = -hostlist relay_from_hosts = 127.0.0.1 +hostlist relay_from_hosts = localhost +# (We rely upon hostname resolution working for localhost, because the default +# uncommented configuration needs to work in IPv4-only environments.) # Most straightforward access control requirements can be obtained by # appropriate settings of the above options. In more complicated situations, @@ -93,12 +93,13 @@ hostlist relay_from_hosts = 127.0.0.1 # to any other host on the Internet. Such a setting commonly refers to a # complete local network as well as the localhost. For example: # -# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16 +# hostlist relay_from_hosts = <; 127.0.0.1 ; ::1 ; 192.168.0.0/16 # # The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you # have to include 127.0.0.1 if you want to allow processes on your host to send # SMTP mail by using the loopback address. A number of MUAs use this method of -# sending mail. +# sending mail. Often, connections are made to "localhost", which might be ::1 +# on IPv6-enabled hosts. Do not forget CIDR for your IPv6 networks. # All three of these lists may contain many different kinds of item, including # wildcarded names, regular expressions, and file lookups. See the reference @@ -220,18 +221,26 @@ never_users = root host_lookup = * -# The settings below, which are actually the same as the defaults in the -# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP -# calls. You can limit the hosts to which these calls are made, and/or change -# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls -# are disabled. RFC 1413 calls are cheap and can provide useful information -# for tracing problem messages, but some hosts and firewalls have problems -# with them. This can result in a timeout instead of an immediate refused -# connection, leading to delays on starting up SMTP sessions. (The default was -# reduced from 30s to 5s for release 4.61.) +# The settings below cause Exim to make RFC 1413 (ident) callbacks +# for all incoming SMTP calls. You can limit the hosts to which these +# calls are made, and/or change the timeout that is used. If you set +# the timeout to zero, all RFC 1413 calls are disabled. RFC 1413 calls +# are cheap and can provide useful information for tracing problem +# messages, but some hosts and firewalls have problems with them. +# This can result in a timeout instead of an immediate refused +# connection, leading to delays on starting up SMTP sessions. +# (The default was reduced from 30s to 5s for release 4.61. and to +# disabled for release 4.86) +# +#rfc1413_hosts = * +#rfc1413_query_timeout = 5s + -rfc1413_hosts = * -rfc1413_query_timeout = 5s +# Enable an efficiency feature. We advertise the feature; clients +# may request to use it. For multi-recipient mails we then can +# reject or accept per-user after the message is received. +# +prdr_enable = true # By default, Exim expects all envelope addresses to be fully qualified, that @@ -247,6 +256,13 @@ rfc1413_query_timeout = 5s # and/or qualify_recipient (see above). +# Unless you run a high-volume site you probably want more logging +# detail than the default. Adjust to suit. + +log_selector = +smtp_protocol_error +smtp_syntax_error \ + +tls_certificate_verified + + # If you want Exim to support the "percent hack" for certain domains, # uncomment the following line and provide a list of domains. The "percent # hack" is the feature by which mail addressed to x%y@z (where z is one of @@ -306,6 +322,13 @@ timeout_frozen_after = 7d # because of some popular, yet buggy, mail composition software. +# If you wish to be strictly RFC compliant, or if you know you'll be +# exchanging email with systems that are not 8-bit clean, then you may +# wish to disable advertising 8BITMIME. Uncomment this option to do so. + +# accept_8bitmime = false + + ###################################################################### # ACL CONFIGURATION # # Specifies access control lists for incoming SMTP mail # @@ -534,9 +557,26 @@ dnslookup: domains = ! +local_domains transport = remote_smtp ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 +# if ipv6-enabled then instead use: +# ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1 no_more +# This alternative router can be used when you want to send all mail to a +# server which handles DNS lookups for you; an ISP will typically run such +# a server for their customers. If you uncomment "smarthost" then you +# should comment out "dnslookup" above. Setting a real hostname in route_data +# wouldn't hurt either. + +# smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_data = MAIL.HOSTNAME.FOR.CENTRAL.SERVER.EXAMPLE +# ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1 +# no_more + + # The remaining routers handle addresses in the local domain(s), that is those # domains that are defined by "domainlist local_domains" above. @@ -576,16 +616,18 @@ system_aliases: # file starts with the string "# Exim filter" or "# Sieve filter", uncomment # the "allow_filter" option. -# If you want this router to treat local parts with suffixes introduced by "-" -# or "+" characters as if the suffixes did not exist, uncomment the two local_ -# part_suffix options. Then, for example, xxxx-foo@your.domain will be treated -# in the same way as xxxx@your.domain by this router. You probably want to make -# the same change to the localuser router. - # The no_verify setting means that this router is skipped when Exim is # verifying addresses. Similarly, no_expn means that this router is skipped if # Exim is processing an EXPN command. +# If you want this router to treat local parts with suffixes introduced by "-" +# or "+" characters as if the suffixes did not exist, uncomment the two local_ +# part_suffix options. Then, for example, xxxx-foo@your.domain will be treated +# in the same way as xxxx@your.domain by this router. Because this router is +# not used for verification, if you choose to uncomment those options, then you +# will *need* to make the same change to the localuser router. (There are +# other approaches, if this is undesirable, but they add complexity). + # The check_ancestor option means that if the forward file generates an # address that is an ancestor of the current one, the current one gets # passed on instead. This covers the case where A is aliased to B and B @@ -764,7 +806,7 @@ begin authenticators # server_set_id = $auth2 # server_prompts = : # server_condition = Authentication is not yet configured -# server_advertise_condition = ${if def:tls_cipher } +# server_advertise_condition = ${if def:tls_in_cipher } # LOGIN authentication has traditional prompts and responses. There is no # authorization ID in this mechanism, so unlike PLAIN the username and @@ -776,7 +818,7 @@ begin authenticators # server_set_id = $auth1 # server_prompts = <| Username: | Password: # server_condition = Authentication is not yet configured -# server_advertise_condition = ${if def:tls_cipher } +# server_advertise_condition = ${if def:tls_in_cipher } ######################################################################