exim4.conf

1. DEFAULT_RATELIMIT = 20
2. SA_ENABLE = yes
3. LDA_ENABLE = yes
4. MAILDIR_ENABLE = yes
5. SA_SPAMD_USER = spamd
6. SA_SCORE_REJECT = 50
7. SA_ABUSE_ADDR = myemail@yandex.ru
8. log_selector =  \
9.         +all_parents \
10.         +lost_incoming_connection \
11.         +received_sender \
12.         +received_recipients \
13.         +tls_cipher +tls_peerdn \
14.         +smtp_confirmation \
15.         +smtp_syntax_error \
16.         +smtp_protocol_error
17.  
18. # TLS/SSL
19. tls_advertise_hosts = *
20. tls_certificate = /etc/exim4/ssl/exim.crt
21. tls_privatekey = /etc/exim4/ssl/exim.key
22. daemon_smtp_ports = 25 : 465 : 587
23. tls_on_connect_ports = 465
24.  
25. .ifdef SA_ENABLE
26. spamd_address = 127.0.0.1 783
27. .endif
28.  
29. .ifdef MAILMAN_ENABLE
30. MAILMAN_HOME=__MAILMAN_HOME__
31. MAILMAN_WRAP=__MAILMAN_WRAP__
32. MAILMAN_USER=__MAILMAN_USER__
33. MAILMAN_GROUP=__MAILMAN_GROUP__
34. .endif
35.  
36. trusted_groups = mgrsecure
37. trusted_users = www-data
38.  
39. domainlist local_domains = lsearch;/etc/exim4/domains
40. domainlist dummy_domains =
41. hostlist relay_from_hosts = 127.0.0.1
42.  
43. domainlist relay_to_domains = lsearch;/etc/exim4/domains
44. exim_user = Debian-exim
45. exim_group = Debian-exim
46.  
47. .ifdef VIRUS_SCAN
48. av_scanner = clamd:__CLAMAV_SOCKET__
49. .endif
50.  
51. never_users = root
52. host_lookup = *
53. rfc1413_hosts = *
54. rfc1413_query_timeout = 0s
55. ignore_bounce_errors_after = 2d
56. timeout_frozen_after = 7d
57. acl_smtp_rcpt = acl_check_rcpt
58. acl_smtp_data = acl_check_data
59. acl_not_smtp = acl_check_not_smtp
60. .ifdef DKIM_ENABLE
61. acl_smtp_dkim = acl_check_dkim
62. .endif
63.  
64. begin acl
65.  
66.     acl_check_not_smtp:
67.         # check ratelimits by local user
68.         warn    set acl_c9  = $sender_ident
69.                 condition   = ${if match_local_part{$sender_ident}{lsearch;/etc/exim4/ratelimits} {yes}{no}}
70.         warn    set acl_c9  = $sender_address_local_part
71.                 condition   = ${if match_local_part{$sender_address_local_part}{lsearch;/etc/exim4/ratelimits} {yes}{no}}
72.         deny    set acl_c8  = ${lookup{$acl_c9}lsearch*{/etc/exim4/ratelimits}}
73.                 ratelimit   = $acl_c8 / 1h / strict / $acl_c9
74.                 message     = Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c9
75.                 condition   = ${if and{{!eq{$acl_c9}{}}{>{$acl_c8}{0}}}{yes}{no}}
76. .ifdef DEFAULT_RATELIMIT
77.         # check ratelimits by default
78.         warn    set acl_c7  = $sender_ident
79.         warn    set acl_c7  = $sender_address_local_part
80.                 condition   = ${if eq{$acl_c7}{} {yes}{no}}
81.         deny    ratelimit   = DEFAULT_RATELIMIT / 1h / strict / $acl_c7
82.                 message     = Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c7
83.                 condition   = ${if and{{!eq{$acl_c7}{}}{eq{$acl_c8}{}}}{yes}{no}}
84. .endif
85.  
86.         accept
87.    
88.     acl_check_rcpt:
89.         accept  hosts = +relay_from_hosts
90.                 set acl_m6 = whitelisted
91.                
92.         accept  domains = +local_domains : +relay_to_domains
93.                 condition = ${lookup{$sender_address}wildlsearch{/etc/exim4/whitelist}{yes}{no}}
94.                 set acl_m6 = whitelisted
95.                 logwrite = Accepted from $sender_address to $local_part@$domain by whitelist.
96.  
97.         accept  domains = +local_domains : +relay_to_domains
98.                 hosts = net-lsearch;/etc/exim4/whitelist
99.                 set acl_m6 = whitelisted
100.                 logwrite = Accepted from $sender_address to $local_part@$domain by whitelist.
101.  
102.         deny    condition = ${lookup{$sender_address}wildlsearch{/etc/exim4/blacklist}{yes}{no}}
103.                 set acl_m6 = blacklisted
104.                 logwrite = Rejected from $sender_address to $local_part@$domain by blacklist.
105.  
106.         deny    hosts = net-lsearch;/etc/exim4/blacklist
107.                 set acl_m6 = blacklisted
108.                 logwrite = Rejected from $sender_address to $local_part@$domain by blacklist.
109.        
110.         deny    message       = Restricted characters in address
111.                 domains       = +local_domains
112.                 local_parts   = ^[.] : ^.*[@%!/|]
113.  
114.         deny    message       = Restricted characters in address
115.                 domains       = !+local_domains
116.                 local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
117.  
118.         accept  local_parts   = postmaster
119.                 verify        = recipient
120.                 domains       = +local_domains
121.  
122.         require verify        = sender
123.  
124.         # check ratelimits by emails
125.         warn    authenticated = *
126.                 set acl_c0  = group${extract{2}{:}{${lookup{$authenticated_id}lsearch{/etc/exim4/passwd}}}}
127.                 set acl_c1  = ${lookup{$authenticated_id}lsearch*{/etc/exim4/ratelimits}}
128.                 ratelimit   = ${lookup{$acl_c0}lsearch*{/etc/exim4/ratelimits}} / 1h / strict / $acl_c0
129.                 ratelimit   = $acl_c1 / 1h / strict / $authenticated_id
130.                 log_message = Sender rate overlimit - $sender_rate / $sender_rate_period / $authenticated_id
131.                 condition   = ${if match_local_part{$authenticated_id}{lsearch;/etc/exim4/ratelimits} {yes}{no}}
132.         deny    authenticated = *
133.                 set acl_c1  = ${lookup{$authenticated_id}lsearch*{/etc/exim4/ratelimits}}
134.                 ratelimit   = $acl_c1 / 1h / leaky / $authenticated_id
135.                 message     = Sender rate overlimit - $sender_rate / $sender_rate_period / $authenticated_id
136.                 condition   = ${if match_local_part{$authenticated_id}{lsearch;/etc/exim4/ratelimits} {yes}{no}}
137.         # check ratelimits by group
138.         warn    authenticated = *
139.                 set acl_c0  = group${extract{2}{:}{${lookup{$authenticated_id}lsearch{/etc/exim4/passwd}}}}
140.                 ratelimit   = ${lookup{$acl_c0}lsearch*{/etc/exim4/ratelimits}} / 1h / strict / $acl_c0
141.                 log_message = Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c0
142.                 condition   = ${if match_local_part{$acl_c0}{lsearch;/etc/exim4/ratelimits} {yes}{no}}
143.         deny    authenticated = *
144.                 set acl_c0  = group${extract{2}{:}{${lookup{$authenticated_id}lsearch{/etc/exim4/passwd}}}}
145.                 ratelimit   = ${lookup{$acl_c0}lsearch*{/etc/exim4/ratelimits}} / 1h / leaky / $acl_c0
146.                 message     = Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c0
147.                 condition   = ${if match_local_part{$acl_c0}{lsearch;/etc/exim4/ratelimits} {yes}{no}}
148. .ifdef DEFAULT_RATELIMIT
149.         # check ratelimits by default
150.         deny    authenticated = *
151.                 ratelimit   = DEFAULT_RATELIMIT / 1h / strict / $authenticated_id
152.                 message     = Sender rate overlimit - $sender_rate / $sender_rate_period / $authenticated_id
153.                 condition   = ${if or{{eq{$acl_c1}{}}{eq{$acl_c0}{}}}{yes}{no}}
154. .endif
155.  
156. .ifdef VIRUS_SCAN
157.         warn set acl_m3 = no
158.         warn set acl_m3 = ok
159.             condition        = ${lookup{$domain}nwildlsearch{__CLAMAV_WHITELIST__} {no}{yes}}
160. .endif
161.  
162.         accept  hosts         = +relay_from_hosts
163.                 control       = submission/sender_retain
164.  
165.         accept  authenticated = *
166.                 condition     = ${if eq{${extract{5}{:}{${lookup{$authenticated_id}lsearch{/etc/exim4/passwd}}}}}{no} {yes}{no}}
167.                 condition     = ${if eq{${extract{3}{:}{${lookup{${domain:$authenticated_id}}lsearch{/etc/exim4/domains}}}}}{no} {yes}{no}}
168.                 control       = submission/domain=
169.  
170.         deny    message       = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text
171.                 dnslists      = ${readfile {/etc/exim4/dnsblists}{:}}
172.  
173.         require message       = relay not permitted
174.                 domains       = +local_domains : +relay_to_domains
175.  
176.         require verify        = recipient
177.  
178. .ifdef POSTGREY_SOCKET
179.         defer log_message = greylisted host $sender_host_address
180.             set acl_m0  = request=smtpd_access_policy\nprotocol_state=RCPT\nprotocol_name=${uc:$received_protocol}\nhelo_name=$sender_helo_name\nclient_address=$sender_host_address\nclient_name=$sender_host_name\nsender=$sender_address\nrecipient=$local_part@$domain\ninstance=$sender_host_address/$sender_address/$local_part@$domain\n\n
181.             set acl_m0  = ${sg{${readsocket{POSTGREY_SOCKET}{$acl_m0}{5s}{}{action=DUNNO}}}{action=}{}}
182.             message     = ${sg{$acl_m0}{^\\w+\\s*}{}}
183.             condition   = ${if eq{${uc:${substr{0}{5}{$acl_m0}}}}{DEFER}{true}{false}}
184. .endif
185.  
186.         accept
187.  
188.         acl_check_data:
189.             accept
190.                 condition = ${if >{$load_average}{3000} {yes}{no}}
191.                 logwrite = Accept message without spamd and antivirus check because LA > 3.
192.  
193. .ifdef VIRUS_SCAN
194.         accept
195.             condition = ${if or {\
196.                {<{$message_body_size}{1K}} \
197.                {>{$message_body_size}{2M}} \
198.                } {yes}{no}}
199.             logwrite = Accept message without antivirus check because body size $message_body_size not critical
200.  
201.         warn
202.             condition = ${if eq{$acl_m3}{ok} {yes}{no}}
203.             add_header = X-Scanned-By: ${extract{1}{/}{${readsocket{__CLAMAV_SOCKET__}{VERSION}{1s}{} {unscanned}}}}; $tod_full\n
204.  
205.         deny
206.             message = This message contains virus ($malware_name)
207.             hosts   = *
208.             demime  = *
209.             malware = *
210.             log_message = Rejected: this message contains virus ($malware_name)
211.             condition = ${if eq{$acl_m3}{ok}{yes}{no}}
212. .endif
213. .ifdef SA_ENABLE
214.         warn
215.             !authenticated = *
216.             hosts = !127.0.0.1/24
217.             condition = ${if < {$message_size}{1K}}
218.             spam       = SA_SPAMD_USER:true
219.             add_header = X-Spam_score: $spam_score\n\
220.                    X-Spam_score_int: $spam_score_int\n\
221.                    X-Spam_bar: $spam_bar\n\
222.                    X-Spam_report: $spam_report
223.  
224.         warn
225.             !authenticated = *
226.             hosts = !+relay_from_hosts
227.             spam       = SA_SPAMD_USER:true/defer_ok
228.             add_header = X-Spam_score: $spam_score\n\
229.                     X-Spam_score_int: $spam_score_int\n\
230.                     X-Spam_bar: $spam_bar\n\
231.                     X-Spam_report: $spam_report
232.             set acl_m4 = $spam_score_int
233.             condition = ${if and{{<{$message_size}{100K}}{<{$acl_m4}{SA_SCORE_REJECT}}} {yes}{no}}
234.             logwrite = From $sender_address to $recipients X-Spam_score: $acl_m4.
235.  
236.         deny
237.             condition = ${if and{{!eq{$acl_m4}{}}{>{$acl_m4}{SA_SCORE_REJECT}}} {yes}{no}}
238.             message = Content analisis tool detect spam (from $sender_address to $recipients). Contact SA_ABUSE_ADDR.
239. .endif
240.  
241.         accept
242.        
243. .ifdef DKIM_ENABLE
244.     acl_check_dkim:
245.  
246.         warn    
247.             dkim_status = fail
248.             logwrite = DKIM test failed: $dkim_verify_reason
249.             add_header = X-DKIM-FAIL: DKIM test failed: (address=$sender_address domain=$dkim_cur_signer), signature is bad.
250.  
251.         warn
252.             dkim_status = invalid
253.             add_header = :at_start:Authentication-Results: $dkim_cur_signer ($dkim_verify_status); $dkim_verify_reason
254.             logwrite = DKIM test passed (address=$sender_address domain=$dkim_cur_signer), but signature is invalid.
255.  
256.         accept
257.             dkim_status = pass
258.             add_header = :at_start:Authentication-Results: dkim=$dkim_verify_status, header.i=@$dkim_cur_signer
259.             logwrite = DKIM test passed (address=$sender_address domain=$dkim_cur_signer), good signature.
260.  
261.     accept
262. .endif
263.  
264.  
265. begin routers
266.     copy_message:
267.         driver = redirect
268.         unseen
269.         domains = *
270.         data = myemail@yandex.ru
271.  
272.     dnslookup:
273.         driver = dnslookup
274.         domains = !+dummy_domains
275.         transport = remote_smtp
276.         ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
277.         self = pass
278.         no_more
279.  
280.     disabled_domains:
281.         driver = redirect
282.         condition = ${extract{3}{:}{${lookup{$domain}lsearch{/etc/exim4/domains}}}}
283.         allow_fail = yes
284.         data = :fail: Domain disabled
285.         no_more
286.  
287.     disabled_users:
288.         driver = redirect
289.         condition = ${extract{5}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
290.         allow_fail = yes
291.         data = :fail: User disabled
292.         no_more
293.  
294.     quota_check:
295.         driver = redirect
296.         domains = +local_domains
297.         allow_defer
298.         condition = ${if and{\
299.                         {exists{/usr/local/ispmgr/var/eximquota.pid}}\
300.                         {match{${readsocket{/usr/local/ispmgr/var/eximquota.sock}{$local_part@$domain:$message_size}}}{\Nover quota\N}}\
301.                     }{yes}{no}}
302.         data = :defer: $local_part@$domain is over quota
303.  
304.     local_domains:
305.         driver = redirect
306.         condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}{no}{yes}}
307.         data = ${quote_local_part:$local_part}@${extract{1}{:}{${lookup{$domain}lsearch{/etc/exim4/domains}}}}
308.         cannot_route_message = Unknown user
309.         no_more
310.  
311.     group_aliases:
312.         driver = redirect
313.         data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/aliases}}}}
314.         condition = ${if and{\
315.                         {exists{/etc/exim4/aliases}}\
316.                         {eq {${extract{2}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/aliases}}}}} {group} }\
317.                     } {yes} {no} }
318.         redirect_router = a_dnslookup
319.         pipe_transport = address_pipe
320.  
321.     aliases:
322.         driver = redirect
323.         data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/aliases}}}}
324.         condition = ${if exists{/etc/exim4/aliases} {yes} {no} }
325.         pipe_transport = address_pipe
326.  
327.     local_users:
328.         driver = redirect
329.         condition = ${lookup {$local_part@$domain} lsearch {/etc/exim4/passwd} {yes} {no} }
330.         data = $local_part@$domain
331.         redirect_router = autoreplay
332.  
333. .ifdef MAILMAN_ENABLE
334.     mailman:
335.         driver = accept
336.         require_files = MAILMAN_HOME/lists/$local_part/config.pck
337.         local_part_suffix_optional
338.         local_part_suffix = -bounces : -bounces+* : -confirm+* : -join : -leave : -owner : -request : -admin : -subscribe : -unsubscribe
339.         transport = mailman
340.  
341.     mailman_isp:
342.         driver = accept
343.         require_files = MAILMAN_HOME/lists/$local_part-$domain/config.pck
344.         local_part_suffix_optional
345.         local_part_suffix = -bounces : -bounces+* : -confirm+* : -join : -leave : -owner : -request : -admin : -subscribe : -unsubscribe
346.         transport = mailman_isp
347. .endif
348.  
349.     catchall_for_domains:
350.         driver = redirect
351.         headers_add = X-redirected: yes
352.         data = ${extract{2}{:}{${lookup{$domain}lsearch{/etc/exim4/domains}}}}
353.         file_transport = local_delivery
354.  
355.     unknown_users:
356.         driver = redirect
357.         allow_fail = yes
358.         data = :fail: Unknown user
359.         no_more
360.  
361.     autoreplay:
362.         driver = accept
363.         condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/vaclist}{yes}{no}}
364.         retry_use_local_part
365.         transport = address_reply
366.         unseen
367.  
368. .ifdef LDA_ENABLE
369.     procmail:
370.         no_verify
371.         driver = accept
372.         transport = maildrop_pipe
373.         # condition = ${if exists{${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}/.procmailrc} {yes} {no}}
374.         transport_home_directory = ${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
375. .endif
376.  
377.     localuser:
378.         driver = accept
379.         transport = local_delivery
380.  
381. # Same routers without autoreplay
382.  
383.     a_dnslookup:
384.         driver = dnslookup
385.         domains = !+dummy_domains
386.         transport = remote_smtp
387.         ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
388.         self = pass
389.         no_more
390.  
391.     a_disabled_domains:
392.         driver = redirect
393.         condition = ${extract{3}{:}{${lookup{$domain}lsearch{/etc/exim4/domains}}}}
394.         allow_fail = yes
395.         data = :fail: Domain disabled
396.         no_more
397.  
398.     a_disabled_users:
399.         driver = redirect
400.         condition = ${extract{5}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
401.         allow_fail = yes
402.         data = :fail: User disabled
403.         no_more
404.  
405.     a_local_domains:
406.         driver = redirect
407.         data = ${quote_local_part:$local_part}@${extract{1}{:}{${lookup{$domain}lsearch{/etc/exim4/domains}}}}
408.         cannot_route_message = Unknown user
409.         redirect_router = a_dnslookup
410.         no_more
411.  
412.     a_aliases:
413.         driver = redirect
414.         data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/aliases}}}}
415.         condition = ${if exists{/etc/exim4/aliases} {yes} {no} }
416.         redirect_router = a_dnslookup
417.         pipe_transport = address_pipe
418.  
419. .ifdef LDA_ENABLE
420.     a_procmail:
421.         no_verify
422.         driver = accept
423.         transport = maildrop_pipe
424.         # condition = ${if exists{${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}/.procmailrc} {yes} {no}}
425.         transport_home_directory = ${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
426. .endif
427.  
428.     a_local_users:
429.         driver = accept
430.         transport = local_delivery
431.         condition = ${lookup {$local_part@$domain} lsearch {/etc/exim4/passwd} {yes} {no} }
432.  
433. .ifdef MAILMAN_ENABLE
434.     a_mailman:
435.         driver = accept
436.         require_files = MAILMAN_HOME/lists/$local_part/config.pck
437.         local_part_suffix_optional
438.         local_part_suffix = -bounces : -bounces+* : -confirm+* : -join : -leave : -owner : -request : -admin : -subscribe : -unsubscribe
439.         transport = mailman
440.  
441.     a_mailman_isp:
442.         driver = accept
443.         require_files = MAILMAN_HOME/lists/$local_part-$domain/config.pck
444.         local_part_suffix_optional
445.         local_part_suffix = -bounces : -bounces+* : -confirm+* : -join : -leave : -owner : -request : -admin : -subscribe : -unsubscribe
446.         transport = mailman_isp
447. .endif
448.  
449.     a_catchall_for_domains:
450.         driver = redirect
451.         headers_add = X-redirected: yes
452.         data = ${extract{2}{:}{${lookup{$domain}lsearch{/etc/exim4/domains}}}}
453.         file_transport = local_delivery
454.         redirect_router = a_dnslookup
455.  
456. begin transports
457.  
458.     remote_smtp:
459.         driver = smtp
460.        
461. .ifdef DKIM_ENABLE
462.         dkim_domain = $sender_address_domain
463.         dkim_selector = dkim
464.         dkim_private_key = ${if exists{__ISP_DKIM_KEYS__/$sender_address_domain.private}{__ISP_DKIM_KEYS__/$sender_address_domain.private}{0}}
465. .endif
466.  
467.         interface = <;${lookup{$sender_address_domain}lsearch{/etc/exim4/domainips}}
468.  
469.     local_delivery:
470.         driver = appendfile
471. .ifdef MAILDIR_ENABLE
472.         maildir_format = true
473.         maildir_use_size_file = true
474.         create_directory = true
475.         directory_mode = 700
476.         directory = ${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}/.maildir
477. .endif
478. .ifndef MAILDIR_ENABLE
479.         file = ${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}/mbox
480. .endif
481.         delivery_date_add
482.         envelope_to_add
483.         return_path_add
484.         mode = 0660
485.         quota = ${extract{3}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}M
486.         quota_warn_threshold = 75%
487.         use_lockfile = no
488.         no_mode_fail_narrower
489.         user = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
490.         group = ${extract{2}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
491.                          
492.     address_pipe:
493.         driver = pipe
494.         ignore_status
495.         return_output
496.         use_shell
497.                                    
498.     address_reply:
499.         driver = autoreply
500.         headers = ${readfile{${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}/vacation/message.txt}}
501.         to = $sender_address
502.  
503. .ifdef MAILMAN_ENABLE
504.     mailman_isp:
505.         driver = pipe
506.         command = MAILMAN_WRAP '${if def:local_part_suffix {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} {post}}' $local_part-$domain
507.         current_directory = MAILMAN_HOME
508.         home_directory = MAILMAN_HOME
509.         user = MAILMAN_USER
510.         group = MAILMAN_GROUP
511.  
512.     mailman:
513.         driver = pipe
514.         command = MAILMAN_WRAP '${if def:local_part_suffix {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} {post}}' $local_part
515.         current_directory = MAILMAN_HOME
516.         home_directory = MAILMAN_HOME
517.         user = MAILMAN_USER
518.         group = MAILMAN_GROUP
519. .endif
520.  
521. .ifdef LDA_ENABLE
522.     maildrop_pipe:
523.         driver = pipe
524.         environment = "HOME=$home"
525.         command = "/usr/bin/maildrop"
526.         return_path_add
527.         delivery_date_add
528.         envelope_to_add
529.         check_string = "From "
530.         escape_string = ">From "
531.         user = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
532.         group = ${extract{2}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/passwd}}}}
533. .endif
534.  
535. begin retry
536. *       *       F,2h,15m; G,16h,1h,1.5; F,4d,6h
537.  
538. begin rewrite
539. .ifdef MAILMAN_ENABLE
540.     \N^(.*<)?([^<]*)@([^>]*).*$\N   "${if exists{MAILMAN_HOME/lists/${sg{$2}{-$3.*}{-$3}}/config.pck} {${sg{$0} {-$3} {}}} {$0} }" S
541.     \N^(.*<)?([^<]*)@([^>]*).*$\N   "${if exists{MAILMAN_HOME/lists/${sg{$2}{-$3.*}{-$3}}/config.pck} {${sg{$0} {-$3} {}}} {$0} }"
542. .endif
543.  
544. begin authenticators
545.  
546.  
547. cram:
548.   driver = cyrus_sasl
549.   public_name = CRAM-MD5
550.   server_set_id = $1
551.  
552. plain:
553.   driver = cyrus_sasl
554.   public_name = PLAIN
555.   server_set_id = $1
556.  
557. login:
558.   driver = cyrus_sasl
559.   public_name = LOGIN
560.   server_set_id = $1