summaryrefslogtreecommitdiffstats
path: root/krebs/3modules/exim-smarthost.nix
diff options
context:
space:
mode:
authornin <nineinchnade@gmail.com>2017-10-17 21:37:13 +0200
committernin <nineinchnade@gmail.com>2017-10-17 21:37:13 +0200
commit10850a202732728f4b95da7208005617606c2062 (patch)
treec3d506a70fc715369b42dfc31849c7155f035c6a /krebs/3modules/exim-smarthost.nix
parent9afe5210f2a44cacac4f3527b6c8b561d9e4296b (diff)
parent9af86e7134ae2f134bc93baf5d0332ad2a77f9f9 (diff)
Merge remote-tracking branch 'temp/master'
Diffstat (limited to 'krebs/3modules/exim-smarthost.nix')
-rw-r--r--krebs/3modules/exim-smarthost.nix45
1 files changed, 17 insertions, 28 deletions
diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix
index dd4a7ccc9..5f93ae937 100644
--- a/krebs/3modules/exim-smarthost.nix
+++ b/krebs/3modules/exim-smarthost.nix
@@ -157,39 +157,28 @@ let
begin acl
acl_check_rcpt:
- accept hosts = :
- control = dkim_disable_verify
+ deny
+ local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+ message = restricted characters in address
- deny message = Restricted characters in address
- domains = +local_domains
- local_parts = ^[.] : ^.*[@%!/|]
-
- deny message = Restricted characters in address
- domains = !+local_domains
- local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-
- accept local_parts = postmaster
- domains = +local_domains
-
- accept hosts = +relay_from_hosts
- control = submission
- control = dkim_disable_verify
-
- accept authenticated = *
- control = submission
- control = dkim_disable_verify
-
- accept message = relay not permitted 2
- recipients = lsearch*@;${lsearch.internet-aliases}
+ accept
+ recipients = lsearch*@;${lsearch.internet-aliases}
- require message = relay not permitted
- domains = +local_domains : +relay_to_domains
+ accept
+ authenticated = *
+ control = dkim_disable_verify
+ control = submission
- require
- message = unknown user
- verify = recipient/callout
+ accept
+ control = dkim_disable_verify
+ control = submission
+ hosts = +relay_from_hosts
accept
+ domains = +local_domains : +relay_to_domains
+
+ deny
+ message = relay not permitted
acl_check_data: