-
Notifications
You must be signed in to change notification settings - Fork 3
/
exim4.conf.sample
80 lines (61 loc) · 2.22 KB
/
exim4.conf.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# don't open yourself up to the internets
local_interfaces = <; [127.0.0.1]:25 ; [::1]:25
# sender must be an ses sender, any recipients are good
acl_not_smtp = acl_ses_users
acl_smtp_mail = acl_ses_users
acl_smtp_rcpt = acl_accept_any
ignore_bounce_errors_after = 1d
timeout_frozen_after = 7d
# add your sending user here if the sender name needs to be forced
trusted_users = root : some_local_user
# add your mailname setting here (from /etc/mailname)
ETC_MAILNAME=timetric.vm.bytemark.co.uk
# and any other local domains here:
MAIN_LOCAL_DOMAINS=@:localhost:empty
domainlist local_domains = MAIN_LOCAL_DOMAINS
begin acl
acl_ses_users:
discard
senders = :
logwrite = :main,reject: absorbing bounce
accept
senders = lsearch;/etc/exim4/ses.senders
logwrite = :main: forwarding to SES
deny
message = "access denied"
acl_accept_any:
accept
begin routers
system_aliases:
driver = redirect
domains = +local_domains
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
ses:
driver = accept
transport = ses
begin transports
# make sure to specify your AWS creds below, and remove DEBUG=True unless you want all of the logs in /tmp
# If you're using DKIM, then specify all the DKIM variablaes; otherwise simply delete them.
ses:
driver = pipe
path = /bin:/usr/bin:/usr/local/bin:/opt/local/bin/
environment = AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXXX:AWS_SECRET_KEY=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY:DEBUG=True:DKIM=True:DKIM_DOMAIN=example.com:DKIM_SELECTOR=xxx:DKIM_KEY_FILE=/path/to/keyfile
command = exim_ses_transport $sender_address $pipe_addresses
batch_max = 25
temp_errors = 1 : 2 : 3 : 4 : 6 : 8 : 9 : 73 : 75
# 1, 2, 3, 6, and 8 are usually misconfiguration
# 4 is usually transient
# 5 and 7 are pretty much always fatal
# 73 and 75 are some default system specified exits (see sysexit.h), we don't use them for now
log_fail_output
log_defer_output
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,5d,8h
begin rewrite
*@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses}\
{$value}fail}" Ffrs
*@ETC_MAILNAME "${lookup{${local_part}}lsearch{/etc/email-addresses}\
{$value}fail}" Ffrs
begin authenticators