Merge remote-tracking branch 'temp/master'

author: nin <nineinchnade@gmail.com> 2017-10-17 21:37:13 +0200
committer: nin <nineinchnade@gmail.com> 2017-10-17 21:37:13 +0200
commit: 10850a202732728f4b95da7208005617606c2062 (patch)
tree: c3d506a70fc715369b42dfc31849c7155f035c6a /krebs/3modules
parent: 9afe5210f2a44cacac4f3527b6c8b561d9e4296b (diff)
parent: 9af86e7134ae2f134bc93baf5d0332ad2a77f9f9 (diff)
3 files changed, 34 insertions, 81 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 48cf7971b..c89f3229d 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -202,6 +202,7 @@ let
         "kontakt@eloop.org" = eloop-ml;
         "root@eloop.org" = eloop-ml;
         "eloop2016@krebsco.de" = eloop-ml;
+        "eloop2017@krebsco.de" = eloop-ml;
         "postmaster@krebsco.de" = spam-ml; # RFC 822
         "lass@krebsco.de" = lass;
         "makefu@krebsco.de" = makefu;
diff --git a/krebs/3modules/exim-retiolum.nix b/krebs/3modules/exim-retiolum.nix
index ca363c8d7..e08024977 100644
--- a/krebs/3modules/exim-retiolum.nix
+++ b/krebs/3modules/exim-retiolum.nix
@@ -43,7 +43,6 @@ let
           primary_hostname = ${cfg.primary_hostname}
           domainlist local_domains = ${concatStringsSep ":" cfg.local_domains}
           domainlist relay_to_domains = ${concatStringsSep ":" cfg.relay_to_domains}
-          hostlist   relay_from_hosts = <; 127.0.0.1 ; ::1
 
           acl_smtp_rcpt = acl_check_rcpt
           acl_smtp_data = acl_check_data
@@ -61,41 +60,15 @@ let
           begin acl
 
           acl_check_rcpt:
-            accept  hosts = :
-                    control = dkim_disable_verify
-
-            deny    message       = Restricted characters in address
-                    domains       = +local_domains
-                    local_parts   = ^[.] : ^.*[@%!/|]
-
-            deny    message       = Restricted characters in address
-                    domains       = !+local_domains
-                    local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-
-            accept  local_parts   = postmaster
-                    domains       = +local_domains
-
-            #accept
-            #  hosts = *.r
-            #  domains = *.r
-            #  control = dkim_disable_verify
-
-            #require verify        = sender
-
-            accept  hosts         = +relay_from_hosts
-                    control       = submission
-                    control       = dkim_disable_verify
-
-            accept  authenticated = *
-                    control       = submission
-                    control       = dkim_disable_verify
-
-            require message = relay not permitted
-                    domains = +local_domains : +relay_to_domains
-
-            require verify = recipient
+            deny
+              local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+              message = restricted characters in address
 
             accept
+              domains = +local_domains : +relay_to_domains
+
+            deny
+              message = relay not permitted
 
 
           acl_check_data:
@@ -104,29 +77,19 @@ let
 
           begin routers
 
-          retiolum:
-            driver = manualroute
-            domains = ! +local_domains : +relay_to_domains
-            transport = remote_smtp
-            route_list = ^.* $0 byname
-            no_more
-
-          nonlocal:
-            debug_print = "R: nonlocal for $local_part@$domain"
-            driver = redirect
-            domains = ! +local_domains
-            allow_fail
-            data = :fail: Mailing to remote domains not supported
-            no_more
-
-          local_user:
-            # debug_print = "R: local_user for $local_part@$domain"
+          local:
             driver = accept
+            domains = +local_domains
             check_local_user
-          # local_part_suffix = +* : -*
+          # local_part_suffix = +*
           # local_part_suffix_optional
             transport = home_maildir
-            cannot_route_message = Unknown user
+
+          remote:
+            driver = manualroute
+            domains = +relay_to_domains
+            transport = remote_smtp
+            route_list = ^.* $0 byname
 
 
           begin transports
diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix
index dd4a7ccc9..5f93ae937 100644
--- a/krebs/3modules/exim-smarthost.nix
+++ b/krebs/3modules/exim-smarthost.nix
@@ -157,39 +157,28 @@ let
         begin acl
 
         acl_check_rcpt:
-          accept  hosts = :
-                  control = dkim_disable_verify
+          deny
+            local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+            message = restricted characters in address
 
-          deny    message       = Restricted characters in address
-                  domains       = +local_domains
-                  local_parts   = ^[.] : ^.*[@%!/|]
-
-          deny    message       = Restricted characters in address
-                  domains       = !+local_domains
-                  local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-
-          accept  local_parts   = postmaster
-                  domains       = +local_domains
-
-          accept  hosts         = +relay_from_hosts
-                  control       = submission
-                  control       = dkim_disable_verify
-
-          accept  authenticated = *
-                  control       = submission
-                  control       = dkim_disable_verify
-
-          accept message = relay not permitted 2
-                  recipients = lsearch*@;${lsearch.internet-aliases}
+          accept
+            recipients = lsearch*@;${lsearch.internet-aliases}
 
-          require message = relay not permitted
-                  domains = +local_domains : +relay_to_domains
+          accept
+            authenticated = *
+            control = dkim_disable_verify
+            control = submission
 
-          require
-            message = unknown user
-            verify = recipient/callout
+          accept
+            control = dkim_disable_verify
+            control = submission
+            hosts = +relay_from_hosts
 
           accept
+            domains = +local_domains : +relay_to_domains
+
+          deny
+            message = relay not permitted
 
 
         acl_check_data:
author	nin <nineinchnade@gmail.com>	2017-10-17 21:37:13 +0200
committer	nin <nineinchnade@gmail.com>	2017-10-17 21:37:13 +0200
commit	10850a202732728f4b95da7208005617606c2062 (patch)
tree	c3d506a70fc715369b42dfc31849c7155f035c6a /krebs/3modules
parent	9afe5210f2a44cacac4f3527b6c8b561d9e4296b (diff)
parent	9af86e7134ae2f134bc93baf5d0332ad2a77f9f9 (diff)