DEFCONF(trusted_groups, root : adm)
## Where the spam filter is.
-DEFCONF(spamd_address, 172.29.199.179)
+DEFCONF(spamd_address, 172.29.199.8)
DEFCONF(spamd_port, 783)
## Default spam limit for incoming mail (multiplied by ten).
DEFCONF(userconf_dir, $home/.mail)
DEFCONF(alias_file, /etc/aliases)
DEFCONF(ca_dir, /etc/ca)
+DEFCONF(dkim_keys_dir, /var/lib/dkim-keys)
## User address suffix handling.
DEFCONF(user_suffix_list, +* : -*)
DEFCONF(relay_clients, <m4_dnl
; +trusted m4_dnl
; 172.31.80.8 m4_dnl chiark (VPN)
-; 172.29.198.161 ; 2001:ba8:1d9:a000::1:1 m4_dnl national
+; 172.29.198.161 ; 2001:8b0:c92:a000::1:1 m4_dnl national
+)
+
+## DKIM headers list.
+DEFCONF(dkim_headers, m4_dnl
+References : In-Reply-To : Subject : To : Date : Message-ID : m4_dnl
+From : Sender : Reply-To : Cc : m4_dnl
+Resent-Date : Resent-From : Resent-Sender : Resent-To : Resent-Cc : m4_dnl
+Resent-Message-ID : m4_dnl
+Content-Transfer-Encoding : Content-Type : MIME-Version : m4_dnl
+Content-ID : Content-Description : m4_dnl
+List-Id : List-Help : List-Unsubscribe : List-Subscribe : m4_dnl
+List-Post : List-Owner : List-Archive m4_dnl
)
## TLS certificate list.
DEFCONF(certlist,
<:m4_ifelse(t, m4_ifelse(MODE, hub, nil, MODE, srv, nil, t),
<:CONF_sysconf_dir/server.certlist:>,
-<:CONF_sysconf_dir/${if match_ip{$sender_host_address}{+trusted} \
- {server}{letsencrypt}}.certlist:>):>)
+<:CONF_sysconf_dir/${if ={$received_port}{CONF_submission_port}{server}\
+ {${if match_ip{$sender_host_address}{+trusted} \
+ {server}{letsencrypt}}}}.certlist:>):>)
## TLS-related settings. We're assuming GNUTLS here, rather than OpenSSL.
## For local connections we are very strict. For random clients, we try