X-Git-Url: https://git.distorted.org.uk/~mdw/exim-config/blobdiff_plain/e12c95862063d5cba833a8db2852916eb5e4e87f..b6d742526e8fcf69f22589314ee8f12b7756f026:/base.m4 diff --git a/base.m4 b/base.m4 index fee3626..3b3d82f 100644 --- a/base.m4 +++ b/base.m4 @@ -25,6 +25,7 @@ ### Global settings. SECTION(global, priv)m4_dnl +admin_groups = root : adm prod_requires_admin = false SECTION(global, logging)m4_dnl @@ -64,10 +65,11 @@ received_header_text = Received: \ ${if def:sender_helo_name \ {(helo=$sender_helo_name)\n\t}}}}\ by $primary_hostname \ + (Exim $version_number)\ + ${if def:tls_cipher {\n\t} { }}\ ${if def:received_protocol \ {with $received_protocol \ - ${if def:tls_cipher {(cipher=$tls_cipher)\n\t}}}}\ - (Exim $version_number)\n\t\ + ${if def:tls_cipher {(cipher=$tls_cipher)}}}}\n\t\ ${if def:sender_address \ {(envelope-from <$sender_address>\ ${if def:authenticated_id \ @@ -248,31 +250,42 @@ smtp_local: tls_privatekey = CONF_sysconf_dir/client.key tls_verify_certificates = CONF_ca_dir/ca.cert tls_require_ciphers = CONF_good_ciphers - tls_dh_min_bits = 3070 + tls_dh_min_bits = 2046 tls_tempfail_tryclear = false authenticated_sender = ${if def:authenticated_id \ - ${authenticated_id@CONF_master_domain} \ + {$authenticated_id@CONF_master_domain} \ fail} ## A standard transport for local delivery. deliver: driver = appendfile file = /var/mail/$local_part + group = mail + mode = 0600 + mode_fail_narrower = false USER_DELIVERY ## Transports for user filters. mailbox: driver = appendfile + initgroups = true USER_DELIVERY maildir: driver = appendfile maildir_format = true + initgroups = true USER_DELIVERY pipe: driver = pipe - return_output = true + path = ${if and {{def:home} {exists{$home/bin}}} {$home/bin:} {}}\ + /usr/local/bin:/usr/local/sbin:\ + /usr/bin:/usr/sbin:/bin:/sbin + initgroups = true + umask = 002 + return_fail_output = true + log_output = true ## A special dummy transport for use during address verification. dummy: