~mdw / exim-config / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from: d4f4bfc)
base.m4: Nearly set DKIM expiry time. master
authorMark Wooding <mdw@distorted.org.uk>
Tue, 28 May 2024 01:35:51 +0000 (02:35 +0100)
committerMark Wooding <mdw@distorted.org.uk>
Tue, 28 May 2024 01:35:51 +0000 (02:35 +0100)
Alas, Exim is too old to understand this.

Makefile patch | blob | blame | history
base.m4 patch | blob | blame | history
config.m4 patch | blob | blame | history
satellite.m4 patch | blob | blame | history
site.mk [new file with mode: 0644] patch | blob
spam.m4 patch | blob | blame | history

diff --git a/Makefile b/Makefile
index 46aa594..a779e41 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -70,6 +70,7 @@ OPTIONS_hub           += user-spam.m4 vhost.m4 vhost-local.m4
 MODES                  += usersat
 OPTIONS_usersat                 = auth.m4 local.m4 satellite.m4
 
 MODES                  += usersat
 OPTIONS_usersat                 = auth.m4 local.m4 satellite.m4
 
+-include site.mk
 -include local.mk
 
 ###--------------------------------------------------------------------------
 -include local.mk
 
 ###--------------------------------------------------------------------------
diff --git a/base.m4 b/base.m4
index 1b671ef..d64b88b 100644 (file)
--- a/base.m4
+++ b/base.m4
@@ -424,7 +424,8 @@ m4_define(<:DKIM_SIGN_P:>,
               {!def:h_DKIM-Signature:} \
               {!def:h_List-ID:} \
               {or {{def:authenticated_id} \
               {!def:h_DKIM-Signature:} \
               {!def:h_List-ID:} \
               {or {{def:authenticated_id} \
-                   {def:authenticated_sender}}}}:>)
+                   {def:authenticated_sender}}} \
+              {bool {DKIM_KEYS_INSTANCE(<:{true}:>, <:{false}:>)}}}:>)
 
 m4_define(<:DKIM_KEYS_INSTANCE:>,
        <:${lookup {${domain:$h_From:}} partial0-lsearch \
 
 m4_define(<:DKIM_KEYS_INSTANCE:>,
        <:${lookup {${domain:$h_From:}} partial0-lsearch \
@@ -446,6 +447,7 @@ m4_define(<:DKIM_SIGN:>,
                ${if DKIM_SIGN_P \
                        {DKIM_KEYS_INSTANCE({${domain:$h_From:}})}}
        dkim_selector = DKIM_KEYS_INFO(<:{KV(k)}:>)
                ${if DKIM_SIGN_P \
                        {DKIM_KEYS_INSTANCE({${domain:$h_From:}})}}
        dkim_selector = DKIM_KEYS_INFO(<:{KV(k)}:>)
+       ##dkim_timestamps = m4_eval(<:7*24*60*60:>)
        dkim_private_key = \
                DKIM_KEYS_INSTANCE(<:m4_dnl
                        {CONF_dkim_keys_dir/$value/active/$dkim_selector.priv}:>)
        dkim_private_key = \
                DKIM_KEYS_INSTANCE(<:m4_dnl
                        {CONF_dkim_keys_dir/$value/active/$dkim_selector.priv}:>)
@@ -469,11 +471,13 @@ m4_define(<:DKIM_SIGN:>,
                ${if DKIM_SIGN_P \
                        {DKIM_KEYS_INFO(<:m4_dnl
                                {X-CONF_header_token-DKIM-Key-Publication: \
                ${if DKIM_SIGN_P \
                        {DKIM_KEYS_INFO(<:m4_dnl
                                {X-CONF_header_token-DKIM-Key-Publication: \
-                                       DKIM signature not suitable for \
-                                       as evidence after delivery; \
+                                       DKIM signature not suitable \
+                                       as evidence after delivery;\n\t\
                                        DKIM private key KV(k) will be \
                                        DKIM private key KV(k) will be \
-                                       published at KV(u) on or before \
-                                       KV(tpub)}:>)}}:>)
+                                       published\n\t\
+                                       at KV(u)\n\t\
+                                       on or before KV(tpub)}:>)}}:>)
+
 
 m4_define(<:SMTP_DELIVERY:>,
        <:## Prevent sending messages with overly long lines.  The use of
 
 m4_define(<:SMTP_DELIVERY:>,
        <:## Prevent sending messages with overly long lines.  The use of
diff --git a/config.m4 b/config.m4
index 52339b3..8f2db96 100644 (file)
--- a/config.m4
+++ b/config.m4
@@ -75,18 +75,18 @@ DEFCONF(user_extaddr_fixup, ${sg {$local_part_suffix}{^[-+]}{}})
 
 ## Other hosts allowed to relay mail through us.
 DEFCONF(relay_clients, <m4_dnl
 
 ## Other hosts allowed to relay mail through us.
 DEFCONF(relay_clients, <m4_dnl
-; +trusted m4_dnl
+; +allnets m4_dnl
 ; 172.31.80.8 m4_dnl chiark (VPN)
 ; 172.31.80.8 m4_dnl chiark (VPN)
-; 172.29.198.161 ; 2001:8b0:c92:a000::1:1 m4_dnl national
 )
 
 ## DKIM headers list.
 ## Surprise!  Internal whitespace isn't allowed here.
 )
 
 ## DKIM headers list.
 ## Surprise!  Internal whitespace isn't allowed here.
-DEFCONF(dkim_headers,m4_dnl
-References:In-Reply-To:Subject:To:Date:Message-ID:m4_dnl
-From:Sender:Reply-To:Cc:m4_dnl
-Content-Transfer-Encoding:Content-Type:MIME-Version:m4_dnl
-Content-ID:Content-Description)
+DEFCONF(dkim_headers, m4_dnl
+References : In-Reply-To : Subject : To : Date : Message-ID : m4_dnl
+From : Sender : Reply-To : Cc : m4_dnl
+Content-Transfer-Encoding : Content-Type : MIME-Version : m4_dnl
+Content-ID : Content-Description m4_dnl
+)
 
 ## TLS certificate list.
 DEFCONF(certlist,
 
 ## TLS certificate list.
 DEFCONF(certlist,
diff --git a/satellite.m4 b/satellite.m4
index cae7066..b56b336 100644 (file)
--- a/satellite.m4
+++ b/satellite.m4
@@ -28,7 +28,7 @@ SECTION(acl, connect-hooks)m4_dnl
 
 SECTION(routers, alias-opts)m4_dnl
        ## Only expand aliases for our home domain.
 
 SECTION(routers, alias-opts)m4_dnl
        ## Only expand aliases for our home domain.
-       domains = +thishost
+       domains = CONF_master_domain : +thishost
 
 SECTION(routers, smarthost)m4_dnl
 satellite:
 
 SECTION(routers, smarthost)m4_dnl
 satellite:
diff --git a/site.mk b/site.mk
new file mode 100644 (file)
index 0000000..332c1db
--- /dev/null
+++ b/site.mk
@@ -0,0 +1,13 @@
+### -*-makefile-*-
+
+HOSTS_hub              += stratocaster
+
+HOSTS_srv              += telecaster
+
+HOSTS_usersat          += jem artist jazz #vampire
+
+HOSTS_satellite                += gibson spirit #crybaby
+HOSTS_satellite                += ibanez radius roadstar universe
+HOSTS_satellite                += fender precision
+HOSTS_satellite                += eggle national
+HOSTS_satellite                += groove
diff --git a/spam.m4 b/spam.m4
index c51bc36..4570210 100644 (file)
--- a/spam.m4
+++ b/spam.m4
@@ -81,7 +81,7 @@ skip_spam_check:
        ## If the client is trusted, or this is a new submission, don't
        ## bother with any of this.  We will have verified the sender
        ## fairly aggressively before granting this level of trust.
        ## If the client is trusted, or this is a new submission, don't
        ## bother with any of this.  We will have verified the sender
        ## fairly aggressively before granting this level of trust.
-       accept   hosts = +trusted
+       accept   hosts = CONF_relay_clients
        accept   condition = ${if eq{$acl_c_mode}{submission}}
 
        ## If all domains have disabled spam checking then don't check.
        accept   condition = ${if eq{$acl_c_mode}{submission}}
 
        ## If all domains have disabled spam checking then don't check.
The distorted.org.uk Exim configuration.