summaryrefslogtreecommitdiffstats
path: root/debian/debconf/conf.d/acl/40_exim4-config_check_data
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 09:44:08 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 09:44:08 +0000
commit933bbaf3ed7bd659a5c044745aea763815928598 (patch)
tree6fe3906ff9f7121999800da3683c206d128b7d39 /debian/debconf/conf.d/acl/40_exim4-config_check_data
parentAdding upstream version 4.94.2. (diff)
downloadexim4-933bbaf3ed7bd659a5c044745aea763815928598.tar.xz
exim4-933bbaf3ed7bd659a5c044745aea763815928598.zip
Adding debian version 4.94.2-7+deb11u2.debian/4.94.2-7+deb11u2debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/debconf/conf.d/acl/40_exim4-config_check_data')
-rw-r--r--debian/debconf/conf.d/acl/40_exim4-config_check_data96
1 files changed, 96 insertions, 0 deletions
diff --git a/debian/debconf/conf.d/acl/40_exim4-config_check_data b/debian/debconf/conf.d/acl/40_exim4-config_check_data
new file mode 100644
index 0000000..ac198f9
--- /dev/null
+++ b/debian/debconf/conf.d/acl/40_exim4-config_check_data
@@ -0,0 +1,96 @@
+
+### acl/40_exim4-config_check_data
+#################################
+
+# This ACL is used after the contents of a message have been received. This
+# is the ACL in which you can test a message's headers or body, and in
+# particular, this is where you can invoke external virus or spam scanners.
+
+acl_check_data:
+
+ # Deny if the message contains an overlong line. Per the standards
+ # we should never receive one such via SMTP.
+ #
+ .ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
+ deny
+ condition = ${if > {$max_received_linelength}{998}}
+ message = maximum allowed line length is 998 octets, \
+ got $max_received_linelength
+ .endif
+
+ # Deny if the headers contain badly-formed addresses.
+ #
+ .ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX
+ deny
+ !acl = acl_local_deny_exceptions
+ !verify = header_syntax
+ message = header syntax
+ log_message = header syntax ($acl_verify_message)
+ .endif
+
+
+ # require that there is a verifiable sender address in at least
+ # one of the "Sender:", "Reply-To:", or "From:" header lines.
+ .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
+ deny
+ !acl = acl_local_deny_exceptions
+ !verify = header_sender
+ message = No verifiable sender address in message headers
+ .endif
+
+
+ # Deny if the message contains malware. Before enabling this check, you
+ # must install a virus scanner and set the av_scanner option in the
+ # main configuration.
+ #
+ # exim4-daemon-heavy must be used for this section to work.
+ #
+ # deny
+ # malware = *
+ # message = This message was detected as possible malware ($malware_name).
+
+
+ # Add headers to a message if it is judged to be spam. Before enabling this,
+ # you must install SpamAssassin. You may also need to set the spamd_address
+ # option in the main configuration.
+ #
+ # exim4-daemon-heavy must be used for this section to work.
+ #
+ # Please note that this is only suiteable as an example. See
+ # /usr/share/doc/exim4-base/README.Debian.gz
+ #
+ # See the exim docs and the exim wiki for more suitable examples.
+ #
+ # # Remove internal headers
+ # warn
+ # remove_header = X-Spam_score: X-Spam_score_int : X-Spam_bar : \
+ # X-Spam_report
+ #
+ # warn
+ # condition = ${if <{$message_size}{120k}{1}{0}}
+ # # ":true" to add headers/acl variables even if not spam
+ # spam = nobody:true
+ # add_header = X-Spam_score: $spam_score
+ # add_header = X-Spam_bar: $spam_bar
+ # # Do not enable this unless you have shorted SpamAssassin's report
+ # #add_header = X-Spam_report: $spam_report
+ #
+ # Reject spam messages (score >15.0).
+ # This breaks mailing list and forward messages.
+ # deny
+ # condition = ${if <{$message_size}{120k}{1}{0}}
+ # condition = ${if >{$spam_score_int}{150}{true}{false}}
+ # message = Classified as spam (score $spam_score)
+
+
+ # This hook allows you to hook in your own ACLs without having to
+ # modify this file. If you do it like we suggest, you'll end up with
+ # a small performance penalty since there is an additional file being
+ # accessed. This doesn't happen if you leave the macro unset.
+ .ifdef CHECK_DATA_LOCAL_ACL_FILE
+ .include CHECK_DATA_LOCAL_ACL_FILE
+ .endif
+
+
+ # accept otherwise
+ accept