1 files changed, 96 insertions, 0 deletions

diff --git a/debian/debconf/conf.d/acl/40_exim4-config_check_data b/debian/debconf/conf.d/acl/40_exim4-config_check_data
new file mode 100644
index 0000000..ac198f9
--- /dev/null
+++ b/debian/debconf/conf.d/acl/40_exim4-config_check_data
@@ -0,0 +1,96 @@
+
+### acl/40_exim4-config_check_data
+#################################
+
+# This ACL is used after the contents of a message have been received. This
+# is the ACL in which you can test a message's headers or body, and in
+# particular, this is where you can invoke external virus or spam scanners.
+
+acl_check_data:
+
+  # Deny if the message contains an overlong line.  Per the standards
+  # we should never receive one such via SMTP.
+  #
+  .ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
+  deny
+    condition  = ${if > {$max_received_linelength}{998}}
+    message    = maximum allowed line length is 998 octets, \
+                       got $max_received_linelength
+  .endif
+
+  # Deny if the headers contain badly-formed addresses.
+  #
+  .ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX
+  deny
+    !acl = acl_local_deny_exceptions
+    !verify = header_syntax
+    message = header syntax
+    log_message = header syntax ($acl_verify_message)
+  .endif
+
+
+  # require that there is a verifiable sender address in at least
+  # one of the "Sender:", "Reply-To:", or "From:" header lines.
+  .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
+  deny
+    !acl = acl_local_deny_exceptions
+    !verify = header_sender
+    message = No verifiable sender address in message headers
+  .endif
+
+
+  # Deny if the message contains malware. Before enabling this check, you
+  # must install a virus scanner and set the av_scanner option in the
+  # main configuration.
+  #
+  # exim4-daemon-heavy must be used for this section to work.
+  #
+  # deny
+  #   malware = *
+  #   message = This message was detected as possible malware ($malware_name).
+
+
+  # Add headers to a message if it is judged to be spam. Before enabling this,
+  # you must install SpamAssassin. You may also need to set the spamd_address
+  # option in the main configuration.
+  #
+  # exim4-daemon-heavy must be used for this section to work.
+  #
+  # Please note that this is only suiteable as an example. See
+  # /usr/share/doc/exim4-base/README.Debian.gz
+  #
+  # See the exim docs and the exim wiki for more suitable examples.
+  #
+  # # Remove internal headers
+  # warn
+  #   remove_header = X-Spam_score: X-Spam_score_int : X-Spam_bar : \
+  #                   X-Spam_report
+  #
+  # warn
+  #   condition = ${if <{$message_size}{120k}{1}{0}}
+  #   # ":true" to add headers/acl variables even if not spam
+  #   spam = nobody:true
+  #   add_header = X-Spam_score: $spam_score
+  #   add_header = X-Spam_bar: $spam_bar
+  #   # Do not enable this unless you have shorted SpamAssassin's report
+  #   #add_header = X-Spam_report: $spam_report
+  #
+  # Reject spam messages (score >15.0).
+  # This breaks mailing list and forward messages.
+  # deny
+  #   condition = ${if <{$message_size}{120k}{1}{0}}
+  #   condition = ${if >{$spam_score_int}{150}{true}{false}}
+  #   message = Classified as spam (score $spam_score)
+
+
+  # This hook allows you to hook in your own ACLs without having to
+  # modify this file. If you do it like we suggest, you'll end up with
+  # a small performance penalty since there is an additional file being
+  # accessed. This doesn't happen if you leave the macro unset.
+  .ifdef CHECK_DATA_LOCAL_ACL_FILE
+  .include CHECK_DATA_LOCAL_ACL_FILE
+  .endif
+
+
+  # accept otherwise
+  accept