From 318a1a2246a9f521e5a02313dcc1f6d68a0af7ec Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 18:16:14 +0200 Subject: Adding debian version 4.96-15+deb12u4. Signed-off-by: Daniel Baumann --- .../debconf/conf.d/acl/40_exim4-config_check_data | 96 ++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 debian/debconf/conf.d/acl/40_exim4-config_check_data (limited to 'debian/debconf/conf.d/acl/40_exim4-config_check_data') diff --git a/debian/debconf/conf.d/acl/40_exim4-config_check_data b/debian/debconf/conf.d/acl/40_exim4-config_check_data new file mode 100644 index 0000000..ac198f9 --- /dev/null +++ b/debian/debconf/conf.d/acl/40_exim4-config_check_data @@ -0,0 +1,96 @@ + +### acl/40_exim4-config_check_data +################################# + +# This ACL is used after the contents of a message have been received. This +# is the ACL in which you can test a message's headers or body, and in +# particular, this is where you can invoke external virus or spam scanners. + +acl_check_data: + + # Deny if the message contains an overlong line. Per the standards + # we should never receive one such via SMTP. + # + .ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT + deny + condition = ${if > {$max_received_linelength}{998}} + message = maximum allowed line length is 998 octets, \ + got $max_received_linelength + .endif + + # Deny if the headers contain badly-formed addresses. + # + .ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX + deny + !acl = acl_local_deny_exceptions + !verify = header_syntax + message = header syntax + log_message = header syntax ($acl_verify_message) + .endif + + + # require that there is a verifiable sender address in at least + # one of the "Sender:", "Reply-To:", or "From:" header lines. + .ifdef CHECK_DATA_VERIFY_HEADER_SENDER + deny + !acl = acl_local_deny_exceptions + !verify = header_sender + message = No verifiable sender address in message headers + .endif + + + # Deny if the message contains malware. Before enabling this check, you + # must install a virus scanner and set the av_scanner option in the + # main configuration. + # + # exim4-daemon-heavy must be used for this section to work. + # + # deny + # malware = * + # message = This message was detected as possible malware ($malware_name). + + + # Add headers to a message if it is judged to be spam. Before enabling this, + # you must install SpamAssassin. You may also need to set the spamd_address + # option in the main configuration. + # + # exim4-daemon-heavy must be used for this section to work. + # + # Please note that this is only suiteable as an example. See + # /usr/share/doc/exim4-base/README.Debian.gz + # + # See the exim docs and the exim wiki for more suitable examples. + # + # # Remove internal headers + # warn + # remove_header = X-Spam_score: X-Spam_score_int : X-Spam_bar : \ + # X-Spam_report + # + # warn + # condition = ${if <{$message_size}{120k}{1}{0}} + # # ":true" to add headers/acl variables even if not spam + # spam = nobody:true + # add_header = X-Spam_score: $spam_score + # add_header = X-Spam_bar: $spam_bar + # # Do not enable this unless you have shorted SpamAssassin's report + # #add_header = X-Spam_report: $spam_report + # + # Reject spam messages (score >15.0). + # This breaks mailing list and forward messages. + # deny + # condition = ${if <{$message_size}{120k}{1}{0}} + # condition = ${if >{$spam_score_int}{150}{true}{false}} + # message = Classified as spam (score $spam_score) + + + # This hook allows you to hook in your own ACLs without having to + # modify this file. If you do it like we suggest, you'll end up with + # a small performance penalty since there is an additional file being + # accessed. This doesn't happen if you leave the macro unset. + .ifdef CHECK_DATA_LOCAL_ACL_FILE + .include CHECK_DATA_LOCAL_ACL_FILE + .endif + + + # accept otherwise + accept -- cgit v1.2.3