Package: exim4-config Version: 4.96-15+deb12u5 Severity: normal Dear Maintainer,
I ran synantic , which applied the update: exim4-config (4.96-15+deb12u5) then rebooted the system I had previously REMOVED all settings of dc_local_interfaces in /etc/exim4/update-exim4.conf.conf Following a the reboot, SMTP was only listening on the localhost interface Examining the files , I discovered the line: dc_local_interfaces='127.0.0.1 ; ::1' Had been added to /etc/exim4/update-exim4.conf.conf ( and a regen run) FYI: I had previously set dc_local_interfaces . However I needed the file to be portable between 2 systems ( the mail gateway is xbox.home which is a CNAME for ybox.home or zbox.home...alternates on Debian releases) the interface names differ between these 2 systems. -- Package-specific info: Exim version 4.96 #2 built 09-Jul-2024 08:53:35 Copyright (c) University of Cambridge, 1995 - 2018 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2022 Berkeley DB: Berkeley DB 5.3.28: (September 9, 2013) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS TLS_resume move_frozen_messages Content_Scanning DANE DKIM DNSSEC Event I18N OCSP PIPECONNECT PRDR PROXY Queue_Ramp SOCKS SPF SRS TCP_Fast_Open Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot external plaintext spa tls Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Malware: f-protd f-prot6d drweb fsecure sophie clamd avast sock cmdline Fixed never_users: 0 Configure owner: 0:0 Size of off_t: 8 Configuration file search path is /etc/exim4/exim4.conf:/var/lib/exim4/config.autogenerated Configuration file is /var/lib/exim4/config.autogenerated # /etc/exim4/update-exim4.conf.conf # # Edit this file and /etc/mailname by hand and execute update-exim4.conf # yourself or use 'dpkg-reconfigure exim4-config' # # Please note that this is _not_ a dpkg-conffile and that automatic changes # to this file might happen. The code handling this will honor your local # changes, so this is usually fine, but will break local schemes that mess # around with multiple versions of the file. # # update-exim4.conf uses this file to determine variable values to generate # exim configuration macros for the configuration file. # # Most settings found in here do have corresponding questions in the # Debconf configuration, but not all of them. # # This is a Debian specific file # # GPV notes: # 1: Not set /etc/mailname (still says zbox.home) because we use dc_readhost (below) to rewite it # 2: Need to run update-exim4.conf # 3: The syntax of the dc_local_interfaces is poorly documented (lots of trial & error) (lsof confirms it's listening) # # Who When What # GPV 27feb19 Copied dreamplug version, chnaged 116 to 117 # GPV 01Mar19 Changed to 0.0.0.0 to ensure it listens on all the interfaces (can do better, some ports on some) # GPV 03Mar19 0.0.0.0 is too dangerous, because guys coming in from outside can access SMTP # GPV 29MAr20 New VIGOR DSL router can send email (SMTP) so also allow just this one device on the 192.168 LAN (web suggests both ; and : as seperator..using :) # GPV 28Jan22 Merged into ybox default, looks like it's identical to zbox file # GPV 13Aug22 Changed everything from 151 to 152 and from zbox to ybox # GPV 15Mar23 Made a guess that adding received_headers_max = 50 would add it to /var/lib/exim4/config.autogenerated (and in turn have an effect) # GPV 15Mar23 That does not work, try ading to a files under /etc/exim4/conf.d/ (in fact add that line here prevents regeneration) # GPV 12Apr24 Moved back to zbox...annoyingly dc_local_interfaces cannot use actaul interface names (which would wold great) but must use IP addresses dc_eximconfig_configtype='smarthost' dc_other_hostnames='ybox.home;home;wellesleydrive;xbox.home;zbox.home' #dc_local_interfaces='[10.117.128.152]:587;[10.117.0.152]:587;[127.0.0.1]:587;[10.117.0.152]:25;[127.0.0.1]:25;[192.168.1.152]:25' #dc_local_interfaces='[10.117.0.152]:587;[127.0.0.1]:587;[10.117.0.152]:25;[127.0.0.1]:25;[192.168.1.152]:25;[192.168.1.152]:587' # We are using a tempory address for the moment, it will need to move #dc_local_interfaces='[0.0.0.0]:587 # Missed out so it listens on all IF dc_readhost='vetterlein.com' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='10.117.0.0/16 : 192.168.1.254/32' dc_smarthost='smtp.forwardemail.net' CFILEMODE='644' dc_use_split_config='true' dc_hide_mailname='true' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' mailname:zbox.home # /etc/default/exim4 EX4DEF_VERSION='' # who when what # GPV 11aug didn't copy the zbox version OR the installed version, instead followed advice in comments # # 'combined' - one daemon running queue and listening on SMTP port # 'no' - no daemon running the queue # 'separate' - two separate daemons # 'ppp' - only run queue with /etc/ppp/ip-up.d/exim4. # 'nodaemon' - no daemon is started at all. # 'queueonly' - only a queue running daemon is started, no SMTP listener. # setting this to 'no' will also disable queueruns from /etc/ppp/ip-up.d/exim4 QUEUERUNNER='combined' # how often should we run the queue QUEUEINTERVAL='30m' # options common to quez-runner and listening daemon # GPV 22Feb24 COMMONOPTIONS='' # more options for the daemon/process running the queue (applies to the one # started in /etc/ppp/ip-up.d/exim4, too. QUEUERUNNEROPTIONS='' # special flags given to exim directly after the -q. See exim(8) QFLAGS='' # Options for the SMTP listener daemon. By default, it is listening on # port 25 only. To listen on more ports, it is recommended to use # -oX 25:587:10025 -oP /run/exim4/exim.pid #SMTPLISTENEROPTIONS='' SMTPLISTENEROPTIONS='-oX 25:587:10025 -oP /run/exim4/exim.pid' -- System Information: Debian Release: 12.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-25-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages exim4-config depends on: ii adduser 3.134 ii debconf [debconf-2.0] 1.5.82 Versions of packages exim4-config recommends: ii ca-certificates 20230311 exim4-config suggests no packages. -- Configuration Files: /etc/exim4/conf.d/acl/30_exim4-config_check_mail changed: acl_check_mail: warn log_message = GPV SMTP mail log ( $recipients ) message = GPV SMTP mail message ( $recipients ) accept /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt changed: .ifndef CHECK_RCPT_LOCAL_LOCALPARTS CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?] .endif .ifndef CHECK_RCPT_REMOTE_LOCALPARTS CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./ .endif acl_check_rcpt: warn # testing for an empty sending host field. (see the following rule) # hosts = : # This writes to log e.g. /var/log/exim4/mainlog log_message = GPV acl_check_rcpt will do DKIM check soon [ host=X recipients=$recipients ] # This creates header ==> X-ACL-Warn: message = GPV acl_check_rcpt will do DKIM check soon [ host=X recipients=$recipients ] # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by # testing for an empty sending host field. accept hosts = : control = dkim_disable_verify # Do not try to verify DKIM signatures of incoming mail if DC_minimaldns # or DISABLE_DKIM_VERIFY are set. .ifdef DC_minimaldns warn control = dkim_disable_verify .else .ifdef DISABLE_DKIM_VERIFY warn control = dkim_disable_verify .endif .endif # The following section of the ACL is concerned with local parts that contain # certain non-alphanumeric characters. Dots in unusual places are # handled by this ACL as well. # # Non-alphanumeric characters other than dots are rarely found in genuine # local parts, but are often tried by people looking to circumvent # relaying restrictions. Therefore, although they are valid in local # parts, these rules disallow certain non-alphanumeric characters, as # a precaution. # # Empty components (two dots in a row) are not valid in RFC 2822, but Exim # allows them because they have been encountered. (Consider local parts # constructed as "firstinitial.secondinitial.familyname" when applied to # a name without a second initial.) However, a local part starting # with a dot or containing /../ can cause trouble if it is used as part of a # file name (e.g. for a mailing list). This is also true for local parts that # contain slashes. A pipe symbol can also be troublesome if the local part is # incorporated unthinkingly into a shell command line. # # These ACL components will block recipient addresses that are valid # from an RFC5322 point of view. We chose to have them blocked by # default for security reasons. # # If you feel that your site should have less strict recipient # checking, please feel free to change the default values of the macros # defined in main/01_exim4-config_listmacrosdefs or override them from a # local configuration file. # # Two different rules are used. The first one has a quite strict # default, and is applied to messages that are addressed to one of the # local domains handled by this host. # The default value of CHECK_RCPT_LOCAL_LOCALPARTS is defined # at the top of this file. .ifdef CHECK_RCPT_LOCAL_LOCALPARTS deny domains = +local_domains local_parts = CHECK_RCPT_LOCAL_LOCALPARTS message = restricted characters in address .endif # The second rule applies to all other domains, and its default is # considerably less strict. # The default value of CHECK_RCPT_REMOTE_LOCALPARTS is defined in # main/01_exim4-config_listmacrosdefs: # CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./ # It allows local users to send outgoing messages to sites # that use slashes and vertical bars in their local parts. It blocks # local parts that begin with a dot, slash, or vertical bar, but allows # these characters within the local part. However, the sequence /../ is # barred. The use of some other non-alphanumeric characters is blocked. # Single quotes might probably be dangerous as well, but they're # allowed by the default regexps to avoid rejecting mails to Ireland. # The motivation here is to prevent local users (or local users' malware) # from mounting certain kinds of attack on remote sites. .ifdef CHECK_RCPT_REMOTE_LOCALPARTS deny domains = !+local_domains local_parts = CHECK_RCPT_REMOTE_LOCALPARTS message = restricted characters in address .endif # Accept mail to postmaster in any local domain, regardless of the source, # and without verifying the sender. # accept .ifndef CHECK_RCPT_POSTMASTER local_parts = postmaster .else local_parts = CHECK_RCPT_POSTMASTER .endif domains = +local_domains : +relay_to_domains # Deny unless the sender address can be verified. # # This is disabled by default so that DNSless systems don't break. If # your system can do DNS lookups without delay or cost, you might want # to enable this feature. # # This feature does not work in smarthost and satellite setups as # with these setups all domains pass verification. See spec.txt section # "Access control lists" subsection "Address verification" with the added # information that a smarthost/satellite setup routes all non-local e-mail # to the smarthost. .ifdef CHECK_RCPT_VERIFY_SENDER deny !acl = acl_local_deny_exceptions !verify = sender message = Sender verification failed .endif # Verify senders listed in local_sender_callout with a callout. # # In smarthost and satellite setups, this causes the callout to be # done to the smarthost. Verification will thus only be reliable if the # smarthost does reject illegal addresses in the SMTP dialog. deny !acl = acl_local_deny_exceptions senders = ${if exists{CONFDIR/local_sender_callout}\ {CONFDIR/local_sender_callout}\ {}} !verify = sender/callout .ifndef CHECK_RCPT_NO_FAIL_TOO_MANY_BAD_RCPT # Reject all RCPT commands after too many bad recipients # This is partly a defense against spam abuse and partly attacker abuse. # Real senders should manage, by the time they get to 10 RCPT directives, # to have had at least half of them be real addresses. # # This is a lightweight check and can protect you against repeated # invocations of more heavy-weight checks which would come after it. deny condition = ${if and {\ {>{$rcpt_count}{10}}\ {<{$recipients_count}{${eval:$rcpt_count/2}}} }} message = Rejected for too many bad recipients logwrite = REJECT [$sender_host_address]: bad recipient count high [${eval:$rcpt_count-$recipients_count}] .endif # Accept if the message comes from one of the hosts for which we are an # outgoing relay. It is assumed that such hosts are most likely to be MUAs, # so we set control=submission to make Exim treat the message as a # submission. It will fix up various errors in the message, for example, the # lack of a Date: header line. If you are actually relaying out out from # MTAs, you may want to disable this. If you are handling both relaying from # MTAs and submissions from MUAs you should probably split them into two # lists, and handle them differently. # Recipient verification is omitted here, because in many cases the clients # are dumb MUAs that don't cope well with SMTP error responses. If you are # actually relaying out from MTAs, you should probably add recipient # verification here. # Note that, by putting this test before any DNS black list checks, you will # always accept from these hosts, even if they end up on a black list. The # assumption is that they are your friends, and if they get onto black # list, it is a mistake. accept hosts = +relay_from_hosts control = submission/sender_retain control = dkim_disable_verify # Accept if the message arrived over an authenticated connection, from # any host. Again, these messages are usually from MUAs, so recipient # verification is omitted, and submission mode is set. And again, we do this # check before any black list tests. accept authenticated = * control = submission/sender_retain control = dkim_disable_verify # Insist that a HELO/EHLO was accepted. require condition = ${if def:sender_helo_name} message = nice hosts say HELO first # Insist that any other recipient address that we accept is either in one of # our local domains, or is in a domain for which we explicitly allow # relaying. Any other domain is rejected as being unacceptable for relaying. require message = relay not permitted domains = +local_domains : +relay_to_domains # We also require all accepted addresses to be verifiable. This check will # do local part verification for local domains, but only check the domain # for remote domains. require verify = recipient # Verify recipients listed in local_rcpt_callout with a callout. # This is especially handy for forwarding MX hosts (secondary MX or # mail hubs) of domains that receive a lot of spam to non-existent # addresses. The only way to check local parts for remote relay # domains is to use a callout (add /callout), but please read the # documentation about callouts before doing this. deny !acl = acl_local_deny_exceptions recipients = ${if exists{CONFDIR/local_rcpt_callout}\ {CONFDIR/local_rcpt_callout}\ {}} !verify = recipient/callout # CONFDIR/local_sender_blacklist holds a list of envelope senders that # should have their access denied to the local host. Incoming messages # with one of these senders are rejected at RCPT time. # # The explicit white lists are honored as well as negative items in # the black list. See exim4-config_files(5) for details. deny !acl = acl_local_deny_exceptions senders = ${if exists{CONFDIR/local_sender_blacklist}\ {CONFDIR/local_sender_blacklist}\ {}} message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster log_message = sender envelope address is locally blacklisted. # deny bad sites (IP address) # CONFDIR/local_host_blacklist holds a list of host names, IP addresses # and networks (CIDR notation) that should have their access denied to # The local host. Messages coming in from a listed host will have all # RCPT statements rejected. # # The explicit white lists are honored as well as negative items in # the black list. See exim4-config_files(5) for details. deny !acl = acl_local_deny_exceptions hosts = ${if exists{CONFDIR/local_host_blacklist}\ {CONFDIR/local_host_blacklist}\ {}} message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster log_message = sender IP address is locally blacklisted. # Warn if the sender host does not have valid reverse DNS. # # If your system can do DNS lookups without delay or cost, you might want # to enable this. # If sender_host_address is defined, it's a remote call. If # sender_host_name is not defined, then reverse lookup failed. Use # this instead of !verify = reverse_host_lookup to catch deferrals # as well as outright failures. .ifdef CHECK_RCPT_REVERSE_DNS warn condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\ {yes}{no}} add_header = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}}) .endif # Use spfquery to perform a pair of SPF checks. # # This is quite costly in terms of DNS lookups (~6 lookups per mail). Do not # enable if that's an issue. Also note that if you enable this, you must # install "spf-tools-perl" which provides the spfquery command. # Missing spf-tools-perl will trigger the "Unexpected error in # SPF check" warning. .ifdef CHECK_RCPT_SPF deny !acl = acl_local_deny_exceptions condition = ${run{/usr/bin/spfquery.mail-spf-perl --ip \ ${quote:$sender_host_address} --identity \ ${if def:sender_address_domain \ {--scope mfrom --identity ${quote:$sender_address}}\ {--scope helo --identity ${quote:$sender_helo_name}}}}\ {no}{${if eq {$runrc}{1}{yes}{no}}}} message = [SPF] $sender_host_address is not allowed to send mail from \ ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. log_message = SPF check failed. defer !acl = acl_local_deny_exceptions condition = ${if eq {$runrc}{5}{yes}{no}} message = Temporary DNS error while checking SPF record. Try again later. warn condition = ${if <={$runrc}{6}{yes}{no}} add_header = Received-SPF: ${if eq {$runrc}{0}{pass}\ {${if eq {$runrc}{2}{softfail}\ {${if eq {$runrc}{3}{neutral}\ {${if eq {$runrc}{4}{permerror}\ {${if eq {$runrc}{6}{none}{error}}}}}}}}}\ } client-ip=$sender_host_address; \ ${if def:sender_address_domain \ {envelope-from=${sender_address}; }{}}\ helo=$sender_helo_name warn condition = ${if >{$runrc}{6}{yes}{no}} log_message = Unexpected error in SPF check. .endif # Check against classic DNS "black" lists (DNSBLs) which list # sender IP addresses .ifdef CHECK_RCPT_IP_DNSBLS warn dnslists = CHECK_RCPT_IP_DNSBLS add_header = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) .endif # Check against DNSBLs which list sender domains, with an option to locally # whitelist certain domains that might be blacklisted. # # Note: If you define CHECK_RCPT_DOMAIN_DNSBLS, you must append # "/$sender_address_domain" after each domain. For example: # CHECK_RCPT_DOMAIN_DNSBLS = rhsbl.foo.org/$sender_address_domain \ # : rhsbl.bar.org/$sender_address_domain .ifdef CHECK_RCPT_DOMAIN_DNSBLS warn !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\ {CONFDIR/local_domain_dnsbl_whitelist}\ {}} dnslists = CHECK_RCPT_DOMAIN_DNSBLS add_header = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text) .endif # This hook allows you to hook in your own ACLs without having to # modify this file. If you do it like we suggest, you'll end up with # a small performance penalty since there is an additional file being # accessed. This doesn't happen if you leave the macro unset. .ifdef CHECK_RCPT_LOCAL_ACL_FILE .include CHECK_RCPT_LOCAL_ACL_FILE .endif ############################################################################# # This check is commented out because it is recognized that not every # sysadmin will want to do it. If you enable it, the check performs # Client SMTP Authorization (csa) checks on the sending host. These checks # do DNS lookups for SRV records. The CSA proposal is currently (May 2005) # an Internet draft. You can, of course, add additional conditions to this # ACL statement to restrict the CSA checks to certain hosts only. # # require verify = csa ############################################################################# # Accept if the address is in a domain for which we are an incoming relay, # but again, only if the recipient can be verified. accept domains = +relay_to_domains endpass verify = recipient # At this point, the address has passed all the checks that have been # configured, so we accept it unconditionally. accept /etc/exim4/conf.d/auth/30_exim4-config_examples [Errno 2] No such file or directory: '/etc/exim4/conf.d/auth/30_exim4-config_examples' /etc/exim4/conf.d/main/90_exim4-config_log_selector changed: .ifdef MAIN_LOG_SELECTOR log_selector = MAIN_LOG_SELECTOR .endif /etc/exim4/conf.d/router/600_exim4-config_userforward changed: userforward: debug_print = "R: GPV userforward for $local_part@$domain" local_part_suffix=.* local_part_suffix_optional driver = redirect domains = +local_domains check_local_user file = $home/.forward require_files = $local_part_data:$home/.forward no_verify no_expn check_ancestor allow_filter forbid_smtp_code = true directory_transport = address_directory file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply skip_syntax_errors syntax_errors_to = real-$local_part@$domain errors_to = postmas...@vetterlein.com syntax_errors_text = \ GPV:edit This is an automatically generated message. An error has\n\ been found in your .forward file. Details of the error are\n\ reported below. While this error persists, you will receive\n\ a copy of this message for every message that is addressed\n\ to you. If your .forward file is a filter file, or if it is\n\ a non-filter file containing no valid forwarding addresses,\n\ a copy of each incoming message will be put in your normal\n\ mailbox. If a non-filter file contains at least one valid\n\ forwarding address, forwarding to the valid addresses will\n\ happen, and those will be the only deliveries that occur. /etc/exim4/conf.d/router/900_exim4-config_local_user changed: local_user: debug_print = "R: GPV local_user for $local_part@$domain" local_part_suffix=.* local_part_suffix_optional driver = accept domains = +local_domains check_local_user local_parts = ! root transport = LOCAL_DELIVERY cannot_route_message = Unknown user /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp changed: remote_smtp: debug_print = "T: remote_smtp for $local_part@$domain" driver = smtp .ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} .endif .ifdef REMOTE_SMTP_HOSTS_AVOID_TLS hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS .endif .ifdef REMOTE_SMTP_HEADERS_REWRITE headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE .endif .ifdef REMOTE_SMTP_RETURN_PATH return_path = REMOTE_SMTP_RETURN_PATH .endif .ifdef REMOTE_SMTP_HELO_DATA helo_data=REMOTE_SMTP_HELO_DATA .endif .ifdef REMOTE_SMTP_INTERFACE interface = REMOTE_SMTP_INTERFACE .endif .ifdef DKIM_DOMAIN dkim_domain = DKIM_DOMAIN .endif .ifdef DKIM_SELECTOR dkim_selector = DKIM_SELECTOR .endif .ifdef DKIM_PRIVATE_KEY dkim_private_key = DKIM_PRIVATE_KEY .endif .ifdef DKIM_CANON dkim_canon = DKIM_CANON .endif .ifdef DKIM_STRICT dkim_strict = DKIM_STRICT .endif .ifdef DKIM_SIGN_HEADERS dkim_sign_headers = DKIM_SIGN_HEADERS .endif .ifdef DKIM_TIMESTAMPS dkim_timestamps = DKIM_TIMESTAMPS .endif .ifdef TLS_DH_MIN_BITS tls_dh_min_bits = TLS_DH_MIN_BITS .endif .ifdef REMOTE_SMTP_TLS_CERTIFICATE tls_certificate = REMOTE_SMTP_TLS_CERTIFICATE .endif .ifdef REMOTE_SMTP_PRIVATEKEY tls_privatekey = REMOTE_SMTP_PRIVATEKEY .endif .ifdef REMOTE_SMTP_HOSTS_REQUIRE_TLS hosts_require_tls = REMOTE_SMTP_HOSTS_REQUIRE_TLS .endif .ifdef REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE headers_remove = REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE .endif /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp_smarthost changed: remote_smtp_smarthost: debug_print = "T: remote_smtp_smarthost for $local_part@$domain" driver = smtp multi_domain .ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}} .endif hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \ {\ ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\ }\ {} \ } .ifdef REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS hosts_avoid_tls = REMOTE_SMTP_SMARTHOST_HOSTS_AVOID_TLS .endif .ifdef REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS hosts_require_tls = REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS .endif .ifdef REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES tls_verify_certificates = REMOTE_SMTP_SMARTHOST_TLS_VERIFY_CERTIFICATES .endif .ifdef REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS tls_verify_hosts = REMOTE_SMTP_SMARTHOST_TLS_VERIFY_HOSTS .endif .ifdef REMOTE_SMTP_HEADERS_REWRITE headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE .endif .ifdef REMOTE_SMTP_RETURN_PATH return_path = REMOTE_SMTP_RETURN_PATH .endif .ifdef REMOTE_SMTP_HELO_DATA helo_data=REMOTE_SMTP_HELO_DATA .endif .ifdef TLS_DH_MIN_BITS tls_dh_min_bits = TLS_DH_MIN_BITS .endif .ifdef REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE tls_certificate = REMOTE_SMTP_SMARTHOST_TLS_CERTIFICATE .endif .ifdef REMOTE_SMTP_SMARTHOST_PRIVATEKEY tls_privatekey = REMOTE_SMTP_SMARTHOST_PRIVATEKEY .endif .ifdef REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE headers_remove = REMOTE_SMTP_TRANSPORTS_HEADERS_REMOVE .endif /etc/exim4/exim4.conf.template [Errno 2] No such file or directory: '/etc/exim4/exim4.conf.template' /etc/exim4/passwd.client changed: smtp.forwardemail.net:*@vetterlein.com:yews^Otdin5.wildcard -- debconf information: exim4/dc_minimaldns: false exim4/use_split_config: true exim4/dc_readhost: vetterlein.com exim4/no_config: true exim4/hide_mailname: true exim4/dc_local_interfaces: 127.0.0.1 ; ::1 exim4/dc_eximconfig_configtype: mail sent by smarthost; received via SMTP or fetchmail exim4/exim4-config-title: exim4/dc_localdelivery: mbox format in /var/mail/ exim4/dc_postmaster: owner exim4/mailname: zbox.home exim4/dc_other_hostnames: ybox.home;home;wellesleydrive;xbox.home;zbox.home exim4/dc_smarthost: smtp.forwardemail.net exim4/dc_relay_domains: exim4/dc_relay_nets: 10.117.0.0/16 : 192.168.1.254/32