blob: 74de7b6e88d7415cf12307fb9600b31364d78a13 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a router that successfully
# handles an address.
begin transports
# This transport is used for delivering messages over SMTP connections.
# Refuse to send any message with over-long lines, which could have
# been received other than via SMTP. The use of message_size_limit to
# enforce this is a red herring.
remote_smtp:
driver = smtp
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
# Sign outgoing mail with DKIM.
# Only mail sent by authenticated users is signed, leaving forwarded mail untouched.
# The "Sender" header is excluded from the signature process, allowing mailing list
# servers to forward messages without invalidating the signature.
# ref: https://www.spinics.net/lists/linux-media/msg138870.html
.ifdef _DKIM_SIGN_HEADERS
DKIM_SIGN_HEADERS = _DKIM_SIGN_HEADERS
.else
DKIM_SIGN_HEADERS = In-Reply-To:Content-Transfer-Encoding:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date:Sender:Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive
.endif
signed_smtp:
driver = smtp
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
dkim_domain = ${if def:authenticated_id {$sender_address_domain}}
dkim_selector = $primary_hostname
dkim_private_key = DKIMDIR/$dkim_selector._domainkey.$dkim_domain.pem
dkim_canon = relaxed
dkim_strict = yes
dkim_sign_headers = ${filter{DKIM_SIGN_HEADERS}{!eq{$item}{Sender}}}
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# local user, and requires the sticky bit to be set on the /var/mail directory.
# Some systems use the alternative approach of running mail deliveries under a
# particular group instead of using the sticky bit. The commented options below
# show how this can be done.
#local_delivery:
# driver = appendfile
# file = /var/mail/$local_part
# delivery_date_add
# envelope_to_add
# return_path_add
# group = mail
# mode = 0660
remote_lmtp:
driver = smtp
protocol = lmtp
port = 24
# This transport is used for handling pipe deliveries generated by alias or
# .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe in the routers
# section above.
address_pipe:
driver = pipe
return_output
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the userforward router.
#address_reply:
# driver = autoreply
|