chiark / gitweb /
summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Mark Wooding [Sun, 16 Mar 2014 14:04:00 +0000 (14:04 +0000)]
auth.m4, base.m4, exchange.m4: Make sender-address checking universal.
Previously, satellite hosts weren't doing this at all, and usersat hosts
were doing it half-heartedly. Make sure that everyone does it.
Mark Wooding [Sun, 16 Mar 2014 12:54:46 +0000 (12:54 +0000)]
sat-rewrite.m4: On satellite hosts, rewrite ADDR@HOST.distorted.org.uk.
These addresses are simply wrong, but stamping out programs which try to
issue them one by one is too difficult.
Mark Wooding [Thu, 6 Mar 2014 01:59:29 +0000 (01:59 +0000)]
divmap.m4, lists.m4, vhost.m4: End-stop for required local parts.
We really want to support `postmaster' and `abuse' (any maybe other
local parts which every domain should have), so send them to the
domain owner if nobody has accepted them already.
This involves moving the end-stop for `final' domains into a separate
router, which is a little strange in its configuration, but it does
the job.
Mark Wooding [Thu, 6 Mar 2014 01:52:39 +0000 (01:52 +0000)]
divmap.m4: Move descriptions over by a tab stop.
We have some longer names coming.
Mark Wooding [Thu, 6 Mar 2014 01:54:33 +0000 (01:54 +0000)]
vhost.m4: Refactor virtual host routing some more.
Move the does-this-key-exist condition out of the `VHOST' macro and
into `VHOST_FILTER'. Alas, this means we must repeat the logic for
the `virtual_route' router. But we can take the opportunity to elide
the unnecessary existence checks for the domain keys we just tested in
the router conditions.
Also, switch the arguments to `VHOST_FILTER' around. I think they
make more sense like this.
Mark Wooding [Thu, 6 Mar 2014 02:03:28 +0000 (02:03 +0000)]
vhost.m4: Rename `route' to `virtual_route'.
The old name was just way too generic.
Mark Wooding [Wed, 5 Mar 2014 17:36:22 +0000 (17:36 +0000)]
Change how filtering routers work.
Commit
e7b830e7... was overzealous. In particular, it took the
`alias' router from working. Take out `verify = false' from the
`FILTER_TRANSPORT' options, and replace this with a macro
`FILTER_ROUTER' which generates a verify/delivery router pair with the
right stuff in.
This change also introduces verification-time processing for
`~/.mail/forward' and `~/.forward' files, since that's easy and
possibly useful.
Mark Wooding [Sun, 2 Mar 2014 20:26:47 +0000 (20:26 +0000)]
base.m4: Remove spaces around `=' signs in BADHELO warning.
Makes things easier to parse.
Mark Wooding [Sun, 23 Feb 2014 13:56:02 +0000 (13:56 +0000)]
base.m4: Remove <...> from envelope sender address in Received lines.
Mark Wooding [Wed, 12 Feb 2014 12:52:41 +0000 (12:52 +0000)]
vhost.m4: Add transports to the live filter routers.
Mark Wooding [Wed, 12 Feb 2014 12:52:11 +0000 (12:52 +0000)]
base.m4 (FILTER_TRANSPORTS): Don't use these when verifying.
Exim gets very upset.
Mark Wooding [Tue, 4 Feb 2014 18:04:52 +0000 (18:04 +0000)]
base.m4: Fix received line to report HELO names properly.
Mark Wooding [Mon, 3 Feb 2014 15:35:04 +0000 (15:35 +0000)]
base.m4: More subtle handling of HELO greetings.
Rather than rejecting incorrect HELO greetings, we make two adjustments:
* There's now an auxiliary list, `helo.conf', of manually provided
exceptions, for well-known and basically honest hosts which are just
misconfigured.
* A failure to provide a correct HELO greeting now results in a
BADHELO warning header rather than an immediate rejection.
SpamAssassin has been configured to notice these headers and assign
points for them, because they do seem to be a good indicator of
spamminess.
Mark Wooding [Mon, 3 Feb 2014 15:33:56 +0000 (15:33 +0000)]
exchange.m4: Add the relevant information to `RCLNTLSNDR' warnings.
As a general rule, extra data goes on a subsequent line, as
comma-separated KEY=VALUE pairs.
Mark Wooding [Mon, 3 Feb 2014 15:31:08 +0000 (15:31 +0000)]
config.m4, base.m4: Make the `admin_groups' setting a config knob.
It wants to be overridden in testing.
Mark Wooding [Mon, 3 Feb 2014 15:09:02 +0000 (15:09 +0000)]
spam.m4: Don't bother reading custom spam limits in submission mode.
Mark Wooding [Tue, 28 Jan 2014 02:00:41 +0000 (02:00 +0000)]
README: More or less complete.
Mark Wooding [Sun, 26 Jan 2014 16:02:56 +0000 (16:02 +0000)]
config.m4: List `+' suffixes first.
Otherwise `foo+ping-pong' gets delivered to `foo+ping' with suffix
`-pong', which is obviously silly. Maybe we need to do something
cleverer, but this will do for now.
Mark Wooding [Sun, 26 Jan 2014 16:02:17 +0000 (16:02 +0000)]
spam.m4: Allow negative thresholds.
Mark Wooding [Sun, 26 Jan 2014 16:01:17 +0000 (16:01 +0000)]
spam.m4: Check that non-userv spam thresholds are well-formed.
Both are untrustworthy sources.
Mark Wooding [Sun, 26 Jan 2014 15:53:10 +0000 (15:53 +0000)]
local.m4: Switch `aliases' file to `nwildlsearch' and expand the result.
Makes the file much more versatile.
Mark Wooding [Sun, 26 Jan 2014 13:49:48 +0000 (13:49 +0000)]
vhost.m4: New virtual hosting knobs in `domains.conf'.
`final' is a boolean indicating whether local parts should be looked
up using the system-global rules.
`home' is a home directory to set, which is useful if filter files are
being used.
Mark Wooding [Sun, 26 Jan 2014 13:19:42 +0000 (13:19 +0000)]
spam.m4: Don't check submitted messages.
Also, factor out the `do we check this' logic into a separate ACL,
because I got confused during testing and only modified one copy.
Mark Wooding [Sun, 26 Jan 2014 13:05:32 +0000 (13:05 +0000)]
base.m4, exchange.m4, config.m4: Tweak TLS settings.
Mobile devices object to (a) lack of SHA1, (b) lack of TLSv1.0, and (c)
very large (as they see it) Diffie--Hellman groups. Fix these things,
grudgingly.
Mark Wooding [Sun, 26 Jan 2014 05:25:32 +0000 (05:25 +0000)]
base.m4: Get the `authenticated_sender' rune right.
Mark Wooding [Sun, 26 Jan 2014 05:24:15 +0000 (05:24 +0000)]
exchange.m4, config.m4: Arrange to listen on the submission port.
This involves mentioning the SMTP port too, so add a configuration knob
for it.
Mark Wooding [Sun, 26 Jan 2014 05:23:33 +0000 (05:23 +0000)]
base.m4: Twiddle received lines.
Now we don't have the version comment on its own line if we received
with TLS. The code's a bit uglier (because of the repeated
${if def:tls_cipher ...}) but the output is much neater.
Mark Wooding [Sat, 25 Jan 2014 19:59:43 +0000 (19:59 +0000)]
spam.m4: Don't filter messages intended for post
Mark Wooding [Sat, 25 Jan 2014 19:57:53 +0000 (19:57 +0000)]
auth.m4: Ensure that `not_smtp_start' is properly terminated.
ACLs default to `deny' if you don't say anything. It doesn't actually
matter in this case, since the result of `acl_not_smtp_start' is
ignored, but it's the principle of the thing.
Mark Wooding [Sat, 25 Jan 2014 19:53:01 +0000 (19:53 +0000)]
lists.m4: Need separate local-part and address lists for `user_extaddr'.
Since named lists of different types live in separate namespaces, we
have to duplicate. This is a little annoying.
Mark Wooding [Sat, 25 Jan 2014 15:02:25 +0000 (15:02 +0000)]
spam.m4: Fix report generation to cope with negative scores.
Oops!
Mark Wooding [Sat, 25 Jan 2014 14:33:06 +0000 (14:33 +0000)]
spam.m4: Fiddle with blank lines.
Remove a spurious one; put another in.
Mark Wooding [Sat, 25 Jan 2014 14:21:16 +0000 (14:21 +0000)]
base.m4: Fiddle with permissions settings for local delivery transports.
Mark Wooding [Sat, 25 Jan 2014 14:20:51 +0000 (14:20 +0000)]
base.m4: Allow `adm' users to administrate the server.
Mark Wooding [Sat, 25 Jan 2014 13:48:19 +0000 (13:48 +0000)]
vhost.m4: Don't crash if `domains.conf' doesn't exist.
Mark Wooding [Sat, 25 Jan 2014 13:36:05 +0000 (13:36 +0000)]
Makefile: Verify configurations before installing them.
Since we can't always verify them at the origin, this seems like an
important way of avoiding screwing things up badly.
Mark Wooding [Sat, 25 Jan 2014 13:34:05 +0000 (13:34 +0000)]
Makefile: Remove old debugging rule.
Shouldn't have been committed in the first place.
Mark Wooding [Fri, 10 Jan 2014 11:28:46 +0000 (11:28 +0000)]
exchange.m4: Reluctantly accept local senders from remote clients.
Mark Wooding [Fri, 10 Jan 2014 11:27:26 +0000 (11:27 +0000)]
spam.m4: Apply Exim's header validation to incoming messages.
Mark Wooding [Fri, 10 Jan 2014 11:27:07 +0000 (11:27 +0000)]
base.m4: Add some commentary to the `connect-tail' ACL portion.
Mark Wooding [Fri, 10 Jan 2014 11:26:27 +0000 (11:26 +0000)]
Makefile: Improve commentary.
Mark Wooding [Sun, 29 Dec 2013 20:02:14 +0000 (20:02 +0000)]
Makefile: Better `install' targets, with hostnames only.
Including the config mode just makes the user interface awful.
Mark Wooding [Sun, 29 Dec 2013 19:39:09 +0000 (19:39 +0000)]
Initial commit.