X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~mdw/git/exim-config/blobdiff_plain/5d2f8b656ffbe668f50ac5354dc0b37210032576..af4b4ca8bcc6a4b1de9a2472b84c4de5127138ce:/base.m4

diff --git a/base.m4 b/base.m4
index 4961012..f8b09e4 100644
--- a/base.m4
+++ b/base.m4
@@ -105,7 +105,7 @@ SECTION(global, bounce)m4_dnl
 delay_warning = 1h : 24h : 2d
 
 SECTION(global, tls)m4_dnl
-tls_certificate = CONF_sysconf_dir/server.certlist
+tls_certificate = CONF_certlist
 tls_privatekey = CONF_sysconf_dir/server.key
 tls_advertise_hosts = ${if exists {CONF_sysconf_dir/server.key} {*}{}}
 tls_dhparam = CONF_ca_dir/dh-param-2048.pem
@@ -125,6 +125,10 @@ SECTION(global, acl)m4_dnl
 acl_smtp_helo = helo
 SECTION(acl, misc)m4_dnl
 helo:
+	## Don't worry if this is local submission.  MUAs won't necessarily
+	## have a clear idea of their hostnames.  (For some reason.)
+	accept	 condition = ${if !eq{$acl_c_mode}{submission}}
+
 	## Check that the caller's claimed identity is actually plausible.
 	## This seems like it's a fairly effective filter on spamminess, but
 	## it's too blunt a tool.  Rather than reject, add a warning header.
@@ -239,6 +243,7 @@ check_submission:
 
 	## Remember to apply submission controls.
 	warn	 set acl_c_mode = submission
+		 control = no_enforce_sync
 
 	## Done.
 	accept
@@ -527,6 +532,13 @@ DIVERT(null)
 ### Retry configuration.
 
 SECTION(retry, default)m4_dnl
+## Be persistent when sending to the site relay.  It ought to work, but
+## particularly satellites such as laptops often encounter annoying temporary
+## failures due to network unavailability, and the usual gradual policy can
+## leave mail building up for no good reason.
+CONF_smarthost				* \
+	F,4d,15m
+
 ## Default.
 *					* \
 	F,2h,15m; G,16h,2h,1.5; F,4d,6h