A.3. Options and Settings
The main section of the Exim configuration file (before the
first begin keyword) contains various macros,
policy controls, and other general settings. Let us start by
defining a couple of macros we will use later:
# Define the message size limit; we will use this in the DATA ACL.
MESSAGE_SIZE_LIMIT = 10M
# Maximum message size for which we will run Spam or Virus scanning.
# This is to reduce the load imposed on the server by very large messages.
MESSAGE_SIZE_SPAM_MAX = 1M
# Macro defining a secret that we will use to generate various hashes.
# PLEASE CHANGE THIS!.
SECRET = some-secret
|
Let us tweak some general Exim settings:
# Treat DNS failures (SERVFAIL) as lookup failures.
# This is so that we can later reject sender addresses
# within non-existing domains, or domains for which no
# nameserver exists.
dns_again_means_nonexist = !+local_domains : !+relay_to_domains
# Enable HELO verification in ACLs for all hosts
helo_try_verify_hosts = *
# Remove any limitation on the maximum number of incoming
# connections we can serve at one time. This is so that while
# we later impose SMTP transaction delays for spammers, we
# will not refuse to serve new connections.
smtp_accept_max = 0
# ..unless the system load is above 10
smtp_load_reserve = 10
# Do not advertise ESMTP "PIPELINING" to any hosts.
# This is to trip up ratware, which often tries to pipeline
# commands anyway.
pipelining_advertise_hosts = :
|
Finally, we will point some Exim policy controls to five ACLs
that we will create to evaluate the various stages of an
incoming SMTP transaction:
acl_smtp_connect = acl_connect
acl_smtp_helo = acl_helo
acl_smtp_mail = acl_mail_from
acl_smtp_rcpt = acl_rcpt_to
acl_smtp_data = acl_data
|