*****************************************
*                 CONFIG                *
*****************************************
# When primary_hostname is unset, Exim uses the uname() system function to obtain the host name.
primary_hostname = sharewiz.net
 
domainlist local_domains    = @
 
# if your host is an MX backup or gateway of some kind for some domains, you 
# must set relay_to_domains to match those domains. For example: 
# 
# domainlist relay_to_domains = *.myco.com : my.friend.org 
#
# This will allow any host to relay through your host to those domains. 
# See the section of the manual entitled "Control of relaying" for more 
# information. 
domainlist relay_to_domains =
 
# Hosts that can use your host as an outgoing relay 
# to any other host on the Internet. For example: 
#hostlist   relay_from_hosts = 127.0.0.1 : 192.168.1.0/24 
hostlist   relay_from_hosts = 127.0.0.1
 
 
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
 
# av_scanner = clamd:/tmp/clamd
# spamd_address = 127.0.0.1 783
 
# TLS.
tls_advertise_hosts = *
tls_certificate = /etc/ssl/exim.crt
tls_privatekey = /etc/ssl/exim.pem
tls_dhparam = /etc/exim/dh.key 
 
# note single-quotes to get ! past any shell history expansion
$ openssl ciphers 'HIGH:!MD5:!SHA1'
# OpenSSL variant; see man ciphers(1)
tls_require_ciphers = ${if =={$received_port}{25}\
                           {DEFAULT}\
                           {HIGH:!MD5:!SHA1}}
 
 
 
 
 
# SMTP port 25 is often blocked on end-user networks, so RFC 4409 specifies that message submission should use port 587 instead. 
# However some software (notably Microsoft Outlook) cannot be configured to use port 587 correctly, so these settings also enable 
# the non-standard “smtps” (aka “ssmtp”) port 465 
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
 
# Defaults to use if not provided.
# If you do not set qualify_domain, the value of primary_hostname is used.
# qualify_domain = sharewiz.net
# qualify_recipient =
 
# No delivery must ever be run as the root user
never_users = root
 
# Exim should do a reverse DNS lookup on all incoming connections, in order to get a host name
host_lookup = *
 
# These settings cause Exim to avoid ident callbacks for all incoming SMTP calls.
rfc1413_hosts = *
rfc1413_query_timeout = 0s
 
# Increase the detail of logging over the default:
log_selector = +smtp_protocol_error +smtp_syntax_error \
               +tls_certificate_verified
 
 
# Failing bounce messages are to be discarded after 2 days on the queue. 
ignore_bounce_errors_after = 2d
 
# Any frozen message (whether a bounce message or not) is to be timed out (and discarded) after a week.
timeout_frozen_after = 7d
 
 
smtp_accept_queue_per_connection = 1000 
smtp_accept_max_per_connection = 10000 
extract_addresses_remove_arguments = false 
 
 
# Remove exim local username
# Add verbose received-header: 
received_header_text = Received: \ 
          ${if def:sender_fullhost {from ${sender_fullhost}\ 
          ${if def:sender_ident {(${sender_ident})}}}\ 
          {${if def:sender_ident {from ${sender_ident} }}}}\ 
          by ${primary_hostname}\ 
          ${if def:received_protocol {with ${received_protocol}}}\ 
          ${if def:tls_cipher {(tls_cipher ${tls_cipher})}}\ 
          ${if def:tls_peerdn {(tls_peerdn ${tls_peerdn})}}\ 
          (Exim ${version_number} #${compile_number} (Gentoo Linux 1.4))\ 
          id ${message_id} 
 
 
 
begin acl