add switch-host2

[distro-setup] / mail-setup

diff --git a/mail-setup b/mail-setup
index b3cb092539fc6b6ccd079c0c102ce74980a77d0f..36b0e9d6345334396ab4010b79a06f3b85bac9a0 100755 (executable)
--- a/mail-setup
+++ b/mail-setup
@@ -849,13 +849,16 @@ EOF
 
 
 # * Update mail cert
-if [[ -e /p/c/filesystem ]]; then
-  # note, man openvpn implies we could just call mail-route on vpn startup/shutdown with
-  # systemd, buuut it can remake the tun device unexpectedly, i got this in the log
-  # after my internet was down for a bit:
-  # NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
-  m /a/exe/vpn-mk-client-cert -b mailclient -n mail li.iankelling.org
-fi
+
+
+## needed only for openvpn mail vpn.
+# if [[ -e /p/c/filesystem ]]; then
+#   # note, man openvpn implies we could just call mail-route on vpn startup/shutdown with
+#   # systemd, buuut it can remake the tun device unexpectedly, i got this in the log
+#   # after my internet was down for a bit:
+#   # NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
+#   m /a/exe/vpn-mk-client-cert -b mailclient -n mail li.iankelling.org
+# fi
 
 # With openvpn, I didn't get around to persisting the openvpn
 # cert/configs into /p/c/machine_specific/bk, so I had this case to
@@ -1369,9 +1372,6 @@ i /etc/exim4/conf.d/transport/30_remote_smtp_vpn <<'EOF'
 remote_smtp_vpn:
   debug_print = "T: remote_smtp_vpn for $local_part@$domain"
   driver = smtp
-.ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
-  message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
-.endif
 .ifdef REMOTE_SMTP_HOSTS_AVOID_TLS
   hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS
 .endif
@@ -1427,9 +1427,6 @@ smarthost_dkim:
   debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
   driver = smtp
   multi_domain
-.ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
-  message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
-.endif
   hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
         {\
         ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
@@ -2747,8 +2744,8 @@ EOF
 backup_remote:
   driver = smtp
   multi_domain
-.ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT
-  message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
+.ifdef IGNORE_SMTP_LINE_LENGTH_LIMIT
+  message_linelength_limit = 1000000
 .endif
   hosts_require_auth = *
   hosts_try_auth = *
@@ -2789,12 +2786,12 @@ tls_privatekey = REMOTE_SMTP_SMARTHOST_PRIVATEKEY
 EOF
 
 
-    # this avoids some error. i cant remember what. todo:
-    # test it out and document why/if its needed.
-    #     i /etc/exim4/host_local_deny_exceptions <<'EOF'
-    # mail.fsf.org
-    # *.posteo.de
-    # EOF
+    # This allows for forward mail to not get most rcpt checks, especially SPF,
+    # which would incorrectly get denied.
+    i /etc/exim4/host_local_deny_exceptions <<'EOF'
+mail.fsf.org
+*.posteo.de
+EOF
 
     # cron email from smarthost hosts will automatically be to
     # USER@FQDN. I redirect that to alerts@, on the smarthosts, but in