A.3. Options and Settings

The main section of the Exim configuration file (before the first begin keyword) contains various macros, policy controls, and other general settings. Let us start by defining a couple of macros we will use later:

# Define the message size limit; we will use this in the DATA ACL.
MESSAGE_SIZE_LIMIT = 10M

# Maximum message size for which we will run Spam or Virus scanning.
# This is to reduce the load imposed on the server by very large messages.
MESSAGE_SIZE_SPAM_MAX = 1M

# Macro defining a secret that we will use to generate various hashes.
# PLEASE CHANGE THIS!.
SECRET = some-secret

Let us tweak some general Exim settings:

# Treat DNS failures (SERVFAIL) as lookup failures.
# This is so that we can later reject sender addresses 
# within non-existing domains, or domains for which no
# nameserver exists.
dns_again_means_nonexist = !+local_domains : !+relay_to_domains

# Enable HELO verification in ACLs for all hosts
helo_try_verify_hosts = *

# Remove any limitation on the maximum number of incoming
# connections we can serve at one time.  This is so that while
# we later impose SMTP transaction delays for spammers, we
# will not refuse to serve new connections.
smtp_accept_max = 0

# ..unless the system load is above 10
smtp_load_reserve = 10

# Do not advertise ESMTP "PIPELINING" to any hosts.
# This is to trip up ratware, which often tries to pipeline
# commands anyway.
pipelining_advertise_hosts = :

Finally, we will point some Exim policy controls to five ACLs that we will create to evaluate the various stages of an incoming SMTP transaction:

acl_smtp_connect = acl_connect
acl_smtp_helo    = acl_helo
acl_smtp_mail    = acl_mail_from
acl_smtp_rcpt    = acl_rcpt_to
acl_smtp_data    = acl_data