elma-commit — SVN commit messages

[Elma-commit] SF.net SVN: elma: [193] trunk

[<el...@us...>]

Revision: 193
          http://elma.svn.sourceforge.net/elma/?rev=193&view=rev
Author:   elch86
Date:     2007-12-07 04:57:14 -0800 (Fri, 07 Dec 2007)

Log Message:
-----------
Added sub-directory vendor/ to hold vendor-provided packages.
Added Smarty-2.6.18 to be shipped within elma.
Added smarty-gettext-1.0b1.

This also circumvents some PHP Safe Mode brokenness..

Modified Paths:
--------------
    trunk/includes/my_functions.inc.php
    trunk/includes/smarty.inc.php

Added Paths:
-----------
    trunk/vendor/
    trunk/vendor/Smarty-2.6.18/
    trunk/vendor/Smarty-2.6.18/BUGS
    trunk/vendor/Smarty-2.6.18/COPYING.lib
    trunk/vendor/Smarty-2.6.18/ChangeLog
    trunk/vendor/Smarty-2.6.18/FAQ
    trunk/vendor/Smarty-2.6.18/INSTALL
    trunk/vendor/Smarty-2.6.18/NEWS
    trunk/vendor/Smarty-2.6.18/QUICK_START
    trunk/vendor/Smarty-2.6.18/README
    trunk/vendor/Smarty-2.6.18/RELEASE_NOTES
    trunk/vendor/Smarty-2.6.18/TODO
    trunk/vendor/Smarty-2.6.18/demo/
    trunk/vendor/Smarty-2.6.18/demo/configs/
    trunk/vendor/Smarty-2.6.18/demo/configs/test.conf
    trunk/vendor/Smarty-2.6.18/demo/index.php
    trunk/vendor/Smarty-2.6.18/demo/templates/
    trunk/vendor/Smarty-2.6.18/demo/templates/footer.tpl
    trunk/vendor/Smarty-2.6.18/demo/templates/header.tpl
    trunk/vendor/Smarty-2.6.18/demo/templates/index.tpl
    trunk/vendor/Smarty-2.6.18/demo/templates_c/
    trunk/vendor/Smarty-2.6.18/libs/
    trunk/vendor/Smarty-2.6.18/libs/Config_File.class.php
    trunk/vendor/Smarty-2.6.18/libs/Smarty.class.php
    trunk/vendor/Smarty-2.6.18/libs/Smarty_Compiler.class.php
    trunk/vendor/Smarty-2.6.18/libs/debug.tpl
    trunk/vendor/Smarty-2.6.18/libs/internals/
    trunk/vendor/Smarty-2.6.18/libs/internals/core.assemble_plugin_filepath.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.assign_smarty_interface.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.create_dir_structure.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.display_debug_console.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.get_include_path.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.get_microtime.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.get_php_resource.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.is_secure.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.is_trusted.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.load_plugins.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.load_resource_plugin.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.process_cached_inserts.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.process_compiled_include.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.read_cache_file.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.rm_auto.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.rmdir.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.run_insert_handler.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.smarty_include_php.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.write_cache_file.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.write_compiled_include.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.write_compiled_resource.php
    trunk/vendor/Smarty-2.6.18/libs/internals/core.write_file.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/
    trunk/vendor/Smarty-2.6.18/libs/plugins/block.t.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/block.textformat.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/compiler.assign.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.assign_debug_info.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.config_load.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.counter.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.cycle.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.debug.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.eval.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.fetch.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.html_checkboxes.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.html_image.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.html_options.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.html_radios.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.html_select_date.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.html_select_time.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.html_table.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.mailto.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.math.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.popup.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/function.popup_init.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.capitalize.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.cat.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.count_characters.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.count_paragraphs.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.count_sentences.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.count_words.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.date_format.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.debug_print_var.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.default.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.escape.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.indent.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.lower.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.nl2br.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.regex_replace.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.replace.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.spacify.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.string_format.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.strip.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.strip_tags.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.truncate.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.upper.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/modifier.wordwrap.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/outputfilter.trimwhitespace.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/shared.escape_special_chars.php
    trunk/vendor/Smarty-2.6.18/libs/plugins/shared.make_timestamp.php
    trunk/vendor/Smarty-2.6.18/misc/
    trunk/vendor/Smarty-2.6.18/misc/smarty_icon.README
    trunk/vendor/Smarty-2.6.18/misc/smarty_icon.gif
    trunk/vendor/Smarty-2.6.18/unit_test/
    trunk/vendor/Smarty-2.6.18/unit_test/README
    trunk/vendor/Smarty-2.6.18/unit_test/config.php
    trunk/vendor/Smarty-2.6.18/unit_test/configs/
    trunk/vendor/Smarty-2.6.18/unit_test/configs/globals_double_quotes.conf
    trunk/vendor/Smarty-2.6.18/unit_test/configs/globals_single_quotes.conf
    trunk/vendor/Smarty-2.6.18/unit_test/smarty_unit_test.php
    trunk/vendor/Smarty-2.6.18/unit_test/smarty_unit_test_gui.php
    trunk/vendor/Smarty-2.6.18/unit_test/templates/
    trunk/vendor/Smarty-2.6.18/unit_test/templates/assign_var.tpl
    trunk/vendor/Smarty-2.6.18/unit_test/templates/constant.tpl
    trunk/vendor/Smarty-2.6.18/unit_test/templates/index.tpl
    trunk/vendor/Smarty-2.6.18/unit_test/templates/parse_math.tpl
    trunk/vendor/Smarty-2.6.18/unit_test/templates/parse_obj_meth.tpl
    trunk/vendor/Smarty-2.6.18/unit_test/test_cases.php
    trunk/vendor/Smarty-2.6.18.tar.gz
    trunk/vendor/smarty
    trunk/vendor/smarty-gettext-1.0b1/
    trunk/vendor/smarty-gettext-1.0b1/COPYING
    trunk/vendor/smarty-gettext-1.0b1/ChangeLog
    trunk/vendor/smarty-gettext-1.0b1/README
    trunk/vendor/smarty-gettext-1.0b1/block.t.php
    trunk/vendor/smarty-gettext-1.0b1/tsmarty2c.php
    trunk/vendor/smarty-gettext-1.0b1.tgz

Modified: trunk/includes/my_functions.inc.php
===================================================================
--- trunk/includes/my_functions.inc.php	2007-11-27 14:01:53 UTC (rev 192)
+++ trunk/includes/my_functions.inc.php	2007-12-07 12:57:14 UTC (rev 193)
@@ -139,7 +139,12 @@
             break;
         case "password": if (!preg_match("/^$/",$string)) $valid_data = TRUE;
             break;
-        case "mailaliasedname": if ((validate_data($string,"uid")) || (validate_data($string,"email"))) $valid_data = TRUE;
+        case "mailaliasedname": 
+            if (
+                (validate_data($string,"email")) || 
+                (preg_match("/(?:[a-z-]\.)+[a-z-]/", $string))
+            )
+                $valid_data = TRUE;
             break;
         case "email": if (preg_match("/^([0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])*@(([0-9a-zA-Z])+([-\w]*[0-9a-zA-Z])*\.)+[a-zA-Z]{2,9})$/",$string)) $valid_data = TRUE;
             break;

Modified: trunk/includes/smarty.inc.php
===================================================================
--- trunk/includes/smarty.inc.php	2007-11-27 14:01:53 UTC (rev 192)
+++ trunk/includes/smarty.inc.php	2007-12-07 12:57:14 UTC (rev 193)
@@ -27,7 +27,7 @@
  * =====================================================================
  */
 
-require("/usr/share/php/smarty/libs/Smarty.class.php");
+require(getcwd().'/vendor/smarty/libs/Smarty.class.php');
 
 $smarty = new Smarty;
 $smarty->template_dir = getcwd().'/templates/'.TEMPLATE.'/';

Added: trunk/vendor/Smarty-2.6.18/BUGS
===================================================================
--- trunk/vendor/Smarty-2.6.18/BUGS	                        (rev 0)
+++ trunk/vendor/Smarty-2.6.18/BUGS	2007-12-07 12:57:14 UTC (rev 193)
@@ -0,0 +1,7 @@
+Smarty is supported only in PHP 4.0.6 or later.
+
+Smarty versions previous to 2.0 require the PEAR libraries. Be sure to include
+the path to the PEAR libraries in your php include_path. Config_file.class.php
+uses the PEAR library for its error handling routines. PEAR comes with the PHP
+distribution. Unix users check /usr/local/lib/php, windows users check
+C:/php/pear.

Added: trunk/vendor/Smarty-2.6.18/COPYING.lib
===================================================================
--- trunk/vendor/Smarty-2.6.18/COPYING.lib	                        (rev 0)
+++ trunk/vendor/Smarty-2.6.18/COPYING.lib	2007-12-07 12:57:14 UTC (rev 193)
@@ -0,0 +1,458 @@
+		  GNU LESSER GENERAL PUBLIC LICENSE
+		       Version 2.1, February 1999
+
+ Copyright (C) 1991, 1999 Free Software Foundation, Inc.
+     59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+[This is the first released version of the Lesser GPL.  It also counts
+ as the successor of the GNU Library Public License, version 2, hence
+ the version number 2.1.]
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+Licenses are intended to guarantee your freedom to share and change
+free software--to make sure the software is free for all its users.
+
+  This license, the Lesser General Public License, applies to some
+specially designated software packages--typically libraries--of the
+Free Software Foundation and other authors who decide to use it.  You
+can use it too, but we suggest you first think carefully about whether
+this license or the ordinary General Public License is the better
+strategy to use in any particular case, based on the explanations below.
+
+  When we speak of free software, we are referring to freedom of use,
+not price.  Our General Public Licenses are designed to make sure that
+you have the freedom to distribute copies of free software (and charge
+for this service if you wish); that you receive source code or can get
+it if you want it; that you can change the software and use pieces of
+it in new free programs; and that you are informed that you can do
+these things.
+
+  To protect your rights, we need to make restrictions that forbid
+distributors to deny you these rights or to ask you to surrender these
+rights.  These restrictions translate to certain responsibilities for
+you if you distribute copies of the library or if you modify it.
+
+  For example, if you distribute copies of the library, whether gratis
+or for a fee, you must give the recipients all the rights that we gave
+you.  You must make sure that they, too, receive or can get the source
+code.  If you link other code with the library, you must provide
+complete object files to the recipients, so that they can relink them
+with the library after making changes to the library and recompiling
+it.  And you must show them these terms so they know their rights.
+
+  We protect your rights with a two-step method: (1) we copyright the
+library, and (2) we offer you this license, which gives you legal
+permission to copy, distribute and/or modify the library.
+
+  To protect each distributor, we want to make it very clear that
+there is no warranty for the free library.  Also, if the library is
+modified by someone else and passed on, the recipients should know
+that what they have is not the original version, so that the original
+author's reputation will not be affected by problems that might be
+introduced by others.
+
+  Finally, software patents pose a constant threat to the existence of
+any free program.  We wish to make sure that a company cannot
+effectively restrict the users of a free program by obtaining a
+restrictive license from a patent holder.  Therefore, we insist that
+any patent license obtained for a version of the library must be
+consistent with the full freedom of use specified in this license.
+
+  Most GNU software, including some libraries, is covered by the
+ordinary GNU General Public License.  This license, the GNU Lesser
+General Public License, applies to certain designated libraries, and
+is quite different from the ordinary General Public License.  We use
+this license for certain libraries in order to permit linking those
+libraries into non-free programs.
+
+  When a program is linked with a library, whether statically or using
+a shared library, the combination of the two is legally speaking a
+combined work, a derivative of the original library.  The ordinary
+General Public License therefore permits such linking only if the
+entire combination fits its criteria of freedom.  The Lesser General
+Public License permits more lax criteria for linking other code with
+the library.
+
+  We call this license the "Lesser" General Public License because it
+does Less to protect the user's freedom than the ordinary General
+Public License.  It also provides other free software developers Less
+of an advantage over competing non-free programs.  These disadvantages
+are the reason we use the ordinary General Public License for many
+libraries.  However, the Lesser license provides advantages in certain
+special circumstances.
+
+  For example, on rare occasions, there may be a special need to
+encourage the widest possible use of a certain library, so that it becomes
+a de-facto standard.  To achieve this, non-free programs must be
+allowed to use the library.  A more frequent case is that a free
+library does the same job as widely used non-free libraries.  In this
+case, there is little to gain by limiting the free library to free
+software only, so we use the Lesser General Public License.
+
+  In other cases, permission to use a particular library in non-free
+programs enables a greater number of people to use a large body of
+free software.  For example, permission to use the GNU C Library in
+non-free programs enables many more people to use the whole GNU
+operating system, as well as its variant, the GNU/Linux operating
+system.
+
+  Although the Lesser General Public License is Less protective of the
+users' freedom, it does ensure that the user of a program that is
+linked with the Library has the freedom and the wherewithal to run
+that program using a modified version of the Library.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.  Pay close attention to the difference between a
+"work based on the library" and a "work that uses the library".  The
+former contains code derived from the library, whereas the latter must
+be combined with the library in order to run.
+
+		  GNU LESSER GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License Agreement applies to any software library or other
+program which contains a notice placed by the copyright holder or
+other authorized party saying it may be distributed under the terms of
+this Lesser General Public License (also called "this License").
+Each licensee is addressed as "you".
+
+  A "library" means a collection of software functions and/or data
+prepared so as to be conveniently linked with application programs
+(which use some of those functions and data) to form executables.
+
+  The "Library", below, refers to any such software library or work
+which has been distributed under these terms.  A "work based on the
+Library" means either the Library or any derivative work under
+copyright law: that is to say, a work containing the Library or a
+portion of it, either verbatim or with modifications and/or translated
+straightforwardly into another language.  (Hereinafter, translation is
+included without limitation in the term "modification".)
+
+  "Source code" for a work means the preferred form of the work for
+making modifications to it.  For a library, complete source code means
+all the source code for all modules it contains, plus any associated
+interface definition files, plus the scripts used to control compilation
+and installation of the library.
+
+  Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running a program using the Library is not restricted, and output from
+such a program is covered only if its contents constitute a work based
+on the Library (independent of the use of the Library in a tool for
+writing it).  Whether that is true depends on what the Library does
+and what the program that uses the Library does.
+  
+  1. You may copy and distribute verbatim copies of the Library's
+complete source code as you receive it, in any medium, provided that
+you conspicuously and appropriately publish on each copy an
+appropriate copyright notice and disclaimer of warranty; keep intact
+all the notices that refer to this License and to the absence of any
+warranty; and distribute a copy of this License along with the
+Library.
+
+  You may charge a fee for the physical act of transferring a copy,
+and you may at your option offer warranty protection in exchange for a
+fee.
+
+  2. You may modify your copy or copies of the Library or any portion
+of it, thus forming a work based on the Library, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) The modified work must itself be a software library.
+
+    b) You must cause the files modified to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    c) You must cause the whole of the work to be licensed at no
+    charge to all third parties under the terms of this License.
+
+    d) If a facility in the modified Library refers to a function or a
+    table of data to be supplied by an application program that uses
+    the facility, other than as an argument passed when the facility
+    is invoked, then you must make a good faith effort to ensure that,
+    in the event an application does not supply such function or
+    table, the facility still operates, and performs whatever part of
+    its purpose remains meaningful.
+
+    (For example, a function in a library to compute square roots has
+    a purpose that is entirely well-defined independent of the
+    application.  Therefore, Subsection 2d requires that any
+    application-supplied function or table used by this function must
+    be optional: if the application does not supply it, the square
+    root function must still compute square roots.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Library,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Library, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote
+it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Library.
+
+In addition, mere aggregation of another work not based on the Library
+with the Library (or with a work based on the Library) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may opt to apply the terms of the ordinary GNU General Public
+License instead of this License to a given copy of the Library.  To do
+this, you must alter all the notices that refer to this License, so
+that they refer to the ordinary GNU General Public License, version 2,
+instead of to this License.  (If a newer version than version 2 of the
+ordinary GNU General Public License has appeared, then you can specify
+that version instead if you wish.)  Do not make any other change in
+these notices.
+
+  Once this change is made in a given copy, it is irreversible for
+that copy, so the ordinary GNU General Public License applies to all
+subsequent copies and derivative works made from that copy.
+
+  This option is useful when you wish to copy part of the code of
+the Library into a program that is not a library.
+
+  4. You may copy and distribute the Library (or a portion or
+derivative of it, under Section 2) in object code or executable form
+under the terms of Sections 1 and 2 above provided that you accompany
+it with the complete corresponding machine-readable source code, which
+must be distributed under the terms of Sections 1 and 2 above on a
+medium customarily used for software interchange.
+
+  If distribution of object code is made by offering access to copy
+from a designated place, then offering equivalent access to copy the
+source code from the same place satisfies the requirement to
+distribute the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  5. A program that contains no derivative of any portion of the
+Library, but is designed to work with the Library by being compiled or
+linked with it, is called a "work that uses the Library".  Such a
+work, in isolation, is not a derivative work of the Library, and
+therefore falls outside the scope of this License.
+
+  However, linking a "work that uses the Library" with the Library
+creates an executable that is a derivative of the Library (because it
+contains portions of the Library), rather than a "work that uses the
+library".  The executable is therefore covered by this License.
+Section 6 states terms for distribution of such executables.
+
+  When a "work that uses the Library" uses material from a header file
+that is part of the Library, the object code for the work may be a
+derivative work of the Library even though the source code is not.
+Whether this is true is especially significant if the work can be
+linked without the Library, or if the work is itself a library.  The
+threshold for this to be true is not precisely defined by law.
+
+  If such an object file uses only numerical parameters, data
+structure layouts and accessors, and small macros and small inline
+functions (ten lines or less in length), then the use of the object
+file is unrestricted, regardless of whether it is legally a derivative
+work.  (Executables containing this object code plus portions of the
+Library will still fall under Section 6.)
+
+  Otherwise, if the work is a derivative of the Library, you may
+distribute the object code for the work under the terms of Section 6.
+Any executables containing that work also fall under Section 6,
+whether or not they are linked directly with the Library itself.
+
+  6. As an exception to the Sections above, you may also combine or
+link a "work that uses the Library" with the Library to produce a
+work containing portions of the Library, and distribute that work
+under terms of your choice, provided that the terms permit
+modification of the work for the customer's own use and reverse
+engineering for debugging such modifications.
+
+  You must give prominent notice with each copy of the work that the
+Library is used in it and that the Library and its use are covered by
+this License.  You must supply a copy of this License.  If the work
+during execution displays copyright notices, you must include the
+copyright notice for the Library among them, as well as a reference
+directing the user to the copy of this License.  Also, you must do one
+of these things:
+
+    a) Accompany the work with the complete corresponding
+    machine-readable source code for the Library including whatever
+    changes were used in the work (which must be distributed under
+    Sections 1 and 2 above); and, if the work is an executable linked
+    with the Library, with the complete machine-readable "work that
+    uses the Library", as object code and/or source code, so that the
+    user can modify the Library and then relink to produce a modified
+    executable containing the modified Library.  (It is understood
+    that the user who changes the contents of definitions files in the
+    Library will not necessarily be able to recompile the application
+    to use the modified definitions.)
+
+    b) Use a suitable shared library mechanism for linking with the
+    Library.  A suitable mechanism is one that (1) uses at run time a
+    copy of the library already present on the user's computer system,
+    rather than copying library functions into the executable, and (2)
+    will operate properly with a modified version of the library, if
+    the user installs one, as long as the modified version is
+    interface-compatible with the version that the work was made with.
+
+    c) Accompany the work with a written offer, valid for at
+    least three years, to give the same user the materials
+    specified in Subsection 6a, above, for a charge no more
+    than the cost of performing this distribution.
+
+    d) If distribution of the work is made by offering access to copy
+    from a designated place, offer equivalent access to copy the above
+    specified materials from the same place.
+
+    e) Verify that the user has already received a copy of these
+    materials or that you have already sent this user a copy.
+
+  For an executable, the required form of the "work that uses the
+Library" must include any data and utility programs needed for
+reproducing the executable from it.  However, as a special exception,
+the materials to be distributed need not include anything that is
+normally distributed (in either source or binary form) with the major
+components (compiler, kernel, and so on) of the operating system on
+which the executable runs, unless that component itself accompanies
+the executable.
+
+  It may happen that this requirement contradicts the license
+restrictions of other proprietary libraries that do not normally
+accompany the operating system.  Such a contradiction means you cannot
+use both them and the Library together in an executable that you
+distribute.
+
+  7. You may place library facilities that are a work based on the
+Library side-by-side in a single library together with other library
+facilities not covered by this License, and distribute such a combined
+library, provided that the separate distribution of the work based on
+the Library and of the other library facilities is otherwise
+permitted, and provided that you do these two things:
+
+    a) Accompany the combined library with a copy of the same work
+    based on the Library, uncombined with any other library
+    facilities.  This must be distributed under the terms of the
+    Sections above.
+
+    b) Give prominent notice with the combined library of the fact
+    that part of it is a work based on the Library, and explaining
+    where to find the accompanying uncombined form of the same work.
+
+  8. You may not copy, modify, sublicense, link with, or distribute
+the Library except as expressly provided under this License.  Any
+attempt otherwise to copy, modify, sublicense, link with, or
+distribute the Library is void, and will automatically terminate your
+rights under this License.  However, parties who have received copies,
+or rights, from you under this License will not have their licenses
+terminated so long as such parties remain in full compliance.
+
+  9. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Library or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Library (or any work based on the
+Library), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Library or works based on it.
+
+  10. Each time you redistribute the Library (or any work based on the
+Library), the recipient automatically receives a license from the
+original licensor to copy, distribute, link with or modify the Library
+subject to these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties with
+this License.
+
+  11. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Library at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Library by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Library.
+
+If any portion of this section is held invalid or unenforceable under any
+particular circumstance, the balance of the section is intended to apply,
+and the section as a whole is intended to apply in other circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  12. If the distribution and/or use of the Library is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Library under this License may add
+an explicit geographical distribution limitation excluding those countries,
+so that distribution is permitted only in or among countries not thus
+excluded.  In such case, this License incorporates the limitation as if
+written in the body of this License.
+
+  13. The Free Software Foundation may publish revised and/or new
+versions of the Lesser General Public License from time to time.
+Such new versions will be similar in spirit to the present version,
+but may differ in detail to address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Library
+specifies a version number of this License which applies to it and
+"any later version", you have the option of following the terms and
+conditions either of that version or of any later version published by
+the Free Software Foundation.  If the Library does not specify a
+license version number, you may choose any version ever published by
+the Free Software Foundation.
+
+  14. If you wish to incorporate parts of the Library into other free
+programs whose distribution conditions are incompatible with these,
+write to the author to ask for permission.  For software which is
+copyrighted by the Free Software Foundation, write to the Free
+Software Foundation; we sometimes make exceptions for this.  Our
+decision will be guided by the two goals of preserving the free status
+of all derivatives of our free software and of promoting the sharing
+and reuse of software generally.
+
+			    NO WARRANTY
+
+  15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
+WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
+OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
+KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
+LIBRARY IS WITH YOU.  SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
+THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
+WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
+AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
+FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
+CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
+RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
+FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
+SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES.
+
+		     END OF TERMS AND CONDITIONS

Added: trunk/vendor/Smarty-2.6.18/ChangeLog
===================================================================
--- trunk/vendor/Smarty-2.6.18/ChangeLog	                        (rev 0)
+++ trunk/vendor/Smarty-2.6.18/ChangeLog	2007-12-07 12:57:14 UTC (rev 193)
@@ -0,0 +1,8667 @@
+2007-03-06  Monte Ohrt  <mo...@oh...>
+
+    * NEWS
+      libs/plugins/function.html_select_date.php:
+      fix html_select_date separator when parts are missing (thanks to kayk for
+      the patch)
+
+2007-03-06  Messju Mohr  <me...@la...>
+
+    * libs/Config_File.class.php
+      libs/Smarty.class.php
+      libs/Smarty_Compiler.class.php:
+      bumped version number
+
+    * NEWS:
+      added release headline
+
+    * libs/internals/core.write_compiled_include.php:
+      fixed detection of non-cached block when writing compiled includes
+
+2007-03-01  Danilo Buerger  <da...@bl...>
+
+    * NEWS
+      libs/Smarty_Compiler.class.php:
+      Applied boots clean up patch and removed commented out code.
+      Updated NEWS file
+
+2007-02-27  Danilo Buerger  <da...@bl...>
+
+    * NEWS
+      docs/en/designers/language-modifiers/language-modifier-date-format.xml
+      libs/internals/core.write_file.php
+      libs/plugins/modifier.date_format.php:
+      Updated smarty_core_write_file() and smarty_modifier_date_format() to speed
+      up Windows detection.
+      Emulated more parameters for Windows in smarty_modifier_date_format() and
+      fixed some old ones.
+      Updated the docs to tell what parameters are emulated on Windows.
+      Updated NEWS file.
+
+    * NEWS:
+      Updated NEWS file to reflect changes commited in the last revision
+
+2007-02-27  Monte Ohrt  <mo...@oh...>
+
+    * docs/en/appendixes/troubleshooting.xml:
+      fix typo
+
+2007-02-27  Danilo Buerger  <da...@bl...>
+
+    * libs/Smarty_Compiler.class.php:
+      Modified _(push|pop)_cacheable_state() to embedd alternate syntax. See this
+      bug report: http://www.phpinsider.com/smarty-forum/viewtopic.php?t=10502
+
+2007-02-26  Peter 'Mash' Morgan  <pm...@da...>
+
+    * docs/en/designers/language-custom-functions/language-function-html-options.xml:
+      Fix incorrect var name
+
+2007-02-23  Monte Ohrt  <mo...@oh...>
+
+    * libs/Smarty_Compiler.class.php:
+      escape creating of language=php from interleaving
+
+    * libs/Smarty_Compiler.class.php:
+      add removed line back in
+
+    * libs/Smarty_Compiler.class.php:
+      fix up last patch, remove unnecessary lines
+
+    * libs/Smarty_Compiler.class.php:
+      fix situation when no compiled tags are present
+
+    * libs/Smarty_Compiler.class.php:
+      fix problem with php open tags generated from tag interleaving
+
+2007-02-06  boots  <jay...@ya...>
+
+    * docs/en/programmers/advanced-features/template-resources.xml:
+      Correct default template handler function example.
+
+2007-01-17  Messju Mohr  <me...@la...>
+
+    * NEWS
+      libs/plugins/modifier.truncate.php:
+      fixed handling of $etc in the truncate modifier when $etc is longer
+      than $length.
+      
+      thanks to Sylvinus!
+
+2007-01-10  boots  <jay...@ya...>
+
+    * NEWS
+      libs/plugins/modifier.date_format.php
+      libs/plugins/modifier.date_format.php:
+      fix handling of %I with mysql timestamps
+      
+      Thanks to Danilo Buerger
+
+    * NEWS
+      libs/internals/core.write_file.php:
+      Better recognize Windows filesystems to reduce warnings
+
+    * NEWS
+      libs/plugins/modifier.date_format.php:
+      Emulate %R in the date_format modifier on Windows
+      
+      Thanks to Danilo Buerger
+
+2006-12-10  Yannick Torres  <yan...@ke...>
+
+    * docs/fr/getting-started.xml:
+      fix build
+
+    * docs/fr/language-snippets.ent
+      docs/fr/designers/language-builtin-functions/language-function-include-php.xml
+      docs/fr/designers/language-modifiers/language-modifier-truncate.xml
+      docs/fr/designers/language-variables/language-variables-smarty.xml:
+      sync with EN
+
+2006-12-02  Peter 'Mash' Morgan  <pm...@da...>
+
+    * docs/en/designers/language-builtin-functions/language-function-include-php.xml:
+      Tidy example, speeling andd add links
+
+    * docs/en/getting-started.xml:
+      Add/correct entities
+
+    * docs/entities/global.ent:
+      Fix entities (strange)
+
+2006-12-01  Monte Ohrt  <mo...@oh...>
+
+    * libs/Config_File.class.php
+      libs/Smarty.class.php
+      libs/Smarty_Compiler.class.php:
+      update dev version numbers
+
+2006-12-01  boots  <jay...@ya...>
+
+    * (Smarty_2_6_16)
+      NEWS:
+      Fixed replacement bug introduced in trimwhitespaces output filter that
+      was introduced in the last release.
+      
+      Thanks to Spuerhund from the forums.
+
+    * (Smarty_2_6_16)
+      libs/plugins/outputfilter.trimwhitespace.php:
+      Fixed replacement bug introduced by last changes.
+      
+      Thanks to Spuerhund from the forums.
+
+2006-11-30  Monte Ohrt  <mo...@oh...>
+
+    * NEWS
+      docs/en/designers/language-modifiers/language-modifier-truncate.xml
+      libs/Config_File.class.php
+      libs/Smarty.class.php
+      libs/Smarty_Compiler.class.php:
+      update dev version numbers, fix manual typo
+
+2006-11-22  George Miroshnikov  <su...@in...>
+
+    * docs/ru/getting-started.xml
+      docs/ru/language-snippets.ent:
+      sync with EN
+
+    * docs/en/getting-started.xml:
+      replaced hardcoded path separator with PATH_SEPARATOR constant
+
+2006-11-20  boots  <jay...@ya...>
+
+    * libs/plugins/modifier.debug_print_var.php:
+      fix depth formatting of arrays and objects in modifier debug_print_var
+
+2006-11-10  Messju Mohr  <me...@la...>
+
+    * docs/en/designers/language-variables/language-variables-smarty.xml:
+      fixed typo. thanks jonez.
+
+2006-11-08  boots  <jay...@ya...>
+
+    * NEWS
+      libs/internals/core.write_file.php:
+      change file writing semantics in smarty_core_write_file()
+      
+      This avoids unlink() unless rename() fails or a Windows system is detected
+      
+      see: http://www.phpinsider.com/smarty-forum/viewtopic.php?t=6956
+      
+      Thanks to c960657 from the forums.
+
+2006-11-07  boots  <jay...@ya...>
+
+    * NEWS
+      libs/debug.tpl:
+      update debug.tpl to xhtml 1.1 compliance, fix javascript escaping in debug
+      output and apply a Smarty based color scheme
+      
+      see: http://www.phpinsider.com/smarty-forum/viewtopic.php?t=7178
+      
+      thanks to cybot from the forums!
+
+    * NEWS
+      libs/plugins/modifier.debug_print_var.php:
+      enhance reporting precision of debug_print_var modifier
+      
+      see: http://www.phpinsider.com/smarty-forum/viewtopic.php?t=9281
+      
+      thanks to cybot from the forums
+
+2006-11-01  boots  <jay...@ya...>
+
+    * NEWS
+      libs/plugins/function.html_select_date.php:
+      make html_select_date work consistently with 0000-00-00 00:00:00 and
+      0000-00-00 inputs
+      
+      Thanks to cybot from forums
+
+2006-10-16  George Miroshnikov  <su...@in...>
+
+    * docs/en/language-snippets.ent:
+      minor typo fix - &$class doesn't make sense.
+
+2006-10-14  Yannick Torres  <yan...@ke...>
+
+    * docs/fr/designers/language-basic-syntax.xml
+      docs/fr/designers/language-builtin-functions.xml
+      docs/fr/designers/language-basic-syntax/language-syntax-attributes.xml
+      docs/fr/designers/language-basic-syntax/language-syntax-comments.xml
+      docs/fr/designers/language-basic-syntax/language-syntax-quotes.xml
+      docs/fr/designers/language-builtin-functions/language-function-capture.xml
+      docs/fr/designers/language-builtin-functions/language-function-php.xml
+      docs/fr/designers/language-builtin-functions/language-function-section.xml
+      docs/fr/designers/language-custom-functions/language-function-popup-init.xml
+      docs/fr/designers/language-modifiers/language-modifier-escape.xml
+      docs/fr/programmers/api-functions/api-display.xml
+      docs/fr/programmers/plugins/plugins-inserts.xml:
+      sync with EN
+
+2006-10-14  Fernando Correa da Concei\xE7\xE3o  <fer...@ya...>
+
+    * docs/pt_BR/programmers/api-variables/variable-error-reporting.xml:
+      New Translation
+
+    * docs/pt_BR/designers/language-basic-syntax/language-escaping.xml
+      docs/pt_BR/designers/language-basic-syntax/language-syntax-variables.xml:
+      New Translations
+
+    * docs/pt_BR/translation.xml:
+      Used in revcheck
+
+    * docs/pt_BR/getting-started.xml
+      docs/pt_BR/language-snippets.ent
+      docs/pt_BR/make_chm_index.html
+      docs/pt_BR/preface.xml
+      docs/pt_BR/appendixes/resources.xml
+      docs/pt_BR/appendixes/troubleshooting.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-capitalize.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-cat.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-count-characters.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-count-paragraphs.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-count-sentences.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-count-words.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-date-format.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-default.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-escape.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-indent.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-lower.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-nl2br.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-regex-replace.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-replace.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-spacify.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-string-format.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-strip-tags.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-strip.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-truncate.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-upper.xml
+      docs/pt_BR/designers/language-modifiers/language-modifier-wordwrap.xml
+      docs/pt_BR/designers/language-variables/language-assigned-variables.xml
+      docs/pt_BR/designers/language-variables/language-config-variables.xml
+      docs/pt_BR/designers/language-variables/language-variables-smarty.xml
+      docs/pt_BR/programmers/advanced-features.xml
+      docs/pt_BR/programmers/api-functions.xml
+      docs/pt_BR/programmers/api-variables.xml
+      docs/pt_BR/programmers/caching.xml
+      docs/pt_BR/programmers/plugins.xml
+      docs/pt_BR/programmers/smarty-constants.xml
+      docs/pt_BR/programmers/advanced-features/advanced-features-objects.xml
+      docs/pt_BR/programmers/advanced-features/advanced-features-outputfilters.xml
+      docs/pt_BR/programmers/advanced-features/advanced-features-postfilters.xml
+      docs/pt_BR/programmers/advanced-features/advanced-features-prefilters.xml
+      docs/pt_BR/programmers/advanced-features/section-template-cache-handler-func.xml
+      docs/pt_BR/programmers/advanced-features/template-resources.xml
+      docs/pt_BR/programmers/api-functions/api-append-by-ref.xml
+      docs/pt_BR/programmers/api-functions/api-append.xml
+      docs/pt_BR/programmers/api-functions/api-assign-by-ref.xml
+      docs/pt_BR/programmers/api-functions/api-assign.xml
+      docs/pt_BR/programmers/api-functions/api-clear-all-assign.xml
+      docs/pt_BR/programmers/api-functions/api-clear-all-cache.xml
+      docs/pt_BR/programmers/api-functions/api-clear-assign.xml
+      docs/pt_BR/programmers/api-functions/api-clear-cache.xml
+      docs/pt_BR/programmers/api-functions/api-clear-compiled-tpl.xml
+      docs/pt_BR/programmers/api-functions/api-clear-config.xml
+      docs/pt_BR/programmers/api-functions/api-config-load.xml
+      docs/pt_BR/programmers/api-functions/api-display.xml
+      docs/pt_BR/programmers/api-functions/api-fetch.xml
+      docs/pt_BR/programmers/api-functions/api-get-config-vars.xml
+      docs/pt_BR/programmers/api-functions/api-get-registered-object.xml
+      docs/pt_BR/programmers/api-functions/api-get-template-vars.xml
+      docs/pt_BR/programmers/api-functions/api-is-cached.xml
+      docs/pt_BR/programmers/api-functions/api-load-filter.xml
+      docs/pt_BR/programmers/api-functions/api-register-block.xml
+      docs/pt_BR/programmers/api-functions/api-register-compiler-function.xml
+      docs/pt_BR/programmers/api-functions/api-register-function.xml
+      docs/pt_BR/programmers/api-functions/api-register-modifier.xml
+      docs/pt_BR/programmers/api-functions/api-register-object.xml
+      docs/pt_BR/programmers/api-functions/api-register-outputfilter.xml
+      docs/pt_BR/programmers/api-functions/api-register-postfilter.xml
+      docs/pt_BR/programmers/api-functions/api-register-prefilter.xml
+      docs/pt_BR/programmers/api-functions/api-register-resource.xml
+      docs/pt_BR/programmers/api-functions/api-template-exists.xml
+      docs/pt_BR/programmers/api-functions/api-trigger-error.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-block.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-compiler-function.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-function.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-modifier.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-object.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-outputfilter.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-postfilter.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-prefilter.xml
+      docs/pt_BR/programmers/api-functions/api-unregister-resource.xml
+      docs/pt_BR/programmers/api-variables/variable-autoload-filters.xml
+      docs/pt_BR/programmers/api-variables/variable-cache-dir.xml
+      docs/pt_BR/programmers/api-variables/variable-cache-handler-func.xml
+      docs/pt_BR/programmers/api-variables/variable-cache-lifetime.xml
+      docs/pt_BR/programmers/api-variables/variable-cache-modified-check.xml
+      docs/pt_BR/programmers/api-variables/variable-caching.xml
+      docs/pt_BR/programmers/api-variables/variable-compile-check.xml
+      docs/pt_BR/programmers/api-variables/variable-compile-dir.xml
+      docs/pt_BR/programmers/api-variables/variable-compile-id.xml
+      docs/pt_BR/programmers/api-variables/variable-compiler-class.xml
+      docs/pt_BR/programmers/api-variables/variable-config-booleanize.xml
+      docs/pt_BR/programmers/api-variables/variable-config-dir.xml
+      docs/pt_BR/programmers/api-variables/variable-config-fix-newlines.xml
+      docs/pt_BR/programmers/api-variables/variable-config-overwrite.xml
+      docs/pt_BR/programmers/api-variables/variable-config-read-hidden.xml
+      docs/pt_BR/programmers/api-variables/variable-debug-tpl.xml
+      docs/pt_BR/programmers/api-variables/variable-debugging-ctrl.xml
+      docs/pt_BR/programmers/api-variables/variable-debugging.xml
+      docs/pt_BR/programmers/api-variables/variable-default-modifiers.xml
+      docs/pt_BR/programmers/api-variables/variable-default-resource-type.xml
+      docs/pt_BR/programmers/api-variables/variable-default-template-handler-func.xml
+      docs/pt_BR/programmers/api-variables/variable-force-compile.xml
+      docs/pt_BR/programmers/api-variables/variable-global-assign.xml
+      docs/pt_BR/programmers/api-variables/variable-left-delimiter.xml
+      docs/pt_BR/programmers/api-variables/variable-php-handling.xml
+      docs/pt_BR/programmers/api-variables/variable-plugins-dir.xml
+      docs/pt_BR/programmers/api-variables/variable-request-use-auto-globals.xml
+      docs/pt_BR/programmers/api-variables/variable-request-vars-order.xml
+      docs/pt_BR/programmers/api-variables/variable-right-delimiter.xml
+      docs/pt_BR/programmers/api-variables/variable-secure-dir.xml
+      docs/pt_BR/programmers/api-variables/variable-security-settings.xml
+      docs/pt_BR/programmers/api-variables/variable-security.xml
+      docs/pt_BR/programmers/api-variables/variable-template-dir.xml
+      docs/pt_BR/programmers/api-variables/variable-trusted-dir.xml
+      docs/pt_BR/programmers/api-variables/variable-undefined.xml
+      docs/pt_BR/programmers/api-variables/variable-use-sub-dirs.xml
+      docs/pt_BR/programmers/caching/caching-cacheable.xml
+      docs/pt_BR/programmers/caching/caching-groups.xml
+      docs/pt_BR/programmers/caching/caching-multiple-caches.xml
+      docs/pt_BR/programmers/caching/caching-setting-up.xml
+      docs/pt_BR/programmers/plugins/plugins-block-functions.xml
+      docs/pt_BR/programmers/plugins/plugins-compiler-functions.xml
+      docs/pt_BR/programmers/plugins/plugins-functions.xml
+      docs/pt_BR/programmers/plugins/plugins-howto.xml
+      docs/pt_BR/programmers/plugins/plugins-inserts.xml
+      docs/pt_BR/programmers/plugins/plugins-modifiers.xml
+      docs/pt_BR/programmers/plugins/plugins-naming-conventions.xml
+      docs/pt_BR/programmers/plugins/plugins-outputfilters.xml
+      docs/pt_BR/programmers/plugins/plugins-prefilters-postfilters.xml
+      docs/pt_BR/programmers/plugins/plugins-resources.xml
+      docs/pt_BR/programmers/plugins/plugins-writing.xml:
+      Big update. Revision tag for all files. Some updates. Now I can update it
+
+2006-10-09  Peter 'Mash' Morgan  <pm...@da...>
+
+    * docs/en/getting-started.xml
+      docs/en/designers/language-basic-syntax.xml
+      docs/en/designers/language-custom-functions/language-function-popup-init.xml
+      docs/en/designers/language-modifiers/language-modifier-escape.xml
+      docs/en/programmers/api-functions/api-display.xml
+      docs/en/programmers/plugins/plugins-inserts.xml:
+      Minor changes and corrections
+
+    * docs/en/designers/language-basic-syntax.xml
+      docs/en/designers/language-builtin-functions.xml
+      docs/en/designers/language-basic-syntax/language-syntax-attributes.xml
+      docs/en/designers/language-basic-syntax/language-syntax-comments.xml
+      docs/en/designers/language-basic-syntax/language-syntax-quotes.xml
+      docs/en/designers/language-modifiers/language-modifier-escape.xml:
+      Minor formatting and error correction
+
+    * docs/en/designers/language-builtin-functions/language-function-capture.xml
+      docs/en/designers/language-builtin-functions/language-function-php.xml
+      docs/en/designers/language-builtin-functions/language-function-section.xml:
+      minor formatting and changes
+
+    * docs/en/getting-started.xml:
+      Tidied up formatting so more readable, tidied up the install to the paths
+      are more clear (ta jj)
+
+2006-10-09  Yannick Torres  <yan...@ke...>
+
+    * docs/fr/designers/language-builtin-functions/language-function-section.xml:
+      sync with EN
+
+2006-10-08  Yannick Torres  <yan...@ke...>
+
+    * docs/fr/designers/language-builtin-functions/language-function-php.xml
+      docs/fr/designers/language-modifiers/language-modifier-escape.xml
+      docs/fr/designers/language-variables/language-variables-smarty.xml
+      docs/fr/programmers/api-variables/variable-request-use-auto-globals.xml:
+      fix build
+
+    * docs/fr/designers/language-builtin-functions/language-function-strip.xml
+      docs/fr/programmers/caching.xml
+      docs/fr/programmers/smarty-constants.xml
+      docs/fr/programmers/api-variables/variable-autoload-filters.xml
+      docs/fr/programmers/api-variables/variable-cache-dir.xml
+      docs/fr/programmers/api-variables/variable-cache-handler-func.xml
+      docs/fr/programmers/api-variables/variable-cache-lifetime.xml
+      docs/fr/programmers/api-variables/variable-cache-modified-check.xml
+      docs/fr/programmers/api-variables/variable-caching.xml
+      docs/fr/programmers/api-variables/variable-compile-check.xml
+      docs/fr/programmers/api-variables/variable-compile-dir.xml
+      docs/fr/programmers/api-variables/variable-compile-id.xml
+      docs/fr/programmers/api-variables/variable-compiler-class.xml
+      docs/fr/programmers/api-variables/variable-config-booleanize.xml
+      docs/fr/programmers/api-variables/variable-config-dir.xml
+      docs/fr/programmers/api-variables/variable-config-fix-newlines.xml
+      docs/fr/programmers/api-variables/variable-config-overwrite.xml
+      docs/fr/programmers/api-variables/variable-config-read-hidden.xml
+      docs/fr/programmers/api-variables/variable-debug-tpl.xml
+      docs/fr/programmers/api-variables/variable-debugging-ctrl.xml
+      docs/fr/programmers/api-variables/variable-debugging.xml
+      docs/fr/programmers/api-variables/variable-default-modifiers.xml
+      docs/fr/programmers/api-variables/variable-default-resource-type.xml
+      docs/fr/programmers/api-variables/variable-default-template-handler-func.xml
+      docs/fr/programmers/api-variables/variable-error-reporting.xml
+      docs/fr/programmers/api-variables/variable-force-compile.xml
+      docs/fr/programmers/api-variables/variable-left-delimiter.xml
+      docs/fr/programmers/api-variables/variable-php-handling.xml
+      docs/fr/programmers/api-variables/variable-plugins-dir.xml
+      docs/fr/programmers/api-variables/variable-request-use-auto-globals.xml
+      docs/fr/programmers/api-variables/variable-request-vars-order.xml
+      docs/fr/programmers/api-variables/variable-right-delimiter.xml
+      docs/fr/programmers/api-variables/variable-secure-dir.xml
+      docs/fr/programmers/api-variables/variable-security-settings.xml
+      docs/fr/programmers/api-variables/variable-security.xml
+      docs/fr/programmers/api-variables/variable-template-dir.xml
+      docs/fr/programmers/api-variables/variable-trusted-dir.xml
+      docs/fr/programmers/api-variables/variable-use-sub-dirs.xml
+      docs/fr/programmers/caching/caching-cacheable.xml
+      docs/fr/programmers/caching/caching-groups.xml
+      docs/fr/programmers/caching/caching-multiple-caches.xml
+      docs/fr/programmers/caching/caching-setting-up.xml
+      docs/fr/programmers/plugins/plugins-block-functions.xml
+      docs/fr/programmers/plugins/plugins-compiler-functions.xml
+      docs/fr/programmers/plugins/plugins-functions.xml
+      docs/fr/programmers/plugins/plugins-inserts.xml
+      docs/fr/programmers/plugins/plugins-modifiers.xml
+      docs/fr/programmers/plugins/plugins-naming-conventions.xml
+      docs/fr/programmers/plugins/plugins-outputfilters.xml
+      docs/fr/programmers/plugins/plugins-prefilters-postfilters.xml
+      docs/fr/programmers/plugins/plugins-resources.xml
+      docs/fr/programmers/plugins/plugins-writing.xml:
+      sync with EN
+
+2006-10-07  Yannick Torres  <yan...@ke...>
+
+    * docs/fr/programmers/advanced-features/advanced-features-objects.xml
+      docs/fr/programmers/advanced-features/advanced-features-outputfilters.xml
+      docs/fr/programmers/advanced-features/advanced-features-postfilters.xml
+      docs/fr/programmers/advanced-features/advanced-features-prefilters.xml
+      docs/fr/programmers/advanced-features/section-template-cache-handler-func.xml
+      docs/fr/programmers/advanced-features/template-resources.xml
+      docs/fr/programmers/api-functions/api-append-by-ref.xml
+      docs/fr/programmers/api-functions/api-append.xml
+      docs/fr/programmers/api-functions/api-assign-by-ref.xml
+      docs/fr/programmers/api-functions/api-assign.xml
+      docs/fr/programmers/api-functions/api-clear-all-assign.xml
+      docs/fr/programmers/api-functions/api-clear-all-cache.xml
+      docs/fr/programmers/api-functions/api-clear-assign.xml
+      docs/fr/programmers/api-functions/api-clear-cache.xml
+      docs/fr/programmers/api-functions/api-clear-compiled-tpl.xml
+      docs/fr/programmers/api-functions/api-clear-config.xml
+      docs/fr/programmers/api-functions/api-config-load.xml
+      docs/fr/programmers/api-functions/api-display.xml
+      docs/fr/programmers/api-functions/api-fetch.xml
+      docs/fr/programmers/api-functions/api-get-config-vars.xml
+      docs/fr/programmers/api-functions/api-get-registered-object.xml
+      docs/fr/programmers/api-functions/api-get-template-vars.xml
+      docs/fr/programmers/api-functions/api-is-cached.xml
+      docs/fr/programmers/api-functions/api-load-filter.xml
+      docs/fr/programmers/api-functions/api-register-block.xml
+      docs/fr/programmers/api-functions/api-register-compiler-function.xml
+      docs/fr/programmers/api-functions/api-register-function.xml
+      docs/fr/programmers/api-functions/api-register-modifier.xml
+      docs/fr/programmers/api-functions/api-register-object.xml
+      docs/fr/programmers/api-functions/api-register-outputfilter.xml
+      docs/fr/programmers/api-functions/api-register-postfilter.xml
+      docs/fr/programmers/api-functions/api-register-prefilter.xml
+      docs/fr/programmers/api-functions/api-register-resource.xml
+      docs/fr/programmers/api-functions/api-template-exists.xml
+      docs/fr/programmers/api-functions/api-trigger-error.xml
+      docs/fr/programmers/api-functions/api-unregister-block.xml
+    ...
 
[truncated message content]

[Elma-commit] SF.net SVN: elma: [192] trunk/includes/my_functions.inc.php

[<el...@us...>]

Revision: 192
          http://elma.svn.sourceforge.net/elma/?rev=192&view=rev
Author:   elch86
Date:     2007-11-27 06:01:53 -0800 (Tue, 27 Nov 2007)

Log Message:
-----------
Space characters in uid, cn, sn are now permitted

Modified Paths:
--------------
    trunk/includes/my_functions.inc.php

Modified: trunk/includes/my_functions.inc.php
===================================================================
--- trunk/includes/my_functions.inc.php	2007-11-23 12:57:51 UTC (rev 191)
+++ trunk/includes/my_functions.inc.php	2007-11-27 14:01:53 UTC (rev 192)
@@ -131,11 +131,11 @@
     switch ($object) {
         case "dc": if (preg_match("/^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$/",$string)) $valid_data = TRUE;
             break;
-        case "uid": if (preg_match("/^[a-zA-Z0-9\-\.\_]{1,64}$/",$string)) $valid_data = TRUE;
+        case "uid": if (preg_match("/^[a-zA-Z0-9\-\.\_\ ]{1,64}$/",$string)) $valid_data = TRUE;
             break;  
-        case "sn": if (preg_match("/^[a-zA-Z0-9\-\.]{1,64}$/",$string)) $valid_data = TRUE;
+        case "sn": if (preg_match("/^[a-zA-Z0-9\-\.\ ]{1,64}$/",$string)) $valid_data = TRUE;
             break;
-        case "cn": if (preg_match("/^[a-zA-Z0-9\-\.]{1,64}$/",$string)) $valid_data = TRUE;
+        case "cn": if (preg_match("/^[a-zA-Z0-9\-\.\ ]{1,64}$/",$string)) $valid_data = TRUE;
             break;
         case "password": if (!preg_match("/^$/",$string)) $valid_data = TRUE;
             break;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [191] trunk/doc/examples/exim4

[<dwe...@us...>]

Revision: 191
          http://elma.svn.sourceforge.net/elma/?rev=191&view=rev
Author:   dweuthen
Date:     2007-11-23 04:57:51 -0800 (Fri, 23 Nov 2007)

Log Message:
-----------
added .conf.dist files
deleted .conf files
REMEMBER: CONFIG FILES SHOULD ONLY BE NAMED .conf.dist TO KEEP IT UPGRADEBLE!!

Added Paths:
-----------
    trunk/doc/examples/exim4/exim4.conf.dist
    trunk/doc/examples/exim4/ldap.conf.dist
    trunk/doc/examples/exim4/local.conf.dist
    trunk/doc/examples/exim4/server-role.conf.dist

Removed Paths:
-------------
    trunk/doc/examples/exim4/ldap.conf
    trunk/doc/examples/exim4/local.conf
    trunk/doc/examples/exim4/server-role.conf

Added: trunk/doc/examples/exim4/exim4.conf.dist
===================================================================
--- trunk/doc/examples/exim4/exim4.conf.dist	                        (rev 0)
+++ trunk/doc/examples/exim4/exim4.conf.dist	2007-11-23 12:57:51 UTC (rev 191)
@@ -0,0 +1,507 @@
+########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
+#                                                                          #
+# Whenever you change Exim's configuration file, you *must* remember to    #
+# HUP the Exim daemon, because it will not pick up the new configuration   #
+# until you do. However, any other Exim processes that are started, for    #
+# example, a process started by an MUA in order to send a message, will    #
+# see the new configuration as soon as it is in place.                     #
+#                                                                          #
+# You do not need to HUP the daemon for changes in auxiliary files that    #
+# are referenced from this file. They are read every time they are used.   #
+#                                                                          #
+# It is usually a good idea to test a new configuration for syntactic      #
+# correctness before installing it (for example, by running the command    #
+# "exim -C /config/file.new -bV").                                         #
+#                                                                          #
+# This configuration contains just the needed parameters to run ELMA,      #
+# with short or even none comments.                                        #
+# For a full and comprehensive documentation of all available parameters,  #
+# see http://www.exim.org/exim-html-current/doc/html/spec_html/index.html  #
+#                                                                          #
+# vim folding: use zo to open, zc to close a folding                       #
+#                                                                          #
+########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
+
+######################################################################
+#                    MAIN CONFIGURATION SETTINGS                     #
+######################################################################
+
+# Global config parameter <<<
+
+# include server specific settings
+.include /etc/exim4/local.conf
+
+# include server role definition
+.include /etc/exim4/server-role.conf
+
+#include ldap server definitions
+.include /etc/exim4/ldap.conf
+
+# >>>
+
+# LDAP macros <<<
+# returns list of all local domains (active and inactive)
+LDAP_LOCAL_DOMAINS = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///LDAP_DOMAINS_ROOT_DN?dc?one?(objectclass=mailDomain)}}
+
+# return list of active domains
+LDAP_LOCAL_ACTIVE_DOMAINS = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///LDAP_DOMAINS_ROOT_DN?dc?one?(&(mailStatus=TRUE)(objectclass=mailDomain))}}
+
+# returns status of domain
+LDAP_DOMAIN_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?base?}}} {yes}{no} }
+
+# returns status of user
+LDAP_USER_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub?(objectclass=mailUser)}}} {yes}{no} }
+
+# return list of aliases otherwise return fail
+LDAP_ALIAS_FOR = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(mailaliasedname=*@*))} {$value} fail}
+
+# return the user's homeDirectory
+LDAP_HOME_DIRECTORY = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?homeDirectory?base} {$value} fail}
+
+# get the mailSieveFilter attribute for an user
+LDAP_GET_USER_FILTER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?base?(objectclass=mailUser)} {$value} fail}
+
+# get the mailSieveFilter attribute for a domain
+LDAP_GET_DOMAIN_FILTER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?base?(objectclass=mailDomain)} {$value} fail}
+
+# get the mailStorageserver attribute for an user
+LDAP_GET_MAILSTORAGESERVER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStorageserver?base?(objectclass=mailUser)} {$value} fail}
+
+# get the destination mailserver for an user
+LDAP_INCOMING_RELAY = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(!(mailaliasedname=*@*)))} {$value} fail}
+
+# >>>
+
+# Hostname <<<
+# Specify your host's canonical name here. This should normally be the fully
+# qualified "official" name of your host. If this option is not set, the
+# uname() function is called to obtain the name. In many cases this does
+# the right thing and you need not set anything explicitly.
+
+primary_hostname = PRIMARY_HOSTNAME
+# >>>
+
+# Logging <<<
+log_selector = -retry_defer -skip_delivery -queue_run +smtp_connection\
+  +delivery_size +deliver_time +received_recipients +sender_on_delivery +subject
+# >>>
+
+# Domain-lists, host-lists <<<
+# local_domains: domains which reside in our system(s)
+# active_domains: activated domains. inactive domains are just listed in local_domains
+# relay_from_hosts: relaying is permitted for these hosts
+domainlist local_domains = @ : ${tr {LDAP_LOCAL_DOMAINS} {\n}{:}}
+domainlist active_domains = ${tr {LDAP_LOCAL_ACTIVE_DOMAINS} {\n}{:}}
+hostlist   relay_from_hosts = 127.0.0.1
+# >>>
+
+# av scanner <<<
+# On debian systems, the clamd socket is usually found under
+# clamd:/var/run/clamav/clamd.ctl
+#av_scanner = clamd:/tmp/clamd
+# >>>
+
+# Spam scanning <<<
+# currently only SpamAssassin is supported
+# to activate, remove the comment mark
+#spamd_address = 127.0.0.1 783
+# >>>
+
+# TLS options <<<
+
+.ifndef SERVER_ROLE_MAILSTORAGE
+
+# Allow any client to use TLS.
+
+tls_advertise_hosts = *
+
+.endif
+
+# In order to support roaming users who wish to send email from anywhere,
+# you may want to make Exim listen on other ports as well as port 25, in
+# case these users need to send email from a network that blocks port 25.
+# The standard port for this purpose is port 587, the "message submission"
+# port. See RFC 4409 for details. Microsoft MUAs cannot be configured to
+# talk the message submission protocol correctly, so if you need to support
+# them you should also allow TLS-on-connect on the traditional but
+# non-standard port 465.
+
+.ifdef SERVER_ROLE_CMX
+daemon_smtp_ports = 25 : 465 : 587
+tls_on_connect_ports = 465
+.elifdef
+daemon_smtp_ports = 25
+.endif
+# >>>
+
+# Unqualified senders/recipients <<<
+# By default, unqualified senders will be qualified with our primary_hostname.
+# Unqualified senders are just permitted the message originates from localhost,
+# unqualified recipients never.
+#
+#qualify_domain =
+sender_unqualified_hosts = localhost
+# >>>
+
+# Never deliver as root <<<
+# don't forget to provide an alias for root
+never_users = root
+# >>>
+
+# Reverse DNS lookup for every host <<<
+host_lookup = *
+# >>>
+
+# Disable ident lookup <<<
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+# >>>
+
+# Bounce messages <<<
+# This option unfreezes frozen bounce messages after two days, tries
+# once more to deliver them, and ignores any delivery failures.
+ignore_bounce_errors_after = 2d
+
+# This option cancels (removes) frozen messages that are older than a week.
+timeout_frozen_after = 7d
+# >>>
+
+# Disable pipelining <<<
+pipelining_advertise_hosts = :
+# >>>
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+
+# ACL assignment <<<
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+# >>>
+
+begin acl
+
+# RCPT TO: (C)MX <<<
+.ifndef SERVER_ROLE_MAILSTORE
+acl_check_rcpt:
+
+  # accept if sender is localhost
+  accept  hosts = :
+
+  # The two following rules restrict characters in local_parts
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  # Accept mails to postmaster
+  accept  local_parts   = postmaster
+          domains       = +local_domains
+
+  # Verify sender
+  # disable, if you get blocked by AOL...
+  require verify        = sender
+
+  # The following two rules accept mails on a per-host basis 
+  # or if sender is authenticated. Return-path and/or From: will
+  # not be adjusted
+  accept  hosts         = +relay_from_hosts
+          control       = submission/sender_retain
+
+.ifdef SERVER_ROLE_CMX
+  accept  authenticated = *
+          control       = submission/sender_retain
+.endif
+
+  require message = Relay not permitted
+          domains = +local_domains
+
+  # Return debuggable error message if domain it inactive
+  require message = Domain inactive
+          domains = +active_domains
+
+  # Verify recipient, both for local and remote recipients
+  require verify  = recipient
+          message = User unknown
+
+  # Accept finally if all other checks were passed
+  accept
+.endif
+# >>>
+
+# RCPT TO: MAILSTORE <<<
+.ifdef SERVER_ROLE_MAILSTORE
+acl_check_rcpt:
+
+  # accept if sender is localhost
+  accept  hosts = :
+
+  # The two following rules restrict characters in local_parts
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  # Accept mails to postmaster
+  accept  local_parts   = postmaster
+          domains       = +local_domains
+
+  # The following two rules accept mails on a per-host basis 
+  # or if sender is authenticated. Return-path and/or From: will
+  # not be adjusted
+  accept  hosts         = +cmx_hosts : +mx_hosts
+
+  deny    message       = Unauthorized host trying to send
+.endif
+# >>>
+
+# DATA <<<
+acl_check_data:
+
+  # Deny if the message contains a virus. Before enabling this check, you
+  # must install a virus scanner and set the av_scanner option above.
+  #
+  # deny    malware    = *
+  #         message    = This message contains a virus ($malware_name).
+
+  # Add headers to a message if it is judged to be spam. Before enabling this,
+  # you must install SpamAssassin. You may also need to set the spamd_address
+  # option above.
+  #
+  # warn    spam       = nobody
+  #         add_header = X-Spam_score: $spam_score\n\
+  #                      X-Spam_score_int: $spam_score_int\n\
+  #                      X-Spam_bar: $spam_bar\n\
+  #                      X-Spam_report: $spam_report
+
+  # Accept the message.
+
+  accept
+# >>>
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+
+begin routers
+
+# Route addresses not local <<<
+dnslookup:
+  driver = dnslookup
+  domains = ! +local_domains
+  transport = remote_smtp
+  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
+  no_more
+# >>>
+
+# route to mailstorage <<<
+.ifndef SERVER_ROLE_MAILSTORAGE
+route_mailstorageserver:
+  driver = manualroute
+  condition = LDAP_GET_MAILSTORAGESERVER
+  transport = remote_smtp
+  route_list = * "${extract{1}{/}{LDAP_GET_MAILSTORAGESERVER}}"
+.endif
+# >>>
+
+# resolve aliases given in /etc/aliases <<<
+system_aliases:
+  driver = redirect
+  allow_fail
+  allow_defer
+  data = ${lookup{$local_part}lsearch{/etc/aliases}}
+  file_transport = address_file
+  pipe_transport = address_pipe
+# >>>
+
+# LDAP incoming relay <<<
+.ifdef SERVER_ROLE_MX
+ldap_incoming_relay:
+  driver = manualroute
+  condition = LDAP_INCOMING_RELAY
+  more = ${if match {LDAP_INCOMING_RELAY}{fail} {true}{false}}
+  transport = remote_smtp
+  route_list = * "${extract{1}{/}{LDAP_INCOMING_RELAY}}"
+  host_find_failed = decline
+  cannot_route_message = "Failed to lookup destination host"
+.endif
+# >>>
+
+# resolve LDAP aliases <<<
+ldap_aliases:
+  driver = redirect
+  allow_fail
+  allow_defer
+  data = LDAP_ALIAS_FOR
+  file_transport = address_file
+  pipe_transport = address_pipe
+# >>>
+
+# Spam filtering is done on a <<<
+# per-domain basis
+.ifdef SERVER_ROLE_MAILSTORAGE
+ldap_domain_filter:
+  driver = redirect
+  no_verify
+  allow_filter
+  user = mail
+  group = mail
+  reply_transport = autoreply
+  data = LDAP_GET_DOMAIN_FILTER
+  router_home_directory = LDAP_HOME_DIRECTORY
+  directory_transport = local_delivery
+.endif
+# >>>
+
+# user filter: vacation, redirects <<<
+.ifdef SERVER_ROLE_MAILSTORAGE
+ldap_user_filter:
+  driver = redirect
+  no_verify
+  allow_filter
+  user = mail
+  group = mail
+  reply_transport = autoreply
+  data = LDAP_GET_USER_FILTER
+  router_home_directory = LDAP_HOME_DIRECTORY
+  file_transport = local_delivery
+.endif
+# >>>
+
+# deliver to local user <<<
+.ifdef SERVER_ROLE_MAILSTORAGE
+ldap_user:
+  driver = accept
+  condition = LDAP_USER_IS_ACTIVE
+  transport = local_delivery
+  cannot_route_message = Unknown user
+.endif
+# >>>
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+
+begin transports
+
+# This transport is used for delivering messages over SMTP connections <<<
+remote_smtp:
+  driver = smtp
+# >>>
+
+# This Transport is used for auto reply answers like vaction <<<
+autoreply:
+   driver = autoreply
+   from = $local_part@$domain
+# >>>
+
+# This transport is used for local delivery to the users Maildirs which are <<<
+# located under their domain.
+local_delivery:
+  driver = appendfile
+  mode_fail_narrower = false
+  directory = LDAP_HOME_DIRECTORY/Maildir
+  maildir_format
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  user = mail
+  group = mail
+  mode = 0660
+# >>>
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+
+begin retry
+
+# This single retry rule applies to all domains and all errors. It specifies <<<
+# retries every 15 minutes for 2 hours, then increasing retry intervals,
+# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
+# hours, then retries every 6 hours until 4 days have passed since the first
+# failed delivery.
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+# >>>
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+
+# There are no rewriting specifications in this default configuration file.
+
+begin rewrite
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+
+begin authenticators
+
+.ifdef SERVER_ROLE_CMX
+
+# AUTH PLAIN <<<
+plain:
+  driver = plaintext
+  public_name = PLAIN
+  server_prompts = :
+  server_condition = ${if and {\
+    {match {${extract{1}{@}{$auth2}}} {\N[\w-\.]{1,64}\N}}\
+    {match {${extract{2}{@}{$auth2}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
+    {ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$auth2}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth2}}},LDAP_DOMAINS_ROOT_DN" pass=${quote:$auth3} ldap:///}}\
+  } {yes}{no}}
+  server_set_id = $auth2
+# >>>
+
+# AUTH LOGIN <<<
+login:
+  driver = plaintext
+  public_name = LOGIN
+  server_prompts = Username:: : Password::
+  server_condition = ${if and {\
+    {match {${extract{1}{@}{$auth1}}} {\N[\w-\.]{1,64}\N}}\
+    {match {${extract{2}{@}{$auth1}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
+    {ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$auth1}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth1}}},LDAP_DOMAINS_ROOT_DN" pass=${quote:$auth2} ldap:///}}\
+  } {yes}{no}}
+  server_set_id = $auth1
+# >>>
+
+# AUTH CRAM-MD5 <<<
+cram:
+  driver = cram_md5
+  public_name = CRAM-MD5
+  server_secret = ${if and {\
+    {match {${extract{1}{@}{$auth1}}} {\N[\w-\.]{1,64}\N}}\
+    {match {${extract{2}{@}{$auth1}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
+  }\
+  {${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${extract{1}{@}{$auth1}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth1}}},LDAP_DOMAINS_ROOT_DN?clearPassword?sub}{$value}fail}} fail}
+  server_set_id = $1
+# >>>
+
+.endif
+
+######################################################################
+#                   CONFIGURATION FOR local_scan()                   #
+######################################################################
+
+# If you have built Exim to include a local_scan() function that contains
+# tables for private options, you can define those options here. Remember to
+# uncomment the "begin" line. It is commented by default because it provokes
+# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
+# set in the Local/Makefile.
+
+# begin local_scan
+
+# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable

Deleted: trunk/doc/examples/exim4/ldap.conf
===================================================================
--- trunk/doc/examples/exim4/ldap.conf	2007-11-23 12:54:46 UTC (rev 190)
+++ trunk/doc/examples/exim4/ldap.conf	2007-11-23 12:57:51 UTC (rev 191)
@@ -1,15 +0,0 @@
-# LDAP connection parameters <<<
-
-# which LDAP server to use as default
-ldap_default_servers = 127.0.0.1::389
-
-#LDAP_HOSTNAME = 127.0.0.1:389
-LDAP_BASEDN = o=mybasedn
-LDAP_USERS_ROOT_DN = ou=users,LDAP_BASEDN
-LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
-LDAP_BIND_USER = uid=exim4,LDAP_USERS_ROOT_DN
-LDAP_BIND_PASS = exim4pass
-
-# >>>
-
-# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable

Added: trunk/doc/examples/exim4/ldap.conf.dist
===================================================================
--- trunk/doc/examples/exim4/ldap.conf.dist	                        (rev 0)
+++ trunk/doc/examples/exim4/ldap.conf.dist	2007-11-23 12:57:51 UTC (rev 191)
@@ -0,0 +1,15 @@
+# LDAP connection parameters <<<
+
+# which LDAP server to use as default
+ldap_default_servers = 127.0.0.1::389
+
+#LDAP_HOSTNAME = 127.0.0.1:389
+LDAP_BASEDN = o=mybasedn
+LDAP_USERS_ROOT_DN = ou=users,LDAP_BASEDN
+LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
+LDAP_BIND_USER = uid=exim4,LDAP_USERS_ROOT_DN
+LDAP_BIND_PASS = exim4pass
+
+# >>>
+
+# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable

Deleted: trunk/doc/examples/exim4/local.conf
===================================================================
--- trunk/doc/examples/exim4/local.conf	2007-11-23 12:54:46 UTC (rev 190)
+++ trunk/doc/examples/exim4/local.conf	2007-11-23 12:57:51 UTC (rev 191)
@@ -1,14 +0,0 @@
-PRIMARY_HOSTNAME = mail.mydomain.com
-
-hostlist cmx_hosts = 
-hostlist mx_hosts = 
-
-# Specify the location of the Exim server's TLS certificate and private key.
-# The private key must not be encrypted (password protected). You can put
-# the certificate and private key in the same file, in which case you only
-# need the first setting, or in separate files, in which case you need both
-# options.
-
-#tls_certificate = /etc/exim4/cert.pem
-#tls_privatekey = /etc/exim4/key.pem
-

Added: trunk/doc/examples/exim4/local.conf.dist
===================================================================
--- trunk/doc/examples/exim4/local.conf.dist	                        (rev 0)
+++ trunk/doc/examples/exim4/local.conf.dist	2007-11-23 12:57:51 UTC (rev 191)
@@ -0,0 +1,14 @@
+PRIMARY_HOSTNAME = mail.mydomain.com
+
+hostlist cmx_hosts = 
+hostlist mx_hosts = 
+
+# Specify the location of the Exim server's TLS certificate and private key.
+# The private key must not be encrypted (password protected). You can put
+# the certificate and private key in the same file, in which case you only
+# need the first setting, or in separate files, in which case you need both
+# options.
+
+tls_certificate = /etc/exim4/cert.pem
+tls_privatekey = /etc/exim4/key.pem
+

Deleted: trunk/doc/examples/exim4/server-role.conf
===================================================================
--- trunk/doc/examples/exim4/server-role.conf	2007-11-23 12:54:46 UTC (rev 190)
+++ trunk/doc/examples/exim4/server-role.conf	2007-11-23 12:57:51 UTC (rev 191)
@@ -1,10 +0,0 @@
-# define server role, <<<
-# just uncomment matching one, setting to "false" will count as defined!
-
-SERVER_ROLE_MX = true
-SERVER_ROLE_CMX = true
-SERVER_ROLE_MAILSTORAGE = true
-
-# >>>
-
-# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable

Added: trunk/doc/examples/exim4/server-role.conf.dist
===================================================================
--- trunk/doc/examples/exim4/server-role.conf.dist	                        (rev 0)
+++ trunk/doc/examples/exim4/server-role.conf.dist	2007-11-23 12:57:51 UTC (rev 191)
@@ -0,0 +1,10 @@
+# define server role, <<<
+# just uncomment matching one, setting to "false" will count as defined!
+
+SERVER_ROLE_MX = true
+SERVER_ROLE_CMX = true
+SERVER_ROLE_MAILSTORAGE = true
+
+# >>>
+
+# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [190] trunk/doc

[<dwe...@us...>]

Revision: 190
          http://elma.svn.sourceforge.net/elma/?rev=190&view=rev
Author:   dweuthen
Date:     2007-11-23 04:54:46 -0800 (Fri, 23 Nov 2007)

Log Message:
-----------
some updates
delete exim4.conf.dist, will be checked in in next release

Modified Paths:
--------------
    trunk/doc/INSTALL
    trunk/doc/INSTALL.html

Removed Paths:
-------------
    trunk/doc/examples/exim4/exim4.conf.dist

Modified: trunk/doc/INSTALL
===================================================================
--- trunk/doc/INSTALL	2007-11-22 15:25:29 UTC (rev 189)
+++ trunk/doc/INSTALL	2007-11-23 12:54:46 UTC (rev 190)
@@ -6,6 +6,7 @@
     1.1.1 Debian Etch
 1.2 PREPARATIONS
     1.2.1 LDAP Server
+    1.2.2 EXIM Configuration
 1.3 INSTALLATION
 
 #-----------------------------------------------------#
@@ -32,14 +33,14 @@
 ELMA has been testet only to work with OpenLDAP Server.
 
 Install and set up your ldap server as described in your distriubution's manual. 
-There is an example openldap slapd.conf in the ldap subdirectory of the doc folder.
+There is an example openldap slapd.conf in the ldap subdirectory of the doc/examples folder.
 First copy the elma-0.2.schema file into you LDAP server schema folder
 
-   # cp examples/ldap/elma-0.2.schema /etc/ldap/schema/
+    # cp examples/ldap/elma-0.2.schema /etc/ldap/schema/
 
 To start with an empty LDAP tree, clear your LDAP tree (refer to distriubution's manual) and run
 
-   # slapadd -l examples/ldap/example.ldif
+    # slapadd -l examples/ldap/example.ldif
 
 from within the directory where this INSTALL file is located. This will create an admin user 
 with the dn "uid=admin,ou=users,o=mybasedn" and the password "adminpass". Also an exim user 
@@ -50,22 +51,51 @@
 your LDAP server under an other uid/gid, as you should if you care about security concerns, you 
 will have to change the ownership of the LDAP database files corrosponding to the LDAP servers uid/gid.
 
+1.2.2 EXIM4 Configuration
+
+Install you exim4 package as described in your distriubution's manual.
+There are example exim4 configuration files in the exim4 subfolder of doc/examples. If you do not 
+have any exim4 configuration running, it is a good way to start with example configuration files.
+
+    # cp examples/exim4/* /etc/exim4/
+    # cd /etc/exim4 
+    # rename 's/conf\.dist/conf/g' *.dist
+
+The example configuration files provide an easy way to establish a single server setup as well as 
+a multiple server setup. The folowing terminology is used to describe the role of a server:
+  
+  mx        mxes only receive mails from other mailservers on the internet, they do not handle 
+            authentication, but do content filtering.
+
+  cmx       customer mxes do not receive mails from other mailservers. only authenticated delivery 
+            is possible. No content filtering is done on cmxes.
+
+  mailstore the only purpose of mailstore server is to receive and store mails delivered from 
+            mx or/and cmx server on the local filesystem and handling of vaction settings.
+
+
+If you want to run just a single server setup,  you will have to enable all three server roles in the 
+server-role.conf file.
+
+The only files you will have to make changes to are the local.conf, server-role.conf and ldap.conf file.
+The parameter inside those files should be selfexplaining and all have coments to explain their purpose.
+
 1.3 INSTALLATION
 
 Copy the downloaded tarball to your webserver's document root directory (e.g. /var/www). 
  
-   # cp elma-0.2.tar.gz /var/www
+    # cp elma-0.2.tar.gz /var/www
 
 Extract the tarball in your webserver's document root directory.
 
-   # tar -xzvf elma-0.2.tar.gz
+    # tar -xzvf elma-0.2.tar.gz
 
 Create the smart's template cache directory called "template_c" and make it writable for you 
 webserver's user (e.g www-data)
 
-   # mkdir /var/www/templates_c/
-   # chown www-data:www-data /var/www/templates_c/
-   # chmod 775 /var/www/templates_c/
+    # mkdir /var/www/templates_c/
+    # chown www-data:www-data /var/www/templates_c/
+    # chmod 775 /var/www/templates_c/
 
 Now you should be able to log in to ELMA via a webbrowser using the user "admin" with password 
 "adminpass". To change the admin's user password you have to use the ldap tools of you distribution 

Modified: trunk/doc/INSTALL.html
===================================================================
--- trunk/doc/INSTALL.html	2007-11-22 15:25:29 UTC (rev 189)
+++ trunk/doc/INSTALL.html	2007-11-23 12:54:46 UTC (rev 190)
@@ -13,6 +13,7 @@
 <P>    1.1.1 Debian Etch<BR>
 <STRONG>1.2 PREPARATIONS</STRONG>
 <P>    1.2.1 LDAP Server<BR>
+    1.2.1 EXIM Configuration<BR>
 <STRONG>1.3 INSTALLATION</STRONG>
 
 <P><STRONG>-----------------------------------------------------</STRONG>
@@ -39,14 +40,14 @@
 <P>ELMA has been testet only to work with OpenLDAP Server.
 
 <P>Install and set up your ldap server as described in your distriubution's manual. 
-There is an example openldap slapd.conf in the ldap subdirectory of the doc folder.
+There is an example openldap slapd.conf in the ldap subdirectory of the doc/examples folder.
 First copy the elma-0.2.schema file into you LDAP server schema folder
 
-<P>   # cp examples/ldap/elma-0.2.schema /etc/ldap/schema/
+<P>    # cp examples/ldap/elma-0.2.schema /etc/ldap/schema/
 
 <P>To start with an empty LDAP tree, clear your LDAP tree (refer to distriubution's manual) and run
 
-<P>   # slapadd -l examples/ldap/example.ldif
+<P>    # slapadd -l examples/ldap/example.ldif
 
 <P>from within the directory where this INSTALL file is located. This will create an admin user 
 with the dn "uid=admin,ou=users,o=mybasedn" and the password "adminpass". Also an exim user 
@@ -57,26 +58,56 @@
 your LDAP server under an other uid/gid, as you should if you care about security concerns, you 
 will have to change the ownership of the LDAP database files corrosponding to the LDAP servers uid/gid.
 
+<P>1.2.2 EXIM4 Configuration
+
+<P>Install you exim4 package as described in your distriubution's manual.
+There are example exim4 configuration files in the exim4 subfolder of doc/examples. If you do not 
+have any exim4 configuration running, it is a good way to start with example configuration files.
+
+<P>    # cp examples/exim4/* /etc/exim4/<BR>
+    # cd /etc/exim4 <BR>
+    # rename 's/conf\.dist/conf/g' *.dist
+
+<P>The example configuration files provide an easy way to establish a single server setup as well as 
+a multiple server setup. The folowing terminology is used to describe the role of a server:
+  
+<PRE>
+  mx        mxes only receive mails from other mailservers on the internet, they do not handle 
+            authentication, but do content filtering.
+
+  cmx       customer mxes do not receive mails from other mailservers. only authenticated delivery 
+            is possible. No content filtering is done on cmxes.
+</PRE>
+<P>  mailstore the only purpose of mailstore server is to receive and store mails delivered from 
+<P>            mx or/and cmx server on the local filesystem and handling of vaction settings.
+
+<P>If you want to run just a single server setup,  you will have to enable all three server roles in the 
+server-role.conf file.
+
+<P>The only files you will have to make changes to are the local.conf, server-role.conf and ldap.conf file.
+The parameter inside those files should be selfexplaining and all have coments to explain their purpose.
+
 <P><STRONG>1.3 INSTALLATION</STRONG>
 
 <P>Copy the downloaded tarball to your webserver's document root directory (e.g. /var/www). 
  
-<P>   # cp elma-0.2.tar.gz /var/www
+<P>    # cp elma-0.2.tar.gz /var/www
 
 <P>Extract the tarball in your webserver's document root directory.
 
-<P>   # tar -xzvf elma-0.2.tar.gz
+<P>    # tar -xzvf elma-0.2.tar.gz
 
 <P>Create the smart's template cache directory called "template_c" and make it writable for you 
 webserver's user (e.g www-data)
 
-<P>   # mkdir /var/www/templates_c/<BR>
-   # chown www-data:www-data /var/www/templates_c/
-   # chmod 775 /var/www/templates_c/
+<P>    # mkdir /var/www/templates_c/<BR>
+    # chown www-data:www-data /var/www/templates_c/
+    # chmod 775 /var/www/templates_c/
 
 <P>Now you should be able to log in to ELMA via a webbrowser using the user "admin" with password 
 "adminpass". To change the admin's user password you have to use the ldap tools of you distribution 
 or use something similar to "phpLdapAdmin" or "gq".
 
+<P>vim:tabstop=4:expandtab:shiftwidth=4:syntax:ruler:
 </BODY>
 </HTML>

Deleted: trunk/doc/examples/exim4/exim4.conf.dist
===================================================================
--- trunk/doc/examples/exim4/exim4.conf.dist	2007-11-22 15:25:29 UTC (rev 189)
+++ trunk/doc/examples/exim4/exim4.conf.dist	2007-11-23 12:54:46 UTC (rev 190)
@@ -1,509 +0,0 @@
-########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
-#                                                                          #
-# Whenever you change Exim's configuration file, you *must* remember to    #
-# HUP the Exim daemon, because it will not pick up the new configuration   #
-# until you do. However, any other Exim processes that are started, for    #
-# example, a process started by an MUA in order to send a message, will    #
-# see the new configuration as soon as it is in place.                     #
-#                                                                          #
-# You do not need to HUP the daemon for changes in auxiliary files that    #
-# are referenced from this file. They are read every time they are used.   #
-#                                                                          #
-# It is usually a good idea to test a new configuration for syntactic      #
-# correctness before installing it (for example, by running the command    #
-# "exim -C /config/file.new -bV").                                         #
-#                                                                          #
-# This configuration contains just the needed parameters to run ELMA,      #
-# with short or even none comments.                                        #
-# For a full and comprehensive documentation of all available parameters,  #
-# see http://www.exim.org/exim-html-current/doc/html/spec_html/index.html  #
-#                                                                          #
-# vim folding: use zo to open, zc to close a folding                       #
-#                                                                          #
-########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
-
-######################################################################
-#                    MAIN CONFIGURATION SETTINGS                     #
-######################################################################
-
-# Global config parameter <<<
-
-# include server specific settings
-.include /etc/exim4/local.conf
-
-# include server role definition
-.include /etc/exim4/server-role.conf
-
-#include ldap server definitions
-.include /etc/exim4/ldap.conf
-
-# >>>
-
-# LDAP macros <<<
-# returns list of all local domains (active and inactive)
-LDAP_LOCAL_DOMAINS = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///LDAP_DOMAINS_ROOT_DN?dc?one?(objectclass=mailDomain)}}
-
-# return list of active domains
-LDAP_LOCAL_ACTIVE_DOMAINS = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///LDAP_DOMAINS_ROOT_DN?dc?one?(&(mailStatus=TRUE)(objectclass=mailDomain))}}
-
-# returns status of domain
-LDAP_DOMAIN_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?base?}}} {yes}{no} }
-
-# returns status of user
-LDAP_USER_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub?(objectclass=mailUser)}}} {yes}{no} }
-
-# return list of aliases otherwise return fail
-LDAP_ALIAS_FOR = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(mailaliasedname=*@*))} {$value} fail}
-
-# return the user's homeDirectory
-LDAP_HOME_DIRECTORY = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?homeDirectory?base} {$value} fail}
-
-# get the mailSieveFilter attribute for an user
-LDAP_GET_USER_FILTER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?base?(objectclass=mailUser)} {$value} fail}
-
-# get the mailSieveFilter attribute for a domain
-LDAP_GET_DOMAIN_FILTER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?base?(objectclass=mailDomain)} {$value} fail}
-
-# get the mailStorageserver attribute for an user
-LDAP_GET_MAILSTORAGESERVER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStorageserver?base?(objectclass=mailUser)} {$value} fail}
-
-# get the destination mailserver for an user
-LDAP_INCOMING_RELAY = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(!(mailaliasedname=*@*)))} {$value} fail}
-
-LDAP_INCOMING_MORE = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(!(mailaliasedname=*@*)))} {false} fail}
-
-# >>>
-
-# Hostname <<<
-# Specify your host's canonical name here. This should normally be the fully
-# qualified "official" name of your host. If this option is not set, the
-# uname() function is called to obtain the name. In many cases this does
-# the right thing and you need not set anything explicitly.
-
-primary_hostname = PRIMARY_HOSTNAME
-# >>>
-
-# Logging <<<
-log_selector = -retry_defer -skip_delivery -queue_run +smtp_connection\
-  +delivery_size +deliver_time +received_recipients +sender_on_delivery +subject
-# >>>
-
-# Domain-lists, host-lists <<<
-# local_domains: domains which reside in our system(s)
-# active_domains: activated domains. inactive domains are just listed in local_domains
-# relay_from_hosts: relaying is permitted for these hosts
-domainlist local_domains = @ : ${tr {LDAP_LOCAL_DOMAINS} {\n}{:}}
-domainlist active_domains = ${tr {LDAP_LOCAL_ACTIVE_DOMAINS} {\n}{:}}
-hostlist   relay_from_hosts = 127.0.0.1
-# >>>
-
-# av scanner <<<
-# On debian systems, the clamd socket is usually found under
-# clamd:/var/run/clamav/clamd.ctl
-#av_scanner = clamd:/tmp/clamd
-# >>>
-
-# Spam scanning <<<
-# currently only SpamAssassin is supported
-# to activate, remove the comment mark
-#spamd_address = 127.0.0.1 783
-# >>>
-
-# TLS options <<<
-
-.ifndef SERVER_ROLE_MAILSTORAGE
-
-# Allow any client to use TLS.
-
-tls_advertise_hosts = *
-
-.endif
-
-# In order to support roaming users who wish to send email from anywhere,
-# you may want to make Exim listen on other ports as well as port 25, in
-# case these users need to send email from a network that blocks port 25.
-# The standard port for this purpose is port 587, the "message submission"
-# port. See RFC 4409 for details. Microsoft MUAs cannot be configured to
-# talk the message submission protocol correctly, so if you need to support
-# them you should also allow TLS-on-connect on the traditional but
-# non-standard port 465.
-
-.ifdef SERVER_ROLE_CMX
-daemon_smtp_ports = 25 : 465 : 587
-tls_on_connect_ports = 465
-.elifdef
-daemon_smtp_ports = 25
-.endif
-# >>>
-
-# Unqualified senders/recipients <<<
-# By default, unqualified senders will be qualified with our primary_hostname.
-# Unqualified senders are just permitted the message originates from localhost,
-# unqualified recipients never.
-#
-#qualify_domain =
-sender_unqualified_hosts = localhost
-# >>>
-
-# Never deliver as root <<<
-# don't forget to provide an alias for root
-never_users = root
-# >>>
-
-# Reverse DNS lookup for every host <<<
-host_lookup = *
-# >>>
-
-# Disable ident lookup <<<
-rfc1413_hosts = *
-rfc1413_query_timeout = 5s
-# >>>
-
-# Bounce messages <<<
-# This option unfreezes frozen bounce messages after two days, tries
-# once more to deliver them, and ignores any delivery failures.
-ignore_bounce_errors_after = 2d
-
-# This option cancels (removes) frozen messages that are older than a week.
-timeout_frozen_after = 7d
-# >>>
-
-# Disable pipelining <<<
-pipelining_advertise_hosts = :
-# >>>
-
-######################################################################
-#                       ACL CONFIGURATION                            #
-#         Specifies access control lists for incoming SMTP mail      #
-######################################################################
-
-# ACL assignment <<<
-acl_smtp_rcpt = acl_check_rcpt
-acl_smtp_data = acl_check_data
-# >>>
-
-begin acl
-
-# RCPT TO: (C)MX <<<
-.ifndef SERVER_ROLE_MAILSTORE
-acl_check_rcpt:
-
-  # accept if sender is localhost
-  accept  hosts = :
-
-  # The two following rules restrict characters in local_parts
-  deny    message       = Restricted characters in address
-          domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-
-  deny    message       = Restricted characters in address
-          domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-
-  # Accept mails to postmaster
-  accept  local_parts   = postmaster
-          domains       = +local_domains
-
-  # Verify sender
-  # disable, if you get blocked by AOL...
-  require verify        = sender
-
-  # The following two rules accept mails on a per-host basis 
-  # or if sender is authenticated. Return-path and/or From: will
-  # not be adjusted
-  accept  hosts         = +relay_from_hosts
-          control       = submission/sender_retain
-
-.ifdef SERVER_ROLE_CMX
-  accept  authenticated = *
-          control       = submission/sender_retain
-.endif
-
-  require message = Relay not permitted
-          domains = +local_domains
-
-  # Return debuggable error message if domain it inactive
-  require message = Domain inactive
-          domains = +active_domains
-
-  # Verify recipient, both for local and remote recipients
-  require verify  = recipient
-          message = User unknown
-
-  # Accept finally if all other checks were passed
-  accept
-.endif
-# >>>
-
-# RCPT TO: MAILSTORE <<<
-.ifdef SERVER_ROLE_MAILSTORE
-acl_check_rcpt:
-
-  # accept if sender is localhost
-  accept  hosts = :
-
-  # The two following rules restrict characters in local_parts
-  deny    message       = Restricted characters in address
-          domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-
-  deny    message       = Restricted characters in address
-          domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-
-  # Accept mails to postmaster
-  accept  local_parts   = postmaster
-          domains       = +local_domains
-
-  # The following two rules accept mails on a per-host basis 
-  # or if sender is authenticated. Return-path and/or From: will
-  # not be adjusted
-  accept  hosts         = +cmx_hosts : +mx_hosts
-
-  deny    message       = Unauthorized host trying to send
-.endif
-# >>>
-
-# DATA <<<
-acl_check_data:
-
-  # Deny if the message contains a virus. Before enabling this check, you
-  # must install a virus scanner and set the av_scanner option above.
-  #
-  # deny    malware    = *
-  #         message    = This message contains a virus ($malware_name).
-
-  # Add headers to a message if it is judged to be spam. Before enabling this,
-  # you must install SpamAssassin. You may also need to set the spamd_address
-  # option above.
-  #
-  # warn    spam       = nobody
-  #         add_header = X-Spam_score: $spam_score\n\
-  #                      X-Spam_score_int: $spam_score_int\n\
-  #                      X-Spam_bar: $spam_bar\n\
-  #                      X-Spam_report: $spam_report
-
-  # Accept the message.
-
-  accept
-# >>>
-
-######################################################################
-#                      ROUTERS CONFIGURATION                         #
-#               Specifies how addresses are handled                  #
-######################################################################
-
-begin routers
-
-# Route addresses not local <<<
-dnslookup:
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
-  no_more
-# >>>
-
-# route to mailstorage <<<
-.ifndef SERVER_ROLE_MAILSTORAGE
-route_mailstorageserver:
-  driver = manualroute
-  condition = LDAP_GET_MAILSTORAGESERVER
-  transport = remote_smtp
-  route_list = * "${extract{1}{/}{LDAP_GET_MAILSTORAGESERVER}}"
-.endif
-# >>>
-
-# resolve aliases given in /etc/aliases <<<
-system_aliases:
-  driver = redirect
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-  file_transport = address_file
-  pipe_transport = address_pipe
-# >>>
-
-# LDAP incoming relay <<<
-.ifdef SERVER_ROLE_MX
-ldap_incoming_relay:
-  driver = manualroute
-  condition = LDAP_INCOMING_RELAY
-  more = LDAP_INCOMING_MORE
-  transport = remote_smtp
-  route_list = * "${extract{1}{/}{LDAP_INCOMING_RELAY}}"
-  host_find_failed = decline
-  cannot_route_message = "Failed to lookup destination host"
-.endif
-# >>>
-
-# resolve LDAP aliases <<<
-ldap_aliases:
-  driver = redirect
-  allow_fail
-  allow_defer
-  data = LDAP_ALIAS_FOR
-  file_transport = address_file
-  pipe_transport = address_pipe
-# >>>
-
-# Spam filtering is done on a <<<
-# per-domain basis
-.ifdef SERVER_ROLE_MAILSTORAGE
-ldap_domain_filter:
-  driver = redirect
-  no_verify
-  allow_filter
-  user = mail
-  group = mail
-  reply_transport = autoreply
-  data = LDAP_GET_DOMAIN_FILTER
-  router_home_directory = LDAP_HOME_DIRECTORY
-  directory_transport = local_delivery
-.endif
-# >>>
-
-# user filter: vacation, redirects <<<
-.ifdef SERVER_ROLE_MAILSTORAGE
-ldap_user_filter:
-  driver = redirect
-  no_verify
-  allow_filter
-  user = mail
-  group = mail
-  reply_transport = autoreply
-  data = LDAP_GET_USER_FILTER
-  router_home_directory = LDAP_HOME_DIRECTORY
-  file_transport = local_delivery
-.endif
-# >>>
-
-# deliver to local user <<<
-.ifdef SERVER_ROLE_MAILSTORAGE
-ldap_user:
-  driver = accept
-  condition = LDAP_USER_IS_ACTIVE
-  transport = local_delivery
-  cannot_route_message = Unknown user
-.endif
-# >>>
-
-######################################################################
-#                      TRANSPORTS CONFIGURATION                      #
-######################################################################
-
-begin transports
-
-# This transport is used for delivering messages over SMTP connections <<<
-remote_smtp:
-  driver = smtp
-# >>>
-
-# This Transport is used for auto reply answers like vaction <<<
-autoreply:
-   driver = autoreply
-   from = $local_part@$domain
-# >>>
-
-# This transport is used for local delivery to the users Maildirs which are <<<
-# located under their domain.
-local_delivery:
-  driver = appendfile
-  mode_fail_narrower = false
-  directory = LDAP_HOME_DIRECTORY/Maildir
-  maildir_format
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  user = mail
-  group = mail
-  mode = 0660
-# >>>
-
-######################################################################
-#                      RETRY CONFIGURATION                           #
-######################################################################
-
-begin retry
-
-# This single retry rule applies to all domains and all errors. It specifies <<<
-# retries every 15 minutes for 2 hours, then increasing retry intervals,
-# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
-# hours, then retries every 6 hours until 4 days have passed since the first
-# failed delivery.
-
-# Address or Domain    Error       Retries
-# -----------------    -----       -------
-
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-# >>>
-
-######################################################################
-#                      REWRITE CONFIGURATION                         #
-######################################################################
-
-# There are no rewriting specifications in this default configuration file.
-
-begin rewrite
-
-######################################################################
-#                   AUTHENTICATION CONFIGURATION                     #
-######################################################################
-
-begin authenticators
-
-.ifdef SERVER_ROLE_CMX
-
-# AUTH PLAIN <<<
-plain:
-  driver = plaintext
-  public_name = PLAIN
-  server_prompts = :
-  server_condition = ${if and {\
-    {match {${extract{1}{@}{$auth2}}} {\N[\w-\.]{1,64}\N}}\
-    {match {${extract{2}{@}{$auth2}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
-    {ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$auth2}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth2}}},LDAP_DOMAINS_ROOT_DN" pass=${quote:$auth3} ldap:///}}\
-  } {yes}{no}}
-  server_set_id = $auth2
-# >>>
-
-# AUTH LOGIN <<<
-login:
-  driver = plaintext
-  public_name = LOGIN
-  server_prompts = Username:: : Password::
-  server_condition = ${if and {\
-    {match {${extract{1}{@}{$auth1}}} {\N[\w-\.]{1,64}\N}}\
-    {match {${extract{2}{@}{$auth1}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
-    {ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$auth1}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth1}}},LDAP_DOMAINS_ROOT_DN" pass=${quote:$auth2} ldap:///}}\
-  } {yes}{no}}
-  server_set_id = $auth1
-# >>>
-
-# AUTH CRAM-MD5 <<<
-cram:
-  driver = cram_md5
-  public_name = CRAM-MD5
-  server_secret = ${if and {\
-    {match {${extract{1}{@}{$auth1}}} {\N[\w-\.]{1,64}\N}}\
-    {match {${extract{2}{@}{$auth1}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
-  }\
-  {${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${extract{1}{@}{$auth1}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth1}}},LDAP_DOMAINS_ROOT_DN?clearPassword?sub}{$value}fail}} fail}
-  server_set_id = $1
-# >>>
-
-.endif
-
-######################################################################
-#                   CONFIGURATION FOR local_scan()                   #
-######################################################################
-
-# If you have built Exim to include a local_scan() function that contains
-# tables for private options, you can define those options here. Remember to
-# uncomment the "begin" line. It is commented by default because it provokes
-# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
-# set in the Local/Makefile.
-
-# begin local_scan
-
-# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [189] trunk/doc/examples/exim4

[<el...@us...>]

Revision: 189
          http://elma.svn.sourceforge.net/elma/?rev=189&view=rev
Author:   elch86
Date:     2007-11-22 07:25:29 -0800 (Thu, 22 Nov 2007)

Log Message:
-----------
New exim configuration: supports per-local_part@domain manualroute

Modified Paths:
--------------
    trunk/doc/examples/exim4/exim4.conf.dist

Added Paths:
-----------
    trunk/doc/examples/exim4/ldap.conf
    trunk/doc/examples/exim4/local.conf
    trunk/doc/examples/exim4/server-role.conf

Modified: trunk/doc/examples/exim4/exim4.conf.dist
===================================================================
--- trunk/doc/examples/exim4/exim4.conf.dist	2007-11-13 13:40:24 UTC (rev 188)
+++ trunk/doc/examples/exim4/exim4.conf.dist	2007-11-22 15:25:29 UTC (rev 189)
@@ -22,20 +22,21 @@
 #                                                                          #
 ########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
 
-
 ######################################################################
 #                    MAIN CONFIGURATION SETTINGS                     #
 ######################################################################
 
-# LDAP connection parameters <<<
-ldap_default_servers = 127.0.0.1::389
+# Global config parameter <<<
 
-#LDAP_HOSTNAME = 127.0.0.1:389
-LDAP_BASEDN = o=mybasedn
-LDAP_USERS_ROOT_DN = ou=users,LDAP_BASEDN
-LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
-LDAP_BIND_USER = uid=exim4,LDAP_USERS_ROOT_DN
-LDAP_BIND_PASS = exim4pass
+# include server specific settings
+.include /etc/exim4/local.conf
+
+# include server role definition
+.include /etc/exim4/server-role.conf
+
+#include ldap server definitions
+.include /etc/exim4/ldap.conf
+
 # >>>
 
 # LDAP macros <<<
@@ -49,10 +50,10 @@
 LDAP_DOMAIN_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?base?}}} {yes}{no} }
 
 # returns status of user
-LDAP_USER_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub}}} {yes}{no} }
+LDAP_USER_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub?(objectclass=mailUser)}}} {yes}{no} }
 
 # return list of aliases otherwise return fail
-LDAP_ALIAS_FOR = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE))} {$value} fail}
+LDAP_ALIAS_FOR = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(mailaliasedname=*@*))} {$value} fail}
 
 # return the user's homeDirectory
 LDAP_HOME_DIRECTORY = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?homeDirectory?base} {$value} fail}
@@ -62,6 +63,15 @@
 
 # get the mailSieveFilter attribute for a domain
 LDAP_GET_DOMAIN_FILTER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?base?(objectclass=mailDomain)} {$value} fail}
+
+# get the mailStorageserver attribute for an user
+LDAP_GET_MAILSTORAGESERVER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStorageserver?base?(objectclass=mailUser)} {$value} fail}
+
+# get the destination mailserver for an user
+LDAP_INCOMING_RELAY = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(!(mailaliasedname=*@*)))} {$value} fail}
+
+LDAP_INCOMING_MORE = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE)(!(mailaliasedname=*@*)))} {false} fail}
+
 # >>>
 
 # Hostname <<<
@@ -70,11 +80,11 @@
 # uname() function is called to obtain the name. In many cases this does
 # the right thing and you need not set anything explicitly.
 
-#primary_hostname =
+primary_hostname = PRIMARY_HOSTNAME
 # >>>
 
 # Logging <<<
-log_selector = -retry_defer -skip_delivery -queue_run +smtp_connection \
+log_selector = -retry_defer -skip_delivery -queue_run +smtp_connection\
   +delivery_size +deliver_time +received_recipients +sender_on_delivery +subject
 # >>>
 
@@ -100,20 +110,15 @@
 # >>>
 
 # TLS options <<<
-#
+
+.ifndef SERVER_ROLE_MAILSTORAGE
+
 # Allow any client to use TLS.
 
-#tls_advertise_hosts = *
+tls_advertise_hosts = *
 
-# Specify the location of the Exim server's TLS certificate and private key.
-# The private key must not be encrypted (password protected). You can put
-# the certificate and private key in the same file, in which case you only
-# need the first setting, or in separate files, in which case you need both
-# options.
+.endif
 
-#tls_certificate = /etc/ssl/exim.crt
-#tls_privatekey = /etc/ssl/exim.pem
-
 # In order to support roaming users who wish to send email from anywhere,
 # you may want to make Exim listen on other ports as well as port 25, in
 # case these users need to send email from a network that blocks port 25.
@@ -123,9 +128,12 @@
 # them you should also allow TLS-on-connect on the traditional but
 # non-standard port 465.
 
-#daemon_smtp_ports = 25 : 465 : 587
-#tls_on_connect_ports = 465
-
+.ifdef SERVER_ROLE_CMX
+daemon_smtp_ports = 25 : 465 : 587
+tls_on_connect_ports = 465
+.elifdef
+daemon_smtp_ports = 25
+.endif
 # >>>
 
 # Unqualified senders/recipients <<<
@@ -176,7 +184,8 @@
 
 begin acl
 
-# RCPT TO: <<<
+# RCPT TO: (C)MX <<<
+.ifndef SERVER_ROLE_MAILSTORE
 acl_check_rcpt:
 
   # accept if sender is localhost
@@ -205,23 +214,56 @@
   accept  hosts         = +relay_from_hosts
           control       = submission/sender_retain
 
+.ifdef SERVER_ROLE_CMX
   accept  authenticated = *
           control       = submission/sender_retain
+.endif
 
-  require message = relay not permitted
+  require message = Relay not permitted
           domains = +local_domains
 
   # Return debuggable error message if domain it inactive
-  require message = domain inactive
+  require message = Domain inactive
           domains = +active_domains
 
   # Verify recipient, both for local and remote recipients
-  require verify = recipient
+  require verify  = recipient
+          message = User unknown
 
   # Accept finally if all other checks were passed
   accept
+.endif
 # >>>
 
+# RCPT TO: MAILSTORE <<<
+.ifdef SERVER_ROLE_MAILSTORE
+acl_check_rcpt:
+
+  # accept if sender is localhost
+  accept  hosts = :
+
+  # The two following rules restrict characters in local_parts
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  # Accept mails to postmaster
+  accept  local_parts   = postmaster
+          domains       = +local_domains
+
+  # The following two rules accept mails on a per-host basis 
+  # or if sender is authenticated. Return-path and/or From: will
+  # not be adjusted
+  accept  hosts         = +cmx_hosts : +mx_hosts
+
+  deny    message       = Unauthorized host trying to send
+.endif
+# >>>
+
 # DATA <<<
 acl_check_data:
 
@@ -262,6 +304,16 @@
   no_more
 # >>>
 
+# route to mailstorage <<<
+.ifndef SERVER_ROLE_MAILSTORAGE
+route_mailstorageserver:
+  driver = manualroute
+  condition = LDAP_GET_MAILSTORAGESERVER
+  transport = remote_smtp
+  route_list = * "${extract{1}{/}{LDAP_GET_MAILSTORAGESERVER}}"
+.endif
+# >>>
+
 # resolve aliases given in /etc/aliases <<<
 system_aliases:
   driver = redirect
@@ -272,6 +324,19 @@
   pipe_transport = address_pipe
 # >>>
 
+# LDAP incoming relay <<<
+.ifdef SERVER_ROLE_MX
+ldap_incoming_relay:
+  driver = manualroute
+  condition = LDAP_INCOMING_RELAY
+  more = LDAP_INCOMING_MORE
+  transport = remote_smtp
+  route_list = * "${extract{1}{/}{LDAP_INCOMING_RELAY}}"
+  host_find_failed = decline
+  cannot_route_message = "Failed to lookup destination host"
+.endif
+# >>>
+
 # resolve LDAP aliases <<<
 ldap_aliases:
   driver = redirect
@@ -284,6 +349,7 @@
 
 # Spam filtering is done on a <<<
 # per-domain basis
+.ifdef SERVER_ROLE_MAILSTORAGE
 ldap_domain_filter:
   driver = redirect
   no_verify
@@ -294,9 +360,11 @@
   data = LDAP_GET_DOMAIN_FILTER
   router_home_directory = LDAP_HOME_DIRECTORY
   directory_transport = local_delivery
+.endif
 # >>>
 
 # user filter: vacation, redirects <<<
+.ifdef SERVER_ROLE_MAILSTORAGE
 ldap_user_filter:
   driver = redirect
   no_verify
@@ -307,14 +375,17 @@
   data = LDAP_GET_USER_FILTER
   router_home_directory = LDAP_HOME_DIRECTORY
   file_transport = local_delivery
+.endif
 # >>>
 
 # deliver to local user <<<
+.ifdef SERVER_ROLE_MAILSTORAGE
 ldap_user:
   driver = accept
   condition = LDAP_USER_IS_ACTIVE
   transport = local_delivery
   cannot_route_message = Unknown user
+.endif
 # >>>
 
 ######################################################################
@@ -381,6 +452,8 @@
 
 begin authenticators
 
+.ifdef SERVER_ROLE_CMX
+
 # AUTH PLAIN <<<
 plain:
   driver = plaintext
@@ -419,6 +492,8 @@
   server_set_id = $1
 # >>>
 
+.endif
+
 ######################################################################
 #                   CONFIGURATION FOR local_scan()                   #
 ######################################################################
@@ -431,4 +506,4 @@
 
 # begin local_scan
 
-# vim:foldmethod=marker:foldmarker=<<<,>>>
+# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable

Added: trunk/doc/examples/exim4/ldap.conf
===================================================================
--- trunk/doc/examples/exim4/ldap.conf	                        (rev 0)
+++ trunk/doc/examples/exim4/ldap.conf	2007-11-22 15:25:29 UTC (rev 189)
@@ -0,0 +1,15 @@
+# LDAP connection parameters <<<
+
+# which LDAP server to use as default
+ldap_default_servers = 127.0.0.1::389
+
+#LDAP_HOSTNAME = 127.0.0.1:389
+LDAP_BASEDN = o=mybasedn
+LDAP_USERS_ROOT_DN = ou=users,LDAP_BASEDN
+LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
+LDAP_BIND_USER = uid=exim4,LDAP_USERS_ROOT_DN
+LDAP_BIND_PASS = exim4pass
+
+# >>>
+
+# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable

Added: trunk/doc/examples/exim4/local.conf
===================================================================
--- trunk/doc/examples/exim4/local.conf	                        (rev 0)
+++ trunk/doc/examples/exim4/local.conf	2007-11-22 15:25:29 UTC (rev 189)
@@ -0,0 +1,14 @@
+PRIMARY_HOSTNAME = mail.mydomain.com
+
+hostlist cmx_hosts = 
+hostlist mx_hosts = 
+
+# Specify the location of the Exim server's TLS certificate and private key.
+# The private key must not be encrypted (password protected). You can put
+# the certificate and private key in the same file, in which case you only
+# need the first setting, or in separate files, in which case you need both
+# options.
+
+#tls_certificate = /etc/exim4/cert.pem
+#tls_privatekey = /etc/exim4/key.pem
+

Added: trunk/doc/examples/exim4/server-role.conf
===================================================================
--- trunk/doc/examples/exim4/server-role.conf	                        (rev 0)
+++ trunk/doc/examples/exim4/server-role.conf	2007-11-22 15:25:29 UTC (rev 189)
@@ -0,0 +1,10 @@
+# define server role, <<<
+# just uncomment matching one, setting to "false" will count as defined!
+
+SERVER_ROLE_MX = true
+SERVER_ROLE_CMX = true
+SERVER_ROLE_MAILSTORAGE = true
+
+# >>>
+
+# vim:foldmethod=marker:foldmarker=<<<,>>>:nofoldenable


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [188] trunk/templates/simple

[<el...@us...>]

Revision: 188
          http://elma.svn.sourceforge.net/elma/?rev=188&view=rev
Author:   elch86
Date:     2007-11-13 05:40:24 -0800 (Tue, 13 Nov 2007)

Log Message:
-----------
Finished german translation

Modified Paths:
--------------
    trunk/templates/simple/content_domain_edit.tpl
    trunk/templates/simple/content_domain_new.tpl
    trunk/templates/simple/content_settings.tpl
    trunk/templates/simple/content_systemuser_edit.tpl
    trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.c
    trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.mo
    trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po

Modified: trunk/templates/simple/content_domain_edit.tpl
===================================================================
--- trunk/templates/simple/content_domain_edit.tpl	2007-11-13 11:04:53 UTC (rev 187)
+++ trunk/templates/simple/content_domain_edit.tpl	2007-11-13 13:40:24 UTC (rev 188)
@@ -89,7 +89,7 @@
                                                         {/if}
                                                     {/foreach}
                                                     </optgroup>
-                                                    <optgroup label="{t}Domainsusers{/t}">
+                                                    <optgroup label="{t}Domainusers{/t}">
                                                     {foreach from=$admins item=admin}
                                                         {if @in_array("mailUser",$admin.objectclass) }
                                                         <option value="{$admin.dn}">{$admin.uid[0]} ({$admin.cn[0]} {$admin.sn[0]})</option>

Modified: trunk/templates/simple/content_domain_new.tpl
===================================================================
--- trunk/templates/simple/content_domain_new.tpl	2007-11-13 11:04:53 UTC (rev 187)
+++ trunk/templates/simple/content_domain_new.tpl	2007-11-13 13:40:24 UTC (rev 188)
@@ -66,7 +66,7 @@
                                                         {/if}
                                                     {/foreach}
                                                     </optgroup>
-                                                    <optgroup label="{t}Domainsusers{/t}">
+                                                    <optgroup label="{t}Domainusers{/t}">
                                                     {foreach from=$admins item=admin}
                                                         {if @in_array("mailUser",$admin.objectclass) }
                                                         <option value="{$admin.dn}">{$admin.uid[0]} ({$admin.cn[0]} {$admin.sn[0]})</option>

Modified: trunk/templates/simple/content_settings.tpl
===================================================================
--- trunk/templates/simple/content_settings.tpl	2007-11-13 11:04:53 UTC (rev 187)
+++ trunk/templates/simple/content_settings.tpl	2007-11-13 13:40:24 UTC (rev 188)
@@ -4,7 +4,7 @@
 		        <p><a href="{$smarty.server.PHP_SELF}?module=systemusers_list">{t}Users{/t}</a> - {t}Manage systemwide users. This gives you the ability to create users for your staff or customers, who should have access to certain domains only.{/t}</p>
 		    {/if}
 		    {if @in_array("globaladmins_edit",$acl) }
-		        <p><a href="{$smarty.server.PHP_SELF}?module=globaladmins_edit">{t}Administrators{/t}</a> - {t}Define which systemwide users should have global adminstrative rights. Theese can create new systemwide users as well as new domains.{/t}</p>
+		        <p><a href="{$smarty.server.PHP_SELF}?module=globaladmins_edit">{t}Administrators{/t}</a> - {t}Define which systemwide users should have global adminstrative rights. These can create new systemwide users as well as new domains.{/t}</p>
                    {/if}
                 </div>
 

Modified: trunk/templates/simple/content_systemuser_edit.tpl
===================================================================
--- trunk/templates/simple/content_systemuser_edit.tpl	2007-11-13 11:04:53 UTC (rev 187)
+++ trunk/templates/simple/content_systemuser_edit.tpl	2007-11-13 13:40:24 UTC (rev 188)
@@ -115,7 +115,7 @@
                                  </td>
                                  <td>
                                     <input type="radio" name="nlo_next_step" value="add_another" checked="true" /> {t}Add another user{/t}<br />
-                                    <input type="radio" name="nlo_next_step" value="edit_current" /> {t}neuen Benutzer bearbeiten{/t}<br />
+                                    <input type="radio" name="nlo_next_step" value="edit_current" /> {t}Edit new user{/t}<br />
                                     <input type="radio" name="nlo_next_step" value="show_overview" /> {t}Go to user overview{/t}<br />
                                  </td>
                             </tr>

Modified: trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.c
===================================================================
--- trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.c	2007-11-13 11:04:53 UTC (rev 187)
+++ trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.c	2007-11-13 13:40:24 UTC (rev 188)
@@ -1,7 +1,10 @@
 /* ../templates/simple/content_alias_delete.tpl */
-gettext("Delete Alias");
+gettext("Delete alias");
 
 /* ../templates/simple/content_alias_delete.tpl */
+gettext("Back to domain overview");
+
+/* ../templates/simple/content_alias_delete.tpl */
 gettext("Are you sure you want to delete alias %1@%2?");
 
 /* ../templates/simple/content_alias_delete.tpl */
@@ -14,27 +17,48 @@
 gettext("Edit alias");
 
 /* ../templates/simple/content_alias_edit.tpl */
+gettext("Alias for");
+
+/* ../templates/simple/content_alias_edit.tpl */
+gettext("Is active?");
+
+/* ../templates/simple/content_alias_edit.tpl */
+gettext("Save");
+
+/* ../templates/simple/content_alias_new.tpl */
 gettext("New alias");
 
-/* ../templates/simple/content_alias_edit.tpl */
+/* ../templates/simple/content_alias_new.tpl */
 gettext("new alias");
 
-/* ../templates/simple/content_alias_edit.tpl */
+/* ../templates/simple/content_alias_new.tpl */
 gettext("Alias");
 
-/* ../templates/simple/content_alias_edit.tpl */
+/* ../templates/simple/content_alias_new.tpl */
 gettext("Alias for");
 
-/* ../templates/simple/content_alias_edit.tpl */
+/* ../templates/simple/content_alias_new.tpl */
 gettext("Is active?");
 
-/* ../templates/simple/content_alias_edit.tpl */
+/* ../templates/simple/content_alias_new.tpl */
+gettext("Next Step");
+
+/* ../templates/simple/content_alias_new.tpl */
+gettext("Add another alias");
+
+/* ../templates/simple/content_alias_new.tpl */
+gettext("Go to domain overview");
+
+/* ../templates/simple/content_alias_new.tpl */
 gettext("Save");
 
 /* ../templates/simple/content_domain_delete.tpl */
-gettext("Delete Domain");
+gettext("Delete domain");
 
 /* ../templates/simple/content_domain_delete.tpl */
+gettext("Back to domains list");
+
+/* ../templates/simple/content_domain_delete.tpl */
 gettext("Are you sure you want to delete domain %1?");
 
 /* ../templates/simple/content_domain_delete.tpl */
@@ -47,24 +71,105 @@
 gettext("Edit domain");
 
 /* ../templates/simple/content_domain_edit.tpl */
-gettext("New domain");
+gettext("Is active?");
 
 /* ../templates/simple/content_domain_edit.tpl */
-gettext("new Domain");
+gettext("Mailstorageserver");
 
 /* ../templates/simple/content_domain_edit.tpl */
-gettext("Domain");
+gettext("Spamfilter enabled");
 
 /* ../templates/simple/content_domain_edit.tpl */
-gettext("Is active?");
+gettext("Rule");
 
 /* ../templates/simple/content_domain_edit.tpl */
+gettext("discard email");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("redirect to");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("save in user's spamfolder");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("Administrators");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("available users");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("Systemusers");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("Domainsusers");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("Systemusers");
+
+/* ../templates/simple/content_domain_edit.tpl */
+gettext("Domainusers");
+
+/* ../templates/simple/content_domain_edit.tpl */
 gettext("Save");
 
+/* ../templates/simple/content_domain_new.tpl */
+gettext("New domain");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("new domain");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Domain");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Is active?");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Mailstorageserver");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Administrators");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("available users");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Systemusers");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Domainsusers");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Systemusers");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Domainusers");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Next Step");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Add another domain");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Go to domain list");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Edit newly created domain");
+
+/* ../templates/simple/content_domain_new.tpl */
+gettext("Save");
+
 /* ../templates/simple/content_domains_list.tpl */
 gettext("Domain");
 
 /* ../templates/simple/content_domains_list.tpl */
+gettext("Users");
+
+/* ../templates/simple/content_domains_list.tpl */
+gettext("Aliases");
+
+/* ../templates/simple/content_domains_list.tpl */
 gettext("Active");
 
 /* ../templates/simple/content_domains_list.tpl */
@@ -79,16 +184,151 @@
 /* ../templates/simple/content_domains_list.tpl */
 gettext("new domain");
 
+/* ../templates/simple/content_globaladmins_edit.tpl */
+gettext("Systemadminstrators");
+
+/* ../templates/simple/content_globaladmins_edit.tpl */
+gettext("Administrators");
+
+/* ../templates/simple/content_globaladmins_edit.tpl */
+gettext("Users");
+
+/* ../templates/simple/content_globaladmins_edit.tpl */
+gettext("Save");
+
 /* ../templates/simple/content_main.tpl */
 gettext("Welcome to your Exim LDAP Mail Administrator Frontend");
 
 /* ../templates/simple/content_main.tpl */
 gettext("Click on the Domains link at the left navigation bar to get an overview of your email domains. When you click on the domain name you will see all users and aliases for that domain. Everything else should be pretty self explaining. Have fun ;-)");
 
+/* ../templates/simple/content_main.tpl */
+gettext("Statistics");
+
+/* ../templates/simple/content_main.tpl */
+gettext("Domains");
+
+/* ../templates/simple/content_main.tpl */
+gettext("active");
+
+/* ../templates/simple/content_main.tpl */
+gettext("Users");
+
+/* ../templates/simple/content_main.tpl */
+gettext("active");
+
+/* ../templates/simple/content_main.tpl */
+gettext("Aliases");
+
+/* ../templates/simple/content_main.tpl */
+gettext("active");
+
+/* ../templates/simple/content_settings.tpl */
+gettext("Settings");
+
+/* ../templates/simple/content_settings.tpl */
+gettext("Users");
+
+/* ../templates/simple/content_settings.tpl */
+gettext("Manage systemwide users. This gives you the ability to create users for your staff or customers, who should have access to certain domains only.");
+
+/* ../templates/simple/content_settings.tpl */
+gettext("Administrators");
+
+/* ../templates/simple/content_settings.tpl */
+gettext("Define which systemwide users should have global adminstrative rights. Theese can create new systemwide users as well as new domains.");
+
+/* ../templates/simple/content_systemuser_delete.tpl */
+gettext("Delete systemuser");
+
+/* ../templates/simple/content_systemuser_delete.tpl */
+gettext("Back to Systemusers overview");
+
+/* ../templates/simple/content_systemuser_delete.tpl */
+gettext("Are you sure you want to delete user %1?");
+
+/* ../templates/simple/content_systemuser_delete.tpl */
+gettext("Yes");
+
+/* ../templates/simple/content_systemuser_delete.tpl */
+gettext("No");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Edit systemuser");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("New systemuser");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("new user");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Username");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("First name");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Last name");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Password");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("(leave empty to keep password)");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("ACL");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Administrator of");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Not administrator of");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Next Step");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Add another user");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("neuen Benutzer bearbeiten");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Go to user overview");
+
+/* ../templates/simple/content_systemuser_edit.tpl */
+gettext("Save");
+
+/* ../templates/simple/content_systemusers_list.tpl */
+gettext("Systemusers");
+
+/* ../templates/simple/content_systemusers_list.tpl */
+gettext("Username");
+
+/* ../templates/simple/content_systemusers_list.tpl */
+gettext("Realname");
+
+/* ../templates/simple/content_systemusers_list.tpl */
+gettext("Command");
+
+/* ../templates/simple/content_systemusers_list.tpl */
+gettext("edit");
+
+/* ../templates/simple/content_systemusers_list.tpl */
+gettext("delete");
+
+/* ../templates/simple/content_systemusers_list.tpl */
+gettext("new user");
+
 /* ../templates/simple/content_user_delete.tpl */
-gettext("Delete User");
+gettext("Delete user");
 
 /* ../templates/simple/content_user_delete.tpl */
+gettext("Back to domain overview");
+
+/* ../templates/simple/content_user_delete.tpl */
 gettext("Are you sure you want to delete user %1@%2?");
 
 /* ../templates/simple/content_user_delete.tpl */
@@ -101,29 +341,65 @@
 gettext("Edit user");
 
 /* ../templates/simple/content_user_edit.tpl */
-gettext("New user");
+gettext("First name");
 
 /* ../templates/simple/content_user_edit.tpl */
-gettext("new user");
+gettext("Last name");
 
 /* ../templates/simple/content_user_edit.tpl */
-gettext("Username");
+gettext("Is active?");
 
 /* ../templates/simple/content_user_edit.tpl */
-gettext("First name");
+gettext("Redirect");
 
 /* ../templates/simple/content_user_edit.tpl */
-gettext("Last name");
+gettext("Recipient:");
 
 /* ../templates/simple/content_user_edit.tpl */
-gettext("Is active?");
+gettext("on vacation?");
 
 /* ../templates/simple/content_user_edit.tpl */
+gettext("Message:");
+
+/* ../templates/simple/content_user_edit.tpl */
 gettext("Password");
 
 /* ../templates/simple/content_user_edit.tpl */
 gettext("Save");
 
+/* ../templates/simple/content_user_new.tpl */
+gettext("New user");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("new user");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Username");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("First name");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Last name");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Is active?");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Password");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Next Step");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Add another user");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Go to domain overview");
+
+/* ../templates/simple/content_user_new.tpl */
+gettext("Save");
+
 /* ../templates/simple/content_users_list.tpl */
 gettext("Users and aliases for domain");
 
@@ -188,6 +464,9 @@
 gettext("Domains");
 
 /* ../templates/simple/navigation.tpl */
+gettext("Settings");
+
+/* ../templates/simple/navigation.tpl */
 gettext("Logout");
 
 /* ../templates/simple/print_submit_status.tpl */

Modified: trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.mo
===================================================================
(Binary files differ)

Modified: trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po
===================================================================
--- trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po	2007-11-13 11:04:53 UTC (rev 187)
+++ trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po	2007-11-13 13:40:24 UTC (rev 188)
@@ -1,164 +1,273 @@
 # SOME DESCRIPTIVE TITLE.
-# Copyright (C) 2007 Daniel Weuthen
-# This file is distributed under the same license as the elma package.
-# Daniel Weuthen <da...@we...>, 2007.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
 #
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: 0.1\n"
-"Report-Msgid-Bugs-To: da...@we...\n"
-"POT-Creation-Date: 2007-05-01 16:51+0200\n"
-"PO-Revision-Date: 2007-05-01 16:51+0200\n"
-"Last-Translator: Daniel Weuthen <da...@we...>\n"
-"Language-Team: de_DE <da...@we...>\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2007-11-13 14:20+0100\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL...@li...>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 
 #. ../templates/simple/content_alias_delete.tpl
+#. ../templates/simple/content_alias_delete.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:2
 msgid "Delete alias"
 msgstr "Lösche Alias"
 
 #. ../templates/simple/content_alias_delete.tpl
+#. ../templates/simple/content_alias_delete.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:5
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:8
 msgid "Are you sure you want to delete alias %1@%2?"
 msgstr "Sind Sie sicher, daß Sie den Alias %1@%2 löschen wollen?"
 
 #. ../templates/simple/content_alias_delete.tpl
 #. ../templates/simple/content_domain_delete.tpl
 #. ../templates/simple/content_user_delete.tpl
+#. ../templates/simple/content_alias_delete.tpl
+#. ../templates/simple/content_domain_delete.tpl
+#. ../templates/simple/content_systemuser_delete.tpl
+#. ../templates/simple/content_user_delete.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:8
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:41
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:95
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:11
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:65
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:251
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:335
 msgid "Yes"
 msgstr "Ja"
 
 #. ../templates/simple/content_alias_delete.tpl
 #. ../templates/simple/content_domain_delete.tpl
 #. ../templates/simple/content_user_delete.tpl
+#. ../templates/simple/content_alias_delete.tpl
+#. ../templates/simple/content_domain_delete.tpl
+#. ../templates/simple/content_systemuser_delete.tpl
+#. ../templates/simple/content_user_delete.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:11
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:44
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:98
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:14
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:68
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:254
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:338
 msgid "No"
 msgstr "Nein"
 
 #. ../templates/simple/content_alias_edit.tpl
+#. ../templates/simple/content_alias_edit.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:14
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:17
 msgid "Edit alias"
 msgstr "Bearbeite Alias"
 
 #. ../templates/simple/content_alias_edit.tpl
+#. ../templates/simple/content_alias_new.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:17
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:29
 msgid "New alias"
 msgstr "Neuer Alias"
 
 #. ../templates/simple/content_alias_edit.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_alias_new.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:20
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:167
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:32
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:443
 msgid "new alias"
 msgstr "neuer Alias"
 
 #. ../templates/simple/content_alias_edit.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_alias_new.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:23
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:149
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:35
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:425
 msgid "Alias"
 msgstr "Alias"
 
 #. ../templates/simple/content_alias_edit.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_alias_edit.tpl
+#. ../templates/simple/content_alias_new.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:26
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:152
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:20
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:38
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:428
 msgid "Alias for"
 msgstr "Alias für"
 
 #. ../templates/simple/content_alias_edit.tpl
 #. ../templates/simple/content_domain_edit.tpl
 #. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_alias_edit.tpl
+#. ../templates/simple/content_alias_new.tpl
+#. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_user_new.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:29
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:59
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:119
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:23
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:41
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:74
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:125
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:350
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:386
 msgid "Is active?"
-msgstr "Akitiviert?"
+msgstr "Aktiviert?"
 
 #. ../templates/simple/content_alias_edit.tpl
 #. ../templates/simple/content_domain_edit.tpl
 #. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_alias_edit.tpl
+#. ../templates/simple/content_alias_new.tpl
+#. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#. ../templates/simple/content_globaladmins_edit.tpl
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_user_new.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:32
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:62
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:125
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:26
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:53
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:113
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:161
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:197
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:302
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:368
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:401
 msgid "Save"
 msgstr "Speichern"
 
 #. ../templates/simple/content_domain_delete.tpl
+#. ../templates/simple/content_domain_delete.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:35
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:56
 msgid "Delete domain"
 msgstr "Domäne löschen"
 
 #. ../templates/simple/content_domain_delete.tpl
+#. ../templates/simple/content_domain_delete.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:38
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:62
 msgid "Are you sure you want to delete domain %1?"
 msgstr "Sind Sie sicher, daß Sie die Domäne %1 löschen wollen?"
 
 #. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_edit.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:47
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:71
 msgid "Edit domain"
 msgstr "Domäne bearbeiten"
 
 #. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#. ../templates/simple/content_domains_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:53
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:119
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:185
 msgid "new domain"
 msgstr "neue Domäne"
 
 #. ../templates/simple/content_domain_edit.tpl
 #. ../templates/simple/content_domains_list.tpl
+#. ../templates/simple/content_domain_new.tpl
+#. ../templates/simple/content_domains_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:56
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:65
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:122
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:164
 msgid "Domain"
 msgstr "Domäne"
 
 #. ../templates/simple/content_domains_list.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_domains_list.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:68
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:134
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:155
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:173
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:410
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:431
 msgid "Active"
 msgstr "Aktiviert"
 
 #. ../templates/simple/content_domains_list.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_domains_list.tpl
+#. ../templates/simple/content_systemusers_list.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:71
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:137
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:158
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:176
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:314
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:413
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:434
 msgid "Command"
 msgstr "Befehl"
 
 #. ../templates/simple/content_domains_list.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_domains_list.tpl
+#. ../templates/simple/content_systemusers_list.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:74
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:140
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:161
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:179
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:317
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:416
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:437
 msgid "edit"
 msgstr "bearbeiten"
 
 #. ../templates/simple/content_domains_list.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_domains_list.tpl
+#. ../templates/simple/content_systemusers_list.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:77
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:143
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:164
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:182
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:320
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:419
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:440
 msgid "delete"
 msgstr "löschen"
 
 #. ../templates/simple/content_main.tpl
+#. ../templates/simple/content_main.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:83
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:200
 msgid "Welcome to your Exim LDAP Mail Administrator Frontend"
 msgstr "Willkommen zu Ihrem Exim LDAP Mail Administrator"
 
 #. ../templates/simple/content_main.tpl
+#. ../templates/simple/content_main.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:86
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:203
 msgid ""
 "Click on the Domains link at the left navigation bar to get an overview of "
 "your email domains. When you click on the domain name you will see all users "
@@ -171,94 +280,435 @@
 "selbsterklärend sein. Viel Spaß ;-)"
 
 #. ../templates/simple/content_user_delete.tpl
+#. ../templates/simple/content_user_delete.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:92
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:332
 msgid "Are you sure you want to delete user %1@%2?"
 msgstr "Sind Sie sicher, daß Sie den Benutzer %1@%2 löschen wollen?"
 
 #. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_user_edit.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:101
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:341
 msgid "Edit user"
 msgstr "Bearbeite Benutzer"
 
 #. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_user_new.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:104
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:371
 msgid "New user"
 msgstr "Neuer Benutzer"
 
 #. ../templates/simple/content_user_edit.tpl
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_systemusers_list.tpl
+#. ../templates/simple/content_user_new.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:107
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:146
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:263
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:323
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:374
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:422
 msgid "new user"
 msgstr "neuer Benutzer"
 
 #. ../templates/simple/content_user_edit.tpl
 #. ../templates/simple/content_users_list.tpl
 #. ../templates/simple/login.tpl
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_systemusers_list.tpl
+#. ../templates/simple/content_user_new.tpl
+#. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/login.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:110
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:131
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:173
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:266
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:308
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:377
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:407
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:449
 msgid "Username"
 msgstr "Benutzername"
 
 #. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_user_new.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:113
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:269
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:344
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:380
 msgid "First name"
 msgstr "Vorname"
 
 #. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_user_new.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:116
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:272
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:347
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:383
 msgid "Last name"
 msgstr "Nachname"
 
 #. ../templates/simple/content_user_edit.tpl
 #. ../templates/simple/login.tpl
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_user_edit.tpl
+#. ../templates/simple/content_user_new.tpl
+#. ../templates/simple/login.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:122
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:176
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:275
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:365
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:389
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:452
 msgid "Password"
 msgstr "Passwort"
 
 #. ../templates/simple/content_users_list.tpl
+#. ../templates/simple/content_users_list.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:128
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:404
 msgid "Users and aliases for domain"
 msgstr "Benutzer und Aliase für Domäne"
 
 #. ../templates/simple/login.tpl
+#. ../templates/simple/login.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:170
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:446
 msgid "Invalid username and/or password."
 msgstr "Ungültiger Benutzername und/oder Passwort."
 
 #. ../templates/simple/login.tpl
+#. ../templates/simple/login.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:179
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:455
 msgid "Language"
 msgstr "Sprache"
 
 #. ../templates/simple/login.tpl
+#. ../templates/simple/login.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:182
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:458
 msgid "Login"
 msgstr "Anmelden"
 
 #. ../templates/simple/navigation.tpl
+#. ../templates/simple/navigation.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:185
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:461
 msgid "Home"
 msgstr "Übersicht"
 
 #. ../templates/simple/navigation.tpl
+#. ../templates/simple/content_main.tpl
+#. ../templates/simple/navigation.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:188
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:209
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:464
 msgid "Domains"
 msgstr "Domänen"
 
 #. ../templates/simple/navigation.tpl
+#. ../templates/simple/navigation.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:191
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:470
 msgid "Logout"
 msgstr "Abmelden"
 
 #. ../templates/simple/print_submit_status.tpl
+#. ../templates/simple/print_submit_status.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:194
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:473
 msgid "Data has been saved."
 msgstr "Daten wurden gespeichert."
 
 #. ../templates/simple/print_submit_status.tpl
+#. ../templates/simple/print_submit_status.tpl
 #: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:197
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:476
 msgid "Sorry, your data could not be saved. The following error occured:"
-msgstr "Leider konnten Ihre Daten nicht gespeichert werden. Folgender Fehler ist aufgetreten:"
+msgstr ""
+"Leider konnten Ihre Daten nicht gespeichert werden. Folgender Fehler ist "
+"aufgetreten:"
+
+#. ../templates/simple/content_alias_delete.tpl
+#. ../templates/simple/content_user_delete.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:5
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:329
+msgid "Back to domain overview"
+msgstr "Zurück zur Domänen-Übersicht"
+
+#. ../templates/simple/content_alias_new.tpl
+#. ../templates/simple/content_domain_new.tpl
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_user_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:44
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:149
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:290
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:392
+msgid "Next Step"
+msgstr "Nächster Schritt"
+
+#. ../templates/simple/content_alias_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:47
+msgid "Add another alias"
+msgstr "Einen weiteren Alias hinzufügen"
+
+#. ../templates/simple/content_alias_new.tpl
+#. ../templates/simple/content_user_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:50
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:398
+msgid "Go to domain overview"
+msgstr "Zur Domänen-Übersicht"
+
+#. ../templates/simple/content_domain_delete.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:59
+msgid "Back to domains list"
+msgstr "Zurück zur Domänen-Übersicht"
+
+#. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:77
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:128
+msgid "Mailstorageserver"
+msgstr "Postfachserver"
+
+#. ../templates/simple/content_domain_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:80
+msgid "Spamfilter enabled"
+msgstr "Spamfilter eingeschaltet"
+
+#. ../templates/simple/content_domain_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:83
+msgid "Rule"
+msgstr "Regel"
+
+#. ../templates/simple/content_domain_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:86
+msgid "discard email"
+msgstr "Email verwerfen"
+
+#. ../templates/simple/content_domain_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:89
+msgid "redirect to"
+msgstr "Email umleiten zu"
+
+#. ../templates/simple/content_domain_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:92
+msgid "save in user's spamfolder"
+msgstr "Im Spamordner des Benutzers speichern"
+
+#. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#. ../templates/simple/content_globaladmins_edit.tpl
+#. ../templates/simple/content_settings.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:95
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:131
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:191
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:236
+msgid "Administrators"
+msgstr "Administratoren"
+
+#. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:98
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:134
+msgid "available users"
+msgstr "verfügbare Benutzer"
+
+#. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#. ../templates/simple/content_systemusers_list.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:101
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:107
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:137
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:143
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:305
+msgid "Systemusers"
+msgstr "Systembenutzer"
+
+#. ../templates/simple/content_domain_edit.tpl
+#. ../templates/simple/content_domain_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:110
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:146
+msgid "Domainusers"
+msgstr "Domänen-Benutzer"
+
+#. ../templates/simple/content_domain_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:116
+msgid "New domain"
+msgstr "Neue Domäne"
+
+#. ../templates/simple/content_domain_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:152
+msgid "Add another domain"
+msgstr "Eine weitere Domäne hinzufügen"
+
+#. ../templates/simple/content_domain_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:155
+msgid "Go to domain list"
+msgstr "Zur Domänen-Übersicht"
+
+#. ../templates/simple/content_domain_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:158
+msgid "Edit newly created domain"
+msgstr "Neu hinzugefügte Domäne editieren"
+
+#. ../templates/simple/content_domains_list.tpl
+#. ../templates/simple/content_globaladmins_edit.tpl
+#. ../templates/simple/content_main.tpl
+#. ../templates/simple/content_settings.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:167
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:194
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:215
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:230
+msgid "Users"
+msgstr "Benutzer"
+
+#. ../templates/simple/content_domains_list.tpl
+#. ../templates/simple/content_main.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:170
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:221
+msgid "Aliases"
+msgstr "Aliase"
+
+#. ../templates/simple/content_globaladmins_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:188
+msgid "Systemadminstrators"
+msgstr "Systemadministratoren"
+
+#. ../templates/simple/content_main.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:206
+msgid "Statistics"
+msgstr "Statistiken"
+
+#. ../templates/simple/content_main.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:212
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:218
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:224
+msgid "active"
+msgstr "aktiv"
+
+#. ../templates/simple/content_settings.tpl
+#. ../templates/simple/navigation.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:227
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:467
+msgid "Settings"
+msgstr "Einstellungen"
+
+#. ../templates/simple/content_settings.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:233
+msgid ""
+"Manage systemwide users. This gives you the ability to create users for your "
+"staff or customers, who should have access to certain domains only."
+msgstr ""
+"Systemweite Benutzer editieren. Sie können damit Benutzer für Mitarbeiter oder Kunden "
+"anlegen, die nur auf bestimmte Domänen zugreifen dürfen."
+
+#. ../templates/simple/content_settings.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:239
+msgid ""
+"Define which systemwide users should have global adminstrative rights. "
+"These can create new systemwide users as well as new domains."
+msgstr ""
+"Definieren Sie, welche systemweiten Benutzer globale administrative Rechte besitzen. "
+"Diese können sowohl neue systemweite Benutzer als auch neue Domänen erstellen."
+
+#. ../templates/simple/content_systemuser_delete.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:242
+msgid "Delete systemuser"
+msgstr "Systembenutzer löschen"
+
+#. ../templates/simple/content_systemuser_delete.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:245
+msgid "Back to Systemusers overview"
+msgstr "Zurück zur Systembenutzer-Übersicht"
+
+#. ../templates/simple/content_systemuser_delete.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:248
+msgid "Are you sure you want to delete user %1?"
+msgstr "Sind Sie sicher, dass Sie den Benutzer %1 löschen wollen?"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:257
+msgid "Edit systemuser"
+msgstr "Systembenutzer editieren"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:260
+msgid "New systemuser"
+msgstr "Neuer Systembenutzer"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:278
+msgid "(leave empty to keep password)"
+msgstr "(leer lassen um Passwort zu behalten)"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:281
+msgid "ACL"
+msgstr "ACL"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:284
+msgid "Administrator of"
+msgstr "Administrator von"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:287
+msgid "Not administrator of"
+msgstr "Nicht Administrator von"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#. ../templates/simple/content_user_new.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:293
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:395
+msgid "Add another user"
+msgstr "Einen weiteren Benutzer hinzufügen"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:296
+msgid "Edit new user"
+msgstr "neuen Benutzer bearbeiten"
+
+#. ../templates/simple/content_systemuser_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:299
+msgid "Go to user overview"
+msgstr "Zur Benutzer-Übersicht"
+
+#. ../templates/simple/content_systemusers_list.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:311
+msgid "Realname"
+msgstr "vollständiger Name"
+
+#. ../templates/simple/content_user_delete.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:326
+msgid "Delete user"
+msgstr "Benutzer löschen"
+
+#. ../templates/simple/content_user_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:353
+msgid "Redirect"
+msgstr "Umleiten"
+
+#. ../templates/simple/content_user_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:356
+msgid "Recipient:"
+msgstr "Empfänger:"
+
+#. ../templates/simple/content_user_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:359
+msgid "on vacation?"
+msgstr "abwesend?"
+
+#. ../templates/simple/content_user_edit.tpl
+#: ../templates/simple/locale/de_DE/LC_MESSAGES/messages.c:362
+msgid "Message:"
+msgstr "Nachricht:"


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [187] trunk

[<el...@us...>]

Revision: 187
          http://elma.svn.sourceforge.net/elma/?rev=187&view=rev
Author:   elch86
Date:     2007-11-13 03:04:53 -0800 (Tue, 13 Nov 2007)

Log Message:
-----------
Fixed display errors with umlauts. Output should be utf-8 now

Modified Paths:
--------------
    trunk/includes/gettext.inc.php
    trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.mo
    trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po

Modified: trunk/includes/gettext.inc.php
===================================================================
--- trunk/includes/gettext.inc.php	2007-10-25 15:20:10 UTC (rev 186)
+++ trunk/includes/gettext.inc.php	2007-11-13 11:04:53 UTC (rev 187)
@@ -39,6 +39,7 @@
 // Set the text domain as 'messages'
 $domain = 'messages';
 bindtextdomain($domain, getcwd()."/templates/".TEMPLATE."/locale");
+bind_textdomain_codeset($domain, 'UTF-8');
 textdomain($domain);
 
 // vim:tabstop=4:expandtab:shiftwidth=4:filetype=php:syntax:ruler:

Modified: trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.mo
===================================================================
(Binary files differ)

Modified: trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po
===================================================================
--- trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po	2007-10-25 15:20:10 UTC (rev 186)
+++ trunk/templates/simple/locale/de_DE/LC_MESSAGES/messages.po	2007-11-13 11:04:53 UTC (rev 187)
@@ -165,9 +165,9 @@
 "and aliases for that domain. Everything else should be pretty self "
 "explaining. Have fun ;-)"
 msgstr ""
-"Klicken Sie auf den Link Domänen in der linken Navigationsleiste um einen"
-"Überblick Ihrer Domänen yu erhalten. Klicken Sie dann auf den Domänennamen"
-"um eine Benutzerübersicht zu erhalten. Alles andere sollte relativ"
+"Klicken Sie auf den Link Domänen in der linken Navigationsleiste um einen "
+"Überblick Ihrer Domänen zu erhalten. Klicken Sie dann auf den Domänennamen "
+"um eine Benutzerübersicht zu erhalten. Alles andere sollte relativ "
 "selbsterklärend sein. Viel Spaß ;-)"
 
 #. ../templates/simple/content_user_delete.tpl


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [186] trunk/doc/examples

[<dwe...@us...>]

Revision: 186
          http://elma.svn.sourceforge.net/elma/?rev=186&view=rev
Author:   dweuthen
Date:     2007-10-25 08:20:10 -0700 (Thu, 25 Oct 2007)

Log Message:
-----------
renamed file.conf to file.conf.dist 

Added Paths:
-----------
    trunk/doc/examples/dovecot/dovecot-ldap.conf.dist
    trunk/doc/examples/dovecot/dovecot.conf.dist
    trunk/doc/examples/exim4/exim4.conf.dist

Removed Paths:
-------------
    trunk/doc/examples/dovecot/dovecot-ldap.conf
    trunk/doc/examples/dovecot/dovecot.conf
    trunk/doc/examples/exim4/exim4.conf

Deleted: trunk/doc/examples/dovecot/dovecot-ldap.conf
===================================================================
--- trunk/doc/examples/dovecot/dovecot-ldap.conf	2007-10-25 14:47:22 UTC (rev 185)
+++ trunk/doc/examples/dovecot/dovecot-ldap.conf	2007-10-25 15:20:10 UTC (rev 186)
@@ -1,116 +0,0 @@
-# This file is opened as root, so it should be owned by root and mode 0600.
-#
-# NOTE: If you're not using authentication binds, you'll need to give
-# dovecot-auth read access to userPassword field in the LDAP server.
-# With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There should
-# already be something like this:
-
-# access to attribute=userPassword
-#        by dn="<dovecot's dn>" read # add this
-#        by anonymous auth
-#        by self write
-#        by * none
-
-# Space separated list of LDAP hosts to use. host:port is allowed too.
-hosts = 127.0.0.1
-
-# LDAP URIs to use. You can use this instead of hosts list. Note that this
-# setting isn't supported by all LDAP libraries.
-#uris = 
-
-# Distinguished Name - the username used to login to the LDAP server
-dn = 
-
-# Password for LDAP server
-dnpass = 
-
-# Use SASL binding instead of the simple binding. Note that this changes
-# ldap_version automatically to be 3 if it's lower. Also note that SASL binds
-# and auth_bind=yes don't work together.
-sasl_bind = no
-# SASL mechanism name to use.
-#sasl_mech =
-# SASL realm to use.
-#sasl_realm =
-# SASL authorization ID, ie. the dnpass is for this "master user", but the
-# dn is still the logged in user. Normally you want to keep this empty.
-#sasl_authz_id =
-
-# Use authentication binding for verifying password's validity. This works by
-# logging into LDAP server using the username and password given by client.
-# The pass_filter is used to find the DN for the user. Note that the pass_attrs
-# is still used, only the password field is ignored in it. Before doing any
-# search, the binding is switched back to the default DN.
-auth_bind = no
-
-# If authentication binding is used, you can save one LDAP request per login
-# if users' DN can be specified with a common template. The template can use
-# the standard %variables (see user_filter). Note that you can't
-# use any pass_attrs if you use this setting.
-#
-# If you use this setting, it's a good idea to use a different
-# dovecot-ldap.conf for userdb (it can even be a symlink, just as long as the
-# filename is different in userdb's args). That way one connection is used only
-# for LDAP binds and another connection is used for user lookups. Otherwise
-# the binding is changed to the default DN before each user lookup.
-#
-# For example:
-#   auth_bind_userdn = cn=%u,ou=people,o=org
-#
-#auth_bind_userdn = uid=%n,dc=%d,ou=domains,o=
-
-# LDAP protocol version to use. Likely 2 or 3.
-ldap_version = 3
-
-# LDAP base. %variables can be used here.
-base = 
-
-# Dereference: never, searching, finding, always
-deref = never
-
-# Search scope: base, onelevel, subtree
-scope = subtree
-
-# User attributes are given in LDAP-name=dovecot-internal-name list. The
-# internal names are:
-#   uid - System UID
-#   gid - System GID
-#   home - Home directory
-#   mail - Mail location
-#
-# There are also other special fields which can be returned, see
-# http://wiki.dovecot.org/UserDatabase/ExtraFields
-user_attrs = homeDirectory=home
-
-# Filter for user lookup. Some variables can be used (see
-# http://wiki.dovecot.org/Variables for full list):
-#   %u - username
-#   %n - user part in user@domain, same as %u if there's no domain
-#   %d - domain part in user@domain, empty if user there's no domain
-user_filter = (&(objectClass=mailUser)(uid=%n)(mailStatus=TRUE))
-
-# Password checking attributes:
-#  user: Virtual user name (user@domain), if you wish to change the
-#        user-given username to something else
-#  password: Password, may optionally start with {type}, eg. {crypt}
-# There are also other special fields which can be returned, see
-# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
-pass_attrs = uid=user,userPassword=password
-
-# If you wish to avoid two LDAP lookups (passdb + userdb), you can use
-# userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll
-# also have to include user_attrs in pass_attrs field prefixed with "userdb_"
-# string. For example:
-#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
-
-# Filter for password lookups
-pass_filter = (&(objectClass=mailUser)(uid=%n)(mailStatus=TRUE))
-
-# Default password scheme. "{scheme}" before password overrides this.
-# List of supported schemes is in: http://wiki.dovecot.org/Authentication
-#default_pass_scheme = CRYPT
-
-# You can use same UID and GID for all user accounts if you really want to.
-# If the UID/GID is still found from LDAP reply, it overrides these values.
-user_global_uid = mail
-user_global_gid = mail

Copied: trunk/doc/examples/dovecot/dovecot-ldap.conf.dist (from rev 185, trunk/doc/examples/dovecot/dovecot-ldap.conf)
===================================================================
--- trunk/doc/examples/dovecot/dovecot-ldap.conf.dist	                        (rev 0)
+++ trunk/doc/examples/dovecot/dovecot-ldap.conf.dist	2007-10-25 15:20:10 UTC (rev 186)
@@ -0,0 +1,116 @@
+# This file is opened as root, so it should be owned by root and mode 0600.
+#
+# NOTE: If you're not using authentication binds, you'll need to give
+# dovecot-auth read access to userPassword field in the LDAP server.
+# With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There should
+# already be something like this:
+
+# access to attribute=userPassword
+#        by dn="<dovecot's dn>" read # add this
+#        by anonymous auth
+#        by self write
+#        by * none
+
+# Space separated list of LDAP hosts to use. host:port is allowed too.
+hosts = 127.0.0.1
+
+# LDAP URIs to use. You can use this instead of hosts list. Note that this
+# setting isn't supported by all LDAP libraries.
+#uris = 
+
+# Distinguished Name - the username used to login to the LDAP server
+dn = 
+
+# Password for LDAP server
+dnpass = 
+
+# Use SASL binding instead of the simple binding. Note that this changes
+# ldap_version automatically to be 3 if it's lower. Also note that SASL binds
+# and auth_bind=yes don't work together.
+sasl_bind = no
+# SASL mechanism name to use.
+#sasl_mech =
+# SASL realm to use.
+#sasl_realm =
+# SASL authorization ID, ie. the dnpass is for this "master user", but the
+# dn is still the logged in user. Normally you want to keep this empty.
+#sasl_authz_id =
+
+# Use authentication binding for verifying password's validity. This works by
+# logging into LDAP server using the username and password given by client.
+# The pass_filter is used to find the DN for the user. Note that the pass_attrs
+# is still used, only the password field is ignored in it. Before doing any
+# search, the binding is switched back to the default DN.
+auth_bind = no
+
+# If authentication binding is used, you can save one LDAP request per login
+# if users' DN can be specified with a common template. The template can use
+# the standard %variables (see user_filter). Note that you can't
+# use any pass_attrs if you use this setting.
+#
+# If you use this setting, it's a good idea to use a different
+# dovecot-ldap.conf for userdb (it can even be a symlink, just as long as the
+# filename is different in userdb's args). That way one connection is used only
+# for LDAP binds and another connection is used for user lookups. Otherwise
+# the binding is changed to the default DN before each user lookup.
+#
+# For example:
+#   auth_bind_userdn = cn=%u,ou=people,o=org
+#
+#auth_bind_userdn = uid=%n,dc=%d,ou=domains,o=
+
+# LDAP protocol version to use. Likely 2 or 3.
+ldap_version = 3
+
+# LDAP base. %variables can be used here.
+base = 
+
+# Dereference: never, searching, finding, always
+deref = never
+
+# Search scope: base, onelevel, subtree
+scope = subtree
+
+# User attributes are given in LDAP-name=dovecot-internal-name list. The
+# internal names are:
+#   uid - System UID
+#   gid - System GID
+#   home - Home directory
+#   mail - Mail location
+#
+# There are also other special fields which can be returned, see
+# http://wiki.dovecot.org/UserDatabase/ExtraFields
+user_attrs = homeDirectory=home
+
+# Filter for user lookup. Some variables can be used (see
+# http://wiki.dovecot.org/Variables for full list):
+#   %u - username
+#   %n - user part in user@domain, same as %u if there's no domain
+#   %d - domain part in user@domain, empty if user there's no domain
+user_filter = (&(objectClass=mailUser)(uid=%n)(mailStatus=TRUE))
+
+# Password checking attributes:
+#  user: Virtual user name (user@domain), if you wish to change the
+#        user-given username to something else
+#  password: Password, may optionally start with {type}, eg. {crypt}
+# There are also other special fields which can be returned, see
+# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
+pass_attrs = uid=user,userPassword=password
+
+# If you wish to avoid two LDAP lookups (passdb + userdb), you can use
+# userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll
+# also have to include user_attrs in pass_attrs field prefixed with "userdb_"
+# string. For example:
+#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
+
+# Filter for password lookups
+pass_filter = (&(objectClass=mailUser)(uid=%n)(mailStatus=TRUE))
+
+# Default password scheme. "{scheme}" before password overrides this.
+# List of supported schemes is in: http://wiki.dovecot.org/Authentication
+#default_pass_scheme = CRYPT
+
+# You can use same UID and GID for all user accounts if you really want to.
+# If the UID/GID is still found from LDAP reply, it overrides these values.
+user_global_uid = mail
+user_global_gid = mail

Deleted: trunk/doc/examples/dovecot/dovecot.conf
===================================================================
--- trunk/doc/examples/dovecot/dovecot.conf	2007-10-25 14:47:22 UTC (rev 185)
+++ trunk/doc/examples/dovecot/dovecot.conf	2007-10-25 15:20:10 UTC (rev 186)
@@ -1,1040 +0,0 @@
-## Dovecot configuration file
-
-# If you're in a hurry, see http://wiki.dovecot.org/QuickConfiguration
-
-# '#' character and everything after it is treated as comments. Extra spaces
-# and tabs are ignored. If you want to use either of these explicitly, put the
-# value inside quotes, eg.: key = "# char and trailing whitespace  "
-
-# Default values are shown for each setting, it's not required to uncomment
-# any of the lines. Exception to this are paths, they're just examples with
-# the real defaults being based on configure options. The paths listed here
-# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
-# --with-ssldir=/etc/ssl
-
-# Base directory where to store runtime data.
-base_dir = /var/run/dovecot/
-
-# Protocols we want to be serving: imap imaps pop3 pop3s
-# If you only want to use dovecot-auth, you can set this to "none".
-protocols = imap pop3
-
-# IP or host address where to listen in for connections. It's not currently
-# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
-# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
-# interfaces depending on the operating system.
-#
-# If you want to specify ports for each service, you will need to configure
-# these settings inside the protocol imap/pop3 { ... } section, so you can
-# specify different ports for IMAP/POP3. For example:
-#   protocol imap {
-#     listen = *:10143
-#     ssl_listen = *:10943
-#     ..
-#   }
-#   protocol pop3 {
-#     listen = *:10100
-#     ..
-#   }
-listen = *
-
-# Disable LOGIN command and all other plaintext authentications unless
-# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
-# matches the local IP (ie. you're connecting from the same computer), the
-# connection is considered secure and plaintext authentication is allowed.
-disable_plaintext_auth = no
-
-# Should all IMAP and POP3 processes be killed when Dovecot master process
-# shuts down. Setting this to "no" means that Dovecot can be upgraded without
-# forcing existing client connections to close (although that could also be
-# a problem if the upgrade is eg. because of a security fix). This however
-# means that after master process has died, the client processes can't write
-# to log files anymore.
-shutdown_clients = yes
-
-##
-## Logging
-##
-
-# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
-# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
-#log_path = 
-
-# For informational messages, use this logfile instead of the default
-#info_log_path = 
-
-# Prefix for each line written to log file. % codes are in strftime(3)
-# format.
-#log_timestamp = "%b %d %H:%M:%S "
-log_timestamp = "%Y-%m-%d %H:%M:%S "
-
-# Syslog facility to use if you're logging to syslog. Usually if you don't
-# want to use "mail", you'll use local0..local7. Also other standard
-# facilities are supported.
-#syslog_facility = mail
-
-##
-## SSL settings
-##
-
-# IP or host address where to listen in for SSL connections. Defaults
-# to above if not specified.
-#ssl_listen =
-
-# Disable SSL/TLS support.
-ssl_disable = yes
-
-# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
-# dropping root privileges, so keep the key file unreadable by anyone but
-# root.
-#ssl_cert_file = /etc/ssl/certs/dovecot.pem
-#ssl_key_file = /etc/ssl/private/dovecot.pem
-
-# If key file is password protected, give the password here. Alternatively
-# give it when starting dovecot with -p parameter.
-#ssl_key_password =
-
-# File containing trusted SSL certificate authorities. Usually not needed.
-# The CAfile should contain the CA-certificate(s) followed by the matching 
-# CRL(s). CRL checking is new in dovecot .rc1
-#ssl_ca_file = 
-
-# Request client to send a certificate.
-#ssl_verify_client_cert = no
-
-# How often to regenerate the SSL parameters file. Generation is quite CPU
-# intensive operation. The value is in hours, 0 disables regeneration
-# entirely.
-#ssl_parameters_regenerate = 168
-
-# SSL ciphers to use
-#ssl_cipher_list = ALL:!LOW
-
-# Show protocol level SSL errors.
-#verbose_ssl = no
-
-##
-## Login processes
-##
-
-# Directory where authentication process places authentication UNIX sockets
-# which login needs to be able to connect to. The sockets are created when
-# running as root, so you don't have to worry about permissions. Note that
-# everything in this directory is deleted when Dovecot is started.
-login_dir = /var/run/dovecot/login
-
-# chroot login process to the login_dir. Only reason not to do this is if you
-# wish to run the whole Dovecot without roots.
-# http://wiki.dovecot.org/Rootless
-login_chroot = yes
-
-# User to use for the login process. Create a completely new user for this,
-# and don't use it anywhere else. The user must also belong to a group where
-# only it has access, it's used to control access for authentication process.
-# Note that this user is NOT used to access mails.
-# http://wiki.dovecot.org/UserIds
-login_user = dovecot
-
-# Set max. process size in megabytes. If you don't use
-# login_process_per_connection you might need to grow this.
-login_process_size = 64
-
-# Should each login be processed in it's own process (yes), or should one
-# login process be allowed to process multiple connections (no)? Yes is more
-# secure, espcially with SSL/TLS enabled. No is faster since there's no need
-# to create processes all the time.
-login_process_per_connection = no
-
-# Number of login processes to keep for listening new connections.
-login_processes_count = 5
-
-# Maximum number of login processes to create. The listening process count
-# usually stays at login_processes_count, but when multiple users start logging
-# in at the same time more extra processes are created. To prevent fork-bombing
-# we check only once in a second if new processes should be created - if all
-# of them are used at the time, we double their amount until the limit set by
-# this setting is reached.
-login_max_processes_count = 128
-
-# Maximum number of connections allowed per each login process. This setting
-# is used only if login_process_per_connection=no. Once the limit is reached,
-# the process notifies master so that it can create a new login process.
-# You should make sure that the process has at least
-# 16 + login_max_connections * 2 available file descriptors.
-login_max_connections = 256
-
-# Greeting message for clients.
-login_greeting = Dovecot ready.
-
-# Space-separated list of elements we want to log. The elements which have
-# a non-empty variable value are joined together to form a comma-separated
-# string.
-login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
-
-# Login log format. %$ contains login_log_format_elements string, %s contains
-# the data we want to log.
-#login_log_format = %$: %s
-
-##
-## Mailbox locations and namespaces
-##
-
-# Location for users' mailboxes. This is the same as the old default_mail_env
-# setting. The default is empty, which means that Dovecot tries to find the
-# mailboxes automatically. This won't work if the user doesn't have any mail
-# yet, so you should explicitly tell Dovecot the full location.
-#
-# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
-# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
-# and where Dovecot can place its index files. This is called the "root mail
-# directory", and it must be the first path given in the mail_location setting.
-#
-# There are a few special variables you can use, eg.:
-#
-#   %u - username
-#   %n - user part in user@domain, same as %u if there's no domain
-#   %d - domain part in user@domain, empty if there's no domain
-#   %h - home directory
-#
-# See /usr/share/doc/dovecot-common/variables.txt for full list. Some examples:
-#
-#   mail_location = maildir:~/Maildir
-#   mail_location = mbox:~/mail:INBOX=/var/mail/%u
-#   mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
-#
-# http://wiki.dovecot.org/MailLocation
-#
-#mail_location = 
-
-# If you need to set multiple mailbox locations or want to change default
-# namespace settings, you can do it by defining namespace sections:
-#
-# You can have private, shared and public namespaces. The only difference
-# between them is how Dovecot announces them to client via NAMESPACE
-# extension. Shared namespaces are meant for user-owned mailboxes which are
-# shared to other users, while public namespaces are for more globally
-# accessible mailboxes.
-#
-# REMEMBER: If you add any namespaces, the default namespace must be added
-# explicitly, ie. mail_location does nothing unless you have a namespace
-# without a location setting. Default namespace is simply done by having a
-# namespace with empty prefix.
-#namespace private {
-   # Hierarchy separator to use. You should use the same separator for all
-   # namespaces or some clients get confused. '/' is usually a good one.
-   # The default however depends on the underlying mail storage format.
-   #separator = 
-
-   # Prefix required to access this namespace. This needs to be different for
-   # all namespaces. For example "Public/".
-   #prefix = 
-
-   # Physical location of the mailbox. This is in same format as
-   # mail_location, which is also the default for it.
-   #location =
-
-   # There can be only one INBOX, and this setting defines which namespace
-   # has it.
-   #inbox = yes
-
-   # If namespace is hidden, it's not advertised to clients via NAMESPACE
-   # extension or shown in LIST replies. This is mostly useful when converting
-   # from another server with different namespaces which you want to depricate
-   # but still keep working. For example you can create hidden namespaces with
-   # prefixes "~/mail/", "~%u/mail/" and "mail/".
-   #hidden = yes
-#}
-
-# Grant access to these extra groups for mail processes. Typical use would be
-# to give "mail" group write access to /var/mail to be able to create dotlocks.
-# The dovecot processes get these groups' privileges in addition to the dovecot
-# ones; the list of groups must be separated by spaces.
-#mail_extra_groups =
-
-# Allow full filesystem access to clients. There's no access checks other than
-# what the operating system does for the active UID/GID. It works with both
-# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
-# or ~user/.
-#mail_full_filesystem_access = no
-
-##
-## Mail processes
-##
-
-# Enable mail process debugging. This can help you figure out why Dovecot
-# isn't finding your mails.
-#mail_debug = no
-
-# Log prefix for mail processes. See
-# /usr/share/doc/dovecot-common/variables.txt for list of possible
-# variables you can use.
-#mail_log_prefix = "%Us(%u): "
-
-# Use mmap() instead of read() to read mail files. read() seems to be a bit
-# faster with my Linux/x86 and it's better with NFS, so that's the default.
-# Note that OpenBSD 3.3 and older don't work right with mail_read_mmaped = yes.
-#mail_read_mmaped = no
-
-# Don't use mmap() at all. This is required if you store indexes to shared
-# filesystems (NFS or clustered filesystem).
-#mmap_disable = no
-
-# Don't write() to mmaped files. This is required for some operating systems
-# which use separate caches for them, such as OpenBSD.
-#mmap_no_write = no
-
-# Locking method for index files. Alternatives are fcntl, flock and dotlock.
-# Dotlocking uses some tricks which may create more disk I/O than other locking
-# methods. NOTE: If you use NFS, remember to change also mmap_disable setting!
-#lock_method = fcntl
-
-# Drop all privileges before exec()ing the mail process. This is mostly
-# meant for debugging, otherwise you don't get core dumps. It could be a small
-# security risk if you use single UID for multiple users, as the users could
-# ptrace() each others processes then.
-#mail_drop_priv_before_exec = no
-
-# Show more verbose process titles (in ps). Currently shows user name and
-# IP address. Useful for seeing who are actually using the IMAP processes
-# (eg. shared mailboxes or if same uid is used for multiple accounts).
-#verbose_proctitle = no
-
-# Valid UID range for users, defaults to 500 and above. This is mostly
-# to make sure that users can't log in as daemons or other system users.
-# Note that denying root logins is hardcoded to dovecot binary and can't
-# be done even if first_valid_uid is set to 0.
-first_valid_uid = 8
-last_valid_uid = 8
-
-# Valid GID range for users, defaults to non-root/wheel. Users having
-# non-valid GID as primary group ID aren't allowed to log in. If user
-# belongs to supplementary groups with non-valid GIDs, those groups are
-# not set.
-first_valid_gid = 8
-last_valid_gid = 8
-
-# Maximum number of running mail processes. When this limit is reached,
-# new users aren't allowed to log in.
-#max_mail_processes = 1024
-
-# Set max. process size in megabytes. Most of the memory goes to mmap()ing
-# files, so it shouldn't harm much even if this limit is set pretty high.
-#mail_process_size = 256
-
-# Maximum allowed length for mail keyword name. It's only forced when trying
-# to create new keywords.
-#mail_max_keyword_length = 50
-
-# Default umask to use for mail files and directories.
-#umask = 0077
-
-# ':' separated list of directories under which chrooting is allowed for mail
-# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
-# This setting doesn't affect login_chroot or auth_chroot variables.
-# WARNING: Never add directories here which local users can modify, that
-# may lead to root exploit. Usually this should be done only if you don't
-# allow shell access for users. See
-# /usr/share/doc/dovecot-common/configuration.txt for more information.
-valid_chroot_dirs = /var/mailhome
-
-# Default chroot directory for mail processes. This can be overridden for
-# specific users in user database by giving /./ in user's home directory
-# (eg. /home/./user chroots into /home). Note that usually there is no real
-# need to do chrooting, Dovecot doesn't allow users to access files outside
-# their mail directory anyway.
-#mail_chroot = 
-
-##
-## Mailbox handling optimizations
-##
-
-# Space-separated list of fields to initially save into cache file. Currently
-# these fields are allowed:
-#
-#  flags, date.sent, date.received, size.virtual, size.physical
-#  mime.parts, imap.body, imap.bodystructure
-#
-# Different IMAP clients work in different ways, so they benefit from
-# different cached fields. Some do not benefit from them at all. Caching more
-# than necessary generates useless disk I/O, so you don't want to do that
-# either.
-#
-# Dovecot attempts to automatically figure out what client wants and it keeps
-# only that. However the first few times a mailbox is opened, Dovecot hasn't
-# yet figured out what client needs, so it may not perform optimally. If you
-# know what fields the majority of your clients need, it may be useful to set
-# these fields by hand. If client doesn't actually use them, Dovecot will
-# eventually drop them.
-#
-# Usually you should just leave this field alone. The potential benefits are
-# typically unnoticeable.
-#mail_cache_fields = 
-
-# Space-separated list of fields that Dovecot should never save to cache file.
-# Useful if you want to save disk space at the cost of more I/O when the fields
-# needed.
-#mail_never_cache_fields = 
-
-# The minimum number of mails in a mailbox before updates are done to cache
-# file. This allows optimizing Dovecot's behavior to do less disk writes at
-# the cost of more disk reads.
-#mail_cache_min_mail_count = 0
-
-# When IDLE command is running, mailbox is checked once in a while to see if
-# there are any new mails or other changes. This setting defines the minimum
-# time to wait between those checks. Dovecot is however able to use dnotify
-# and inotify with Linux to reply immediately after the change occurs.
-#mailbox_idle_check_interval = 30
-
-# Save mails with CR+LF instead of plain LF. This makes sending those mails
-# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
-# But it also creates a bit more disk I/O which may just make it slower.
-# Also note that if other software reads the mboxes/maildirs, they may handle
-# the extra CRs wrong and cause problems.
-#mail_save_crlf = no
-
-##
-## Maildir-specific settings
-##
-
-# By default LIST command returns all entries in maildir beginning with dot.
-# Enabling this option makes Dovecot return only entries which are directories.
-# This is done by stat()ing each entry, so it causes more disk I/O.
-# (For systems setting struct dirent->d_type, this check is free and it's
-# done always regardless of this setting)
-#maildir_stat_dirs = no
-
-# Copy mail to another folders using hard links. This is much faster than
-# actually copying the file. This is problematic only if something modifies
-# the mail in one folder but doesn't want it modified in the others. I don't
-# know any MUA which would modify mail files directly. IMAP protocol also
-# requires that the mails don't change, so it would be problematic in any case.
-# If you care about performance, enable it.
-#maildir_copy_with_hardlinks = yes
-
-##
-## mbox-specific settings
-##
-
-# Which locking methods to use for locking mbox. There are four available:
-#  dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
-#           solution. If you want to use /var/mail/ like directory, the users
-#           will need write access to that directory.
-#  fcntl  : Use this if possible. Works with NFS too if lockd is used.
-#  flock  : May not exist in all systems. Doesn't work with NFS.
-#  lockf  : May not exist in all systems. Doesn't work with NFS.
-#
-# You can use multiple locking methods; if you do the order they're declared
-# in is important to avoid deadlocks if other MTAs/MUAs are using multiple
-# locking methods as well. Some operating systems don't allow using some of
-# them simultaneously.
-#mbox_read_locks = fcntl
-#mbox_write_locks = dotlock fcntl
-
-# Maximum time in seconds to wait for lock (all of them) before aborting.
-#mbox_lock_timeout = 300
-
-# If dotlock exists but the mailbox isn't modified in any way, override the
-# lock file after this many seconds.
-#mbox_dotlock_change_timeout = 120
-
-# When mbox changes unexpectedly we have to fully read it to find out what
-# changed. If the mbox is large this can take a long time. Since the change
-# is usually just a newly appended mail, it'd be faster to simply read the
-# new mails. If this setting is enabled, Dovecot does this but still safely
-# fallbacks to re-reading the whole mbox file whenever something in mbox isn't
-# how it's expected to be. The only real downside to this setting is that if
-# some other MUA changes message flags, Dovecot doesn't notice it immediately.
-# Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK 
-# commands.
-#mbox_dirty_syncs = yes
-
-# Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE,
-# EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored.
-#mbox_very_dirty_syncs = no
-
-# Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK
-# commands and when closing the mailbox). This is especially useful for POP3
-# where clients often delete all mails. The downside is that our changes
-# aren't immediately visible to other MUAs.
-#mbox_lazy_writes = yes
-
-# If mbox size is smaller than this (in kilobytes), don't write index files.
-# If an index file already exists it's still read, just not updated.
-#mbox_min_index_size = 0
-
-##
-## dbox-specific settings
-##
-
-# Maximum dbox file size in kilobytes until it's rotated.
-#dbox_rotate_size = 2048
-
-# Minimum dbox file size in kilobytes before it's rotated
-# (overrides dbox_rotate_days)
-#dbox_rotate_min_size = 16
-
-# Maximum dbox file age in days until it's rotated. Day always begins from
-# midnight, so 1 = today, 2 = yesterday, etc. 0 = check disabled.
-#dbox_rotate_days = 0
-
-##
-## IMAP specific settings
-##
-
-protocol imap {
-  # Login executable location.
-  #login_executable = /usr/lib/dovecot/imap-login
-
-  # IMAP executable location. Changing this allows you to execute other
-  # binaries before the imap process is executed.
-  #
-  # This would write rawlogs into ~/dovecot.rawlog/ directory:
-  #   mail_executable = /usr/lib/dovecot/rawlog /usr/lib/dovecot/imap
-  #
-  # This would attach gdb into the imap process and write backtraces into
-  # /tmp/gdbhelper.* files:
-  #   mail_executable = /usr/libexec/dovecot/gdbhelper /usr/libexec/dovecot/imap
-  #
-  #mail_executable = /usr/lib/dovecot/imap
-
-  # Maximum IMAP command line length in bytes. Some clients generate very long
-  # command lines with huge mailboxes, so you may need to raise this if you get
-  # "Too long argument" or "IMAP command line too large" errors often.
-  #imap_max_line_length = 65536
-
-  # Support for dynamically loadable plugins. mail_plugins is a space separated
-  # list of plugins to load.
-  #mail_plugins = 
-  #mail_plugin_dir = /usr/lib/dovecot/modules/imap
-
-  # Send IMAP capabilities in greeting message. This makes it unnecessary for
-  # clients to request it with CAPABILITY command, so it saves one round-trip.
-  # Many clients however don't understand it and ask the CAPABILITY anyway.
-  #login_greeting_capability = no
-
-  # Override the IMAP CAPABILITY response.
-  #imap_capability = 
-
-  # Workarounds for various client bugs:
-  #   delay-newmail:
-  #     Send EXISTS/RECENT new mail notifications only when replying to NOOP
-  #     and CHECK commands. Some clients ignore them otherwise, for example
-  #     OSX Mail. Outlook Express breaks more badly though, without this it
-  #     may show user "Message no longer in server" errors. Note that OE6 still
-  #     breaks even with this workaround if synchronization is set to
-  #     "Headers Only".
-  #   outlook-idle:
-  #     Outlook and Outlook Express never abort IDLE command, so if no mail
-  #     arrives in half a hour, Dovecot closes the connection. This is still
-  #     fine, except Outlook doesn't connect back so you don't see if new mail
-  #     arrives.
-  #   netscape-eoh:
-  #     Netscape 4.x breaks if message headers don't end with the empty "end of
-  #     headers" line. Normally all messages have this, but setting this
-  #     workaround makes sure that Netscape never breaks by adding the line if
-  #     it doesn't exist. This is done only for FETCH BODY[HEADER.FIELDS..]
-  #     commands. Note that RFC says this shouldn't be done.
-  #   tb-extra-mailbox-sep:
-  #     With mbox storage a mailbox can contain either mails or submailboxes,
-  #     but not both. Thunderbird separates these two by forcing server to
-  #     accept '/' suffix in mailbox names in subscriptions list.
-  # The list is space-separated.
-  imap_client_workarounds = outlook-idle delay-newmail
-}
-
-##
-## POP3 specific settings
-##
-
-protocol pop3 {
-  # Login executable location.
-  #login_executable = /usr/lib/dovecot/pop3-login
-
-  # POP3 executable location. See IMAP's mail_executable above for examples
-  # how this could be changed.
-  #mail_executable = /usr/lib/dovecot/pop3
-
-  # Don't try to set mails non-recent or seen with POP3 sessions. This is
-  # mostly intended to reduce disk I/O. With maildir it doesn't move files
-  # from new/ to cur/, with mbox it doesn't write Status-header.
-  #pop3_no_flag_updates = no
-
-  # Support LAST command which exists in old POP3 specs, but has been removed
-  # from new ones. Some clients still wish to use this though. Enabling this
-  # makes RSET command clear all \Seen flags from messages.
-  #pop3_enable_last = no
-
-  # If mail has X-UIDL header, use it as the mail's UIDL.
-  #pop3_reuse_xuidl = no
-
-  # Keep the mailbox locked for the entire POP3 session.
-  #pop3_lock_session = no
-
-  # POP3 UIDL format to use. You can use following variables:
-  #
-  #  %v - Mailbox UIDVALIDITY
-  #  %u - Mail UID
-  #  %m - MD5 sum of the mailbox headers in hex (mbox only)
-  #  %f - filename (maildir only)
-  #
-  # If you want UIDL compatibility with other POP3 servers, use:
-  #  UW's ipop3d         : %08Xv%08Xu
-  #  Courier version 0   : %f
-  #  Courier version 1   : %u
-  #  Courier version 2   : %v-%u
-  #  Cyrus (<= 2.1.3)    : %u
-  #  Cyrus (>= 2.1.4)    : %v.%u
-  #  Older Dovecots      : %v.%u
-  #  tpop3d              : %Mf
-  #
-  # Note that Outlook 2003 seems to have problems with %v.%u format which was
-  # Dovecot's default, so if you're building a new server it would be a good
-  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
-  #
-  # NOTE: Nowadays this is required to be set explicitly, since the old
-  # default was bad but it couldn't be changed without breaking existing
-  # installations. %08Xu%08Xv will be the new default, so use it for new
-  # installations.
-  #
-  pop3_uidl_format = %08Xu%08Xv
-
-  # POP3 logout format string:
-  #  %t - number of TOP commands
-  #  %p - number of bytes sent to client as a result of TOP command
-  #  %r - number of RETR commands
-  #  %b - number of bytes sent to client as a result of RETR command
-  #  %d - number of deleted messages
-  #  %m - number of messages (before deletion)
-  #  %s - mailbox size in bytes (before deletion)
-  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
-
-  # Support for dynamically loadable plugins. mail_plugins is a space separated
-  # list of plugins to load.
-  #mail_plugins = 
-  #mail_plugin_dir = /usr/lib/dovecot/modules/pop3
-
-  # Workarounds for various client bugs:
-  #   outlook-no-nuls:
-  #     Outlook and Outlook Express hang if mails contain NUL characters.
-  #     This setting replaces them with 0x80 character.
-  #   oe-ns-eoh:
-  #     Outlook Express and Netscape Mail breaks if end of headers-line is
-  #     missing. This option simply sends it if it's missing.
-  # The list is space-separated.
-  pop3_client_workarounds =  outlook-no-nuls oe-ns-eoh
-}
-
-##
-## LDA specific settings
-##
-
-# protocol lda {
-  # Address to use when sending rejection mails.
-  # postmaster_address = pos...@ex...
-
-  # Hostname to use in various parts of sent mails, eg. in Message-Id.
-  # Default is the system's real hostname.
-  #hostname = 
-
-  # Support for dynamically loadable plugins. mail_plugins is a space separated
-  # list of plugins to load.
-  #mail_plugins = 
-  #mail_plugin_dir = /usr/lib/dovecot/modules/lda
-
-  # Binary to use for sending mails.
-  #sendmail_path = /usr/lib/sendmail
-
-  # UNIX socket path to master authentication server to find users.
-  #auth_socket_path = /var/run/dovecot/auth-master
-
-  # Enabling Sieve plugin for server-side mail filtering
-  # mail_plugins = cmusieve
-# }
-
-##
-## Authentication processes
-##
-
-# Executable location
-#auth_executable = /usr/lib/dovecot/dovecot-auth
-
-# Set max. process size in megabytes.
-#auth_process_size = 256
-
-# Authentication cache size in kilobytes. 0 means it's disabled.
-# Note that bsdauth, PAM and vpopmail require cache_key to be set for caching
-# to be used. Also note that currently auth cache doesn't work very well if 
-# you're using multiple passdbs with same usernames in them.
-#auth_cache_size = 0
-# Time to live in seconds for cached data. After this many seconds the cached
-# record is no longer used, *except* if the main database lookup returns
-# internal failure. We also try to handle password changes automatically: If
-# user's previous authentication was successful, but this one wasn't, the
-# cache isn't used. For now this works only with plaintext authentication.
-#auth_cache_ttl = 3600
-
-# Space separated list of realms for SASL authentication mechanisms that need
-# them. You can leave it empty if you don't want to support multiple realms.
-# Many clients simply use the first one listed here, so keep the default realm
-# first.
-#auth_realms =
-
-# Default realm/domain to use if none was specified. This is used for both
-# SASL realms and appending @domain to username in plaintext logins.
-#auth_default_realm = 
-
-# List of allowed characters in username. If the user-given username contains
-# a character not listed in here, the login automatically fails. This is just
-# an extra check to make sure user can't exploit any potential quote escaping
-# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
-# set this value to empty.
-#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
-
-# Username character translations before it's looked up from databases. The
-# value contains series of from -> to characters. For example "#@/@" means
-# that '#' and '/' characters are translated to '@'.
-#auth_username_translation =
-
-# Username formatting before it's looked up from databases. You can use
-# the standard variables here, eg. %Lu would lowercase the username, %n would
-# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into
-# "-AT-". This translation is done after auth_username_translation changes.
-#auth_username_format =
-
-# If you want to allow master users to log in by specifying the master
-# username within the normal username string (ie. not using SASL mechanism's
-# support for it), you can specify the separator character here. The format
-# is then <username><separator><master username>. UW-IMAP uses "*" as the
-# separator, so that could be a good choice.
-#auth_master_user_separator =
-
-# Username to use for users logging in with ANONYMOUS SASL mechanism
-#auth_anonymous_username = anonymous
-
-# More verbose logging. Useful for figuring out why authentication isn't
-# working.
-auth_verbose = no
-
-# Even more verbose logging for debugging purposes. Shows for example SQL
-# queries.
-auth_debug = no
-
-# In case of password mismatches, log the passwords and used scheme so the
-# problem can be debugged. Requires auth_debug=yes to be set.
-auth_debug_passwords = no
-
-# Maximum number of dovecot-auth worker processes. They're used to execute
-# blocking passdb and userdb queries (eg. MySQL and PAM). They're
-# automatically created and destroyed as needed.
-#auth_worker_max_count = 30
-
-# Kerberos keytab to use for the GSSAPI mechanism. Will use the system 
-# default (usually /etc/krb5.keytab) if not specified.
-#auth_krb5_keytab = 
-
-auth default {
-  # Space separated list of wanted authentication mechanisms:
-  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
-  mechanisms = plain
-
-  #
-  # Password database is used to verify user's password (and nothing more).
-  # You can have multiple passdbs and userdbs. This is useful if you want to
-  # allow both system users (/etc/passwd) and virtual users to login without
-  # duplicating the system users into virtual database.
-  #
-  # http://wiki.dovecot.org/PasswordDatabase
-  #
-  # By adding master=yes setting inside a passdb you make the passdb a list
-  # of "master users", who can log in as anyone else. Unless you're using PAM,
-  # you probably still want the destination user to be looked up from passdb
-  # that it really exists. This can be done by adding pass=yes setting to the
-  # master passdb.
-  #
-  # http://wiki.dovecot.org/MasterPassword
-
-  # Users can be temporarily disabled by adding a passdb with deny=yes.
-  # If the user is found from that database, authentication will fail.
-  # The deny passdb should always be specified before others, so it gets
-  # checked first. Here's an example:
-
-  #passdb passwd-file {
-    # File contains a list of usernames, one per line
-    #args = /etc/dovecot.deny
-    #deny = yes
-  #}
-
-  # PAM authentication. Preferred nowadays by most systems. 
-  # Note that PAM can only be used to verify if user's password is correct,
-  # so it can't be used as userdb. If you don't want to use a separate user
-  # database (passwd usually), you can use static userdb.
-  # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
-  # authentication to actually work.
-  # http://wiki.dovecot.org/PasswordDatabase/PAM
-  #passdb pam {
-    #  [session=yes] [setcred=yes] [cache_key=<key>] [<service name>]
-    #
-    # session=yes makes Dovecot open and immediately close PAM session. Some
-    # PAM plugins need this to work, such as pam_mkhomedir.
-    #
-    # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins
-    # need that. They aren't ever deleted though, so this isn't enabled by
-    # default.
-    #
-    # cache_key can be used to enable authentication caching for PAM
-    # (auth_cache_size also needs to be set). It isn't enabled by default
-    # because PAM modules can do all kinds of checks besides checking password,
-    # such as checking IP address. Dovecot can't know about these checks
-    # without some help. cache_key is simply a list of variables (see
-    # /usr/share/doc/dovecot-common/variables.txt) which must match for
-    # the cached data to be used.
-    # Here are some examples:
-    #   %u - Username must match. Probably sufficient for most uses.
-    #   %u%r - Username and remote IP address must match.
-    #   %u%s - Username and service (ie. IMAP, POP3) must match.
-    # 
-    # If service name is "*", it means the authenticating service name
-    # is used, eg. pop3 or imap (/etc/pam.d/pop3, /etc/pam.d/imap).
-    #
-    # Some examples:
-    #   args = session=yes *
-    #   args = cache_key=%u dovecot
-    #args = dovecot
-  #}
-
-  # /etc/passwd or similar, using getpwnam()
-  # In many systems nowadays this uses Name Service Switch, which is
-  # configured in /etc/nsswitch.conf.
-  # http://wiki.dovecot.org/AuthDatabase/Passwd
-  #passdb passwd {
-  #}
-
-  # /etc/shadow or similiar, using getspnam(). Deprecated by PAM nowadays.
-  # http://wiki.dovecot.org/PasswordDatabase/Shadow
-  #passdb shadow {
-  #}
-
-  # PAM-like authentication for OpenBSD.
-  # http://wiki.dovecot.org/PasswordDatabase/BSDAuth
-  #passdb bsdauth {
-    # [cache_key=<key>] - See cache_key in PAM for explanation.
-    #args =
-  #}
-
-  # passwd-like file with specified location
-  # http://wiki.dovecot.org/AuthDatabase/PasswdFile
-  #passdb passwd-file {
-    # Path for passwd-file
-    #args = 
-  #}
-
-  # checkpassword executable authentication
-  # NOTE: You will probably want to use "userdb prefetch" with this.
-  # http://wiki.dovecot.org/PasswordDatabase/CheckPassword
-  #passdb checkpassword {
-    # Path for checkpassword binary
-    #args = 
-  #}
-
-  # SQL database
-  # http://wiki.dovecot.org/AuthDatabase/SQL
-  #passdb sql {
-    # Path for SQL configuration file, see /etc/dovecot/dovecot-sql.conf for example
-    #args = 
-  #}
-
-  # LDAP database
-  # http://wiki.dovecot.org/AuthDatabase/LDAP
-  passdb ldap {
-    # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for example
-    args =  /etc/dovecot/dovecot-ldap.conf
-  }
-
-  # vpopmail authentication
-  # http://wiki.dovecot.org/AuthDatabase/VPopMail
-  #passdb vpopmail {
-    # [cache_key=<key>] - See cache_key in PAM for explanation.
-    #args =
-  #}
-
-  #
-  # User database specifies where mails are located and what user/group IDs
-  # own them. For single-UID configuration use "static".
-  #
-  # http://wiki.dovecot.org/UserDatabase
-  #
-
-  # /etc/passwd or similar, using getpwnam()
-  # In many systems nowadays this uses Name Service Switch, which is
-  # configured in /etc/nsswitch.conf. WARNING: nss_ldap is known to be broken
-  # with Dovecot. Don't use it, or users might log in as each others!
-  # http://wiki.dovecot.org/AuthDatabase/Passwd
-  #userdb passwd {
-  #}
-
-  # passwd-like file with specified location
-  # http://wiki.dovecot.org/AuthDatabase/PasswdFile
-  #userdb passwd-file {
-    # Path for passwd-file
-    #args =
-  #}
-
-  # static settings generated from template
-  # http://wiki.dovecot.org/UserDatabase/Static
-  #userdb static {
-    # Template for the fields. Can return anything a userdb could normally
-    # return. For example:
-    #
-    #  args = uid=500 gid=500 home=/var/mail/%u
-    #
-    #args =
-  #}
-
-  # SQL database
-  # http://wiki.dovecot.org/AuthDatabase/SQL
-  #userdb sql {
-    # Path for SQL configuration file, see /etc/dovecot/dovecot-sql.conf for example
-    #args = 
-  #}
-
-  # LDAP database
-  # http://wiki.dovecot.org/AuthDatabase/LDAP
-  userdb ldap {
-    # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for example
-    args = /etc/dovecot/dovecot-ldap.conf
-  }
-
-  # vpopmail
-  # http://wiki.dovecot.org/AuthDatabase/VPopMail
-  #userdb vpopmail {
-  #}
-
-  # "prefetch" user database means that the passdb already provided the
-  # needed information and there's no need to do a separate userdb lookup.
-  # This can be made to work with SQL and LDAP databases, see their example
-  # configuration files for more information how to do it.
-  # http://wiki.dovecot.org/UserDatabase/Prefetch
-  #userdb prefetch {
-  #}
-
-  # User to use for the process. This user needs access to only user and
-  # password databases, nothing else. Only shadow and pam authentication
-  # requires roots, so use something else if possible. Note that passwd
-  # authentication with BSDs internally accesses shadow files, which also
-  # requires roots. Note that this user is NOT used to access mails.
-  # That user is specified by userdb above.
-  #user = root
-
-  # Directory where to chroot the process. Most authentication backends don't
-  # work if this is set, and there's no point chrooting if auth_user is root.
-  # Note that valid_chroot_dirs isn't needed to use this setting.
-  #chroot = 
-
-  # Number of authentication processes to create
-  #count = 1
-
-  # Require a valid SSL client certificate or the authentication fails.
-  #ssl_require_client_cert = no
-
-  # Take the username from client's SSL certificate, using 
-  # X509_NAME_get_text_by_NID() which returns the subject's DN's
-  # CommonName. 
-  #ssl_username_from_cert = no
-
-  # It's possible to export the authentication interface to other programs:
-  #socket listen {
-    #master {
-      # Master socket is typically used to give Dovecot's local delivery
-      # agent access to userdb so it can find mailbox locations. It can
-      # however also be used to disturb regular user authentications.
-      # WARNING: Giving untrusted users access to master socket may be a 
-      # security risk, don't give too wide permissions to it!
-      #path = /var/run/dovecot/auth-master
-      #mode = 0600
-      # Default user/group is the one who started dovecot-auth (root)
-      #user = 
-      #group = 
-    #}
-    #client {
-      # The client socket is generally safe to export to everyone. Typical use
-      # is to export it to your SMTP server so it can do SMTP AUTH lookups
-      # using it.
-      #path = /var/run/dovecot/auth-client
-      #mode = 0660
-    #}
-  #}
-
-  ## dovecot-lda specific settings
-  ##
-  # socket listen {
-  #   master {
-  #     path = /var/run/dovecot/auth-master
-  #     mode = 0600
-  #     user = mail # User running Dovecot LDA
-  #     #group = mail # Or alternatively mode 0660 + LDA user in this group
-  #   }
-  # }
-
-}
-
-# If you wish to use another authentication server than dovecot-auth, you can
-# use connect sockets. They assumed to be already running, Dovecot's master
-# process only tries to connect to them. They don't need any other settings
-# than the path for the master socket, as the configuration is done elsewhere.
-# Note that the client sockets must exist in the login_dir.
-#auth external {
-#  socket connect {
-#    master {
-#      path = /var/run/dovecot/auth-master
-#    }
-#  }
-#}
-
-##
-## Dictionary server settings
-##
-
-# Dictionary can be used by some plugins to store key=value lists.
-# Currently this is only used by dict quota backend. The dictionary can be
-# used either directly or though a dictionary server. The following dict block
-# maps dictionary names to URIs when the server is used. These can then be
-# referenced using URIs in format "proxy:<name>".
-
-#dict {
-  #quota = mysql:/etc/dovecot-dict-quota.conf 
-#}
-
-##
-## Plugin settings
-##
-
-#plugin {
-  # Here you can give some extra environment variables to mail processes.
-  # This is mostly meant for passing parameters to plugins. %variable
-  # expansion is done for all values.
-
-  # Quota plugin. Multiple backends are supported:
-  #   dirsize: Find and sum all the files found from mail directory
-  #   dict: Keep quota stored in dictionary (eg. SQL)
-  #   maildir: Maildir++ quota
-  #   fs: Read-only support for filesystem quota
-  #quota = maildir
-
-  # ACL plugin. vfile backend reads ACLs from "dovecot-acl" file from maildir
-  # directory. You can also optionally give a global ACL directory path where
-  # ACLs are applied to all users' mailboxes. The global ACL directory contains
-  # one file for each mailbox, eg. INBOX or sub.mailbox.
-  #acl = vfile:/etc/dovecot-acls
-
-  # Convert plugin. If set, specifies the source storage path which is
-  # converted to destination storage (mail_location).
-  #convert_mail = mbox:%h/mail
-
-  # Trash plugin. When saving a message would make user go over quota, this
-  # plugin automatically deletes the oldest mails from configured mailboxes
-  # until the message can be saved within quota limits. The configuration file
-  # is a text file where each line is in format: <priority> <mailbox name>
-  # Mails are first deleted in lowest -> highest priority number order
-  #trash = /etc/dovecot-trash.conf
-#}

Copied: trunk/doc/examples/dovecot/dovecot.conf.dist (from rev 185, trunk/doc/examples/dovecot/dovecot.conf)
===================================================================
--- trunk/doc/examples/dovecot/dovecot.conf.dist	                        (rev 0)
+++ trunk/doc/examples/dovecot/dovecot.conf.dist	2007-10-25 15:20:10 UTC (rev 186)
@@ -0,0 +1,1040 @@
+## Dovecot configuration file
+
+# If you're in a hurry, see http://wiki.dovecot.org/QuickConfiguration
+
+# '#' character and everything after it is treated as comments. Extra spaces
+# and tabs are ignored. If you want to use either of these explicitly, put the
+# value inside quotes, eg.: key = "# char and trailing whitespace  "
+
+# Default values are shown for each setting, it's not required to uncomment
+# any of the lines. Exception to this are paths, they're just examples with
+# the real defaults being based on configure options. The paths listed here
+# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
+# --with-ssldir=/etc/ssl
+
+# Base directory where to store runtime data.
+base_dir = /var/run/dovecot/
+
+# Protocols we want to be serving: imap imaps pop3 pop3s
+# If you only want to use dovecot-auth, you can set this to "none".
+protocols = imap pop3
+
+# IP or host address where to listen in for connections. It's not currently
+# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
+# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
+# interfaces depending on the operating system.
+#
+# If you want to specify ports for each service, you will need to configure
+# these settings inside the protocol imap/pop3 { ... } section, so you can
+# specify different ports for IMAP/POP3. For example:
+#   protocol imap {
+#     listen = *:10143
+#     ssl_listen = *:10943
+#     ..
+#   }
+#   protocol pop3 {
+#     listen = *:10100
+#     ..
+#   }
+listen = *
+
+# Disable LOGIN command and all other plaintext authentications unless
+# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
+# matches the local IP (ie. you're connecting from the same computer), the
+# connection is considered secure and plaintext authentication is allowed.
+disable_plaintext_auth = no
+
+# Should all IMAP and POP3 processes be killed when Dovecot master process
+# shuts down. Setting this to "no" means that Dovecot can be upgraded without
+# forcing existing client connections to close (although that could also be
+# a problem if the upgrade is eg. because of a security fix). This however
+# means that after master process has died, the client processes can't write
+# to log files anymore.
+shutdown_clients = yes
+
+##
+## Logging
+##
+
+# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
+# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
+#log_path = 
+
+# For informational messages, use this logfile instead of the default
+#info_log_path = 
+
+# Prefix for each line written to log file. % codes are in strftime(3)
+# format.
+#log_timestamp = "%b %d %H:%M:%S "
+log_timestamp = "%Y-%m-%d %H:%M:%S "
+
+# Syslog facility to use if you're logging to syslog. Usually if you don't
+# want to use "mail", you'll use local0..local7. Also other standard
+# facilities are supported.
+#syslog_facility = mail
+
+##
+## SSL settings
+##
+
+# IP or host address where to listen in for SSL connections. Defaults
+# to above if not specified.
+#ssl_listen =
+
+# Disable SSL/TLS support.
+ssl_disable = yes
+
+# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+# dropping root privileges, so keep the key file unreadable by anyone but
+# root.
+#ssl_cert_file = /etc/ssl/certs/dovecot.pem
+#ssl_key_file = /etc/ssl/private/dovecot.pem
+
+# If key file is password protected, give the password here. Alternatively
+# give it when starting dovecot with -p parameter.
+#ssl_key_password =
+
+# File containing trusted SSL certificate authorities. Usually not needed.
+# The CAfile should contain the CA-certificate(s) followed by the matching 
+# CRL(s). CRL checking is new in dovecot .rc1
+#ssl_ca_file = 
+
+# Request client to send a certificate.
+#ssl_verify_client_cert = no
+
+# How often to regenerate the SSL parameters file. Generation is quite CPU
+# intensive operation. The value is in hours, 0 disables regeneration
+# entirely.
+#ssl_parameters_regenerate = 168
+
+# SSL ciphers to use
+#ssl_cipher_list = ALL:!LOW
+
+# Show protocol level SSL errors.
+#verbose_ssl = no
+
+##
+## Login processes
+##
+
+# Directory where authentication process places authentication UNIX sockets
+# which login needs to be able to connect to. The sockets are created when
+# running as root, so you don't have to worry about permissions. Note that
+# everything in this directory is deleted when Dovecot is started.
+login_dir = /var/run/dovecot/login
+
+# chroot login process to the login_dir. Only reason not to do this is if you
+# wish to run the whole Dovecot without roots.
+# http://wiki.dovecot.org/Rootless
+login_chroot = yes
+
+# User to use for the login process. Create a completely new user for this,
+# and don't use it anywhere else. The user must also belong to a group where
+# only it has access, it's used to control access for authentication process.
+# Note that this user is NOT used to access mails.
+# http://wiki.dovecot.org/UserIds
+login_user = dovecot
+
+# Set max. process size in megabytes. If you don't use
+# login_process_per_connection you might need to grow this.
+login_process_size = 64
+
+# Should each login be processed in it's own process (yes), or should one
+# login process be allowed to process multiple connections (no)? Yes is more
+# secure, espcially with SSL/TLS enabled. No is faster since there's no need
+# to create processes all the time.
+login_process_per_connection = no
+
+# Number of login processes to keep for listening new connections.
+login_processes_count = 5
+
+# Maximum number of login processes to create. The listening process count
+# usually stays at login_processes_count, but when multiple users start logging
+# in at the same time more extra processes are created. To prevent fork-bombing
+# we check only once in a second if new processes should be created - if all
+# of them are used at the time, we double their amount until the limit set by
+# this setting is reached.
+login_max_processes_count = 128
+
+# Maximum number of connections allowed per each login process. This setting
+# is used only if login_process_per_connection=no. Once the limit is reached,
+# the process notifies master so that it can create a new login process.
+# You should make sure that the process has at least
+# 16 + login_max_connections * 2 available file descriptors.
+login_max_connections = 256
+
+# Greeting message for clients.
+login_greeting = Dovecot ready.
+
+# Space-separated list of elements we want to log. The elements which have
+# a non-empty variable value are joined together to form a comma-separated
+# string.
+login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
+
+# Login log format. %$ contains login_log_format_elements string, %s contains
+# the data we want to log.
+#login_log_format = %$: %s
+
+##
+## Mailbox locations and namespaces
+##
+
+# Location for users' mailboxes. This is the same as the old default_mail_env
+# setting. The default is empty, which means that Dovecot tries to find the
+# mailboxes automatically. This won't work if the user doesn't have any mail
+# yet, so you should explicitly tell Dovecot the full location.
+#
+# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
+# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
+# and where Dovecot can place its index files. This is called the "root mail
+# directory", and it must be the first path given in the mail_location setting.
+#
+# There are a few special variables you can use, eg.:
+#
+#   %u - username
+#   %n - user part in user@domain, same as %u if there's no domain
+#   %d - domain part in user@domain, empty if there's no domain
+#   %h - home directory
+#
+# See /usr/share/doc/dovecot-common/variables....
 
[truncated message content]

[Elma-commit] SF.net SVN: elma: [185] trunk

[<el...@us...>]

Revision: 185
          http://elma.svn.sourceforge.net/elma/?rev=185&view=rev
Author:   elch86
Date:     2007-10-25 07:47:22 -0700 (Thu, 25 Oct 2007)

Log Message:
-----------
Added exim4- and dovecot-sample-configurations.

Modified Paths:
--------------
    trunk/doc/examples/dovecot/dovecot-ldap.conf
    trunk/doc/examples/dovecot/dovecot.conf
    trunk/includes/eximfilter.inc.php

Added Paths:
-----------
    trunk/doc/examples/exim4/exim4.conf

Removed Paths:
-------------
    trunk/doc/examples/exim4/exim4.conf.dist

Modified: trunk/doc/examples/dovecot/dovecot-ldap.conf
===================================================================
--- trunk/doc/examples/dovecot/dovecot-ldap.conf	2007-10-18 14:49:47 UTC (rev 184)
+++ trunk/doc/examples/dovecot/dovecot-ldap.conf	2007-10-25 14:47:22 UTC (rev 185)
@@ -19,10 +19,10 @@
 #uris = 
 
 # Distinguished Name - the username used to login to the LDAP server
-dn = uid=dovecot,ou=users,o=mybasedn
+dn = 
 
 # Password for LDAP server
-dnpass = dovecotpass
+dnpass = 
 
 # Use SASL binding instead of the simple binding. Note that this changes
 # ldap_version automatically to be 3 if it's lower. Also note that SASL binds
@@ -57,13 +57,13 @@
 # For example:
 #   auth_bind_userdn = cn=%u,ou=people,o=org
 #
-#auth_bind_userdn = uid=%n,dc=%d,ou=domains,o=megabit
+#auth_bind_userdn = uid=%n,dc=%d,ou=domains,o=
 
 # LDAP protocol version to use. Likely 2 or 3.
 ldap_version = 3
 
 # LDAP base. %variables can be used here.
-base = ou=domains,o=mybasedn
+base = 
 
 # Dereference: never, searching, finding, always
 deref = never
@@ -112,5 +112,5 @@
 
 # You can use same UID and GID for all user accounts if you really want to.
 # If the UID/GID is still found from LDAP reply, it overrides these values.
-user_global_uid = Debian-exim
+user_global_uid = mail
 user_global_gid = mail

Modified: trunk/doc/examples/dovecot/dovecot.conf
===================================================================
--- trunk/doc/examples/dovecot/dovecot.conf	2007-10-18 14:49:47 UTC (rev 184)
+++ trunk/doc/examples/dovecot/dovecot.conf	2007-10-25 14:47:22 UTC (rev 185)
@@ -42,7 +42,7 @@
 # SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
 # matches the local IP (ie. you're connecting from the same computer), the
 # connection is considered secure and plaintext authentication is allowed.
-#disable_plaintext_auth = yes
+disable_plaintext_auth = no
 
 # Should all IMAP and POP3 processes be killed when Dovecot master process
 # shuts down. Setting this to "no" means that Dovecot can be upgraded without
@@ -82,7 +82,7 @@
 #ssl_listen =
 
 # Disable SSL/TLS support.
-#ssl_disable = no
+ssl_disable = yes
 
 # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
 # dropping root privileges, so keep the key file unreadable by anyone but
@@ -303,15 +303,15 @@
 # to make sure that users can't log in as daemons or other system users.
 # Note that denying root logins is hardcoded to dovecot binary and can't
 # be done even if first_valid_uid is set to 0.
-first_valid_uid = 103 # user: Debian-exim
-last_valid_uid = 103 # user: Debian-exim
+first_valid_uid = 8
+last_valid_uid = 8
 
 # Valid GID range for users, defaults to non-root/wheel. Users having
 # non-valid GID as primary group ID aren't allowed to log in. If user
 # belongs to supplementary groups with non-valid GIDs, those groups are
 # not set.
-first_valid_gid = 8 # group: mail
-last_valid_gid = 8 # group: mail
+first_valid_gid = 8
+last_valid_gid = 8
 
 # Maximum number of running mail processes. When this limit is reached,
 # new users aren't allowed to log in.
@@ -622,7 +622,7 @@
   #     Outlook Express and Netscape Mail breaks if end of headers-line is
   #     missing. This option simply sends it if it's missing.
   # The list is space-separated.
-  #pop3_client_workarounds = 
+  pop3_client_workarounds =  outlook-no-nuls oe-ns-eoh
 }
 
 ##
@@ -714,15 +714,15 @@
 
 # More verbose logging. Useful for figuring out why authentication isn't
 # working.
-#auth_verbose = yes
+auth_verbose = no
 
 # Even more verbose logging for debugging purposes. Shows for example SQL
 # queries.
-#auth_debug = yes
+auth_debug = no
 
 # In case of password mismatches, log the passwords and used scheme so the
 # problem can be debugged. Requires auth_debug=yes to be set.
-#auth_debug_passwords = yes
+auth_debug_passwords = no
 
 # Maximum number of dovecot-auth worker processes. They're used to execute
 # blocking passdb and userdb queries (eg. MySQL and PAM). They're

Added: trunk/doc/examples/exim4/exim4.conf
===================================================================
--- trunk/doc/examples/exim4/exim4.conf	                        (rev 0)
+++ trunk/doc/examples/exim4/exim4.conf	2007-10-25 14:47:22 UTC (rev 185)
@@ -0,0 +1,434 @@
+########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
+#                                                                          #
+# Whenever you change Exim's configuration file, you *must* remember to    #
+# HUP the Exim daemon, because it will not pick up the new configuration   #
+# until you do. However, any other Exim processes that are started, for    #
+# example, a process started by an MUA in order to send a message, will    #
+# see the new configuration as soon as it is in place.                     #
+#                                                                          #
+# You do not need to HUP the daemon for changes in auxiliary files that    #
+# are referenced from this file. They are read every time they are used.   #
+#                                                                          #
+# It is usually a good idea to test a new configuration for syntactic      #
+# correctness before installing it (for example, by running the command    #
+# "exim -C /config/file.new -bV").                                         #
+#                                                                          #
+# This configuration contains just the needed parameters to run ELMA,      #
+# with short or even none comments.                                        #
+# For a full and comprehensive documentation of all available parameters,  #
+# see http://www.exim.org/exim-html-current/doc/html/spec_html/index.html  #
+#                                                                          #
+# vim folding: use zo to open, zc to close a folding                       #
+#                                                                          #
+########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
+
+
+######################################################################
+#                    MAIN CONFIGURATION SETTINGS                     #
+######################################################################
+
+# LDAP connection parameters <<<
+ldap_default_servers = 127.0.0.1::389
+
+#LDAP_HOSTNAME = 127.0.0.1:389
+LDAP_BASEDN = o=mybasedn
+LDAP_USERS_ROOT_DN = ou=users,LDAP_BASEDN
+LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
+LDAP_BIND_USER = uid=exim4,LDAP_USERS_ROOT_DN
+LDAP_BIND_PASS = exim4pass
+# >>>
+
+# LDAP macros <<<
+# returns list of all local domains (active and inactive)
+LDAP_LOCAL_DOMAINS = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///LDAP_DOMAINS_ROOT_DN?dc?one?(objectclass=mailDomain)}}
+
+# return list of active domains
+LDAP_LOCAL_ACTIVE_DOMAINS = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///LDAP_DOMAINS_ROOT_DN?dc?one?(&(mailStatus=TRUE)(objectclass=mailDomain))}}
+
+# returns status of domain
+LDAP_DOMAIN_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?base?}}} {yes}{no} }
+
+# returns status of user
+LDAP_USER_IS_ACTIVE = ${if eqi {true}{${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub}}} {yes}{no} }
+
+# return list of aliases otherwise return fail
+LDAP_ALIAS_FOR = ${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?base?(&(objectclass=mailalias)(mailStatus=TRUE))} {$value} fail}
+
+# return the user's homeDirectory
+LDAP_HOME_DIRECTORY = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?homeDirectory?base} {$value} fail}
+
+# get the mailSieveFilter attribute for an user
+LDAP_GET_USER_FILTER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?base?(objectclass=mailUser)} {$value} fail}
+
+# get the mailSieveFilter attribute for a domain
+LDAP_GET_DOMAIN_FILTER = ${lookup ldap{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?base?(objectclass=mailDomain)} {$value} fail}
+# >>>
+
+# Hostname <<<
+# Specify your host's canonical name here. This should normally be the fully
+# qualified "official" name of your host. If this option is not set, the
+# uname() function is called to obtain the name. In many cases this does
+# the right thing and you need not set anything explicitly.
+
+#primary_hostname =
+# >>>
+
+# Logging <<<
+log_selector = -retry_defer -skip_delivery -queue_run +smtp_connection \
+  +delivery_size +deliver_time +received_recipients +sender_on_delivery +subject
+# >>>
+
+# Domain-lists, host-lists <<<
+# local_domains: domains which reside in our system(s)
+# active_domains: activated domains. inactive domains are just listed in local_domains
+# relay_from_hosts: relaying is permitted for these hosts
+domainlist local_domains = @ : ${tr {LDAP_LOCAL_DOMAINS} {\n}{:}}
+domainlist active_domains = ${tr {LDAP_LOCAL_ACTIVE_DOMAINS} {\n}{:}}
+hostlist   relay_from_hosts = 127.0.0.1
+# >>>
+
+# av scanner <<<
+# On debian systems, the clamd socket is usually found under
+# clamd:/var/run/clamav/clamd.ctl
+#av_scanner = clamd:/tmp/clamd
+# >>>
+
+# Spam scanning <<<
+# currently only SpamAssassin is supported
+# to activate, remove the comment mark
+#spamd_address = 127.0.0.1 783
+# >>>
+
+# TLS options <<<
+#
+# Allow any client to use TLS.
+
+#tls_advertise_hosts = *
+
+# Specify the location of the Exim server's TLS certificate and private key.
+# The private key must not be encrypted (password protected). You can put
+# the certificate and private key in the same file, in which case you only
+# need the first setting, or in separate files, in which case you need both
+# options.
+
+#tls_certificate = /etc/ssl/exim.crt
+#tls_privatekey = /etc/ssl/exim.pem
+
+# In order to support roaming users who wish to send email from anywhere,
+# you may want to make Exim listen on other ports as well as port 25, in
+# case these users need to send email from a network that blocks port 25.
+# The standard port for this purpose is port 587, the "message submission"
+# port. See RFC 4409 for details. Microsoft MUAs cannot be configured to
+# talk the message submission protocol correctly, so if you need to support
+# them you should also allow TLS-on-connect on the traditional but
+# non-standard port 465.
+
+#daemon_smtp_ports = 25 : 465 : 587
+#tls_on_connect_ports = 465
+
+# >>>
+
+# Unqualified senders/recipients <<<
+# By default, unqualified senders will be qualified with our primary_hostname.
+# Unqualified senders are just permitted the message originates from localhost,
+# unqualified recipients never.
+#
+#qualify_domain =
+sender_unqualified_hosts = localhost
+# >>>
+
+# Never deliver as root <<<
+# don't forget to provide an alias for root
+never_users = root
+# >>>
+
+# Reverse DNS lookup for every host <<<
+host_lookup = *
+# >>>
+
+# Disable ident lookup <<<
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+# >>>
+
+# Bounce messages <<<
+# This option unfreezes frozen bounce messages after two days, tries
+# once more to deliver them, and ignores any delivery failures.
+ignore_bounce_errors_after = 2d
+
+# This option cancels (removes) frozen messages that are older than a week.
+timeout_frozen_after = 7d
+# >>>
+
+# Disable pipelining <<<
+pipelining_advertise_hosts = :
+# >>>
+
+######################################################################
+#                       ACL CONFIGURATION                            #
+#         Specifies access control lists for incoming SMTP mail      #
+######################################################################
+
+# ACL assignment <<<
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+# >>>
+
+begin acl
+
+# RCPT TO: <<<
+acl_check_rcpt:
+
+  # accept if sender is localhost
+  accept  hosts = :
+
+  # The two following rules restrict characters in local_parts
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+  # Accept mails to postmaster
+  accept  local_parts   = postmaster
+          domains       = +local_domains
+
+  # Verify sender
+  # disable, if you get blocked by AOL...
+  require verify        = sender
+
+  # The following two rules accept mails on a per-host basis 
+  # or if sender is authenticated. Return-path and/or From: will
+  # not be adjusted
+  accept  hosts         = +relay_from_hosts
+          control       = submission/sender_retain
+
+  accept  authenticated = *
+          control       = submission/sender_retain
+
+  require message = relay not permitted
+          domains = +local_domains
+
+  # Return debuggable error message if domain it inactive
+  require message = domain inactive
+          domains = +active_domains
+
+  # Verify recipient, both for local and remote recipients
+  require verify = recipient
+
+  # Accept finally if all other checks were passed
+  accept
+# >>>
+
+# DATA <<<
+acl_check_data:
+
+  # Deny if the message contains a virus. Before enabling this check, you
+  # must install a virus scanner and set the av_scanner option above.
+  #
+  # deny    malware    = *
+  #         message    = This message contains a virus ($malware_name).
+
+  # Add headers to a message if it is judged to be spam. Before enabling this,
+  # you must install SpamAssassin. You may also need to set the spamd_address
+  # option above.
+  #
+  # warn    spam       = nobody
+  #         add_header = X-Spam_score: $spam_score\n\
+  #                      X-Spam_score_int: $spam_score_int\n\
+  #                      X-Spam_bar: $spam_bar\n\
+  #                      X-Spam_report: $spam_report
+
+  # Accept the message.
+
+  accept
+# >>>
+
+######################################################################
+#                      ROUTERS CONFIGURATION                         #
+#               Specifies how addresses are handled                  #
+######################################################################
+
+begin routers
+
+# Route addresses not local <<<
+dnslookup:
+  driver = dnslookup
+  domains = ! +local_domains
+  transport = remote_smtp
+  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
+  no_more
+# >>>
+
+# resolve aliases given in /etc/aliases <<<
+system_aliases:
+  driver = redirect
+  allow_fail
+  allow_defer
+  data = ${lookup{$local_part}lsearch{/etc/aliases}}
+  file_transport = address_file
+  pipe_transport = address_pipe
+# >>>
+
+# resolve LDAP aliases <<<
+ldap_aliases:
+  driver = redirect
+  allow_fail
+  allow_defer
+  data = LDAP_ALIAS_FOR
+  file_transport = address_file
+  pipe_transport = address_pipe
+# >>>
+
+# Spam filtering is done on a <<<
+# per-domain basis
+ldap_domain_filter:
+  driver = redirect
+  no_verify
+  allow_filter
+  user = mail
+  group = mail
+  reply_transport = autoreply
+  data = LDAP_GET_DOMAIN_FILTER
+  router_home_directory = LDAP_HOME_DIRECTORY
+  directory_transport = local_delivery
+# >>>
+
+# user filter: vacation, redirects <<<
+ldap_user_filter:
+  driver = redirect
+  no_verify
+  allow_filter
+  user = mail
+  group = mail
+  reply_transport = autoreply
+  data = LDAP_GET_USER_FILTER
+  router_home_directory = LDAP_HOME_DIRECTORY
+  file_transport = local_delivery
+# >>>
+
+# deliver to local user <<<
+ldap_user:
+  driver = accept
+  condition = LDAP_USER_IS_ACTIVE
+  transport = local_delivery
+  cannot_route_message = Unknown user
+# >>>
+
+######################################################################
+#                      TRANSPORTS CONFIGURATION                      #
+######################################################################
+
+begin transports
+
+# This transport is used for delivering messages over SMTP connections <<<
+remote_smtp:
+  driver = smtp
+# >>>
+
+# This Transport is used for auto reply answers like vaction <<<
+autoreply:
+   driver = autoreply
+   from = $local_part@$domain
+# >>>
+
+# This transport is used for local delivery to the users Maildirs which are <<<
+# located under their domain.
+local_delivery:
+  driver = appendfile
+  mode_fail_narrower = false
+  directory = LDAP_HOME_DIRECTORY/Maildir
+  maildir_format
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  user = mail
+  group = mail
+  mode = 0660
+# >>>
+
+######################################################################
+#                      RETRY CONFIGURATION                           #
+######################################################################
+
+begin retry
+
+# This single retry rule applies to all domains and all errors. It specifies <<<
+# retries every 15 minutes for 2 hours, then increasing retry intervals,
+# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
+# hours, then retries every 6 hours until 4 days have passed since the first
+# failed delivery.
+
+# Address or Domain    Error       Retries
+# -----------------    -----       -------
+
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+# >>>
+
+######################################################################
+#                      REWRITE CONFIGURATION                         #
+######################################################################
+
+# There are no rewriting specifications in this default configuration file.
+
+begin rewrite
+
+######################################################################
+#                   AUTHENTICATION CONFIGURATION                     #
+######################################################################
+
+begin authenticators
+
+# AUTH PLAIN <<<
+plain:
+  driver = plaintext
+  public_name = PLAIN
+  server_prompts = :
+  server_condition = ${if and {\
+    {match {${extract{1}{@}{$auth2}}} {\N[\w-\.]{1,64}\N}}\
+    {match {${extract{2}{@}{$auth2}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
+    {ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$auth2}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth2}}},LDAP_DOMAINS_ROOT_DN" pass=${quote:$auth3} ldap:///}}\
+  } {yes}{no}}
+  server_set_id = $auth2
+# >>>
+
+# AUTH LOGIN <<<
+login:
+  driver = plaintext
+  public_name = LOGIN
+  server_prompts = Username:: : Password::
+  server_condition = ${if and {\
+    {match {${extract{1}{@}{$auth1}}} {\N[\w-\.]{1,64}\N}}\
+    {match {${extract{2}{@}{$auth1}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
+    {ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$auth1}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth1}}},LDAP_DOMAINS_ROOT_DN" pass=${quote:$auth2} ldap:///}}\
+  } {yes}{no}}
+  server_set_id = $auth1
+# >>>
+
+# AUTH CRAM-MD5 <<<
+cram:
+  driver = cram_md5
+  public_name = CRAM-MD5
+  server_secret = ${if and {\
+    {match {${extract{1}{@}{$auth1}}} {\N[\w-\.]{1,64}\N}}\
+    {match {${extract{2}{@}{$auth1}}} {\N^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,6}$\N}}\
+  }\
+  {${lookup ldapm{user=LDAP_BIND_USER pass=LDAP_BIND_PASS ldap:///uid=${quote_ldap_dn:${extract{1}{@}{$auth1}}},dc=${quote_ldap_dn:${extract{2}{@}{$auth1}}},LDAP_DOMAINS_ROOT_DN?clearPassword?sub}{$value}fail}} fail}
+  server_set_id = $1
+# >>>
+
+######################################################################
+#                   CONFIGURATION FOR local_scan()                   #
+######################################################################
+
+# If you have built Exim to include a local_scan() function that contains
+# tables for private options, you can define those options here. Remember to
+# uncomment the "begin" line. It is commented by default because it provokes
+# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
+# set in the Local/Makefile.
+
+# begin local_scan
+
+# vim:foldmethod=marker:foldmarker=<<<,>>>

Deleted: trunk/doc/examples/exim4/exim4.conf.dist
===================================================================
--- trunk/doc/examples/exim4/exim4.conf.dist	2007-10-18 14:49:47 UTC (rev 184)
+++ trunk/doc/examples/exim4/exim4.conf.dist	2007-10-25 14:47:22 UTC (rev 185)
@@ -1,656 +0,0 @@
-########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
-#                                                                          #
-# Whenever you change Exim's configuration file, you *must* remember to    #
-# HUP the Exim daemon, because it will not pick up the new configuration   #
-# until you do. However, any other Exim processes that are started, for    #
-# example, a process started by an MUA in order to send a message, will    #
-# see the new configuration as soon as it is in place.                     #
-#                                                                          #
-# You do not need to HUP the daemon for changes in auxiliary files that    #
-# are referenced from this file. They are read every time they are used.   #
-#                                                                          #
-# It is usually a good idea to test a new configuration for syntactic      #
-# correctness before installing it (for example, by running the command    #
-# "exim -C /config/file.new -bV").                                         #
-#                                                                          #
-########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
-
-
-######################################################################
-#                    MAIN CONFIGURATION SETTINGS                     #
-######################################################################
-
-LDAP_HOSTNAME = 127.0.0.1:389
-LDAP_BASEDN = o=mybasedn
-LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
-LDAP_USERS_ROOT_DN = ou=users,LDAP_BASEDN
-LDAP_USER = uid=exim4,LDAP_USERS_ROOT_DN
-LDAP_PASS = exim4pass
-LDAP_DEFAULT_SERVERS = 127.0.0.1::389
-
-LDAP_ACTIVE_USER = ${if eqi {true}{${lookup ldap{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub}}} {yes}{no} }
-
-MAILHOME = /var/mailhome
-
-
-# Specify your host's canonical name here. This should normally be the fully
-# qualified "official" name of your host. If this option is not set, the
-# uname() function is called to obtain the name. In many cases this does
-# the right thing and you need not set anything explicitly.
-
-# primary_hostname =
-
-
-# The next three settings create two lists of domains and one list of hosts.
-# These lists are referred to later in this configuration using the syntax
-# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
-# are all colon-separated lists:
-
-domainlist local_domains = @ : ${tr {${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/LDAP_DOMAINS_ROOT_DN?dc?one?(mailStatus=TRUE)}}} {\n}{:}}
-domainlist relay_to_domains =
-hostlist   relay_from_hosts = 127.0.0.1
-
-# Most straightforward access control requirements can be obtained by
-# appropriate settings of the above options. In more complicated situations,
-# you may need to modify the Access Control List (ACL) which appears later in
-# this file.
-
-# The first setting specifies your local domains, for example:
-#
-#   domainlist local_domains = my.first.domain : my.second.domain
-#
-# You can use "@" to mean "the name of the local host", as in the default
-# setting above. This is the name that is specified by primary_hostname,
-# as specified above (or defaulted). If you do not want to do any local
-# deliveries, remove the "@" from the setting above. If you want to accept mail
-# addressed to your host's literal IP address, for example, mail addressed to
-# "user@[192.168.23.44]", you can add "@[]" as an item in the local domains
-# list. You also need to uncomment "allow_domain_literals" below. This is not
-# recommended for today's Internet.
-
-# The second setting specifies domains for which your host is an incoming relay.
-# If you are not doing any relaying, you should leave the list empty. However,
-# if your host is an MX backup or gateway of some kind for some domains, you
-# must set relay_to_domains to match those domains. For example:
-#
-# domainlist relay_to_domains = *.myco.com : my.friend.org
-#
-# This will allow any host to relay through your host to those domains.
-# See the section of the manual entitled "Control of relaying" for more
-# information.
-
-# The third setting specifies hosts that can use your host as an outgoing relay
-# to any other host on the Internet. Such a setting commonly refers to a
-# complete local network as well as the localhost. For example:
-#
-# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
-#
-# The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you
-# have to include 127.0.0.1 if you want to allow processes on your host to send
-# SMTP mail by using the loopback address. A number of MUAs use this method of
-# sending mail.
-
-# All three of these lists may contain many different kinds of item, including
-# wildcarded names, regular expressions, and file lookups. See the reference
-# manual for details. The lists above are used in the access control lists for
-# checking incoming messages. The names of these ACLs are defined here:
-
-acl_smtp_rcpt = acl_check_rcpt
-acl_smtp_data = acl_check_data
-
-# You should not change those settings until you understand how ACLs work.
-
-
-# If you are running a version of Exim that was compiled with the content-
-# scanning extension, you can cause incoming messages to be automatically
-# scanned for viruses. You have to modify the configuration in two places to
-# set this up. The first of them is here, where you define the interface to
-# your scanner. This example is typical for ClamAV; see the manual for details
-# of what to set for other virus scanners. The second modification is in the
-# acl_check_data access control list (see below).
-
-# av_scanner = clamd:/tmp/clamd
-
-
-# For spam scanning, there is a similar option that defines the interface to
-# SpamAssassin. You do not need to set this if you are using the default, which
-# is shown in this commented example. As for virus scanning, you must also
-# modify the acl_check_data access control list to enable spam scanning.
-
-# spamd_address = 127.0.0.1 783
-
-
-# If Exim is compiled with support for TLS, you may want to enable the
-# following options so that Exim allows clients to make encrypted
-# connections. In the authenticators section below, there are template
-# configurations for plaintext username/password authentication. This kind
-# of authentication is only safe when used within a TLS connection, so the
-# authenticators will only work if the following TLS settings are turned on
-# as well.
-
-# Allow any client to use TLS.
-
-# tls_advertise_hosts = *
-
-# Specify the location of the Exim server's TLS certificate and private key.
-# The private key must not be encrypted (password protected). You can put
-# the certificate and private key in the same file, in which case you only
-# need the first setting, or in separate files, in which case you need both
-# options.
-
-# tls_certificate = /etc/ssl/exim.crt
-# tls_privatekey = /etc/ssl/exim.pem
-
-# In order to support roaming users who wish to send email from anywhere,
-# you may want to make Exim listen on other ports as well as port 25, in
-# case these users need to send email from a network that blocks port 25.
-# The standard port for this purpose is port 587, the "message submission"
-# port. See RFC 4409 for details. Microsoft MUAs cannot be configured to
-# talk the message submission protocol correctly, so if you need to support
-# them you should also allow TLS-on-connect on the traditional but
-# non-standard port 465.
-
-# daemon_smtp_ports = 25 : 465 : 587
-# tls_on_connect_ports = 465
-
-
-# Specify the domain you want to be added to all unqualified addresses
-# here. An unqualified address is one that does not contain an "@" character
-# followed by a domain. For example, "caesar@rome.example" is a fully qualified
-# address, but the string "caesar" (i.e. just a login name) is an unqualified
-# email address. Unqualified addresses are accepted only from local callers by
-# default. See the recipient_unqualified_hosts option if you want to permit
-# unqualified addresses from remote sources. If this option is not set, the
-# primary_hostname value is used for qualification.
-
-# qualify_domain =
-
-
-# If you want unqualified recipient addresses to be qualified with a different
-# domain to unqualified sender addresses, specify the recipient domain here.
-# If this option is not set, the qualify_domain value is used.
-
-# qualify_recipient =
-
-
-# The following line must be uncommented if you want Exim to recognize
-# addresses of the form "user@[10.11.12.13]" that is, with a "domain literal"
-# (an IP address) instead of a named domain. The RFCs still require this form,
-# but it makes little sense to permit mail to be sent to specific hosts by
-# their IP address in the modern Internet. This ancient format has been used
-# by those seeking to abuse hosts by using them for unwanted relaying. If you
-# really do want to support domain literals, uncomment the following line, and
-# see also the "domain_literal" router below.
-
-# allow_domain_literals
-
-
-# No deliveries will ever be run under the uids of these users (a colon-
-# separated list). An attempt to do so causes a panic error to be logged, and
-# the delivery to be deferred. This is a paranoic safety catch. There is an
-# even stronger safety catch in the form of the FIXED_NEVER_USERS setting
-# in the configuration for building Exim. The list of users that it specifies
-# is built into the binary, and cannot be changed. The option below just adds
-# additional users to the list. The default for FIXED_NEVER_USERS is "root",
-# but just to be absolutely sure, the default here is also "root".
-
-# Note that the default setting means you cannot deliver mail addressed to root
-# as if it were a normal user. This isn't usually a problem, as most sites have
-# an alias for root that redirects such mail to a human administrator.
-
-never_users = root
-
-
-# The setting below causes Exim to do a reverse DNS lookup on all incoming
-# IP calls, in order to get the true host name. If you feel this is too
-# expensive, you can specify the networks for which a lookup is done, or
-# remove the setting entirely.
-
-host_lookup = *
-
-
-# The settings below, which are actually the same as the defaults in the
-# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
-# calls. You can limit the hosts to which these calls are made, and/or change
-# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
-# are disabled. RFC 1413 calls are cheap and can provide useful information
-# for tracing problem messages, but some hosts and firewalls have problems
-# with them. This can result in a timeout instead of an immediate refused
-# connection, leading to delays on starting up SMTP sessions. (The default was
-# reduced from 30s to 5s for release 4.61.)
-
-rfc1413_hosts = *
-rfc1413_query_timeout = 5s
-
-
-# By default, Exim expects all envelope addresses to be fully qualified, that
-# is, they must contain both a local part and a domain. If you want to accept
-# unqualified addresses (just a local part) from certain hosts, you can specify
-# these hosts by setting one or both of
-#
-# sender_unqualified_hosts =
-# recipient_unqualified_hosts =
-#
-# to control sender and recipient addresses, respectively. When this is done,
-# unqualified addresses are qualified using the settings of qualify_domain
-# and/or qualify_recipient (see above).
-
-
-# If you want Exim to support the "percent hack" for certain domains,
-# uncomment the following line and provide a list of domains. The "percent
-# hack" is the feature by which mail addressed to x%y@z (where z is one of
-# the domains listed) is locally rerouted to x@y and sent on. If z is not one
-# of the "percent hack" domains, x%y is treated as an ordinary local part. This
-# hack is rarely needed nowadays; you should not enable it unless you are sure
-# that you really need it.
-#
-# percent_hack_domains =
-#
-# As well as setting this option you will also need to remove the test
-# for local parts containing % in the ACL definition below.
-
-
-# When Exim can neither deliver a message nor return it to sender, it "freezes"
-# the delivery error message (aka "bounce message"). There are also other
-# circumstances in which messages get frozen. They will stay on the queue for
-# ever unless one of the following options is set.
-
-# This option unfreezes frozen bounce messages after two days, tries
-# once more to deliver them, and ignores any delivery failures.
-
-ignore_bounce_errors_after = 2d
-
-# This option cancels (removes) frozen messages that are older than a week.
-
-timeout_frozen_after = 7d
-
-
-
-######################################################################
-#                       ACL CONFIGURATION                            #
-#         Specifies access control lists for incoming SMTP mail      #
-######################################################################
-
-begin acl
-
-# This access control list is used for every RCPT command in an incoming
-# SMTP message. The tests are run in order until the address is either
-# accepted or denied.
-
-acl_check_rcpt:
-
-  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
-  # testing for an empty sending host field.
-
-  accept  hosts = :
-
-  #############################################################################
-  # The following section of the ACL is concerned with local parts that contain
-  # @ or % or ! or / or | or dots in unusual places.
-  #
-  # The characters other than dots are rarely found in genuine local parts, but
-  # are often tried by people looking to circumvent relaying restrictions.
-  # Therefore, although they are valid in local parts, these rules lock them
-  # out, as a precaution.
-  #
-  # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
-  # allows them because they have been encountered. (Consider local parts
-  # constructed as "firstinitial.secondinitial.familyname" when applied to
-  # someone like me, who has no second initial.) However, a local part starting
-  # with a dot or containing /../ can cause trouble if it is used as part of a
-  # file name (e.g. for a mailing list). This is also true for local parts that
-  # contain slashes. A pipe symbol can also be troublesome if the local part is
-  # incorporated unthinkingly into a shell command line.
-  #
-  # Two different rules are used. The first one is stricter, and is applied to
-  # messages that are addressed to one of the local domains handled by this
-  # host. The line "domains = +local_domains" restricts it to domains that are
-  # defined by the "domainlist local_domains" setting above. The rule  blocks
-  # local parts that begin with a dot or contain @ % ! / or |. If you have
-  # local accounts that include these characters, you will have to modify this
-  # rule.
-
-  deny    message       = Restricted characters in address
-          domains       = +local_domains
-          local_parts   = ^[.] : ^.*[@%!/|]
-
-  # The second rule applies to all other domains, and is less strict. The line
-  # "domains = !+local_domains" restricts it to domains that are NOT defined by
-  # the "domainlist local_domains" setting above. The exclamation mark is a
-  # negating operator. This rule allows your own users to send outgoing
-  # messages to sites that use slashes and vertical bars in their local parts.
-  # It blocks local parts that begin with a dot, slash, or vertical bar, but
-  # allows these characters within the local part. However, the sequence /../
-  # is barred. The use of @ % and ! is blocked, as before. The motivation here
-  # is to prevent your users (or your users' viruses) from mounting certain
-  # kinds of attack on remote sites.
-
-  deny    message       = Restricted characters in address
-          domains       = !+local_domains
-          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-  #############################################################################
-
-  # Accept mail to postmaster in any local domain, regardless of the source,
-  # and without verifying the sender.
-
-  accept  local_parts   = postmaster
-          domains       = +local_domains
-
-  # Deny unless the sender address can be verified.
-
-  require verify        = sender
-
-  # Accept if the message comes from one of the hosts for which we are an
-  # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
-  # so we set control=submission to make Exim treat the message as a
-  # submission. It will fix up various errors in the message, for example, the
-  # lack of a Date: header line. If you are actually relaying out out from
-  # MTAs, you may want to disable this. If you are handling both relaying from
-  # MTAs and submissions from MUAs you should probably split them into two
-  # lists, and handle them differently.
-
-  # Recipient verification is omitted here, because in many cases the clients
-  # are dumb MUAs that don't cope well with SMTP error responses. If you are
-  # actually relaying out from MTAs, you should probably add recipient
-  # verification here.
-
-  # Note that, by putting this test before any DNS black list checks, you will
-  # always accept from these hosts, even if they end up on a black list. The
-  # assumption is that they are your friends, and if they get onto a black
-  # list, it is a mistake.
-
-  accept  hosts         = +relay_from_hosts
-          control       = submission
-
-  # Accept if the message arrived over an authenticated connection, from
-  # any host. Again, these messages are usually from MUAs, so recipient
-  # verification is omitted, and submission mode is set. And again, we do this
-  # check before any black list tests.
-
-  accept  authenticated = *
-          control       = submission
-
-  # Insist that any other recipient address that we accept is either in one of
-  # our local domains, or is in a domain for which we explicitly allow
-  # relaying. Any other domain is rejected as being unacceptable for relaying.
-
-  require message = relay not permitted
-          domains = +local_domains : +relay_domains
-
-  # We also require all accepted addresses to be verifiable. This check will
-  # do local part verification for local domains, but only check the domain
-  # for remote domains. The only way to check local parts for the remote
-  # relay domains is to use a callout (add /callout), but please read the
-  # documentation about callouts before doing this.
-
-  require verify = recipient
-
-  #############################################################################
-  # There are no default checks on DNS black lists because the domains that
-  # contain these lists are changing all the time. However, here are two
-  # examples of how you can get Exim to perform a DNS black list lookup at this
-  # point. The first one denies, whereas the second just warns.
-  #
-  # deny    message       = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
-  #         dnslists      = black.list.example
-  #
-  # warn    dnslists      = black.list.example
-  #         add_header    = X-Warning: $sender_host_address is in a black list at $dnslist_domain
-  #         log_message   = found in $dnslist_domain
-  #############################################################################
-
-  #############################################################################
-  # This check is commented out because it is recognized that not every
-  # sysadmin will want to do it. If you enable it, the check performs
-  # Client SMTP Authorization (csa) checks on the sending host. These checks
-  # do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
-  # an Internet draft. You can, of course, add additional conditions to this
-  # ACL statement to restrict the CSA checks to certain hosts only.
-  #
-  # require verify = csa
-  #############################################################################
-
-  # At this point, the address has passed all the checks that have been
-  # configured, so we accept it unconditionally.
-
-  accept
-
-
-# This ACL is used after the contents of a message have been received. This
-# is the ACL in which you can test a message's headers or body, and in
-# particular, this is where you can invoke external virus or spam scanners.
-# Some suggested ways of configuring these tests are shown below, commented
-# out. Without any tests, this ACL accepts all messages. If you want to use
-# such tests, you must ensure that Exim is compiled with the content-scanning
-# extension (WITH_CONTENT_SCAN=yes in Local/Makefile).
-
-acl_check_data:
-
-  # Deny if the message contains a virus. Before enabling this check, you
-  # must install a virus scanner and set the av_scanner option above.
-  #
-  # deny    malware    = *
-  #         message    = This message contains a virus ($malware_name).
-
-  # Add headers to a message if it is judged to be spam. Before enabling this,
-  # you must install SpamAssassin. You may also need to set the spamd_address
-  # option above.
-  #
-  # warn    spam       = nobody
-  #         add_header = X-Spam_score: $spam_score\n\
-  #                      X-Spam_score_int: $spam_score_int\n\
-  #                      X-Spam_bar: $spam_bar\n\
-  #                      X-Spam_report: $spam_report
-
-  # Accept the message.
-
-  accept
-
-
-
-######################################################################
-#                      ROUTERS CONFIGURATION                         #
-#               Specifies how addresses are handled                  #
-######################################################################
-#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
-# An address is passed to each router in turn until it is accepted.  #
-######################################################################
-
-begin routers
-
-# This router routes to remote hosts over SMTP by explicit IP address,
-# when an email address is given in "domain literal" form, for example,
-# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
-# little-known these days, and has been exploited by evil people seeking
-# to abuse SMTP relays. Consequently it is commented out in the default
-# configuration. If you uncomment this router, you also need to uncomment
-# allow_domain_literals above, so that Exim can recognize the syntax of
-# domain literal addresses.
-
-# domain_literal:
-#   driver = ipliteral
-#   domains = ! +local_domains
-#   transport = remote_smtp
-
-
-# This router routes addresses that are not in local domains by doing a DNS
-# lookup on the domain name. The exclamation mark that appears in "domains = !
-# +local_domains" is a negating operator, that is, it can be read as "not". The
-# recipient's domain must not be one of those defined by "domainlist
-# local_domains" above for this router to be used.
-#
-# If the router is used, any domain that resolves to 0.0.0.0 or to a loopback
-# interface address (127.0.0.0/8) is treated as if it had no DNS entry. Note
-# that 0.0.0.0 is the same as 0.0.0.0/32, which is commonly treated as the
-# local host inside the network stack. It is not 0.0.0.0/0, the default route.
-# If the DNS lookup fails, no further routers are tried because of the no_more
-# setting, and consequently the address is unrouteable.
-
-dnslookup:
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
-  no_more
-
-
-# The remaining routers handle addresses in the local domain(s), that is those
-# domains that are defined by "domainlist local_domains" above.
-
-
-# This router handles aliasing using a linearly searched alias file with the
-# name /etc/aliases. When this configuration is installed automatically,
-# the name gets inserted into this file from whatever is set in Exim's
-# build-time configuration. The default path is the traditional /etc/aliases.
-# If you install this configuration by hand, you need to specify the correct
-# path in the "data" setting below.
-#
-##### NB  You must ensure that the alias file exists. It used to be the case
-##### NB  that every Unix had that file, because it was the Sendmail default.
-##### NB  These days, there are systems that don't have it. Your aliases
-##### NB  file should at least contain an alias for "postmaster".
-#
-# If any of your aliases expand to pipes or files, you will need to set
-# up a user and a group for these deliveries to run under. You can do
-# this by uncommenting the "user" option below (changing the user name
-# as appropriate) and adding a "group" option if necessary. Alternatively, you
-# can specify "user" on the transports that are used. Note that the transports
-# listed below are the same as are used for .forward files; you might want
-# to set up different ones for pipe and file deliveries from aliases.
-
-system_aliases:
-  driver = redirect
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-# user = exim
-  file_transport = address_file
-  pipe_transport = address_pipe
-
-
-ldap_aliases:
-  driver = redirect
-  allow_fail
-  allow_defer
-  data = ${if eq {yes}{LDAP_ACTIVE_USER} {${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?sub?(objectclass=mailalias)}}}{no}}
-  file_transport = address_file
-  pipe_transport = address_pipe
-
-# This router matches local user mailboxes. If the router fails, the error
-# message is "Unknown user".
-
-# If you want this router to treat local parts with suffixes introduced by "-"
-# or "+" characters as if the suffixes did not exist, uncomment the two local_
-# part_suffix options. Then, for example, xxx...@yo...main will be treated
-# in the same way as xx...@yo...main by this router.
-
-ldap_user:
-  driver = accept
-  condition = ${if eq {yes}{LDAP_ACTIVE_USER} {${lookup ldap{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?uid?sub?(objectclass=mailUser)}}}{no}}
-  transport = local_delivery
-  cannot_route_message = Unknown user
-
-
-######################################################################
-#                      TRANSPORTS CONFIGURATION                      #
-######################################################################
-#                       ORDER DOES NOT MATTER                        #
-#     Only one appropriate transport is called for each delivery.    #
-######################################################################
-
-# A transport is used only when referenced from a router that successfully
-# handles an address.
-
-begin transports
-
-
-# This transport is used for delivering messages over SMTP connections.
-
-remote_smtp:
-  driver = smtp
-
-
-# This transport is used for local delivery to the users Maildirs which are 
-# located under their domain.
-
-
-local_delivery:
-  driver = appendfile
-  mode_fail_narrower = false
-  directory = "MAILHOME/${domain}/${local_part}/Maildir"
-  maildir_format
-  delivery_date_add
-  envelope_to_add
-  return_path_add
-  group = mail
-  mode = 0660
-
-######################################################################
-#                      RETRY CONFIGURATION                           #
-######################################################################
-
-begin retry
-
-# This single retry rule applies to all domains and all errors. It specifies
-# retries every 15 minutes for 2 hours, then increasing retry intervals,
-# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
-# hours, then retries every 6 hours until 4 days have passed since the first
-# failed delivery.
-
-# Address or Domain    Error       Retries
-# -----------------    -----       -------
-
-*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-
-
-
-######################################################################
-#                      REWRITE CONFIGURATION                         #
-######################################################################
-
-# There are no rewriting specifications in this default configuration file.
-
-begin rewrite
-
-
-
-######################################################################
-#                   AUTHENTICATION CONFIGURATION                     #
-######################################################################
-
-begin authenticators
-
-plain:
-  driver = plaintext
-  public_name = PLAIN
-  server_prompts = :
-  server_condition = ${if ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$2}}},dc=${quote_ldap_dn:${extract{2}{@}{$2}}},LDAP_DOMAINS_ROOT_DN" pass=${quote_ldap_dn::$3} ldap://LDAP_HOSTNAME/}{yes}{no}}
-  server_set_id = $2
-
-login:
-  driver = plaintext
-  public_name = LOGIN
-  server_prompts = Username:: : Password::
-  server_condition = ${if ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$1}}},dc=${quote_ldap_dn:${extract{2}{@}{$1}}},LDAP_DOMAINS_ROOT_DN" pass=${quote_ldap_dn:$2} ldap://LDAP_HOSTNAME/}{yes}{no}}
-  server_set_id = $1
-
-cram:
-  driver = cram_md5
-  public_name = CRAM-MD5
-  server_secret = ${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${extract{1}{@}{$1}}},dc=${quote_ldap_dn:${extract{2}{@}{$1}}},LDAP_DOMAINS_ROOT_DN?clearPassword?sub}{$value}fail}
-  server_set_id = $1
-
-######################################################################
-#                   CONFIGURATION FOR local_scan()                   #
-######################################################################
-
-# If you have built Exim to include a local_scan() function that contains
-# tables for private options, you can define those options here. Remember to
-# uncomment the "begin" line. It is commented by default because it provokes
-# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
-# set in the Local/Makefile.
-
-# begin local_scan
-
-
-# End of Exim configuration file

Modified: trunk/includes/eximfilter.inc.php
===================================================================
--- trunk/includes/eximfilter.inc.php	2007-10-18 14:49:47 UTC (rev 184)
+++ trunk/includes/eximfilter.inc.php	2007-10-25 14:47:22 UTC (rev 185)
@@ -44,12 +44,12 @@
 
     if ( ! empty($eximFilterValues["spamfilter"]["values"]["ACTION"]) ) {
         switch ($eximFilterValues["spamfilter"]["values"]["ACTION"]) {
-            case "DISCARD": $eximFilterValues["spamfilter"]["values"]["FILTERACTION"] = "finish";
+            case "DISCARD": $eximFilterValues["spamfilter"]["values"]["FILTERACTION"] = "seen finish";
                             break;
             case "REDIRECT": $eximFilterValues["spamfilter"]["values"]["FILTERACTION"] = "deliver spam@\$domain";
-                             break;
+                            break;
             case "FOLDER": $eximFilterValues["spamfilter"]["values"]["FILTERACTION"] = "save \$home/Maildir/.Spam/";
-                           break;
+                            break;
         }
     }
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [184] trunk/includes/eximfilter.inc.php

[<dwe...@us...>]

Revision: 184
          http://elma.svn.sourceforge.net/elma/?rev=184&view=rev
Author:   dweuthen
Date:     2007-10-18 07:49:47 -0700 (Thu, 18 Oct 2007)

Log Message:
-----------
bugfix

Modified Paths:
--------------
    trunk/includes/eximfilter.inc.php

Modified: trunk/includes/eximfilter.inc.php
===================================================================
--- trunk/includes/eximfilter.inc.php	2007-10-18 14:47:22 UTC (rev 183)
+++ trunk/includes/eximfilter.inc.php	2007-10-18 14:49:47 UTC (rev 184)
@@ -31,7 +31,7 @@
 
     // Vacation Template
     $eximFilter["vacation"]["template"] = '%STATUS%if personal then mail from $local_part@$domain to $reply_address subject "Re: $h_subject:" text "%MESSAGE%" once $home/.vacation.db once_repeat 7d endif # VACATION';
-    $eximFilter["vacation"]["regex"] = '/^(.*)if personal then mail from \$local_part@\$domain  to \$reply_address subject "Re: \$h_subject:" text "(.*)" once \$home\/\.vacation.db once_repeat 7d endif # VACATION$/i';
+    $eximFilter["vacation"]["regex"] = '/^(.*)if personal then mail from \$local_part@\$domain to \$reply_address subject "Re: \$h_subject:" text "(.*)" once \$home\/\.vacation.db once_repeat 7d endif # VACATION$/i';
     $eximFilter["vacation"]["values"] = array("STATUS" => "#",
                                               "MESSAGE" => "");
     


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [183] trunk/includes/eximfilter.inc.php

[<dwe...@us...>]

Revision: 183
          http://elma.svn.sourceforge.net/elma/?rev=183&view=rev
Author:   dweuthen
Date:     2007-10-18 07:47:22 -0700 (Thu, 18 Oct 2007)

Log Message:
-----------
from information added for vaction exim filter

Modified Paths:
--------------
    trunk/includes/eximfilter.inc.php

Modified: trunk/includes/eximfilter.inc.php
===================================================================
--- trunk/includes/eximfilter.inc.php	2007-10-18 13:45:16 UTC (rev 182)
+++ trunk/includes/eximfilter.inc.php	2007-10-18 14:47:22 UTC (rev 183)
@@ -30,8 +30,8 @@
                                                 "ACTION" => "MARK");
 
     // Vacation Template
-    $eximFilter["vacation"]["template"] = '%STATUS%if personal then mail to $reply_address subject "Re: $h_subject:" text "%MESSAGE%" once $home/.vacation.db once_repeat 7d endif # VACATION';
-    $eximFilter["vacation"]["regex"] = '/^(.*)if personal then mail to \$reply_address subject "Re: \$h_subject:" text "(.*)" once \$home\/\.vacation.db once_repeat 7d endif # VACATION$/i';
+    $eximFilter["vacation"]["template"] = '%STATUS%if personal then mail from $local_part@$domain to $reply_address subject "Re: $h_subject:" text "%MESSAGE%" once $home/.vacation.db once_repeat 7d endif # VACATION';
+    $eximFilter["vacation"]["regex"] = '/^(.*)if personal then mail from \$local_part@\$domain  to \$reply_address subject "Re: \$h_subject:" text "(.*)" once \$home\/\.vacation.db once_repeat 7d endif # VACATION$/i';
     $eximFilter["vacation"]["values"] = array("STATUS" => "#",
                                               "MESSAGE" => "");
     


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [182] trunk/includes/eximfilter.inc.php

[<dwe...@us...>]

Revision: 182
          http://elma.svn.sourceforge.net/elma/?rev=182&view=rev
Author:   dweuthen
Date:     2007-10-18 06:45:16 -0700 (Thu, 18 Oct 2007)

Log Message:
-----------
missing endif in vacation filter added 

Modified Paths:
--------------
    trunk/includes/eximfilter.inc.php

Modified: trunk/includes/eximfilter.inc.php
===================================================================
--- trunk/includes/eximfilter.inc.php	2007-10-17 13:17:03 UTC (rev 181)
+++ trunk/includes/eximfilter.inc.php	2007-10-18 13:45:16 UTC (rev 182)
@@ -30,8 +30,8 @@
                                                 "ACTION" => "MARK");
 
     // Vacation Template
-    $eximFilter["vacation"]["template"] = '%STATUS%if personal then mail to $reply_address subject "Re: $h_subject:" text "%MESSAGE%" once $home/.vacation.db once_repeat 7d # VACATION';
-    $eximFilter["vacation"]["regex"] = '/^(.*)if personal then mail to \$reply_address subject "Re: \$h_subject:" text "(.*)" once \$home\/\.vacation.db once_repeat 7d # VACATION$/i';
+    $eximFilter["vacation"]["template"] = '%STATUS%if personal then mail to $reply_address subject "Re: $h_subject:" text "%MESSAGE%" once $home/.vacation.db once_repeat 7d endif # VACATION';
+    $eximFilter["vacation"]["regex"] = '/^(.*)if personal then mail to \$reply_address subject "Re: \$h_subject:" text "(.*)" once \$home\/\.vacation.db once_repeat 7d endif # VACATION$/i';
     $eximFilter["vacation"]["values"] = array("STATUS" => "#",
                                               "MESSAGE" => "");
     


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [181] trunk/doc/examples/ldap/slapd.conf

[<dwe...@us...>]

Revision: 181
          http://elma.svn.sourceforge.net/elma/?rev=181&view=rev
Author:   dweuthen
Date:     2007-10-17 06:17:03 -0700 (Wed, 17 Oct 2007)

Log Message:
-----------
schema 02 -> 0.3

Modified Paths:
--------------
    trunk/doc/examples/ldap/slapd.conf

Modified: trunk/doc/examples/ldap/slapd.conf
===================================================================
--- trunk/doc/examples/ldap/slapd.conf	2007-10-17 12:54:43 UTC (rev 180)
+++ trunk/doc/examples/ldap/slapd.conf	2007-10-17 13:17:03 UTC (rev 181)
@@ -12,7 +12,7 @@
 include         /etc/ldap/schema/cosine.schema
 include         /etc/ldap/schema/nis.schema
 include         /etc/ldap/schema/inetorgperson.schema
-include         /etc/ldap/schema/elma-0.2.schema
+include         /etc/ldap/schema/elma-0.3.schema
 
 # Where the pid file is put. The init.d script
 # will not stop the server if you change this.


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [180] trunk/doc/examples

[<dwe...@us...>]

Revision: 180
          http://elma.svn.sourceforge.net/elma/?rev=180&view=rev
Author:   dweuthen
Date:     2007-10-17 05:54:43 -0700 (Wed, 17 Oct 2007)

Log Message:
-----------
example dovecot config added

Added Paths:
-----------
    trunk/doc/examples/dovecot/
    trunk/doc/examples/dovecot/dovecot-ldap.conf
    trunk/doc/examples/dovecot/dovecot.conf

Added: trunk/doc/examples/dovecot/dovecot-ldap.conf
===================================================================
--- trunk/doc/examples/dovecot/dovecot-ldap.conf	                        (rev 0)
+++ trunk/doc/examples/dovecot/dovecot-ldap.conf	2007-10-17 12:54:43 UTC (rev 180)
@@ -0,0 +1,116 @@
+# This file is opened as root, so it should be owned by root and mode 0600.
+#
+# NOTE: If you're not using authentication binds, you'll need to give
+# dovecot-auth read access to userPassword field in the LDAP server.
+# With OpenLDAP this is done by modifying /etc/ldap/slapd.conf. There should
+# already be something like this:
+
+# access to attribute=userPassword
+#        by dn="<dovecot's dn>" read # add this
+#        by anonymous auth
+#        by self write
+#        by * none
+
+# Space separated list of LDAP hosts to use. host:port is allowed too.
+hosts = 127.0.0.1
+
+# LDAP URIs to use. You can use this instead of hosts list. Note that this
+# setting isn't supported by all LDAP libraries.
+#uris = 
+
+# Distinguished Name - the username used to login to the LDAP server
+dn = uid=dovecot,ou=users,o=mybasedn
+
+# Password for LDAP server
+dnpass = dovecotpass
+
+# Use SASL binding instead of the simple binding. Note that this changes
+# ldap_version automatically to be 3 if it's lower. Also note that SASL binds
+# and auth_bind=yes don't work together.
+sasl_bind = no
+# SASL mechanism name to use.
+#sasl_mech =
+# SASL realm to use.
+#sasl_realm =
+# SASL authorization ID, ie. the dnpass is for this "master user", but the
+# dn is still the logged in user. Normally you want to keep this empty.
+#sasl_authz_id =
+
+# Use authentication binding for verifying password's validity. This works by
+# logging into LDAP server using the username and password given by client.
+# The pass_filter is used to find the DN for the user. Note that the pass_attrs
+# is still used, only the password field is ignored in it. Before doing any
+# search, the binding is switched back to the default DN.
+auth_bind = no
+
+# If authentication binding is used, you can save one LDAP request per login
+# if users' DN can be specified with a common template. The template can use
+# the standard %variables (see user_filter). Note that you can't
+# use any pass_attrs if you use this setting.
+#
+# If you use this setting, it's a good idea to use a different
+# dovecot-ldap.conf for userdb (it can even be a symlink, just as long as the
+# filename is different in userdb's args). That way one connection is used only
+# for LDAP binds and another connection is used for user lookups. Otherwise
+# the binding is changed to the default DN before each user lookup.
+#
+# For example:
+#   auth_bind_userdn = cn=%u,ou=people,o=org
+#
+#auth_bind_userdn = uid=%n,dc=%d,ou=domains,o=megabit
+
+# LDAP protocol version to use. Likely 2 or 3.
+ldap_version = 3
+
+# LDAP base. %variables can be used here.
+base = ou=domains,o=mybasedn
+
+# Dereference: never, searching, finding, always
+deref = never
+
+# Search scope: base, onelevel, subtree
+scope = subtree
+
+# User attributes are given in LDAP-name=dovecot-internal-name list. The
+# internal names are:
+#   uid - System UID
+#   gid - System GID
+#   home - Home directory
+#   mail - Mail location
+#
+# There are also other special fields which can be returned, see
+# http://wiki.dovecot.org/UserDatabase/ExtraFields
+user_attrs = homeDirectory=home
+
+# Filter for user lookup. Some variables can be used (see
+# http://wiki.dovecot.org/Variables for full list):
+#   %u - username
+#   %n - user part in user@domain, same as %u if there's no domain
+#   %d - domain part in user@domain, empty if user there's no domain
+user_filter = (&(objectClass=mailUser)(uid=%n)(mailStatus=TRUE))
+
+# Password checking attributes:
+#  user: Virtual user name (user@domain), if you wish to change the
+#        user-given username to something else
+#  password: Password, may optionally start with {type}, eg. {crypt}
+# There are also other special fields which can be returned, see
+# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
+pass_attrs = uid=user,userPassword=password
+
+# If you wish to avoid two LDAP lookups (passdb + userdb), you can use
+# userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll
+# also have to include user_attrs in pass_attrs field prefixed with "userdb_"
+# string. For example:
+#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
+
+# Filter for password lookups
+pass_filter = (&(objectClass=mailUser)(uid=%n)(mailStatus=TRUE))
+
+# Default password scheme. "{scheme}" before password overrides this.
+# List of supported schemes is in: http://wiki.dovecot.org/Authentication
+#default_pass_scheme = CRYPT
+
+# You can use same UID and GID for all user accounts if you really want to.
+# If the UID/GID is still found from LDAP reply, it overrides these values.
+user_global_uid = Debian-exim
+user_global_gid = mail

Added: trunk/doc/examples/dovecot/dovecot.conf
===================================================================
--- trunk/doc/examples/dovecot/dovecot.conf	                        (rev 0)
+++ trunk/doc/examples/dovecot/dovecot.conf	2007-10-17 12:54:43 UTC (rev 180)
@@ -0,0 +1,1040 @@
+## Dovecot configuration file
+
+# If you're in a hurry, see http://wiki.dovecot.org/QuickConfiguration
+
+# '#' character and everything after it is treated as comments. Extra spaces
+# and tabs are ignored. If you want to use either of these explicitly, put the
+# value inside quotes, eg.: key = "# char and trailing whitespace  "
+
+# Default values are shown for each setting, it's not required to uncomment
+# any of the lines. Exception to this are paths, they're just examples with
+# the real defaults being based on configure options. The paths listed here
+# are for configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var
+# --with-ssldir=/etc/ssl
+
+# Base directory where to store runtime data.
+base_dir = /var/run/dovecot/
+
+# Protocols we want to be serving: imap imaps pop3 pop3s
+# If you only want to use dovecot-auth, you can set this to "none".
+protocols = imap pop3
+
+# IP or host address where to listen in for connections. It's not currently
+# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
+# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
+# interfaces depending on the operating system.
+#
+# If you want to specify ports for each service, you will need to configure
+# these settings inside the protocol imap/pop3 { ... } section, so you can
+# specify different ports for IMAP/POP3. For example:
+#   protocol imap {
+#     listen = *:10143
+#     ssl_listen = *:10943
+#     ..
+#   }
+#   protocol pop3 {
+#     listen = *:10100
+#     ..
+#   }
+listen = *
+
+# Disable LOGIN command and all other plaintext authentications unless
+# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
+# matches the local IP (ie. you're connecting from the same computer), the
+# connection is considered secure and plaintext authentication is allowed.
+#disable_plaintext_auth = yes
+
+# Should all IMAP and POP3 processes be killed when Dovecot master process
+# shuts down. Setting this to "no" means that Dovecot can be upgraded without
+# forcing existing client connections to close (although that could also be
+# a problem if the upgrade is eg. because of a security fix). This however
+# means that after master process has died, the client processes can't write
+# to log files anymore.
+shutdown_clients = yes
+
+##
+## Logging
+##
+
+# Use this logfile instead of syslog(). /dev/stderr can be used if you want to
+# use stderr for logging (ONLY /dev/stderr - otherwise it is closed).
+#log_path = 
+
+# For informational messages, use this logfile instead of the default
+#info_log_path = 
+
+# Prefix for each line written to log file. % codes are in strftime(3)
+# format.
+#log_timestamp = "%b %d %H:%M:%S "
+log_timestamp = "%Y-%m-%d %H:%M:%S "
+
+# Syslog facility to use if you're logging to syslog. Usually if you don't
+# want to use "mail", you'll use local0..local7. Also other standard
+# facilities are supported.
+#syslog_facility = mail
+
+##
+## SSL settings
+##
+
+# IP or host address where to listen in for SSL connections. Defaults
+# to above if not specified.
+#ssl_listen =
+
+# Disable SSL/TLS support.
+#ssl_disable = no
+
+# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
+# dropping root privileges, so keep the key file unreadable by anyone but
+# root.
+#ssl_cert_file = /etc/ssl/certs/dovecot.pem
+#ssl_key_file = /etc/ssl/private/dovecot.pem
+
+# If key file is password protected, give the password here. Alternatively
+# give it when starting dovecot with -p parameter.
+#ssl_key_password =
+
+# File containing trusted SSL certificate authorities. Usually not needed.
+# The CAfile should contain the CA-certificate(s) followed by the matching 
+# CRL(s). CRL checking is new in dovecot .rc1
+#ssl_ca_file = 
+
+# Request client to send a certificate.
+#ssl_verify_client_cert = no
+
+# How often to regenerate the SSL parameters file. Generation is quite CPU
+# intensive operation. The value is in hours, 0 disables regeneration
+# entirely.
+#ssl_parameters_regenerate = 168
+
+# SSL ciphers to use
+#ssl_cipher_list = ALL:!LOW
+
+# Show protocol level SSL errors.
+#verbose_ssl = no
+
+##
+## Login processes
+##
+
+# Directory where authentication process places authentication UNIX sockets
+# which login needs to be able to connect to. The sockets are created when
+# running as root, so you don't have to worry about permissions. Note that
+# everything in this directory is deleted when Dovecot is started.
+login_dir = /var/run/dovecot/login
+
+# chroot login process to the login_dir. Only reason not to do this is if you
+# wish to run the whole Dovecot without roots.
+# http://wiki.dovecot.org/Rootless
+login_chroot = yes
+
+# User to use for the login process. Create a completely new user for this,
+# and don't use it anywhere else. The user must also belong to a group where
+# only it has access, it's used to control access for authentication process.
+# Note that this user is NOT used to access mails.
+# http://wiki.dovecot.org/UserIds
+login_user = dovecot
+
+# Set max. process size in megabytes. If you don't use
+# login_process_per_connection you might need to grow this.
+login_process_size = 64
+
+# Should each login be processed in it's own process (yes), or should one
+# login process be allowed to process multiple connections (no)? Yes is more
+# secure, espcially with SSL/TLS enabled. No is faster since there's no need
+# to create processes all the time.
+login_process_per_connection = no
+
+# Number of login processes to keep for listening new connections.
+login_processes_count = 5
+
+# Maximum number of login processes to create. The listening process count
+# usually stays at login_processes_count, but when multiple users start logging
+# in at the same time more extra processes are created. To prevent fork-bombing
+# we check only once in a second if new processes should be created - if all
+# of them are used at the time, we double their amount until the limit set by
+# this setting is reached.
+login_max_processes_count = 128
+
+# Maximum number of connections allowed per each login process. This setting
+# is used only if login_process_per_connection=no. Once the limit is reached,
+# the process notifies master so that it can create a new login process.
+# You should make sure that the process has at least
+# 16 + login_max_connections * 2 available file descriptors.
+login_max_connections = 256
+
+# Greeting message for clients.
+login_greeting = Dovecot ready.
+
+# Space-separated list of elements we want to log. The elements which have
+# a non-empty variable value are joined together to form a comma-separated
+# string.
+login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
+
+# Login log format. %$ contains login_log_format_elements string, %s contains
+# the data we want to log.
+#login_log_format = %$: %s
+
+##
+## Mailbox locations and namespaces
+##
+
+# Location for users' mailboxes. This is the same as the old default_mail_env
+# setting. The default is empty, which means that Dovecot tries to find the
+# mailboxes automatically. This won't work if the user doesn't have any mail
+# yet, so you should explicitly tell Dovecot the full location.
+#
+# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
+# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
+# and where Dovecot can place its index files. This is called the "root mail
+# directory", and it must be the first path given in the mail_location setting.
+#
+# There are a few special variables you can use, eg.:
+#
+#   %u - username
+#   %n - user part in user@domain, same as %u if there's no domain
+#   %d - domain part in user@domain, empty if there's no domain
+#   %h - home directory
+#
+# See /usr/share/doc/dovecot-common/variables.txt for full list. Some examples:
+#
+#   mail_location = maildir:~/Maildir
+#   mail_location = mbox:~/mail:INBOX=/var/mail/%u
+#   mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
+#
+# http://wiki.dovecot.org/MailLocation
+#
+#mail_location = 
+
+# If you need to set multiple mailbox locations or want to change default
+# namespace settings, you can do it by defining namespace sections:
+#
+# You can have private, shared and public namespaces. The only difference
+# between them is how Dovecot announces them to client via NAMESPACE
+# extension. Shared namespaces are meant for user-owned mailboxes which are
+# shared to other users, while public namespaces are for more globally
+# accessible mailboxes.
+#
+# REMEMBER: If you add any namespaces, the default namespace must be added
+# explicitly, ie. mail_location does nothing unless you have a namespace
+# without a location setting. Default namespace is simply done by having a
+# namespace with empty prefix.
+#namespace private {
+   # Hierarchy separator to use. You should use the same separator for all
+   # namespaces or some clients get confused. '/' is usually a good one.
+   # The default however depends on the underlying mail storage format.
+   #separator = 
+
+   # Prefix required to access this namespace. This needs to be different for
+   # all namespaces. For example "Public/".
+   #prefix = 
+
+   # Physical location of the mailbox. This is in same format as
+   # mail_location, which is also the default for it.
+   #location =
+
+   # There can be only one INBOX, and this setting defines which namespace
+   # has it.
+   #inbox = yes
+
+   # If namespace is hidden, it's not advertised to clients via NAMESPACE
+   # extension or shown in LIST replies. This is mostly useful when converting
+   # from another server with different namespaces which you want to depricate
+   # but still keep working. For example you can create hidden namespaces with
+   # prefixes "~/mail/", "~%u/mail/" and "mail/".
+   #hidden = yes
+#}
+
+# Grant access to these extra groups for mail processes. Typical use would be
+# to give "mail" group write access to /var/mail to be able to create dotlocks.
+# The dovecot processes get these groups' privileges in addition to the dovecot
+# ones; the list of groups must be separated by spaces.
+#mail_extra_groups =
+
+# Allow full filesystem access to clients. There's no access checks other than
+# what the operating system does for the active UID/GID. It works with both
+# maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/
+# or ~user/.
+#mail_full_filesystem_access = no
+
+##
+## Mail processes
+##
+
+# Enable mail process debugging. This can help you figure out why Dovecot
+# isn't finding your mails.
+#mail_debug = no
+
+# Log prefix for mail processes. See
+# /usr/share/doc/dovecot-common/variables.txt for list of possible
+# variables you can use.
+#mail_log_prefix = "%Us(%u): "
+
+# Use mmap() instead of read() to read mail files. read() seems to be a bit
+# faster with my Linux/x86 and it's better with NFS, so that's the default.
+# Note that OpenBSD 3.3 and older don't work right with mail_read_mmaped = yes.
+#mail_read_mmaped = no
+
+# Don't use mmap() at all. This is required if you store indexes to shared
+# filesystems (NFS or clustered filesystem).
+#mmap_disable = no
+
+# Don't write() to mmaped files. This is required for some operating systems
+# which use separate caches for them, such as OpenBSD.
+#mmap_no_write = no
+
+# Locking method for index files. Alternatives are fcntl, flock and dotlock.
+# Dotlocking uses some tricks which may create more disk I/O than other locking
+# methods. NOTE: If you use NFS, remember to change also mmap_disable setting!
+#lock_method = fcntl
+
+# Drop all privileges before exec()ing the mail process. This is mostly
+# meant for debugging, otherwise you don't get core dumps. It could be a small
+# security risk if you use single UID for multiple users, as the users could
+# ptrace() each others processes then.
+#mail_drop_priv_before_exec = no
+
+# Show more verbose process titles (in ps). Currently shows user name and
+# IP address. Useful for seeing who are actually using the IMAP processes
+# (eg. shared mailboxes or if same uid is used for multiple accounts).
+#verbose_proctitle = no
+
+# Valid UID range for users, defaults to 500 and above. This is mostly
+# to make sure that users can't log in as daemons or other system users.
+# Note that denying root logins is hardcoded to dovecot binary and can't
+# be done even if first_valid_uid is set to 0.
+first_valid_uid = 103 # user: Debian-exim
+last_valid_uid = 103 # user: Debian-exim
+
+# Valid GID range for users, defaults to non-root/wheel. Users having
+# non-valid GID as primary group ID aren't allowed to log in. If user
+# belongs to supplementary groups with non-valid GIDs, those groups are
+# not set.
+first_valid_gid = 8 # group: mail
+last_valid_gid = 8 # group: mail
+
+# Maximum number of running mail processes. When this limit is reached,
+# new users aren't allowed to log in.
+#max_mail_processes = 1024
+
+# Set max. process size in megabytes. Most of the memory goes to mmap()ing
+# files, so it shouldn't harm much even if this limit is set pretty high.
+#mail_process_size = 256
+
+# Maximum allowed length for mail keyword name. It's only forced when trying
+# to create new keywords.
+#mail_max_keyword_length = 50
+
+# Default umask to use for mail files and directories.
+#umask = 0077
+
+# ':' separated list of directories under which chrooting is allowed for mail
+# processes (ie. /var/mail will allow chrooting to /var/mail/foo/bar too).
+# This setting doesn't affect login_chroot or auth_chroot variables.
+# WARNING: Never add directories here which local users can modify, that
+# may lead to root exploit. Usually this should be done only if you don't
+# allow shell access for users. See
+# /usr/share/doc/dovecot-common/configuration.txt for more information.
+valid_chroot_dirs = /var/mailhome
+
+# Default chroot directory for mail processes. This can be overridden for
+# specific users in user database by giving /./ in user's home directory
+# (eg. /home/./user chroots into /home). Note that usually there is no real
+# need to do chrooting, Dovecot doesn't allow users to access files outside
+# their mail directory anyway.
+#mail_chroot = 
+
+##
+## Mailbox handling optimizations
+##
+
+# Space-separated list of fields to initially save into cache file. Currently
+# these fields are allowed:
+#
+#  flags, date.sent, date.received, size.virtual, size.physical
+#  mime.parts, imap.body, imap.bodystructure
+#
+# Different IMAP clients work in different ways, so they benefit from
+# different cached fields. Some do not benefit from them at all. Caching more
+# than necessary generates useless disk I/O, so you don't want to do that
+# either.
+#
+# Dovecot attempts to automatically figure out what client wants and it keeps
+# only that. However the first few times a mailbox is opened, Dovecot hasn't
+# yet figured out what client needs, so it may not perform optimally. If you
+# know what fields the majority of your clients need, it may be useful to set
+# these fields by hand. If client doesn't actually use them, Dovecot will
+# eventually drop them.
+#
+# Usually you should just leave this field alone. The potential benefits are
+# typically unnoticeable.
+#mail_cache_fields = 
+
+# Space-separated list of fields that Dovecot should never save to cache file.
+# Useful if you want to save disk space at the cost of more I/O when the fields
+# needed.
+#mail_never_cache_fields = 
+
+# The minimum number of mails in a mailbox before updates are done to cache
+# file. This allows optimizing Dovecot's behavior to do less disk writes at
+# the cost of more disk reads.
+#mail_cache_min_mail_count = 0
+
+# When IDLE command is running, mailbox is checked once in a while to see if
+# there are any new mails or other changes. This setting defines the minimum
+# time to wait between those checks. Dovecot is however able to use dnotify
+# and inotify with Linux to reply immediately after the change occurs.
+#mailbox_idle_check_interval = 30
+
+# Save mails with CR+LF instead of plain LF. This makes sending those mails
+# take less CPU, especially with sendfile() syscall with Linux and FreeBSD.
+# But it also creates a bit more disk I/O which may just make it slower.
+# Also note that if other software reads the mboxes/maildirs, they may handle
+# the extra CRs wrong and cause problems.
+#mail_save_crlf = no
+
+##
+## Maildir-specific settings
+##
+
+# By default LIST command returns all entries in maildir beginning with dot.
+# Enabling this option makes Dovecot return only entries which are directories.
+# This is done by stat()ing each entry, so it causes more disk I/O.
+# (For systems setting struct dirent->d_type, this check is free and it's
+# done always regardless of this setting)
+#maildir_stat_dirs = no
+
+# Copy mail to another folders using hard links. This is much faster than
+# actually copying the file. This is problematic only if something modifies
+# the mail in one folder but doesn't want it modified in the others. I don't
+# know any MUA which would modify mail files directly. IMAP protocol also
+# requires that the mails don't change, so it would be problematic in any case.
+# If you care about performance, enable it.
+#maildir_copy_with_hardlinks = yes
+
+##
+## mbox-specific settings
+##
+
+# Which locking methods to use for locking mbox. There are four available:
+#  dotlock: Create <mailbox>.lock file. This is the oldest and most NFS-safe
+#           solution. If you want to use /var/mail/ like directory, the users
+#           will need write access to that directory.
+#  fcntl  : Use this if possible. Works with NFS too if lockd is used.
+#  flock  : May not exist in all systems. Doesn't work with NFS.
+#  lockf  : May not exist in all systems. Doesn't work with NFS.
+#
+# You can use multiple locking methods; if you do the order they're declared
+# in is important to avoid deadlocks if other MTAs/MUAs are using multiple
+# locking methods as well. Some operating systems don't allow using some of
+# them simultaneously.
+#mbox_read_locks = fcntl
+#mbox_write_locks = dotlock fcntl
+
+# Maximum time in seconds to wait for lock (all of them) before aborting.
+#mbox_lock_timeout = 300
+
+# If dotlock exists but the mailbox isn't modified in any way, override the
+# lock file after this many seconds.
+#mbox_dotlock_change_timeout = 120
+
+# When mbox changes unexpectedly we have to fully read it to find out what
+# changed. If the mbox is large this can take a long time. Since the change
+# is usually just a newly appended mail, it'd be faster to simply read the
+# new mails. If this setting is enabled, Dovecot does this but still safely
+# fallbacks to re-reading the whole mbox file whenever something in mbox isn't
+# how it's expected to be. The only real downside to this setting is that if
+# some other MUA changes message flags, Dovecot doesn't notice it immediately.
+# Note that a full sync is done with SELECT, EXAMINE, EXPUNGE and CHECK 
+# commands.
+#mbox_dirty_syncs = yes
+
+# Like mbox_dirty_syncs, but don't do full syncs even with SELECT, EXAMINE,
+# EXPUNGE or CHECK commands. If this is set, mbox_dirty_syncs is ignored.
+#mbox_very_dirty_syncs = no
+
+# Delay writing mbox headers until doing a full write sync (EXPUNGE and CHECK
+# commands and when closing the mailbox). This is especially useful for POP3
+# where clients often delete all mails. The downside is that our changes
+# aren't immediately visible to other MUAs.
+#mbox_lazy_writes = yes
+
+# If mbox size is smaller than this (in kilobytes), don't write index files.
+# If an index file already exists it's still read, just not updated.
+#mbox_min_index_size = 0
+
+##
+## dbox-specific settings
+##
+
+# Maximum dbox file size in kilobytes until it's rotated.
+#dbox_rotate_size = 2048
+
+# Minimum dbox file size in kilobytes before it's rotated
+# (overrides dbox_rotate_days)
+#dbox_rotate_min_size = 16
+
+# Maximum dbox file age in days until it's rotated. Day always begins from
+# midnight, so 1 = today, 2 = yesterday, etc. 0 = check disabled.
+#dbox_rotate_days = 0
+
+##
+## IMAP specific settings
+##
+
+protocol imap {
+  # Login executable location.
+  #login_executable = /usr/lib/dovecot/imap-login
+
+  # IMAP executable location. Changing this allows you to execute other
+  # binaries before the imap process is executed.
+  #
+  # This would write rawlogs into ~/dovecot.rawlog/ directory:
+  #   mail_executable = /usr/lib/dovecot/rawlog /usr/lib/dovecot/imap
+  #
+  # This would attach gdb into the imap process and write backtraces into
+  # /tmp/gdbhelper.* files:
+  #   mail_executable = /usr/libexec/dovecot/gdbhelper /usr/libexec/dovecot/imap
+  #
+  #mail_executable = /usr/lib/dovecot/imap
+
+  # Maximum IMAP command line length in bytes. Some clients generate very long
+  # command lines with huge mailboxes, so you may need to raise this if you get
+  # "Too long argument" or "IMAP command line too large" errors often.
+  #imap_max_line_length = 65536
+
+  # Support for dynamically loadable plugins. mail_plugins is a space separated
+  # list of plugins to load.
+  #mail_plugins = 
+  #mail_plugin_dir = /usr/lib/dovecot/modules/imap
+
+  # Send IMAP capabilities in greeting message. This makes it unnecessary for
+  # clients to request it with CAPABILITY command, so it saves one round-trip.
+  # Many clients however don't understand it and ask the CAPABILITY anyway.
+  #login_greeting_capability = no
+
+  # Override the IMAP CAPABILITY response.
+  #imap_capability = 
+
+  # Workarounds for various client bugs:
+  #   delay-newmail:
+  #     Send EXISTS/RECENT new mail notifications only when replying to NOOP
+  #     and CHECK commands. Some clients ignore them otherwise, for example
+  #     OSX Mail. Outlook Express breaks more badly though, without this it
+  #     may show user "Message no longer in server" errors. Note that OE6 still
+  #     breaks even with this workaround if synchronization is set to
+  #     "Headers Only".
+  #   outlook-idle:
+  #     Outlook and Outlook Express never abort IDLE command, so if no mail
+  #     arrives in half a hour, Dovecot closes the connection. This is still
+  #     fine, except Outlook doesn't connect back so you don't see if new mail
+  #     arrives.
+  #   netscape-eoh:
+  #     Netscape 4.x breaks if message headers don't end with the empty "end of
+  #     headers" line. Normally all messages have this, but setting this
+  #     workaround makes sure that Netscape never breaks by adding the line if
+  #     it doesn't exist. This is done only for FETCH BODY[HEADER.FIELDS..]
+  #     commands. Note that RFC says this shouldn't be done.
+  #   tb-extra-mailbox-sep:
+  #     With mbox storage a mailbox can contain either mails or submailboxes,
+  #     but not both. Thunderbird separates these two by forcing server to
+  #     accept '/' suffix in mailbox names in subscriptions list.
+  # The list is space-separated.
+  imap_client_workarounds = outlook-idle delay-newmail
+}
+
+##
+## POP3 specific settings
+##
+
+protocol pop3 {
+  # Login executable location.
+  #login_executable = /usr/lib/dovecot/pop3-login
+
+  # POP3 executable location. See IMAP's mail_executable above for examples
+  # how this could be changed.
+  #mail_executable = /usr/lib/dovecot/pop3
+
+  # Don't try to set mails non-recent or seen with POP3 sessions. This is
+  # mostly intended to reduce disk I/O. With maildir it doesn't move files
+  # from new/ to cur/, with mbox it doesn't write Status-header.
+  #pop3_no_flag_updates = no
+
+  # Support LAST command which exists in old POP3 specs, but has been removed
+  # from new ones. Some clients still wish to use this though. Enabling this
+  # makes RSET command clear all \Seen flags from messages.
+  #pop3_enable_last = no
+
+  # If mail has X-UIDL header, use it as the mail's UIDL.
+  #pop3_reuse_xuidl = no
+
+  # Keep the mailbox locked for the entire POP3 session.
+  #pop3_lock_session = no
+
+  # POP3 UIDL format to use. You can use following variables:
+  #
+  #  %v - Mailbox UIDVALIDITY
+  #  %u - Mail UID
+  #  %m - MD5 sum of the mailbox headers in hex (mbox only)
+  #  %f - filename (maildir only)
+  #
+  # If you want UIDL compatibility with other POP3 servers, use:
+  #  UW's ipop3d         : %08Xv%08Xu
+  #  Courier version 0   : %f
+  #  Courier version 1   : %u
+  #  Courier version 2   : %v-%u
+  #  Cyrus (<= 2.1.3)    : %u
+  #  Cyrus (>= 2.1.4)    : %v.%u
+  #  Older Dovecots      : %v.%u
+  #  tpop3d              : %Mf
+  #
+  # Note that Outlook 2003 seems to have problems with %v.%u format which was
+  # Dovecot's default, so if you're building a new server it would be a good
+  # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+  #
+  # NOTE: Nowadays this is required to be set explicitly, since the old
+  # default was bad but it couldn't be changed without breaking existing
+  # installations. %08Xu%08Xv will be the new default, so use it for new
+  # installations.
+  #
+  pop3_uidl_format = %08Xu%08Xv
+
+  # POP3 logout format string:
+  #  %t - number of TOP commands
+  #  %p - number of bytes sent to client as a result of TOP command
+  #  %r - number of RETR commands
+  #  %b - number of bytes sent to client as a result of RETR command
+  #  %d - number of deleted messages
+  #  %m - number of messages (before deletion)
+  #  %s - mailbox size in bytes (before deletion)
+  #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+  # Support for dynamically loadable plugins. mail_plugins is a space separated
+  # list of plugins to load.
+  #mail_plugins = 
+  #mail_plugin_dir = /usr/lib/dovecot/modules/pop3
+
+  # Workarounds for various client bugs:
+  #   outlook-no-nuls:
+  #     Outlook and Outlook Express hang if mails contain NUL characters.
+  #     This setting replaces them with 0x80 character.
+  #   oe-ns-eoh:
+  #     Outlook Express and Netscape Mail breaks if end of headers-line is
+  #     missing. This option simply sends it if it's missing.
+  # The list is space-separated.
+  #pop3_client_workarounds = 
+}
+
+##
+## LDA specific settings
+##
+
+# protocol lda {
+  # Address to use when sending rejection mails.
+  # postmaster_address = pos...@ex...
+
+  # Hostname to use in various parts of sent mails, eg. in Message-Id.
+  # Default is the system's real hostname.
+  #hostname = 
+
+  # Support for dynamically loadable plugins. mail_plugins is a space separated
+  # list of plugins to load.
+  #mail_plugins = 
+  #mail_plugin_dir = /usr/lib/dovecot/modules/lda
+
+  # Binary to use for sending mails.
+  #sendmail_path = /usr/lib/sendmail
+
+  # UNIX socket path to master authentication server to find users.
+  #auth_socket_path = /var/run/dovecot/auth-master
+
+  # Enabling Sieve plugin for server-side mail filtering
+  # mail_plugins = cmusieve
+# }
+
+##
+## Authentication processes
+##
+
+# Executable location
+#auth_executable = /usr/lib/dovecot/dovecot-auth
+
+# Set max. process size in megabytes.
+#auth_process_size = 256
+
+# Authentication cache size in kilobytes. 0 means it's disabled.
+# Note that bsdauth, PAM and vpopmail require cache_key to be set for caching
+# to be used. Also note that currently auth cache doesn't work very well if 
+# you're using multiple passdbs with same usernames in them.
+#auth_cache_size = 0
+# Time to live in seconds for cached data. After this many seconds the cached
+# record is no longer used, *except* if the main database lookup returns
+# internal failure. We also try to handle password changes automatically: If
+# user's previous authentication was successful, but this one wasn't, the
+# cache isn't used. For now this works only with plaintext authentication.
+#auth_cache_ttl = 3600
+
+# Space separated list of realms for SASL authentication mechanisms that need
+# them. You can leave it empty if you don't want to support multiple realms.
+# Many clients simply use the first one listed here, so keep the default realm
+# first.
+#auth_realms =
+
+# Default realm/domain to use if none was specified. This is used for both
+# SASL realms and appending @domain to username in plaintext logins.
+#auth_default_realm = 
+
+# List of allowed characters in username. If the user-given username contains
+# a character not listed in here, the login automatically fails. This is just
+# an extra check to make sure user can't exploit any potential quote escaping
+# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
+# set this value to empty.
+#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
+
+# Username character translations before it's looked up from databases. The
+# value contains series of from -> to characters. For example "#@/@" means
+# that '#' and '/' characters are translated to '@'.
+#auth_username_translation =
+
+# Username formatting before it's looked up from databases. You can use
+# the standard variables here, eg. %Lu would lowercase the username, %n would
+# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into
+# "-AT-". This translation is done after auth_username_translation changes.
+#auth_username_format =
+
+# If you want to allow master users to log in by specifying the master
+# username within the normal username string (ie. not using SASL mechanism's
+# support for it), you can specify the separator character here. The format
+# is then <username><separator><master username>. UW-IMAP uses "*" as the
+# separator, so that could be a good choice.
+#auth_master_user_separator =
+
+# Username to use for users logging in with ANONYMOUS SASL mechanism
+#auth_anonymous_username = anonymous
+
+# More verbose logging. Useful for figuring out why authentication isn't
+# working.
+#auth_verbose = yes
+
+# Even more verbose logging for debugging purposes. Shows for example SQL
+# queries.
+#auth_debug = yes
+
+# In case of password mismatches, log the passwords and used scheme so the
+# problem can be debugged. Requires auth_debug=yes to be set.
+#auth_debug_passwords = yes
+
+# Maximum number of dovecot-auth worker processes. They're used to execute
+# blocking passdb and userdb queries (eg. MySQL and PAM). They're
+# automatically created and destroyed as needed.
+#auth_worker_max_count = 30
+
+# Kerberos keytab to use for the GSSAPI mechanism. Will use the system 
+# default (usually /etc/krb5.keytab) if not specified.
+#auth_krb5_keytab = 
+
+auth default {
+  # Space separated list of wanted authentication mechanisms:
+  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
+  mechanisms = plain
+
+  #
+  # Password database is used to verify user's password (and nothing more).
+  # You can have multiple passdbs and userdbs. This is useful if you want to
+  # allow both system users (/etc/passwd) and virtual users to login without
+  # duplicating the system users into virtual database.
+  #
+  # http://wiki.dovecot.org/PasswordDatabase
+  #
+  # By adding master=yes setting inside a passdb you make the passdb a list
+  # of "master users", who can log in as anyone else. Unless you're using PAM,
+  # you probably still want the destination user to be looked up from passdb
+  # that it really exists. This can be done by adding pass=yes setting to the
+  # master passdb.
+  #
+  # http://wiki.dovecot.org/MasterPassword
+
+  # Users can be temporarily disabled by adding a passdb with deny=yes.
+  # If the user is found from that database, authentication will fail.
+  # The deny passdb should always be specified before others, so it gets
+  # checked first. Here's an example:
+
+  #passdb passwd-file {
+    # File contains a list of usernames, one per line
+    #args = /etc/dovecot.deny
+    #deny = yes
+  #}
+
+  # PAM authentication. Preferred nowadays by most systems. 
+  # Note that PAM can only be used to verify if user's password is correct,
+  # so it can't be used as userdb. If you don't want to use a separate user
+  # database (passwd usually), you can use static userdb.
+  # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
+  # authentication to actually work.
+  # http://wiki.dovecot.org/PasswordDatabase/PAM
+  #passdb pam {
+    #  [session=yes] [setcred=yes] [cache_key=<key>] [<service name>]
+    #
+    # session=yes makes Dovecot open and immediately close PAM session. Some
+    # PAM plugins need this to work, such as pam_mkhomedir.
+    #
+    # setcred=yes makes Dovecot establish PAM credentials if some PAM plugins
+    # need that. They aren't ever deleted though, so this isn't enabled by
+    # default.
+    #
+    # cache_key can be used to enable authentication caching for PAM
+    # (auth_cache_size also needs to be set). It isn't enabled by default
+    # because PAM modules can do all kinds of checks besides checking password,
+    # such as checking IP address. Dovecot can't know about these checks
+    # without some help. cache_key is simply a list of variables (see
+    # /usr/share/doc/dovecot-common/variables.txt) which must match for
+    # the cached data to be used.
+    # Here are some examples:
+    #   %u - Username must match. Probably sufficient for most uses.
+    #   %u%r - Username and remote IP address must match.
+    #   %u%s - Username and service (ie. IMAP, POP3) must match.
+    # 
+    # If service name is "*", it means the authenticating service name
+    # is used, eg. pop3 or imap (/etc/pam.d/pop3, /etc/pam.d/imap).
+    #
+    # Some examples:
+    #   args = session=yes *
+    #   args = cache_key=%u dovecot
+    #args = dovecot
+  #}
+
+  # /etc/passwd or similar, using getpwnam()
+  # In many systems nowadays this uses Name Service Switch, which is
+  # configured in /etc/nsswitch.conf.
+  # http://wiki.dovecot.org/AuthDatabase/Passwd
+  #passdb passwd {
+  #}
+
+  # /etc/shadow or similiar, using getspnam(). Deprecated by PAM nowadays.
+  # http://wiki.dovecot.org/PasswordDatabase/Shadow
+  #passdb shadow {
+  #}
+
+  # PAM-like authentication for OpenBSD.
+  # http://wiki.dovecot.org/PasswordDatabase/BSDAuth
+  #passdb bsdauth {
+    # [cache_key=<key>] - See cache_key in PAM for explanation.
+    #args =
+  #}
+
+  # passwd-like file with specified location
+  # http://wiki.dovecot.org/AuthDatabase/PasswdFile
+  #passdb passwd-file {
+    # Path for passwd-file
+    #args = 
+  #}
+
+  # checkpassword executable authentication
+  # NOTE: You will probably want to use "userdb prefetch" with this.
+  # http://wiki.dovecot.org/PasswordDatabase/CheckPassword
+  #passdb checkpassword {
+    # Path for checkpassword binary
+    #args = 
+  #}
+
+  # SQL database
+  # http://wiki.dovecot.org/AuthDatabase/SQL
+  #passdb sql {
+    # Path for SQL configuration file, see /etc/dovecot/dovecot-sql.conf for example
+    #args = 
+  #}
+
+  # LDAP database
+  # http://wiki.dovecot.org/AuthDatabase/LDAP
+  passdb ldap {
+    # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for example
+    args =  /etc/dovecot/dovecot-ldap.conf
+  }
+
+  # vpopmail authentication
+  # http://wiki.dovecot.org/AuthDatabase/VPopMail
+  #passdb vpopmail {
+    # [cache_key=<key>] - See cache_key in PAM for explanation.
+    #args =
+  #}
+
+  #
+  # User database specifies where mails are located and what user/group IDs
+  # own them. For single-UID configuration use "static".
+  #
+  # http://wiki.dovecot.org/UserDatabase
+  #
+
+  # /etc/passwd or similar, using getpwnam()
+  # In many systems nowadays this uses Name Service Switch, which is
+  # configured in /etc/nsswitch.conf. WARNING: nss_ldap is known to be broken
+  # with Dovecot. Don't use it, or users might log in as each others!
+  # http://wiki.dovecot.org/AuthDatabase/Passwd
+  #userdb passwd {
+  #}
+
+  # passwd-like file with specified location
+  # http://wiki.dovecot.org/AuthDatabase/PasswdFile
+  #userdb passwd-file {
+    # Path for passwd-file
+    #args =
+  #}
+
+  # static settings generated from template
+  # http://wiki.dovecot.org/UserDatabase/Static
+  #userdb static {
+    # Template for the fields. Can return anything a userdb could normally
+    # return. For example:
+    #
+    #  args = uid=500 gid=500 home=/var/mail/%u
+    #
+    #args =
+  #}
+
+  # SQL database
+  # http://wiki.dovecot.org/AuthDatabase/SQL
+  #userdb sql {
+    # Path for SQL configuration file, see /etc/dovecot/dovecot-sql.conf for example
+    #args = 
+  #}
+
+  # LDAP database
+  # http://wiki.dovecot.org/AuthDatabase/LDAP
+  userdb ldap {
+    # Path for LDAP configuration file, see /etc/dovecot/dovecot-ldap.conf for example
+    args = /etc/dovecot/dovecot-ldap.conf
+  }
+
+  # vpopmail
+  # http://wiki.dovecot.org/AuthDatabase/VPopMail
+  #userdb vpopmail {
+  #}
+
+  # "prefetch" user database means that the passdb already provided the
+  # needed information and there's no need to do a separate userdb lookup.
+  # This can be made to work with SQL and LDAP databases, see their example
+  # configuration files for more information how to do it.
+  # http://wiki.dovecot.org/UserDatabase/Prefetch
+  #userdb prefetch {
+  #}
+
+  # User to use for the process. This user needs access to only user and
+  # password databases, nothing else. Only shadow and pam authentication
+  # requires roots, so use something else if possible. Note that passwd
+  # authentication with BSDs internally accesses shadow files, which also
+  # requires roots. Note that this user is NOT used to access mails.
+  # That user is specified by userdb above.
+  #user = root
+
+  # Directory where to chroot the process. Most authentication backends don't
+  # work if this is set, and there's no point chrooting if auth_user is root.
+  # Note that valid_chroot_dirs isn't needed to use this setting.
+  #chroot = 
+
+  # Number of authentication processes to create
+  #count = 1
+
+  # Require a valid SSL client certificate or the authentication fails.
+  #ssl_require_client_cert = no
+
+  # Take the username from client's SSL certificate, using 
+  # X509_NAME_get_text_by_NID() which returns the subject's DN's
+  # CommonName. 
+  #ssl_username_from_cert = no
+
+  # It's possible to export the authentication interface to other programs:
+  #socket listen {
+    #master {
+      # Master socket is typically used to give Dovecot's local delivery
+      # agent access to userdb so it can find mailbox locations. It can
+      # however also be used to disturb regular user authentications.
+      # WARNING: Giving untrusted users access to master socket may be a 
+      # security risk, don't give too wide permissions to it!
+      #path = /var/run/dovecot/auth-master
+      #mode = 0600
+      # Default user/group is the one who started dovecot-auth (root)
+      #user = 
+      #group = 
+    #}
+    #client {
+      # The client socket is generally safe to export to everyone. Typical use
+      # is to export it to your SMTP server so it can do SMTP AUTH lookups
+      # using it.
+      #path = /var/run/dovecot/auth-client
+      #mode = 0660
+    #}
+  #}
+
+  ## dovecot-lda specific settings
+  ##
+  # socket listen {
+  #   master {
+  #     path = /var/run/dovecot/auth-master
+  #     mode = 0600
+  #     user = mail # User running Dovecot LDA
+  #     #group = mail # Or alternatively mode 0660 + LDA user in this group
+  #   }
+  # }
+
+}
+
+# If you wish to use another authentication server than dovecot-auth, you can
+# use connect sockets. They assumed to be already running, Dovecot's master
+# process only tries to connect to them. They don't need any other settings
+# than the path for the master socket, as the configuration is done elsewhere.
+# Note that the client sockets must exist in the login_dir.
+#auth external {
+#  socket connect {
+#    master {
+#      path = /var/run/dovecot/auth-master
+#    }
+#  }
+#}
+
+##
+## Dictionary server settings
+##
+
+# Dictionary can be used by some plugins to store key=value lists.
+# Currently this is only used by dict quota backend. The dictionary can be
+# used either directly or though a dictionary server. The following dict block
+# maps dictionary names to URIs when the server is used. These can then be
+# referenced using URIs in format "proxy:<name>".
+
+#dict {
+  #quota = mysql:/etc/dovecot-dict-quota.conf 
+#}
+
+##
+## Plugin settings
+##
+
+#plugin {
+  # Here you can give some extra environment variables to mail processes.
+  # This is mostly meant for passing parameters to plugins. %variable
+  # expansion is done for all values.
+
+  # Quota plugin. Multiple backends are supported:
+  #   dirsize: Find and sum all the files found from mail directory
+  #   dict: Keep quota stored in dictionary (eg. SQL)
+  #   maildir: Maildir++ quota
+  #   fs: Read-only support for filesystem quota
+  #quota = maildir
+
+  # ACL plugin. vfile backend reads ACLs from "dovecot-acl" file from maildir
+  # directory. You can also optionally give a global ACL directory path where
+  # ACLs are applied to all users' mailboxes. The global ACL directory contains
+  # one file for each mailbox, eg. INBOX or sub.mailbox.
+  #acl = vfile:/etc/dovecot-acls
+
+  # Convert plugin. If set, specifies the source storage path which is
+  # converted to destination storage (mail_location).
+  #convert_mail = mbox:%h/mail
+
+  # Trash plugin. When saving a message would make user go over quota, this
+  # plugin automatically deletes the oldest mails from configured mailboxes
+  # until the message can be saved within quota limits. The configuration file
+  # is a text file where each line is in format: <priority> <mailbox name>
+  # Mails are first deleted in lowest -> highest priority number order
+  #trash = /etc/dovecot-trash.conf
+#}


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [179] trunk/doc/examples/exim4/exim4.conf.dist

[<dwe...@us...>]

Revision: 179
          http://elma.svn.sourceforge.net/elma/?rev=179&view=rev
Author:   dweuthen
Date:     2007-10-17 05:25:31 -0700 (Wed, 17 Oct 2007)

Log Message:
-----------
recovered old version

Modified Paths:
--------------
    trunk/doc/examples/exim4/exim4.conf.dist

Modified: trunk/doc/examples/exim4/exim4.conf.dist
===================================================================
--- trunk/doc/examples/exim4/exim4.conf.dist	2007-10-12 14:21:23 UTC (rev 178)
+++ trunk/doc/examples/exim4/exim4.conf.dist	2007-10-17 12:25:31 UTC (rev 179)
@@ -13,13 +13,6 @@
 # correctness before installing it (for example, by running the command    #
 # "exim -C /config/file.new -bV").                                         #
 #                                                                          #
-# This configuration contains just the needed parameters to run ELMA,      #
-# with short or even none comments.                                        #
-# For a full and comprehensive documentation of all available parameters,  #
-# see http://www.exim.org/exim-html-current/doc/html/spec_html/index.html  #
-#                                                                          #
-# vim folding: use zo to open, zc to close a folding                       #
-#                                                                          #
 ########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
 
 
@@ -27,7 +20,6 @@
 #                    MAIN CONFIGURATION SETTINGS                     #
 ######################################################################
 
-# LDAP connection parameters <<<
 LDAP_HOSTNAME = 127.0.0.1:389
 LDAP_BASEDN = o=mybasedn
 LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
@@ -35,208 +27,497 @@
 LDAP_USER = uid=exim4,LDAP_USERS_ROOT_DN
 LDAP_PASS = exim4pass
 LDAP_DEFAULT_SERVERS = 127.0.0.1::389
-# >>>
 
-# LDAP macros# <<<
-# Check if a domain is active
-LDAP_ACTIVE_DOMAIN = ${\
-  if eqi {true}{\
-    ${lookup ldap{user=LDAP_USER pass=LDAP_PASS \
-      ldap://LDAP_HOSTNAME/dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub\
-    }}\
-  } {yes}{no}\
-}
+LDAP_ACTIVE_USER = ${if eqi {true}{${lookup ldap{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub}}} {yes}{no} }
 
-# Check if an users account is active
-LDAP_ACTIVE_USER = ${\
-  if eqi {true}{\
-    ${lookup ldap{user=LDAP_USER pass=LDAP_PASS \
-      ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub\
-    }}\
-  } {yes}{no}\
-}
+MAILHOME = /var/mailhome
 
-# get the uid attribute for an user
-LDAP_GET_UID = ${lookup ldap{\
-  user=LDAP_USER pass=LDAP_PASS \
-  ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?uid?sub?(objectclass=mailUser)\
-} {$value} {no} }
 
-# get the mailSieveFilter attribute for an user
-LDAP_GET_USER_FILTER = ${lookup ldap{\
-  user=LDAP_USER pass=LDAP_PASS \
-  ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?sub?(objectclass=mailUser)\
-} {$value} }
+# Specify your host's canonical name here. This should normally be the fully
+# qualified "official" name of your host. If this option is not set, the
+# uname() function is called to obtain the name. In many cases this does
+# the right thing and you need not set anything explicitly.
 
-# get the mailSieveFilter attribute for a domain
-LDAP_GET_DOMAIN_FILTER = ${lookup ldap{\
-  user=LDAP_USER pass=LDAP_PASS \
-  ldap://LDAP_HOSTNAME/dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?sub?(objectclass=mailDomain)\
-} {$value} }
+# primary_hostname =
 
-# return the user's homeDirectory
-LDAP_HOME_DIRECTORY = ${lookup ldap {\
-  user=LDAP_USER pass=LDAP_PASS \
-  ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?homeDirectory?\
-} {$value} fail}
 
-# TODO: comment
-LDAP_ALIASES = ${\
-  if eq {yes}{LDAP_ACTIVE_USER} {\
-    ${lookup ldapm{\
-      user=LDAP_USER pass=LDAP_PASS \
-      ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?sub?(objectclass=mailalias)\
-    }}\
-  } {} \
-}
-# >>>
+# The next three settings create two lists of domains and one list of hosts.
+# These lists are referred to later in this configuration using the syntax
+# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
+# are all colon-separated lists:
 
-# the rest <<<
-# Most times the result of uname() is sufficient. If not, 
-# specifiy your hostname here
-#primary_hostname =
-
-# We fetch our local_domains from LDAP.
 domainlist local_domains = @ : ${tr {${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/LDAP_DOMAINS_ROOT_DN?dc?one?(mailStatus=TRUE)}}} {\n}{:}}
-
-# localhost is allowed to relay - noone else
+domainlist relay_to_domains =
 hostlist   relay_from_hosts = 127.0.0.1
 
-# Exim will connect SpamAssassin per default on localhost:783.
-#spamd_address = 127.0.0.1 783
+# Most straightforward access control requirements can be obtained by
+# appropriate settings of the above options. In more complicated situations,
+# you may need to modify the Access Control List (ACL) which appears later in
+# this file.
 
+# The first setting specifies your local domains, for example:
+#
+#   domainlist local_domains = my.first.domain : my.second.domain
+#
+# You can use "@" to mean "the name of the local host", as in the default
+# setting above. This is the name that is specified by primary_hostname,
+# as specified above (or defaulted). If you do not want to do any local
+# deliveries, remove the "@" from the setting above. If you want to accept mail
+# addressed to your host's literal IP address, for example, mail addressed to
+# "user@[192.168.23.44]", you can add "@[]" as an item in the local domains
+# list. You also need to uncomment "allow_domain_literals" below. This is not
+# recommended for today's Internet.
+
+# The second setting specifies domains for which your host is an incoming relay.
+# If you are not doing any relaying, you should leave the list empty. However,
+# if your host is an MX backup or gateway of some kind for some domains, you
+# must set relay_to_domains to match those domains. For example:
+#
+# domainlist relay_to_domains = *.myco.com : my.friend.org
+#
+# This will allow any host to relay through your host to those domains.
+# See the section of the manual entitled "Control of relaying" for more
+# information.
+
+# The third setting specifies hosts that can use your host as an outgoing relay
+# to any other host on the Internet. Such a setting commonly refers to a
+# complete local network as well as the localhost. For example:
+#
+# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
+#
+# The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you
+# have to include 127.0.0.1 if you want to allow processes on your host to send
+# SMTP mail by using the loopback address. A number of MUAs use this method of
+# sending mail.
+
+# All three of these lists may contain many different kinds of item, including
+# wildcarded names, regular expressions, and file lookups. See the reference
+# manual for details. The lists above are used in the access control lists for
+# checking incoming messages. The names of these ACLs are defined here:
+
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+
+# You should not change those settings until you understand how ACLs work.
+
+
+# If you are running a version of Exim that was compiled with the content-
+# scanning extension, you can cause incoming messages to be automatically
+# scanned for viruses. You have to modify the configuration in two places to
+# set this up. The first of them is here, where you define the interface to
+# your scanner. This example is typical for ClamAV; see the manual for details
+# of what to set for other virus scanners. The second modification is in the
+# acl_check_data access control list (see below).
+
+# av_scanner = clamd:/tmp/clamd
+
+
+# For spam scanning, there is a similar option that defines the interface to
+# SpamAssassin. You do not need to set this if you are using the default, which
+# is shown in this commented example. As for virus scanning, you must also
+# modify the acl_check_data access control list to enable spam scanning.
+
+# spamd_address = 127.0.0.1 783
+
+
+# If Exim is compiled with support for TLS, you may want to enable the
+# following options so that Exim allows clients to make encrypted
+# connections. In the authenticators section below, there are template
+# configurations for plaintext username/password authentication. This kind
+# of authentication is only safe when used within a TLS connection, so the
+# authenticators will only work if the following TLS settings are turned on
+# as well.
+
 # Allow any client to use TLS.
-#tls_advertise_hosts = *
 
-# TODO: specify your certificate/key here!
-#tls_certificate = /etc/ssl/exim.crt
-#tls_privatekey = /etc/ssl/exim.pem
+# tls_advertise_hosts = *
 
-# Add port 465 to daemon_smtp_ports, if you want to provide tls-on-connect
-daemon_smtp_ports = 25 : 587
-#tls_on_connect_ports = 465
+# Specify the location of the Exim server's TLS certificate and private key.
+# The private key must not be encrypted (password protected). You can put
+# the certificate and private key in the same file, in which case you only
+# need the first setting, or in separate files, in which case you need both
+# options.
 
-# Qualify locally generated sender-addresses, 
-# per default with our primary_hostname
-sender_unqualified_hosts = localhost
+# tls_certificate = /etc/ssl/exim.crt
+# tls_privatekey = /etc/ssl/exim.pem
 
-# No deliveries will ever be run under the uids of these users
+# In order to support roaming users who wish to send email from anywhere,
+# you may want to make Exim listen on other ports as well as port 25, in
+# case these users need to send email from a network that blocks port 25.
+# The standard port for this purpose is port 587, the "message submission"
+# port. See RFC 4409 for details. Microsoft MUAs cannot be configured to
+# talk the message submission protocol correctly, so if you need to support
+# them you should also allow TLS-on-connect on the traditional but
+# non-standard port 465.
+
+# daemon_smtp_ports = 25 : 465 : 587
+# tls_on_connect_ports = 465
+
+
+# Specify the domain you want to be added to all unqualified addresses
+# here. An unqualified address is one that does not contain an "@" character
+# followed by a domain. For example, "caesar@rome.example" is a fully qualified
+# address, but the string "caesar" (i.e. just a login name) is an unqualified
+# email address. Unqualified addresses are accepted only from local callers by
+# default. See the recipient_unqualified_hosts option if you want to permit
+# unqualified addresses from remote sources. If this option is not set, the
+# primary_hostname value is used for qualification.
+
+# qualify_domain =
+
+
+# If you want unqualified recipient addresses to be qualified with a different
+# domain to unqualified sender addresses, specify the recipient domain here.
+# If this option is not set, the qualify_domain value is used.
+
+# qualify_recipient =
+
+
+# The following line must be uncommented if you want Exim to recognize
+# addresses of the form "user@[10.11.12.13]" that is, with a "domain literal"
+# (an IP address) instead of a named domain. The RFCs still require this form,
+# but it makes little sense to permit mail to be sent to specific hosts by
+# their IP address in the modern Internet. This ancient format has been used
+# by those seeking to abuse hosts by using them for unwanted relaying. If you
+# really do want to support domain literals, uncomment the following line, and
+# see also the "domain_literal" router below.
+
+# allow_domain_literals
+
+
+# No deliveries will ever be run under the uids of these users (a colon-
+# separated list). An attempt to do so causes a panic error to be logged, and
+# the delivery to be deferred. This is a paranoic safety catch. There is an
+# even stronger safety catch in the form of the FIXED_NEVER_USERS setting
+# in the configuration for building Exim. The list of users that it specifies
+# is built into the binary, and cannot be changed. The option below just adds
+# additional users to the list. The default for FIXED_NEVER_USERS is "root",
+# but just to be absolutely sure, the default here is also "root".
+
+# Note that the default setting means you cannot deliver mail addressed to root
+# as if it were a normal user. This isn't usually a problem, as most sites have
+# an alias for root that redirects such mail to a human administrator.
+
 never_users = root
 
-# Every host will get a lookup for free
+
+# The setting below causes Exim to do a reverse DNS lookup on all incoming
+# IP calls, in order to get the true host name. If you feel this is too
+# expensive, you can specify the networks for which a lookup is done, or
+# remove the setting entirely.
+
 host_lookup = *
 
-# .. but we won't do any ident-lookups
+
+# The settings below, which are actually the same as the defaults in the
+# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
+# calls. You can limit the hosts to which these calls are made, and/or change
+# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
+# are disabled. RFC 1413 calls are cheap and can provide useful information
+# for tracing problem messages, but some hosts and firewalls have problems
+# with them. This can result in a timeout instead of an immediate refused
+# connection, leading to delays on starting up SMTP sessions. (The default was
+# reduced from 30s to 5s for release 4.61.)
+
 rfc1413_hosts = *
-rfc1413_query_timeout = 0s
+rfc1413_query_timeout = 5s
 
+
+# By default, Exim expects all envelope addresses to be fully qualified, that
+# is, they must contain both a local part and a domain. If you want to accept
+# unqualified addresses (just a local part) from certain hosts, you can specify
+# these hosts by setting one or both of
+#
+# sender_unqualified_hosts =
+# recipient_unqualified_hosts =
+#
+# to control sender and recipient addresses, respectively. When this is done,
+# unqualified addresses are qualified using the settings of qualify_domain
+# and/or qualify_recipient (see above).
+
+
+# If you want Exim to support the "percent hack" for certain domains,
+# uncomment the following line and provide a list of domains. The "percent
+# hack" is the feature by which mail addressed to x%y@z (where z is one of
+# the domains listed) is locally rerouted to x@y and sent on. If z is not one
+# of the "percent hack" domains, x%y is treated as an ordinary local part. This
+# hack is rarely needed nowadays; you should not enable it unless you are sure
+# that you really need it.
+#
+# percent_hack_domains =
+#
+# As well as setting this option you will also need to remove the test
+# for local parts containing % in the ACL definition below.
+
+
+# When Exim can neither deliver a message nor return it to sender, it "freezes"
+# the delivery error message (aka "bounce message"). There are also other
+# circumstances in which messages get frozen. They will stay on the queue for
+# ever unless one of the following options is set.
+
 # This option unfreezes frozen bounce messages after two days, tries
 # once more to deliver them, and ignores any delivery failures.
+
 ignore_bounce_errors_after = 2d
 
 # This option cancels (removes) frozen messages that are older than a week.
+
 timeout_frozen_after = 7d
-# >>>
 
+
+
 ######################################################################
 #                       ACL CONFIGURATION                            #
 #         Specifies access control lists for incoming SMTP mail      #
 ######################################################################
 
-# ACL assignment <<<
-acl_smtp_rcpt = acl_check_rcpt
-acl_smtp_data = acl_check_data
-# >>>
-
 begin acl
 
-# RCPT TO <<<
+# This access control list is used for every RCPT command in an incoming
+# SMTP message. The tests are run in order until the address is either
+# accepted or denied.
+
 acl_check_rcpt:
 
-  # Accept if the source is local SMTP
+  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
+  # testing for an empty sending host field.
+
   accept  hosts = :
 
+  #############################################################################
   # The following section of the ACL is concerned with local parts that contain
   # @ or % or ! or / or | or dots in unusual places.
+  #
+  # The characters other than dots are rarely found in genuine local parts, but
+  # are often tried by people looking to circumvent relaying restrictions.
+  # Therefore, although they are valid in local parts, these rules lock them
+  # out, as a precaution.
+  #
+  # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
+  # allows them because they have been encountered. (Consider local parts
+  # constructed as "firstinitial.secondinitial.familyname" when applied to
+  # someone like me, who has no second initial.) However, a local part starting
+  # with a dot or containing /../ can cause trouble if it is used as part of a
+  # file name (e.g. for a mailing list). This is also true for local parts that
+  # contain slashes. A pipe symbol can also be troublesome if the local part is
+  # incorporated unthinkingly into a shell command line.
+  #
+  # Two different rules are used. The first one is stricter, and is applied to
+  # messages that are addressed to one of the local domains handled by this
+  # host. The line "domains = +local_domains" restricts it to domains that are
+  # defined by the "domainlist local_domains" setting above. The rule  blocks
+  # local parts that begin with a dot or contain @ % ! / or |. If you have
+  # local accounts that include these characters, you will have to modify this
+  # rule.
+
   deny    message       = Restricted characters in address
           domains       = +local_domains
           local_parts   = ^[.] : ^.*[@%!/|]
 
+  # The second rule applies to all other domains, and is less strict. The line
+  # "domains = !+local_domains" restricts it to domains that are NOT defined by
+  # the "domainlist local_domains" setting above. The exclamation mark is a
+  # negating operator. This rule allows your own users to send outgoing
+  # messages to sites that use slashes and vertical bars in their local parts.
+  # It blocks local parts that begin with a dot, slash, or vertical bar, but
+  # allows these characters within the local part. However, the sequence /../
+  # is barred. The use of @ % and ! is blocked, as before. The motivation here
+  # is to prevent your users (or your users' viruses) from mounting certain
+  # kinds of attack on remote sites.
+
   deny    message       = Restricted characters in address
           domains       = !+local_domains
           local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+  #############################################################################
 
   # Accept mail to postmaster in any local domain, regardless of the source,
   # and without verifying the sender.
+
   accept  local_parts   = postmaster
           domains       = +local_domains
 
   # Deny unless the sender address can be verified.
+
   require verify        = sender
 
   # Accept if the message comes from one of the hosts for which we are an
-  # outgoing relay.
+  # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
+  # so we set control=submission to make Exim treat the message as a
+  # submission. It will fix up various errors in the message, for example, the
+  # lack of a Date: header line. If you are actually relaying out out from
+  # MTAs, you may want to disable this. If you are handling both relaying from
+  # MTAs and submissions from MUAs you should probably split them into two
+  # lists, and handle them differently.
+
+  # Recipient verification is omitted here, because in many cases the clients
+  # are dumb MUAs that don't cope well with SMTP error responses. If you are
+  # actually relaying out from MTAs, you should probably add recipient
+  # verification here.
+
+  # Note that, by putting this test before any DNS black list checks, you will
+  # always accept from these hosts, even if they end up on a black list. The
+  # assumption is that they are your friends, and if they get onto a black
+  # list, it is a mistake.
+
   accept  hosts         = +relay_from_hosts
           control       = submission
 
-  # Accept if the message arrived over an authenticated connection.
+  # Accept if the message arrived over an authenticated connection, from
+  # any host. Again, these messages are usually from MUAs, so recipient
+  # verification is omitted, and submission mode is set. And again, we do this
+  # check before any black list tests.
+
   accept  authenticated = *
           control       = submission
 
   # Insist that any other recipient address that we accept is either in one of
   # our local domains, or is in a domain for which we explicitly allow
   # relaying. Any other domain is rejected as being unacceptable for relaying.
+
   require message = relay not permitted
           domains = +local_domains : +relay_domains
 
-  # We also require all accepted addresses to be verifiable.
+  # We also require all accepted addresses to be verifiable. This check will
+  # do local part verification for local domains, but only check the domain
+  # for remote domains. The only way to check local parts for the remote
+  # relay domains is to use a callout (add /callout), but please read the
+  # documentation about callouts before doing this.
+
   require verify = recipient
 
+  #############################################################################
+  # There are no default checks on DNS black lists because the domains that
+  # contain these lists are changing all the time. However, here are two
+  # examples of how you can get Exim to perform a DNS black list lookup at this
+  # point. The first one denies, whereas the second just warns.
+  #
+  # deny    message       = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+  #         dnslists      = black.list.example
+  #
+  # warn    dnslists      = black.list.example
+  #         add_header    = X-Warning: $sender_host_address is in a black list at $dnslist_domain
+  #         log_message   = found in $dnslist_domain
+  #############################################################################
+
+  #############################################################################
+  # This check is commented out because it is recognized that not every
+  # sysadmin will want to do it. If you enable it, the check performs
+  # Client SMTP Authorization (csa) checks on the sending host. These checks
+  # do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
+  # an Internet draft. You can, of course, add additional conditions to this
+  # ACL statement to restrict the CSA checks to certain hosts only.
+  #
+  # require verify = csa
+  #############################################################################
+
   # At this point, the address has passed all the checks that have been
   # configured, so we accept it unconditionally.
+
   accept
 
-# >>>
 
-# DATA <<<
+# This ACL is used after the contents of a message have been received. This
+# is the ACL in which you can test a message's headers or body, and in
+# particular, this is where you can invoke external virus or spam scanners.
+# Some suggested ways of configuring these tests are shown below, commented
+# out. Without any tests, this ACL accepts all messages. If you want to use
+# such tests, you must ensure that Exim is compiled with the content-scanning
+# extension (WITH_CONTENT_SCAN=yes in Local/Makefile).
+
 acl_check_data:
 
   # Deny if the message contains a virus. Before enabling this check, you
   # must install a virus scanner and set the av_scanner option above.
-  #deny    malware    = *
-  #        message    = This message contains a virus ($malware_name).
+  #
+  # deny    malware    = *
+  #         message    = This message contains a virus ($malware_name).
 
   # Add headers to a message if it is judged to be spam. Before enabling this,
   # you must install SpamAssassin. You may also need to set the spamd_address
   # option above.
-  #warn    spam       = nobody
-  #        add_header = X-Spam_score: $spam_score\n\
-  #                     X-Spam_score_int: $spam_score_int\n\
-  #                     X-Spam_bar: $spam_bar\n\
-  #                     X-Spam_report: $spam_report
+  #
+  # warn    spam       = nobody
+  #         add_header = X-Spam_score: $spam_score\n\
+  #                      X-Spam_score_int: $spam_score_int\n\
+  #                      X-Spam_bar: $spam_bar\n\
+  #                      X-Spam_report: $spam_report
 
   # Accept the message.
+
   accept
 
-# >>>
 
+
 ######################################################################
 #                      ROUTERS CONFIGURATION                         #
 #               Specifies how addresses are handled                  #
 ######################################################################
+#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
+# An address is passed to each router in turn until it is accepted.  #
+######################################################################
 
 begin routers
 
-# mails destined for remote hosts <<<
+# This router routes to remote hosts over SMTP by explicit IP address,
+# when an email address is given in "domain literal" form, for example,
+# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
+# little-known these days, and has been exploited by evil people seeking
+# to abuse SMTP relays. Consequently it is commented out in the default
+# configuration. If you uncomment this router, you also need to uncomment
+# allow_domain_literals above, so that Exim can recognize the syntax of
+# domain literal addresses.
+
+# domain_literal:
+#   driver = ipliteral
+#   domains = ! +local_domains
+#   transport = remote_smtp
+
+
+# This router routes addresses that are not in local domains by doing a DNS
+# lookup on the domain name. The exclamation mark that appears in "domains = !
+# +local_domains" is a negating operator, that is, it can be read as "not". The
+# recipient's domain must not be one of those defined by "domainlist
+# local_domains" above for this router to be used.
+#
+# If the router is used, any domain that resolves to 0.0.0.0 or to a loopback
+# interface address (127.0.0.0/8) is treated as if it had no DNS entry. Note
+# that 0.0.0.0 is the same as 0.0.0.0/32, which is commonly treated as the
+# local host inside the network stack. It is not 0.0.0.0/0, the default route.
+# If the DNS lookup fails, no further routers are tried because of the no_more
+# setting, and consequently the address is unrouteable.
+
 dnslookup:
   driver = dnslookup
   domains = ! +local_domains
   transport = remote_smtp
   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
   no_more
-# >>>
 
-# system_aliases <<<
+
+# The remaining routers handle addresses in the local domain(s), that is those
+# domains that are defined by "domainlist local_domains" above.
+
+
+# This router handles aliasing using a linearly searched alias file with the
+# name /etc/aliases. When this configuration is installed automatically,
+# the name gets inserted into this file from whatever is set in Exim's
+# build-time configuration. The default path is the traditional /etc/aliases.
+# If you install this configuration by hand, you need to specify the correct
+# path in the "data" setting below.
+#
+##### NB  You must ensure that the alias file exists. It used to be the case
+##### NB  that every Unix had that file, because it was the Sendmail default.
+##### NB  These days, there are systems that don't have it. Your aliases
+##### NB  file should at least contain an alias for "postmaster".
+#
+# If any of your aliases expand to pipes or files, you will need to set
+# up a user and a group for these deliveries to run under. You can do
+# this by uncommenting the "user" option below (changing the user name
+# as appropriate) and adding a "group" option if necessary. Alternatively, you
+# can specify "user" on the transports that are used. Note that the transports
+# listed below are the same as are used for .forward files; you might want
+# to set up different ones for pipe and file deliveries from aliases.
+
 system_aliases:
   driver = redirect
   allow_fail
@@ -245,81 +526,72 @@
 # user = exim
   file_transport = address_file
   pipe_transport = address_pipe
-# >>>
 
-# resolve aliases from LDAP <<<
+
 ldap_aliases:
   driver = redirect
   allow_fail
   allow_defer
-  data = LDAP_ALIASES 
-# >>>
+  data = ${if eq {yes}{LDAP_ACTIVE_USER} {${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?sub?(objectclass=mailalias)}}}{no}}
+  file_transport = address_file
+  pipe_transport = address_pipe
 
-# ldap domain filter <<<
-ldap_domain_filter:
-  driver = redirect
-  allow_filter
-  user = mail
-  data = ${if eq {yes} {LDAP_ACTIVE_DOMAIN} {LDAP_GET_DOMAIN_FILTER}}
-  router_home_directory = LDAP_HOME_DIRECTORY
-  file_transport = local_delivery
-# >>>
+# This router matches local user mailboxes. If the router fails, the error
+# message is "Unknown user".
 
-# ldap user filter <<<
-ldap_user_filter:
-  driver = redirect
-  allow_filter
-  user = mail
-  data = ${if eq {yes} {LDAP_ACTIVE_USER} {LDAP_GET_USER_FILTER}}
-  router_home_directory = LDAP_HOME_DIRECTORY
-  file_transport = local_delivery
-# >>>
+# If you want this router to treat local parts with suffixes introduced by "-"
+# or "+" characters as if the suffixes did not exist, uncomment the two local_
+# part_suffix options. Then, for example, xxx...@yo...main will be treated
+# in the same way as xx...@yo...main by this router.
 
-# deliver to local user <<<
 ldap_user:
   driver = accept
-  condition = ${if eq {yes} {LDAP_ACTIVE_USER} {LDAP_GET_UID}}
-  router_home_directory = LDAP_HOME_DIRECTORY
+  condition = ${if eq {yes}{LDAP_ACTIVE_USER} {${lookup ldap{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?uid?sub?(objectclass=mailUser)}}}{no}}
   transport = local_delivery
   cannot_route_message = Unknown user
-# >>>
 
+
 ######################################################################
 #                      TRANSPORTS CONFIGURATION                      #
 ######################################################################
+#                       ORDER DOES NOT MATTER                        #
+#     Only one appropriate transport is called for each delivery.    #
+######################################################################
 
+# A transport is used only when referenced from a router that successfully
+# handles an address.
+
 begin transports
 
-# This transport is used for delivering messages over SMTP connections <<<
+
+# This transport is used for delivering messages over SMTP connections.
+
 remote_smtp:
   driver = smtp
-# >>>
 
-# Local delivery to maildir <<<
+
+# This transport is used for local delivery to the users Maildirs which are 
+# located under their domain.
+
+
 local_delivery:
   driver = appendfile
   mode_fail_narrower = false
+  directory = "MAILHOME/${domain}/${local_part}/Maildir"
   maildir_format
   delivery_date_add
   envelope_to_add
   return_path_add
   group = mail
   mode = 0660
-# >>>
 
-# This transport is used for handling autoreplies generated by the filtering <<<
-# option of the userforward router.
-address_reply:
-  driver = autoreply
-# >>>
-
 ######################################################################
 #                      RETRY CONFIGURATION                           #
 ######################################################################
 
 begin retry
 
-# This single retry rule applies to all domains and all errors. It specifies <<<
+# This single retry rule applies to all domains and all errors. It specifies
 # retries every 15 minutes for 2 hours, then increasing retry intervals,
 # starting at 1 hour and increasing each time by a factor of 1.5, up to 16
 # hours, then retries every 6 hours until 4 days have passed since the first
@@ -329,44 +601,56 @@
 # -----------------    -----       -------
 
 *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
-# >>>
 
+
+
 ######################################################################
 #                      REWRITE CONFIGURATION                         #
 ######################################################################
 
+# There are no rewriting specifications in this default configuration file.
+
 begin rewrite
 
+
+
 ######################################################################
 #                   AUTHENTICATION CONFIGURATION                     #
 ######################################################################
 
 begin authenticators
 
-# PLAIN authenticator <<<
 plain:
   driver = plaintext
   public_name = PLAIN
   server_prompts = :
   server_condition = ${if ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$2}}},dc=${quote_ldap_dn:${extract{2}{@}{$2}}},LDAP_DOMAINS_ROOT_DN" pass=${quote_ldap_dn::$3} ldap://LDAP_HOSTNAME/}{yes}{no}}
   server_set_id = $2
-# >>>
 
-# LOGIN <<<
 login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = Username:: : Password::
   server_condition = ${if ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$1}}},dc=${quote_ldap_dn:${extract{2}{@}{$1}}},LDAP_DOMAINS_ROOT_DN" pass=${quote_ldap_dn:$2} ldap://LDAP_HOSTNAME/}{yes}{no}}
   server_set_id = $1
-# >>>
 
-# CRAM-MD5 <<<
 cram:
   driver = cram_md5
   public_name = CRAM-MD5
   server_secret = ${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${extract{1}{@}{$1}}},dc=${quote_ldap_dn:${extract{2}{@}{$1}}},LDAP_DOMAINS_ROOT_DN?clearPassword?sub}{$value}fail}
   server_set_id = $1
-# >>>
 
-# vim:foldmethod=marker:foldmarker=<<<,>>>
+######################################################################
+#                   CONFIGURATION FOR local_scan()                   #
+######################################################################
+
+# If you have built Exim to include a local_scan() function that contains
+# tables for private options, you can define those options here. Remember to
+# uncomment the "begin" line. It is commented by default because it provokes
+# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
+# set in the Local/Makefile.
+
+# begin local_scan
+
+
+# End of Exim configuration file


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [178] trunk/doc/examples/exim4/exim4.conf.dist

[<el...@us...>]

Revision: 178
          http://elma.svn.sourceforge.net/elma/?rev=178&view=rev
Author:   elch86
Date:     2007-10-12 07:21:23 -0700 (Fri, 12 Oct 2007)

Log Message:
-----------
Uncluttered exim-configuration now in stock

Modified Paths:
--------------
    trunk/doc/examples/exim4/exim4.conf.dist

Modified: trunk/doc/examples/exim4/exim4.conf.dist
===================================================================
--- trunk/doc/examples/exim4/exim4.conf.dist	2007-10-12 11:05:26 UTC (rev 177)
+++ trunk/doc/examples/exim4/exim4.conf.dist	2007-10-12 14:21:23 UTC (rev 178)
@@ -13,6 +13,13 @@
 # correctness before installing it (for example, by running the command    #
 # "exim -C /config/file.new -bV").                                         #
 #                                                                          #
+# This configuration contains just the needed parameters to run ELMA,      #
+# with short or even none comments.                                        #
+# For a full and comprehensive documentation of all available parameters,  #
+# see http://www.exim.org/exim-html-current/doc/html/spec_html/index.html  #
+#                                                                          #
+# vim folding: use zo to open, zc to close a folding                       #
+#                                                                          #
 ########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
 
 
@@ -20,6 +27,7 @@
 #                    MAIN CONFIGURATION SETTINGS                     #
 ######################################################################
 
+# LDAP connection parameters <<<
 LDAP_HOSTNAME = 127.0.0.1:389
 LDAP_BASEDN = o=mybasedn
 LDAP_DOMAINS_ROOT_DN = ou=domains,LDAP_BASEDN
@@ -27,497 +35,208 @@
 LDAP_USER = uid=exim4,LDAP_USERS_ROOT_DN
 LDAP_PASS = exim4pass
 LDAP_DEFAULT_SERVERS = 127.0.0.1::389
+# >>>
 
-LDAP_ACTIVE_USER = ${if eqi {true}{${lookup ldap{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub}}} {yes}{no} }
+# LDAP macros# <<<
+# Check if a domain is active
+LDAP_ACTIVE_DOMAIN = ${\
+  if eqi {true}{\
+    ${lookup ldap{user=LDAP_USER pass=LDAP_PASS \
+      ldap://LDAP_HOSTNAME/dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub\
+    }}\
+  } {yes}{no}\
+}
 
-MAILHOME = /var/mailhome
+# Check if an users account is active
+LDAP_ACTIVE_USER = ${\
+  if eqi {true}{\
+    ${lookup ldap{user=LDAP_USER pass=LDAP_PASS \
+      ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailStatus?sub\
+    }}\
+  } {yes}{no}\
+}
 
+# get the uid attribute for an user
+LDAP_GET_UID = ${lookup ldap{\
+  user=LDAP_USER pass=LDAP_PASS \
+  ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?uid?sub?(objectclass=mailUser)\
+} {$value} {no} }
 
-# Specify your host's canonical name here. This should normally be the fully
-# qualified "official" name of your host. If this option is not set, the
-# uname() function is called to obtain the name. In many cases this does
-# the right thing and you need not set anything explicitly.
+# get the mailSieveFilter attribute for an user
+LDAP_GET_USER_FILTER = ${lookup ldap{\
+  user=LDAP_USER pass=LDAP_PASS \
+  ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?sub?(objectclass=mailUser)\
+} {$value} }
 
-# primary_hostname =
+# get the mailSieveFilter attribute for a domain
+LDAP_GET_DOMAIN_FILTER = ${lookup ldap{\
+  user=LDAP_USER pass=LDAP_PASS \
+  ldap://LDAP_HOSTNAME/dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailSieveFilter?sub?(objectclass=mailDomain)\
+} {$value} }
 
+# return the user's homeDirectory
+LDAP_HOME_DIRECTORY = ${lookup ldap {\
+  user=LDAP_USER pass=LDAP_PASS \
+  ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?homeDirectory?\
+} {$value} fail}
 
-# The next three settings create two lists of domains and one list of hosts.
-# These lists are referred to later in this configuration using the syntax
-# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
-# are all colon-separated lists:
+# TODO: comment
+LDAP_ALIASES = ${\
+  if eq {yes}{LDAP_ACTIVE_USER} {\
+    ${lookup ldapm{\
+      user=LDAP_USER pass=LDAP_PASS \
+      ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?sub?(objectclass=mailalias)\
+    }}\
+  } {} \
+}
+# >>>
 
+# the rest <<<
+# Most times the result of uname() is sufficient. If not, 
+# specifiy your hostname here
+#primary_hostname =
+
+# We fetch our local_domains from LDAP.
 domainlist local_domains = @ : ${tr {${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/LDAP_DOMAINS_ROOT_DN?dc?one?(mailStatus=TRUE)}}} {\n}{:}}
-domainlist relay_to_domains =
+
+# localhost is allowed to relay - noone else
 hostlist   relay_from_hosts = 127.0.0.1
 
-# Most straightforward access control requirements can be obtained by
-# appropriate settings of the above options. In more complicated situations,
-# you may need to modify the Access Control List (ACL) which appears later in
-# this file.
+# Exim will connect SpamAssassin per default on localhost:783.
+#spamd_address = 127.0.0.1 783
 
-# The first setting specifies your local domains, for example:
-#
-#   domainlist local_domains = my.first.domain : my.second.domain
-#
-# You can use "@" to mean "the name of the local host", as in the default
-# setting above. This is the name that is specified by primary_hostname,
-# as specified above (or defaulted). If you do not want to do any local
-# deliveries, remove the "@" from the setting above. If you want to accept mail
-# addressed to your host's literal IP address, for example, mail addressed to
-# "user@[192.168.23.44]", you can add "@[]" as an item in the local domains
-# list. You also need to uncomment "allow_domain_literals" below. This is not
-# recommended for today's Internet.
-
-# The second setting specifies domains for which your host is an incoming relay.
-# If you are not doing any relaying, you should leave the list empty. However,
-# if your host is an MX backup or gateway of some kind for some domains, you
-# must set relay_to_domains to match those domains. For example:
-#
-# domainlist relay_to_domains = *.myco.com : my.friend.org
-#
-# This will allow any host to relay through your host to those domains.
-# See the section of the manual entitled "Control of relaying" for more
-# information.
-
-# The third setting specifies hosts that can use your host as an outgoing relay
-# to any other host on the Internet. Such a setting commonly refers to a
-# complete local network as well as the localhost. For example:
-#
-# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
-#
-# The "/16" is a bit mask (CIDR notation), not a number of hosts. Note that you
-# have to include 127.0.0.1 if you want to allow processes on your host to send
-# SMTP mail by using the loopback address. A number of MUAs use this method of
-# sending mail.
-
-# All three of these lists may contain many different kinds of item, including
-# wildcarded names, regular expressions, and file lookups. See the reference
-# manual for details. The lists above are used in the access control lists for
-# checking incoming messages. The names of these ACLs are defined here:
-
-acl_smtp_rcpt = acl_check_rcpt
-acl_smtp_data = acl_check_data
-
-# You should not change those settings until you understand how ACLs work.
-
-
-# If you are running a version of Exim that was compiled with the content-
-# scanning extension, you can cause incoming messages to be automatically
-# scanned for viruses. You have to modify the configuration in two places to
-# set this up. The first of them is here, where you define the interface to
-# your scanner. This example is typical for ClamAV; see the manual for details
-# of what to set for other virus scanners. The second modification is in the
-# acl_check_data access control list (see below).
-
-# av_scanner = clamd:/tmp/clamd
-
-
-# For spam scanning, there is a similar option that defines the interface to
-# SpamAssassin. You do not need to set this if you are using the default, which
-# is shown in this commented example. As for virus scanning, you must also
-# modify the acl_check_data access control list to enable spam scanning.
-
-# spamd_address = 127.0.0.1 783
-
-
-# If Exim is compiled with support for TLS, you may want to enable the
-# following options so that Exim allows clients to make encrypted
-# connections. In the authenticators section below, there are template
-# configurations for plaintext username/password authentication. This kind
-# of authentication is only safe when used within a TLS connection, so the
-# authenticators will only work if the following TLS settings are turned on
-# as well.
-
 # Allow any client to use TLS.
+#tls_advertise_hosts = *
 
-# tls_advertise_hosts = *
+# TODO: specify your certificate/key here!
+#tls_certificate = /etc/ssl/exim.crt
+#tls_privatekey = /etc/ssl/exim.pem
 
-# Specify the location of the Exim server's TLS certificate and private key.
-# The private key must not be encrypted (password protected). You can put
-# the certificate and private key in the same file, in which case you only
-# need the first setting, or in separate files, in which case you need both
-# options.
+# Add port 465 to daemon_smtp_ports, if you want to provide tls-on-connect
+daemon_smtp_ports = 25 : 587
+#tls_on_connect_ports = 465
 
-# tls_certificate = /etc/ssl/exim.crt
-# tls_privatekey = /etc/ssl/exim.pem
+# Qualify locally generated sender-addresses, 
+# per default with our primary_hostname
+sender_unqualified_hosts = localhost
 
-# In order to support roaming users who wish to send email from anywhere,
-# you may want to make Exim listen on other ports as well as port 25, in
-# case these users need to send email from a network that blocks port 25.
-# The standard port for this purpose is port 587, the "message submission"
-# port. See RFC 4409 for details. Microsoft MUAs cannot be configured to
-# talk the message submission protocol correctly, so if you need to support
-# them you should also allow TLS-on-connect on the traditional but
-# non-standard port 465.
-
-# daemon_smtp_ports = 25 : 465 : 587
-# tls_on_connect_ports = 465
-
-
-# Specify the domain you want to be added to all unqualified addresses
-# here. An unqualified address is one that does not contain an "@" character
-# followed by a domain. For example, "caesar@rome.example" is a fully qualified
-# address, but the string "caesar" (i.e. just a login name) is an unqualified
-# email address. Unqualified addresses are accepted only from local callers by
-# default. See the recipient_unqualified_hosts option if you want to permit
-# unqualified addresses from remote sources. If this option is not set, the
-# primary_hostname value is used for qualification.
-
-# qualify_domain =
-
-
-# If you want unqualified recipient addresses to be qualified with a different
-# domain to unqualified sender addresses, specify the recipient domain here.
-# If this option is not set, the qualify_domain value is used.
-
-# qualify_recipient =
-
-
-# The following line must be uncommented if you want Exim to recognize
-# addresses of the form "user@[10.11.12.13]" that is, with a "domain literal"
-# (an IP address) instead of a named domain. The RFCs still require this form,
-# but it makes little sense to permit mail to be sent to specific hosts by
-# their IP address in the modern Internet. This ancient format has been used
-# by those seeking to abuse hosts by using them for unwanted relaying. If you
-# really do want to support domain literals, uncomment the following line, and
-# see also the "domain_literal" router below.
-
-# allow_domain_literals
-
-
-# No deliveries will ever be run under the uids of these users (a colon-
-# separated list). An attempt to do so causes a panic error to be logged, and
-# the delivery to be deferred. This is a paranoic safety catch. There is an
-# even stronger safety catch in the form of the FIXED_NEVER_USERS setting
-# in the configuration for building Exim. The list of users that it specifies
-# is built into the binary, and cannot be changed. The option below just adds
-# additional users to the list. The default for FIXED_NEVER_USERS is "root",
-# but just to be absolutely sure, the default here is also "root".
-
-# Note that the default setting means you cannot deliver mail addressed to root
-# as if it were a normal user. This isn't usually a problem, as most sites have
-# an alias for root that redirects such mail to a human administrator.
-
+# No deliveries will ever be run under the uids of these users
 never_users = root
 
-
-# The setting below causes Exim to do a reverse DNS lookup on all incoming
-# IP calls, in order to get the true host name. If you feel this is too
-# expensive, you can specify the networks for which a lookup is done, or
-# remove the setting entirely.
-
+# Every host will get a lookup for free
 host_lookup = *
 
-
-# The settings below, which are actually the same as the defaults in the
-# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
-# calls. You can limit the hosts to which these calls are made, and/or change
-# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
-# are disabled. RFC 1413 calls are cheap and can provide useful information
-# for tracing problem messages, but some hosts and firewalls have problems
-# with them. This can result in a timeout instead of an immediate refused
-# connection, leading to delays on starting up SMTP sessions. (The default was
-# reduced from 30s to 5s for release 4.61.)
-
+# .. but we won't do any ident-lookups
 rfc1413_hosts = *
-rfc1413_query_timeout = 5s
+rfc1413_query_timeout = 0s
 
-
-# By default, Exim expects all envelope addresses to be fully qualified, that
-# is, they must contain both a local part and a domain. If you want to accept
-# unqualified addresses (just a local part) from certain hosts, you can specify
-# these hosts by setting one or both of
-#
-# sender_unqualified_hosts =
-# recipient_unqualified_hosts =
-#
-# to control sender and recipient addresses, respectively. When this is done,
-# unqualified addresses are qualified using the settings of qualify_domain
-# and/or qualify_recipient (see above).
-
-
-# If you want Exim to support the "percent hack" for certain domains,
-# uncomment the following line and provide a list of domains. The "percent
-# hack" is the feature by which mail addressed to x%y@z (where z is one of
-# the domains listed) is locally rerouted to x@y and sent on. If z is not one
-# of the "percent hack" domains, x%y is treated as an ordinary local part. This
-# hack is rarely needed nowadays; you should not enable it unless you are sure
-# that you really need it.
-#
-# percent_hack_domains =
-#
-# As well as setting this option you will also need to remove the test
-# for local parts containing % in the ACL definition below.
-
-
-# When Exim can neither deliver a message nor return it to sender, it "freezes"
-# the delivery error message (aka "bounce message"). There are also other
-# circumstances in which messages get frozen. They will stay on the queue for
-# ever unless one of the following options is set.
-
 # This option unfreezes frozen bounce messages after two days, tries
 # once more to deliver them, and ignores any delivery failures.
-
 ignore_bounce_errors_after = 2d
 
 # This option cancels (removes) frozen messages that are older than a week.
-
 timeout_frozen_after = 7d
+# >>>
 
-
-
 ######################################################################
 #                       ACL CONFIGURATION                            #
 #         Specifies access control lists for incoming SMTP mail      #
 ######################################################################
 
+# ACL assignment <<<
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+# >>>
+
 begin acl
 
-# This access control list is used for every RCPT command in an incoming
-# SMTP message. The tests are run in order until the address is either
-# accepted or denied.
-
+# RCPT TO <<<
 acl_check_rcpt:
 
-  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
-  # testing for an empty sending host field.
-
+  # Accept if the source is local SMTP
   accept  hosts = :
 
-  #############################################################################
   # The following section of the ACL is concerned with local parts that contain
   # @ or % or ! or / or | or dots in unusual places.
-  #
-  # The characters other than dots are rarely found in genuine local parts, but
-  # are often tried by people looking to circumvent relaying restrictions.
-  # Therefore, although they are valid in local parts, these rules lock them
-  # out, as a precaution.
-  #
-  # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
-  # allows them because they have been encountered. (Consider local parts
-  # constructed as "firstinitial.secondinitial.familyname" when applied to
-  # someone like me, who has no second initial.) However, a local part starting
-  # with a dot or containing /../ can cause trouble if it is used as part of a
-  # file name (e.g. for a mailing list). This is also true for local parts that
-  # contain slashes. A pipe symbol can also be troublesome if the local part is
-  # incorporated unthinkingly into a shell command line.
-  #
-  # Two different rules are used. The first one is stricter, and is applied to
-  # messages that are addressed to one of the local domains handled by this
-  # host. The line "domains = +local_domains" restricts it to domains that are
-  # defined by the "domainlist local_domains" setting above. The rule  blocks
-  # local parts that begin with a dot or contain @ % ! / or |. If you have
-  # local accounts that include these characters, you will have to modify this
-  # rule.
-
   deny    message       = Restricted characters in address
           domains       = +local_domains
           local_parts   = ^[.] : ^.*[@%!/|]
 
-  # The second rule applies to all other domains, and is less strict. The line
-  # "domains = !+local_domains" restricts it to domains that are NOT defined by
-  # the "domainlist local_domains" setting above. The exclamation mark is a
-  # negating operator. This rule allows your own users to send outgoing
-  # messages to sites that use slashes and vertical bars in their local parts.
-  # It blocks local parts that begin with a dot, slash, or vertical bar, but
-  # allows these characters within the local part. However, the sequence /../
-  # is barred. The use of @ % and ! is blocked, as before. The motivation here
-  # is to prevent your users (or your users' viruses) from mounting certain
-  # kinds of attack on remote sites.
-
   deny    message       = Restricted characters in address
           domains       = !+local_domains
           local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
-  #############################################################################
 
   # Accept mail to postmaster in any local domain, regardless of the source,
   # and without verifying the sender.
-
   accept  local_parts   = postmaster
           domains       = +local_domains
 
   # Deny unless the sender address can be verified.
-
   require verify        = sender
 
   # Accept if the message comes from one of the hosts for which we are an
-  # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
-  # so we set control=submission to make Exim treat the message as a
-  # submission. It will fix up various errors in the message, for example, the
-  # lack of a Date: header line. If you are actually relaying out out from
-  # MTAs, you may want to disable this. If you are handling both relaying from
-  # MTAs and submissions from MUAs you should probably split them into two
-  # lists, and handle them differently.
-
-  # Recipient verification is omitted here, because in many cases the clients
-  # are dumb MUAs that don't cope well with SMTP error responses. If you are
-  # actually relaying out from MTAs, you should probably add recipient
-  # verification here.
-
-  # Note that, by putting this test before any DNS black list checks, you will
-  # always accept from these hosts, even if they end up on a black list. The
-  # assumption is that they are your friends, and if they get onto a black
-  # list, it is a mistake.
-
+  # outgoing relay.
   accept  hosts         = +relay_from_hosts
           control       = submission
 
-  # Accept if the message arrived over an authenticated connection, from
-  # any host. Again, these messages are usually from MUAs, so recipient
-  # verification is omitted, and submission mode is set. And again, we do this
-  # check before any black list tests.
-
+  # Accept if the message arrived over an authenticated connection.
   accept  authenticated = *
           control       = submission
 
   # Insist that any other recipient address that we accept is either in one of
   # our local domains, or is in a domain for which we explicitly allow
   # relaying. Any other domain is rejected as being unacceptable for relaying.
-
   require message = relay not permitted
           domains = +local_domains : +relay_domains
 
-  # We also require all accepted addresses to be verifiable. This check will
-  # do local part verification for local domains, but only check the domain
-  # for remote domains. The only way to check local parts for the remote
-  # relay domains is to use a callout (add /callout), but please read the
-  # documentation about callouts before doing this.
-
+  # We also require all accepted addresses to be verifiable.
   require verify = recipient
 
-  #############################################################################
-  # There are no default checks on DNS black lists because the domains that
-  # contain these lists are changing all the time. However, here are two
-  # examples of how you can get Exim to perform a DNS black list lookup at this
-  # point. The first one denies, whereas the second just warns.
-  #
-  # deny    message       = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
-  #         dnslists      = black.list.example
-  #
-  # warn    dnslists      = black.list.example
-  #         add_header    = X-Warning: $sender_host_address is in a black list at $dnslist_domain
-  #         log_message   = found in $dnslist_domain
-  #############################################################################
-
-  #############################################################################
-  # This check is commented out because it is recognized that not every
-  # sysadmin will want to do it. If you enable it, the check performs
-  # Client SMTP Authorization (csa) checks on the sending host. These checks
-  # do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
-  # an Internet draft. You can, of course, add additional conditions to this
-  # ACL statement to restrict the CSA checks to certain hosts only.
-  #
-  # require verify = csa
-  #############################################################################
-
   # At this point, the address has passed all the checks that have been
   # configured, so we accept it unconditionally.
-
   accept
 
+# >>>
 
-# This ACL is used after the contents of a message have been received. This
-# is the ACL in which you can test a message's headers or body, and in
-# particular, this is where you can invoke external virus or spam scanners.
-# Some suggested ways of configuring these tests are shown below, commented
-# out. Without any tests, this ACL accepts all messages. If you want to use
-# such tests, you must ensure that Exim is compiled with the content-scanning
-# extension (WITH_CONTENT_SCAN=yes in Local/Makefile).
-
+# DATA <<<
 acl_check_data:
 
   # Deny if the message contains a virus. Before enabling this check, you
   # must install a virus scanner and set the av_scanner option above.
-  #
-  # deny    malware    = *
-  #         message    = This message contains a virus ($malware_name).
+  #deny    malware    = *
+  #        message    = This message contains a virus ($malware_name).
 
   # Add headers to a message if it is judged to be spam. Before enabling this,
   # you must install SpamAssassin. You may also need to set the spamd_address
   # option above.
-  #
-  # warn    spam       = nobody
-  #         add_header = X-Spam_score: $spam_score\n\
-  #                      X-Spam_score_int: $spam_score_int\n\
-  #                      X-Spam_bar: $spam_bar\n\
-  #                      X-Spam_report: $spam_report
+  #warn    spam       = nobody
+  #        add_header = X-Spam_score: $spam_score\n\
+  #                     X-Spam_score_int: $spam_score_int\n\
+  #                     X-Spam_bar: $spam_bar\n\
+  #                     X-Spam_report: $spam_report
 
   # Accept the message.
-
   accept
 
+# >>>
 
-
 ######################################################################
 #                      ROUTERS CONFIGURATION                         #
 #               Specifies how addresses are handled                  #
 ######################################################################
-#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
-# An address is passed to each router in turn until it is accepted.  #
-######################################################################
 
 begin routers
 
-# This router routes to remote hosts over SMTP by explicit IP address,
-# when an email address is given in "domain literal" form, for example,
-# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
-# little-known these days, and has been exploited by evil people seeking
-# to abuse SMTP relays. Consequently it is commented out in the default
-# configuration. If you uncomment this router, you also need to uncomment
-# allow_domain_literals above, so that Exim can recognize the syntax of
-# domain literal addresses.
-
-# domain_literal:
-#   driver = ipliteral
-#   domains = ! +local_domains
-#   transport = remote_smtp
-
-
-# This router routes addresses that are not in local domains by doing a DNS
-# lookup on the domain name. The exclamation mark that appears in "domains = !
-# +local_domains" is a negating operator, that is, it can be read as "not". The
-# recipient's domain must not be one of those defined by "domainlist
-# local_domains" above for this router to be used.
-#
-# If the router is used, any domain that resolves to 0.0.0.0 or to a loopback
-# interface address (127.0.0.0/8) is treated as if it had no DNS entry. Note
-# that 0.0.0.0 is the same as 0.0.0.0/32, which is commonly treated as the
-# local host inside the network stack. It is not 0.0.0.0/0, the default route.
-# If the DNS lookup fails, no further routers are tried because of the no_more
-# setting, and consequently the address is unrouteable.
-
+# mails destined for remote hosts <<<
 dnslookup:
   driver = dnslookup
   domains = ! +local_domains
   transport = remote_smtp
   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
   no_more
+# >>>
 
-
-# The remaining routers handle addresses in the local domain(s), that is those
-# domains that are defined by "domainlist local_domains" above.
-
-
-# This router handles aliasing using a linearly searched alias file with the
-# name /etc/aliases. When this configuration is installed automatically,
-# the name gets inserted into this file from whatever is set in Exim's
-# build-time configuration. The default path is the traditional /etc/aliases.
-# If you install this configuration by hand, you need to specify the correct
-# path in the "data" setting below.
-#
-##### NB  You must ensure that the alias file exists. It used to be the case
-##### NB  that every Unix had that file, because it was the Sendmail default.
-##### NB  These days, there are systems that don't have it. Your aliases
-##### NB  file should at least contain an alias for "postmaster".
-#
-# If any of your aliases expand to pipes or files, you will need to set
-# up a user and a group for these deliveries to run under. You can do
-# this by uncommenting the "user" option below (changing the user name
-# as appropriate) and adding a "group" option if necessary. Alternatively, you
-# can specify "user" on the transports that are used. Note that the transports
-# listed below are the same as are used for .forward files; you might want
-# to set up different ones for pipe and file deliveries from aliases.
-
+# system_aliases <<<
 system_aliases:
   driver = redirect
   allow_fail
@@ -526,72 +245,81 @@
 # user = exim
   file_transport = address_file
   pipe_transport = address_pipe
+# >>>
 
-
+# resolve aliases from LDAP <<<
 ldap_aliases:
   driver = redirect
   allow_fail
   allow_defer
-  data = ${if eq {yes}{LDAP_ACTIVE_USER} {${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?mailaliasedname?sub?(objectclass=mailalias)}}}{no}}
-  file_transport = address_file
-  pipe_transport = address_pipe
+  data = LDAP_ALIASES 
+# >>>
 
-# This router matches local user mailboxes. If the router fails, the error
-# message is "Unknown user".
+# ldap domain filter <<<
+ldap_domain_filter:
+  driver = redirect
+  allow_filter
+  user = mail
+  data = ${if eq {yes} {LDAP_ACTIVE_DOMAIN} {LDAP_GET_DOMAIN_FILTER}}
+  router_home_directory = LDAP_HOME_DIRECTORY
+  file_transport = local_delivery
+# >>>
 
-# If you want this router to treat local parts with suffixes introduced by "-"
-# or "+" characters as if the suffixes did not exist, uncomment the two local_
-# part_suffix options. Then, for example, xxx...@yo...main will be treated
-# in the same way as xx...@yo...main by this router.
+# ldap user filter <<<
+ldap_user_filter:
+  driver = redirect
+  allow_filter
+  user = mail
+  data = ${if eq {yes} {LDAP_ACTIVE_USER} {LDAP_GET_USER_FILTER}}
+  router_home_directory = LDAP_HOME_DIRECTORY
+  file_transport = local_delivery
+# >>>
 
+# deliver to local user <<<
 ldap_user:
   driver = accept
-  condition = ${if eq {yes}{LDAP_ACTIVE_USER} {${lookup ldap{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${local_part}},dc=${quote_ldap_dn:${domain}},LDAP_DOMAINS_ROOT_DN?uid?sub?(objectclass=mailUser)}}}{no}}
+  condition = ${if eq {yes} {LDAP_ACTIVE_USER} {LDAP_GET_UID}}
+  router_home_directory = LDAP_HOME_DIRECTORY
   transport = local_delivery
   cannot_route_message = Unknown user
+# >>>
 
-
 ######################################################################
 #                      TRANSPORTS CONFIGURATION                      #
 ######################################################################
-#                       ORDER DOES NOT MATTER                        #
-#     Only one appropriate transport is called for each delivery.    #
-######################################################################
 
-# A transport is used only when referenced from a router that successfully
-# handles an address.
-
 begin transports
 
-
-# This transport is used for delivering messages over SMTP connections.
-
+# This transport is used for delivering messages over SMTP connections <<<
 remote_smtp:
   driver = smtp
+# >>>
 
-
-# This transport is used for local delivery to the users Maildirs which are 
-# located under their domain.
-
-
+# Local delivery to maildir <<<
 local_delivery:
   driver = appendfile
   mode_fail_narrower = false
-  directory = "MAILHOME/${domain}/${local_part}/Maildir"
   maildir_format
   delivery_date_add
   envelope_to_add
   return_path_add
   group = mail
   mode = 0660
+# >>>
 
+# This transport is used for handling autoreplies generated by the filtering <<<
+# option of the userforward router.
+address_reply:
+  driver = autoreply
+# >>>
+
 ######################################################################
 #                      RETRY CONFIGURATION                           #
 ######################################################################
 
 begin retry
 
-# This single retry rule applies to all domains and all errors. It specifies
+# This single retry rule applies to all domains and all errors. It specifies <<<
 # retries every 15 minutes for 2 hours, then increasing retry intervals,
 # starting at 1 hour and increasing each time by a factor of 1.5, up to 16
 # hours, then retries every 6 hours until 4 days have passed since the first
@@ -601,56 +329,44 @@
 # -----------------    -----       -------
 
 *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+# >>>
 
-
-
 ######################################################################
 #                      REWRITE CONFIGURATION                         #
 ######################################################################
 
-# There are no rewriting specifications in this default configuration file.
-
 begin rewrite
 
-
-
 ######################################################################
 #                   AUTHENTICATION CONFIGURATION                     #
 ######################################################################
 
 begin authenticators
 
+# PLAIN authenticator <<<
 plain:
   driver = plaintext
   public_name = PLAIN
   server_prompts = :
   server_condition = ${if ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$2}}},dc=${quote_ldap_dn:${extract{2}{@}{$2}}},LDAP_DOMAINS_ROOT_DN" pass=${quote_ldap_dn::$3} ldap://LDAP_HOSTNAME/}{yes}{no}}
   server_set_id = $2
+# >>>
 
+# LOGIN <<<
 login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = Username:: : Password::
   server_condition = ${if ldapauth {user="uid=${quote_ldap_dn:${extract{1}{@}{$1}}},dc=${quote_ldap_dn:${extract{2}{@}{$1}}},LDAP_DOMAINS_ROOT_DN" pass=${quote_ldap_dn:$2} ldap://LDAP_HOSTNAME/}{yes}{no}}
   server_set_id = $1
+# >>>
 
+# CRAM-MD5 <<<
 cram:
   driver = cram_md5
   public_name = CRAM-MD5
   server_secret = ${lookup ldapm{user=LDAP_USER pass=LDAP_PASS ldap://LDAP_HOSTNAME/uid=${quote_ldap_dn:${extract{1}{@}{$1}}},dc=${quote_ldap_dn:${extract{2}{@}{$1}}},LDAP_DOMAINS_ROOT_DN?clearPassword?sub}{$value}fail}
   server_set_id = $1
+# >>>
 
-######################################################################
-#                   CONFIGURATION FOR local_scan()                   #
-######################################################################
-
-# If you have built Exim to include a local_scan() function that contains
-# tables for private options, you can define those options here. Remember to
-# uncomment the "begin" line. It is commented by default because it provokes
-# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
-# set in the Local/Makefile.
-
-# begin local_scan
-
-
-# End of Exim configuration file
+# vim:foldmethod=marker:foldmarker=<<<,>>>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [177] trunk/includes/config.inc.php.dist

[<el...@us...>]

Revision: 177
          http://elma.svn.sourceforge.net/elma/?rev=177&view=rev
Author:   elch86
Date:     2007-10-12 04:05:26 -0700 (Fri, 12 Oct 2007)

Log Message:
-----------
Closing brackets are good for code quality (;

Modified Paths:
--------------
    trunk/includes/config.inc.php.dist

Modified: trunk/includes/config.inc.php.dist
===================================================================
--- trunk/includes/config.inc.php.dist	2007-10-11 15:07:07 UTC (rev 176)
+++ trunk/includes/config.inc.php.dist	2007-10-12 11:05:26 UTC (rev 177)
@@ -60,8 +60,10 @@
 define ("DEFAULT_LANGUAGE","en_US");
 
 // Set all languages which should be available at login
-define ("AVAILABLE_LANGUAGES",serialize(array("deutsch" => "de_DE",
-                                              "english" => "en_US"
+define ("AVAILABLE_LANGUAGES",serialize(array(
+  "deutsch" => "de_DE",
+  "english" => "en_US"
+)));
 
 /* ######## Template Settings #### */
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [176] trunk/modules/content_systemuser_edit.php

[<ad...@us...>]

Revision: 176
          http://elma.svn.sourceforge.net/elma/?rev=176&view=rev
Author:   adan0s
Date:     2007-10-11 08:07:07 -0700 (Thu, 11 Oct 2007)

Log Message:
-----------
fixed bug 1811579.

Modified Paths:
--------------
    trunk/modules/content_systemuser_edit.php

Modified: trunk/modules/content_systemuser_edit.php
===================================================================
--- trunk/modules/content_systemuser_edit.php	2007-10-11 14:26:35 UTC (rev 175)
+++ trunk/modules/content_systemuser_edit.php	2007-10-11 15:07:07 UTC (rev 176)
@@ -86,9 +86,18 @@
                 switch ($_POST["mode"]) {
                     case "add":
                         $this->ldap->addSystemUser($my_systemuser);
+                        if ( !isset($new_adminofdomains) || count($new_adminofdomains) == 0) $new_adminofdomains = array();
+
+                        $addDomainAdmin = $new_adminofdomains;
+
+                        if ( count($addDomainAdmin) > 0 ) {
+                            foreach($addDomainAdmin as $domain) {
+                                $this->ldap->addAdminUsers($domain, "uid=".$my_systemuser["uid"].",".LDAP_USERS_ROOT_DN);
+                            }
+                        }
                     break;
                     case "modify": 
-                        if ( count($new_adminofdomains) == 0) $new_adminofdomains = array();
+                        if ( !isset($new_adminofdomains) || count($new_adminofdomains) == 0) $new_adminofdomains = array();
                         $old_adminofdomains = $this->ldap->getSystemUsersDomains($systemuser);
                         unset ($my_systemuser["adminofdomains"]);
                         


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [175] trunk

[<dwe...@us...>]

Revision: 175
          http://elma.svn.sourceforge.net/elma/?rev=175&view=rev
Author:   dweuthen
Date:     2007-10-11 07:26:35 -0700 (Thu, 11 Oct 2007)

Log Message:
-----------
added filteractions

Modified Paths:
--------------
    trunk/includes/eximfilter.inc.php
    trunk/templates/simple/content_domain_edit.tpl
    trunk/templates/simple/style.css

Modified: trunk/includes/eximfilter.inc.php
===================================================================
--- trunk/includes/eximfilter.inc.php	2007-10-11 14:23:29 UTC (rev 174)
+++ trunk/includes/eximfilter.inc.php	2007-10-11 14:26:35 UTC (rev 175)
@@ -41,6 +41,18 @@
 function createEximFilter ( $eximFilterValues ) {
     $eximFilter = loadEximFilterTemplates();
     $eximFilterValues["filtertype"]["values"] = $eximFilter["filtertype"]["values"];
+
+    if ( ! empty($eximFilterValues["spamfilter"]["values"]["ACTION"]) ) {
+        switch ($eximFilterValues["spamfilter"]["values"]["ACTION"]) {
+            case "DISCARD": $eximFilterValues["spamfilter"]["values"]["FILTERACTION"] = "finish";
+                            break;
+            case "REDIRECT": $eximFilterValues["spamfilter"]["values"]["FILTERACTION"] = "deliver spam@\$domain";
+                             break;
+            case "FOLDER": $eximFilterValues["spamfilter"]["values"]["FILTERACTION"] = "save \$home/Maildir/.Spam/";
+                           break;
+        }
+    }
+
     $eximFilterValues = array_set_as_first($eximFilterValues,"filtertype");
     foreach ( array_keys($eximFilterValues) as $categorie ) {
         $eximFilterStr[$categorie] = $eximFilter[$categorie]["template"];

Modified: trunk/templates/simple/content_domain_edit.tpl
===================================================================
--- trunk/templates/simple/content_domain_edit.tpl	2007-10-11 14:23:29 UTC (rev 174)
+++ trunk/templates/simple/content_domain_edit.tpl	2007-10-11 14:26:35 UTC (rev 175)
@@ -53,10 +53,9 @@
                                 </td>
                                 <td>
                                     <select name="nlo_spamfilteraction">
-                                        <option {if $spamfiltersettings.ACTION eq "DISCARD"}selected{/if} value="DISCARD">discard</option>
-                                        <option {if $spamfiltersettings.ACTION eq "REDIRECT"}selected{/if} value="REDIRECT">redirect</option>
-                                        <option {if $spamfiltersettings.ACTION eq "FOLDER"}selected{/if} value="FOLDER">folder</option>
-                                        <option {if $spamfiltersettings.ACTION eq "MARK"}selected{/if} value="MARK">mark</option>
+                                        <option {if $spamfiltersettings.ACTION eq "DISCARD"}selected{/if} value="DISCARD">{t}discard email{/t}</option>
+                                        <option {if $spamfiltersettings.ACTION eq "REDIRECT"}selected{/if} value="REDIRECT">{t}redirect to{/t} spam@{$domain.dc.0}</option>
+                                        <option {if $spamfiltersettings.ACTION eq "FOLDER"}selected{/if} value="FOLDER">{t}save in user's spamfolder{/t}</option>
                                     </select>
                                 </td>
                             </tr>
@@ -82,7 +81,7 @@
                                         <tr/>
                                         <tr>
                                             <td>
-                                                <select name="admins[]" size="8" multiple="multiple">
+                                                <select name="admins[]" size="8" multiple="multiple" class="multiple">
                                                     <optgroup label="{t}Systemusers{/t}">
                                                     {foreach from=$admins item=admin}
                                                         {if ! @in_array("mailUser",$admin.objectclass) }
@@ -103,7 +102,7 @@
                                                 <input type="button" name="delfromlist" value="&gt;" onclick="delAdmin()" /><br /><input type="button" name="addtolist" value="&lt;" onclick="addAdmin()" />
                                             </td>
                                             <td>
-                                                <select name="nonadmins[]" size="8" multiple="multiple">
+                                                <select name="nonadmins[]" size="8" multiple="multiple" class="multiple">
                                                     <optgroup label="{t}Systemusers{/t}">
                                                     {foreach from=$nonadmins item=nonadmin}
                                                         {if ! @in_array("mailUser",$nonadmin.objectclass) }

Modified: trunk/templates/simple/style.css
===================================================================
--- trunk/templates/simple/style.css	2007-10-11 14:23:29 UTC (rev 174)
+++ trunk/templates/simple/style.css	2007-10-11 14:26:35 UTC (rev 175)
@@ -234,7 +234,7 @@
   text-align: center;
 }
 
-select {
+select.multiple {
   width: 15em;
 }
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [174] trunk/templates/simple/content_systemuser_edit.tpl

[<ad...@us...>]

Revision: 174
          http://elma.svn.sourceforge.net/elma/?rev=174&view=rev
Author:   adan0s
Date:     2007-10-11 07:23:29 -0700 (Thu, 11 Oct 2007)

Log Message:
-----------
fixed bug 1805916 on both pages they occured (one was fixed already, fixed the second one the same way)

Modified Paths:
--------------
    trunk/templates/simple/content_systemuser_edit.tpl

Modified: trunk/templates/simple/content_systemuser_edit.tpl
===================================================================
--- trunk/templates/simple/content_systemuser_edit.tpl	2007-10-11 14:09:51 UTC (rev 173)
+++ trunk/templates/simple/content_systemuser_edit.tpl	2007-10-11 14:23:29 UTC (rev 174)
@@ -67,10 +67,8 @@
                                 </td>
 				            </tr>
                             <tr>
-                                <td>
+                                <td colspan="2">
                                     {t}ACL{/t}
-                                </td>
-                                <td class="center">
                                     <table>
                                         <tr>
                                             <td>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [173] trunk

[<ad...@us...>]

Revision: 173
          http://elma.svn.sourceforge.net/elma/?rev=173&view=rev
Author:   adan0s
Date:     2007-10-11 07:09:51 -0700 (Thu, 11 Oct 2007)

Log Message:
-----------
fixed bug 1806211, discovered a new bug and posted it (1811579).

Modified Paths:
--------------
    trunk/includes/ldap_functions.inc.php
    trunk/modules/content_systemuser_delete.php

Modified: trunk/includes/ldap_functions.inc.php
===================================================================
--- trunk/includes/ldap_functions.inc.php	2007-10-11 13:11:28 UTC (rev 172)
+++ trunk/includes/ldap_functions.inc.php	2007-10-11 14:09:51 UTC (rev 173)
@@ -507,21 +507,26 @@
     }
 
     /**
-     * delSystemUser - removes a systemUser
+     * deleteSystemUser - removes a systemUser
      *
      * This function will remove a systemUser and his entries in all adminsgroups he's in
      *
      * @systemuser      string  uid= value of the systemuser's DN
      */
     function deleteSystemUser ( $systemuser ) {
+        /* define 0 as default value for $result for further error checks */
+        $result = 0;
+
         /* delete admin from admingroups where neccessary */
         $adminofdomains = $this->getSystemUsersDomains($systemuser);
         foreach ($adminofdomains as $adminofdomain) {
-            $this->delAdminUsers($adminofdomain, "uid=$systemuser,".LDAP_USERS_ROOT_DN);
+            if ($this->deleteAdminUsers($adminofdomain, "uid=$systemuser,".LDAP_USERS_ROOT_DN) != 0) {
+                $result = 1;
+            }
         }
-
+        
         /* if the above was successfull delete the user object */
-        if ( ( !empty($result) ) && ($result == 0) ) {
+        if ($result == 0) {
             ldap_delete($this->cid, "uid=".$systemuser.",".LDAP_USERS_ROOT_DN);
             
             if ( ldap_errno($this->cid) !== 0 ) {
@@ -629,7 +634,7 @@
     }
 
     /**
-     * delAdminUsers - remove users from an admingroup
+     * deleteAdminUsers - remove users from an admingroup
      *
      * This function will remove the submitted users from the global or the submitted domain's admingroup
      *

Modified: trunk/modules/content_systemuser_delete.php
===================================================================
--- trunk/modules/content_systemuser_delete.php	2007-10-11 13:11:28 UTC (rev 172)
+++ trunk/modules/content_systemuser_delete.php	2007-10-11 14:09:51 UTC (rev 173)
@@ -52,7 +52,7 @@
         if ( isset($_POST["submit"]) ) {
             $uid = $_POST["uid"];
             $this->ldap->deleteSystemUser($uid);
-            
+
             $submit_status = ldap_errno($this->ldap->cid);
             if ($submit_status == "0") {
                 $this->smarty->assign("submit_status",$submit_status);


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [172] trunk/includes

[<dwe...@us...>]

Revision: 172
          http://elma.svn.sourceforge.net/elma/?rev=172&view=rev
Author:   dweuthen
Date:     2007-10-11 06:11:28 -0700 (Thu, 11 Oct 2007)

Log Message:
-----------
exim filter mark is now always first line

Modified Paths:
--------------
    trunk/includes/eximfilter.inc.php
    trunk/includes/my_functions.inc.php

Modified: trunk/includes/eximfilter.inc.php
===================================================================
--- trunk/includes/eximfilter.inc.php	2007-10-11 12:17:53 UTC (rev 171)
+++ trunk/includes/eximfilter.inc.php	2007-10-11 13:11:28 UTC (rev 172)
@@ -1,7 +1,7 @@
 <?php
 
 function loadEximFilterTemplates() {
-    $fields = array("template","regex","values");
+    $fields = array("filtertype","template","regex","values");
     $rulesets = array("redirect","spamfilter","vacation");
 
     foreach ( $rulesets as $ruleset ) {
@@ -11,6 +11,11 @@
         }
     }
 
+    // set the header, so that exim can determine what kind of filter languiage is used
+    $eximFilter["filtertype"]["template"] = '%STATUS% Exim filter';
+    $eximFilter["filtertype"]["regex"] = '/^(.*) Exim filter$/i';
+    $eximFilter["filtertype"]["values"] = array("STATUS" => "#");
+
     // Redirect Template
     $eximFilter["redirect"]["template"] = '%STATUS%deliver %RECIPIENT% # REDIRECT';
     $eximFilter["redirect"]["regex"] = '/^(.*)deliver (.*) # REDIRECT$/i';
@@ -35,7 +40,8 @@
 
 function createEximFilter ( $eximFilterValues ) {
     $eximFilter = loadEximFilterTemplates();
-
+    $eximFilterValues["filtertype"]["values"] = $eximFilter["filtertype"]["values"];
+    $eximFilterValues = array_set_as_first($eximFilterValues,"filtertype");
     foreach ( array_keys($eximFilterValues) as $categorie ) {
         $eximFilterStr[$categorie] = $eximFilter[$categorie]["template"];
         foreach ( $eximFilterValues[$categorie]["values"] as $keyword => $value ) {

Modified: trunk/includes/my_functions.inc.php
===================================================================
--- trunk/includes/my_functions.inc.php	2007-10-11 12:17:53 UTC (rev 171)
+++ trunk/includes/my_functions.inc.php	2007-10-11 13:11:28 UTC (rev 172)
@@ -155,6 +155,18 @@
     $array = unserialize($array); 
 } 
  
+function array_set_as_first($array,$element) {
+    if(array_key_exists($element,$array)) {
+        $extract[$element] = $array[$element];
+        unset($array[$element]);
 
+        $array = array_merge($extract,$array);
 
+        return $array;
+    } else {
+        trigger_error("\$element not a key in \$array!",E_USER_WARNING);
+        return $array;
+    }
+}
+
 // vim:tabstop=4:expandtab:shiftwidth=4:filetype=php:syntax:ruler:


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [171] trunk/index.php

[<ad...@us...>]

Revision: 171
          http://elma.svn.sourceforge.net/elma/?rev=171&view=rev
Author:   adan0s
Date:     2007-10-11 05:17:53 -0700 (Thu, 11 Oct 2007)

Log Message:
-----------


Modified Paths:
--------------
    trunk/index.php

Modified: trunk/index.php
===================================================================
--- trunk/index.php	2007-10-11 12:17:28 UTC (rev 170)
+++ trunk/index.php	2007-10-11 12:17:53 UTC (rev 171)
@@ -45,7 +45,7 @@
     $module = $_GET["module"];
 else {
     $module = "main";
-    $_GET["module"] = 'main';
+    $_GET["module"] = $module;
 }
 
 if (!isset($_SESSION["login"])) {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [170] trunk

[<ad...@us...>]

Revision: 170
          http://elma.svn.sourceforge.net/elma/?rev=170&view=rev
Author:   adan0s
Date:     2007-10-11 05:17:28 -0700 (Thu, 11 Oct 2007)

Log Message:
-----------
Fixed displaying the ">" in the banner when not required and displaying nothing after login (now displays "main")

Modified Paths:
--------------
    trunk/index.php
    trunk/templates/simple/banner.tpl

Modified: trunk/index.php
===================================================================
--- trunk/index.php	2007-10-10 13:35:32 UTC (rev 169)
+++ trunk/index.php	2007-10-11 12:17:28 UTC (rev 170)
@@ -43,7 +43,10 @@
     $module = $_POST["module"];
 else if (isset($_GET["module"])) 
     $module = $_GET["module"];
-else $module = "main";
+else {
+    $module = "main";
+    $_GET["module"] = 'main';
+}
 
 if (!isset($_SESSION["login"])) {
     session_destroy();

Modified: trunk/templates/simple/banner.tpl
===================================================================
--- trunk/templates/simple/banner.tpl	2007-10-10 13:35:32 UTC (rev 169)
+++ trunk/templates/simple/banner.tpl	2007-10-11 12:17:28 UTC (rev 170)
@@ -2,7 +2,7 @@
                 <h1>ELMA - Exim LDAP Mail Administrator - v0.3</h1>
             </div>
             <div id="Pathfinder">
-            {$get.module} > {$get.domain} > {$get.user}
+            {$get.module} {if $get.domain}&gt;{/if} {$get.domain} {if $get.user}&gt;{/if} {$get.user}
             </div>
 
 


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

[Elma-commit] SF.net SVN: elma: [169] trunk

[<dwe...@us...>]

Revision: 169
          http://elma.svn.sourceforge.net/elma/?rev=169&view=rev
Author:   dweuthen
Date:     2007-10-10 06:35:32 -0700 (Wed, 10 Oct 2007)

Log Message:
-----------
all php notices should be gone now

Modified Paths:
--------------
    trunk/includes/eximfilter.inc.php
    trunk/includes/ldap_functions.inc.php
    trunk/modules/content_alias_new.php
    trunk/modules/content_domain_edit.php
    trunk/modules/content_domain_new.php
    trunk/modules/content_systemuser_edit.php
    trunk/modules/content_user_edit.php
    trunk/modules/content_user_new.php
    trunk/templates/simple/content_alias_delete.tpl
    trunk/templates/simple/content_alias_edit.tpl
    trunk/templates/simple/content_alias_new.tpl
    trunk/templates/simple/content_domain_delete.tpl
    trunk/templates/simple/content_domain_edit.tpl
    trunk/templates/simple/content_domain_new.tpl
    trunk/templates/simple/content_globaladmins_edit.tpl
    trunk/templates/simple/content_systemuser_delete.tpl
    trunk/templates/simple/content_systemuser_edit.tpl
    trunk/templates/simple/content_user_delete.tpl
    trunk/templates/simple/content_user_edit.tpl
    trunk/templates/simple/content_user_new.tpl

Modified: trunk/includes/eximfilter.inc.php
===================================================================
--- trunk/includes/eximfilter.inc.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/includes/eximfilter.inc.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -44,8 +44,6 @@
     }
     $eximFilterScript = implode("\n",$eximFilterStr)."\n";  
 
-my_print_r($eximFilterScript);
-
     return (eximFilterEscapeChars($eximFilterScript));
 }
 
@@ -70,7 +68,6 @@
     $line = array_shift($lines);
     }
 
-    my_print_r($eximFilter);
     return $eximFilter;
 }
 

Modified: trunk/includes/ldap_functions.inc.php
===================================================================
--- trunk/includes/ldap_functions.inc.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/includes/ldap_functions.inc.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -45,7 +45,7 @@
             //return result code, if delete fails
             return $result;
         }
-    }
+        }
     return ldap_delete($cid,$dn);
   }
 }
@@ -521,7 +521,7 @@
         }
 
         /* if the above was successfull delete the user object */
-        if ($result == 0) {
+        if ( ( !empty($result) ) && ($result == 0) ) {
             ldap_delete($this->cid, "uid=".$systemuser.",".LDAP_USERS_ROOT_DN);
             
             if ( ldap_errno($this->cid) !== 0 ) {

Modified: trunk/modules/content_alias_new.php
===================================================================
--- trunk/modules/content_alias_new.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/modules/content_alias_new.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -50,7 +50,10 @@
      */
     function proceed() 
     {
-        $alias = $_GET["alias"]; 
+        if ( !empty($_GET["alias"]) ) {
+            $alias = $_GET["alias"]; 
+        }
+
         $domain =  $_GET["domain"];
         $this->smarty->assign("domain",$domain);
 

Modified: trunk/modules/content_domain_edit.php
===================================================================
--- trunk/modules/content_domain_edit.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/modules/content_domain_edit.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -57,8 +57,8 @@
         if (isset($_POST["submit"])) {
 
             // create array of submitted values
-            $eximFilterValues["spamfilter"]["values"] = array( STATUS => "", 
-                                                          ACTION => $_POST["nlo_spamfilteraction"]);
+            $eximFilterValues["spamfilter"]["values"] = array( "STATUS" => "", 
+                                                               "ACTION" => $_POST["nlo_spamfilteraction"]);
             if ( ! isset($_POST["nlo_spamfilterstatus"]) ) {
                 $eximFilterValues["spamfilter"]["values"]["STATUS"] = "#";
             }

Modified: trunk/modules/content_domain_new.php
===================================================================
--- trunk/modules/content_domain_new.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/modules/content_domain_new.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -50,8 +50,10 @@
      */
     function proceed() 
     {
-        $domain = $_GET["domain"]; 
-        $this->smarty->assign("domain",$domain);
+        if ( ! empty($_GET["domain"]) ) { 
+            $domain = $_GET["domain"];  
+            $this->smarty->assign("domain",$domain);
+        }
         $this->smarty->assign("mailstorageservers",unserialize(MAILSTORAGESERVERS));
 
         // new domain created or existing domain altert 
@@ -91,6 +93,7 @@
                     $admins = array();
                 }
 
+                $my_domain["mailsievefilter"] = createEximFilter( loadEximFilterTemplates() );
                 $this->ldap->addDomain($my_domain, $admins);
                         
                 $submit_status = ldap_errno($this->ldap->cid);

Modified: trunk/modules/content_systemuser_edit.php
===================================================================
--- trunk/modules/content_systemuser_edit.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/modules/content_systemuser_edit.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -56,7 +56,10 @@
         // new systemuser created or existing systemuser modified
         if (isset($_POST["submit"])) {
             // save all needed information which are no ldap objects themself
-            $new_adminofdomains = $_POST["nlo_adminofdomains"];
+            if ( !empty($_POST["nlo_adminofdomains"]) ) {
+                $new_adminofdomains = $_POST["nlo_adminofdomains"];
+            }
+
             if(!empty($_POST["nlo_next_step"])) {
                 $next_step = $_POST["nlo_next_step"];
             }

Modified: trunk/modules/content_user_edit.php
===================================================================
--- trunk/modules/content_user_edit.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/modules/content_user_edit.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -58,15 +58,15 @@
         if (isset($_POST["submit"])) {
             
             // create array of submitted values
-            $eximFilterValues["vacation"]["values"] = array( STATUS => "",
-                                                     RECIPIENT => $_POST["uid"]."@".$domain,
-                                                       MESSAGE => $_POST["nlo_vacationmessage"]);
+            $eximFilterValues["vacation"]["values"] = array( "STATUS" => "",
+                                                          "RECIPIENT" => $_POST["uid"]."@".$domain,
+                                                            "MESSAGE" => $_POST["nlo_vacationmessage"]);
             if (! isset($_POST["nlo_vacationstatus"])) {
                 $eximFilterValues["vacation"]["values"]["STATUS"] = "#";
             }
 
-            $eximFilterValues["redirect"]["values"] = array( STATUS => "",
-                                                     RECIPIENT => $_POST["nlo_redirectrecipient"]);
+            $eximFilterValues["redirect"]["values"] = array( "STATUS" => "",
+                                                          "RECIPIENT" => $_POST["nlo_redirectrecipient"]);
             if (! isset($_POST["nlo_redirectstatus"])) {
                 $eximFilterValues["redirect"]["values"]["STATUS"] = "#";
             }

Modified: trunk/modules/content_user_new.php
===================================================================
--- trunk/modules/content_user_new.php	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/modules/content_user_new.php	2007-10-10 13:35:32 UTC (rev 169)
@@ -50,7 +50,10 @@
      */
     function proceed() 
     {
-        $user = $_GET["user"]; 
+        if ( !empty($_GET["user"]) ) {
+            $user = $_GET["user"]; 
+        }
+
         $domain =  $_GET["domain"];
         $this->smarty->assign("domain",$domain);
 
@@ -73,6 +76,7 @@
                 $my_user["mailstatus"] = "FALSE";
             }
 
+            $my_user["mailsievefilter"] = createEximFilter( loadEximFilterTemplates() );
             $my_user["userpassword"] =  "{MD5}".base64_encode(pack("H*",md5($my_user["clearpassword"])));
 
             $validation_errors = validate_user($my_user);

Modified: trunk/templates/simple/content_alias_delete.tpl
===================================================================
--- trunk/templates/simple/content_alias_delete.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_alias_delete.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -5,7 +5,7 @@
                     <br />
                     <a href="index.php?module=users_list&domain={$domain}">{t}Back to domain overview{/t}</a>
                 {else}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{$alias.uid.0}@{$domain}</legend>
 			            <table>

Modified: trunk/templates/simple/content_alias_edit.tpl
===================================================================
--- trunk/templates/simple/content_alias_edit.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_alias_edit.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -3,7 +3,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{$alias.uid.0}@{$domain}</legend>
 			            <table>

Modified: trunk/templates/simple/content_alias_new.tpl
===================================================================
--- trunk/templates/simple/content_alias_new.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_alias_new.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -3,7 +3,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{t}new alias{/t}</legend>
 			            <table>

Modified: trunk/templates/simple/content_domain_delete.tpl
===================================================================
--- trunk/templates/simple/content_domain_delete.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_domain_delete.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -5,7 +5,7 @@
                     <br />
                     <a href="index.php?module=domains_list">{t}Back to domains list{/t}</a>
                 {else}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{$domain}</legend>
 			            <table>

Modified: trunk/templates/simple/content_domain_edit.tpl
===================================================================
--- trunk/templates/simple/content_domain_edit.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_domain_edit.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -3,7 +3,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-                <form action="{$smarty.server.PHP_SELF}" method="post" onsubmit="markAllAdmins()">
+                <form action="{$smarty.server.REQUEST_URI}" method="post" onsubmit="markAllAdmins()">
     	            <div>
                         <input type="hidden" name="dc" value="{$domain.dc.0}" />
                     </div>

Modified: trunk/templates/simple/content_domain_new.tpl
===================================================================
--- trunk/templates/simple/content_domain_new.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_domain_new.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -3,7 +3,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-                <form action="{$smarty.server.PHP_SELF}" method="post" onsubmit="markAllAdmins()">
+                <form action="{$smarty.server.REQUEST_URI}" method="post" onsubmit="markAllAdmins()">
             	    <fieldset>
 			            <legend>{t}new domain{/t}</legend>
 			            <table>

Modified: trunk/templates/simple/content_globaladmins_edit.tpl
===================================================================
--- trunk/templates/simple/content_globaladmins_edit.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_globaladmins_edit.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -3,7 +3,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-                <form action="{$smarty.server.PHP_SELF}" method="post" onsubmit="markAllAdmins()">
+                <form action="{$smarty.server.REQUEST_URI}" method="post" onsubmit="markAllAdmins()">
                     <table>
                         <tr>
                             <td>

Modified: trunk/templates/simple/content_systemuser_delete.tpl
===================================================================
--- trunk/templates/simple/content_systemuser_delete.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_systemuser_delete.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -5,7 +5,7 @@
                     <br />
                     <a href="index.php?module=systemusers_list">{t}Back to Systemusers overview{/t}</a>
                 {else}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{$user.uid.0}</legend>
 			            <table>

Modified: trunk/templates/simple/content_systemuser_edit.tpl
===================================================================
--- trunk/templates/simple/content_systemuser_edit.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_systemuser_edit.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -7,7 +7,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-		        <form action="{$smarty.server.PHP_SELF}" method="post" onsubmit="markAllDomains()">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post" onsubmit="markAllDomains()">
 			        <div>
                         <input type="hidden" name="mode" value="{$mode}"/>
                     </div>

Modified: trunk/templates/simple/content_user_delete.tpl
===================================================================
--- trunk/templates/simple/content_user_delete.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_user_delete.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -5,7 +5,7 @@
                     <br />
                     <a href="index.php?module=users_list&domain={$domain}">{t}Back to domain overview{/t}</a>
                 {else}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{$user.uid.0}@{$domain}</legend>
 			            <table>

Modified: trunk/templates/simple/content_user_edit.tpl
===================================================================
--- trunk/templates/simple/content_user_edit.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_user_edit.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -3,7 +3,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{$user.uid.0}@{$domain}</legend>
 			            <table>

Modified: trunk/templates/simple/content_user_new.tpl
===================================================================
--- trunk/templates/simple/content_user_new.tpl	2007-10-09 09:28:08 UTC (rev 168)
+++ trunk/templates/simple/content_user_new.tpl	2007-10-10 13:35:32 UTC (rev 169)
@@ -3,7 +3,7 @@
 		        {if $smarty.post.submit}
                     {include file="print_submit_status.tpl"}
                 {/if}
-		        <form action="{$smarty.server.PHP_SELF}" method="post">
+		        <form action="{$smarty.server.REQUEST_URI}" method="post">
 			        <fieldset>
 			            <legend>{t}new user{/t}</legend>
 			            <table>


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.