exim.conf

######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################

keep_environment = LOCAL_DOMAINS : RELAY_TO_DOMAINS : RELAY_FROM_HOSTS : SMARTHOST_PORT : SMARTHOST_HOST : SMARTHOST_USERNAME : SMARTHOST_PASSWORD
domainlist local_domains = ${env{LOCAL_DOMAINS}{$value} fail}
domainlist relay_to_domains = ${env{RELAY_TO_DOMAINS}{$value} fail}
hostlist relay_from_hosts = <; ${env{RELAY_FROM_HOSTS}{$value} fail}
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
tls_advertise_hosts =
daemon_smtp_ports = 2525
deliver_drop_privilege = true
never_users = root
prdr_enable = true
log_file_path = /var/log/exim/%s
syslog_duplication = false
log_selector = \
  +smtp_protocol_error \
  +smtp_syntax_error \
  +sender_on_delivery \
  +received_recipients
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d

######################################################################
#                       ACL CONFIGURATION                            #
######################################################################

begin acl

acl_check_rcpt:
  accept  hosts         = :
          control       = dkim_disable_verify
  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  accept  local_parts   = postmaster
          domains       = +local_domains
  # require verify        = sender
  accept  hosts         = +relay_from_hosts
          control       = submission
          control       = dkim_disable_verify
  accept  authenticated = *
          control       = submission
          control       = dkim_disable_verify
  require message	      = nice hosts say HELO first
          condition	    = ${if def:sender_helo_name}
  require message       = relay not permitted
          domains       = +local_domains : +relay_to_domains
  require verify        = recipient
  accept

acl_check_data:
  deny    condition  = ${if > {$max_received_linelength}{998}}
  accept

######################################################################
#                      ROUTERS CONFIGURATION                         #
######################################################################

begin routers

smarthost:
  driver = manualroute
  domains = ! +local_domains
  transport = smarthost_smtp
  route_data = ${env{SMARTHOST_HOST}{$value} fail}
  ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1

no_more


######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################

begin transports

smarthost_smtp:
  driver = smtp
  port = ${env{SMARTHOST_PORT}{$value} fail}
  hosts_require_auth = $host_address
  hosts_require_tls = $host_address
  message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}

######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################

begin retry

# Address/Domain  Error  Retries
*                 *      F,2h,15m; G,16h,1h,1.5; F,4d,6h

######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################

begin authenticators

auth_login:
  driver = plaintext
  public_name = LOGIN
  hide client_send = : ${env{SMARTHOST_USERNAME}{$value} fail} : ${env{SMARTHOST_PASSWORD}{$value} fail}

# End of Exim configuration file