# -*- conf -*-
# Configuration file for postconfirm.

# The user and group which the daemon will run as.  The change to the given
# user and group will happen after the pid-file /var/run/postconfirmd.pid is
# created, just before the daemonization.  The socket which the postconfirmd
# server will create, and the postconfirmc client will write to, will be
# created with owner and group write permissions for the given user and group.
daemon_user:	mail
daemon_group:	mail

socket_path: "./socket"

# List of files which will be read on startup.  These are expected to contain
# whitelisted email addresses, one entry per line.  These files are not
# modified.
whitelists:     [ "/etc/postconfirm/whitelist", ]

# List of files which will be read on startup.  These are expected to contain
# whitelist regexes, one entry per line.  These files are not modified.  One
# entry in these files is *much* more costly than an entry in the plain
# whitelist files, so use with caution.  Only lowercase versions of addresses
# will ever be tested against the regexes, so you don't need to write them to
# match both lower-, upper- and mixed-case addresses.  The regexes shouldn't
# start with ^ and end with $; but these will be assumed.  In other words,
# only complete matches against sender addresses will be accepted.
whiteregex:     [ "/etc/postconfirm/whiteregex", ]

# List of files which will be read on startup.  These are expected to contain
# blacklisted email addresses, one entry per line.  These files are not
# modified.
blacklists:     [ "/etc/postconfirm/blacklist", ]

# Regexes as above, but for blacklisting
blackregex:     [ "/etc/postconfirm/blackregex", ]

# File which will hold confirmed poster email addresses.  This file is
# read on startup and updated by the daemon as confirmations come in.
confirmlist:    "/var/run/postconfirm/confirmed"

# Directory where pending posts will be cached.  Cache timeout is not
# controlled by the postconfirmd daemon.  Instead it is expected that old
# cache entries will be removed by a cronjob.  As an example, the cronjob
# could run every hour and execute 
#	`find /var/cache/postconfirm -mtime +4 -exec rm \{\} \;`
# in order to remove cached files older than 96 hours.
mail_cache_dir:	"/var/cache/postconfirm/mail"

# If archive_url_pattern is set and the email has a List-Id header field,
# postconfirm will try to ask mailman if the list is archived.  In order to
# do so, it will need to import MailList from Mailman.  This tells
# postconfirm where the mailman libs are located:
mailman_dir:	"/usr/lib/mailman"

# Directory where outstanding confirmation data will be kept.
pending_dir:	"/var/cache/postconfirm/pending"

# How long to keep outstanding confirmation data
pending_hours:	96

# Template for the confirmation mail sent out when a poster isn't on the
# whitelist and hasn't confirmed an earlier post
#mail_template:	"/etc/postconfirm/confirm.email.template"
mail_template:	"confirm.email.template"

# File which will hold the key which is used to generate the HMAC-SHA1 hash
# which is sent out as part of the verification mail.
key_file:	"./hash.key"

# The host which will be used to send confirmation emails.
smtp_host:	localhost

# The admin address mentioned in the default confirmation email template.
# This address is not used by the daemon, its only mention is in the default
# confirmation request template.
admin_address:	"postmaster@shiraz.levkowetz.com"

# If an incoming mail has a Precedence: header which matches the following
# regex pattern, the mail will be dropped:

bulk_regex:	"(junk|list|bulk|auto_reply)"

# How many recently seen addresses we should remember.  Set this to about the
# expected number of messages held in cache.  The figure isn't critical; the
# only effect of setting a too low figure is to re-send confirmation requests
# to the same address for newly received messages before previous messges from
# the same sender times out from the cache.

remember_senders: 4096

# Set this pattern in order to have postconfirmd generate an Archived-At
# header field.  This assumes that the List-Id header field is set with the
# value of the list in the wrapper.  Available values to insert here are
# list, hash, msgid.  Hash is a sha1 of list and msgid
archive_url_pattern: "http://mailarchive.ietf.org/arch/msg/%(list)s/%(hash)s"

# If the message has an auto-submitted header, and the value matches the
# auto_submitted_regex in the configuration file, then unless the envelope
# sender is whitelisted, the message is logged and discarded. 
auto_submitted_regex:	"^auto-"

# File which will hold confirmed poster email addresses.  This file is
# read on startup and updated by the daemon as bounces come in.
bouncelist:    "/var/run/postconfirm/bounced"

# The number of hours we remember bounces
remember_bounce_hours: 12

# Dmarc settings
dmarc: {
    # This is the domain that will be used for replacement From addresses
    domain: "dmarc.ietf.org"
    resolver: {
	# seconds
	timeout: 3	# The number of seconds to wait for a response from a server, before timing out. 
	lifetime: 5	# The total number of seconds to spend trying to get an answer to the question. 
    }
    rewrite: {
	smtp: {
	    # These are used when forwarding dmarc-processed mail.
	    host: localhost
	    port: 10028
	}
	require:
	{
	    # These restrict when rewrite is done
	    header:
	    {
		"X-BeenThere": [ "dmarc@ietf.org", "quic@ietf.org" ]
	    }
	}
    }
    reverse: {
	smtp: {
	    # These are used when forwarding reversed mail.
	    host: localhost
	    port: 10026
	}
    }
}