#!patch

Do only bind to the loopback interface by default, so we do not open the port
to the public but to be able to send mail out. Only accept local users with a
.forward file (so only the mail user, e.g. not archivista nor root) and no
system aliases.

Furthermore (for best user experience) only try remote smtp if the domain
resolved and try a local delivery (we only have one valid user: mail) instead
so people do not need any setup and can just send mail the the IP or name
they configured in their existing, local network.

  - Rene Rebe <rene@exactcode.de>

--- configure.vanilla	2005-12-12 13:49:59.000000000 +0000
+++ configure	2005-12-12 13:50:40.000000000 +0000
@@ -239,7 +239,7 @@
 
 timeout_frozen_after = 7d
 
-
+local_interfaces = 127.0.0.1
 
 ######################################################################
 #                       ACL CONFIGURATION                            #
@@ -303,8 +303,7 @@
   # Accept mail to postmaster in any local domain, regardless of the source,
   # and without verifying the sender.
 
-  accept  local_parts   = postmaster
-          domains       = +local_domains
+  accept  local_parts   = mail
 
   # Deny unless the sender address can be verified.
 
@@ -431,22 +431,6 @@
 #   transport = remote_smtp
 
 
-# This router routes addresses that are not in local domains by doing a DNS
-# lookup on the domain name. Any domain that resolves to 0.0.0.0 or to a
-# loopback interface address (127.0.0.0/8) is treated as if it had no DNS
-# entry. Note that 0.0.0.0 is the same as 0.0.0.0/32, which is commonly treated
-# as the local host inside the network stack. It is not 0.0.0.0/0, the default
-# route. If the DNS lookup fails, no further routers are tried because of
-# the no_more setting, and consequently the address is unrouteable.
-
-dnslookup:
-  driver = dnslookup
-  domains = ! +local_domains
-  transport = remote_smtp
-  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
-  no_more
-
-
 # The remaining routers handle addresses in the local domain(s).
 
 
@@ -470,14 +454,14 @@
 # listed below are the same as are used for .forward files; you might want
 # to set up different ones for pipe and file deliveries from aliases.
 
-system_aliases:
-  driver = redirect
-  allow_fail
-  allow_defer
-  data = ${lookup{$local_part}lsearch{/etc/aliases}}
-# user = exim
-  file_transport = address_file
-  pipe_transport = address_pipe
+#system_aliases:
+#  driver = redirect
+#  allow_fail
+#  allow_defer
+#  data = ${lookup{$local_part}lsearch{/etc/aliases}}
+## user = exim
+#  file_transport = address_file
+#  pipe_transport = address_pipe
 
 
 # This router handles forwarding using traditional .forward files in users'
@@ -511,12 +495,28 @@
 # local_part_suffix_optional
   file = $home/.forward
 # allow_filter
-  no_verify
-  no_expn
+#  no_verify
+#  no_expn
   check_ancestor
   file_transport = address_file
   pipe_transport = address_pipe
   reply_transport = address_reply
+  directory_transport = address_dictonary
+
+
+# This router routes addresses that are not in local domains by doing a DNS
+# lookup on the domain name. Any domain that resolves to 0.0.0.0 or to a
+# loopback interface address (127.0.0.0/8) is treated as if it had no DNS
+# entry. Note that 0.0.0.0 is the same as 0.0.0.0/32, which is commonly treated
+# as the local host inside the network stack. It is not 0.0.0.0/0, the default
+# route. If the DNS lookup fails, no further routers are tried because of
+# the no_more setting, and consequently the address is unrouteable.
+
+dnslookup:
+  driver = dnslookup
+	domains = ! +local_domains
+	transport = remote_smtp
+	ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : @[]
 
 
 # This router matches local user mailboxes. If the router fails, the error
@@ -527,13 +527,13 @@
 # part_suffix options. Then, for example, xxxx-foo@your.domain will be treated
 # in the same way as xxxx@your.domain by this router.
 
-localuser:
-  driver = accept
-  check_local_user
-# local_part_suffix = +* : -*
-# local_part_suffix_optional
-  transport = local_delivery
-  cannot_route_message = Unknown user
+#localuser:
+#  driver = accept
+#  check_local_user
+## local_part_suffix = +* : -*
+## local_part_suffix_optional
+#  transport = local_delivery
+#  cannot_route_message = Unknown user
 
 
 
@@ -595,6 +595,13 @@
   envelope_to_add
   return_path_add
 
+address_dictonary:
+  driver = appendfile
+	maildir_format = true
+	delivery_date_add
+	envelope_to_add
+	return_path_add
+
 
 # This transport is used for handling autoreplies generated by the filtering
 # option of the userforward router.
