# sample SRS configuration
[srs]
;secret="shhhh!"
;maxage=21
;hashlength=5
# if defined, SRS uses a database for opaque rewriting
;database=/var/log/milter/srsdata
# sign these domains using SES to prevent forged bounces instead of SRS
;ses = localdomain1.com, localdomain2.org
# sign these domains using SRS in signing mode to prevent forged bounces 
;sign = localdomain1.com, localdomain2.org
# rewrite all other domains to this domain using SRS
;fwdomain = mydomain.com
# additional domains to decode (reverse) srs 
# NOTE: bms.py in milter package can also do this, as can pysrs.m4 HACK.
;srs = otherdomain.com
# do not rewrite mail to these domains
;nosrs = braindeadmail.com
# Treat these localparts as a DSN.  Lot's of braindead systems 
# send non-DSN mail to MAIL FROM.
;banned_users = mailer-daemon, clamav, postmaster

[srsmilter]
;datadir=/var/lib/milter
socketname = /var/run/milter/srsmilter
miltername = pysrsfilter
# reject DSNs to unsigned recipients (bounce spam)
reject_spoofed = true
;trusted_relay = 1.2.3.4
internal_connect = 192.168.*.*,127.0.0.1,::1
# Enable outgoing SRS via CHGFROM (see code for limitations)
miltersrs = false