reject_system_uids

Reject incoming mail to system users that have no entry in /etc/aliases.

1. 300_exim4-config_real_local → 590_exim4-config_real_local
2. 450_local_reject_system_uids

### router/450_local_reject_system_uids
#################################

# From bug #307768

# MSS: This router prevents local delivery to UIDs outside the normal
# user range (1000-29999 inclusive).  Ideally, if used in the debian
# package, this router would get those values from /etc/adduser.conf,
# but for my local config, manually testing the magic numbers is
# acceptable.
#
# All local_part_prefixes and _suffixes used at the site should be
# allowed optionally in this router, to ensure that they can't be
# userd to skirt this router's check

reject_system_uids:
   driver = redirect
   domains = +local_domains
   local_part_prefix = real-
   local_part_prefix_optional = true
   check_local_user
   condition = ${if or{{<{$local_user_uid}{1000}}{>{$local_user_uid}{29999}}}}
   allow_fail
   data = :fail: System account $local_part does not accept email
   no_more

see also 307768