Intermediate
Newbie | Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору hostlist senderverifybypass_hosts = net-iplsearch;/etc/senderverifybypasshosts hostlist skipsmtpcheck_hosts = net-iplsearch;/etc/skipsmtpcheckhosts hostlist spammeripblocks = net-iplsearch;/etc/spammeripblocks hostlist backupmx_hosts = lsearch;/etc/backupmxhosts hostlist trustedmailhosts = lsearch;/etc/trustedmailhosts domainlist user_domains = lsearch;/etc/userdomains smtp_receive_timeout = 165s ignore_bounce_errors_after = 3d timeout_frozen_after = 5d auto_thaw = 7d callout_domain_negative_expire = 1h callout_negative_expire = 1h acl_smtp_connect = acl_connect spamd_address = 127.0.0.1 783 system_filter=/etc/cpanel_exim_system_filter acl_smtp_rcpt = check_recipient acl_smtp_data = check_message domainlist local_domains = lsearch;/etc/localdomains domainlist relay_domains = lsearch;/etc/localdomains : \ lsearch;/etc/secondarymx hostlist relay_hosts = lsearch;/etc/relayhosts : \ localhost hostlist auth_relay_hosts = * perl_startup = do '/etc/exim.pl' smtp_banner = "${primary_hostname} ESMTP Exim ${version_number} \ \#${compile_number} ${tod_full} \n\ We do not authorize the use of this system to transport unsolicited, \n\ and/or bulk e-mail." #nobody as the sender seems to annoy people untrusted_set_sender = * local_from_check = false rfc1413_query_timeout = 0s split_spool_directory = yes smtp_connect_backlog = 50 smtp_accept_max = 100 deliver_queue_load_max = 3 message_body_visible = 5000 never_users = root tls_certificate = /etc/exim.crt tls_privatekey = /etc/exim.key tls_advertise_hosts = * helo_accept_junk_hosts = * smtp_enforce_sync = true begin acl acl_connect: drop message = Your host is not allowed to connect to this server. log_message = Host is banned hosts = +spammeripblocks accept acl_notquit: check_recipient: warn ratelimit = 0 / 1h / strict log_message = Sender rate $sender_rate / $sender_rate_period accept hosts = : accept hosts = +skipsmtpcheck_hosts # Accept bounces to lists even if callbacks or other checks would fail warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes condition = \ ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \ {yes}{no}} accept condition = \ ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \ {yes}{no}} # Accept bounces to lists even if callbacks or other checks would fail warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes condition = \ ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \ {yes}{no}} accept condition = \ ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \ {yes}{no}} #if it gets here it isn't mailman # deny must be on the same line as hosts so it will get removed by buildeximconf if turned off deny hosts = ! +senderverifybypass_hosts ! verify = sender accept hosts = * authenticated = * accept condition = ${if match_ip{$sender_host_address}{iplsearch;/etc/relayhosts}{1}{${if eq{$sender_host_address}{127.0.0.1}{1}{0}}}} add_header = ${if exists{/etc/eximpopbeforesmtpwarning}{${perl{popbeforesmtpwarn}{$sender_host_address}}{}} accept hosts = +relay_hosts add_header = ${if exists{/etc/eximpopbeforesmtpwarning}{${perl{popbeforesmtpwarn}{$sender_host_address}}{}} warn log_message = "Detected Dictionary Attack (Let $rcpt_fail_count bad recipients though before engaging)" condition = ${if > {${eval:$rcpt_fail_count}}{4}{yes}{no}} set acl_m7 = 1 warn condition = ${if eq {${acl_m7}}{1}{1}{0}} ratelimit = 0 / 1h / strict / per_conn log_message = "Increment Connection Ratelimit - $sender_fullhost because of Dictionary Attack" drop condition = ${if eq {${acl_m7}}{1}{1}{0}} message = "Number of failed recipients exceeded. Come back in a few hours." require verify = recipient warn domains = ! ${primary_hostname} : +local_domains condition = ${if <= {$message_size}{200K}{${if eq {${acl_m0}}{1}{0}{${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/.spamassassinenable}{1}{0}}}}}}}{0}} set acl_m0 = 1 set acl_m1 = ${lookup{$domain}lsearch*{/etc/userdomains}{$value}} warn domains = ${primary_hostname} condition = ${if <= {$message_size}{200K}{${if eq {${acl_m0}}{1}{0}{${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/.spamassassinenable}{1}{0}}}}}}}{0}} set acl_m0 = 1 set acl_m1 = $local_part accept domains = +relay_domains deny message = $sender_fullhost is currently not permitted to \ relay through this server. Perhaps you \ have not logged into the pop/imap server in the \ last 30 minutes or do not have SMTP Authentication turned on in your email client. check_message: accept hosts = 127.0.0.1 : +relay_hosts accept hosts = * authenticated = * warn condition = ${if eq {${acl_m0}}{1}{1}{0}} spam = ${acl_m1}/defer_ok log_message = "SpamAssassin as ${acl_m1} detected message as spam ($spam_score)" add_header = X-Spam-Subject: ***SPAM*** $h_subject add_header = X-Spam-Status: Yes, score=$spam_score add_header = X-Spam-Score: $spam_score_int add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Report: $spam_report add_header = X-Spam-Flag: YES set acl_m2 = 1 warn condition = ${if eq {$spam_score_int}{}{0}{${if <= {${spam_score_int}}{8000}{${if >= {${spam_score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}} warn condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}} add_header = X-Spam-Status: No, score=$spam_score add_header = X-Spam-Score: $spam_score_int add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Flag: NO log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam ($spam_score)" deny condition = ${if eq {${acl_m0}}{1}{${if >{$spam_score_int}{200}{1}{0}}}{0}} log_message = "The mail server detected your message as spam and has prevented delivery (200)." message = "The mail server detected your message as spam and has prevented delivery." accept begin authenticators fixed_plain: driver = plaintext public_name = PLAIN server_prompts = : server_condition = "${perl{checkuserpass}{$1}{$2}{$3}}" server_set_id = $2 fixed_login: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" server_condition = "${perl{checkuserpass}{$1}{$2}}" server_set_id = $1 begin rewrite begin routers mailman_virtual_router: driver = accept require_files = /usr/local/cpanel/3rdparty/mailman/lists/${lc::$local_part}_${lc::$domain}/config.pck local_part_suffix_optional local_part_suffix = -admin : \ -bounces : -bounces+* : \ -confirm : -confirm+* : \ -join : -leave : \ -owner : -request : \ -subscribe : -unsubscribe transport = mailman_virtual_transport mailman_virtual_router_nodns: driver = accept require_files = /usr/local/cpanel/3rdparty/mailman/lists/${lc::$local_part}/config.pck condition = \ ${if or {{match{$local_part}{.*_.*}} \ {eq{$local_part}{mailman}}} \ {1}{0}} local_part_suffix_optional local_part_suffix = -admin : \ -bounces : -bounces+* : \ -confirm : -confirm+* : \ -join : -leave : \ -owner : -request : \ -subscribe : -unsubscribe domains = +local_domains transport = mailman_virtual_transport_nodns democheck: driver = redirect require_files = "+/etc/demouids" condition = "${if eq {${lookup {$originator_uid} lsearch {/etc/demouids} {$value}}}{}{false}{true}}" allow_fail data = :fail: demo accounts are not permitted to relay email boxtrapper_autowhitelist: driver = accept require_files = "+/usr/local/cpanel/bin/boxtrapper" condition = "${perl{checkbx_autowhitelist}{$authenticated_id}}" transport = boxtrapper_autowhitelist unseen checkspam2: domains = ! +local_domains condition = "${perl{checkspam2}}" driver = redirect ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24 allow_fail data = "${perl{checkspam2_results}}" trackbandwidth: domains = ! +local_domains condition = "${perl{trackbandwidth}}" driver = redirect ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24 allow_fail verify = false data = "${perl{trackbandwidth_results}}" lookuphost: driver = dnslookup domains = ! +local_domains #ignore verisign to prevent waste of bandwidth ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24 headers_add = "${perl{mailtrapheaders}}" transport = remote_smtp literal: driver = ipliteral domains = ! +local_domains headers_add = "${perl{mailtrapheaders}}" ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24 transport = remote_smtp fail_remote_domains: driver = redirect domains = ! +local_domains : ! localhost : ! localhost.localdomain allow_fail data = ":fail: The mail server could not deliver mail to $local_part@$domain. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries." central_filter: driver = redirect allow_filter no_check_local_user file = /etc/vfilters/${domain} file_transport = address_file directory_transport = address_directory domains = +user_domains pipe_transport = virtual_address_pipe reply_transport = address_reply router_home_directory = ${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}} user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" allow_fail no_verify mainacct_central_user_filter: driver = redirect allow_filter allow_fail check_local_user domains = ! +user_domains condition = ${if eq {${lookup{$local_part}lsearch{/etc/domainusers}{$value}}}{}{0}{${if exists {/etc/vfilters/${lookup{$local_part}lsearch{/etc/domainusers}{$value}}}{1}{0}}}} file = "/etc/vfilters/${lookup{$local_part}lsearch{/etc/domainusers}{$value}}" file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply retry_use_local_part no_verify central_user_filter: driver = redirect allow_filter allow_fail check_local_user domains = ! +user_domains file = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/etc/filter" require_files = "+${extract{5}{::}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/etc/filter" router_home_directory = ${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}} directory_transport = address_directory file_transport = address_file pipe_transport = virtual_address_pipe reply_transport = address_reply retry_use_local_part no_verify virtual_user_filter: driver = redirect allow_filter allow_fail no_check_local_user domains = +user_domains require_files = "+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/$local_part/filter" file = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/$local_part/filter" router_home_directory = ${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}} directory_transport = address_directory file_transport = address_file pipe_transport = virtual_address_pipe reply_transport = address_reply user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" no_verify virtual_aliases_nostar: driver = redirect allow_defer allow_fail require_files = "+/etc/valiases/$domain" data = ${lookup{$local_part@$domain}lsearch{/etc/valiases/$domain}} file_transport = address_file group = mail pipe_transport = virtual_address_pipe retry_use_local_part unseen virtual_user_spam: driver = accept domains = +user_domains require_files = "+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/.spamassassinboxenable:+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd" condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd}}}{}{false}{${if match{$h_X-Spam-Status:}{\N^Yes\N}{true}{false}}}} headers_remove="x-spam-exim" transport = virtual_userdelivery_spam virtual_boxtrapper_user: driver = accept domains = +user_domains require_files = "+/usr/local/cpanel/bin/boxtrapper:+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd" condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd}}}{} {false}{${if exists {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/$local_part/.boxtrapperenable} {true} {false}}}} retry_use_local_part transport = virtual_boxtrapper_userdelivery virtual_user: driver = accept headers_remove="x-spam-exim" domains = +user_domains require_files = "+${extract{5}{::}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd" condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/$domain/passwd}}}{} {false}{true}} transport = virtual_userdelivery has_alias_but_no_mailbox_discarded_to_prevent_loop: driver = redirect require_files = "+/etc/valiases/$domain" domains = +user_domains condition = "${perl{checkvalias}{$domain}{$local_part}}" data="#Exim Filter\nseen finish" group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" allow_filter disable_logging = true valias_domain_file: driver = redirect allow_defer allow_fail require_files = +/etc/vdomainaliases/$domain condition = ${lookup {$domain} lsearch {/etc/vdomainaliases/$domain}{yes}{no} } data = $local_part@${lookup {$domain} lsearch {/etc/vdomainaliases/$domain} } virtual_aliases: driver = redirect allow_defer allow_fail require_files = "+/etc/valiases/$domain" data = ${lookup{*}lsearch{/etc/valiases/$domain}} file_transport = address_file group = mail pipe_transport = virtual_address_pipe system_aliases: driver = redirect allow_defer allow_fail data = ${lookup{$local_part}lsearch{/etc/aliases}} file_transport = address_file pipe_transport = address_pipe retry_use_local_part # user = exim local_aliases: driver = redirect allow_defer allow_fail data = ${lookup{$local_part}lsearch{/etc/localaliases}} file_transport = address_file pipe_transport = address_pipe check_local_user userforward: driver = redirect allow_filter check_ancestor check_local_user domains = ! +user_domains no_expn file = $home/.forward file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply no_verify localuser_spam: driver = accept headers_remove="x-spam-exim" domains = ! +user_domains require_files = "+$home/.spamassassinboxenable" condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{true}{false}} check_local_user transport = local_delivery_spam boxtrapper_localuser: driver = accept require_files = "+/usr/local/cpanel/bin/boxtrapper:+$home/etc/.boxtrapperenable" check_local_user domains = ! +user_domains transport = local_boxtrapper_delivery localuser: driver = accept headers_remove="x-spam-exim" check_local_user domains = ! +user_domains transport = local_delivery begin transports remote_smtp: driver = smtp local_delivery: driver = appendfile delivery_date_add envelope_to_add directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/mail" maildir_use_size_file maildir_format mode = 0660 return_path_add group = ${extract{3}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}} user = $local_part local_delivery_spam: driver = appendfile delivery_date_add envelope_to_add directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/mail/.spam" maildir_use_size_file maildir_format group = ${extract{3}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}} mode = 0660 return_path_add user = $local_part address_directory: driver = appendfile maildir_format address_pipe: driver = pipe return_output virtual_address_pipe: driver = pipe group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" return_output user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" address_file: driver = appendfile delivery_date_add envelope_to_add return_path_add virtual_userdelivery_spam: driver = appendfile delivery_date_add envelope_to_add directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}/.spam" maildir_use_size_file maildir_format mode = 0660 quota = "${if exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota}{$value}}} {}}" quota_is_inclusive = false quota_directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}" return_path_add user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" group = ${extract{3}{:}{${lookup{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}} boxtrapper_autowhitelist: driver = pipe headers_only command = /usr/local/cpanel/bin/boxtrapper --autowhitelist "${authenticated_id}" user = ${perl{getemailuser}{$authenticated_id}} group = ${extract{3}{:}{${lookup{${perl{getemailuser}{$authenticated_id}}}lsearch{/etc/passwd}{$value}}}} log_output = true current_directory = "/tmp" return_fail_output = true return_path_add = false local_boxtrapper_delivery: driver = pipe command = /usr/local/cpanel/bin/boxtrapper "${local_part}" user = $local_part group = ${extract{3}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}} log_output = true current_directory = "/tmp" return_fail_output = true return_path_add = false virtual_boxtrapper_userdelivery: driver = pipe command = /usr/local/cpanel/bin/boxtrapper "${local_part}@${domain}" user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" group = ${extract{3}{:}{${lookup{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}} log_output = true current_directory = "/tmp" return_fail_output = true return_path_add = false virtual_userdelivery: driver = appendfile delivery_date_add envelope_to_add directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}" maildir_use_size_file maildir_format mode = 0660 quota = "${if exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota}{$value}}} {}}" quota_is_inclusive = false quota_directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}" return_path_add user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}" group = ${extract{3}{:}{${lookup{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}} address_reply: driver = autoreply mailman_virtual_transport: driver = pipe command = /usr/local/cpanel/3rdparty/mailman/mail/mailman \ '${if def:local_part_suffix \ {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \ {post}}' \ ${lc:$local_part}_${lc:$domain} current_directory = /usr/local/cpanel/3rdparty/mailman home_directory = /usr/local/cpanel/3rdparty/mailman user = mailman group = mailman mailman_virtual_transport_nodns: driver = pipe command = /usr/local/cpanel/3rdparty/mailman/mail/mailman \ '${if def:local_part_suffix \ {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \ {post}}' \ ${lc:$local_part} current_directory = /usr/local/cpanel/3rdparty/mailman home_directory = /usr/local/cpanel/3rdparty/mailman user = mailman group = mailman begin retry * * F,2h,15m; G,16h,1h,1.5; F,4d,8h |