FAQ по Exim MTA #2 - [563] :: В помощь системному администратору

Чтож, попробую быть нормальным, хоть и не думаю, что дата\время ошибки сильно на что-то влияет...
Первая ошибка:
2015-06-15 09:54:47 1Z4MQ3-000501-Q8 == mahneva@domain.ru R=ldap_check T=ldap_delivery defer (2): No such file or directory: while renaming /home/vmail/mahneva/Maildir/new/temp.19236.mail.domain.ru as /home/vmail/mahneva/Maildir/new/q1Z4MQ3-8912934

При этом письмо до ходит до адресата, но висит в очереди эксима, как не доставленное.
Далее в логах:
2015-06-15 10:22:29 1Z4MQ3-000501-Q8 == mahneva@domain.ru R=ldap_check T=ldap_delivery defer (-52): Retry time not yet reached
И потом опять:
1Z4MQ3-000501-Q8 == mahneva@domain.ru R=ldap_check T=ldap_delivery defer (2): No such file or directory: while renaming /home/vmail/mahneva/Maildir/new/temp.20462.mail.domain.ru as /home/vmail/mahneva/Maildir/new/q1Z4Mv6-557815
Повторная доставка того же письма. И так до тех пор, пока не удалишь его из очереди.

[more=exim.conf]ldap_default_servers = ads.account.domain.ru
LDAP_AD_BINDDN = "cn=usr,cn=users,dc=account,dc=domain,dc=ru"
LDAP_AD_PASS = pswd
LDAP_AD_BASE_DN = "dc=account,dc=domain,dc=ru"
LDAP_AD_MAIL_RCPT = user=LDAP_AD_BINDDN passLDAP_AD_PASS \
ldap://dc=account,dc=domain,dc=ru(&(objectClass=person)(mail=${quote_ldap:${local_part}@${domain}}))

#######################################################
# MAIN CONFIGURATION SETTINGS #
######################################################

primary_hostname = mail.domain.ru

domainlist local_domains = @ : localhost : localhost.localdomain : domain.ru
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1 : localhost

acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime

daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

qualify_domain = domain.ru

qualify_recipient = mail.domain.ru

allow_domain_literals = false

never_users = root

rfc1413_query_timeout = 5s

ignore_bounce_errors_after = 45m

timeout_frozen_after = 3d

auth_advertise_hosts = *
helo_accept_junk_hosts = 192.168.12.0/24

auto_thaw = 15m
message_size_limit = 40M
helo_allow_chars = _

smtp_enforce_sync = true
syslog_timestamp = no
split_spool_directory = true
remote_max_parallel = 15
smtp_accept_max = 60

system_filter = /etc/exim/forward.conf

##################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
#####################################################

begin acl

acl_check_rcpt:

accept hosts = :

deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]

deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

require verify = sender

deny senders = /etc/exim/deny_senders
message = "You don't access to send email."

deny senders = /etc/exim/local_senders
domains = !+local_domains
message = "You allow to send email only to local_domain."

accept hosts = +relay_from_hosts
control = submission

accept authenticated = *
control = submission

require message = relay not permitted
domains = +local_domains

##########################################################################
accept condition = ${lookup{$sender_host_address}iplsearch{/etc/exim/friendly_hosts_ip}{yes}{no}}
domains = +local_domains
accept condition = ${lookup{$sender_host_name}wildlsearch{/etc/exim/whitelist_sender_hosts}{yes}{no}}
domains = +local_domains
accept condition = ${lookup{$sender_address}wildlsearch{/etc/exim/whitelist_senders}{yes}{no}}
domains = +local_domains
##########################################################################

drop message = Bad HELO: I am the localhost!
condition = ${if eq{localhost}{$sender_helo_name}}

drop message = Bad HELO: Host impersonating [$sender_helo_name]
condition = ${if match{$sender_helo_name}{$primary_hostname}{yes}{no}}

drop message = Bad HELO: Host impersonating [$sender_helo_name]
condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}}

drop message = Bad HELO: empty. Required by RFC.
condition = ${if eq {$sender_helo_name}{}{yes}{no}}

drop condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}
message = "550 - Main IP in your HELO! Access denied! Email for contact to us: administrator@domain.ru."

drop condition = ${if match{$sender_helo_name}{\N^\d+$\N}{yes}{no}}
message = "550 - Can not be only number in HELO! Email for contact to us: administrator@domain.ru."

drop message = "550 - Your helo is bad (adsl,pool,ppp & etc). Email for contact to us: administrator@domain.ru."
condition = ${if match{$sender_helo_name} \
{astral|bbtec|broadband|cable|chello|client|cable|comcast|dsl|dslam|dial|dialin|dynamic|dynip|home|host-|hsd|hlfx|kabel|node|pool|peer|ppp|ipconnect|res|static|dhcp}{yes}{no}}

deny message = "550 - Access denied - pleace, contact with postmaster!"
condition = ${if match{$sender_helo_name}{\N((?>\w+[\-]){3,})\N}{yes}{no}}
##########################################################################

warn condition = ${if eq{$sender_address}{}{yes}{no}}
message = "550 - You HELO is empty! Access denied!"

deny message = "550 - Broken Reverse DNS: no host name for sender IP address $sender_host_address."
!verify = reverse_host_lookup

deny message = "550 - Access denied - pleace, contact with postmaster!"
condition = ${if match{$sender_host_name}{\N((?>\w+[\-]){3,})\N}{yes}{no}}

deny message = "550 - Access denied - pleace, contact with postmaster! Email for contact to us: administrator@domain.ru."
condition = ${if match{$sender_host_name}{\N((?>\w+[\.|\-]){5,})\N}{yes}{no}}

deny message = "550 - Your hostname is bad (adsl,pool,ppp & etc). Email for contact to us: administrator@domain.ru."
condition = ${if match{$sender_host_name} \
{astral|bbtec|broadband|cable|chello|client|cable|comcast|dsl|dslam|dial|dialin|dyn|dynamic|dynip|home|host-|hsd|hlfx|kabel|node|pool|peer|ppp|ipconnect|res|static|dhcp}{yes}{no}}

deny message = "550 - sender IP address $sender_host_address is locally blacklisted here. Email for contact to us: administrator@domain.ru."
hosts = net-iplsearch;/etc/exim/blacklist_ip

deny message = "550 - sender domain address $sender_host_address is locally blacklisted here. Email for contact to us: administrator@domain.ru."
hosts = wildlsearch;/etc/exim/blacklist_domains

deny message = "Sender rate SMTP overlimit - $sender_rate / $sender_rate_period. Email for contact to us: administrator@domain.ru."
ratelimit = 100 / 1h / strict

warn
hosts = +relay_from_hosts
hosts = net-lsearch;/etc/exim/friendly_hosts_ip
hosts = wildlsearch;/etc/exim/whitelist_sender_hosts
senders = wildlsearch;/etc/exim/whitelist_senders
set acl_m0 = 0s

require verify = recipient

# At this point, the address has passed all the checks that have been
# configured, so we accept it unconditionally.

accept

# This ACL is used after the contents of a message have been received. This
# is the ACL in which you can test a message's headers or body, and in
# particular, this is where you can invoke external virus or spam scanners.
# Some suggested ways of configuring these tests are shown below, commented
# out. Without any tests, this ACL accepts all messages. If you want to use
# such tests, you must ensure that Exim is compiled with the content-scanning
# extension (WITH_CONTENT_SCAN=yes in Local/Makefile).

acl_check_data:

accept

acl_check_mime:

# File extension filtering.
deny message = Blacklisted file extension detected
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
{1}{0}}

accept

#####################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
##################################################

begin routers

dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe

userforward:
driver = redirect
check_local_user
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply

virtualuserforward:
driver = redirect
condition = ${lookup{$local_part}lsearch{/etc/dovecot.passwd}}
file = /etc/exim/forward/$local_part
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply

procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify

virtual_users:
driver = accept
condition = ${lookup{$local_part}lsearch{/etc/dovecot.passwd}}
transport = dovecot_virtual_delivery
cannot_route_message = Unknown user

ldap_check:
driver = accept
domains = +local_domains
verify_recipient
condition = ${lookup ldapm{user=LDAP_AD_BINDDN pass=LDAP_AD_PASS ldap:///dc=account,dc=domain,dc=ru?sAMAccountName?sub?(&(mail=${local_part}@${domain}))}{$value}}
transport = ldap_delivery
cannot_route_message = Unknown user

######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################

begin transports

remote_smtp:
driver = smtp

procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output

local_delivery:
driver = appendfile
maildir_format
create_directory
directory = /var/spool/mail/$domain/$local_part
quota = 60M
maildir_tag = ,S=$message_size
quota_size_regex = ,S=(\d+)
delivery_date_add
envelope_to_add
return_path_add
group = mail
directory_mode = 770
mode = 0660

dovecot_delivery:
driver = pipe
command = /usr/libexec/dovecot/deliver
message_prefix =
message_suffix =
log_output
delivery_date_add
envelope_to_add
return_path_add
##group = dovecot
##user = dovecot

dovecot_virtual_delivery:
driver = pipe
command = /usr/libexec/dovecot/deliver -d $local_part -f $sender_address
message_prefix =
message_suffix =
log_output
delivery_date_add
envelope_to_add
return_path_add
user = vmail

ldap_delivery:
driver = appendfile
directory = /home/vmail/${lookup ldapm{user=LDAP_AD_BINDDN pass=LDAP_AD_PASS ldap:///dc=account,dc=domain,dc=ru?sAMAccountName?sub?(&(mail=${local_part}@${domain}))}{$value}}/Maildir/new
user = vmail
group = vmail
delivery_date_add
envelope_to_add
return_path_add

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_reply:
driver = autoreply

###################################################
# RETRY CONFIGURATION #
###################################################

begin retry

* * F,2h,15m; G,16h,1h,1.5; F,4d,6h

#########################################################
# AUTHENTICATION CONFIGURATION #
#########################################################

begin authenticators

dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1

dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1

# End of Exim configuration file

Модерирует : lynx, Crash_Master, dg, emx, ShriEkeR
Версия для печати • Подписаться • Добавить в закладки
На первую страницу • к этому сообщению • к последнему сообщению