darkomen Member Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору ### exim.conf ###   ######################################################################   #                    MAIN CONFIGURATION SETTINGS                     #   ######################################################################   # serial : 2006052602   MAILNAME =   MAINDOMAIN =     daemon_smtp_ports = 25 : 465   hide mysql_servers = localhost/exim/   #SMARTHOST_ROUTELIST =     CERTNAME = /etc/ssl/certs/ca/mail.crt     # Enable teergrubing on acl errors and say how long we delay (unset to disable).   TEERGRUBE = 60s     timezone = Europe/Moscow     ALLOWEDRCPTFAIL = 3   HOSTREJECTRCPT1 = SELECT message FROM blacklists WHERE address='${sender_host_address}' AND type='REJRCPT'   RFC1918 = 172.16.0.0/12 : 192.168.0.0/16   BOGUSIPS = 127.0.0.1/8 : 169.254.0.0/16 : 192.0.2.0/24 : RFC1918   NO_RANDOM_CALLBACK = SELECT domain FROM callbackdomains WHERE domain='${domain:$header_from:}' AND type='NORND'   HDR_DOMAIN_DISABLE_CALLBACK = SELECT domain FROM callbackdomains WHERE domain='${domain:$header_from:}' AND type='NOHDR'   BLOCKENVSEND1 = SELECT message FROM blacklists WHERE address='${sender_address}' AND type='SENDER'   addresslist denyenvsenders = mysql;BLOCKENVSEND1     .ifdef MAILNAME   primary_hostname = MAILNAME   qualify_domain = MAINDOMAIN   .else   MAILNAME = @   .endif     domainlist local_domains = @ : @[] : localhost : MAILNAME : \           ${lookup mysql{SELECT domain FROM domains \           WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}}     domainlist relay_to_domains = ${lookup mysql{SELECT domain FROM domains \           WHERE domain='${domain}' AND type='RELAY'}}     domainlist envdomain_disable_callback = ${lookup mysql{SELECT domain \           FROM callbackdomains WHERE domain='${sender_host_name}' \           AND type='NOENV'}}     domainlist domains_callback_norandom = mysql;NO_RANDOM_CALLBACK     domainlist nodnsdomains = ${lookup mysql{SELECT domain FROM \           callbackdomains WHERE domain='${sender_host_name}' AND type='NODNS'}}     localpartlist noenvfromcheck = ${lookup mysql{SELECT address FROM whitelist}}   localpartlist noenvfromcallback = ${lookup mysql{SELECT address FROM whitelist}}   localpartlist nosarej = ${lookup mysql{SELECT address FROM whitelist}}   localpartlist nohdrsyncheck = ${lookup mysql{SELECT address FROM whitelist}}   localpartlist nohdrfromcallback = ${lookup mysql{SELECT address FROM whitelist}}     hostlist rfc1918 = RFC1918   hostlist bogusips = BOGUSIPS     hostlist localadds = +rfc1918 : @ : @[] : localhost : \           ${lookup mysql{SELECT domain FROM domains \           WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}}     hostlist host_reject = ${lookup mysql{SELECT address FROM blacklists \           WHERE address='${sender_host_address}' AND type='HOSTREJ'}}     hostlist host_reject_rcpt = net-mysql;HOSTREJECTRCPT1     hostlist hosts_disable_callback = ${lookup mysql{SELECT hostname FROM \           hostlists WHERE hostname='${sender_host_address}' AND type='NOCALL'}}     hostlist relay_from_hosts = +localadds : ${lookup mysql{SELECT domain \           FROM domains WHERE domain='${domain}' AND type='RELAY'}}     hostlist auth_relay_hosts = *   .ifdef CERTNAME   hostlist auth_over_tls_hosts = *   .endif   hostlist expn_hosts = *.MAINDOMAIN:localhost   hostlist vrfy_hosts = *.MAINDOMAIN:localhost     hostlist hosts_avoid_tls = ${lookup mysql{SELECT hostname FROM hostlists \           WHERE hostname='${sender_host_address}' AND type='AVOIDTLS'}}     hostlist hosts_try_auth = ${lookup mysql{SELECT hostname FROM hostlists \           WHERE hostname='${sender_host_address}' AND type='TRYAUTH'}}     acl_smtp_connect = check_connect   acl_smtp_starttls = check_tls   acl_smtp_mail = check_mail   acl_smtp_rcpt = check_rcpt   acl_smtp_mime = check_mime   #acl_smtp_data = check_data   acl_smtp_auth = check_auth   acl_smtp_vrfy = check_vrfy   #acl_not_smtp = check_nonsmtp     #local_scan_path = /usr/lib/sa-exim.so   #av_scanner = clamd:/var/lib/clamav/clamd.socket     log_selector =  \           +address_rewrite \           +all_parents \           +arguments \           +connection_reject \           +delay_delivery \           +delivery_size \           +dnslist_defer \           +incoming_interface \           +incoming_port \           +lost_incoming_connection \           +queue_run \           +received_sender \           +received_recipients \           +retry_defer \           +sender_on_delivery \           +size_reject \           +skip_delivery \           +smtp_confirmation \           +smtp_connection \           +smtp_protocol_error \           +smtp_syntax_error \           +subject \           +tls_cipher \           +tls_peerdn     #system_filter = /etc/exim/system-filter   #system_filter_file_transport = address_file   #system_filter_pipe_transport = address_pipe     .ifdef CERTNAME   tls_certificate = CERTNAME   tls_privatekey = /etc/ssl/certs/ca/mail.key   tls_on_connect_ports = 465 tls_advertise_hosts = ${if exists {CERTNAME}{*}{127.0.0.1/8}}   .endif     ###############################CLAMAV####################### acl_smtp_data = acl_check_content av_scanner = clamd:/usr/local/clamav/var/tmp/clamd.sock spamd_address = 127.0.0.1 783 ############################################################   allow_domain_literals = false   never_users = root   host_lookup = *   helo_allow_chars = _   trusted_users = mail:www   trusted_groups = mail   rfc1413_hosts = !*   rfc1413_query_timeout = 0s   auth_advertise_hosts = !+relay_from_hosts : +auth_relay_hosts   helo_verify_hosts = !*   helo_try_verify_hosts = !*   helo_accept_junk_hosts = !*   smtp_accept_max_nonmail_hosts = *   ignore_bounce_errors_after = 30m   timeout_frozen_after = 3d   #gecos_pattern = ^([^,:]*)   #gecos_name = $1   freeze_tell = postmaster   auto_thaw = 1h   message_body_visible = 5000   message_size_limit = 200M   smtp_accept_max = 50   smtp_accept_max_per_connection = 50   smtp_accept_queue_per_connection = 100   smtp_connect_backlog = 50   smtp_accept_max_per_host = 25   split_spool_directory = true   syslog_timestamp = false   message_logs = false   remote_max_parallel = 15   smtp_reserve_hosts = +relay_from_hosts   smtp_load_reserve = 40   smtp_accept_max_nonmail = 7   smtp_max_unknown_commands = 1   sender_unqualified_hosts = +localadds   recipient_unqualified_hosts = +localadds   host_reject_connection = +host_reject     ######################################################################   #                       ACL CONFIGURATION                            #   #         Specifies access control lists for incoming SMTP mail      #   ######################################################################     begin acl     check_connect:     accept     .ifdef CERTNAME   check_tls:     accept   .endif     check_mail:     accept     check_rcpt:       accept  hosts          = 192.168.5.108 :   accept  authenticated  = *       accept  hosts          = 127.0.0.1/8 : 192.168.5.204       deny    local_parts    = ^.*[@%!/|] : ^\\.       warn    message        = X-WhitelistedRCPT-nohdrsyncheck: Yes             local_parts    = +nohdrsyncheck:postmaster:abuse       warn    message        = X-WhitelistedRCPT-nohdrfromcallback: Yes             local_parts    = +nohdrfromcallback:postmaster:abuse       warn    message        = X-SA-Do-Not-Rej: Yes             local_parts    = +nosarej:postmaster:abuse       warn    message        = X-SA-Do-Not-Run: Yes             hosts          = +relay_from_hosts       warn    message        = X-SA-Do-Not-Run: Yes             authenticated  = *       warn    message        = X-Broken-Reverse-DNS: no host name for IP address $sender_host_address             !verify        = reverse_host_lookup       accept  local_parts   = postmaster             domains       = +local_domains       deny    message        = "HELO/EHLO required by SMTP RFC"             condition      = ${if eq{$sender_helo_name}{}{yes}{no}}   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       deny    message        = Forged domain detected in HELO/EHLO - $sender_helo_name             condition      = ${if and{{match{$sender_helo_name} \                              {(example|yahoo|hotmail|compuserve)}} \                              {!match{$sender_host_name}{${rxquote:$1}}}}{yes}{no}}   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       deny    message        = Only one recipient accepted for NULL sender             senders        = :             condition      = ${if >{$rcpt_count}{1}{1}}   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif     .ifdef TEERGRUBE     deny    log_message    = Teergrube: dictionnary attack (ALLOWEDRCPTFAIL failed probes)             message        = unknown user             condition      = ${if >{$rcpt_fail_count}{1} {1}{0}}   .else     drop    log_message    = Dictionnary attack ($rcpt_fail_count failed probes). Dropping connection             message        = unknown user ($rcpt_fail_count failed queries)             condition      = ${if >{$rcpt_fail_count}{${eval:ALLOWEDRCPTFAIL-2}} {1}{0}}   .endif             delay          = ${eval:30*$rcpt_fail_count}s             domains        = +local_domains             !verify        = recipient       deny    condition      = ${if eq{$sender_ident}{CacheFlow Server}{1}{0}}             message        = Rejected - appears to be an unsecured proxy: $sender_ident       deny    hosts          = +host_reject_rcpt             message        = Host $sender_host_address is blocked: ${lookup mysql{HOSTREJECTRCPT1}{$value}{"unspecified reason"}}   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       deny    senders        = +denyenvsenders             message        = Sender $sender_address is blocked: ${lookup mysql{BLOCKENVSEND1}{$value}{"unspecified reason"}}       deny    local_parts    = !+noenvfromcheck             !verify        = sender   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif     #  deny    message        = $sender_host_address is not allowed to send mail from $sender_address_domain   #          spf            = softfail : neutral   #          !authenticated = *   #.ifdef TEERGRUBE   #          delay          = TEERGRUBE   #.endif       deny    hosts          = !+localadds:!+hosts_disable_callback:*             sender_domains = !+envdomain_disable_callback:!+domains_callback_norandom:*             local_parts    = !+noenvfromcallback             !verify        = sender/callout=90s,random,postmaster   #          !spf           = pass   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       deny    hosts          = !+localadds:!+hosts_disable_callback:*             sender_domains = +domains_callback_norandom             local_parts    = !+noenvfromcallback             !verify        = sender/callout=90s,postmaster   #          !spf           = pass   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif     #  warn    message        = $spf_received   #          domains        = +local_domains        deny    message        = host is listed in $dnslist_domain          log_message       = found in $dnslist_domain        !authenticated = *            dnslists       = sbl-xbl.spamhaus.org : relays.ordb.org : \                              combined.njabl.org : bl.spamcop.net .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif     #  deny    message       = Spam blocked see: \ #  http://www.spamcop.net/w3m?action=checkblock&ip=$sender_host_address #          log_message   = found in $dnslist_domain #          !authenticated = * #      dnslists      = bl.spamcop.net     accept  domains        = +local_domains             endpass             message        = unknown user             verify         = recipient       accept  domains        = +relay_to_domains             endpass             message        = unrouteable address             verify         = recipient/callout=30s/callout_defer_ok       accept  hosts          = +localadds:+relay_from_hosts             verify         = recipient       accept  hosts          = +auth_relay_hosts             endpass             message        = authentication required             authenticated  = *       deny    message        = relay not permitted   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif     check_mime:       warn    decode         = default       deny    message        = Blacklisted file extension detected             condition      = ${if match {${lc:$mime_filename}} \                              {\N(\.pif|\.bat|\.scr|\.lnk|\.com)$\N} {1}{0}}       deny    message        = Sorry, noone speaks Chinese here             condition      = ${if eq{$mime_charset}{gb2312}{1}{0}}       accept       check_data:       deny    !verify        = header_syntax             !condition     = $header_X-WhitelistedRCPT-nohdrsyncheck:   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       accept  hosts          = :       accept  hosts          = 127.0.0.1/8       deny    hosts          = !+localadds:!+hosts_disable_callback:*             !condition     = $header_X-WhitelistedRCPT-nohdrfromcallback:             !condition     = ${lookup mysql{HDR_DOMAIN_DISABLE_CALLBACK} {yes}{no}}             !condition     = ${lookup mysql{NO_RANDOM_CALLBACK} {yes}{no}}             !verify        = header_sender/callout=90s,postmaster,random   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       deny    hosts          = !+localadds:!+hosts_disable_callback:*             !condition     = $header_X-WhitelistedRCPT-nohdrfromcallback:             !condition     = ${lookup mysql{HDR_DOMAIN_DISABLE_CALLBACK} {yes}{no}}             condition      = ${lookup mysql{NO_RANDOM_CALLBACK} {yes}{no}}             !verify        = header_sender/callout=90s,postmaster   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       deny    message        = Serious MIME defect detected ($demime_reason)             demime         = *             condition      = ${if >{$demime_errorlevel}{2}{1}{0}}     #  deny    message        = This message contains VIRUS ($malware_name)   #          malware        = *       accept       check_auth:     .ifdef CERTNAME     accept  hosts          = +auth_over_tls_hosts             endpass             message        = STARTTLS required before AUTH             encrypted      = *   .endif       accept       check_expn:       accept  hosts          = +expn_hosts     deny    message        = expn not allowed from this host, sorry   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       check_vrfy:       accept  hosts          = +vrfy_hosts     deny    message        = vrfy not allowed from this host, sorry   .ifdef TEERGRUBE             delay          = TEERGRUBE   .endif       check_nonsmtp:     acl_check_content:     accept  authenticated  = *       deny  message = Virus found ($malware_name)         malware = *     !authenticated = *     warn  message = X-Spam-Score: $spam_score ($spam_bar)         hosts   = !+relay_from_hosts         spam    = nobody:true     warn  message = X-Spam-Report: $spam_report\nX-Spam-Score-Int:$spam_score_int         condition = ${if <{$message_size}{200k}{1}{0}}     hosts   = +relay_from_hosts         spam    = spamd:true     warn  message = Subject: ***SPAM*** $h_Subject:         hosts   = !+relay_from_hosts         spam    = nobody     deny  message = This message scored $spam_score spam points.         !hosts   = +relay_from_hosts         condition = ${if >{$spam_score_int}{120}{1}{0}}   accept     ######################################################################   #                      ROUTERS CONFIGURATION                         #   #               Specifies how addresses are handled                  #   ######################################################################   #     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #   # An address is passed to each router in turn until it is accepted.  #   ######################################################################     begin routers     always_verify:     driver = manualroute     domains = +nodnsdomains     verify_sender     verify_only     route_list = *     .ifdef SMARTHOST_ROUTELIST   smarthost:     driver = manualroute     domains = ! +local_domains     route_list = SMARTHOST_ROUTELIST     ignore_target_hosts = +bogusips     no_verify     host_find_failed = defer     same_domain_copy_routing = yes     transport = remote_smtp   .endif     dnslookup:     driver = dnslookup     domains = ! +local_domains     ignore_target_hosts = +bogusips     same_domain_copy_routing = yes     transport = remote_smtp     no_more     system_aliases:     driver = redirect     allow_defer     allow_fail     data = ${lookup mysql{SELECT recipients FROM aliases \           WHERE local_part='${local_part}' AND domain='${domain}'}}       domain_forward:    driver=redirect    allow_fail    allow_defer    data = ${local_part}@${lookup mysql{SELECT dest FROM rdomain \                      WHERE domain = '${domain}'}}    condition = ${if eq {${domain}} {ctrv.ru} {yes} {no}}     userforward:     driver = redirect     allow_fail     allow_defer     data = ${lookup mysql{\    SELECT recipients FROM userforward \                   WHERE local_part='${local_part}' AND domain='${domain}' \      UNION SELECT recipients FROM userforward WHERE local_part = '${local_part}' AND domain = '*'\      UNION SELECT recipients FROM userforward WHERE local_part = '*' AND domain = '${domain}'\      UNION SELECT recipients FROM userforward WHERE local_part = '*' AND domain = '*' LIMIT 0 , 1 }}     spamd_router:       no_verify       driver                      = accept       check_local_user       condition                   = ${if and{{def:spam_score_int}{>{$spam_score_int}{55}}}{yes}{no}}       transport                   = spamd_delivery       cannot_route_message        = Unknown user     mysqluser:     driver = accept     condition = ${if eq{} {${lookup mysql{SELECT home FROM users \           WHERE id='${local_part}' AND mbox_host='${domain}' \           AND active='Y'}}}{no}{yes}}     local_part_suffix = +*     local_part_suffix_optional     transport = mysql_delivery     ######################################################################   #                      TRANSPORTS CONFIGURATION                      #   ######################################################################   #                       ORDER DOES NOT MATTER                        #   #     Only one appropriate transport is called for each delivery.    #   ######################################################################     begin transports     mysql_delivery:     driver = appendfile     maildir_format     create_directory     maildir_tag = ,S=$message_size     directory = ${lookup mysql{SELECT CONCAT(home, "/Maildir") FROM users \           WHERE id='${local_part}' AND mbox_host='${domain}'}}     return_path_add     delivery_date_add     envelope_to_add     group = mail     mode = 0660     no_mode_fail_narrower     headers_remove = "Lines"     headers_add = "Lines: $body_linecount\n"     check_string = ""     directory_mode = 700     message_prefix = ""     message_suffix = ""     quota = ${lookup mysql{SELECT quota FROM users \           WHERE id='${local_part}' AND mbox_host='${domain}'}{${value}M}}     quota_size_regex = S=(\d+)$     quota_warn_threshold = 75%     address_pipe:     driver = pipe     log_defer_output     log_fail_output     path = "/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin"     return_output     user = mail     group = mail     headers_remove = "Lines"     headers_add = "Lines: $body_linecount\n"     address_file:     driver = appendfile     delivery_date_add     envelope_to_add     return_path_add     user = mail     group = mail     address_reply:     driver = autoreply     spamd_delivery:     driver = appendfile     check_string = ""     create_directory     delivery_date_add     directory = /mail/vmail/domains/dtb.ru/spam/Maildir     directory_mode = 770     envelope_to_add     group = mail     maildir_format     maildir_tag = ,S=$message_size     message_prefix = ""     message_suffix = ""     mode = 0600     return_path_add     remote_smtp:     driver = smtp     dns_qualify_single = false     hosts_nopass_tls = *     hosts_avoid_tls = +hosts_avoid_tls     hosts_try_auth = +hosts_try_auth   #  headers_remove = "X-SA-Do-Not-Run:X-SA-Exim-Scanned:X-SA-Exim-Mail-From:X-SA-Exim-Rcpt-To:X-SA-Exim-Connect-IP"     ######################################################################   #                      RETRY CONFIGURATION                           #   ######################################################################     begin retry     # Domain               Error       Retries   # ------               -----       -------     *                      quota   *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h     ######################################################################   #                      REWRITE CONFIGURATION                         #   ######################################################################     begin rewrite     ######################################################################   #                   AUTHENTICATION CONFIGURATION                     #   ######################################################################     begin authenticators   #auth_plain: #  driver = plaintext # public_name = PLAIN #  server_condition = ${lookup mysql{SELECT id FROM users \ #                        WHERE id = '${quote_mysql:${local_part:$2}}' \ #                        AND mbox_host = '${quote_mysql:${domain:$2}}' \ #                        AND passwd = '${quote_mysql:$3}' \ #                        AND active = 'Y'}{yes}{no}} #  server_prompts = : #server_set_id = $2 # #auth_login: #  driver = plaintext #  public_name = LOGIN #  server_condition = ${lookup mysql{SELECT id FROM users \ #                        WHERE id = '${quote_mysql:${local_part:$1}}' \ #                        AND mbox_host = '${quote_mysql:${domain:$1}}' \ #                        AND passwd = '${quote_mysql:$2}' \ #                        AND active = 'Y'}{yes}{no}} #  server_prompts = Username:: : Password:: #server_set_id = $1   auth_plain:     driver = plaintext     public_name = PLAIN     server_condition = ${if crypteq{$3} \                        {${lookup mysql{SELECT crypt FROM users \                        WHERE id = '${quote_mysql:${local_part:$2}}' \                        AND mbox_host = '${quote_mysql:${domain:$2}}' \   #                    AND passwd = '${quote_mysql:$3}' \                        AND active = 'Y'}{$value}{*}}}{yes}{no}}     server_prompts = :   server_set_id = $2                                                                                                                 # AUTH LOGIN authentication method used by MS Outlook.   auth_login:     driver = plaintext     public_name = LOGIN     server_condition = ${if crypteq{$2} {${lookup mysql{SELECT crypt FROM users \           WHERE id = '${quote_mysql:${local_part:$1}}' \           AND mbox_host = '${quote_mysql:${domain:$1}}' \   #       AND passwd = '${quote_mysql:$2}' \           AND active = 'Y'}{$value}{*}}}{yes}{no}}     server_prompts = Username:: : Password::     server_set_id = $1     auth_cram_md5:   driver = cram_md5   public_name = CRAM-MD5   server_secret = ${lookup mysql{SELECT passwd FROM users \                         WHERE id = '${quote_mysql:${local_part:$1}}' \                         AND mbox_host = '${quote_mysql:${domain:$1}}' \                         AND active = 'Y'}{$value}fail} server_set_id = $1   # End of Exim configuration file   Всего записей: 272 | Зарегистр. 26-08-2003 | Отправлено: 10:42 20-06-2006 | Исправлено: darkomen, 10:43 20-06-2006

На первую страницу • к этому сообщению • к последнему сообщению

Компьютерный форум Ru.Board » Компьютеры » В помощь системному администратору » FAQ по Exim MTA

ShriEkeR (16-05-2011 18:50): FAQ по Exim MTA #2

Переход по форумам  Закладки   » Компьютеры Цифровое изображение Программы Microsoft Windows UNIX Другие OS Hardware В помощь сисадмину Прикладное программирование Игры Форумные игры   » Интернет Web-программирование В помощь вебмастеру Графика Хостинг Зацените-ка!   » Тематические Ikonboard v.2 Ikonboard v.3 Invision Board Другие форумы PHP-Nuke и другие порталы Мобила   » Общие Спорт Флейм Темы по региональным встречам Музыка и Кино Юмор Литература и Живопись   » Ru.Board Новости Помощь по форуму   » Андеграунд eBookz Варезник Раздачи и акции Мобильный варезник Андеграунд Игры и фильмы   » Специальные Тестирование