alesniak 0 Zgłoś post Napisano Styczeń 20, 2017 Witam, Nie jestem adminem, dostałem serwer skonfigurowany przez dostawcę hostingu, ale chyba nie do końca tak jak sie należy. Od kilku dni coś wysyła spam z mojego serwera. Blokuję adresy, z których jest połączenie na firewall'u ale na następny dzień idzie znowu z innych adresów. Oto fragment logów z mainlog'a: 2017-01-20 02:41:39 SMTP connection from [198.20.83.172]:54327 I=[ip_mojego_serwera]:25 (TCP/IP connection count = 2) 2017-01-20 02:41:40 198.20.83.172 whitelisted in local domains whitelist 2017-01-20 02:41:42 1cUOCz-0007DA-Nr <= pnjfc@gmail.com H=(server01windows) [198.20.83.172]:54327 I=[ip_mojego_serwera]:25 P=esmtp S=1184 T="Re: Aumente seu P�nis em at�\n 10cm Naturalmente! M�todo Comprovado." from <pnjfc@gmail.com> for karech@uol.com.br karech@uol.com.br criss_sjc@hotmail.com silviapaula7@yahoo.com.br i.abreu@grupofiat.com.br rsfaca@hotmail.com mines_minas@yahoo.com.br edgaroliveira1979@yahoo.com.br helenammpataro@gmail.com nolletas@hotmail.com filipemodelo@hotmail.com 2017-01-20 02:41:42 SMTP connection from (server01windows) [198.20.83.172]:54327 I=[ip_mojego_serwera]:25 closed by QUIT 2017-01-20 02:41:46 SMTP connection from [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 (TCP/IP connection count = 2) 2017-01-20 02:41:46 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <sheilafreire.miranda@hotmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:46 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <sheilafreire.miranda@hotmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:46 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <xer@netwizard.com.br>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:47 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <mercinho_gatinho100@hotmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:48 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <hondex@gmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:49 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <msposito@zipmail.com.br>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:51 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <djdf_ailton@hotmail.com>: REJECTED - Too many failed recipients - count = 6: response to "RCPT TO:<djdf_ailton@hotmail.com>" from mx2.hotmail.com [65.54.188.126] was: 550 Requested action not taken: mailbox unavailable 2017-01-20 02:41:51 SMTP connection from (server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 closed by DROP in ACL Z tego co sprawdziłem to można bez problemu słać maile przez mój serwer przez port 25 bez autoryzacji i chyba taką metodą jestem nękany. Pytanie w jaki sensowny sposób mogę to załatać. Port 25 nie jest mi potrzebny dla użytkowników bo wszyscy są skonfigurowani na 587. Konfiguracja systemu: CentOS 7.0 + Exim 4.87 + csf: v9.29 + DirectAdmin Będę wdzięczny za sugestie. pozdr. AL Udostępnij ten post Link to postu Udostępnij na innych stronach
Vasthi 74 Zgłoś post Napisano Styczeń 20, 2017 Sprawdź co wysyła netstat -tulpn Udostępnij ten post Link to postu Udostępnij na innych stronach
mcbarlo 61 Zgłoś post Napisano Styczeń 20, 2017 2017-01-20 02:41:40 198.20.83.172 whitelisted in local domains whitelist Brak konieczności autoryzacji może powodować to, że adres zdalnego serwera jest na white liście. Poszukaj w jakich okolicznościach tam trafił. Udostępnij ten post Link to postu Udostępnij na innych stronach
alesniak 0 Zgłoś post Napisano Styczeń 20, 2017 Brak konieczności autoryzacji może powodować to, że adres zdalnego serwera jest na white liście. Poszukaj w jakich okolicznościach tam trafił. A gdzie szukać pliku z tą whitelistą? Udostępnij ten post Link to postu Udostępnij na innych stronach
Gość cien Zgłoś post Napisano Styczeń 20, 2017 Wklej plik konfiguracyjny exim'a, możesz też sprawdzić czy ip nie jest w /etc/virtual/pophosts Udostępnij ten post Link to postu Udostępnij na innych stronach
alesniak 0 Zgłoś post Napisano Styczeń 21, 2017 W pophosts nie ma tych ip. A oto plik konfiguracyjny exim'a # SpamBlockerTechnology* powered exim.conf, Version 4.4.3 # Dec 5, 2015 # Exim configuration file for DirectAdmin # Requires exim.pl as distributed by DirectAdmin here: # http://files.directadmin.com/services/exim.pl version 21 or higher # ClamAV optional # SpamAssassin optional # Dovecot/IMAP Mandatory # *SpamBlockerTechnology is a Trademark of NoBaloney Internet Services: # http://www.nobaloney.net # # WARNING! Do NOT use this exim.conf Exim configuration file unless you # make the required modifications to your Exim configuration # following the instructions in the README file included in this # distribution: # README-SpamBlockerVersion4exim.conf.txt # # The original exim.conf file distributed with Exim 4, includes the # following copyright notice: # # Copyright (C) 2002 University of Cambridge, Cambridge, UK # # Portions of the file are taken from the exim.conf file as # distributed with DirectAdmin (http://www.directadmin.com/) # # Copyright (C) 2003-2011 JBMC Software, St Albert, AB, Canada # # Portions of this file are written by NoBaloney Internet Services # and are copyright as follows: # # Copyright (C) 2004-2011 NoBaloney Internet Services, Riverside, Calif., USA # # The entire Exim 4 distribution, including the exim.conf file, is # distributed under the GNU GENERAL PUBLIC LICENSE, Version 2, # June 1991. If you do not have a copy of the GNU GENERAL PUBLIC LICENSE # you may download it, in it's entirety, from the website at: # # http://www.nobaloney.net/exim/gnu-gpl-v2.txt # # Thanks to all the members of the DirectAdmin community and of the exim # community who have given their # much needed and appreciated help. # # The most recent version of this file may always downloaded from the website # at: http://www.nobaloney.net/downloads/spamblocker # # MODIFICATION INSTRUCTIONS # # YOU MUST MAKE THE CHANGES TO THIS # SpamBlockerTechnology* powered exim.conf, Version 4.0 # file as documented in the README file. # # The README file for this version is named: # README-SpamBlockerVersion4exim.conf.txt # CONFIGURATION STARTS HERE #EDIT#1: # primary_hostname = smtp_active_hostname = ${if exists{/etc/virtual/helo_data}{${lookup{$interface_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}} #EDIT#2-CLAMAV: # av_scanner = clamd:/var/run/clamav/clamd .include_if_exists /etc/exim.clamav.load.conf #Block Cracking variables .include_if_exists /etc/exim.blockcracking/variables.conf #Easy Spam Figher variables .include_if_exists /etc/exim.easy_spam_fighter/variables.conf #SRS .include_if_exists /etc/exim.srs.conf #EDIT#3: # qualify_domain = #EDIT#4: perl_startup = do '/etc/exim.pl' #EDIT#5: system_filter = /etc/system_filter.exim #EDIT#6: untrusted_set_sender = * #EDIT#7: daemon_smtp_ports = 25 : 587 : 465 tls_on_connect_ports = 465 #EDIT#8: local_from_check = false RBL_DNS_LIST=\ cbl.abuseat.org : \ bl.spamcop.net : \ combined.rbl.msrbl.net : \ b.barracudacentral.org : \ zen.spamhaus.org : \ hostkarma.junkemailfilter.com=127.0.0.2 .include /etc/exim.variables.conf .include /etc/exim.strings.conf .include_if_exists /etc/exim.strings.conf.custom #EDIT#10: helo_allow_chars = _ #EDIT#11: #log_selector = \ # +delivery_size \ # +sender_on_delivery \ # +received_recipients \ # +received_sender \ # +smtp_confirmation \ # +subject \ # +smtp_incomplete_transaction \ # -dnslist_defer \ # -host_lookup_failed \ # -queue_run \ # -rejected_header \ # -retry_defer \ # -skip_delivery \ # +arguments log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn #EDIT#12: syslog_duplication = false #EDIT#13: acl_not_smtp = acl_script acl_smtp_auth = acl_check_auth acl_smtp_connect = acl_connect acl_smtp_helo = acl_check_helo acl_smtp_mail = ${if ={$interface_port}{587} {accept}{acl_check_mail}} acl_smtp_rcpt = acl_check_recipient acl_smtp_dkim = ${if ={$interface_port}{587} {accept}{acl_check_dkim}} acl_smtp_data = acl_check_message acl_smtp_mime = acl_check_mime #EDIT#14: addresslist whitelist_senders = nwildlsearch;/etc/virtual/whitelist_senders addresslist blacklist_senders = nwildlsearch;/etc/virtual/blacklist_senders domainlist blacklist_domains = nwildlsearch;/etc/virtual/blacklist_domains domainlist whitelist_domains = nwildlsearch;/etc/virtual/whitelist_domains domainlist local_domains = lsearch;/etc/virtual/domains domainlist relay_domains = lsearch;/etc/virtual/domains domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains domainlist skip_rbl_domains = nwildlsearch;/etc/virtual/skip_rbl_domains hostlist skip_rbl_hosts = ${if exists{/etc/virtual/skip_rbl_hosts}{wildlsearch;/etc/virtual/skip_rbl_hosts}} hostlist skip_rbl_hosts_ip = ${if exists{/etc/virtual/skip_rbl_hosts_ip}{/etc/virtual/skip_rbl_hosts_ip}} hostlist auth_relay_hosts = * hostlist bad_sender_hosts = nwildlsearch;/etc/virtual/bad_sender_hosts hostlist bad_sender_hosts_ip = /etc/virtual/bad_sender_hosts_ip hostlist whitelist_hosts = nwildlsearch;/etc/virtual/whitelist_hosts hostlist whitelist_hosts_ip = /etc/virtual/whitelist_hosts_ip BLACKLIST_USERNAMES = /etc/virtual/blacklist_usernames #EDIT#15: #domainlist skip_av_domains = nwildlsearch;/etc/virtual/skip_av_domains #EDIT#16: hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts #EDIT#17: never_users = root #EDIT#18: host_lookup = * #EDIT#19: rfc1413_hosts = * rfc1413_query_timeout = 0s #EDIT#20: #exim.variables.conf #EDIT#21: #exim.variables.conf #EDIT#22: #exim.variables.conf #EDIT#23: tls_certificate = /etc/exim.cert tls_privatekey = /etc/exim.key openssl_options = +no_sslv2 +no_sslv3 tls_require_ciphers = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP tls_advertise_hosts = * #auth_over_tls_hosts = * .include_if_exists /etc/exim.variables.conf.post ################################################################################## # Access Control Lists ################################################################################## begin acl ###################################### # ACL CONNECT ###################################### #EDIT#24: acl_connect: warn set acl_m_spam_assassin_has_run = 0 warn set acl_m_is_whitelisted = 0 .include_if_exists /etc/exim.easy_spam_fighter/connect.conf accept hosts = * ###################################### # ACL CHECK MAIL ###################################### acl_check_mail: accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} #EDIT#31: accept sender_domains = +whitelist_domains logwrite = $sender_host_address whitelisted in local domains whitelist set acl_m_is_whitelisted = 1 accept hosts = +whitelist_hosts logwrite = $sender_host_address whitelisted in local hosts whitelist set acl_m_is_whitelisted = 1 accept hosts = +whitelist_hosts_ip logwrite = $sender_host_address whitelisted in local hosts IP whitelist set acl_m_is_whitelisted = 1 # accept if envelope sender is in whitelist accept senders = +whitelist_senders logwrite = $sender_host_address whitelisted in local sender whitelist set acl_m_is_whitelisted = 1 .include_if_exists /etc/exim.easy_spam_fighter/check_mail.conf accept ###################################### # ACL CHECK AUTH ###################################### #EDIT#24.5# acl_check_auth: drop set acl_m_authcount = ${eval10:0$acl_m_authcount+1} condition = ${if >{$acl_m_authcount}{2}} delay = 10s message = ONLY_ONE_AUTH_PER_CONN accept ###################################### # ACL CHECK HELO ###################################### #EDIT#25: acl_check_helo: # accept mail originating on this server unconditionally accept hosts = @[] : @ # deny if the HELO pretends to be this host deny message = HELO_HOST_IMPERSANATION condition = ${if or { \ {eq{$sender_helo_name}{$smtp_active_hostname}} \ {eq{$sender_helo_name}{[$interface_address]}} \ } {true}{false} } # deny if the HELO is an IP address deny message = HELO_IS_IP condition = ${if eq{$interface_port}{25}} condition = ${if isip{$sender_helo_name}} # deny if hostname if ylmf-pc, which accounts for a HUGE percentage of BF attacks deny message = HELO_BLOCKED_FOR_ABUSE condition = ${if eq{$sender_helo_name}{ylmf-pc}} # deny if the HELO pretends to be one of the domains hosted on the server deny message = HELO_IS_LOCAL_DOMAIN condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}} hosts = ! +relay_hosts accept ###################################### # ACL SCRIPT ###################################### acl_script: discard set acl_m_uid = ${perl{find_uid}} set acl_m_username = ${perl{get_username}{$acl_m_uid}} condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}} condition = ${if >{${perl{hit_limit_user}{$acl_m_username}}}{1}} message = USER_TOO_MANY discard condition = ${if !eq{$originator_uid}{$exim_uid}} condition = ${if exists{BLACKLIST_USERNAMES}} condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}} message = USER_ON_BLACKLIST_SCRIPT .include_if_exists /etc/exim.blockcracking/script.conf accept .include_if_exists /etc/exim.blockcracking/script.recipients.conf ###################################### # ACL CHECK RECIPIENT ###################################### #EDIT#26: acl_check_recipient: # block certain well-known exploits, Deny for local domains if # local parts begin with a dot or contain @ % ! / | deny domains = +local_domains local_parts = ^[.] : ^.*[@%!/|] # If you've hit the limit, you can't send anymore. Requires exim.pl 17+ drop message = AUTH_TOO_MANY condition = ${perl{auth_hit_limit_acl}} authenticated = * drop message = MULTIPLE_BOUNCE_RECIPIENTS senders = : postmaster@* condition = ${if >{$recipients_count}{0}{true}{false}} drop message = TOO_MANY_FAILED_RECIPIENTS log_message = REJECTED - Too many failed recipients - count = $rcpt_fail_count condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}} !verify = recipient/callout=2m,defer_ok,use_sender drop message = DOMAIN_SUSPENDED domains = +local_domains condition = ${if exists{/etc/virtual/${domain}_off}{yes}{no}} drop authenticated = * condition = ${if exists{BLACKLIST_USERNAMES}} set acl_m_uid = ${perl{find_uid_auth_id}{$authenticated_id}} set acl_m_username = ${perl{get_username}{$acl_m_uid}} condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}} condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}} message = USER_ON_BLACKLIST_SMTP logwrite = User account $acl_m_username is blocked via BLACKLIST_USERNAMES accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} #Block Cracking - https://github.com/Exim/exim/wiki/BlockCracking .include_if_exists /etc/exim.blockcracking/auth.conf # restrict port 587 to authenticated users only # see also daemon_smtp_ports above accept hosts = +auth_relay_hosts condition = ${if eq {$interface_port}{587} {yes}{no}} endpass message = RELAY_NOT_PERMITTED_AUTH authenticated = * # Deny all Mailer-Daemon messages not for us: deny message = We didn't send the message senders = : domains = !+relay_domains # Deny if the recipient doesn't exist: deny message = NO_SUCH_RECIPIENT domains = +local_domains !verify = recipient # Remaining Mailer-Daemon messages must be for us accept senders = : domains = +relay_domains #EDIT#27: # 1st deny checks if it's a hostname or IPV4 address with dots or IPV6 address deny message = R1: HELO_SHOULD_BE_FQDN !authenticated = * condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}} ## 2nd deny makes sure the hostname doesn't end with a dot (invalid) # deny message = R2: HELO_SHOULD_BE_FQDN # !authenticated = * # condition = ${if match{$sender_helo_name}{\N\.$\N}} # 3rd deny makes sure the hostname has no double-dots (invalid) deny message = R3: HELO_SHOULD_BE_FQDN !authenticated = * condition = ${if match{$sender_helo_name}{\N\.\.\N}} ## 4th deny make sure the hostname doesn't end in .home (invalid domain) # deny message = R4: HELO_SHOULD_BE_FQDN # !authenticated = * # condition = ${if match{$sender_helo_name}{\N\.home$\N}} #EDIT#28: # warn domains = +skip_av_domains # set acl_m0 = $tod_epoch #EDIT#29: deny domains = !+local_domains local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ #EDIT#30: accept hosts = : logwrite = Whitelisted as having local origination #EDIT#32: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_SENDER domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip senders = +blacklist_senders #EDIT#33: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_HOST # only for domains that do want to be tested against RBLs domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip hosts = +bad_sender_hosts #EDIT#34: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_IP hosts = +bad_sender_hosts_ip #EDIT#35: accept domains = +local_domains sender_domains = !+blacklist_domains hosts = !+bad_sender_hosts hosts = !+bad_sender_hosts_ip dnslists = list.dnswl.org logwrite = $sender_host_address whitelisted in list.dnswl.org #EDIT#36: # accept domains = +local_domains # dnslists = hostkarma.junkemailfilter.com=127.0.0.1 # logwrite = $sender_host_address whitelisted in hostkarma.junkemailfilter.com #EDIT#37: # accept local_parts = whitelist # domains = example.com #EDIT#38: require verify = sender #EDIT#39: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_DOMAIN domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip sender_domains = +blacklist_domains #EDIT#40: # deny message = 554 denied. 5.7.1 Forged Paypal Mail, not sent from PayPal. # senders = *@paypal.com # condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}} #EDIT#41: warn hosts = +skip_rbl_hosts logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts warn hosts = +skip_rbl_hosts_ip logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts_ip warn domains = +skip_rbl_domains logwrite = $sender_host_address RBL whitelisted $domain in skip_rbl_domains deny message = RBL_BLOCKED_BY_LIST hosts = !+relay_hosts domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip !authenticated = * dnslists = RBL_DNS_LIST .include_if_exists /etc/exim.easy_spam_fighter/check_rcpt.conf #COMMENT#43: # ACCEPT EMAIL BEGINNING HERE # accept if address is in a local domain as long as recipient can be verified accept domains = +local_domains endpass message = UNKNOWN_USER verify = recipient #COMMENT#44 # accept if address is in a domain for which we relay as long as recipient # can be verified accept domains = +relay_domains endpass verify = recipient #EDIT#45: accept hosts = +relay_hosts add_header = X-Relay-Host: $sender_host_address accept hosts = +auth_relay_hosts endpass message = AUTH_REQUIRED authenticated = * # FINAL DENY EMAIL BEFORE DATA BEGINS HERE # default at end of acl causes a "deny", but line below will give # an explicit error message: deny message = RELAY_NOT_PERMITTED ###################################### # ACL CHECK DKIM ###################################### acl_check_dkim: accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} .include_if_exists /etc/exim.easy_spam_fighter/check_dkim.conf accept ###################################### # ACL CHECK MESSAGE ###################################### # ACL that is used after the DATA command (ClamAV) acl_check_message: deny message = This message contains malformed MIME ($demime_reason) demime = * condition = ${if >{$demime_errorlevel}{2}{1}{0}} deny message = This message contains a virus or other harmful content ($malware_name) demime = * malware = */defer_ok deny message = This message contains an attachment of a type which we do not accept (.$found_extension) demime = bat:com:pif:prf:scr:vbs warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} .include_if_exists /etc/exim.easy_spam_fighter/check_message.conf #EDIT#46: .include_if_exists /etc/exim.clamav.conf ## accept without checking if in skip_av_domains # accept condition =${if and {{def:acl_m0}{def:acl_m0}} {true}{false}} ## deny if email contains malformed MIME header # deny message = CLAM_MALFORMED_MIME # demime = * # condition = ${if >{$demime_errorlevel}{2}{1}{0}} ## deny if email containing virus or other harmful content # deny message = CLAM_HAS_VIRUS # demime = * # malware = * ## deny if email contains an attachment of type we don't accept. # deny message = CLAM_BAD_ATTACHMENT # demime = bat:com:pif:prf:scr:vbs:html ## Accept but put warning into headers if message over 1000k # warn message = CLAM_SKIPPED # condition = ${if >={$message_size}{1000k} {1}{0}} # warn message = CLAM_CLEAN ## The end of the acl_check_message acl (ClamAV) ## Do NOT comment out the line below or all messages will be denied. accept ###################################### # ACL that is used for each MIME attachment in the email. acl_check_mime: .include_if_exists /etc/exim.check_mime.conf.custom .include_if_exists /etc/exim.easy_spam_fighter/check_mime.conf accept ################################################################################## # AUTHENTICATION CONFIGURATION ################################################################################## begin authenticators plain: driver = plaintext public_name = PLAIN server_prompts = : server_condition = "${perl{smtpauth}{0}}" server_set_id = $2 login: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" server_condition = "${perl{smtpauth}{0}}" server_set_id = $1 #EDIT#47: # REWRITE CONFIGURATION # There is no rewriting specification in this exim.conf file. If your # configuration requires one, it would go here ################################################################################## # ROUTERS CONFIGURATION ################################################################################## begin routers #EDIT#48: lookuphost: driver = dnslookup domains = ! +local_domains ignore_target_hosts = 127.0.0.0/8 condition = "${perl{check_limits}}" transport = remote_smtp no_more # RELATED: http://help.directadmin.com/item.php?id=153 # smart_route: # driver = manualroute # domains = ! +local_domains # ignore_target_hosts = 127.0.0.0/8 # condition = "${perl{check_limits}}" # route_list = !+local_domains HOSTNAME-or-IP# # transport = remote_smtp #COMMENT#49: #DIRECTORS CONFIGURATION .include_if_exists /etc/exim.spamassassin.conf #EDIT#50: # Spam Assassin #spamcheck_director removed. Use the exim.spamassassin.conf majordomo_aliases: driver = redirect allow_defer allow_fail data = ${if exists{/etc/virtual/${domain}/majordomo/list.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/list.aliases}}}} domains = lsearch;/etc/virtual/domainowners file_transport = address_file group = daemon pipe_transport = majordomo_pipe retry_use_local_part no_rewrite user = majordomo majordomo_private: driver = redirect allow_defer allow_fail #condition = "${if eq {$received_protocol} {local} {true} {false} }" condition = "${if or { {eq {$received_protocol} {local}} \ {eq {$received_protocol} {spam-scanned}} } {true} {false} }" data = ${if exists{/etc/virtual/${domain}/majordomo/private.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/private.aliases}}}} domains = lsearch;/etc/virtual/domainowners file_transport = address_file group = daemon pipe_transport = majordomo_pipe retry_use_local_part user = majordomo domain_filter: driver = redirect allow_filter no_check_local_user condition = "${if exists{/etc/virtual/${domain}/filter}{yes}{no}}" user = "${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}" group = "mail" file = /etc/virtual/${domain}/filter directory_transport = address_file pipe_transport = virtual_address_pipe retry_use_local_part no_verify uservacation: # uservacation reply to all except errors, bounces, lists driver = accept condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/vacation.conf}{yes}{no}} condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}} require_files = /etc/virtual/${domain}/reply/${local_part}.msg # do not reply to errors and bounces or lists senders = " ! ^.*-request@.*:\ ! ^owner-.*@.*:\ ! ^postmaster@.*:\ ! ^listmaster@.*:\ ! ^mailer-daemon@.*\ ! ^root@.*" transport = uservacation unseen userautoreply: driver = accept condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/autoresponder.conf}{yes}{no}} condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}} require_files = /etc/virtual/${domain}/reply/${local_part}.msg # do not reply to errors and bounces or lists senders = " ! ^.*-request@.*:\ ! ^owner-.*@.*:\ ! ^postmaster@.*:\ ! ^listmaster@.*:\ ! ^mailer-daemon@.*\ ! ^root@.*" transport = userautoreply unseen virtual_aliases_nostar: driver = redirect srs = forward allow_defer allow_fail data = ${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}} file_transport = address_file group = mail pipe_transport = virtual_address_pipe retry_use_local_part unseen #include_domain = true virtual_user: driver = accept condition = ${perl{save_virtual_user}} domains = lsearch;/etc/virtual/domainowners group = mail retry_use_local_part transport = dovecot_lmtp_udp # accept only if local_part is not in the aliases file # (this implements catch-all) virtual_aliases: driver = redirect srs = forward allow_defer allow_fail condition = ${if eq {}{${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}}{yes}{no}} data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch*{/etc/virtual/$domain/aliases}}}} file_transport = address_file group = mail pipe_transport = virtual_address_pipe retry_use_local_part #include_domain = true #COMMENT#51: drop_solo_alias: driver = redirect allow_defer allow_fail data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch{/etc/virtual/$domain/aliases}}}} file_transport = devnull group = mail pipe_transport = devnull retry_use_local_part #include_domain = true srs_router: driver = redirect srs = reverseandforward data = ${srs_recipient} #COMMENT#52: userforward: driver = redirect allow_filter check_ancestor check_local_user no_expn file = $home/.forward file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply no_verify system_aliases: driver = redirect allow_defer allow_fail data = ${lookup{$local_part}lsearch{/etc/aliases}} file_transport = address_file pipe_transport = address_pipe retry_use_local_part # user = exim localuser: driver = accept check_local_user condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}" transport = local_delivery #COMMENT#53: ################################################################################## # TRANSPORTS CONFIGURATION ################################################################################## begin transports #COMMENT#54: spamcheck: driver = pipe batch_max = 100 command = /usr/sbin/exim -oMr spam-scanned -bS current_directory = "/tmp" group = mail home_directory = "/tmp" log_output message_prefix = message_suffix = return_fail_output no_return_path_add transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}} use_bsmtp user = mail #COMMENT#55: majordomo_pipe: driver = pipe group = daemon return_fail_output user = majordomo #COMMENT#56: local_delivery: driver = appendfile delivery_date_add envelope_to_add directory = /home/$local_part/Maildir/ directory_mode = 770 create_directory = true maildir_format group = mail mode = 0660 return_path_add user = ${local_part} #COMMENT#57: virtual_localdelivery: driver = appendfile create_directory delivery_date_add directory_mode = 770 envelope_to_add directory = /home/${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}/imap/${domain}/${local_part}/Maildir maildir_format group = mail mode = 660 return_path_add user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}" quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}} #EDIT#58: uservacation: driver = autoreply file = /etc/virtual/${domain}/reply/${local_part}.msg from = "${local_part}@${domain}" log = /etc/virtual/${domain}/reply/${local_part}.log no_return_message headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}} subject = ${if def:h_Subject: {\ ${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\ {${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\ {Autoreply}\ }: ${quote:${escape:${length_60:$h_Subject:}}}}\ {I am on vacation}} to = "${sender_address}" user = mail once = /etc/virtual/${domain}/reply/${local_part}.once once_file_size = 100K once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}} #COMMENT#59: userautoreply: driver = autoreply bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}} file = /etc/virtual/${domain}/reply/${local_part}.msg from = "${local_part}@${domain}" log = /etc/virtual/${domain}/reply/${local_part}.log no_return_message headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}} subject = ${if def:h_Subject: {\ ${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\ {${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\ {Autoreply}\ }: ${quote:${escape:${length_60:$h_Subject:}}}}\ {Autoreply Message}} to = "${sender_address}" user = mail once = /etc/virtual/${domain}/reply/${local_part}.once once_file_size = 100K once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}} #COMMENT#60: devnull: driver = appendfile file = /dev/null #COMMENT#61: remote_smtp: driver = smtp headers_add = "${if def:authenticated_id{X-Authenticated-Id: ${authenticated_id}}}" interface = <; ${if exists{/etc/virtual/domainips}{${lookup{$sender_address_domain}lsearch*{/etc/virtual/domainips}}}} helo_data = ${if exists{/etc/virtual/helo_data}{${lookup{$sending_ip_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}} .include_if_exists /etc/exim.dkim.conf #EDIT#62: address_pipe: driver = pipe return_output virtual_address_pipe: driver = pipe group = nobody return_output user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}" .include_if_exists /etc/exim.cagefs.pipe.conf #COMMENT#63: address_file: driver = appendfile delivery_date_add envelope_to_add return_path_add #COMMENT#64: address_reply: driver = autoreply dovecot_lmtp_udp: driver = lmtp socket = /var/run/dovecot/lmtp #maximum number of deliveries per batch, default 1 batch_max = 200 delivery_date_add envelope_to_add return_path_add user = mail ################################################################################## # RETRY CONFIGURATION ################################################################################## #EDIT#65: # Domain Error Retries # ------ ----- ------- begin retry * quota * * F,2h,15m; G,16h,1h,1.5; F,4d,8h # End of Exim 4 configuration Udostępnij ten post Link to postu Udostępnij na innych stronach