>/etc/exim/configure в студию!
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
primary_hostname = open.statist.komstat.alt.ru
qualify_domain = komstat.local
domainlist local_domains = ${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}}
domainlist relay_to_domains = ${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND type='RELAY'}}
hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
SPAMHELO = /etc/exim/spam_helo
acl_smtp_auth = acl_check_auth
acl_smtp_connect = acl_check_connect
acl_smtp_helo = acl_check_helo
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
av_scanner = drweb:127.0.0.1 3000
#spamd_address = 127.0.0.1 783
never_users = root:daemon:bin
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 1d
message_size_limit = 50M
split_spool_directory = true
remote_max_parallel = 15
log_file_path = /var/log/exim/exim_%s.log
#log_selector = +all_parents +delivery_size +lost_incoming_connection +sender_on_delivery +received_recipients +received_sender +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run
log_selector = +all
hide mysql_servers = 127.0.0.1/mail/postfix/postfix
smtp_accept_queue_per_connection = 1000
smtp_accept_max = 100
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_connect:
warn
set acl_c1 = ${lookup dnsdb{ptr=$sender_host_address}{$value}fail}
hosts = ! +relay_from_hosts
warn
set acl_c2 = ${lookup{$acl_c1}nwildlsearch{SPAMHELO}{$value}fail}
hosts = ! +relay_from_hosts
accept
acl_check_helo:
accept
acl_check_auth:
accept
encrypted = *
accept
condition = ${if eq{${uc:$smtp_command_argument}}{CRAM-MD5}}
deny
message = TLS encryption or CRAM-MD5 required
acl_check_rcpt:
accept hosts = :
deny condition = ${if def:acl_c2{yes}{no}}
hosts = ! +relay_from_hosts
message = ptr blocked by postmaster: $acl_c2
warn set acl_m0=${lookup{$sender_helo_name}nwildlsearch{SPAMHELO}{$value}fail}
deny condition = ${if def:acl_m0{yes}{no}}
hosts = ! +relay_from_hosts
message = helo blocked by postmaster: $acl_m0
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient
###################################################################
# Verify header of letter #
# HELO,sender,header_syntax,host,name #
# If condition is spam then delay delivery is more #
###################################################################
deny message = HELO/EHLO required by SMTP RFC
!hosts = +relay_from_hosts
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
warn
set acl_m0 = 0s
warn
hosts = !+relay_from_hosts:!195.14.56.0/24:!192.168.0.0/16
set acl_m0 = 30s
warn
condition = ${if and {{match{$sender_host_name}{\N^[-a-z]*\d{0,3}[-a-z]*\.?[-a-z]*\d{0,3}[-a-z]*\.\w+$\N}}{!eq{$acl_c0}{outblaze_helo}}}{yes}{no}}
set acl_m0 = 1s
warn
condition = ${if and {{match{$sender_helo_name}{\N^\w*\.\w{3}$\N}}{eq{$acl_c1}{}}}{yes}{no}}
set acl_m0 = 99s
warn
condition = ${if and {{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c0}{outblaze_helo}}}{yes}{no}}
set acl_m0 = 99s
warn
condition = ${if and {{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c2}{outblaze_domain}}}{yes}{no}}
set acl_m0 = 99s
warn
condition = ${if or {{eq{$sender_address}{}}{eq{$acl_m1}{0s}}} {yes}{no}}
set acl_m0 = 0s
warn
logwrite = Delay $acl_m0 for $sender_host_name [$sender_host_address] with HELO=$sender_helo_name. Mail from $sender_address to $local_part@$domain.
set acl_m1 = 0s
delay = $acl_m0
accept hosts = +relay_from_hosts
accept authenticated = *
control = submission/sender_retain
deny message = relay not permitted
acl_check_mime:
deny message = Your message contain deny file extention!
condition = ${if match {${lc:$mime_filename}}{\N(\.exe|\.cpl|\.pif|\.bat|\.scr|\.lnk|\.com|\.reg|\.dll|\.bin|\.cmd|\.chm|\.hlp|\.ocx|\.sys|\.sh|\.url|\.pl|\.vb|\.vbe|\.vbs|\.rc|\.uu|\.mim|\.pif|\.hta)$\N}{1}{0}}
accept
acl_check_data:
#################################################################################
# Scan data #
#################################################################################
deny message = Your address is blocked!
senders = ${lookup mysql{SELECT sender FROM wrong_sender WHERE sender='${quote_mysql:$sender_address}' OR sender='*@${quote_mysql:$sender_address_domain}'}}
#################################################################################
# DrWeb Ativirus Configuration #
# This work if av_scanner option is on only #
#################################################################################
deny malware = *
message = This message contains a virus ($malware_name).
#################################################################################
#################################################################################
# SpamAssassin Configuration #
# Ignoring "Relay_from_hosts" and "Local_domains" #
#################################################################################
warn message = X-Spam-Report: $spam_report\nX-Spam-Score:$spam_score\nX-Spam-Score-Int:$spam_score_int
condition = ${if <{$message_size}{200k}{1}{0}}
! hosts = +relay_from_hosts
spam = spamd:true
deny message = We don't need your spam!
!hosts = +relay_from_hosts
condition = ${if >{$spam_score_int}{100}{1}{0}}
#################################################################################
accept
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
spamd_router:
no_verify
driver = redirect
condition = ${if and{{!eq{} {${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}}{and{{def:spam_score_int}{>{$spam_score_int}{55}}}}}{1}{0}}
data = spamtrap
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM aliases WHERE local_part='${local_part}' AND domain='${domain}'}}
file_transport = address_file
pipe_transport = address_pipe
mysqluser:
driver = accept
condition = ${if eq{} {${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}{no}{yes}}
transport = mysql_delivery
cannot_route_message = Unknown or unactive user
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
begin transports
remote_smtp:
driver = smtp
mysql_delivery:
driver = appendfile
check_string = ""
create_directory
delivery_date_add
directory = ${lookup mysql{SELECT CONCAT(home, "/Maildir") FROM users WHERE id='${local_part}' AND mbox_host='${domain}'}}
directory_mode = 770
# create_directory
envelope_to_add
user = _exim
group = _exim
maildir_format
maildir_tag = ,S=$message_size
message_prefix = ""
message_suffix = ""
mode = 0640
quota = ${lookup mysql{SELECT quota FROM users WHERE id='${local_part}' AND mbox_host='${domain}'} {${value}M}}
quota_size_regex = S= (\d+)$
quota_warn_threshold = 75%
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
begin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$2}}' AND mbox_host='${quote_mysql:${domain:$2}}' AND passwd='${quote_mysql:$3}' AND active='Y'} {yes} {no}}
server_prompts = :
server_set_id = $2
auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND mbox_host='${quote_mysql:${domain:$1}}' AND passwd='${quote_mysql:$2}' AND active='Y'} {yes} {no}}
server_prompts = Username:: : Password::
server_set_id = $1
auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND mbox_host='${quote_mysql:${domain:$1}}' AND active='Y'} {yes} {no}}
server_set_id = $1
######################################################################
# CONFIGURATION FOR local_scan() #
######################################################################
# If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.
# begin local_scan
# End of Exim configuration file