forum.opennet.ru

Составление сообщения

Исходное сообщение

"SMTP авторизация в Exim'е"
Отправлено llelik, 30-Май-06 16:05

>Это лог попытки отправки письма (из exim_main.log):
>
>2006-05-30 22:06:55 SMTP connection from [192.168.63.87]:2585 I=[192.168.63.131]:25 (TCP/IP connection count = 1)
>
>2006-05-30 22:06:55 H=[192.168.63.87]:2585 I=[192.168.63.131]:25 Warning: ACL "warn" statement skipped: condition test deferred:
>failed to expand ACL string "${lookup dnsdb{ptr=$sender_host_address}{$value}fail}": lookup of "ptr=192.168.63.87" gave
>DEFER:
>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 rejected AUTH LOGIN: TLS encryption or CRAM-MD5
>required
>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 sender verify defer for <test_user@komstat.local>: host lookup did not complete
>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 F=<test_user@komstat.local> temporarily rejected RCPT <test_user@komstat.local>: Could not complete sender verify
>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 incomplete transaction (QUIT) from <test_user@komstat.local>
>2006-05-30 22:06:55 SMTP connection from (shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 closed by QUIT
>
>А это конфиг:
>######################################################################
>#
>        MAIN CONFIGURATION SETTINGS
>
>         #
>######################################################################
>
>
>primary_hostname = open.statist.komstat.alt.ru
>
>auth_advertise_hosts = *
>qualify_domain = komstat.local
>
>domainlist local_domains =
>#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}}
>domainlist relay_to_domains =
>#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND type='RELAY'}}
>hostlist   relay_from_hosts = localhost
>
>SPAMHELO = /etc/exim/spam_helo
>
>acl_smtp_auth = acl_check_auth
>acl_smtp_connect = acl_check_connect
>acl_smtp_helo = acl_check_helo
>acl_smtp_rcpt = acl_check_rcpt
>acl_smtp_data = acl_check_data
>acl_smtp_mime = acl_check_mime
>
>av_scanner = drweb:127.0.0.1 3000
>#spamd_address = 127.0.0.1 783
>
>never_users = root:daemon:bin
>
>rfc1413_hosts = *
>rfc1413_query_timeout = 0s
>
>ignore_bounce_errors_after = 2d
>
>timeout_frozen_after = 1d
>message_size_limit = 50M
>split_spool_directory = true
>remote_max_parallel = 15
>
>log_file_path = /var/log/exim/exim_%s.log
>#log_selector = +all_parents +delivery_size +lost_incoming_connection +sender_on_delivery +received_recipients +received_sender +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run
>
>log_selector = +all
>
>hide mysql_servers = 127.0.0.1/mail/postfix/postfix
>smtp_accept_queue_per_connection = 1000
>smtp_accept_max = 100
>
>######################################################################
>#
>
>ACL CONFIGURATION
>
>       #
>#         Specifies access control
>lists for incoming SMTP mail      #
>
>######################################################################
>
>begin acl
>
>acl_check_connect:
>
>warn
>    set acl_c1 = ${lookup dnsdb{ptr=$sender_host_address}{$value}fail}
>    hosts = ! +relay_from_hosts
>warn
>    set acl_c2 = ${lookup{$acl_c1}nwildlsearch{SPAMHELO}{$value}fail}
>    hosts = ! +relay_from_hosts
>
>accept
>
>acl_check_helo:
>accept
>
>acl_check_auth:
>accept
>    encrypted = *
>accept
>    condition = ${if eq{${uc:$smtp_command_argument}}{CRAM-MD5}}
>deny
>    message   = TLS encryption or CRAM-MD5
>required
>
>acl_check_rcpt:
>
>accept  hosts = :
>
>
>deny condition = ${if def:acl_c2{yes}{no}}
> hosts = ! +relay_from_hosts
> message = ptr blocked by postmaster: $acl_c2
>
>warn set acl_m0=${lookup{$sender_helo_name}nwildlsearch{SPAMHELO}{$value}fail}
>
>deny condition = ${if def:acl_m0{yes}{no}}
> hosts = ! +relay_from_hosts
> message = helo blocked by postmaster: $acl_m0
>
>deny    message
> = Restricted characters in address
>        domains
>     = !+local_domains
>        local_parts
> = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
>
>accept  local_parts   = postmaster
>        domains
>   = +local_domains
>
>require verify        = sender
>
>accept  domains         =
>+local_domains
>        endpass
>        message
>     = unknown user
>        verify
>      = recipient
>
>accept  domains = +relay_to_domains
>        endpass
>        message = unrouteable address
>
>        verify  = recipient
>
>
>###################################################################
>#
>   Verify header of letter
>
>
>#
>#       HELO,sender,header_syntax,host,name
>
>       #
>#       If condition is spam then
>delay delivery is more
>  #
>###################################################################
>
>deny    message
> = HELO/EHLO required by SMTP RFC
>        !hosts
>      = +relay_from_hosts
>        condition
>   = ${if eq{$sender_helo_name}{}{yes}{no}}
>
>warn
>        set acl_m0 = 0s
>
>
>warn
>        hosts = !+relay_from_hosts:!195.14.56.0/24:!192.168.0.0/16
>        set acl_m0 = 30s
>
>
>warn
>        condition = ${if and
>{{match{$sender_host_name}{\N^[-a-z]*\d{0,3}[-a-z]*\.?[-a-z]*\d{0,3}[-a-z]*\.\w+$\N}}{!eq{$acl_c0}{outblaze_helo}}}{yes}{no}}
>        set acl_m0 = 1s
>
>
>warn
>        condition = ${if and
>{{match{$sender_helo_name}{\N^\w*\.\w{3}$\N}}{eq{$acl_c1}{}}}{yes}{no}}
>        set acl_m0 = 99s
>
>
>warn
>        condition = ${if and
>{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c0}{outblaze_helo}}}{yes}{no}}
>        set acl_m0 = 99s
>
>
>warn
>        condition = ${if and
>{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c2}{outblaze_domain}}}{yes}{no}}
>        set acl_m0 = 99s
>
>
>warn
>        condition = ${if or
>{{eq{$sender_address}{}}{eq{$acl_m1}{0s}}} {yes}{no}}
>        set acl_m0 = 0s
>
>
>warn
>        logwrite = Delay $acl_m0
>for $sender_host_name [$sender_host_address] with HELO=$sender_helo_name. Mail from $sender_address to $local_part@$domain.
>        set acl_m1 = 0s
>
>        delay = $acl_m0
>
>accept  hosts         =
>+relay_from_hosts
>accept  authenticated = *
>control = submission/sender_retain
>deny    message       =
>relay not permitted
>
>acl_check_mime:
>
>deny   message
>= Your message contain deny file extention!
>       condition
>  = ${if match {${lc:$mime_filename}}{\N(\.exe|\.cpl|\.pif|\.bat|\.scr|\.lnk|\.com|\.reg|\.dll|\.bin|\.cmd|\.chm|\.hlp|\.ocx|\.sys|\.sh|\.url|\.pl|\.vb|\.vbe|\.vbs|\.rc|\.uu|\.mim|\.pif|\.hta)$\N}{1}{0}}
>
>accept
>
>acl_check_data:
>
>#################################################################################
>#
>   Scan data
>
>
>
>  #
>#################################################################################
>deny    message = Your address is blocked!
>        senders = ${lookup mysql{SELECT
>sender FROM wrong_sender WHERE sender='${quote_mysql:$sender_address}' OR sender='*@${quote_mysql:$sender_address_domain}'}}
>#################################################################################
>#
>   DrWeb Ativirus Configuration
>
>
>        #
>#       This work if av_scanner option
>is on only
>
>
>#
>#################################################################################
>deny    malware
> = *
>        message
>     = This message contains a virus
>($malware_name).
>#################################################################################
>#################################################################################
>#
>   SpamAssassin Configuration
>
>
>         #
>#       Ignoring "Relay_from_hosts" and "Local_domains"
>
>
> #
>#################################################################################
>warn    message
> = X-Spam-Report: $spam_report\nX-Spam-Score:$spam_score\nX-Spam-Score-Int:$spam_score_int
>        condition
>   = ${if <{$message_size}{200k}{1}{0}}
>        ! hosts
>      = +relay_from_hosts
>        spam
>        = spamd:true
>
>deny    message
> = We don't need your spam!
>        !hosts
>      = +relay_from_hosts
>        condition       = ${if >{$spam_score_int}{100}{1}{0}}
>#################################################################################
>accept
>
>######################################################################
>#
>          ROUTERS
>CONFIGURATION
>
>   #
>#
>   Specifies how addresses are handled
>
>   #
>######################################################################
>#     THE ORDER IN WHICH THE ROUTERS ARE
>DEFINED IS IMPORTANT!       #
># An address is passed to each router in turn until it
>is accepted.  #
>######################################################################
>
>begin routers
>
>dnslookup:
>    driver = dnslookup
>    domains = ! +local_domains
>    transport = remote_smtp
>    ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
>    no_more
>
>spamd_router:
>    no_verify
>    driver = redirect
>    condition = ${if and{{!eq{} {${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}}{and{{def:spam_score_int}{>{$spam_score_int}{55}}}}}{1}{0}}
>    data = spamtrap
>
>system_aliases:
>    driver = redirect
>    allow_fail
>    allow_defer
>    data = ${lookup mysql{SELECT recipients FROM aliases WHERE
>local_part='${local_part}' AND domain='${domain}'}}
>    file_transport = address_file
>    pipe_transport = address_pipe
>
>mysqluser:
>    driver = accept
>    condition = ${if eq{} {${lookup mysql{SELECT home FROM
>users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}{no}{yes}}
>    transport = mysql_delivery
>    cannot_route_message = Unknown or unactive user
>
>######################################################################
>#
>          TRANSPORTS
>CONFIGURATION
>
>#
>######################################################################
>#
>
>ORDER DOES NOT MATTER
>
>     #
>#     Only one appropriate transport is called for
>each delivery.    #
>######################################################################
>
>begin transports
>
>remote_smtp:
>  driver = smtp
>
>mysql_delivery:
>    driver = appendfile
>    check_string = ""
>    create_directory
>    delivery_date_add
>    directory = ${lookup mysql{SELECT CONCAT(home, "/Maildir") FROM users
>WHERE id='${local_part}' AND mbox_host='${domain}'}}
>    directory_mode = 770
>#    create_directory
>    envelope_to_add
>    user = _exim
>    group = _exim
>    maildir_format
>    maildir_tag = ,S=$message_size
>    message_prefix = ""
>    message_suffix = ""
>    mode = 0640
>    quota = ${lookup mysql{SELECT quota FROM users WHERE
>id='${local_part}' AND mbox_host='${domain}'} {${value}M}}
>    quota_size_regex = S= (\d+)$
>    quota_warn_threshold = 75%
>    return_path_add
>
>address_pipe:
>  driver = pipe
>  return_output
>
>address_file:
>  driver = appendfile
>  delivery_date_add
>  envelope_to_add
>  return_path_add
>
>address_reply:
>  driver = autoreply
>
>
>
>######################################################################
>#
>          RETRY
>CONFIGURATION
>
>     #
>######################################################################
>
>begin retry
>
># This single retry rule applies to all domains and all errors.
>It specifies
># retries every 15 minutes for 2 hours, then increasing retry intervals,
>
># starting at 1 hour and increasing each time by a factor
>of 1.5, up to 16
># hours, then retries every 6 hours until 4 days have passed
>since the first
># failed delivery.
>
># Address or Domain    Error
>  Retries
># -----------------    -----
>-------
>
>*
>          *
>          F,2h,15m;
>G,16h,1h,1.5; F,4d,6h
>
>
>######################################################################
>#
>          REWRITE
>CONFIGURATION
>
>   #
>######################################################################
>
># There are no rewriting specifications in this default configuration file.
>
>begin rewrite
>
>######################################################################
>#
>       AUTHENTICATION CONFIGURATION
>
>       #
>######################################################################
>
># There are no authenticator specifications in this default configuration file.
>
>begin authenticators
>
>auth_plain:
>  driver = plaintext
>  public_name = PLAIN
>  server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$2}}' AND
>mbox_host='${quote_mysql:${domain:$2}}' AND passwd='${quote_mysql:$3}' AND active='Y'} {yes} {no}}
>  server_prompts = :
>  server_set_id = $2
>
>auth_login:
>  driver = plaintext
>  public_name = LOGIN
>  server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND
>mbox_host='${quote_mysql:${domain:$1}}' AND passwd='${quote_mysql:$2}' AND active='Y'} {yes} {no}}
>  server_prompts = Username:: : Password::
>  server_set_id = $1
>
>auth_cram_md5:
>  driver = cram_md5
>  public_name = CRAM-MD5
>  server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND
>mbox_host='${quote_mysql:${domain:$1}}' AND active='Y'} {yes} {no}}
>  server_set_id = $1
>
>######################################################################
>#
>       CONFIGURATION FOR local_scan()
>
>      #
>######################################################################
>
># If you have built Exim to include a local_scan() function that
>contains
># tables for private options, you can define those options here. Remember
>to
># uncomment the "begin" line. It is commented by default because it
>provokes
># an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
>
># set in the Local/Makefile.
>
># begin local_scan
>
>
># End of Exim configuration file
>
>

"host lookup did not complete" или настрой уже днс, или отключи проверку хостов в днс
"Could not complete sender verify" - не прошел ацл-ку, отключи тлс!

Исходное сообщение
"SMTP авторизация в Exim'е" Отправлено llelik, 30-Май-06 16:05
>Это лог попытки отправки письма (из exim_main.log): > >2006-05-30 22:06:55 SMTP connection from [192.168.63.87]:2585 I=[192.168.63.131]:25 (TCP/IP connection count = 1) > >2006-05-30 22:06:55 H=[192.168.63.87]:2585 I=[192.168.63.131]:25 Warning: ACL "warn" statement skipped: condition test deferred: >failed to expand ACL string "${lookup dnsdb{ptr=$sender_host_address}{$value}fail}": lookup of "ptr=192.168.63.87" gave >DEFER: >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 rejected AUTH LOGIN: TLS encryption or CRAM-MD5 >required >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 sender verify defer for <test_user@komstat.local>: host lookup did not complete >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 F=<test_user@komstat.local> temporarily rejected RCPT <test_user@komstat.local>: Could not complete sender verify >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 incomplete transaction (QUIT) from <test_user@komstat.local> >2006-05-30 22:06:55 SMTP connection from (shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 closed by QUIT > >А это конфиг: >###################################################################### ># > MAIN CONFIGURATION SETTINGS > > # >###################################################################### > > >primary_hostname = open.statist.komstat.alt.ru > >auth_advertise_hosts = * >qualify_domain = komstat.local > >domainlist local_domains = >#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}} >domainlist relay_to_domains = >#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND type='RELAY'}} >hostlist relay_from_hosts = localhost > >SPAMHELO = /etc/exim/spam_helo > >acl_smtp_auth = acl_check_auth >acl_smtp_connect = acl_check_connect >acl_smtp_helo = acl_check_helo >acl_smtp_rcpt = acl_check_rcpt >acl_smtp_data = acl_check_data >acl_smtp_mime = acl_check_mime > >av_scanner = drweb:127.0.0.1 3000 >#spamd_address = 127.0.0.1 783 > >never_users = root:daemon:bin > >rfc1413_hosts = * >rfc1413_query_timeout = 0s > >ignore_bounce_errors_after = 2d > >timeout_frozen_after = 1d >message_size_limit = 50M >split_spool_directory = true >remote_max_parallel = 15 > >log_file_path = /var/log/exim/exim_%s.log >#log_selector = +all_parents +delivery_size +lost_incoming_connection +sender_on_delivery +received_recipients +received_sender +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run > >log_selector = +all > >hide mysql_servers = 127.0.0.1/mail/postfix/postfix >smtp_accept_queue_per_connection = 1000 >smtp_accept_max = 100 > >###################################################################### ># > >ACL CONFIGURATION > > # ># Specifies access control >lists for incoming SMTP mail # > >###################################################################### > >begin acl > >acl_check_connect: > >warn > set acl_c1 = ${lookup dnsdb{ptr=$sender_host_address}{$value}fail} > hosts = ! +relay_from_hosts >warn > set acl_c2 = ${lookup{$acl_c1}nwildlsearch{SPAMHELO}{$value}fail} > hosts = ! +relay_from_hosts > >accept > >acl_check_helo: >accept > >acl_check_auth: >accept > encrypted = * >accept > condition = ${if eq{${uc:$smtp_command_argument}}{CRAM-MD5}} >deny > message = TLS encryption or CRAM-MD5 >required > >acl_check_rcpt: > >accept hosts = : > > >deny condition = ${if def:acl_c2{yes}{no}} > hosts = ! +relay_from_hosts > message = ptr blocked by postmaster: $acl_c2 > >warn set acl_m0=${lookup{$sender_helo_name}nwildlsearch{SPAMHELO}{$value}fail} > >deny condition = ${if def:acl_m0{yes}{no}} > hosts = ! +relay_from_hosts > message = helo blocked by postmaster: $acl_m0 > >deny message > = Restricted characters in address > domains > = !+local_domains > local_parts > = ^[./\|] : ^.[@%!] : ^./\\.\\./ > >accept local_parts = postmaster > domains > = +local_domains > >require verify = sender > >accept domains = >+local_domains > endpass > message > = unknown user > verify > = recipient > >accept domains = +relay_to_domains > endpass > message = unrouteable address > > verify = recipient > > >################################################################### ># > Verify header of letter > > ># ># HELO,sender,header_syntax,host,name > > # ># If condition is spam then >delay delivery is more > # >################################################################### > >deny message > = HELO/EHLO required by SMTP RFC > !hosts > = +relay_from_hosts > condition > = ${if eq{$sender_helo_name}{}{yes}{no}} > >warn > set acl_m0 = 0s > > >warn > hosts = !+relay_from_hosts:!195.14.56.0/24:!192.168.0.0/16 > set acl_m0 = 30s > > >warn > condition = ${if and >{{match{$sender_host_name}{\N^[-a-z]\d{0,3}[-a-z]\.?[-a-z]\d{0,3}[-a-z]\.\w+$\N}}{!eq{$acl_c0}{outblaze_helo}}}{yes}{no}} > set acl_m0 = 1s > > >warn > condition = ${if and >{{match{$sender_helo_name}{\N^\w\.\w{3}$\N}}{eq{$acl_c1}{}}}{yes}{no}} > set acl_m0 = 99s > > >warn > condition = ${if and >{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c0}{outblaze_helo}}}{yes}{no}} > set acl_m0 = 99s > > >warn > condition = ${if and >{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c2}{outblaze_domain}}}{yes}{no}} > set acl_m0 = 99s > > >warn > condition = ${if or >{{eq{$sender_address}{}}{eq{$acl_m1}{0s}}} {yes}{no}} > set acl_m0 = 0s > > >warn > logwrite = Delay $acl_m0 >for $sender_host_name [$sender_host_address] with HELO=$sender_helo_name. Mail from $sender_address to $local_part@$domain. > set acl_m1 = 0s > > delay = $acl_m0 > >accept hosts = >+relay_from_hosts >accept authenticated = >control = submission/sender_retain >deny message = >relay not permitted > >acl_check_mime: > >deny message >= Your message contain deny file extention! > condition > = ${if match {${lc:$mime_filename}}{\N(\.exe\|\.cpl\|\.pif\|\.bat\|\.scr\|\.lnk\|\.com\|\.reg\|\.dll\|\.bin\|\.cmd\|\.chm\|\.hlp\|\.ocx\|\.sys\|\.sh\|\.url\|\.pl\|\.vb\|\.vbe\|\.vbs\|\.rc\|\.uu\|\.mim\|\.pif\|\.hta)$\N}{1}{0}} > >accept > >acl_check_data: > >################################################################################# ># > Scan data > > > > # >################################################################################# >deny message = Your address is blocked! > senders = ${lookup mysql{SELECT >sender FROM wrong_sender WHERE sender='${quote_mysql:$sender_address}' OR sender='@${quote_mysql:$sender_address_domain}'}} >################################################################################# ># > DrWeb Ativirus Configuration > > > # ># This work if av_scanner option >is on only > > ># >################################################################################# >deny malware > = > message > = This message contains a virus >($malware_name). >################################################################################# >################################################################################# ># > SpamAssassin Configuration > > > # ># Ignoring "Relay_from_hosts" and "Local_domains" > > > # >################################################################################# >warn message > = X-Spam-Report: $spam_report\nX-Spam-Score:$spam_score\nX-Spam-Score-Int:$spam_score_int > condition > = ${if <{$message_size}{200k}{1}{0}} > ! hosts > = +relay_from_hosts > spam > = spamd:true > >deny message > = We don't need your spam! > !hosts > = +relay_from_hosts > condition = ${if >{$spam_score_int}{100}{1}{0}} >################################################################################# >accept > >###################################################################### ># > ROUTERS >CONFIGURATION > > # ># > Specifies how addresses are handled > > # >###################################################################### ># THE ORDER IN WHICH THE ROUTERS ARE >DEFINED IS IMPORTANT! # ># An address is passed to each router in turn until it >is accepted. # >###################################################################### > >begin routers > >dnslookup: > driver = dnslookup > domains = ! +local_domains > transport = remote_smtp > ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 > no_more > >spamd_router: > no_verify > driver = redirect > condition = ${if and{{!eq{} {${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}}{and{{def:spam_score_int}{>{$spam_score_int}{55}}}}}{1}{0}} > data = spamtrap > >system_aliases: > driver = redirect > allow_fail > allow_defer > data = ${lookup mysql{SELECT recipients FROM aliases WHERE >local_part='${local_part}' AND domain='${domain}'}} > file_transport = address_file > pipe_transport = address_pipe > >mysqluser: > driver = accept > condition = ${if eq{} {${lookup mysql{SELECT home FROM >users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}{no}{yes}} > transport = mysql_delivery > cannot_route_message = Unknown or unactive user > >###################################################################### ># > TRANSPORTS >CONFIGURATION > ># >###################################################################### ># > >ORDER DOES NOT MATTER > > # ># Only one appropriate transport is called for >each delivery. # >###################################################################### > >begin transports > >remote_smtp: > driver = smtp > >mysql_delivery: > driver = appendfile > check_string = "" > create_directory > delivery_date_add > directory = ${lookup mysql{SELECT CONCAT(home, "/Maildir") FROM users >WHERE id='${local_part}' AND mbox_host='${domain}'}} > directory_mode = 770 ># create_directory > envelope_to_add > user = _exim > group = _exim > maildir_format > maildir_tag = ,S=$message_size > message_prefix = "" > message_suffix = "" > mode = 0640 > quota = ${lookup mysql{SELECT quota FROM users WHERE >id='${local_part}' AND mbox_host='${domain}'} {${value}M}} > quota_size_regex = S= (\d+)$ > quota_warn_threshold = 75% > return_path_add > >address_pipe: > driver = pipe > return_output > >address_file: > driver = appendfile > delivery_date_add > envelope_to_add > return_path_add > >address_reply: > driver = autoreply > > > >###################################################################### ># > RETRY >CONFIGURATION > > # >###################################################################### > >begin retry > ># This single retry rule applies to all domains and all errors. >It specifies ># retries every 15 minutes for 2 hours, then increasing retry intervals, > ># starting at 1 hour and increasing each time by a factor >of 1.5, up to 16 ># hours, then retries every 6 hours until 4 days have passed >since the first ># failed delivery. > ># Address or Domain Error > Retries ># ----------------- ----- >------- > >* > * > F,2h,15m; >G,16h,1h,1.5; F,4d,6h > > >###################################################################### ># > REWRITE >CONFIGURATION > > # >###################################################################### > ># There are no rewriting specifications in this default configuration file. > >begin rewrite > >###################################################################### ># > AUTHENTICATION CONFIGURATION > > # >###################################################################### > ># There are no authenticator specifications in this default configuration file. > >begin authenticators > >auth_plain: > driver = plaintext > public_name = PLAIN > server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$2}}' AND >mbox_host='${quote_mysql:${domain:$2}}' AND passwd='${quote_mysql:$3}' AND active='Y'} {yes} {no}} > server_prompts = : > server_set_id = $2 > >auth_login: > driver = plaintext > public_name = LOGIN > server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND >mbox_host='${quote_mysql:${domain:$1}}' AND passwd='${quote_mysql:$2}' AND active='Y'} {yes} {no}} > server_prompts = Username:: : Password:: > server_set_id = $1 > >auth_cram_md5: > driver = cram_md5 > public_name = CRAM-MD5 > server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND >mbox_host='${quote_mysql:${domain:$1}}' AND active='Y'} {yes} {no}} > server_set_id = $1 > >###################################################################### ># > CONFIGURATION FOR local_scan() > > # >###################################################################### > ># If you have built Exim to include a local_scan() function that >contains ># tables for private options, you can define those options here. Remember >to ># uncomment the "begin" line. It is commented by default because it >provokes ># an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS > ># set in the Local/Makefile. > ># begin local_scan > > ># End of Exim configuration file > > "host lookup did not complete" или настрой уже днс, или отключи проверку хостов в днс "Could not complete sender verify" - не прошел ацл-ку, отключи тлс!

Ваше сообщение
Имя*:
EMail:	Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	>>Это лог попытки отправки письма (из exim_main.log): >> >>2006-05-30 22:06:55 SMTP connection from [192.168.63.87]:2585 I=[192.168.63.131]:25 (TCP/IP connection count = 1) >> >>2006-05-30 22:06:55 H=[192.168.63.87]:2585 I=[192.168.63.131]:25 Warning: ACL "warn" statement skipped: condition test deferred: >>failed to expand ACL string "${lookup dnsdb{ptr=$sender_host_address}{$value}fail}": lookup of "ptr=192.168.63.87" gave >>DEFER: >>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 rejected AUTH LOGIN: TLS encryption or CRAM-MD5 >>required >>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 sender verify defer for <test_user@komstat.local>: host lookup did not complete >>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 F=<test_user@komstat.local> temporarily rejected RCPT <test_user@komstat.local>: Could not complete sender verify >>2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 incomplete transaction (QUIT) from <test_user@komstat.local> >>2006-05-30 22:06:55 SMTP connection from (shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 closed by QUIT >> >>А это конфиг: >>###################################################################### >># >> MAIN CONFIGURATION SETTINGS >> >> # >>###################################################################### >> >> >>primary_hostname = open.statist.komstat.alt.ru >> >>auth_advertise_hosts = * >>qualify_domain = komstat.local >> >>domainlist local_domains = >>#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}} >>domainlist relay_to_domains = >>#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND type='RELAY'}} >>hostlist relay_from_hosts = localhost >> >>SPAMHELO = /etc/exim/spam_helo >> >>acl_smtp_auth = acl_check_auth >>acl_smtp_connect = acl_check_connect >>acl_smtp_helo = acl_check_helo >>acl_smtp_rcpt = acl_check_rcpt >>acl_smtp_data = acl_check_data >>acl_smtp_mime = acl_check_mime >> >>av_scanner = drweb:127.0.0.1 3000 >>#spamd_address = 127.0.0.1 783 >> >>never_users = root:daemon:bin >> >>rfc1413_hosts = * >>rfc1413_query_timeout = 0s >> >>ignore_bounce_errors_after = 2d >> >>timeout_frozen_after = 1d >>message_size_limit = 50M >>split_spool_directory = true >>remote_max_parallel = 15 >> >>log_file_path = /var/log/exim/exim_%s.log >>#log_selector = +all_parents +delivery_size +lost_incoming_connection +sender_on_delivery +received_recipients +received_sender +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run >> >>log_selector = +all >> >>hide mysql_servers = 127.0.0.1/mail/postfix/postfix >>smtp_accept_queue_per_connection = 1000 >>smtp_accept_max = 100 >> >>###################################################################### >># >> >>ACL CONFIGURATION >> >> # >># Specifies access control >>lists for incoming SMTP mail # >> >>###################################################################### >> >>begin acl >> >>acl_check_connect: >> >>warn >> set acl_c1 = ${lookup dnsdb{ptr=$sender_host_address}{$value}fail} >> hosts = ! +relay_from_hosts >>warn >> set acl_c2 = ${lookup{$acl_c1}nwildlsearch{SPAMHELO}{$value}fail} >> hosts = ! +relay_from_hosts >> >>accept >> >>acl_check_helo: >>accept >> >>acl_check_auth: >>accept >> encrypted = * >>accept >> condition = ${if eq{${uc:$smtp_command_argument}}{CRAM-MD5}} >>deny >> message = TLS encryption or CRAM-MD5 >>required >> >>acl_check_rcpt: >> >>accept hosts = : >> >> >>deny condition = ${if def:acl_c2{yes}{no}} >> hosts = ! +relay_from_hosts >> message = ptr blocked by postmaster: $acl_c2 >> >>warn set acl_m0=${lookup{$sender_helo_name}nwildlsearch{SPAMHELO}{$value}fail} >> >>deny condition = ${if def:acl_m0{yes}{no}} >> hosts = ! +relay_from_hosts >> message = helo blocked by postmaster: $acl_m0 >> >>deny message >> = Restricted characters in address >> domains >> = !+local_domains >> local_parts >> = ^[./\|] : ^.[@%!] : ^./\\.\\./ >> >>accept local_parts = postmaster >> domains >> = +local_domains >> >>require verify = sender >> >>accept domains = >>+local_domains >> endpass >> message >> = unknown user >> verify >> = recipient >> >>accept domains = +relay_to_domains >> endpass >> message = unrouteable address >> >> verify = recipient >> >> >>################################################################### >># >> Verify header of letter >> >> >># >># HELO,sender,header_syntax,host,name >> >> # >># If condition is spam then >>delay delivery is more >> # >>################################################################### >> >>deny message >> = HELO/EHLO required by SMTP RFC >> !hosts >> = +relay_from_hosts >> condition >> = ${if eq{$sender_helo_name}{}{yes}{no}} >> >>warn >> set acl_m0 = 0s >> >> >>warn >> hosts = !+relay_from_hosts:!195.14.56.0/24:!192.168.0.0/16 >> set acl_m0 = 30s >> >> >>warn >> condition = ${if and >>{{match{$sender_host_name}{\N^[-a-z]\d{0,3}[-a-z]\.?[-a-z]\d{0,3}[-a-z]\.\w+$\N}}{!eq{$acl_c0}{outblaze_helo}}}{yes}{no}} >> set acl_m0 = 1s >> >> >>warn >> condition = ${if and >>{{match{$sender_helo_name}{\N^\w\.\w{3}$\N}}{eq{$acl_c1}{}}}{yes}{no}} >> set acl_m0 = 99s >> >> >>warn >> condition = ${if and >>{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c0}{outblaze_helo}}}{yes}{no}} >> set acl_m0 = 99s >> >> >>warn >> condition = ${if and >>{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c2}{outblaze_domain}}}{yes}{no}} >> set acl_m0 = 99s >> >> >>warn >> condition = ${if or >>{{eq{$sender_address}{}}{eq{$acl_m1}{0s}}} {yes}{no}} >> set acl_m0 = 0s >> >> >>warn >> logwrite = Delay $acl_m0 >>for $sender_host_name [$sender_host_address] with HELO=$sender_helo_name. Mail from $sender_address to $local_part@$domain. >> set acl_m1 = 0s >> >> delay = $acl_m0 >> >>accept hosts = >>+relay_from_hosts >>accept authenticated = >>control = submission/sender_retain >>deny message = >>relay not permitted >> >>acl_check_mime: >> >>deny message >>= Your message contain deny file extention! >> condition >> = ${if match {${lc:$mime_filename}}{\N(\.exe\|\.cpl\|\.pif\|\.bat\|\.scr\|\.lnk\|\.com\|\.reg\|\.dll\|\.bin\|\.cmd\|\.chm\|\.hlp\|\.ocx\|\.sys\|\.sh\|\.url\|\.pl\|\.vb\|\.vbe\|\.vbs\|\.rc\|\.uu\|\.mim\|\.pif\|\.hta)$\N}{1}{0}} >> >>accept >> >>acl_check_data: >> >>################################################################################# >># >> Scan data >> >> >> >> # >>################################################################################# >>deny message = Your address is blocked! >> senders = ${lookup mysql{SELECT >>sender FROM wrong_sender WHERE sender='${quote_mysql:$sender_address}' OR sender='@${quote_mysql:$sender_address_domain}'}} >>################################################################################# >># >> DrWeb Ativirus Configuration >> >> >> # >># This work if av_scanner option >>is on only >> >> >># >>################################################################################# >>deny malware >> = >> message >> = This message contains a virus >>($malware_name). >>################################################################################# >>################################################################################# >># >> SpamAssassin Configuration >> >> >> # >># Ignoring "Relay_from_hosts" and "Local_domains" >> >> >> # >>################################################################################# >>warn message >> = X-Spam-Report: $spam_report\nX-Spam-Score:$spam_score\nX-Spam-Score-Int:$spam_score_int >> condition >> = ${if <{$message_size}{200k}{1}{0}} >> ! hosts >> = +relay_from_hosts >> spam >> = spamd:true >> >>deny message >> = We don't need your spam! >> !hosts >> = +relay_from_hosts >> condition = ${if >{$spam_score_int}{100}{1}{0}} >>################################################################################# >>accept >> >>###################################################################### >># >> ROUTERS >>CONFIGURATION >> >> # >># >> Specifies how addresses are handled >> >> # >>###################################################################### >># THE ORDER IN WHICH THE ROUTERS ARE >>DEFINED IS IMPORTANT! # >># An address is passed to each router in turn until it >>is accepted. # >>###################################################################### >> >>begin routers >> >>dnslookup: >> driver = dnslookup >> domains = ! +local_domains >> transport = remote_smtp >> ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 >> no_more >> >>spamd_router: >> no_verify >> driver = redirect >> condition = ${if and{{!eq{} {${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}}{and{{def:spam_score_int}{>{$spam_score_int}{55}}}}}{1}{0}} >> data = spamtrap >> >>system_aliases: >> driver = redirect >> allow_fail >> allow_defer >> data = ${lookup mysql{SELECT recipients FROM aliases WHERE >>local_part='${local_part}' AND domain='${domain}'}} >> file_transport = address_file >> pipe_transport = address_pipe >> >>mysqluser: >> driver = accept >> condition = ${if eq{} {${lookup mysql{SELECT home FROM >>users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}{no}{yes}} >> transport = mysql_delivery >> cannot_route_message = Unknown or unactive user >> >>###################################################################### >># >> TRANSPORTS >>CONFIGURATION >> >># >>###################################################################### >># >> >>ORDER DOES NOT MATTER >> >> # >># Only one appropriate transport is called for >>each delivery. # >>###################################################################### >> >>begin transports >> >>remote_smtp: >> driver = smtp >> >>mysql_delivery: >> driver = appendfile >> check_string = "" >> create_directory >> delivery_date_add >> directory = ${lookup mysql{SELECT CONCAT(home, "/Maildir") FROM users >>WHERE id='${local_part}' AND mbox_host='${domain}'}} >> directory_mode = 770 >># create_directory >> envelope_to_add >> user = _exim >> group = _exim >> maildir_format >> maildir_tag = ,S=$message_size >> message_prefix = "" >> message_suffix = "" >> mode = 0640 >> quota = ${lookup mysql{SELECT quota FROM users WHERE >>id='${local_part}' AND mbox_host='${domain}'} {${value}M}} >> quota_size_regex = S= (\d+)$ >> quota_warn_threshold = 75% >> return_path_add >> >>address_pipe: >> driver = pipe >> return_output >> >>address_file: >> driver = appendfile >> delivery_date_add >> envelope_to_add >> return_path_add >> >>address_reply: >> driver = autoreply >> >> >> >>###################################################################### >># >> RETRY >>CONFIGURATION >> >> # >>###################################################################### >> >>begin retry >> >># This single retry rule applies to all domains and all errors. >>It specifies >># retries every 15 minutes for 2 hours, then increasing retry intervals, >> >># starting at 1 hour and increasing each time by a factor >>of 1.5, up to 16 >># hours, then retries every 6 hours until 4 days have passed >>since the first >># failed delivery. >> >># Address or Domain Error >> Retries >># ----------------- ----- >>------- >> >>* >> * >> F,2h,15m; >>G,16h,1h,1.5; F,4d,6h >> >> >>###################################################################### >># >> REWRITE >>CONFIGURATION >> >> # >>###################################################################### >> >># There are no rewriting specifications in this default configuration file. >> >>begin rewrite >> >>###################################################################### >># >> AUTHENTICATION CONFIGURATION >> >> # >>###################################################################### >> >># There are no authenticator specifications in this default configuration file. >> >>begin authenticators >> >>auth_plain: >> driver = plaintext >> public_name = PLAIN >> server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$2}}' AND >>mbox_host='${quote_mysql:${domain:$2}}' AND passwd='${quote_mysql:$3}' AND active='Y'} {yes} {no}} >> server_prompts = : >> server_set_id = $2 >> >>auth_login: >> driver = plaintext >> public_name = LOGIN >> server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND >>mbox_host='${quote_mysql:${domain:$1}}' AND passwd='${quote_mysql:$2}' AND active='Y'} {yes} {no}} >> server_prompts = Username:: : Password:: >> server_set_id = $1 >> >>auth_cram_md5: >> driver = cram_md5 >> public_name = CRAM-MD5 >> server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND >>mbox_host='${quote_mysql:${domain:$1}}' AND active='Y'} {yes} {no}} >> server_set_id = $1 >> >>###################################################################### >># >> CONFIGURATION FOR local_scan() >> >> # >>###################################################################### >> >># If you have built Exim to include a local_scan() function that >>contains >># tables for private options, you can define those options here. Remember >>to >># uncomment the "begin" line. It is commented by default because it >>provokes >># an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS >> >># set in the Local/Makefile. >> >># begin local_scan >> >> >># End of Exim configuration file >> >> > "host lookup did not complete" или настрой уже днс, или отключи проверку > хостов в днс > "Could not complete sender verify" - не прошел ацл-ку, отключи тлс!
	Введите код, изображенный на картинке:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру