>Это лог попытки отправки письма (из exim_main.log): > >2006-05-30 22:06:55 SMTP connection from [192.168.63.87]:2585 I=[192.168.63.131]:25 (TCP/IP connection count = 1) > >2006-05-30 22:06:55 H=[192.168.63.87]:2585 I=[192.168.63.131]:25 Warning: ACL "warn" statement skipped: condition test deferred: >failed to expand ACL string "${lookup dnsdb{ptr=$sender_host_address}{$value}fail}": lookup of "ptr=192.168.63.87" gave >DEFER: >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 rejected AUTH LOGIN: TLS encryption or CRAM-MD5 >required >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 sender verify defer for <test_user@komstat.local>: host lookup did not complete >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 F=<test_user@komstat.local> temporarily rejected RCPT <test_user@komstat.local>: Could not complete sender verify >2006-05-30 22:06:55 H=(shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 incomplete transaction (QUIT) from <test_user@komstat.local> >2006-05-30 22:06:55 SMTP connection from (shadow) [192.168.63.87]:2585 I=[192.168.63.131]:25 closed by QUIT > >А это конфиг: >###################################################################### ># > MAIN CONFIGURATION SETTINGS > > # >###################################################################### > > >primary_hostname = open.statist.komstat.alt.ru > >auth_advertise_hosts = * >qualify_domain = komstat.local > >domainlist local_domains = >#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND (type='LOCAL' OR type='VIRTUAL')}} >domainlist relay_to_domains = >#${lookup mysql{SELECT domain FROM domains WHERE domain='${domain}' AND type='RELAY'}} >hostlist relay_from_hosts = localhost > >SPAMHELO = /etc/exim/spam_helo > >acl_smtp_auth = acl_check_auth >acl_smtp_connect = acl_check_connect >acl_smtp_helo = acl_check_helo >acl_smtp_rcpt = acl_check_rcpt >acl_smtp_data = acl_check_data >acl_smtp_mime = acl_check_mime > >av_scanner = drweb:127.0.0.1 3000 >#spamd_address = 127.0.0.1 783 > >never_users = root:daemon:bin > >rfc1413_hosts = * >rfc1413_query_timeout = 0s > >ignore_bounce_errors_after = 2d > >timeout_frozen_after = 1d >message_size_limit = 50M >split_spool_directory = true >remote_max_parallel = 15 > >log_file_path = /var/log/exim/exim_%s.log >#log_selector = +all_parents +delivery_size +lost_incoming_connection +sender_on_delivery +received_recipients +received_sender +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run > >log_selector = +all > >hide mysql_servers = 127.0.0.1/mail/postfix/postfix >smtp_accept_queue_per_connection = 1000 >smtp_accept_max = 100 > >###################################################################### ># > >ACL CONFIGURATION > > # ># Specifies access control >lists for incoming SMTP mail # > >###################################################################### > >begin acl > >acl_check_connect: > >warn > set acl_c1 = ${lookup dnsdb{ptr=$sender_host_address}{$value}fail} > hosts = ! +relay_from_hosts >warn > set acl_c2 = ${lookup{$acl_c1}nwildlsearch{SPAMHELO}{$value}fail} > hosts = ! +relay_from_hosts > >accept > >acl_check_helo: >accept > >acl_check_auth: >accept > encrypted = * >accept > condition = ${if eq{${uc:$smtp_command_argument}}{CRAM-MD5}} >deny > message = TLS encryption or CRAM-MD5 >required > >acl_check_rcpt: > >accept hosts = : > > >deny condition = ${if def:acl_c2{yes}{no}} > hosts = ! +relay_from_hosts > message = ptr blocked by postmaster: $acl_c2 > >warn set acl_m0=${lookup{$sender_helo_name}nwildlsearch{SPAMHELO}{$value}fail} > >deny condition = ${if def:acl_m0{yes}{no}} > hosts = ! +relay_from_hosts > message = helo blocked by postmaster: $acl_m0 > >deny message > = Restricted characters in address > domains > = !+local_domains > local_parts > = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ > >accept local_parts = postmaster > domains > = +local_domains > >require verify = sender > >accept domains = >+local_domains > endpass > message > = unknown user > verify > = recipient > >accept domains = +relay_to_domains > endpass > message = unrouteable address > > verify = recipient > > >################################################################### ># > Verify header of letter > > ># ># HELO,sender,header_syntax,host,name > > # ># If condition is spam then >delay delivery is more > # >################################################################### > >deny message > = HELO/EHLO required by SMTP RFC > !hosts > = +relay_from_hosts > condition > = ${if eq{$sender_helo_name}{}{yes}{no}} > >warn > set acl_m0 = 0s > > >warn > hosts = !+relay_from_hosts:!195.14.56.0/24:!192.168.0.0/16 > set acl_m0 = 30s > > >warn > condition = ${if and >{{match{$sender_host_name}{\N^[-a-z]*\d{0,3}[-a-z]*\.?[-a-z]*\d{0,3}[-a-z]*\.\w+$\N}}{!eq{$acl_c0}{outblaze_helo}}}{yes}{no}} > set acl_m0 = 1s > > >warn > condition = ${if and >{{match{$sender_helo_name}{\N^\w*\.\w{3}$\N}}{eq{$acl_c1}{}}}{yes}{no}} > set acl_m0 = 99s > > >warn > condition = ${if and >{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c0}{outblaze_helo}}}{yes}{no}} > set acl_m0 = 99s > > >warn > condition = ${if and >{{!match{$sender_host_name}{\N.+.outblaze.com$\N}}{eq{$acl_c2}{outblaze_domain}}}{yes}{no}} > set acl_m0 = 99s > > >warn > condition = ${if or >{{eq{$sender_address}{}}{eq{$acl_m1}{0s}}} {yes}{no}} > set acl_m0 = 0s > > >warn > logwrite = Delay $acl_m0 >for $sender_host_name [$sender_host_address] with HELO=$sender_helo_name. Mail from $sender_address to $local_part@$domain. > set acl_m1 = 0s > > delay = $acl_m0 > >accept hosts = >+relay_from_hosts >accept authenticated = * >control = submission/sender_retain >deny message = >relay not permitted > >acl_check_mime: > >deny message >= Your message contain deny file extention! > condition > = ${if match {${lc:$mime_filename}}{\N(\.exe|\.cpl|\.pif|\.bat|\.scr|\.lnk|\.com|\.reg|\.dll|\.bin|\.cmd|\.chm|\.hlp|\.ocx|\.sys|\.sh|\.url|\.pl|\.vb|\.vbe|\.vbs|\.rc|\.uu|\.mim|\.pif|\.hta)$\N}{1}{0}} > >accept > >acl_check_data: > >################################################################################# ># > Scan data > > > > # >################################################################################# >deny message = Your address is blocked! > senders = ${lookup mysql{SELECT >sender FROM wrong_sender WHERE sender='${quote_mysql:$sender_address}' OR sender='*@${quote_mysql:$sender_address_domain}'}} >################################################################################# ># > DrWeb Ativirus Configuration > > > # ># This work if av_scanner option >is on only > > ># >################################################################################# >deny malware > = * > message > = This message contains a virus >($malware_name). >################################################################################# >################################################################################# ># > SpamAssassin Configuration > > > # ># Ignoring "Relay_from_hosts" and "Local_domains" > > > # >################################################################################# >warn message > = X-Spam-Report: $spam_report\nX-Spam-Score:$spam_score\nX-Spam-Score-Int:$spam_score_int > condition > = ${if <{$message_size}{200k}{1}{0}} > ! hosts > = +relay_from_hosts > spam > = spamd:true > >deny message > = We don't need your spam! > !hosts > = +relay_from_hosts > condition = ${if >{$spam_score_int}{100}{1}{0}} >################################################################################# >accept > >###################################################################### ># > ROUTERS >CONFIGURATION > > # ># > Specifies how addresses are handled > > # >###################################################################### ># THE ORDER IN WHICH THE ROUTERS ARE >DEFINED IS IMPORTANT! # ># An address is passed to each router in turn until it >is accepted. # >###################################################################### > >begin routers > >dnslookup: > driver = dnslookup > domains = ! +local_domains > transport = remote_smtp > ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 > no_more > >spamd_router: > no_verify > driver = redirect > condition = ${if and{{!eq{} {${lookup mysql{SELECT home FROM users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}}{and{{def:spam_score_int}{>{$spam_score_int}{55}}}}}{1}{0}} > data = spamtrap > >system_aliases: > driver = redirect > allow_fail > allow_defer > data = ${lookup mysql{SELECT recipients FROM aliases WHERE >local_part='${local_part}' AND domain='${domain}'}} > file_transport = address_file > pipe_transport = address_pipe > >mysqluser: > driver = accept > condition = ${if eq{} {${lookup mysql{SELECT home FROM >users WHERE id='${local_part}' AND mbox_host='${domain}' AND active='Y'}}}{no}{yes}} > transport = mysql_delivery > cannot_route_message = Unknown or unactive user > >###################################################################### ># > TRANSPORTS >CONFIGURATION > ># >###################################################################### ># > >ORDER DOES NOT MATTER > > # ># Only one appropriate transport is called for >each delivery. # >###################################################################### > >begin transports > >remote_smtp: > driver = smtp > >mysql_delivery: > driver = appendfile > check_string = "" > create_directory > delivery_date_add > directory = ${lookup mysql{SELECT CONCAT(home, "/Maildir") FROM users >WHERE id='${local_part}' AND mbox_host='${domain}'}} > directory_mode = 770 ># create_directory > envelope_to_add > user = _exim > group = _exim > maildir_format > maildir_tag = ,S=$message_size > message_prefix = "" > message_suffix = "" > mode = 0640 > quota = ${lookup mysql{SELECT quota FROM users WHERE >id='${local_part}' AND mbox_host='${domain}'} {${value}M}} > quota_size_regex = S= (\d+)$ > quota_warn_threshold = 75% > return_path_add > >address_pipe: > driver = pipe > return_output > >address_file: > driver = appendfile > delivery_date_add > envelope_to_add > return_path_add > >address_reply: > driver = autoreply > > > >###################################################################### ># > RETRY >CONFIGURATION > > # >###################################################################### > >begin retry > ># This single retry rule applies to all domains and all errors. >It specifies ># retries every 15 minutes for 2 hours, then increasing retry intervals, > ># starting at 1 hour and increasing each time by a factor >of 1.5, up to 16 ># hours, then retries every 6 hours until 4 days have passed >since the first ># failed delivery. > ># Address or Domain Error > Retries ># ----------------- ----- >------- > >* > * > F,2h,15m; >G,16h,1h,1.5; F,4d,6h > > >###################################################################### ># > REWRITE >CONFIGURATION > > # >###################################################################### > ># There are no rewriting specifications in this default configuration file. > >begin rewrite > >###################################################################### ># > AUTHENTICATION CONFIGURATION > > # >###################################################################### > ># There are no authenticator specifications in this default configuration file. > >begin authenticators > >auth_plain: > driver = plaintext > public_name = PLAIN > server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$2}}' AND >mbox_host='${quote_mysql:${domain:$2}}' AND passwd='${quote_mysql:$3}' AND active='Y'} {yes} {no}} > server_prompts = : > server_set_id = $2 > >auth_login: > driver = plaintext > public_name = LOGIN > server_condition = ${lookup mysql{SELECT id FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND >mbox_host='${quote_mysql:${domain:$1}}' AND passwd='${quote_mysql:$2}' AND active='Y'} {yes} {no}} > server_prompts = Username:: : Password:: > server_set_id = $1 > >auth_cram_md5: > driver = cram_md5 > public_name = CRAM-MD5 > server_secret = ${lookup mysql{SELECT passwd FROM users WHERE id='${quote_mysql:${local_part:$1}}' AND >mbox_host='${quote_mysql:${domain:$1}}' AND active='Y'} {yes} {no}} > server_set_id = $1 > >###################################################################### ># > CONFIGURATION FOR local_scan() > > # >###################################################################### > ># If you have built Exim to include a local_scan() function that >contains ># tables for private options, you can define those options here. Remember >to ># uncomment the "begin" line. It is commented by default because it >provokes ># an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS > ># set in the Local/Makefile. > ># begin local_scan > > ># End of Exim configuration file > > "host lookup did not complete" или настрой уже днс, или отключи проверку хостов в днс "Could not complete sender verify" - не прошел ацл-ку, отключи тлс!
|