всем еще раз привет
знающие и опытные люди помогите пожалуйста решить проблем
начальство уже лишает премии
проблема в следующем приходит спам от самого себя же, да и вообще куча спама каждый день по 50-70 спама, в exime не спец
на форумах куча всякой инфы и не понятно где готовое рабочее решение как сделать авторизациюспам приходит не смоего ip
конфиг eximasmtp_accept_max = 100
MAILMAN_HOME=/usr/local/mailman
MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
MAILMAN_USER=mailnull
MAILMAN_GROUP=mail
MY_IP = 192.168.50.1
VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'
domainlist local_domains = @ : mydomain.ru : mydomain.ru : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
domainlist relay_to_domains = ${lookup mysql{RELAY_DOMAINS}}
hostlist relay_from_hosts = localhost : 192.168.50.0/24 : MY_IP
trusted_users = www
hide mysql_servers = localhost::(/tmp/mysql.sock)/vexim/vexim/psnW31
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_content
acl_smtp_helo = acl_check_helo
av_scanner = clamd:/var/run/clamav/clamd.sock
spamd_address = 127.0.0.1 783
exim_user = mailnull
exim_group = mail
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
log_selector = +all
begin acl
.include /usr/local/etc/exim/vexim-acl-check-spf.conf
acl_check_helo:
.include /usr/local/etc/exim/vexim-acl-check-helo.conf
acl_check_rcpt:
.include /usr/local/etc/exim/vexim-acl-check-rcpt.conf
deny local_parts = ^.*[@%!/|] : ^\\.
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept domains = +local_domains
endpass
verify = recipient
accept domains = +relay_to_domains
endpass
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
acl_check_content:
.include /usr/local/etc/exim/vexim-acl-check-content.conf
acceptbegin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
no_more
mailman_router:
driver = accept
require_files = MAILMAN_HOME/lists/$local_part/config.pck
local_part_suffix_optional
local_part_suffix = -bounces : -bounces+* : \
-confirm+* : -join : -leave : \
-owner : -request : -admin
headers_remove = X-Spam-Score:X-Spam-Report
transport = mailman_transport
ditch_maxmsgsize:
driver = redirect
allow_fail
condition = ${if >{$message_size}{${lookup mysql{select users.maxmsgsize from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.maxmsgsize > 0 \
and users.domain_id=domains.domain_id }{${value}K}fail}} {yes}{no}}
data = :fail:\n\Your message is too big.\n \
Your message was rejected because the user $local_part@$domain\n \
does not accept messages larger than \
${lookup mysql{select users.maxmsgsize from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.maxmsgsize > 0 \
and users.domain_id=domains.domain_id}{${value}K}fail} Kb.
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_malware:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if and { {match {$h_X-ACL-Warn:}{.*malware.*}} \
{eq {${lookup mysql{select users.on_avscan from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.on_avscan = '1' \
and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
ditch_hdrmailer:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains \
where blocklists.blockhdr = 'x-mailer' \
and blocklists.blockval = '${quote_mysql:$h_x-mailer:}' \
and users.localpart = '${quote_mysql:$local_part}' \
and domains.domain = '${quote_mysql:$domain}' \
and domains.domain_id=blocklists.domain_id \
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_hdrto:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains \
where blocklists.blockhdr = 'to' \
and blocklists.blockval = '${quote_mysql:$h_to:}' \
and users.localpart = '${quote_mysql:$local_part}' \
and domains.domain = '${quote_mysql:$domain}' \
and domains.domain_id=blocklists.domain_id \
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_hdrfrom:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains \
where blocklists.blockhdr = 'from' \
and blocklists.blockval = '${quote_mysql:$h_from:}' \
and users.localpart = '${quote_mysql:$local_part}' \
and domains.domain = '${quote_mysql:$domain}' \
and domains.domain_id=blocklists.domain_id \
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_hdrsubject:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains \
where blocklists.blockhdr = 'subject' \
and blocklists.blockval = '${quote_mysql:$h_subject:}' \
and users.localpart = '${quote_mysql:$local_part}' \
and domains.domain = '${quote_mysql:$domain}' \
and domains.domain_id=blocklists.domain_id \
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
virtual_vacation:
driver = accept
condition = ${if and { {!match {$h_precedence:}{(?i)junk|bulk|list}} \
{eq {${lookup mysql{select users.on_vacation from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.on_vacation = '1' \
and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
no_verify
no_expn
unseen
transport = virtual_vacation_delivery
virtual_forward:
driver = redirect
check_ancestor
unseen = ${if eq {${lookup mysql{select unseen from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.on_forward = '1' \
and users.domain_id=domains.domain_id}}}{1} {yes}{no}}
data = ${lookup mysql{select forward from users,domains \
where localpart='${quote_mysql:$local_part}' \
and domain='${quote_mysql:$domain}' \
and users.domain_id=domains.domain_id \
and on_forward = '1'}}
condition = ${if and { {!match {$h_precedence:}{(?i)junk}} \
{eq {${lookup mysql{select users.on_forward from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.on_forward = '1' \
and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }virtual_domains:
driver = redirect
allow_fail
data = ${lookup mysql{select smtp from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and domains.enabled = '1' \
and users.enabled = '1' \
and users.domain_id = domains.domain_id}}
headers_add = ${if >{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.on_spamassassin = '1' \
and users.domain_id=domains.domain_id }{$value}fail}} {X-Spam-Flag: YES\n}{} }
headers_remove = ${if or { { <{$spam_score_int}{1} } \
{ <{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.on_spamassassin = 1 \
and users.domain_id=domains.domain_id}{$value}fail}} } \
{ eq {0}{${lookup mysql{select users.sa_tag * 10 from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.on_spamassassin = 0 \
and users.domain_id=domains.domain_id}{$value}fail}}} \
} {X-Spam-Score:X-Spam-Report} }
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
file_transport = virtual_delivery
reply_transport = address_reply
pipe_transport = address_pipe.include /usr/local/etc/exim/vexim-group-router.conf
virtual_domains_catchall:
driver = redirect
allow_fail
data = ${lookup mysql{select smtp from users,domains where localpart = '*' \
and domain = '${quote_mysql:$domain}' \
and users.domain_id = domains.domain_id}}
retry_use_local_part
file_transport = virtual_delivery
reply_transport = address_reply
pipe_transport = address_pipe_catchall
virtual_domain_alias:
driver = redirect
allow_fail
data = ${lookup mysql{select concat('${quote_mysql:$local_part}@', domain) \
from domains,domainalias where domainalias.alias = '${quote_mysql:$domain}' \
and domainalias.domain_id = domains.domain_id}}
retry_use_local_partsystem_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
user = mailnull
group = mail
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
check_local_user
file = $home/.forward
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe_local
reply_transport = address_reply
condition = ${if exists{$home/.forward} {yes} {no} }
group = mail
localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
begin transports
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
user = $local_part
mode = 0660
no_mode_fail_narrower
virtual_delivery:
driver = appendfile
envelope_to_add
return_path_add
mode = 0600
maildir_format = true
create_directory = true
directory = ${lookup mysql{select smtp from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.domain_id = domains.domain_id}}
user = ${lookup mysql{select users.uid from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.domain_id = domains.domain_id}}
group = ${lookup mysql{select users.gid from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.domain_id = domains.domain_id}}
quota = ${lookup mysql{select users.quota from users,domains \
where localpart = '${quote_mysql:$local_part}' \
and domain = '${quote_mysql:$domain}' \
and users.domain_id = domains.domain_id}{${value}M}}
quota_is_inclusive = false
quota_warn_threshold = 75%
maildir_use_size_file = false
quota_warn_message = "To: $local_part@$domain\n\
Subject: Mailbox quota warning\n\n\
This message was automatically generated by the mail delivery software.\n\n\
You are now using over 75% of your allocated mail storage quota.\n\n\
If your mailbox fills completely, further incoming messages will be automatically\n\
returned to their senders.\n\n\
Please take note of this and remove unwanted mail from your mailbox.\n"
virtual_vacation_delivery:
driver = autoreply
from = "${local_part}@${domain}"
to = ${sender_address}
subject = "Autoreply from ${local_part}@${domain}"
text = ${lookup mysql{select vacation from users,domains \
where domain='${quote_mysql:$domain}' \
and localpart='${quote_mysql:$local_part}' \
and users.domain_id=domains.domain_id}}
mailman_transport:
driver = pipe
command = MAILMAN_WRAP \
'${if def:local_part_suffix \
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
{post}}' \
$local_part
current_directory = MAILMAN_HOME
home_directory = MAILMAN_HOME
user = MAILMAN_USER
group = MAILMAN_GROUP
address_pipe:
driver = pipe
return_output
user = ${lookup mysql{select users.uid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = d
group = ${lookup mysql{select users.gid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id =
address_pipe_catchall:
driver = pipe
return_output
user = ${lookup mysql{select users.uid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
user = ${lookup mysql{select users.uid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = d
group = ${lookup mysql{select users.gid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id =
address_pipe_catchall:
driver = pipe
return_output
user = ${lookup mysql{select users.uid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
group = ${lookup mysql{select users.gid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
address_pipe_local:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,14d,6h
begin rewrite
begin authenticators
plain_login:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT '1' FROM users \
WHERE username = '${quote_mysql:$2}' \
AND clear = '${quote_mysql:$3}'} {yes}{no}}
server_set_id = $2
fixed_login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${lookup mysql{SELECT '1' FROM users \
WHERE username = '${quote_mysql:$1}' \
AND clear = '${quote_mysql:$2}'} {yes}{no}}
server_set_id = $1
fixed_cram:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT clear FROM users \
WHERE username = '${quote_mysql:$1}'}{$value}fail}
server_set_id = $1почта нужно что бы работала и по лакалке и с миром
если все заработает отблагодарю финансово
> почта нужно что бы работала и по лакалке и с миром
> если все заработает отблагодарю финансовоА кто построил всю эту красоту? И как давно она работает?
> А кто построил всю эту красоту? И как давно она работает?
ну я так на всякий случай обычно просят конфии
работает уже почти год, а фряха с почтавиком досталась в наследство
> работает уже почти год, а фряха с почтавиком досталась в наследствоВот тут все подробно описано:
http://kondybas.livejournal.com/35294.html
> Вот тут все подробно описано:
> http://kondybas.livejournal.com/35294.htmlИ что это за фигня?
>[оверквотинг удален]
> server_secret = ${lookup mysql{SELECT clear FROM users \
>
>
>
> WHERE username = '${quote_mysql:$1}'}{$value}fail}
>
> server_set_id = $1
>
В свое время для себя нашел в интернете несколько хороших правил, и с тех пор использую их везде. Помогают на 80-90 %
http://mcleod095.blogspot.ru/2013/12/exim.html
Указать источники откуда брал уже не могу, находил лет 5 назад.
> В свое время для себя нашел в интернете несколько хороших правил, и
> с тех пор использую их везде. Помогают на 80-90 %
> http://mcleod095.blogspot.ru/2013/12/exim.html
> Указать источники откуда брал уже не могу, находил лет 5 назад.Пожалуйста можно по подробнее
я просто не совсем пойму куда вставить этот код, после какой строки
>> В свое время для себя нашел в интернете несколько хороших правил, и
>> с тех пор использую их везде. Помогают на 80-90 %
>> http://mcleod095.blogspot.ru/2013/12/exim.html
>> Указать источники откуда брал уже не могу, находил лет 5 назад.
> Пожалуйста можно по подробнее
> я просто не совсем пойму куда вставить этот код, после какой строкиЯ не стал читать конфиг, было некогда.
Сейчас посмотрел и возникли вопросы.Где файлы которые указаны в директиве .include ?
Без них трудно что сказать.
> Я не стал читать конфиг, было некогда.
> Сейчас посмотрел и возникли вопросы.
> Где файлы которые указаны в директиве .include ?
> Без них трудно что сказать.vexim-acl-check-content.conf
deny senders = :
hosts = ! +relay_from_hosts
!acl = spf_from_acl
message = Your sender is not permitted (read spf.pobox.com)# First unpack MIME containers and reject serious errors.
deny message = This message contains a MIME error ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}# Reject typically wormish file extensions. There is almost no
# sense in sending such files by email.
deny message = This message contains an unwanted file extension ($found_extension)
demime = scr:vbs:bat:lnk:pif:bz2deny message = Possible CMD file attack ($found_extension)
demime = cmddeny message = Possible COM file attack ($found_extension)
demime = comdeny message = Possible Microsoft JScript attack ($found_extension)
demime = jsdeny message = Possible Windows registry attack ($found_extension)
demime = regdeny message = Possible compiled Help file-base virus ($found_extension)
demime = chmdeny message = Possible SpeedDial attack ($found_extension)
demime = cnfdeny message = Possible Micrsoft HTML archive attack ($found_extension)
demime = htadeny message = Possible Microsoft Internet Settings attack ($found_extension)
demime = insdeny message = Possible Windows Explorer Command attack ($found_extension)
demime = scfdeny message = Possible Microsoft Windows Script attack ($found_extension)
demime = sctdeny message = Possible Microsoft VBScript attack ($found_extension)
demime = vbs:vbedeny message = Possible Microsoft Script Host attack ($found_extension)
demime = wsc:wsf:wshdeny message = Possible Exchange Shortcut attack ($found_extension)
demime = xnkdeny message = Possible Microsoft Access Shortcut attack ($found_extension)
demime = mad:maf:mag:mam:maq:mar:mas:mat:mav:maw# Reject virus infested messages.
warn message = This message contains malware ($malware_name)
malware = *
log_message = This message contains malware ($malware_name)# Reject messages containing "viagra" in all kinds of whitespace/case combinations
# WARNING: this is an example !
# deny message = This message matches a blacklisted regular expression ($regex_match_string)
# regex = [Vv] *[Ii] *[Aa] *[Gg] *[Rr] *[Aa]# Always add X-Spam-Score and X-Spam-Report headers, using SA system-wide settings
# (user "nobody"), no matter if over threshold or not.
warn message = X-Spam-Score: $spam_score ($spam_bar)
spam = maildeliver:true
warn message = X-Spam-Report: $spam_report
spam = maildeliver:true
accept hosts = 127.0.0.1:+relay_from_hosts
accept authenticated = *
vexim-acl-check-helo.conf# Lets drop all messages where the HELO argument is our IP address
..
accept hosts = :
accept hosts = +relay_from_hosts
drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} }
message = "Dropped spammer pretending to be us"
drop condition = ${if match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} }
message = "Dropped IP-only or IP-starting helo"
acceptvexim-acl-check-rcpt.conf
deny hosts = ! +relay_from_hosts
condition = ${if eq {${lookup mysql{select count(*) from domains \
where domain = '${quote_mysql:$domain}' \
and spamassassin='1'}}}{1} {yes}{no}}
!acl = spf_rcpt_acl# deny message = DNSBL listed at $dnslist_domain\n$dnslist_text
# dnslists = zen.spamhaus.org:list.dsbl.orgvexim-acl-check-spf.conf
# SPF Auth test for Exim 4.xx
# Version 2.05 by david @ ols . es
#
# Features:
#
# Full SPF support via spfd socket
#
# Warning:
#
# Will use acl_m9, acl_m8, acl_m7 and acl_m6
#
# Requires
#
# Mail::SPF::Query ver 1.9.1
#
# Usage instructions:
#
# 1. copy this file to your /usr/local/exim
#
# 2. add this line to your exim configuration file after your
# begin acl:
#
# .include /usr/local/exim/spf.acl
#
# 3. Grab a copy of Mail::SPF::Query from
# http://spf.pobox.com/downloads.html and install it
#
# 4. Run spfd -path=/tmp/spfd as the same user as Exim runs
#
# 5. Now you can use the test on your RCPT/MAIL ACL this way:
#
# deny !acl = spf_rcpt_acl
#
# And on your DATA ACL:
#
# deny senders = :
# !acl = spf_from_acl
#
# now acl_m8 will hold 'pass','fail', 'unknown'
# so you can take other decisions based on the result
spf_rcpt_acl:# Check envelope sender
warn set acl_m8 = $sender_address
deny !acl = spf_check
warn message = Received-SPF: $acl_m7
acceptspf_from_acl:
# Check header From:
warn set acl_m8 = ${address:$h_from:}
deny !acl = spf_check
warn message = Received-SPF: $acl_m7
acceptspf_check:
warn set acl_m9 = ${readsocket{/tmp/spfd}\
{ip=$sender_host_address\n\
<------><------><------> helo=${if def:sender_helo_name\
<------><------><------> {$sender_helo_name}{NOHELO}}\
\nsender=$acl_m8\n\n}{20s}{\n}{socket failure}}.# Defer on socket error
#defer condition = ${if eq{$acl_m9}{socket failure}{yes}{no}}
# message = Cannot connect to spfd# Prepare answer and get results
warn set acl_m9 = ${sg{$acl_m9}{\N=(.*)\n\N}{=\"\$1\" }}
set acl_m8 = ${extract{result}{$acl_m9}{$value}{unknown}}
set acl_m7 = ${extract{header_comment}{$acl_m9}{$value}{}}# Check for fail
deny condition = ${if eq{$acl_m8}{fail}{yes}{no}}
warn set acl_m8 = $sender_address
deny !acl = spf_check
warn message = Received-SPF: $acl_m7
acceptspf_from_acl:
# Check header From:
warn set acl_m8 = ${address:$h_from:}
deny !acl = spf_check
warn message = Received-SPF: $acl_m7
acceptspf_check:
warn set acl_m9 = ${readsocket{/tmp/spfd}\
{ip=$sender_host_address\n\
<------><------><------> helo=${if def:sender_helo_name\
<------><------><------> {$sender_helo_name}{NOHELO}}\
\nsender=$acl_m8\n\n}{20s}{\n}{socket failure}}.# Defer on socket error
#defer condition = ${if eq{$acl_m9}{socket failure}{yes}{no}}
# message = Cannot connect to spfd# Prepare answer and get results
warn set acl_m9 = ${sg{$acl_m9}{\N=(.*)\n\N}{=\"\$1\" }}
set acl_m8 = ${extract{result}{$acl_m9}{$value}{unknown}}
set acl_m7 = ${extract{header_comment}{$acl_m9}{$value}{}}# Check for fail
deny condition = ${if eq{$acl_m8}{fail}{yes}{no}}
message = $acl_m7
log_message = Not authorized by SPFaccept
vexim-group-router.conf
# A group is a list of users
#
# if a group is flaged public
# then anyone on the internet can write to it
# else only members can write to it
#.
# If not public non member sender will receive a "550 Unknown user" message
virtual_dom_groups:
driver = redirect
allow_fail
senders = ${if eq{Y}{${lookup mysql{select g.is_public \
from groups g, domains d \
where d.enabled = '1' and d.domain = '${quote_mysql:$domain}' and \
d.domain_id = g.domain_id and g.enabled = '1' and \
g.name = '${quote_mysql:$local_part}'}}} \
{$sender_address} \
{${lookup mysql{select u.username \
from domains d, groups g, group_contents c, users u \
where d.enabled = '1' and d.domain = '${quote_mysql:$domain}' and \
d.domain_id = g.domain_id and g.name = '${quote_mysql:$local_part}' and \
g.enabled = '1' and \
g.is_public = 'N' and c.member_id = u.user_id and \
d.domain_id = u.domain_id and u.enabled = '1' \
<------><------><------><------> and u.username = '${quote_mysql:$sender_address}' }}}}
data = ${lookup mysql{ \
select u.username \
from domains d, groups g, group_contents c, users u \
where d.enabled = '1' and \
d.domain = '${quote_mysql:$domain}' and \
d.domain_id = g.domain_id and \
g.enabled = '1' and \
g.id = c.group_id and \
c.member_id = u.user_id and \
d.domain_id = u.domain_id and \
u.enabled = '1' and \
g.name = '${quote_mysql:$local_part}'} }
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
reply_transport = address_reply
pipe_transport = address_pipe
[/code/
>[оверквотинг удален]
> and \
>
> g.name
> = '${quote_mysql:$local_part}'} }
> local_part_suffix = -*
> local_part_suffix_optional
> retry_use_local_part
> reply_transport = address_reply
> pipe_transport = address_pipe
> [/code/vexim-acl-check-helo.conf
вот в этот файл добавить надо
как уж прописывать думайте сами, может у вас там еще куча подводных камней будет
ну и тогда уж приведу из своего конфига это раздел
acl_check_mail:# Hosts are required to say HELO (or EHLO) before sending mail.
# So don't allow them to use the MAIL command if they haven't
# done so.deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first.include /etc/exim/acl_check_mail.conf
# Use the lack of reverse DNS to trigger greylisting. Some people
# even reject for it but that would be a little excessive.
warn condition = ${if eq{$sender_host_name}{} {1}}
set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons
accept
все правила которые давал выше лежат в файле /etc/exim/acl_check_mail.conf
>[оверквотинг удален]
> # Use the lack of reverse DNS to trigger greylisting.
> Some people
> # even reject for it but that would be a
> little excessive.
> warn condition = ${if eq{$sender_host_name}{} {1}}
> set acl_m_greylistreasons = Host $sender_host_address
> lacks reverse DNS\n$acl_m_greylistreasons
> accept
>
> все правила которые давал выше лежат в файле /etc/exim/acl_check_mail.confЗабыл
у Вас это все находится в жтих строках
acl_check_helo:
.include /usr/local/etc/exim/vexim-acl-check-helo.conf
я думаю разберетесь что и как
>
> Забыл
> у Вас это все находится в жтих строках
> acl_check_helo:
> .include /usr/local/etc/exim/vexim-acl-check-helo.conf
> я думаю разберетесь что и какпоправьте пожалуйста если не правильно
сделал так
/usr/local/etc/exim/vexim-acl-check-helo.conf
# Lets drop all messages where the HELO argument is our IP address
..
accept hosts = :
accept hosts = +relay_from_hosts
drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} }
message = "Dropped spammer pretending to be us"
drop condition = ${if match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} }
message = "Dropped IP-only or IP-starting helo"
accept
vexim-acl-check-helo:
# Hosts are required to say HELO (or EHLO) before sending mail.
# So don't allow them to use the MAIL command if they haven't
# done so.deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first
.include /etc/exim/acl_check_mail.conf
.......
# Use the lack of reverse DNS to trigger greylisting. Some people
# even reject for it but that would be a little excessive.
.......
warn condition = ${if eq{$sender_host_name}{} {1}}
set acl_m_greylistreasons = Host $sender_host_address lacks reverse
DNS\n$acl_m_greylistreasons
............
accept
deny condition = ${if match{$sender_helo_name}{\N\d{1,3}[-.]\d{1,3}[-.]\d{1,3}\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "DNS name is very bad"..
logwrite = "DNSname($sender_helo_name) bad"
deny condition = ${if eq{$sender_helo_name}{$sender_host_address}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) eq Address($sender_host_address)"
deny condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) eq Inerface Address($interface_address)"
deny condition = ${if eq{$sender_helo_name}{\N\d{1,3}\.d{1,3}\.d{1,3}\.d{1,3}\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) is IP"
deny condition = ${if eq{$sender_helo_name}{\N\d{1,3}[-.]\d{1,3}[-.]\d{1,3}\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) is bad"
deny condition = ${if match{$sender_helo_name}{\N^\d+$\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local-network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) contains only number"
deny condition = ${if match{$sender_helo_name}{\N^\w+$\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) contains only literals"
deny condition = ${if match{$sender_helo_name}{\N^\s+$\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) contains only spaces"
deny condition = ${if match{$sender_helo_name}{сюда добавить свое имя хоста}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) is my HELO"и там где sender_helo_name нужно прописать свой домен например: mail.my_domain.ru
> !+relay_from_hosts : !+local_network..
>
> message =
> "HELO is bad"..
>
>
> logwrite =
> "HELO($sender_helo_name) is my HELO"
>
> и там где sender_helo_name нужно прописать свой домен например: mail.my_domain.ruотвечаю сам на свой вопрос не правильно, не работает
>[оверквотинг удален]
> !+relay_from_hosts : !+local_network..
>
> message =
> "HELO is bad"..
>
>
> logwrite =
> "HELO($sender_helo_name) is my HELO"
>
> и там где sender_helo_name нужно прописать свой домен например: mail.my_domain.ruУбираете
drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} }
message = "Dropped spammer pretending to be us"
drop condition = ${if match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} }
message = "Dropped IP-only or IP-starting helo"
из файла /usr/local/etc/exim/vexim-acl-check-helo.conf
и вместо этого вставляете
deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first
deny condition = ${if match{$sender_helo_name}{\N\d{1,3}[-.]\d{1,3}[-.]\d{1,3}\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "DNS name is very bad"..
logwrite = "DNSname($sender_helo_name) bad"
deny condition = ${if eq{$sender_helo_name}{$sender_host_address}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) eq Address($sender_host_address)"
deny condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) eq Inerface Address($interface_address)"
deny condition = ${if eq{$sender_helo_name}{\N\d{1,3}\.d{1,3}\.d{1,3}\.d{1,3}\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) is IP"
deny condition = ${if eq{$sender_helo_name}{\N\d{1,3}[-.]\d{1,3}[-.]\d{1,3}\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) is bad"
deny condition = ${if match{$sender_helo_name}{\N^\d+$\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local-network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) contains only number"
deny condition = ${if match{$sender_helo_name}{\N^\w+$\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) contains only literals"
deny condition = ${if match{$sender_helo_name}{\N^\s+$\N}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) contains only spaces"
deny condition = ${if match{$sender_helo_name}{сюда добавить свое имя хоста}{yes}{no}}..
hosts = !+relay_from_hosts : !+local_network..
message = "HELO is bad"..
logwrite = "HELO($sender_helo_name) is my HELO"В последнем правила прописываете свое доменное имя
> В последнем правила прописываете свое доменное имя
круто вроде получилось спам от самого себя пока не приходит
а вот с этим что делать это вообще нужно или нет
acl_check_mail:# Hosts are required to say HELO (or EHLO) before sending mail.
# So don't allow them to use the MAIL command if they haven't
# done so.deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first.include /etc/exim/acl_check_mail.conf
# Use the lack of reverse DNS to trigger greylisting. Some people
# even reject for it but that would be a little excessive.
warn condition = ${if eq{$sender_host_name}{} {1}}
set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons
accept
еще было бы прекрасно если бы какой нить пример по настройке spamassasina с поддержкой блек листов
>[оверквотинг удален]
> Some people
> # even reject for it but that would be a
> little excessive.
> warn condition = ${if eq{$sender_host_name}{} {1}}
> set acl_m_greylistreasons = Host $sender_host_address
> lacks reverse DNS\n$acl_m_greylistreasons
> accept
>
> еще было бы прекрасно если бы какой нить пример по настройке spamassasina
> с поддержкой блек листовЕсли все заработало как я сказал то эта часть конфига не нужна.
По моему опыту могу сказать что spamassassin почти не нужен с такими настройками
у меня 4 компании работают с таким екзимом и только в 3 из них настроен spamassassin
так он там почти не работает, и с ним даже больше проблем иногда возникает чем пользы.
А док по настройке в инете много.
> По моему опыту могу сказать что spamassassin почти не нужен с такими
> настройками
> у меня 4 компании работают с таким екзимом и только в 3
> из них настроен spamassassin
> так он там почти не работает, и с ним даже больше проблем
> иногда возникает чем пользы.
> А док по настройке в инете много.так не это только пока вроде от самого себя спам не приходит, а так спам идет с других адресов по типу таких адресов kalinin-evgenij@tasertyosk.ru
>> По моему опыту могу сказать что spamassassin почти не нужен с такими
>> настройками
>> у меня 4 компании работают с таким екзимом и только в 3
>> из них настроен spamassassin
>> так он там почти не работает, и с ним даже больше проблем
>> иногда возникает чем пользы.
>> А док по настройке в инете много.
> так не это только пока вроде от самого себя спам не приходит,
> а так спам идет с других адресов по типу таких адресов
> kalinin-evgenij@tasertyosk.ruможно добавить правило для dns blacklist
тодже много спама режет
deny message = "dnsbl: $sender_host_address is found in $dnslist_domain"
# logwrite = "dnsbl" $sender_host_address is found in $dnslist_domain: $dnslist_value"
hosts = !+relay_from_hosts : !+local_network : !+friendly_hosts
dnslists = cbl.abuseat.org : \
bl.spamcop.net : \
korea.services.net : \
zen.spamhaus.org
> "DNS name is very bad"..
> "HELO is bad"..Спасибо, посмеялся.