API tools faq
paste
Advertisement
Guest User

My Exim config

a guest
May 8th, 2013
215
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.57 KB | None | 0 0
raw download clone embed print report
  1. # File Managed by Puppet
  2. hide mysql_servers = 127.0.0.1/baruwa/baruwa/blahblahblah
  3. #primary_hostname =
  4. domainlist local_domains = @ : localhost : localhost.localdomain
  5. domainlist relay_sql_domains = mysql;select address from user_addresses where address_type=1 and enabled=1 and address='${quote_mysql:$domain}';
  6. hostlist relay_from_hosts = localhost : localhost.localdomain
  7. acl_smtp_rcpt = acl_check_rcpt
  8. acl_smtp_data = acl_check_data
  9. acl_smtp_mime = acl_check_mime
  10. acl_smtp_connect = acl_check_connect
  11. acl_smtp_helo = acl_check_helo
  12. #queue_only = true
  13. #queue_only_override = false
  14. smtp_banner = smtp.mydomain.com $tod_full
  15. disable_ipv6 = true
  16. smtp_accept_max_per_connection = 60
  17. smtp_accept_max = 0
  18. smtp_load_reserve = 15
  19. pipelining_advertise_hosts = 127.0.0.1
  20. smtp_accept_max_nonmail = 30
  21. smtp_max_unknown_commands = 1
  22. spool_directory = /var/spool/exim.in
  23. process_log_path = /var/spool/exim/exim-process.info
  24. #log_file_path=:syslog
  25. #syslog_duplication=false
  26. #syslog_timestamp=false
  27. #log_selector = -rejected_header
  28. received_header_text = Received: ${if def:sender_rcvhost {from $sender_rcvhost\n\t}{${if def:sender_ident {from ${quote_local_part:$sender_ident} }}${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}by $primary_hostname ${if def:received_protocol {with $received_protocol}} ${if def:tls_cipher {($tls_cipher)\n\t}}(Exim $version_number)\n\t${if def:sender_address {(envelope-from <$sender_address>)\n\t}}id $message_exim_id${if !eq {$received_protocol}{split} { ret-id none;}{}}${if def:received_for {\n\tfor $received_for}}
  29. av_scanner = clamd:/var/run/clamav/clamd.sock
  30. tls_advertise_hosts = *
  31. tls_certificate = /etc/pki/tls/certs/exim.pem
  32. tls_privatekey = /etc/pki/tls/private/exim.pem
  33. daemon_smtp_ports = 25
  34. never_users = root
  35. rfc1413_hosts = *
  36. rfc1413_query_timeout = 0s
  37. ignore_bounce_errors_after = 1d
  38. timeout_frozen_after = 3d
  39. auth_advertise_hosts =
  40. begin acl
  41. acl_check_rcpt:
  42. accept hosts = :
  43. drop message = Dictionary attack detected
  44. hosts = :
  45. condition = ${if >{$rcpt_fail_count}{3} {yes}{no}}
  46. delay = 2m
  47. drop message = Legitimate bounces are never sent to more than one recipient.
  48. senders = : postmaster@*
  49. condition = ${if >{$recipients_count}{1}{true}{false}}
  50. drop message = Message was delivered by ratware
  51. log_message = remote host used IP address in HELO/EHLO greeting
  52. condition = ${if isip {$sender_helo_name}{true}{false}}
  53. drop message = Restricted characters in address
  54. domains = +local_domains
  55. local_parts = ^[.] : ^.*[@%!/|]
  56. drop message = Restricted characters in address
  57. domains = !+local_domains
  58. local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  59. accept local_parts = postmaster
  60. domains = +local_domains
  61. accept hosts = +relay_from_hosts
  62. control = submission
  63. accept authenticated = *
  64. control = submission
  65. require message = relay not permitted
  66. domains = +local_domains : +relay_sql_domains
  67. require verify = recipient
  68. drop message = REJECTED because $sender_host_address is in a black list spamhaus.org
  69. dnslists = zen.spamhaus.org
  70. drop message = REJECTED because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
  71. dnslists = bl.spamcop.net
  72. # drop message = REJECTED because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
  73. # dnslists = b.barracudacentral.org
  74. drop message = REJECTED - We don't accept messages from hosts without reverse DNS
  75. log_message = No reverse DNS
  76. #domains = ! lsearch;/etc/exim/checks_exempt_hosts
  77. !sender_domains = /etc/exim/skiprdns
  78. !verify = reverse_host_lookup
  79. !verify = sender/callout=2m,defer_ok
  80. !condition = ${if eq{$sender_verify_failure}{}}
  81. drop message = REFUSED - no HELO/EHLO greeting
  82. log_message = remote host did not present greeting
  83. condition = ${if def:sender_helo_name {false}{true}}
  84. accept
  85. acl_check_data:
  86. drop malware = *
  87. message = This message contains a virus ($malware_name).
  88. accept
  89. acl_check_mime:
  90. drop message = Blacklisted file extension detected
  91. condition = ${if match \
  92. {${lc:$mime_filename}} \
  93. {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
  94. {1}{0}}
  95. accept
  96. acl_check_connect:
  97. drop ratelimit = 250 / 15m / strict
  98. message = You can only send $sender_rate per $sender_rate_period
  99. log_message = RATE: $sender_rate/$sender_rate_period (max $sender_rate_limit)
  100. accept
  101. acl_check_helo:
  102. accept
  103. begin routers
  104. system_aliases:
  105. driver = redirect
  106. allow_fail
  107. allow_defer
  108. domains = @
  109. data = ${lookup{$local_part}lsearch{/etc/aliases}}
  110. file_transport = address_file
  111. pipe_transport = address_pipe
  112. split:
  113. driver = accept
  114. domains = +relay_sql_domains
  115. condition = ${if and {{!eq {$received_protocol}{split}}{gt {$recipients_count}{1}}}{yes}{no}}
  116. transport = send_to_self
  117. no_verify
  118. defer_router:
  119. driver = redirect
  120. allow_defer
  121. data = :defer: queuing for scanning
  122. no_verify
  123. deliver_clean:
  124. driver = manualroute
  125. domains = +relay_sql_domains
  126. transport = remote_smtp
  127. route_data = ${lookup mysql {select group_concat(concat(mail_hosts.address,\
  128. '::',mail_hosts.port) SEPARATOR ':') a from mail_hosts, \
  129. user_addresses where useraddress_id=user_addresses.id and \
  130. user_addresses.address = '${quote_mysql:$domain}' and \
  131. mail_hosts.enabled = 1 and user_addresses.enabled = 1}}
  132. dnslookup:
  133. driver = dnslookup
  134. domains = ! +local_domains
  135. transport = remote_smtp
  136. ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  137. no_more
  138. localuser:
  139. driver = accept
  140. check_local_user
  141. transport = local_delivery
  142. cannot_route_message = Unknown user
  143. begin transports
  144. send_to_self:
  145. driver = pipe
  146. batch_max = 1
  147. use_bsmtp
  148. command = /usr/sbin/exim -oMr split -bS
  149. user = exim
  150. remote_smtp:
  151. driver = smtp
  152. local_delivery:
  153. driver = appendfile
  154. file = /var/mail/$local_part
  155. delivery_date_add
  156. envelope_to_add
  157. return_path_add
  158. group = mail
  159. mode = 0660
  160. address_pipe:
  161. driver = pipe
  162. return_output
  163. address_file:
  164. driver = appendfile
  165. delivery_date_add
  166. envelope_to_add
  167. return_path_add
  168. begin retry
  169. * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
  170. begin rewrite
  171. begin authenticators
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!