Guest User

Untitled

a guest
Jan 19th, 2019
308
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.11 KB | None | 0 0
  1. [root@gate /var/log/exim]# cat /usr/local/etc/exim/configure
  2. ######################################################################
  3. # MAIN CONFIGURATION SETTINGS #
  4. ######################################################################
  5.  
  6.  
  7. primary_hostname = cei.com.ua
  8.  
  9. domainlist local_domains = cei.com.ua
  10. domainlist relay_to_domains =
  11.  
  12. #hostlist relay_from_hosts = @
  13.  
  14. hostlist relay_from_hosts = localhost : 127.0.0.1 : 192.168.0.0/16 : 195.177.73.200
  15.  
  16. addresslist whiteuser = lsearch*@;/usr/local/etc/exim/whitelist
  17.  
  18. hostlist auth_relay_hosts = *
  19.  
  20. acl_smtp_rcpt = acl_check_rcpt
  21. acl_smtp_data = acl_check_data
  22.  
  23. av_scanner = clamd:/var/run/clamav/clamd.sock
  24.  
  25. spamd_address = 127.0.0.1 783
  26.  
  27.  
  28. daemon_smtp_ports = 25:465:587
  29.  
  30. exim_user = mailnull
  31. exim_group = mail
  32. never_users = root
  33. smtp_accept_max = 500
  34. smtp_accept_max_per_connection = 30
  35. smtp_accept_max_per_host = 40
  36. smtp_enforce_sync = true
  37.  
  38. message_size_limit = 100M
  39.  
  40.  
  41. #acl_smtp_helo = acl_check_helo
  42.  
  43. qualify_domain = cei.com.ua
  44. qualify_recipient = cei.com.ua
  45. sender_unqualified_hosts = +relay_from_hosts
  46. recipient_unqualified_hosts = +relay_from_hosts
  47. helo_accept_junk_hosts = 192.168.0.0/16
  48.  
  49.  
  50. host_lookup = *
  51.  
  52. rfc1413_hosts = *
  53. rfc1413_query_timeout = 5s
  54.  
  55. ignore_bounce_errors_after = 10m
  56.  
  57. timeout_frozen_after = 7d
  58.  
  59. log_selector = \
  60. +all_parents \
  61. +connection_reject \
  62. +incoming_interface \
  63. +lost_incoming_connection \
  64. +received_sender \
  65. +received_recipients \
  66. +smtp_confirmation \
  67. +smtp_syntax_error \
  68. +smtp_protocol_error \
  69. -queue_run
  70.  
  71. syslog_timestamp = no
  72.  
  73.  
  74.  
  75. ######################################################################
  76. # ACL CONFIGURATION #
  77. # Specifies access control lists for incoming SMTP mail #
  78. ######################################################################
  79.  
  80. begin acl
  81.  
  82.  
  83.  
  84. acl_check_rcpt:
  85.  
  86. accept hosts = : +relay_from_hosts
  87.  
  88. control = dkim_disable_verify
  89.  
  90.  
  91.  
  92. deny message = Restricted characters in address
  93. domains = +local_domains
  94. local_parts = ^[.] : ^.*[@%!/|]
  95.  
  96.  
  97.  
  98. deny message = Restricted characters in address
  99. domains = !+local_domains
  100. local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  101.  
  102.  
  103. #############################################################################
  104.  
  105. # Accept mail to postmaster in any local domain, regardless of the source,
  106. # and without verifying the sender.
  107.  
  108. accept local_parts = postmaster
  109. domains = +local_domains
  110.  
  111. # Deny unless the sender address can be verified.
  112.  
  113. require verify = sender
  114.  
  115.  
  116. # accept hosts = +relay_from_hosts
  117. #
  118. # control = submission
  119. # control = dkim_disable_verify
  120.  
  121. # Accept if the message arrived over an authenticated connection, from
  122. # any host. Again, these messages are usually from MUAs, so recipient
  123. # verification is omitted, and submission mode is set. And again, we do this
  124. # check before any black list tests.
  125.  
  126. accept authenticated = *
  127. control = submission
  128. control = dkim_disable_verify
  129.  
  130.  
  131. deny message = "HELO/EHLO require by SMTP RFC"
  132. condition = ${if eq{$sender_helo_name}{}{yes}{no}}
  133.  
  134. deny message = "Your IP in HELO - access denied!"
  135. hosts = * : !+relay_from_hosts : !81-196.lissyara.su
  136. condition = ${if eq{$sender_helo_name}\
  137. {$sender_host_address}{true}{false}}
  138.  
  139. deny condition = ${if eq{$sender_helo_name}\
  140. {$interface_address}{yes}{no}}
  141. hosts = !127.0.0.1 : !localhost : *
  142. message = "main IP in your HELO! Access denied!"
  143.  
  144. deny message = "your hostname is bad (adsl, poll, ppp & etc)."
  145. condition = ${if match{$sender_host_name}{adsl|dialup|pool|peer|dhcp}{yes}{no}}
  146.  
  147. deny message = "host in blacklist - $dnslist_text"
  148. hosts = !10.1.0.0/16 : !127.0.0.1 : !+relay_from_hosts : $sender_host_address
  149. domains = !+local_domains:!+relay_from_domains
  150. dnslists = bl.spamcop.net : dnsbl.sorbs.net : sbl.spamhaus.org : pbl.spamhaus.org : xbl.spamhaus.org : dnsbl.ahbl.org : db.wpbl.info : virbl.dnsbl.bit.nl : ix.dnsbl.manitu.net : dnsbl.njabl.org : cbl.abuseat.org
  151.  
  152. warn message = X-SA-Do-Not-Rej: Yes
  153. domains = +local_domains
  154. local_parts = postmaster:abuse
  155.  
  156. warn message = X-SA-Do-Not-Run: Yes
  157. domains = +local_domains
  158. senders = +whiteuser
  159.  
  160. require message = relay not permitted
  161. domains = +local_domains : +relay_to_domains
  162.  
  163. require verify = recipient
  164.  
  165. accept
  166.  
  167.  
  168.  
  169.  
  170. acl_check_data:
  171.  
  172.  
  173.  
  174. warn message = X-Quarantine-Me-Malware: $malware_name
  175. log_message = malware: $malware_name
  176. demime = *
  177. malware = */defer_ok
  178.  
  179. warn message = X-Quarantine-Me-Spam: SA score $spam_score\n\
  180. X-SA-Report: $spam_report
  181. log_message = Spam score $spam_score > 5
  182. spam = spamd/defer_ok
  183. condition = ${if >{$spam_score_int}{50}{1}{0}}
  184.  
  185.  
  186. # Accept the message.
  187.  
  188. accept
  189.  
  190.  
  191.  
  192. ######################################################################
  193. # ROUTERS CONFIGURATION #
  194. # Specifies how addresses are handled #
  195. ######################################################################
  196. # THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
  197. # An address is passed to each router in turn until it is accepted. #
  198. ######################################################################
  199.  
  200. begin routers
  201.  
  202. check_malware:
  203. driver = redirect
  204. condition = ${if def:h_X-Quarantine-Me-Malware: {1}{0}}
  205. headers_add = X-Quarantined-Malware: $h_X-Quarantine-Me-Malware:
  206. headers_remove = X-Quarantine-Me-Malware
  207. data = /var/quarantine/malware/malware.$tod_logfile
  208. file_transport = address_file
  209.  
  210. check_spam:
  211. driver = redirect
  212. condition = ${if def:h_X-Quarantine-Me-Spam: {1}{0}}
  213. headers_add = X-Quarantined-Spam: $h_X-Quarantine-Me-Spam:
  214. headers_remove = X-Quarantine-Me-Spam
  215. data = /var/quarantine/spam/spam.$tod_logfile
  216. file_transport = address_file
  217. no_more
  218.  
  219. dnslookup:
  220. driver = dnslookup
  221. domains = ! +local_domains
  222. transport = remote_smtp
  223. ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  224. no_more
  225.  
  226.  
  227.  
  228. system_aliases:
  229. driver = redirect
  230. allow_fail
  231. allow_defer
  232. data = ${lookup{$local_part}lsearch{/etc/aliases}}
  233. user = mailnull
  234. group = mail
  235. file_transport = address_file
  236. pipe_transport = address_pipe
  237.  
  238.  
  239.  
  240.  
  241. userforward:
  242. driver = redirect
  243. check_local_user
  244. # local_part_suffix = +* : -*
  245. # local_part_suffix_optional
  246. file = $home/.forward
  247. # allow_filter
  248. no_verify
  249. no_expn
  250. check_ancestor
  251. file_transport = address_file
  252. pipe_transport = address_pipe
  253. reply_transport = address_reply
  254. condition = ${if exists{$home/.forward} {yes} {no} }
  255.  
  256.  
  257.  
  258.  
  259. localuser:
  260. driver = accept
  261. check_local_user
  262. # local_part_suffix = +* : -*
  263. # local_part_suffix_optional
  264. transport = local_delivery
  265. cannot_route_message = Unknown user
  266.  
  267.  
  268.  
  269. ######################################################################
  270. # TRANSPORTS CONFIGURATION #
  271. ######################################################################
  272. # ORDER DOES NOT MATTER #
  273. # Only one appropriate transport is called for each delivery. #
  274. ######################################################################
  275.  
  276. # A transport is used only when referenced from a router that successfully
  277. # handles an address.
  278.  
  279. begin transports
  280.  
  281.  
  282. # This transport is used for delivering messages over SMTP connections.
  283.  
  284. remote_smtp:
  285. driver = smtp
  286. headers_remove = "X-SA-Do-Not-Run : X-SA-Do-Not-Rej"
  287.  
  288. local_delivery:
  289. driver = appendfile
  290. file = /var/mail/$local_part
  291. delivery_date_add
  292. envelope_to_add
  293. return_path_add
  294. group = mail
  295. user = $local_part
  296. mode = 0660
  297. no_mode_fail_narrower
  298.  
  299.  
  300.  
  301. address_pipe:
  302. driver = pipe
  303. return_output
  304.  
  305.  
  306. # This transport is used for handling deliveries directly to files that are
  307. # generated by aliasing or forwarding.
  308.  
  309. address_file:
  310. driver = appendfile
  311. delivery_date_add
  312. envelope_to_add
  313. return_path_add
  314.  
  315.  
  316. # This transport is used for handling autoreplies generated by the filtering
  317. # option of the userforward router.
  318.  
  319. address_reply:
  320. driver = autoreply
  321.  
  322.  
  323.  
  324. ######################################################################
  325. # RETRY CONFIGURATION #
  326. ######################################################################
  327.  
  328. begin retry
  329.  
  330.  
  331. # Address or Domain Error Retries
  332. # ----------------- ----- -------
  333.  
  334. * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
  335.  
  336.  
  337.  
  338. ######################################################################
  339. # REWRITE CONFIGURATION #
  340. ######################################################################
  341.  
  342. # There are no rewriting specifications in this default configuration file.
  343.  
  344. begin rewrite
  345.  
  346.  
  347.  
  348. ######################################################################
  349. # AUTHENTICATION CONFIGURATION #
  350. ######################################################################
  351.  
  352.  
  353. begin authenticators
  354.  
  355. plain:
  356. driver = plaintext
  357. public_name = PLAIN
  358. #server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
  359. server_condition = ${if saslauthd{{$1}{$2}{smtp}}{1}{0}}
  360. #server_set_id = $auth2
  361.  
  362. login:
  363. driver = plaintext
  364. public_name = LOGIN
  365. server_prompts = "Username:: : Password::"
  366. #server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
  367. server_condition = ${if saslauthd{{$1}{$2}{smtp}}{1}{0}}
  368. #server_set_id = $auth1
  369.  
  370.  
  371.  
  372.  
  373. # End of Exim configuration file
Add Comment
Please, Sign In to add comment