Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # SpamBlockerTechnology* powered exim.conf, Version 4.4.6
- # Dec 5, 2015
- # Exim configuration file for DirectAdmin
- # Requires exim.pl as distributed by DirectAdmin here:
- # http://files.directadmin.com/services/exim.pl version 21 or higher
- # ClamAV optional
- # SpamAssassin optional
- # Dovecot/IMAP Mandatory
- # *SpamBlockerTechnology is a Trademark of NoBaloney Internet Services:
- # http://www.nobaloney.net
- #
- # WARNING! Do NOT use this exim.conf Exim configuration file unless you
- # make the required modifications to your Exim configuration
- # following the instructions in the README file included in this
- # distribution:
- # README-SpamBlockerVersion4exim.conf.txt
- #
- # The original exim.conf file distributed with Exim 4, includes the
- # following copyright notice:
- #
- # Copyright (C) 2002 University of Cambridge, Cambridge, UK
- #
- # Portions of the file are taken from the exim.conf file as
- # distributed with DirectAdmin (http://www.directadmin.com/)
- #
- # Copyright (C) 2003-2011 JBMC Software, St Albert, AB, Canada
- #
- # Portions of this file are written by NoBaloney Internet Services
- # and are copyright as follows:
- #
- # Copyright (C) 2004-2011 NoBaloney Internet Services, Riverside, Calif., USA
- #
- # The entire Exim 4 distribution, including the exim.conf file, is
- # distributed under the GNU GENERAL PUBLIC LICENSE, Version 2,
- # June 1991. If you do not have a copy of the GNU GENERAL PUBLIC LICENSE
- # you may download it, in it's entirety, from the website at:
- #
- # http://www.nobaloney.net/exim/gnu-gpl-v2.txt
- #
- # Thanks to all the members of the DirectAdmin community and of the exim
- # community who have given their # much needed and appreciated help.
- #
- # The most recent version of this file may always downloaded from the website
- # at: http://www.nobaloney.net/downloads/spamblocker
- #
- # MODIFICATION INSTRUCTIONS
- #
- # YOU MUST MAKE THE CHANGES TO THIS
- # SpamBlockerTechnology* powered exim.conf, Version 4.0
- # file as documented in the README file.
- #
- # The README file for this version is named:
- # README-SpamBlockerVersion4exim.conf.txt
- # CONFIGURATION STARTS HERE
- #EDIT#1:
- # primary_hostname =
- smtp_active_hostname = ${if exists{/etc/virtual/helo_data}{${lookup{$interface_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}}
- #EDIT#2-CLAMAV:
- # av_scanner = clamd:/var/run/clamav/clamd
- #.include_if_exists /etc/exim.clamav.load.conf
- #Block Cracking variables
- .include_if_exists /etc/exim.blockcracking/variables.conf
- #Easy Spam Figher variables
- .include_if_exists /etc/exim.easy_spam_fighter/variables.conf
- #SRS
- .include_if_exists /etc/exim.srs.conf
- #EDIT#3:
- # qualify_domain =
- #EDIT#4:
- perl_startup = do '/etc/exim.pl'
- #EDIT#5:
- system_filter = /etc/system_filter.exim
- #EDIT#6:
- untrusted_set_sender = *
- #EDIT#7:
- daemon_smtp_ports = 25 : 587 : 465 : 10025
- tls_on_connect_ports = 465
- #EDIT#8:
- local_from_check = false
- RBL_DNS_LIST=\
- cbl.abuseat.org : \
- bl.spamcop.net : \
- b.barracudacentral.org : \
- zen.spamhaus.org : \
- hostkarma.junkemailfilter.com=127.0.0.2
- .include /etc/exim.variables.conf
- .include /etc/exim.strings.conf
- .include_if_exists /etc/exim.strings.conf.custom
- #EDIT#10:
- helo_allow_chars = _
- #EDIT#11:
- log_selector = \
- +delivery_size \
- +sender_on_delivery \
- +received_recipients \
- +received_sender \
- +smtp_confirmation \
- +subject \
- +smtp_incomplete_transaction \
- -dnslist_defer \
- -host_lookup_failed \
- -queue_run \
- -rejected_header \
- -retry_defer \
- -skip_delivery \
- +arguments
- #EDIT#12:
- syslog_duplication = false
- #EDIT#13:
- acl_not_smtp = acl_script
- acl_smtp_auth = acl_check_auth
- acl_smtp_connect = acl_connect
- acl_smtp_helo = acl_check_helo
- #acl_smtp_mail = ${if ={$interface_port}{587} {accept}{acl_check_mail}}
- acl_smtp_mail = ${if ={$interface_port}{587} {accept} {${if ={$interface_port}{10025} {acl_smtp_mail_proxy}{acl_check_mail}}}}
- acl_smtp_rcpt = acl_check_recipient
- acl_smtp_dkim = ${if ={$interface_port}{587} {accept}{acl_check_dkim}}
- acl_smtp_data = acl_check_message
- acl_smtp_mime = acl_check_mime
- #EDIT#14:
- addresslist whitelist_senders = nwildlsearch;/etc/virtual/whitelist_senders
- addresslist blacklist_senders = nwildlsearch;/etc/virtual/blacklist_senders
- domainlist blacklist_domains = nwildlsearch;/etc/virtual/blacklist_domains
- domainlist whitelist_domains = nwildlsearch;/etc/virtual/whitelist_domains
- domainlist local_domains = lsearch;/etc/virtual/domains
- domainlist relay_domains = lsearch;/etc/virtual/domains
- domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains
- domainlist skip_rbl_domains = nwildlsearch;/etc/virtual/skip_rbl_domains
- hostlist skip_rbl_hosts = ${if exists{/etc/virtual/skip_rbl_hosts}{wildlsearch;/etc/virtual/skip_rbl_hosts}}
- hostlist skip_rbl_hosts_ip = ${if exists{/etc/virtual/skip_rbl_hosts_ip}{/etc/virtual/skip_rbl_hosts_ip}}
- hostlist auth_relay_hosts = *
- hostlist bad_sender_hosts = nwildlsearch;/etc/virtual/bad_sender_hosts
- hostlist bad_sender_hosts_ip = /etc/virtual/bad_sender_hosts_ip
- hostlist whitelist_hosts = nwildlsearch;/etc/virtual/whitelist_hosts
- hostlist whitelist_hosts_ip = /etc/virtual/whitelist_hosts_ip
- BLACKLIST_USERNAMES = /etc/virtual/blacklist_usernames
- BLACKLIST_SMTP_USERNAMES = /etc/virtual/blacklist_smtp_usernames
- BLACKLIST_SCRIPT_USERNAMES = /etc/virtual/blacklist_script_usernames
- #EDIT#15:
- #domainlist skip_av_domains = nwildlsearch;/etc/virtual/skip_av_domains
- #EDIT#16:
- hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts
- #EDIT#17:
- never_users = root
- #EDIT#18:
- host_lookup = *
- #EDIT#19:
- rfc1413_hosts = *
- rfc1413_query_timeout = 0s
- #EDIT#20:
- #exim.variables.conf
- #EDIT#21:
- #exim.variables.conf
- #EDIT#22:
- #exim.variables.conf
- #EDIT#23:
- tls_certificate = /etc/exim.cert
- tls_privatekey = /etc/exim.key
- openssl_options = +no_sslv2 +no_sslv3
- tls_require_ciphers = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
- tls_advertise_hosts = *
- #auth_over_tls_hosts = *
- .include_if_exists /etc/exim.variables.conf.post
- ##################################################################################
- # Access Control Lists
- ##################################################################################
- begin acl
- ######################################
- # ACL CONNECT
- ######################################
- #EDIT#24:
- acl_connect:
- warn set acl_m_spam_assassin_has_run = 0
- warn set acl_m_is_whitelisted = 0
- .include_if_exists /etc/exim.easy_spam_fighter/connect.conf
- accept hosts = *
- ######################################
- # ACL CHECK MAIL
- ######################################
- acl_check_mail:
- accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
- #EDIT#31:
- accept sender_domains = +whitelist_domains
- logwrite = $sender_host_address whitelisted in local domains whitelist
- set acl_m_is_whitelisted = 1
- accept hosts = +whitelist_hosts
- logwrite = $sender_host_address whitelisted in local hosts whitelist
- set acl_m_is_whitelisted = 1
- accept hosts = +whitelist_hosts_ip
- logwrite = $sender_host_address whitelisted in local hosts IP whitelist
- set acl_m_is_whitelisted = 1
- # accept if envelope sender is in whitelist
- accept senders = +whitelist_senders
- logwrite = $sender_host_address whitelisted in local sender whitelist
- set acl_m_is_whitelisted = 1
- .include_if_exists /etc/exim.easy_spam_fighter/check_mail.conf
- accept
- ######################################
- # ACL CHECK AUTH
- ######################################
- #EDIT#24.5#
- acl_check_auth:
- drop set acl_m_authcount = ${eval10:0$acl_m_authcount+1}
- condition = ${if >{$acl_m_authcount}{2}}
- delay = 10s
- message = ONLY_ONE_AUTH_PER_CONN
- accept
- ######################################
- # ACL CHECK HELO
- ######################################
- #EDIT#25:
- acl_check_helo:
- # accept mail originating on this server unconditionally
- accept hosts = @[] : @
- # deny if the HELO pretends to be this host
- deny message = HELO_HOST_IMPERSANATION
- condition = ${if or { \
- {eq{$sender_helo_name}{$smtp_active_hostname}} \
- {eq{$sender_helo_name}{[$interface_address]}} \
- } {true}{false} }
- # deny if the HELO is an IP address
- deny message = HELO_IS_IP
- condition = ${if eq{$interface_port}{25}}
- condition = ${if isip{$sender_helo_name}}
- # deny if hostname if ylmf-pc, which accounts for a HUGE percentage of BF attacks
- deny message = HELO_BLOCKED_FOR_ABUSE
- condition = ${if eq{$sender_helo_name}{ylmf-pc}}
- # deny if the HELO pretends to be one of the domains hosted on the server
- #deny message = HELO_IS_LOCAL_DOMAIN
- # condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}}
- # hosts = ! +relay_hosts
- accept
- ######################################
- # ACL SCRIPT
- ######################################
- acl_script:
- discard set acl_m_uid = ${perl{find_uid}}
- set acl_m_username = ${perl{get_username}{$acl_m_uid}}
- condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}}
- condition = ${if >{${perl{hit_limit_user}{$acl_m_username}}}{1}}
- message = USER_TOO_MANY
- discard condition = ${if !eq{$originator_uid}{$exim_uid}}
- condition = ${if exists{BLACKLIST_USERNAMES}}
- condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}}
- message = USER_ON_BLACKLIST_SCRIPT BLACKLIST_USERNAMES
- discard condition = ${if !eq{$originator_uid}{$exim_uid}}
- condition = ${if exists{BLACKLIST_SCRIPT_USERNAMES}}
- condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_SCRIPT_USERNAMES}{1}{0}}
- message = USER_ON_BLACKLIST_SCRIPT BLACKLIST_SCRIPT_USERNAMES
- .include_if_exists /etc/exim.blockcracking/script.conf
- accept
- .include_if_exists /etc/exim.blockcracking/script.recipients.conf
- ######################################
- # ACL CHECK RECIPIENT
- ######################################
- #EDIT#26:
- acl_check_recipient:
- # block certain well-known exploits, Deny for local domains if
- # local parts begin with a dot or contain @ % ! / |
- deny domains = +local_domains
- local_parts = ^[.] : ^.*[@%!/|]
- # If you've hit the limit, you can't send anymore. Requires exim.pl 17+
- drop message = AUTH_TOO_MANY
- condition = ${perl{auth_hit_limit_acl}}
- authenticated = *
- drop message = MULTIPLE_BOUNCE_RECIPIENTS
- senders = : postmaster@*
- condition = ${if >{$recipients_count}{0}{true}{false}}
- drop message = TOO_MANY_FAILED_RECIPIENTS
- log_message = REJECTED - Too many failed recipients - count = $rcpt_fail_count
- condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
- !verify = recipient/callout=2m,defer_ok,use_sender
- drop message = DOMAIN_SUSPENDED
- domains = +local_domains
- condition = ${if exists{/etc/virtual/${domain}_off}{yes}{no}}
- drop authenticated = *
- condition = ${if exists{BLACKLIST_USERNAMES}}
- set acl_m_uid = ${perl{find_uid_auth_id}{$authenticated_id}}
- set acl_m_username = ${perl{get_username}{$acl_m_uid}}
- condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}}
- condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}}
- message = USER_ON_BLACKLIST_SMTP
- logwrite = User account $acl_m_username is blocked via BLACKLIST_USERNAMES
- drop authenticated = *
- condition = ${if exists{BLACKLIST_SMTP_USERNAMES}}
- set acl_m_uid = ${perl{find_uid_auth_id}{$authenticated_id}}
- set acl_m_username = ${perl{get_username}{$acl_m_uid}}
- condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}}
- condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_SMTP_USERNAMES}{1}{0}}
- message = USER_ON_BLACKLIST_SMTP
- logwrite = User account $acl_m_username is blocked via BLACKLIST_SMTP_USERNAMES
- accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
- #Block Cracking - https://github.com/Exim/exim/wiki/BlockCracking
- .include_if_exists /etc/exim.blockcracking/auth.conf
- # restrict port 587 to authenticated users only
- # see also daemon_smtp_ports above
- accept hosts = +auth_relay_hosts
- condition = ${if eq {$interface_port}{587} {yes}{no}}
- endpass
- message = RELAY_NOT_PERMITTED_AUTH
- authenticated = *
- # Deny all Mailer-Daemon messages not for us:
- deny message = We didn't send the message
- senders = :
- domains = !+relay_domains
- # Deny if the recipient doesn't exist:
- deny message = NO_SUCH_RECIPIENT
- domains = +local_domains
- !verify = recipient
- # Remaining Mailer-Daemon messages must be for us
- accept senders = :
- domains = +relay_domains
- #EDIT#27:
- # 1st deny checks if it's a hostname or IPV4 address with dots or IPV6 address
- #deny message = R1: HELO_SHOULD_BE_FQDN
- # !authenticated = *
- # condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
- # condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
- ## 2nd deny makes sure the hostname doesn't end with a dot (invalid)
- # deny message = R2: HELO_SHOULD_BE_FQDN
- # !authenticated = *
- # condition = ${if match{$sender_helo_name}{\N\.$\N}}
- # 3rd deny makes sure the hostname has no double-dots (invalid)
- deny message = R3: HELO_SHOULD_BE_FQDN
- !authenticated = *
- condition = ${if match{$sender_helo_name}{\N\.\.\N}}
- ## 4th deny make sure the hostname doesn't end in .home (invalid domain)
- # deny message = R4: HELO_SHOULD_BE_FQDN
- # !authenticated = *
- # condition = ${if match{$sender_helo_name}{\N\.home$\N}}
- #EDIT#28:
- # warn domains = +skip_av_domains
- # set acl_m0 = $tod_epoch
- #EDIT#29:
- deny domains = !+local_domains
- local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
- #EDIT#30:
- accept hosts = :
- logwrite = Whitelisted as having local origination
- #EDIT#32:
- deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_SENDER
- domains = +use_rbl_domains
- domains = !+skip_rbl_domains
- hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
- senders = +blacklist_senders
- #EDIT#33:
- deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_HOST
- # only for domains that do want to be tested against RBLs
- domains = +use_rbl_domains
- domains = !+skip_rbl_domains
- hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
- hosts = +bad_sender_hosts
- #EDIT#34:
- deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_IP
- hosts = +bad_sender_hosts_ip
- #EDIT#35:
- accept domains = +local_domains
- sender_domains = !+blacklist_domains
- hosts = !+bad_sender_hosts
- hosts = !+bad_sender_hosts_ip
- dnslists = list.dnswl.org&0.0.0.2
- dnslists = list.dnswl.org!=127.0.0.255
- logwrite = $sender_host_address whitelisted in list.dnswl.org
- #EDIT#36:
- # accept domains = +local_domains
- # dnslists = hostkarma.junkemailfilter.com=127.0.0.1
- # logwrite = $sender_host_address whitelisted in hostkarma.junkemailfilter.com
- #EDIT#37:
- # accept local_parts = whitelist
- # domains = example.com
- #EDIT#38:
- require verify = sender
- #EDIT#39:
- deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_DOMAIN
- domains = +use_rbl_domains
- domains = !+skip_rbl_domains
- hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
- sender_domains = +blacklist_domains
- #EDIT#40:
- # deny message = 554 denied. 5.7.1 Forged Paypal Mail, not sent from PayPal.
- # senders = *@paypal.com
- # condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}}
- #EDIT#41:
- warn hosts = +skip_rbl_hosts
- logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts
- warn hosts = +skip_rbl_hosts_ip
- logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts_ip
- warn domains = +skip_rbl_domains
- logwrite = $sender_host_address RBL whitelisted $domain in skip_rbl_domains
- deny message = RBL_BLOCKED_BY_LIST
- hosts = !+relay_hosts
- domains = +use_rbl_domains
- domains = !+skip_rbl_domains
- hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
- !authenticated = *
- dnslists = RBL_DNS_LIST
- .include_if_exists /etc/exim.easy_spam_fighter/check_rcpt.conf
- #COMMENT#43:
- # ACCEPT EMAIL BEGINNING HERE
- # accept if address is in a local domain as long as recipient can be verified
- accept domains = +local_domains
- endpass
- message = UNKNOWN_USER
- verify = recipient
- #COMMENT#44
- # accept if address is in a domain for which we relay as long as recipient
- # can be verified
- accept domains = +relay_domains
- endpass
- verify = recipient
- #EDIT#45:
- accept hosts = +relay_hosts
- add_header = X-Relay-Host: $sender_host_address
- accept hosts = +auth_relay_hosts
- endpass
- message = AUTH_REQUIRED
- authenticated = *
- # FINAL DENY EMAIL BEFORE DATA BEGINS HERE
- # default at end of acl causes a "deny", but line below will give
- # an explicit error message:
- deny message = RELAY_NOT_PERMITTED
- ######################################
- # ACL CHECK DKIM
- ######################################
- acl_check_dkim:
- accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
- .include_if_exists /etc/exim.easy_spam_fighter/check_dkim.conf
- accept
- ######################################
- # ACL CHECK MESSAGE
- ######################################
- # ACL that is used after the DATA command (ClamAV)
- acl_check_message:
- accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
- .include_if_exists /etc/exim.easy_spam_fighter/check_message.conf
- #EDIT#46:
- #.include_if_exists /etc/exim.clamav.conf
- ## accept without checking if in skip_av_domains
- # accept condition =${if and {{def:acl_m0}{def:acl_m0}} {true}{false}}
- ## deny if email contains malformed MIME header
- # deny message = CLAM_MALFORMED_MIME
- # demime = *
- # condition = ${if >{$demime_errorlevel}{2}{1}{0}}
- ## deny if email containing virus or other harmful content
- # deny message = CLAM_HAS_VIRUS
- # demime = *
- # malware = *
- ## deny if email contains an attachment of type we don't accept.
- # deny message = CLAM_BAD_ATTACHMENT
- # demime = bat:com:pif:prf:scr:vbs:html
- ## Accept but put warning into headers if message over 1000k
- # warn message = CLAM_SKIPPED
- # condition = ${if >={$message_size}{1000k} {1}{0}}
- # warn message = CLAM_CLEAN
- ## The end of the acl_check_message acl (ClamAV)
- ## Do NOT comment out the line below or all messages will be denied.
- accept
- ######################################
- # ACL that is used for each MIME attachment in the email.
- acl_check_mime:
- .include_if_exists /etc/exim.check_mime.conf.custom
- .include_if_exists /etc/exim.easy_spam_fighter/check_mime.conf
- accept
- ##################################################################################
- # AUTHENTICATION CONFIGURATION
- ##################################################################################
- begin authenticators
- plain:
- driver = plaintext
- public_name = PLAIN
- server_prompts = :
- server_condition = "${perl{smtpauth}{0}}"
- server_set_id = $2
- login:
- driver = plaintext
- public_name = LOGIN
- server_prompts = "Username:: : Password::"
- server_condition = "${perl{smtpauth}{0}}"
- server_set_id = $1
- #EDIT#47:
- # REWRITE CONFIGURATION
- # There is no rewriting specification in this exim.conf file. If your
- # configuration requires one, it would go here
- ##################################################################################
- # ROUTERS CONFIGURATION
- ##################################################################################
- begin routers
- #EDIT#48:
- lookuphost:
- driver = dnslookup
- domains = ! +local_domains
- ignore_target_hosts = 127.0.0.0/8
- condition = "${perl{check_limits}}"
- transport = remote_smtp
- no_more
- # RELATED: http://help.directadmin.com/item.php?id=153
- # smart_route:
- # driver = manualroute
- # domains = ! +local_domains
- # ignore_target_hosts = 127.0.0.0/8
- # condition = "${perl{check_limits}}"
- # route_list = !+local_domains HOSTNAME-or-IP#
- # transport = remote_smtp
- #COMMENT#49:
- #DIRECTORS CONFIGURATION
- .include_if_exists /etc/exim.spamassassin.conf
- #EDIT#50:
- # Spam Assassin
- #spamcheck_director removed. Use the exim.spamassassin.conf
- majordomo_aliases:
- driver = redirect
- allow_defer
- allow_fail
- data = ${if exists{/etc/virtual/${domain}/majordomo/list.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/list.aliases}}}}
- domains = lsearch;/etc/virtual/domainowners
- file_transport = address_file
- group = daemon
- pipe_transport = majordomo_pipe
- retry_use_local_part
- no_rewrite
- user = majordomo
- majordomo_private:
- driver = redirect
- allow_defer
- allow_fail
- #condition = "${if eq {$received_protocol} {local} {true} {false} }"
- condition = "${if or { {eq {$received_protocol} {local}} \
- {eq {$received_protocol} {spam-scanned}} } {true} {false} }"
- data = ${if exists{/etc/virtual/${domain}/majordomo/private.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/private.aliases}}}}
- domains = lsearch;/etc/virtual/domainowners
- file_transport = address_file
- group = daemon
- pipe_transport = majordomo_pipe
- retry_use_local_part
- user = majordomo
- domain_filter:
- driver = redirect
- allow_filter
- no_check_local_user
- condition = "${if exists{/etc/virtual/${domain}/filter}{yes}{no}}"
- user = "${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}"
- group = "mail"
- file = /etc/virtual/${domain}/filter
- directory_transport = address_file
- pipe_transport = virtual_address_pipe
- retry_use_local_part
- no_verify
- uservacation:
- # uservacation reply to all except errors, bounces, lists
- driver = accept
- condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/vacation.conf}{yes}{no}}
- condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}}
- require_files = /etc/virtual/${domain}/reply/${local_part}.msg
- # do not reply to errors and bounces or lists
- senders = " ! ^.*-request@.*:\
- ! ^owner-.*@.*:\
- ! ^postmaster@.*:\
- ! ^listmaster@.*:\
- ! ^mailer-daemon@.*\
- ! ^root@.*"
- transport = uservacation
- unseen
- userautoreply:
- driver = accept
- condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/autoresponder.conf}{yes}{no}}
- condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}}
- require_files = /etc/virtual/${domain}/reply/${local_part}.msg
- # do not reply to errors and bounces or lists
- senders = " ! ^.*-request@.*:\
- ! ^owner-.*@.*:\
- ! ^postmaster@.*:\
- ! ^listmaster@.*:\
- ! ^mailer-daemon@.*\
- ! ^root@.*"
- transport = userautoreply
- unseen
- virtual_aliases_nostar:
- driver = redirect
- .include_if_exists /etc/exim.srs.forward.conf
- allow_defer
- allow_fail
- data = ${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}
- file_transport = address_file
- group = mail
- pipe_transport = virtual_address_pipe
- retry_use_local_part
- unseen
- #include_domain = true
- virtual_user:
- driver = accept
- condition = ${perl{save_virtual_user}}
- domains = lsearch;/etc/virtual/domainowners
- group = mail
- retry_use_local_part
- transport = dovecot_lmtp_udp
- # accept only if local_part is not in the aliases file
- # (this implements catch-all)
- virtual_aliases:
- driver = redirect
- .include_if_exists /etc/exim.srs.forward.conf
- allow_defer
- allow_fail
- condition = ${if eq {}{${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}}{yes}{no}}
- data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch*{/etc/virtual/$domain/aliases}}}}
- file_transport = address_file
- group = mail
- pipe_transport = virtual_address_pipe
- retry_use_local_part
- #include_domain = true
- #COMMENT#51:
- drop_solo_alias:
- driver = redirect
- allow_defer
- allow_fail
- data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch{/etc/virtual/$domain/aliases}}}}
- file_transport = devnull
- group = mail
- pipe_transport = devnull
- retry_use_local_part
- #include_domain = true
- srs_router:
- driver = redirect
- srs = reverseandforward
- data = ${srs_recipient}
- #COMMENT#52:
- userforward:
- driver = redirect
- allow_filter
- check_ancestor
- check_local_user
- no_expn
- file = $home/.forward
- file_transport = address_file
- pipe_transport = address_pipe
- reply_transport = address_reply
- no_verify
- system_aliases:
- driver = redirect
- allow_defer
- allow_fail
- data = ${lookup{$local_part}lsearch{/etc/aliases}}
- file_transport = address_file
- pipe_transport = address_pipe
- retry_use_local_part
- # user = exim
- localuser:
- driver = accept
- check_local_user
- condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}"
- transport = local_delivery
- #COMMENT#53:
- ##################################################################################
- # TRANSPORTS CONFIGURATION
- ##################################################################################
- begin transports
- #COMMENT#54:
- spamcheck:
- driver = pipe
- batch_max = 100
- command = /usr/sbin/exim -oMr spam-scanned -bS
- current_directory = "/tmp"
- group = mail
- home_directory = "/tmp"
- log_output
- message_prefix =
- message_suffix =
- return_fail_output
- no_return_path_add
- transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}
- use_bsmtp
- user = mail
- #COMMENT#55:
- majordomo_pipe:
- driver = pipe
- group = daemon
- return_fail_output
- user = majordomo
- #COMMENT#56:
- local_delivery:
- driver = appendfile
- delivery_date_add
- envelope_to_add
- directory = /home/$local_part/Maildir/
- directory_mode = 770
- create_directory = true
- maildir_format
- group = mail
- mode = 0660
- return_path_add
- user = ${local_part}
- #COMMENT#57:
- virtual_localdelivery:
- driver = appendfile
- create_directory
- delivery_date_add
- directory_mode = 770
- envelope_to_add
- directory = /home/${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}/imap/${domain}/${local_part}/Maildir
- maildir_format
- group = mail
- mode = 660
- return_path_add
- user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}"
- quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}}
- #EDIT#58:
- uservacation:
- driver = autoreply
- file = /etc/virtual/${domain}/reply/${local_part}.msg
- from = "${local_part}@${domain}"
- log = /etc/virtual/${domain}/reply/${local_part}.log
- no_return_message
- headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}}
- subject = ${if def:h_Subject: {\
- ${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\
- {${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\
- {Autoreply}\
- }: ${quote:${escape:${length_60:$h_Subject:}}}}\
- {I am on vacation}}
- to = "${sender_address}"
- user = mail
- once = /etc/virtual/${domain}/reply/${local_part}.once
- once_file_size = 100K
- once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}}
- #COMMENT#59:
- userautoreply:
- driver = autoreply
- bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}}
- file = /etc/virtual/${domain}/reply/${local_part}.msg
- from = "${local_part}@${domain}"
- log = /etc/virtual/${domain}/reply/${local_part}.log
- no_return_message
- headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}}
- subject = ${if def:h_Subject: {\
- ${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\
- {${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\
- {Autoreply}\
- }: ${quote:${escape:${length_60:$h_Subject:}}}}\
- {Autoreply Message}}
- to = "${sender_address}"
- user = mail
- once = /etc/virtual/${domain}/reply/${local_part}.once
- once_file_size = 100K
- once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}}
- #COMMENT#60:
- devnull:
- driver = appendfile
- file = /dev/null
- #COMMENT#61:
- remote_smtp:
- driver = smtp
- headers_add = "${if def:authenticated_id{X-Authenticated-Id: ${authenticated_id}}}"
- #interface = <; ${if exists{/etc/virtual/domainips}{${lookup{$sender_address_domain}lsearch*{/etc/virtual/domainips}}}}
- #interface = 5.200.7.27
- helo_data = ${if exists{/etc/virtual/helo_data}{${lookup{$sending_ip_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}}
- .include_if_exists /etc/exim.dkim.conf
- #EDIT#62:
- address_pipe:
- driver = pipe
- return_output
- virtual_address_pipe:
- driver = pipe
- group = nobody
- return_output
- user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"
- .include_if_exists /etc/exim.cagefs.pipe.conf
- #COMMENT#63:
- address_file:
- driver = appendfile
- delivery_date_add
- envelope_to_add
- return_path_add
- #COMMENT#64:
- address_reply:
- driver = autoreply
- dovecot_lmtp_udp:
- driver = lmtp
- socket = /var/run/dovecot/lmtp
- #maximum number of deliveries per batch, default 1
- batch_max = 200
- delivery_date_add
- envelope_to_add
- return_path_add
- user = mail
- ##################################################################################
- # RETRY CONFIGURATION
- ##################################################################################
- #EDIT#65:
- # Domain Error Retries
- # ------ ----- -------
- begin retry
- * quota
- * * F,2h,15m; G,16h,1h,1.5; F,4d,8h
- # End of Exim 4 configuration
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement