Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- driver = mysql
- connect = host=localhost dbname=exim user=exim password=3091610k
- default_pass_scheme = CRAM-MD5
- password_query = SELECT `username` as `user`, `password` FROM `mailbox` WHERE `username` = '%n@%d' AND `active`='1'
- user_query = SELECT 93 AS `uid`, 93 AS `gid` FROM `mailbox` WHERE `username` = '%n@%d' AND `active`='1'
- same here for exim - install it, backup a default conf and create a new one:
- yum -y install exim exim-mysql cyrus-sasl
- mv /etc/exim/exim.conf /etc/exim/exim.conf-orig
- vi /etc/exim/exim.conf
- primary_hostname = mail.judebm.com
- hide mysql_servers = localhost/exim/exim/3091610k
- domainlist local_domains = ${lookup mysql{SELECT `domain` \
- FROM `domain` WHERE \
- `domain`='${quote_mysql:$domain}' AND \
- `active`='1'}}
- domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
- FROM `domain` WHERE \
- `domain`='${quote_mysql:$domain}' AND \
- `active`='1'}}
- hostlist relay_from_hosts = localhost:127.0.0.0/8:192.168.1.0/24
- auth_advertise_hosts = *
- acl_not_smtp = acl_not_smtp
- acl_smtp_rcpt = acl_check_rcpt
- acl_smtp_data = acl_check_data
- qualify_domain = judebm.com
- qualify_recipient = judebm.com
- allow_domain_literals = true
- exim_user = exim
- exim_group = exim
- never_users = root
- rfc1413_query_timeout = 0s
- sender_unqualified_hosts = +relay_from_hosts
- recipient_unqualified_hosts = +relay_from_hosts
- ignore_bounce_errors_after = 45m
- timeout_frozen_after = 15d
- helo_accept_junk_hosts = 192.168.1.0/24
- auto_thaw = 1h
- smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"
- smtp_accept_max = 50
- smtp_accept_max_per_connection = 25
- smtp_connect_backlog = 30
- smtp_accept_max_per_host = 20
- split_spool_directory = true
- remote_max_parallel = 15
- return_size_limit = 70k
- message_size_limit = 64M
- helo_allow_chars = _
- smtp_enforce_sync = true
- log_selector = \
- +all_parents \
- +connection_reject \
- +incoming_interface \
- +lost_incoming_connection \
- +received_sender \
- +received_recipients \
- +smtp_confirmation \
- +smtp_syntax_error \
- +smtp_protocol_error \
- -queue_run
- syslog_timestamp = no
- begin acl
- acl_not_smtp:
- deny message = Sender rate overlimit - $sender_rate / $sender_rate_period
- ratelimit = 50 / 1h / strict
- accept
- acl_check_rcpt:
- deny message = "Lookup failed"
- condition = ${if eq{$host_lookup_failed}{1}}
- accept hosts = :
- deny message = "incorrect symbol in address"
- domains = +local_domains
- local_parts = ^[.] : ^.*[@%!/|]
- deny message = "incorrect symbol in address"
- domains = !+local_domains
- local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
- accept local_parts = postmaster
- domains = +local_domains
- deny message = "HELO/EHLO required by SMTP RFC"
- condition = ${if eq{$sender_helo_name}{}{yes}{no}}
- accept authenticated = *
- deny condition = ${if eq{$sender_helo_name}\
- {$interface_address}{yes}{no}}
- hosts = !127.0.0.1 : !localhost : *
- message = "My IP in your HELO! Access denied!"
- deny condition = ${if match{$sender_helo_name}\
- {\N^\d+$\N}{yes}{no}}
- hosts = !127.0.0.1 : !localhost : *
- message = "Incorrect HELO string"
- warn
- set acl_m0 = 30s
- warn
- hosts = +relay_from_hosts:4.3.2.1/32:192.168.1.0/24 #disable waits for 'friendly' hosts
- set acl_m0 = 0s
- warn
- logwrite = Delay $acl_m0 for $sender_host_name \
- [$sender_host_address] with HELO=$sender_helo_name. Mail \
- from $sender_address to $local_part@$domain.
- delay = $acl_m0
- accept domains = +local_domains
- endpass
- message = "No such user"
- verify = recipient
- accept domains = +relay_to_domains
- endpass
- message = "i don't know how to relay to this address"
- verify = recipient
- deny message = "you in blacklist - $dnslist_domain \n $dnslist_text"
- dnslists = opm.blitzed.org : \
- cbl.abuseat.org : \
- bl.csma.biz
- accept hosts = +relay_from_hosts
- deny message = "Homo hominus lupus est"
- acl_check_data:
- deny malware = */defer_ok
- message = "Your message contains viruses: $malware_name"
- accept
- begin routers
- dnslookup:
- driver = dnslookup
- domains = ! +local_domains
- transport = remote_smtp
- ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
- no_more
- system_aliases:
- driver = redirect
- allow_fail
- allow_defer
- data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
- `address`='${quote_mysql:$local_part@$domain}' OR \
- `address`='${quote_mysql:@$domain}'}}
- dovecot_user:
- driver = accept
- condition = ${lookup mysql{SELECT `goto` FROM \
- `alias` WHERE \
- `address`='${quote_mysql:$local_part@$domain}' OR \
- `address`='${quote_mysql:@$domain}'}{yes}{no}}
- transport = dovecot_delivery
- begin transports
- remote_smtp:
- driver = smtp
- dovecot_delivery:
- driver = pipe
- command = /usr/libexec/dovecot/deliver -d $local_part@$domain
- message_prefix =
- message_suffix =
- delivery_date_add
- envelope_to_add
- return_path_add
- log_output
- user = exim
- address_pipe:
- driver = pipe
- return_output
- address_reply:
- driver = autoreply
- begin retry
- * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
- begin rewrite
- begin authenticators
- auth_plain:
- driver = dovecot
- public_name = PLAIN
- server_socket = /var/run/dovecot/auth-client
- server_set_id = $auth1
- auth_login:
- driver = dovecot
- public_name = LOGIN
- server_socket = /var/run/dovecot/auth-client
- server_set_id = $auth1
- auth_cram_md5:
- driver = dovecot
- public_name = CRAM-MD5
- server_socket = /var/run/dovecot/auth-client
- server_set_id = $auth1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement