У меня есть сервер на FreeBSD 9.2 с Exim 4.82 и PHP 5.4.25. Не так давно возникла необходимость отредактировать блок acl_check_rcpt. На данный момент эта конфигурация отлично работает с почтовой программой, но перестали отправляться письма из PHP (раньше работало). Лог выглядит так:Mar 18 01:09:50 mysite sendmail[99510]: s2HL9oKF099510: from=www, size=83, class=0, nrcpts=1, msgid=<201403172109.s2HL9oKF099510@mysite.ru>, relay=www@localhost
Mar 18 01:09:50 mysite exim[99511]: H=localhost (mysite.ru) [127.0.0.1] I=[127.0.0.1]:25 F=<www@mysite.ru> rejected RCPT <myaddr@mail.ru>
Mar 18 01:09:50 mysite exim[99511]: H=localhost (mysite.ru) [127.0.0.1] I=[127.0.0.1]:25 F=<www@mysite.ru> rejected RCPT <myaddr@mail.ru>
Mar 18 01:09:50 mysite sendmail[99510]: s2HL9oKF099510: to=myaddr@mail.ru, ctladdr=www (80/80), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30083, relay=[127.0.0.1] [127.0.0.1], dsn=5.1.1, stat=User unknown
Mar 18 01:09:50 mysite sendmail[99510]: s2HL9oKF099510: s2HL9oKG099510: DSN: User unknownКак это исправить? Что добавить в конфиг, чтобы PHP смог отправлять письма?
Вот мой конфиг из Exim:
#!/bin/sh
primary_hostname = mysite.ruhide mysql_servers = localhost/exim/exim/password
domainlist local_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}hostlist relay_from_hosts = localhost:127.0.0.0/8:192.168.0.0/16
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_dataav_scanner = clamd:/var/run/clamav/clamd.sock
qualify_domain = mysite.ru
qualify_recipient = mysite.ru
allow_domain_literals = false
exim_user = mailnull
exim_group = mail
never_users = root
#host_lookup = *
#rfc1413_hosts = *
rfc1413_query_timeout = 0ssender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts# percent_hack_domains = *
ignore_bounce_errors_after = 45m
timeout_frozen_after = 15d
#freeze_tell = admin@mysite.ru
helo_accept_junk_hosts = 192.168.0.0/16
auto_thaw = 1h
smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"
smtp_accept_max = 50
smtp_accept_max_per_connection = 25
smtp_connect_backlog = 30
smtp_accept_max_per_host = 20
split_spool_directory = true
remote_max_parallel = 15
return_size_limit = 70k
message_size_limit = 64M
helo_allow_chars = _
smtp_enforce_sync = true
log_selector = \
+all_parents \
+connection_reject \
+incoming_interface \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+smtp_confirmation \
+smtp_syntax_error \
+smtp_protocol_error \
-queue_runsyslog_timestamp = no
begin acl
acl_check_rcpt:
# --- accept local delivery
accept hosts = :
control = dkim_disable_verify# --- check address for local domains
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]# --- check address for all other domains
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./# --- HELO/EHLO must be first command according RFC821
deny message = HELO/EHLO required
condition = ${if eq{$sender_helo_name}{}{yes}{no}}# --- restrict number of recipients for callbacks
drop condition = ${if >{$rcpt_count}{1}{yes}{no}}
message = Only one recipient accepted for callback senders
senders = :# --- user name spoofing control
deny authenticated = *
condition = ${if !eq{$sender_address}{$authenticated_id}{yes}{no}}
!senders = :
logwrite = [[$sender_address] [$authenticated_id]]
message = Sender address does not match the user name
delay = 10s# --- accept authenticated users
accept authenticated = *
control = dkim_disable_verify# --- HELO/EHLO must be domain or IP
# deny condition = ${if !match{$sender_helo_name}{\N\.\N}{yes}{no}}
# hosts = !+relay_from_hosts : *
# message = HELO/EHLO is not FQDN or IP address# --- restricted domains according RFC2606bis
deny condition = ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
hosts = !+relay_from_hosts : *
message = HELO/EHLO contains incorrect TLD# --- check literal notation for IP as HELO/EHLO according RFC2821
deny condition = ${if isip{$sender_helo_name}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = Literal notation for IP as HELO/EHLO required# --- remove square brackets for IP in HELO/EHLO
warn set acl_m1 = ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}# --- check own domains use in senders HELO/EHLO
deny condition = ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = Main hostname or domain in your HELO/EHLO. Access denied!
delay = 30s# --- check own IP use in senders HELO/EHLO
deny condition = ${if isip{$acl_m1}{yes}{no}}
condition = ${if match_ip{$acl_m1}{+primary_ip}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = Main IP in your HELO/EHLO. Access denied!
delay = 30s# --- accept service messages for local domains
accept local_parts = postmaster : abuse
domains = +local_domains# --- accept authenticated users only for own domains
deny message = Authentication need to relay.
hosts = !127.0.0.1 : !localhost : *
domains = +local_domains
sender_domains = +local_domains
acl_check_data:deny malware = *
message = "In e-mail found VIRUS - $malware_name"accept
begin routers
dspam_addspam_router:
driver = accept
domains = +local_domains
local_part_prefix = spam-
transport = dspam_addspam_transportdspam_notspam_router:
driver = accept
domains = +local_domains
local_part_prefix = notspam-
transport = dspam_notspam_transportdnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_moresystem_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}}dspam_spamscan_router:
driver = accept
domains = +local_domains
no_verify
condition = "${if and {{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} } {1}{0}}"
transport = dspam_spamcheck_transport
require_files = /usr/local/bin/dspam
address_test = falselocal_delivery_spam_router:
driver = accept
domains = +local_domains
# condition = ${if match{$h_X-DSPAM-Result:}{Spam}}
condition = ${if and { \
{match{$h_X-DSPAM-Result:}{Spam}} \
{!match{$h_X-DSPAM-Reclassified:}{Innocent}} \
}}
transport = local_delivery_spam_transport
no_moredovecot_user:
driver = accept
condition = ${lookup mysql{SELECT `goto` FROM \
`alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}{yes}{no}}
transport = dovecot_delivery
begin transportsdspam_addspam_transport:
driver = pipe
command = "/usr/local/bin/dspam --debug --user \
$local_part@$domain --class=spam --source=error"
return_path_add = false
return_fail_output = true
log_output = true
home_directory = "/var/db/dspam"
current_directory = "/var/db/dspam"
user = dspam
group = dspamdspam_notspam_transport:
driver = pipe
command = "/usr/local/bin/dspam --debug --user \
$local_part@$domain --class=innocent \
--source=error --deliver=innocent %u"
return_path_add = false
return_fail_output = true
log_output = true
home_directory = "/var/db/dspam"
current_directory = "/var/db/dspam"
user = dspam
group = dspamdspam_spamcheck_transport:
driver = pipe
command = /usr/local/bin/dspam --debug --deliver=innocent \
--user "$local_part@$domain" -- %u
user = dspam
group = dspam
return_path_add = false
log_output = true
return_fail_output = true
headers_remove = X-DSPAM-Resultlocal_delivery_spam_transport:
driver = pipe
command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain -m Spam
message_prefix =
message_suffix =
delivery_date_add
envelope_to_add
return_path_add
log_output
user = mailnullremote_smtp:
driver = smtpdovecot_delivery:
driver = pipe
command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain
message_prefix =
message_suffix =
delivery_date_add
envelope_to_add
return_path_add
log_output
user = mailnulladdress_pipe:
driver = pipe
return_outputaddress_reply:
driver = autoreplybegin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewritebegin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$auth2}' AND `password` = \
'${quote_mysql:$auth3}'}{yes}{no}}
server_prompts = :
server_set_id = $auth2auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$auth1}' AND `password` = \
'${quote_mysql:$auth2}'}{yes}{no}}
server_prompts = Username:: : Password::
server_set_id = $auth1auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT `password` FROM \
`mailbox` WHERE `username` \
= '${quote_mysql:$auth1}'}{$value}fail}
server_set_id = $auth2
Вопрос решился с помощью строчки sendmail_path = /usr/local/sbin/exim -t в конфиге пхп.