URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID1
Нить номер: 95502
[ Назад ]

Исходное сообщение
"Как настроить Exim для отправки писем из PHP?"

Отправлено bartwell , 18-Мрт-14 19:33 
У меня есть сервер на FreeBSD 9.2 с Exim 4.82 и PHP 5.4.25. Не так давно возникла необходимость отредактировать блок acl_check_rcpt. На данный момент эта конфигурация отлично работает с почтовой программой, но перестали отправляться письма из PHP (раньше работало). Лог выглядит так:

Mar 18 01:09:50 mysite sendmail[99510]: s2HL9oKF099510: from=www, size=83, class=0, nrcpts=1, msgid=<201403172109.s2HL9oKF099510@mysite.ru>, relay=www@localhost
Mar 18 01:09:50 mysite exim[99511]: H=localhost (mysite.ru) [127.0.0.1] I=[127.0.0.1]:25 F=<www@mysite.ru> rejected RCPT <myaddr@mail.ru>
Mar 18 01:09:50 mysite exim[99511]: H=localhost (mysite.ru) [127.0.0.1] I=[127.0.0.1]:25 F=<www@mysite.ru> rejected RCPT <myaddr@mail.ru>
Mar 18 01:09:50 mysite sendmail[99510]: s2HL9oKF099510: to=myaddr@mail.ru, ctladdr=www (80/80), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30083, relay=[127.0.0.1] [127.0.0.1], dsn=5.1.1, stat=User unknown
Mar 18 01:09:50 mysite sendmail[99510]: s2HL9oKF099510: s2HL9oKG099510: DSN: User unknown

Как это исправить? Что добавить в конфиг, чтобы PHP смог отправлять письма?

Вот мой конфиг из Exim:

#!/bin/sh
primary_hostname = mysite.ru

hide mysql_servers = localhost/exim/exim/password

domainlist local_domains = ${lookup mysql{SELECT `domain` \
                            FROM `domain` WHERE \
                            `domain`='${domain}' AND \
                            `active`='1'}}

domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
                            FROM `domain` WHERE \
                            `domain`='${domain}' AND \
                            `active`='1'}}

hostlist   relay_from_hosts = localhost:127.0.0.0/8:192.168.0.0/16

acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data

av_scanner = clamd:/var/run/clamav/clamd.sock

qualify_domain = mysite.ru

qualify_recipient = mysite.ru

allow_domain_literals = false

exim_user = mailnull

exim_group = mail

never_users = root

#host_lookup = *

#rfc1413_hosts = *
rfc1413_query_timeout = 0s

sender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts

# percent_hack_domains = *

ignore_bounce_errors_after = 45m

timeout_frozen_after = 15d

#freeze_tell = admin@mysite.ru

helo_accept_junk_hosts = 192.168.0.0/16

auto_thaw = 1h

smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"

smtp_accept_max = 50

smtp_accept_max_per_connection = 25

smtp_connect_backlog = 30

smtp_accept_max_per_host = 20

split_spool_directory = true

remote_max_parallel = 15

return_size_limit = 70k

message_size_limit = 64M

helo_allow_chars = _

smtp_enforce_sync = true

log_selector = \
    +all_parents \
    +connection_reject \
    +incoming_interface \
    +lost_incoming_connection \
    +received_sender \
    +received_recipients \
    +smtp_confirmation \
    +smtp_syntax_error \
    +smtp_protocol_error \
    -queue_run

syslog_timestamp = no

begin acl

acl_check_rcpt:

  # --- accept local delivery
  accept hosts       = :
         control   = dkim_disable_verify

  # --- check address for local domains
  deny   message   = Restricted characters in address
         domains   = +local_domains
         local_parts   = ^[.] : ^.*[@%!/|]

  # --- check address for all other domains
  deny   message   = Restricted characters in address
         domains   = !+local_domains
         local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

  # --- HELO/EHLO must be first command according RFC821
  deny   message   = HELO/EHLO required
         condition   = ${if eq{$sender_helo_name}{}{yes}{no}}

  # --- restrict number of recipients for callbacks
  drop    condition      = ${if >{$rcpt_count}{1}{yes}{no}}
    message   = Only one recipient accepted for callback senders
         senders   = :

  # --- user name spoofing control
  deny    authenticated  = *
    condition   = ${if !eq{$sender_address}{$authenticated_id}{yes}{no}}
    !senders   = :
    logwrite = [[$sender_address] [$authenticated_id]]
    message   = Sender address does not match the user name
    delay      = 10s

  # --- accept authenticated users
  accept authenticated  = *
         control        = dkim_disable_verify

  # --- HELO/EHLO must be domain or IP
#  deny    condition   = ${if !match{$sender_helo_name}{\N\.\N}{yes}{no}}
#    hosts      = !+relay_from_hosts : *
#    message   = HELO/EHLO is not FQDN or IP address

  # --- restricted domains according RFC2606bis
  deny    condition   = ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
         hosts      = !+relay_from_hosts : *
    message   = HELO/EHLO contains incorrect TLD

  # --- check literal notation for IP as HELO/EHLO according RFC2821
  deny   condition      = ${if isip{$sender_helo_name}{yes}{no}}
         hosts          = !127.0.0.1 : !localhost : *
         message        = Literal notation for IP as HELO/EHLO required

  # --- remove square brackets for IP in HELO/EHLO
  warn    set acl_m1   = ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}

  # --- check own domains use in senders HELO/EHLO
  deny   condition      = ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
         hosts          = !127.0.0.1 : !localhost : *
         message        = Main hostname or domain in your HELO/EHLO. Access denied!
    delay      = 30s

  # --- check own IP use in senders HELO/EHLO
  deny   condition      = ${if isip{$acl_m1}{yes}{no}}
    condition      = ${if match_ip{$acl_m1}{+primary_ip}{yes}{no}}
         hosts          = !127.0.0.1 : !localhost : *
         message        = Main IP in your HELO/EHLO. Access denied!
    delay      = 30s

  # --- accept service messages for local domains
  accept local_parts    = postmaster : abuse                
         domains        = +local_domains

  # --- accept authenticated users only for own domains
  deny    message   = Authentication need to relay.
    hosts          = !127.0.0.1 : !localhost : *
    domains   = +local_domains
    sender_domains   = +local_domains


acl_check_data:

  deny malware = *
  message = "In e-mail found VIRUS - $malware_name"

  accept

begin routers

dspam_addspam_router:
  driver = accept
  domains                      = +local_domains
  local_part_prefix = spam-
  transport = dspam_addspam_transport

dspam_notspam_router:
  driver = accept
  domains                      = +local_domains
  local_part_prefix = notspam-
  transport = dspam_notspam_transport

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more

system_aliases:
    driver      = redirect
    allow_fail
    allow_defer
    data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
            `address`='${quote_mysql:$local_part@$domain}' OR \
                `address`='${quote_mysql:@$domain}'}}

dspam_spamscan_router:
  driver = accept
  domains                      = +local_domains
  no_verify
  condition = "${if and {{!eq {$received_protocol}{spam-scanned}} \
        {!eq {$received_protocol}{local}} } {1}{0}}"
  transport = dspam_spamcheck_transport
  require_files = /usr/local/bin/dspam
  address_test = false

local_delivery_spam_router:
  driver                       = accept
  domains                      = +local_domains
#  condition                    = ${if match{$h_X-DSPAM-Result:}{Spam}}
condition                    = ${if and { \
{match{$h_X-DSPAM-Result:}{Spam}} \
{!match{$h_X-DSPAM-Reclassified:}{Innocent}} \
}}
  transport                    = local_delivery_spam_transport
  no_more

dovecot_user:
  driver = accept
  condition = ${lookup mysql{SELECT `goto` FROM \
  `alias` WHERE \
  `address`='${quote_mysql:$local_part@$domain}' OR \
  `address`='${quote_mysql:@$domain}'}{yes}{no}}
  transport = dovecot_delivery


begin transports

dspam_addspam_transport:
  driver = pipe
  command = "/usr/local/bin/dspam --debug --user \
    $local_part@$domain --class=spam --source=error"
  return_path_add = false
  return_fail_output = true
  log_output = true
  home_directory = "/var/db/dspam"
  current_directory = "/var/db/dspam"
  user = dspam
  group = dspam

dspam_notspam_transport:
  driver = pipe
  command = "/usr/local/bin/dspam --debug --user \
    $local_part@$domain --class=innocent \
    --source=error --deliver=innocent %u"
  return_path_add = false
  return_fail_output = true
  log_output = true
  home_directory = "/var/db/dspam"
  current_directory = "/var/db/dspam"
  user = dspam
  group = dspam

dspam_spamcheck_transport:
  driver = pipe
  command = /usr/local/bin/dspam --debug --deliver=innocent \
    --user "$local_part@$domain" -- %u
  user = dspam
  group = dspam
  return_path_add = false
  log_output = true
  return_fail_output = true
  headers_remove        = X-DSPAM-Result

local_delivery_spam_transport:
  driver = pipe
  command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain -m Spam
  message_prefix =
  message_suffix =
  delivery_date_add
  envelope_to_add
  return_path_add
  log_output
  user = mailnull

remote_smtp:
  driver = smtp

dovecot_delivery:
  driver = pipe
  command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain
  message_prefix =
  message_suffix =
  delivery_date_add
  envelope_to_add
  return_path_add
  log_output
  user = mailnull

address_pipe:
  driver = pipe
  return_output

address_reply:
  driver = autoreply

begin retry

# Address or Domain  Error   Retries
# -----------------  -----   -------
*                    *       F,2h,15m; G,16h,1h,1.5; F,4d,6h


begin rewrite

begin authenticators

auth_plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${lookup mysql{SELECT `username` FROM \
                     `mailbox` WHERE `username` = \
                     '${quote_mysql:$auth2}' AND `password` = \
                     '${quote_mysql:$auth3}'}{yes}{no}}
  server_prompts = :
  server_set_id = $auth2

auth_login:
  driver = plaintext
  public_name = LOGIN
  server_condition = ${lookup mysql{SELECT `username` FROM \
                     `mailbox` WHERE `username` = \
                     '${quote_mysql:$auth1}' AND `password` = \
                     '${quote_mysql:$auth2}'}{yes}{no}}
  server_prompts = Username:: : Password::
  server_set_id = $auth1

auth_cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = ${lookup mysql{SELECT `password` FROM \
                        `mailbox` WHERE `username` \
                        = '${quote_mysql:$auth1}'}{$value}fail}
  server_set_id = $auth2


Содержание

Сообщения в этом обсуждении
"Как настроить Exim для отправки писем из PHP?"
Отправлено bartwell , 19-Мрт-14 00:43 
Вопрос решился с помощью строчки sendmail_path = /usr/local/sbin/exim -t в конфиге пхп.