URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID1
Нить номер: 95552
[ Назад ]

Исходное сообщение
"Не доходит почта с внешних доменов"

Отправлено bartwell , 12-Апр-14 17:58 
Есть сервер с FreeBSD 9.2 и Exim 4.82. Есть проблема - не доходит почта с внешних доменов.

Проверяю через mail.ru и rambler.ru. Приходит отлуп такого вида:


SMTP error from remote mail server after RCPT TO:<mymailbox@mysite.ru>:
host mysite.ru [MY_SERVER_IP_HERE]: 550 Administrative prohibition

В логах exim'а вижу следующее:


Apr 11 15:13:38 mysite exim[4344]: H=(smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 F=<mymailbox@mail.ru> rejected RCPT <mymailbox@mysite.ru>
Apr 11 15:13:38 mysite exim[4344]: H=(smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 F=<mymailbox@mail.ru> rejected RCPT <mymailbox@mysite.ru>

А отладка выводит это:


# exim -bd -q15m -d+all
15:13:16  4337 Exim version 4.82 (FreeBSD 9.2) uid=0 gid=0 pid=4337 D=fffdffff
Probably Berkeley DB version 1.8x (native mode)
Support for: crypteq iconv() IPv6 use_setclassresources PAM Perl Expand_dlfunc OpenSSL Content_Scanning DKIM Old_Demime
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch mysql nis nis0 passwd
Authenticators: cram_md5 dovecot plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.2.1 20070831 patched [FreeBSD]]
Library version: OpenSSL: Compile: OpenSSL 0.9.8y 5 Feb 2013
                          Runtime: OpenSSL 0.9.8y 5 Feb 2013
Library version: PCRE: Compile: 8.34
                       Runtime: 8.34 2013-12-15
15:13:16  4337 Total 14 lookups
Library version: MySQL: Compile: 5.1.73 [FreeBSD port: mysql51-client-5.1.73_1]
                        Runtime: 5.1.73
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
15:13:16  4337 changed uid/gid: forcing real = effective
15:13:16  4337   uid=0 gid=0 pid=4337
15:13:16  4337   auxiliary group list: 0
15:13:16  4337 seeking password data for user "mailnull": using cached result
15:13:16  4337 getpwnam() succeeded uid=26 gid=26
15:13:16  4337 seeking password data for user "root": cache not available
15:13:16  4337 getpwnam() succeeded uid=0 gid=0
15:13:16  4338 changed uid/gid: calling tls_validate_require_cipher
15:13:16  4338   uid=26 gid=6 pid=4338
15:13:16  4338   auxiliary group list: 6
15:13:16  4337 tls_validate_require_cipher child 4338 ended: status=0x0
15:13:16  4337 configuration file is /usr/local/etc/exim/configure
15:13:16  4337 log selectors = 0000cefe 00233821
15:13:16  4337 cwd=/usr/local/etc/exim 4 args: exim -bd -q15m -d+all
15:13:16  4337 trusted user
15:13:16  4337 admin user
15:13:16  4337 seeking password data for user "dspam": cache not available
15:13:16  4337 getpwnam() succeeded uid=1004 gid=1004
15:13:16  4337 seeking password data for user "dspam": using cached result
15:13:16  4337 getpwnam() succeeded uid=1004 gid=1004
15:13:16  4337 seeking password data for user "dspam": using cached result
15:13:16  4337 getpwnam() succeeded uid=1004 gid=1004
15:13:16  4337 seeking password data for user "mailnull": cache not available
15:13:16  4337 getpwnam() succeeded uid=26 gid=26
15:13:16  4337 seeking password data for user "mailnull": using cached result
15:13:16  4337 getpwnam() succeeded uid=26 gid=26
15:13:16  4337 originator: uid=0 gid=0 login=root name=Charlie Root
15:13:16  4337 listening on all interfaces (IPv6) port 25
15:13:16  4337 listening on all interfaces (IPv4) port 25
15:13:16  4337 pid written to /var/run/exim.pid
15:13:16  4337 changed uid/gid: running as a daemon
15:13:16  4337   uid=26 gid=6 pid=4337
15:13:16  4337   auxiliary group list: 6
15:13:16  4337 LOG: MAIN
15:13:16  4337   exim 4.82 daemon started: pid=4337, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
15:13:16  4337 set_process_info:  4337 daemon: -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
15:13:16  4337 daemon running with uid=26 gid=6 euid=26 egid=6
15:13:16  4337 SIGALRM received
15:13:16  4337 1 queue-runner process running
15:13:16  4337 Listening...
15:13:16  4339 Starting queue-runner: pid 4339
15:13:16  4339 exec /usr/local/sbin/exim -q
15:13:16  4337 child 4339 ended: status=0x0
15:13:16  4337   normal exit, 0
15:13:16  4337 0 queue-runner processes now running
15:13:16  4337 Listening...
15:13:38  4337 Connection request from 94.100.177.90 port 32847
15:13:38  4337 interface address=MY_SERVER_IP_HERE port=25
15:13:38  4337 search_tidyup called
15:13:38  4337 1 SMTP accept process running
15:13:38  4337 Listening...
15:13:38  4344 sender_fullhost = [94.100.177.90]
15:13:38  4344 sender_rcvhost = [94.100.177.90]
15:13:38  4344 Process 4344 is handling incoming connection from [94.100.177.90]
15:13:38  4344 host in host_lookup? no (option unset)
15:13:38  4344 set_process_info:  4344 handling incoming connection from [94.100.177.90] I=[MY_SERVER_IP_HERE]:25
15:13:38  4344 host in host_reject_connection? no (option unset)
15:13:38  4344 gethostbyname2 looked up these IP addresses:
15:13:38  4344   name=localhost address=::1
15:13:38  4344   name=localhost address=127.0.0.1
15:13:38  4344 host in "localhost:127.0.0.0/8:192.168.0.0/16"? no (end of list)
15:13:38  4344 host in sender_unqualified_hosts? no (end of list)
15:13:38  4344 cached no match for +relay_from_hosts
15:13:38  4344 host in recipient_unqualified_hosts? no (end of list)
15:13:38  4344 host in helo_verify_hosts? no (option unset)
15:13:38  4344 host in helo_try_verify_hosts? no (option unset)
15:13:38  4344 host in helo_accept_junk_hosts? no (end of list)
15:13:38  4344 expanding: $primary_hostname, ESMTP EXIM $version_number
15:13:38  4344    result: mysite.ru, ESMTP EXIM 4.82
15:13:38  4344 SMTP>> 220 mysite.ru, ESMTP EXIM 4.82
15:13:38  4344 Process 4344 is ready for new message
15:13:38  4344 smtp_setup_msg entered
15:13:38  4344 SMTP<< EHLO smtp30.i.mail.ru
15:13:38  4344 smtp30.i.mail.ru in helo_lookup_domains? no (end of list)
15:13:38  4344 sender_fullhost = (smtp30.i.mail.ru) [94.100.177.90]
15:13:38  4344 sender_rcvhost = [94.100.177.90] (helo=smtp30.i.mail.ru)
15:13:38  4344 set_process_info:  4344 handling incoming connection from (smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25
15:13:38  4344 host in pipelining_advertise_hosts? yes (matched "*")
15:13:38  4344 host in auth_advertise_hosts? yes (matched "*")
15:13:38  4344 host in tls_advertise_hosts? no (option unset)
15:13:38  4344 SMTP>> 250-mysite.ru Hello smtp30.i.mail.ru [94.100.177.90]
15:13:38  4344 250-SIZE 67108864
15:13:38  4344 250-8BITMIME
15:13:38  4344 250-PIPELINING
15:13:38  4344 250-AUTH PLAIN LOGIN CRAM-MD5
15:13:38  4344 250 HELP
15:13:38  4344 SMTP<< MAIL FROM:<mymailbox@mail.ru> SIZE=1842
15:13:38  4344 spool directory space = -2147483648K inodes = 363073456 check_space = 0K inodes = 0 msg_size = 6842
15:13:38  4344 SMTP>> 250 OK
15:13:38  4344 SMTP<< RCPT TO:<mymailbox@mysite.ru>
15:13:38  4344 using ACL "acl_check_rcpt"
15:13:38  4344 processing "accept"
15:13:38  4344 check hosts = :
15:13:38  4344 host in ":"? no (end of list)
15:13:38  4344 accept: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 check domains = +local_domains
15:13:38  4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38  4344    result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 search_open: mysql "NULL"
15:13:38  4344 search_find: file="NULL"
15:13:38  4344   key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38  4344 LRU list:
15:13:38  4344 internal_search_find: file="NULL"
15:13:38  4344   type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38  4344 database lookup required for SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 MySQL query: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 MYSQL new connection: host=localhost port=0 socket=NULL database=exim user=exim
15:13:38  4344 lookup yielded: mysite.ru
15:13:38  4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38  4344    result: mysite.ru
15:13:38  4344 mysite.ru in "mysite.ru"? yes (matched "mysite.ru")
15:13:38  4344 mysite.ru in "+local_domains"? yes (matched "+local_domains")
15:13:38  4344 check local_parts = ^[.] : ^.*[@%!/|]
15:13:38  4344 mymailbox in "^[.] : ^.*[@%!/|]"? no (end of list)
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 check domains = !+local_domains
15:13:38  4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38  4344    result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 search_open: mysql "NULL"
15:13:38  4344   cached open
15:13:38  4344 search_find: file="NULL"
15:13:38  4344   key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38  4344 LRU list:
15:13:38  4344 internal_search_find: file="NULL"
15:13:38  4344   type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38  4344 cached data used for lookup of SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 lookup yielded: mysite.ru
15:13:38  4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38  4344    result: mysite.ru
15:13:38  4344 mysite.ru in "mysite.ru"? yes (matched "mysite.ru")
15:13:38  4344 mysite.ru in "!+local_domains"? no (matched "!+local_domains")
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 expanding: $sender_helo_name
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 expanding:
15:13:38  4344    result:
15:13:38  4344 condition: eq{$sender_helo_name}{}
15:13:38  4344    result: false
15:13:38  4344 expanding: yes
15:13:38  4344    result: yes
15:13:38  4344 skipping: result is not used
15:13:38  4344 expanding: no
15:13:38  4344    result: no
15:13:38  4344 expanding: ${if eq{$sender_helo_name}{}{yes}{no}}
15:13:38  4344    result: no
15:13:38  4344 check condition = ${if eq{$sender_helo_name}{}{yes}{no}}
15:13:38  4344                 = no
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "drop"
15:13:38  4344 expanding: $rcpt_count
15:13:38  4344    result: 1
15:13:38  4344 expanding: 1
15:13:38  4344    result: 1
15:13:38  4344 condition: >{$rcpt_count}{1}
15:13:38  4344    result: false
15:13:38  4344 expanding: yes
15:13:38  4344    result: yes
15:13:38  4344 skipping: result is not used
15:13:38  4344 expanding: no
15:13:38  4344    result: no
15:13:38  4344 expanding: ${if >{$rcpt_count}{1}{yes}{no}}
15:13:38  4344    result: no
15:13:38  4344 check condition = ${if >{$rcpt_count}{1}{yes}{no}}
15:13:38  4344                 = no
15:13:38  4344 drop: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "accept"
15:13:38  4344 check authenticated = *
15:13:38  4344 accept: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 expanding: $sender_helo_name
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 expanding: ${lc:$sender_helo_name}
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 expanding: \N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N
15:13:38  4344    result: (\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$
15:13:38  4344 condition: match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}
15:13:38  4344    result: false
15:13:38  4344 expanding: yes
15:13:38  4344    result: yes
15:13:38  4344 skipping: result is not used
15:13:38  4344 expanding: no
15:13:38  4344    result: no
15:13:38  4344 expanding: ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
15:13:38  4344    result: no
15:13:38  4344 check condition = ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
15:13:38  4344                 = no
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 expanding: $sender_helo_name
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 condition: isip{$sender_helo_name}
15:13:38  4344    result: false
15:13:38  4344 expanding: yes
15:13:38  4344    result: yes
15:13:38  4344 skipping: result is not used
15:13:38  4344 expanding: no
15:13:38  4344    result: no
15:13:38  4344 expanding: ${if isip{$sender_helo_name}{yes}{no}}
15:13:38  4344    result: no
15:13:38  4344 check condition = ${if isip{$sender_helo_name}{yes}{no}}
15:13:38  4344                 = no
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "warn"
15:13:38  4344 expanding: $sender_helo_name
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 expanding: \N\[|\]\N
15:13:38  4344    result: \[|\]
15:13:38  4344 expanding:
15:13:38  4344    result:
15:13:38  4344 expanding: ${sg{$sender_helo_name}{\N\[|\]\N}{}}
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 expanding: ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 check set acl_m1 = ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}
15:13:38  4344                  = smtp30.i.mail.ru
15:13:38  4344 warn: condition test succeeded in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 expanding: $acl_m1
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 expanding: $primary_hostname:+local_domains
15:13:38  4344    result: mysite.ru:+local_domains
15:13:38  4344 condition: match{$acl_m1}{$primary_hostname:+local_domains}
15:13:38  4344    result: false
15:13:38  4344 expanding: yes
15:13:38  4344    result: yes
15:13:38  4344 skipping: result is not used
15:13:38  4344 expanding: no
15:13:38  4344    result: no
15:13:38  4344 expanding: ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
15:13:38  4344    result: no
15:13:38  4344 check condition = ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
15:13:38  4344                 = no
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 expanding: $acl_m1
15:13:38  4344    result: smtp30.i.mail.ru
15:13:38  4344 condition: isip{$acl_m1}
15:13:38  4344    result: false
15:13:38  4344 expanding: yes
15:13:38  4344    result: yes
15:13:38  4344 skipping: result is not used
15:13:38  4344 expanding: no
15:13:38  4344    result: no
15:13:38  4344 expanding: ${if isip{$acl_m1}{yes}{no}}
15:13:38  4344    result: no
15:13:38  4344 check condition = ${if isip{$acl_m1}{yes}{no}}
15:13:38  4344                 = no
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "accept"
15:13:38  4344 check local_parts = postmaster : abuse
15:13:38  4344 mymailbox in "postmaster : abuse"? no (end of list)
15:13:38  4344 accept: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 processing "deny"
15:13:38  4344 check hosts = !127.0.0.1 : !localhost : *
15:13:38  4344 gethostbyname2 looked up these IP addresses:
15:13:38  4344   name=localhost address=::1
15:13:38  4344   name=localhost address=127.0.0.1
15:13:38  4344 host in "!127.0.0.1 : !localhost : *"? yes (matched "*")
15:13:38  4344 check domains = +local_domains
15:13:38  4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38  4344    result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 search_open: mysql "NULL"
15:13:38  4344   cached open
15:13:38  4344 search_find: file="NULL"
15:13:38  4344   key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38  4344 LRU list:
15:13:38  4344 internal_search_find: file="NULL"
15:13:38  4344   type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38  4344 cached data used for lookup of SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 lookup yielded: mysite.ru
15:13:38  4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38  4344    result: mysite.ru
15:13:38  4344 mysite.ru in "mysite.ru"? yes (matched "mysite.ru")
15:13:38  4344 mysite.ru in "+local_domains"? yes (matched "+local_domains")
15:13:38  4344 check sender_domains = +local_domains
15:13:38  4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38  4344    result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 search_open: mysql "NULL"
15:13:38  4344   cached open
15:13:38  4344 search_find: file="NULL"
15:13:38  4344   key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38  4344 LRU list:
15:13:38  4344 internal_search_find: file="NULL"
15:13:38  4344   type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38  4344 cached data used for lookup of SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38  4344 lookup yielded: mysite.ru
15:13:38  4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38  4344    result: mysite.ru
15:13:38  4344 mail.ru in "mysite.ru"? no (end of list)
15:13:38  4344 mail.ru in "+local_domains"? no (end of list)
15:13:38  4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38  4344 end of ACL "acl_check_rcpt": implicit DENY
15:13:38  4344 SMTP>> 550 Administrative prohibition
15:13:38  4344 LOG: MAIN REJECT
15:13:38  4344   H=(smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 F=<mymailbox@mail.ru> rejected RCPT <mymailbox@mysite.ru>
15:13:38  4344 SMTP<< DATA
15:13:38  4344 SMTP>> 503-All RCPT commands were rejected with this error:
15:13:38  4344 SMTP>> 503-Administrative prohibition
15:13:38  4344 SMTP>> 503 Valid RCPT command must precede DATA
15:13:38  4344 SMTP<< QUIT
15:13:38  4344 SMTP>> 221 mysite.ru closing connection
15:13:38  4344 LOG: smtp_connection MAIN
15:13:38  4344   SMTP connection from (smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 closed by QUIT
15:13:38  4344 search_tidyup called
15:13:38  4344 close MYSQL connection: localhost/exim/exim
15:13:38  4337 child 4344 ended: status=0x0
15:13:38  4337   normal exit, 0
15:13:38  4337 0 SMTP accept processes now running
15:13:38  4337 Listening...

Конфиг выглядит так:


#!/bin/sh
primary_hostname = mysite.ru

hide mysql_servers = localhost/auth/data/here

domainlist local_domains = ${lookup mysql{SELECT `domain` \
                            FROM `domain` WHERE \
                            `domain`='${domain}' AND \
                            `active`='1'}}

domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
                            FROM `domain` WHERE \
                            `domain`='${domain}' AND \
                            `active`='1'}}

hostlist   relay_from_hosts = localhost:127.0.0.0/8:192.168.0.0/16

acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data

av_scanner = clamd:/var/run/clamav/clamd.sock

# spamd_address = 127.0.0.1 783

qualify_domain = mysite.ru

qualify_recipient = mysite.ru

allow_domain_literals = false

exim_user = mailnull

exim_group = mail

never_users = root

#host_lookup = *

#rfc1413_hosts = *
rfc1413_query_timeout = 0s

sender_unqualified_hosts = +relay_from_hosts

recipient_unqualified_hosts = +relay_from_hosts

# percent_hack_domains = *

ignore_bounce_errors_after = 45m

timeout_frozen_after = 15d

helo_accept_junk_hosts = 192.168.0.0/16

auto_thaw = 1h

smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"

smtp_accept_max = 50

smtp_accept_max_per_connection = 25

smtp_connect_backlog = 30

smtp_accept_max_per_host = 20

split_spool_directory = true

remote_max_parallel = 15

return_size_limit = 70k

message_size_limit = 64M

helo_allow_chars = _

smtp_enforce_sync = true

log_selector = \
    +all_parents \
    +connection_reject \
    +incoming_interface \
    +lost_incoming_connection \
    +received_sender \
    +received_recipients \
    +smtp_confirmation \
    +smtp_syntax_error \
    +smtp_protocol_error \
    -queue_run

syslog_timestamp = no


begin acl

acl_check_rcpt:

  accept hosts       = :
         control   = dkim_disable_verify

  deny   message   = Restricted characters in address
         domains   = +local_domains
         local_parts   = ^[.] : ^.*[@%!/|]

  deny   message   = Restricted characters in address
         domains   = !+local_domains
         local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

  deny   message   = HELO/EHLO required
         condition   = ${if eq{$sender_helo_name}{}{yes}{no}}

  drop    condition      = ${if >{$rcpt_count}{1}{yes}{no}}
    message   = Only one recipient accepted for callback senders
         senders   = :

  accept authenticated  = *
         control        = dkim_disable_verify

  deny    condition   = ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
         hosts      = !+relay_from_hosts : *
    message   = HELO/EHLO contains incorrect TLD

  deny   condition      = ${if isip{$sender_helo_name}{yes}{no}}
         hosts          = !127.0.0.1 : !localhost : *
         message        = Literal notation for IP as HELO/EHLO required

  warn    set acl_m1   = ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}

  deny   condition      = ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
         hosts          = !127.0.0.1 : !localhost : *
         message        = Main hostname or domain in your HELO/EHLO. Access denied!
    delay      = 30s

  deny   condition      = ${if isip{$acl_m1}{yes}{no}}
    condition      = ${if match_ip{$acl_m1}{+primary_ip}{yes}{no}}
         hosts          = !127.0.0.1 : !localhost : *
         message        = Main IP in your HELO/EHLO. Access denied!
    delay      = 30s

  accept local_parts    = postmaster : abuse                
         domains        = +local_domains

  deny    message   = Authentication need to relay.
    hosts          = !127.0.0.1 : !localhost : *
    domains   = +local_domains
    sender_domains   = +local_domains


acl_check_data:

  deny malware = *
  message = "In e-mail found VIRUS - $malware_name"

  accept

begin routers

dspam_addspam_router:
  driver = accept
  domains                      = +local_domains
  local_part_prefix = spam-
  transport = dspam_addspam_transport

dspam_notspam_router:
  driver = accept
  domains                      = +local_domains
  local_part_prefix = notspam-
  transport = dspam_notspam_transport

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more

system_aliases:
    driver      = redirect
    allow_fail
    allow_defer
    data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
            `address`='${quote_mysql:$local_part@$domain}' OR \
                `address`='${quote_mysql:@$domain}'}}

dspam_spamscan_router:
  driver = accept
  domains                      = +local_domains
  no_verify
  condition = "${if and {{!eq {$received_protocol}{spam-scanned}} \
        {!eq {$received_protocol}{local}} } {1}{0}}"
  transport = dspam_spamcheck_transport
  require_files = /usr/local/bin/dspam
  address_test = false

local_delivery_spam_router:
  driver                       = accept
  domains                      = +local_domains
#  condition                    = ${if match{$h_X-DSPAM-Result:}{Spam}}
condition                    = ${if and { \
{match{$h_X-DSPAM-Result:}{Spam}} \
{!match{$h_X-DSPAM-Reclassified:}{Innocent}} \
}}
  transport                    = local_delivery_spam_transport
  no_more

dovecot_user:
  driver = accept
  condition = ${lookup mysql{SELECT `goto` FROM \
  `alias` WHERE \
  `address`='${quote_mysql:$local_part@$domain}' OR \
  `address`='${quote_mysql:@$domain}'}{yes}{no}}
  transport = dovecot_delivery


begin transports

dspam_addspam_transport:
  driver = pipe
  command = "/usr/local/bin/dspam --debug --user \
    $local_part@$domain --class=spam --source=error"
  return_path_add = false
  return_fail_output = true
  log_output = true
  home_directory = "/var/db/dspam"
  current_directory = "/var/db/dspam"
  user = dspam
  group = dspam

dspam_notspam_transport:
  driver = pipe
  command = "/usr/local/bin/dspam --debug --user \
    $local_part@$domain --class=innocent \
    --source=error --deliver=innocent %u"
  return_path_add = false
  return_fail_output = true
  log_output = true
  home_directory = "/var/db/dspam"
  current_directory = "/var/db/dspam"
  user = dspam
  group = dspam

dspam_spamcheck_transport:
  driver = pipe
  command = /usr/local/bin/dspam --debug --deliver=innocent \
    --user "$local_part@$domain" -- %u
  user = dspam
  group = dspam
  return_path_add = false
  log_output = true
  return_fail_output = true
  headers_remove        = X-DSPAM-Result

local_delivery_spam_transport:
  driver = pipe
  command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain -m Spam
  message_prefix =
  message_suffix =
  delivery_date_add
  envelope_to_add
  return_path_add
  log_output
  user = mailnull

remote_smtp:
  driver = smtp

dovecot_delivery:
  driver = pipe
  command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain
  message_prefix =
  message_suffix =
  delivery_date_add
  envelope_to_add
  return_path_add
  log_output
  user = mailnull

address_pipe:
  driver = pipe
  return_output

address_reply:
  driver = autoreply


begin retry

# Address or Domain  Error   Retries
# -----------------  -----   -------
*                    *       F,2h,15m; G,16h,1h,1.5; F,4d,6h


begin rewrite

begin authenticators

auth_plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${lookup mysql{SELECT `username` FROM \
                     `mailbox` WHERE `username` = \
                     '${quote_mysql:$auth2}' AND `password` = \
                     '${quote_mysql:$auth3}'}{yes}{no}}
  server_prompts = :
  server_set_id = $auth2

auth_login:
  driver = plaintext
  public_name = LOGIN
  server_condition = ${lookup mysql{SELECT `username` FROM \
                     `mailbox` WHERE `username` = \
                     '${quote_mysql:$auth1}' AND `password` = \
                     '${quote_mysql:$auth2}'}{yes}{no}}
  server_prompts = Username:: : Password::
  server_set_id = $auth1

auth_cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = ${lookup mysql{SELECT `password` FROM \
                        `mailbox` WHERE `username` \
                        = '${quote_mysql:$auth1}'}{$value}fail}
  server_set_id = $auth2

Что нужно поправить в конфиге, чтобы эту проблему устранить?


Содержание

Сообщения в этом обсуждении
"Не доходит почта с внешних доменов"
Отправлено PavelR , 14-Апр-14 10:08 
> Что нужно поправить в конфиге, чтобы эту проблему устранить?

Как вы собираетесь сопровождать систему, в которой ничего не можете исправить?
Может быть стоило поставить и использовать то, в чем разбираетесь?


"Не доходит почта с внешних доменов"
Отправлено bartwell , 14-Апр-14 12:08 
Постепенно разберусь, да и чуть позже должна появиться возможность в случае необходимости заплатить стороннему человеку, чтобы помог. Пока же такой возможности нет, поэтому прошу помощи. Пожалуйста, ткните носом, какое именно правило не работает и как оно должно работать в этом случае?

"Не доходит почта с внешних доменов"
Отправлено Yayaya , 01-Май-14 13:38 
>> Что нужно поправить в конфиге, чтобы эту проблему устранить?
> Как вы собираетесь сопровождать систему, в которой ничего не можете исправить?
> Может быть стоило поставить и использовать то, в чем разбираетесь?

Пашка знатный засерщик. из 100 ответов - 90% гумно


"Не доходит почта с внешних доменов"
Отправлено PavelR , 01-Май-14 13:52 
>>> Что нужно поправить в конфиге, чтобы эту проблему устранить?
>> Как вы собираетесь сопровождать систему, в которой ничего не можете исправить?
>> Может быть стоило поставить и использовать то, в чем разбираетесь?
> Пашка знатный засерщик. из 100 ответов - 90% гумно

До твоих 100% гумна в ответах еще срать и срать.


"Не доходит почта с внешних доменов"
Отправлено anonymous , 01-Май-14 22:36 
Вот это:
  accept local_parts    = postmaster : abuse
         domains        = +local_domains

исправьте на:
  accept domains        = +local_domains
         endpass
         message        = User unknown
         verify         = recipient


"Не доходит почта с внешних доменов"
Отправлено bartwell , 02-Май-14 16:31 
Спасибо!