Есть сервер с FreeBSD 9.2 и Exim 4.82. Есть проблема - не доходит почта с внешних доменов.Проверяю через mail.ru и rambler.ru. Приходит отлуп такого вида:
SMTP error from remote mail server after RCPT TO:<mymailbox@mysite.ru>:
host mysite.ru [MY_SERVER_IP_HERE]: 550 Administrative prohibitionВ логах exim'а вижу следующее:
Apr 11 15:13:38 mysite exim[4344]: H=(smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 F=<mymailbox@mail.ru> rejected RCPT <mymailbox@mysite.ru>
Apr 11 15:13:38 mysite exim[4344]: H=(smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 F=<mymailbox@mail.ru> rejected RCPT <mymailbox@mysite.ru>А отладка выводит это:
# exim -bd -q15m -d+all
15:13:16 4337 Exim version 4.82 (FreeBSD 9.2) uid=0 gid=0 pid=4337 D=fffdffff
Probably Berkeley DB version 1.8x (native mode)
Support for: crypteq iconv() IPv6 use_setclassresources PAM Perl Expand_dlfunc OpenSSL Content_Scanning DKIM Old_Demime
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch mysql nis nis0 passwd
Authenticators: cram_md5 dovecot plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.2.1 20070831 patched [FreeBSD]]
Library version: OpenSSL: Compile: OpenSSL 0.9.8y 5 Feb 2013
Runtime: OpenSSL 0.9.8y 5 Feb 2013
Library version: PCRE: Compile: 8.34
Runtime: 8.34 2013-12-15
15:13:16 4337 Total 14 lookups
Library version: MySQL: Compile: 5.1.73 [FreeBSD port: mysql51-client-5.1.73_1]
Runtime: 5.1.73
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
15:13:16 4337 changed uid/gid: forcing real = effective
15:13:16 4337 uid=0 gid=0 pid=4337
15:13:16 4337 auxiliary group list: 0
15:13:16 4337 seeking password data for user "mailnull": using cached result
15:13:16 4337 getpwnam() succeeded uid=26 gid=26
15:13:16 4337 seeking password data for user "root": cache not available
15:13:16 4337 getpwnam() succeeded uid=0 gid=0
15:13:16 4338 changed uid/gid: calling tls_validate_require_cipher
15:13:16 4338 uid=26 gid=6 pid=4338
15:13:16 4338 auxiliary group list: 6
15:13:16 4337 tls_validate_require_cipher child 4338 ended: status=0x0
15:13:16 4337 configuration file is /usr/local/etc/exim/configure
15:13:16 4337 log selectors = 0000cefe 00233821
15:13:16 4337 cwd=/usr/local/etc/exim 4 args: exim -bd -q15m -d+all
15:13:16 4337 trusted user
15:13:16 4337 admin user
15:13:16 4337 seeking password data for user "dspam": cache not available
15:13:16 4337 getpwnam() succeeded uid=1004 gid=1004
15:13:16 4337 seeking password data for user "dspam": using cached result
15:13:16 4337 getpwnam() succeeded uid=1004 gid=1004
15:13:16 4337 seeking password data for user "dspam": using cached result
15:13:16 4337 getpwnam() succeeded uid=1004 gid=1004
15:13:16 4337 seeking password data for user "mailnull": cache not available
15:13:16 4337 getpwnam() succeeded uid=26 gid=26
15:13:16 4337 seeking password data for user "mailnull": using cached result
15:13:16 4337 getpwnam() succeeded uid=26 gid=26
15:13:16 4337 originator: uid=0 gid=0 login=root name=Charlie Root
15:13:16 4337 listening on all interfaces (IPv6) port 25
15:13:16 4337 listening on all interfaces (IPv4) port 25
15:13:16 4337 pid written to /var/run/exim.pid
15:13:16 4337 changed uid/gid: running as a daemon
15:13:16 4337 uid=26 gid=6 pid=4337
15:13:16 4337 auxiliary group list: 6
15:13:16 4337 LOG: MAIN
15:13:16 4337 exim 4.82 daemon started: pid=4337, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
15:13:16 4337 set_process_info: 4337 daemon: -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
15:13:16 4337 daemon running with uid=26 gid=6 euid=26 egid=6
15:13:16 4337 SIGALRM received
15:13:16 4337 1 queue-runner process running
15:13:16 4337 Listening...
15:13:16 4339 Starting queue-runner: pid 4339
15:13:16 4339 exec /usr/local/sbin/exim -q
15:13:16 4337 child 4339 ended: status=0x0
15:13:16 4337 normal exit, 0
15:13:16 4337 0 queue-runner processes now running
15:13:16 4337 Listening...
15:13:38 4337 Connection request from 94.100.177.90 port 32847
15:13:38 4337 interface address=MY_SERVER_IP_HERE port=25
15:13:38 4337 search_tidyup called
15:13:38 4337 1 SMTP accept process running
15:13:38 4337 Listening...
15:13:38 4344 sender_fullhost = [94.100.177.90]
15:13:38 4344 sender_rcvhost = [94.100.177.90]
15:13:38 4344 Process 4344 is handling incoming connection from [94.100.177.90]
15:13:38 4344 host in host_lookup? no (option unset)
15:13:38 4344 set_process_info: 4344 handling incoming connection from [94.100.177.90] I=[MY_SERVER_IP_HERE]:25
15:13:38 4344 host in host_reject_connection? no (option unset)
15:13:38 4344 gethostbyname2 looked up these IP addresses:
15:13:38 4344 name=localhost address=::1
15:13:38 4344 name=localhost address=127.0.0.1
15:13:38 4344 host in "localhost:127.0.0.0/8:192.168.0.0/16"? no (end of list)
15:13:38 4344 host in sender_unqualified_hosts? no (end of list)
15:13:38 4344 cached no match for +relay_from_hosts
15:13:38 4344 host in recipient_unqualified_hosts? no (end of list)
15:13:38 4344 host in helo_verify_hosts? no (option unset)
15:13:38 4344 host in helo_try_verify_hosts? no (option unset)
15:13:38 4344 host in helo_accept_junk_hosts? no (end of list)
15:13:38 4344 expanding: $primary_hostname, ESMTP EXIM $version_number
15:13:38 4344 result: mysite.ru, ESMTP EXIM 4.82
15:13:38 4344 SMTP>> 220 mysite.ru, ESMTP EXIM 4.82
15:13:38 4344 Process 4344 is ready for new message
15:13:38 4344 smtp_setup_msg entered
15:13:38 4344 SMTP<< EHLO smtp30.i.mail.ru
15:13:38 4344 smtp30.i.mail.ru in helo_lookup_domains? no (end of list)
15:13:38 4344 sender_fullhost = (smtp30.i.mail.ru) [94.100.177.90]
15:13:38 4344 sender_rcvhost = [94.100.177.90] (helo=smtp30.i.mail.ru)
15:13:38 4344 set_process_info: 4344 handling incoming connection from (smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25
15:13:38 4344 host in pipelining_advertise_hosts? yes (matched "*")
15:13:38 4344 host in auth_advertise_hosts? yes (matched "*")
15:13:38 4344 host in tls_advertise_hosts? no (option unset)
15:13:38 4344 SMTP>> 250-mysite.ru Hello smtp30.i.mail.ru [94.100.177.90]
15:13:38 4344 250-SIZE 67108864
15:13:38 4344 250-8BITMIME
15:13:38 4344 250-PIPELINING
15:13:38 4344 250-AUTH PLAIN LOGIN CRAM-MD5
15:13:38 4344 250 HELP
15:13:38 4344 SMTP<< MAIL FROM:<mymailbox@mail.ru> SIZE=1842
15:13:38 4344 spool directory space = -2147483648K inodes = 363073456 check_space = 0K inodes = 0 msg_size = 6842
15:13:38 4344 SMTP>> 250 OK
15:13:38 4344 SMTP<< RCPT TO:<mymailbox@mysite.ru>
15:13:38 4344 using ACL "acl_check_rcpt"
15:13:38 4344 processing "accept"
15:13:38 4344 check hosts = :
15:13:38 4344 host in ":"? no (end of list)
15:13:38 4344 accept: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 check domains = +local_domains
15:13:38 4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38 4344 result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 search_open: mysql "NULL"
15:13:38 4344 search_find: file="NULL"
15:13:38 4344 key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38 4344 LRU list:
15:13:38 4344 internal_search_find: file="NULL"
15:13:38 4344 type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38 4344 database lookup required for SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 MySQL query: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 MYSQL new connection: host=localhost port=0 socket=NULL database=exim user=exim
15:13:38 4344 lookup yielded: mysite.ru
15:13:38 4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38 4344 result: mysite.ru
15:13:38 4344 mysite.ru in "mysite.ru"? yes (matched "mysite.ru")
15:13:38 4344 mysite.ru in "+local_domains"? yes (matched "+local_domains")
15:13:38 4344 check local_parts = ^[.] : ^.*[@%!/|]
15:13:38 4344 mymailbox in "^[.] : ^.*[@%!/|]"? no (end of list)
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 check domains = !+local_domains
15:13:38 4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38 4344 result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 search_open: mysql "NULL"
15:13:38 4344 cached open
15:13:38 4344 search_find: file="NULL"
15:13:38 4344 key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38 4344 LRU list:
15:13:38 4344 internal_search_find: file="NULL"
15:13:38 4344 type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38 4344 cached data used for lookup of SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 lookup yielded: mysite.ru
15:13:38 4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38 4344 result: mysite.ru
15:13:38 4344 mysite.ru in "mysite.ru"? yes (matched "mysite.ru")
15:13:38 4344 mysite.ru in "!+local_domains"? no (matched "!+local_domains")
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 expanding: $sender_helo_name
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 expanding:
15:13:38 4344 result:
15:13:38 4344 condition: eq{$sender_helo_name}{}
15:13:38 4344 result: false
15:13:38 4344 expanding: yes
15:13:38 4344 result: yes
15:13:38 4344 skipping: result is not used
15:13:38 4344 expanding: no
15:13:38 4344 result: no
15:13:38 4344 expanding: ${if eq{$sender_helo_name}{}{yes}{no}}
15:13:38 4344 result: no
15:13:38 4344 check condition = ${if eq{$sender_helo_name}{}{yes}{no}}
15:13:38 4344 = no
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "drop"
15:13:38 4344 expanding: $rcpt_count
15:13:38 4344 result: 1
15:13:38 4344 expanding: 1
15:13:38 4344 result: 1
15:13:38 4344 condition: >{$rcpt_count}{1}
15:13:38 4344 result: false
15:13:38 4344 expanding: yes
15:13:38 4344 result: yes
15:13:38 4344 skipping: result is not used
15:13:38 4344 expanding: no
15:13:38 4344 result: no
15:13:38 4344 expanding: ${if >{$rcpt_count}{1}{yes}{no}}
15:13:38 4344 result: no
15:13:38 4344 check condition = ${if >{$rcpt_count}{1}{yes}{no}}
15:13:38 4344 = no
15:13:38 4344 drop: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "accept"
15:13:38 4344 check authenticated = *
15:13:38 4344 accept: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 expanding: $sender_helo_name
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 expanding: ${lc:$sender_helo_name}
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 expanding: \N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N
15:13:38 4344 result: (\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$
15:13:38 4344 condition: match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}
15:13:38 4344 result: false
15:13:38 4344 expanding: yes
15:13:38 4344 result: yes
15:13:38 4344 skipping: result is not used
15:13:38 4344 expanding: no
15:13:38 4344 result: no
15:13:38 4344 expanding: ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
15:13:38 4344 result: no
15:13:38 4344 check condition = ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
15:13:38 4344 = no
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 expanding: $sender_helo_name
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 condition: isip{$sender_helo_name}
15:13:38 4344 result: false
15:13:38 4344 expanding: yes
15:13:38 4344 result: yes
15:13:38 4344 skipping: result is not used
15:13:38 4344 expanding: no
15:13:38 4344 result: no
15:13:38 4344 expanding: ${if isip{$sender_helo_name}{yes}{no}}
15:13:38 4344 result: no
15:13:38 4344 check condition = ${if isip{$sender_helo_name}{yes}{no}}
15:13:38 4344 = no
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "warn"
15:13:38 4344 expanding: $sender_helo_name
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 expanding: \N\[|\]\N
15:13:38 4344 result: \[|\]
15:13:38 4344 expanding:
15:13:38 4344 result:
15:13:38 4344 expanding: ${sg{$sender_helo_name}{\N\[|\]\N}{}}
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 expanding: ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 check set acl_m1 = ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}
15:13:38 4344 = smtp30.i.mail.ru
15:13:38 4344 warn: condition test succeeded in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 expanding: $acl_m1
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 expanding: $primary_hostname:+local_domains
15:13:38 4344 result: mysite.ru:+local_domains
15:13:38 4344 condition: match{$acl_m1}{$primary_hostname:+local_domains}
15:13:38 4344 result: false
15:13:38 4344 expanding: yes
15:13:38 4344 result: yes
15:13:38 4344 skipping: result is not used
15:13:38 4344 expanding: no
15:13:38 4344 result: no
15:13:38 4344 expanding: ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
15:13:38 4344 result: no
15:13:38 4344 check condition = ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
15:13:38 4344 = no
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 expanding: $acl_m1
15:13:38 4344 result: smtp30.i.mail.ru
15:13:38 4344 condition: isip{$acl_m1}
15:13:38 4344 result: false
15:13:38 4344 expanding: yes
15:13:38 4344 result: yes
15:13:38 4344 skipping: result is not used
15:13:38 4344 expanding: no
15:13:38 4344 result: no
15:13:38 4344 expanding: ${if isip{$acl_m1}{yes}{no}}
15:13:38 4344 result: no
15:13:38 4344 check condition = ${if isip{$acl_m1}{yes}{no}}
15:13:38 4344 = no
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "accept"
15:13:38 4344 check local_parts = postmaster : abuse
15:13:38 4344 mymailbox in "postmaster : abuse"? no (end of list)
15:13:38 4344 accept: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 processing "deny"
15:13:38 4344 check hosts = !127.0.0.1 : !localhost : *
15:13:38 4344 gethostbyname2 looked up these IP addresses:
15:13:38 4344 name=localhost address=::1
15:13:38 4344 name=localhost address=127.0.0.1
15:13:38 4344 host in "!127.0.0.1 : !localhost : *"? yes (matched "*")
15:13:38 4344 check domains = +local_domains
15:13:38 4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38 4344 result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 search_open: mysql "NULL"
15:13:38 4344 cached open
15:13:38 4344 search_find: file="NULL"
15:13:38 4344 key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38 4344 LRU list:
15:13:38 4344 internal_search_find: file="NULL"
15:13:38 4344 type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38 4344 cached data used for lookup of SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 lookup yielded: mysite.ru
15:13:38 4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38 4344 result: mysite.ru
15:13:38 4344 mysite.ru in "mysite.ru"? yes (matched "mysite.ru")
15:13:38 4344 mysite.ru in "+local_domains"? yes (matched "+local_domains")
15:13:38 4344 check sender_domains = +local_domains
15:13:38 4344 expanding: SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'
15:13:38 4344 result: SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 search_open: mysql "NULL"
15:13:38 4344 cached open
15:13:38 4344 search_find: file="NULL"
15:13:38 4344 key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'" partial=-1 affix=NULL starflags=0
15:13:38 4344 LRU list:
15:13:38 4344 internal_search_find: file="NULL"
15:13:38 4344 type=mysql key="SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'"
15:13:38 4344 cached data used for lookup of SELECT `domain` FROM `domain` WHERE `domain`='mysite.ru' AND `active`='1'
15:13:38 4344 lookup yielded: mysite.ru
15:13:38 4344 expanding: ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
15:13:38 4344 result: mysite.ru
15:13:38 4344 mail.ru in "mysite.ru"? no (end of list)
15:13:38 4344 mail.ru in "+local_domains"? no (end of list)
15:13:38 4344 deny: condition test failed in ACL "acl_check_rcpt"
15:13:38 4344 end of ACL "acl_check_rcpt": implicit DENY
15:13:38 4344 SMTP>> 550 Administrative prohibition
15:13:38 4344 LOG: MAIN REJECT
15:13:38 4344 H=(smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 F=<mymailbox@mail.ru> rejected RCPT <mymailbox@mysite.ru>
15:13:38 4344 SMTP<< DATA
15:13:38 4344 SMTP>> 503-All RCPT commands were rejected with this error:
15:13:38 4344 SMTP>> 503-Administrative prohibition
15:13:38 4344 SMTP>> 503 Valid RCPT command must precede DATA
15:13:38 4344 SMTP<< QUIT
15:13:38 4344 SMTP>> 221 mysite.ru closing connection
15:13:38 4344 LOG: smtp_connection MAIN
15:13:38 4344 SMTP connection from (smtp30.i.mail.ru) [94.100.177.90] I=[MY_SERVER_IP_HERE]:25 closed by QUIT
15:13:38 4344 search_tidyup called
15:13:38 4344 close MYSQL connection: localhost/exim/exim
15:13:38 4337 child 4344 ended: status=0x0
15:13:38 4337 normal exit, 0
15:13:38 4337 0 SMTP accept processes now running
15:13:38 4337 Listening...Конфиг выглядит так:
#!/bin/sh
primary_hostname = mysite.ruhide mysql_servers = localhost/auth/data/here
domainlist local_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}hostlist relay_from_hosts = localhost:127.0.0.0/8:192.168.0.0/16
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_dataav_scanner = clamd:/var/run/clamav/clamd.sock
# spamd_address = 127.0.0.1 783
qualify_domain = mysite.ru
qualify_recipient = mysite.ru
allow_domain_literals = false
exim_user = mailnull
exim_group = mail
never_users = root
#host_lookup = *
#rfc1413_hosts = *
rfc1413_query_timeout = 0ssender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts
# percent_hack_domains = *
ignore_bounce_errors_after = 45m
timeout_frozen_after = 15d
helo_accept_junk_hosts = 192.168.0.0/16
auto_thaw = 1h
smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"
smtp_accept_max = 50
smtp_accept_max_per_connection = 25
smtp_connect_backlog = 30
smtp_accept_max_per_host = 20
split_spool_directory = true
remote_max_parallel = 15
return_size_limit = 70k
message_size_limit = 64M
helo_allow_chars = _
smtp_enforce_sync = true
log_selector = \
+all_parents \
+connection_reject \
+incoming_interface \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+smtp_confirmation \
+smtp_syntax_error \
+smtp_protocol_error \
-queue_runsyslog_timestamp = no
begin aclacl_check_rcpt:
accept hosts = :
control = dkim_disable_verifydeny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./deny message = HELO/EHLO required
condition = ${if eq{$sender_helo_name}{}{yes}{no}}drop condition = ${if >{$rcpt_count}{1}{yes}{no}}
message = Only one recipient accepted for callback senders
senders = :accept authenticated = *
control = dkim_disable_verifydeny condition = ${if match{${lc:$sender_helo_name}}{\N(\.local(domain)?|\.lan|\.example|\.test|\.invalid|\.domain|\.home|\.host|\.corp)$\N}{yes}{no}}
hosts = !+relay_from_hosts : *
message = HELO/EHLO contains incorrect TLDdeny condition = ${if isip{$sender_helo_name}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = Literal notation for IP as HELO/EHLO requiredwarn set acl_m1 = ${lc:${sg{$sender_helo_name}{\N\[|\]\N}{}}}
deny condition = ${if match{$acl_m1}{$primary_hostname:+local_domains}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = Main hostname or domain in your HELO/EHLO. Access denied!
delay = 30sdeny condition = ${if isip{$acl_m1}{yes}{no}}
condition = ${if match_ip{$acl_m1}{+primary_ip}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = Main IP in your HELO/EHLO. Access denied!
delay = 30saccept local_parts = postmaster : abuse
domains = +local_domainsdeny message = Authentication need to relay.
hosts = !127.0.0.1 : !localhost : *
domains = +local_domains
sender_domains = +local_domains
acl_check_data:deny malware = *
message = "In e-mail found VIRUS - $malware_name"accept
begin routers
dspam_addspam_router:
driver = accept
domains = +local_domains
local_part_prefix = spam-
transport = dspam_addspam_transportdspam_notspam_router:
driver = accept
domains = +local_domains
local_part_prefix = notspam-
transport = dspam_notspam_transportdnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_moresystem_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}}dspam_spamscan_router:
driver = accept
domains = +local_domains
no_verify
condition = "${if and {{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} } {1}{0}}"
transport = dspam_spamcheck_transport
require_files = /usr/local/bin/dspam
address_test = falselocal_delivery_spam_router:
driver = accept
domains = +local_domains
# condition = ${if match{$h_X-DSPAM-Result:}{Spam}}
condition = ${if and { \
{match{$h_X-DSPAM-Result:}{Spam}} \
{!match{$h_X-DSPAM-Reclassified:}{Innocent}} \
}}
transport = local_delivery_spam_transport
no_moredovecot_user:
driver = accept
condition = ${lookup mysql{SELECT `goto` FROM \
`alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}{yes}{no}}
transport = dovecot_delivery
begin transportsdspam_addspam_transport:
driver = pipe
command = "/usr/local/bin/dspam --debug --user \
$local_part@$domain --class=spam --source=error"
return_path_add = false
return_fail_output = true
log_output = true
home_directory = "/var/db/dspam"
current_directory = "/var/db/dspam"
user = dspam
group = dspamdspam_notspam_transport:
driver = pipe
command = "/usr/local/bin/dspam --debug --user \
$local_part@$domain --class=innocent \
--source=error --deliver=innocent %u"
return_path_add = false
return_fail_output = true
log_output = true
home_directory = "/var/db/dspam"
current_directory = "/var/db/dspam"
user = dspam
group = dspamdspam_spamcheck_transport:
driver = pipe
command = /usr/local/bin/dspam --debug --deliver=innocent \
--user "$local_part@$domain" -- %u
user = dspam
group = dspam
return_path_add = false
log_output = true
return_fail_output = true
headers_remove = X-DSPAM-Resultlocal_delivery_spam_transport:
driver = pipe
command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain -m Spam
message_prefix =
message_suffix =
delivery_date_add
envelope_to_add
return_path_add
log_output
user = mailnullremote_smtp:
driver = smtpdovecot_delivery:
driver = pipe
command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain
message_prefix =
message_suffix =
delivery_date_add
envelope_to_add
return_path_add
log_output
user = mailnulladdress_pipe:
driver = pipe
return_outputaddress_reply:
driver = autoreply
begin retry# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewritebegin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$auth2}' AND `password` = \
'${quote_mysql:$auth3}'}{yes}{no}}
server_prompts = :
server_set_id = $auth2auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$auth1}' AND `password` = \
'${quote_mysql:$auth2}'}{yes}{no}}
server_prompts = Username:: : Password::
server_set_id = $auth1auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT `password` FROM \
`mailbox` WHERE `username` \
= '${quote_mysql:$auth1}'}{$value}fail}
server_set_id = $auth2Что нужно поправить в конфиге, чтобы эту проблему устранить?
> Что нужно поправить в конфиге, чтобы эту проблему устранить?Как вы собираетесь сопровождать систему, в которой ничего не можете исправить?
Может быть стоило поставить и использовать то, в чем разбираетесь?
Постепенно разберусь, да и чуть позже должна появиться возможность в случае необходимости заплатить стороннему человеку, чтобы помог. Пока же такой возможности нет, поэтому прошу помощи. Пожалуйста, ткните носом, какое именно правило не работает и как оно должно работать в этом случае?
>> Что нужно поправить в конфиге, чтобы эту проблему устранить?
> Как вы собираетесь сопровождать систему, в которой ничего не можете исправить?
> Может быть стоило поставить и использовать то, в чем разбираетесь?Пашка знатный засерщик. из 100 ответов - 90% гумно
>>> Что нужно поправить в конфиге, чтобы эту проблему устранить?
>> Как вы собираетесь сопровождать систему, в которой ничего не можете исправить?
>> Может быть стоило поставить и использовать то, в чем разбираетесь?
> Пашка знатный засерщик. из 100 ответов - 90% гумноДо твоих 100% гумна в ответах еще срать и срать.
Вот это:
accept local_parts = postmaster : abuse
domains = +local_domainsисправьте на:
accept domains = +local_domains
endpass
message = User unknown
verify = recipient
Спасибо!