>1. Не указал, как в конфиге сделана авторизиция,
вот полный конфиг:
exim.conf:
primary_hostname = mail.my.host.nm
domainlist local_domains = ${lookup mysql{SELECT domain FROM domains \
WHERE domain='${domain}' AND \
(type='LOCAL' OR type='VIRTUAL')}}
domainlist relay_to_domains =${lookup mysql{SELECT domain FROM domains \
WHERE domain='${domain}' AND type='RELAY'}}
hostlist relay_from_hosts = 127.0.0.1
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
qualify_domain = my.host.nm
log_selector = \
+all
allow_domain_literals=false
never_users = root:daemon:bin
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 30m
timeout_frozen_after = 3d
freeze_tell = postmaster
auto_thaw = 1h
message_size_limit = 10M
smtp_accept_max = 50
smtp_accept_max_per_connection = 50
smtp_connect_backlog = 50
smtp_accept_max_per_host = 25
split_spool_directory = true
remote_max_parallel = 15
hide mysql_servers = sqlhost/dbname/user/password
begin acl
acl_check_rcpt:
accept hosts = :
deny local_parts = ^.*[@%!/|] : ^\\.
deny message = HELO/EHLO required by SMTP RFC
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept domains = +local_domains
authenticated = *
endpass
verify = recipient
condition = ${if match {$sender_address_domain} \
{my\\.host\\.nm} \
{yes}{no}}
accept domains = +local_domains
endpass
verify = recipient
condition = ${if !match {$sender_address_domain} \
{my\\.host\\.nm} \
{yes}{no}}
accept domains = *
authenticated = *
endpass
verify = recipient
condition = ${if match{$sender_address_domain} \
{my\\.host\\.nm} \
{yes}{no}}
deny message = access denied
acl_check_data:
accept
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM aliases \
WHERE local_part='${local_part}' AND domain='${domain}'}}
userforward:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM userforward \
WHERE local_part='${local_part}' AND domain='${domain}'}}
mysqluser:
driver = accept
condition = ${if eq{} {${lookup mysql{SELECT home FROM users \
WHERE id='${local_part}' AND mbox_host='${domain}' \
AND active='Y'}}}{no}{yes}}
transport = mysql_delivery
begin transports
remote_smtp:
driver = smtp
mysql_delivery:
driver = appendfile
check_string = ""
create_directory
delivery_date_add
directory = ${lookup mysql{SELECT CONCAT(home, "/") FROM users \
WHERE id='${local_part}' AND mbox_host='${domain}'}}
directory_mode = 770
envelope_to_add
group = mail
maildir_format
maildir_tag = ,S=$message_size
message_prefix = ""
message_suffix = ""
mode = 0600
quota = ${lookup mysql{SELECT quota FROM users \
WHERE id='${local_part}' AND mbox_host='${domain}'}{${value}M}}
quota_size_regex = S=(\d+)$
quota_warn_threshold = 75%
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
* quota
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT id FROM users \
WHERE id = '${quote_mysql:${local_part:$2}}' \
AND mbox_host = '${quote_mysql:${domain:$2}}' \
AND passwd = '${quote_mysql:$3}' \
AND active = 'Y'}{yes}{no}}
server_prompts = :
server_set_id = $2
auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT id FROM users \
WHERE id = '${quote_mysql:${local_part:$1}}' \
AND mbox_host = '${quote_mysql:${domain:$1}}' \
AND passwd = '${quote_mysql:$2}' \
AND active = 'Y'}{yes}{no}}
server_prompts = Username:: : Password::
server_set_id = $1
auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT passwd FROM users \
WHERE id = '${quote_mysql:${local_part:$1}}' \
AND mbox_host = '${quote_mysql:${domain:$1}}' \
AND active = 'Y'}{$value}fail}
server_set_id = $1
Структура таблиц:
aliases:
+---------------+------------+------------+
| local_part | domain | recipients |
+---------------+------------+------------+
| root | my.host.nm | amim |
domains:
+------------+---------+
| domain | type |
+------------+---------+
| my.host.nm | VIRTUAL |
users:
+--------+---------------+--------+-------+-------+------------+---------------+-------------------------------------+-------+--------+
| id | crypt | passwd | uid | gid | mbox_host | shell | home | quota | active |
+--------+---------------+--------+-------+-------+------------+---------------+-------------------------------------+-------+--------+
| amim | ????????????? | ???? | 65534 | 65534 | my.host.nm | /sbin/nologin | /var/mail/virtual/my.host.nm/amim | 15 | Y |
| me | ????????????? | ???? | 65534 | 65534 | my.host.nm | /sbin/nologin | /var/mail/virtual/my.host.nm/me | 15 | Y |
userforward:
+------------+------------+------------+
| local_part | domain | recipients |
+------------+------------+------------+
| ssd4ssc | my.host.nm | amim |
Столбец crypt в таблице users пока не используется..
>с внешнего у тебя plain, а с внутреннего cram md5
ничего подобного.. по очереди пытается использовать все три типа аутентификации, начиная с md5..
> 18/02/04, 14:30:41: SEND - Сервер сообщает об ошибке: 5.3.3 Unrecognized command
это md5
> 18/02/04, 14:30:41: SEND - Аутентификация (обычный метод)...
> 18/02/04, 14:30:41: SEND - Сервер сообщает об ошибке: 5.3.3 Unrecognized command
это plain
> 18/02/04, 14:30:41: SEND - Аутентификация (проверка имени пользователя и пароля)...
> 18/02/04, 14:30:41: SEND - ВНИМАНИЕ: аутентификация не прошла
это login
>2. accept domains = *
> authenticated = *
> endpass
> verify
> = recipient
> condition = ${if match{$sender_address_domain} \
>
> {my\\.host\\.name} \
> {yes}{no}}
>deny message = access denied
>Зачем сделал condition? Ты же и так аутентификацию делаешь?
ну, аутентификация вовсе не означает, что письмо будет отправляться с адреса моего домена.. эта строчка учитывает подобную особенность, хотя можно ее и убрать, но в данном случае она на проблему не влияет, письмо попадает еще под первую маску..
>Поэтому пиши просто:
> accept authenticated = *
один хрен, не работает.. :)