>> оставайтесь на линии, скоро наши штатные телепаты догадаются о содержании вашего конфигурационного
>> файла
> И охота вам в чужих конфигах копаться
> Вот ссылка по настройке. Может поможет.
> http://www.lissyara.su/articles/freebsd/mail/exim+dovecot+po.../добавил в аторизацию последнюю секцию, если ее раскоментить то у большенства пользователей проблем с авторизацией не возникает, но у нескольких пароль не проходит.
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
primary_hostname = mail.xxx.su
hide mysql_servers = localhost/exim/exim/exim
#domainlist local_domains = @
domainlist local_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}} : lsearch;/etc/stuff_d
domainlist relay_to_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
hostlist relay_from_hosts = localhost : 127.0.0.0/8 : 10.0.0.0/24
acl_smtp_helo = acl_check_helo
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
#
qualify_domain = xxx.su
exim_user = mailnull
exim_group = mail
never_users = root
#rfc1413_hosts = *
rfc1413_query_timeout = 0s
sender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts
ignore_bounce_errors_after = 2d
# This option cancels (removes) frozen messages that are older than a week.
timeout_frozen_after = 7d
# split_spool_directory = true
smtp_banner = "NKarvenov wuzz here :)"
smtp_accept_max = 20
#default value = 20
smtp_accept_max_per_host = 2
smtp_receive_timeout = 25s
recipients_max = 10
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_helo:
drop condition = ${if eq{$sender_helo_name}\
{$interface_address}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message ="you are spammer!"
accept
acl_check_rcpt:
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
#############################################################################
# Accept mail to postmaster in any local domain, regardless of the source,
# and without verifying the sender.
accept local_parts = postmaster
domains = +local_domains
# Deny unless the sender address can be verified.
require verify = sender
accept hosts = +relay_from_hosts
control = submission
# Accept if the message arrived over an authenticated connection, from
# any host. Again, these messages are usually from MUAs, so recipient
# verification is omitted, and submission mode is set. And again, we do this
# check before any black list tests.
accept authenticated = *
control = submission
# Insist that any other recipient address that we accept is either in one of
# our local domains, or is in a domain for which we explicitly allow
# relaying. Any other domain is rejected as being unacceptable for relaying.
require message = relay not permitted
domains = +local_domains : +relay_to_domains
# We also require all accepted addresses to be verifiable. This check will
# do local part verification for local domains, but only check the domain
# for remote domains. The only way to check local parts for the remote
# relay domains is to use a callout (add /callout), but please read the
# documentation about callouts before doing this.
require verify = recipient
#############################################################################
# There are no default checks on DNS black lists because the domains that
# contain these lists are changing all the time. However, here are two
# examples of how you can get Exim to perform a DNS black list lookup at this
# point. The first one denies, whereas the second just warns.
#
# deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
# dnslists = black.list.example
#
# warn dnslists = black.list.example
# add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain
# log_message = found in $dnslist_domain
#############################################################################
#############################################################################
# This check is commented out because it is recognized that not every
# sysadmin will want to do it. If you enable it, the check performs
# Client SMTP Authorization (csa) checks on the sending host. These checks
# do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
# an Internet draft. You can, of course, add additional conditions to this
# ACL statement to restrict the CSA checks to certain hosts only.
#
# require verify = csa
#############################################################################
accept domains = +local_domains
endpass
message = "no such user"
verify = recipient
accept domains = +relay_to_domains
endpass
message = "dont know how to relay"
verify = recipient
accept hosts = +relay_from_hosts
# At this point, the address has passed all the checks that have been
# configured, so we accept it unconditionally.
# accept
deny message = "Relay not permitted"
acl_check_data:
# Deny if the message contains a virus. Before enabling this check, you
# must install a virus scanner and set the av_scanner option above.
#
# deny malware = *
# message = This message contains a virus ($malware_name).
# Add headers to a message if it is judged to be spam. Before enabling this,
# you must install SpamAssassin. You may also need to set the spamd_address
# option above.
#
# warn spam = nobody
# add_header = X-Spam_score: $spam_score\n\
# X-Spam_score_int: $spam_score_int\n\
# X-Spam_bar: $spam_bar\n\
# X-Spam_report: $spam_report
# Accept the message.
accept
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
system_aliases:
driver = redirect
allow_fail
allow_defer
# data = ${lookup{$local_part}lsearch{/etc/aliases}}
data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}}
user = mailnull
group = mail
file_transport = address_file
pipe_transport = address_pipe
#localuser:
# driver = accept
# check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
# transport = local_delivery
# cannot_route_message = Unknown user
dovecot_user:
driver = accept
condition = ${lookup mysql{SELECT `goto` FROM \
`alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}{yes}{no}}
transport = dovecot_delivery
stuff:
driver = accept
domains = lsearch;/etc/stuff_d
condition = ${lookup {$local_part}lsearch{/etc/stuff_u}{yes}{no}}
# condition = ${lookup{$domain}lsearch{/etc/stuff_d}} and ${lookup{$local_part}lsearch{/etc/stuff_u}}
# condition = ${lookup{$local_part}lsearch{/etc/stuff_u}}
transport = dovecot_delivery
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
#smarthost:
# driver = manualroute
# transport = smarthost
# route_list = * exchange.consaltex.local
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a router that successfully
# handles an address.
begin transports
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
dovecot_delivery:
driver = pipe
command = /usr/local/libexec/dovecot/deliver -d $local_part@$domain
message_prefix =
message_suffix =
delivery_date_add
envelope_to_add
return_path_add
log_output
user = mailnull
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
user = $local_part
mode = 0660
no_mode_fail_narrower
address_pipe:
driver = pipe
return_output
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the userforward router.
address_reply:
driver = autoreply
#smarthost:
# driver = smtp
# hosts = exchange.consaltex.local
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
#nagios@consaltex.ru null@consaltex.ru Ffw
nagios@consaltex.ru /dev/null@consaltex.ru Ehw
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators
# PLAIN authentication has no server prompts. The client sends its
# credentials in one lump, containing an authorization ID (which we do not
# use), an authentication ID, and a password. The latter two appear as
# $auth2 and $auth3 in the configuration and should be checked against a
# valid username and password. In a real configuration you would typically
# use $auth2 as a lookup key, and compare $auth3 against the result of the
# lookup, perhaps using the crypteq{}{} condition.
#PLAIN:
# driver = plaintext
# server_set_id = $auth2
# server_prompts = :
# server_condition = Authentication is not yet configured
# server_advertise_condition = ${if def:tls_cipher }
# LOGIN authentication has traditional prompts and responses. There is no
# authorization ID in this mechanism, so unlike PLAIN the username and
# password are $auth1 and $auth2. Apart from that you can use the same
# server_condition setting for both authenticators.
#LOGIN:
# driver = plaintext
# server_set_id = $auth1
# server_prompts = <| Username: | Password:
# server_condition = Authentication is not yet configured
# server_advertise_condition = ${if def:tls_cipher }
#auth_login:
# driver = plaintext
# public_name = LOGIN
# server_prompts = Username:: : Password::
# server_condition = "${if crypteq{$2}{${lookup mysql{SELECT `password` FROM `mailbox` WHERE `username` = '${quote_mysql:$1}'}}}{yes}{no}}"
# server_set_id = $1
######################################################################
# CONFIGURATION FOR local_scan() #
######################################################################
# If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.
# begin local_scan
# End of Exim configuration file
Вариант для распечатки
(ok) on 24-Ноя-10, 11:15 
