diff --git a/config/exim4/exim4.conf.template b/config/exim4/exim4.conf.template deleted file mode 100644 index 20bdcba86b284139bd54a233e7ec94a92703a719..0000000000000000000000000000000000000000 --- a/config/exim4/exim4.conf.template +++ /dev/null @@ -1,554 +0,0 @@ -###################################################################### -# MAIN CONFIGURATION SETTINGS # -###################################################################### - -# MySQL defines -MYSQL_SERVER=localhost -MYSQL_USER=root -MYSQL_PASSWORD= -MYSQL_DB=mailserver -MYSQL_EMAILTABLE=mail_box -MYSQL_DOMAINTABLE=mail_domain -MYSQL_WHITETABLE=mail_whitelist -MYSQL_BLACKTABLE=mail_blacklist - -# Server ID for Multiserver Setups -MAILSERVER_ID=1 -MAILSERVER_HOSTNAME=mail. -MAILSERVER_IP=192.168.0.108 -MAILSERVER_EXIM_BINARY=/usr/sbin/exim4 -MAILSERVER_SPAMC_BINARY=/usr/bin/spamc - -# Mailman vars -MAILMAN_HOME=/var/lib/mailman -MAILMAN_WRAP=MAILMAN_HOME/mail/wrapper -MAILMAN_UID=list -MAILMAN_GID=list - -# MySQL queries -# MYSQL_Q_LDOMAIN=SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND type = 'local' -# MYSQL_Q_RDOMAIN=SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND type = 'relay' - -MYSQL_Q_VSCAN=SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND opt_virscan='yes' - - -MM_HOME=${lookup mysql{SELECT mm_home FROM mail_mailman_domain WHERE domain='${quote_mysql:domain}'}} -MM_LISTCHK=MM_HOME/lists/${lc::$local_part}/config.pck -MM_WRAP=${lookup mysql{SELECT mm_wrap FROM mail_mailman_domain WHERE domain='${quote_mysql:domain}'}} - -# MySQL connection -hide mysql_servers = "MYSQL_SERVER/MYSQL_DB/MYSQL_USER/MYSQL_PASSWORD" - -# starting 'normal' config - -primary_hostname = MAILSERVER_HOSTNAME - -domainlist local_domains = mysql;SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND type = 'local' -domainlist relay_to_domains = mysql;SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND (type = 'relay' OR type = 'alias') -hostlist relay_from_hosts = 127.0.0.1 -domainlist mmdomains = ${lookup mysql {SELECT domain FROM mail_mailman_domain}} - -# acl_smtp_rcpt = acl_check_rcpt - -qualify_domain = -# qualify_recipient = - -# allow_domain_literals - -never_users = root -trusted_users = mail - -host_lookup = * -rfc1413_hosts = * -rfc1413_query_timeout = 15s - -check_spool_space = 50M -check_log_space = 20M -return_size_limit = 20k -message_size_limit = 20M - -# sender_unqualified_hosts = -# recipient_unqualified_hosts = - -# percent_hack_domains = - -ignore_bounce_errors_after = 2d -timeout_frozen_after = 7d - -deliver_queue_load_max = 8 -queue_only_load = 10 -remote_max_parallel = 15 - -#tls_certificate = -#tls_privatekey = -#tls_advertise_hosts = * - -# SSL/TLS cert and key -tls_certificate = /etc/exim4/smtpd.cert -tls_privatekey = /etc/exim4/smtpd.key - -# Advertise TLS to anyone -tls_advertise_hosts = * - -# Require auth over SSL only. -# auth_over_tls_hosts = * - -helo_try_verify_hosts = !+relay_from_hosts - -av_scanner = clamd:/var/run/clamav/clamd.ctl -spamd_address = 127.0.0.1 783 - -acl_smtp_rcpt = acl_check_rcpt -#acl_smtp_mail = acl_check_sender -acl_smtp_connect = acl_check_host -acl_smtp_data = acl_check_data -acl_smtp_helo = acl_check_helo - - -###################################################################### -# ACL CONFIGURATION # -# Specifies access control lists for incoming SMTP mail # -###################################################################### - -begin acl - -acl_check_rcpt: - - accept hosts = : - - deny domains = +local_domains - local_parts = ^[.] : ^.*[@%!/|] - - deny domains = !+local_domains - local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ - - accept local_parts = postmaster - domains = +local_domains - - require verify = sender - - # Whitelist - - - # Blacklist - deny senders = ${lookup mysql {SELECT DISTINCT address FROM MYSQL_BLACKTABLE WHERE '${quote_mysql:$sender_address}' LIKE address \ - AND (recipient = '' OR recipient = '${quote_mysql:$domain}' OR recipient = '${quote_mysql:$local_part}@${quote_mysql:$domain}') \ - AND active = '1' AND server_id = 'MAILSERVER_ID'}{$value}} - log_message = Blacklisted. Sender: <$sender_address> Recipient: <$local_part@$domain> - - accept domains = +local_domains - endpass - verify = recipient - - accept domains = +relay_to_domains - endpass - verify = recipient - - accept hosts = +relay_from_hosts - - accept authenticated = * - - deny message = relay not permitted - - -acl_check_host: - accept - hosts = +relay_from_hosts - #deny - # log_message = match host_reject.list - # hosts = /etc/exim4/filters/host_reject.list - - accept - -acl_check_helo: - accept hosts = +relay_from_hosts - # If the HELO pretend to be this host - deny condition = ${if or { \ - {eq {${lc:$sender_helo_name}}{MAILSERVER_HOSTNAME}} \ - {eq {${lc:$sender_helo_name}}{MAILSERVER_IP}} \ - } {true}{false} } - # by default we accept - accept - - -acl_check_data: - - accept hosts = +relay_from_hosts - - # if there is a windows executable as attachment then we reject - deny message = This message contains an attachment of a type which we do not accept (.$found_extension) - demime = bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs:url - - # spamassassin - warn message = X-SA-Score: $spam_score - spam = nobody:true - - warn message = X-SA-Report: $spam_report - spam = nobody:true - condition = ${if >{$spam_score_int}{0}{true}{false}} - - warn message = X-SA-Status: Yes - spam = nobody:true - condition = ${if >{$spam_score_int}{50}{true}{false}} - - deny message = This message scored $spam_score spam points. - spam = nobody:true - condition = ${if >{$spam_score_int}{70}{true}{false}} - - # clamav - deny message = This message contains a virus or other harmful content ($malware_name) - demime = * - malware = * - log_message = Virus found in Message - - # accept by default - accept - - - - -###################################################################### -# ROUTERS CONFIGURATION # -# Specifies how addresses are handled # -###################################################################### -# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! # -# An address is passed to each router in turn until it is accepted. # -###################################################################### - -begin routers - -fail_router: - driver = redirect - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND active='0'}{$value}} - data = ":fail:" - allow_fail - -domain_aliases: - driver=redirect - domains=${lookup mysql{SELECT domain FROM mail_domain WHERE domain='${domain}' AND type = 'alias'}} - data=$local_part@${lookup mysql{SELECT destination FROM mail_domain WHERE domain='${domain}'}} - -mailman_router: - driver = accept - domains = +mmdomains - require_files = MM_LISTCHK - local_part_suffix_optional - local_part_suffix = -admin : \ - -bounces : -bounces+* : \ - -confirm : -confirm+* : \ - -join : -leave : \ - -owner : -request : \ - -subscribe : -unsubscribe - transport = mailman_transport - -dnslookup: - driver = dnslookup - domains = ! +local_domains - transport = remote_smtp - ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 - no_more - -# Blacklists werden jetzt in den ACL geprüft -#blacklist_router: -# driver = manualroute -# senders = ${lookup mysql {SELECT DISTINCT address FROM MYSQL_BLACKTABLE WHERE '${quote_mysql:$sender_address}' LIKE address AND recipient = '${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} -# # condition = "${if !def:h_X-Spam-Flag: {1}{0}}" -# # headers_add = X-Spam-Flag: YES -# route_list = * localhost -# # self = pass -# transport = devnull_transport -# verify = false - -#system_aliases: -# driver = redirect -# allow_fail -# allow_defer -# data = ${lookup{$local_part}lsearch{/etc/aliases}} -# user = exim -# file_transport = address_file -# pipe_transport = address_pipe - -#mysql_systemalias: -# driver = redirect -# allow_fail -# allow_defer -# data = ${lookup mysql{SELECT dest FROM mail_systemalias WHERE local_part='${quote_mysql:$local_part}'}} - -mysql_email_alias: - driver = redirect - allow_fail - allow_defer - data = ${lookup mysql{ SELECT destination FROM mail_redirect WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}' AND type = 'alias'}} - -mysql_email_forward: - driver = redirect - data = ${lookup mysql{ SELECT destination FROM mail_redirect WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}' AND type = 'forward'}} - -#spamcheck_router: -# driver = manualroute -# domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND spamscan='yes'}{$value}} -# senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} -# condition = ${if and { \ -# {!eq {$received_protocol}{spam-scanned}} \ -# {!eq {$received_protocol}{local}} \ -# } {1}{0}} -# headers_remove = X-Spam-Flag -# route_list = "* localhost byname" -# transport = spamcheck -# verify = false - -#spamdelete_router: -# driver = manualroute -# domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND spamdelete = '1'}{$value}} -# # condition = "${if eq{$h_X-Spam-Flag:}{YES} {1}{0}}" -# condition = "${if match{$h_X-Spam-Flag}{YES} {1}{0}}" -# route_list = "* localhost byname" -# transport = devnull_transport -# verify = false - - -spamrewrite_router: - driver = manualroute - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} - condition = ${if and { \ - {>{$spam_score_int}{${lookup mysql {SELECT spam_rewrite_score_int FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}}}}\ - {!eq {$received_protocol}{spam-rewrite}} \ - {!eq {$received_protocol}{local}} \ - }{true}{false}} - headers_remove = Subject - headers_add = Subject: ${lookup mysql {SELECT spam_rewrite_subject FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} $header_subject - route_list = "* localhost byname" - transport = spamrewrite_transport - verify = false - -spamredirect_router: - driver = manualroute - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} - condition = ${if >{$spam_score_int}{${lookup mysql {SELECT spam_redirect_score_int FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}}}{true}{false}} - route_list = "* localhost byname" - transport = spamredirect_transport - verify = false - -spamdelete_router: - driver = manualroute - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} - condition = ${if and { \ - {>{$spam_score_int}{${lookup mysql {SELECT spam_delete_score_int FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}}}}\ - {!eq {$received_protocol}{spam-rewrite}} \ - {!eq {$received_protocol}{local}} \ - }{true}{false}} - route_list = "* localhost byname" - transport = devnull_transport - verify = false - -autoresponder_router: - driver = accept - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND autoresponder='yes'}{$value}} - transport = autoresponder_transport - unseen - -# cc_router: -# driver = redirect -# data = ${lookup mysql {SELECT cc FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{$value}} -# unseen - -# forward_router: -# driver = redirect -# data = ${lookup mysql {SELECT forward FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND forward != ''}{$value}} - -local_mailbox_router: - driver = accept - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND maildir != '' AND active = '1'}{$value}} - transport = local_delivery - -mysql_catchall_router: - driver=redirect - data=${lookup mysql{ SELECT destination FROM mail_domain_catchall WHERE domain='${domain}'}} - allow_fail - allow_defer - -###################################################################### -# TRANSPORTS CONFIGURATION # -###################################################################### -# ORDER DOES NOT MATTER # -# Only one appropriate transport is called for each delivery. # -###################################################################### - -begin transports - -######################## -# Remote smtp transport -######################## - -remote_smtp: - driver = smtp - -################### -# Mailman transport -################### - -mailman_transport: - driver = pipe - command = /var/mailman/lists.mas-services.co.uk/mail/mailman \ - '${if def:local_part_suffix \ - {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \ - {post}}' \ - $local_part - current_directory = ${lookup mysql{SELECT mm_home FROM mail_mailman_domain WHERE domain='${domain}'}} - home_directory = ${lookup mysql{SELECT mm_home FROM mail_mailman_domain WHERE domain='${domain}'}} - user = ${lookup mysql{SELECT mm_user FROM mail_mailman_domain WHERE domain='${domain}'}} - group = ${lookup mysql{SELECT mm_group FROM mail_mailman_domain WHERE domain='${domain}'}} - - -################################################################################# -# This transport is only for rewriting the header of the message with ***SPAM*** -################################################################################# - -spamrewrite_transport: - driver = pipe - command = MAILSERVER_EXIM_BINARY -oMr spam-rewrite -bS - use_bsmtp = true - home_directory = "/tmp" - current_directory = "/tmp" - user = mail - group = mail - log_output = true - return_fail_output = true - return_path_add = false - message_prefix = - message_suffix = - -###################################################### -# This transport is only for redirecting SPAM messages -###################################################### - -spamredirect_transport: - driver = appendfile - directory = ${lookup mysql {SELECT concat(spam_redirect_maildir,'/Maildir') FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - maildir_format - user = mail - group = mail - mode = 0660 - directory_mode = 0770 - -########################## -# Local delivery transport -########################## - -local_delivery: - driver = appendfile - directory = ${lookup mysql {SELECT concat(maildir,'/Maildir') FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{$value}} - maildir_format - user = mail - group = mail - quota = ${lookup mysql{select quota from MYSQL_EMAILTABLE where email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{${value}M}} - quota_is_inclusive = false - maildir_tag = ,S=$message_size - quota_size_regex = ,S=(\d+): - quota_warn_threshold = 75% - maildir_use_size_file = false - quota_warn_message = "To: $local_part@$domain\n\ - Subject: Mailbox quota warning\n\n\ - This message was automatically generated by the mail delivery software.\n\n\ - You are now using over 75% of your allocated mail storage quota.\n\n\ - If your mailbox fills completely, further incoming messages will be automatically\n\ - returned to their senders.\n\n\ - Please take note of this and remove unwanted mail from your mailbox.\n" - mode = 0660 - directory_mode = 0770 - -########################## -# autoresponder transport -########################## - -autoresponder_transport: - driver = autoreply - to = ${sender_address} - from = "vacation@${domain}" - subject = "Autoresponder: ${local_part}@${domain}" - text = ${lookup mysql {SELECT autoresponder_text FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{$value}} - -########################## -# devnull transport -########################## - -devnull_transport: - driver = appendfile - file = /dev/null - user = mail - - -###################################################################### -# RETRY CONFIGURATION # -###################################################################### - -begin retry - -# This single retry rule applies to all domains and all errors. It specifies -# retries every 15 minutes for 2 hours, then increasing retry intervals, -# starting at 1 hour and increasing each time by a factor of 1.5, up to 16 -# hours, then retries every 6 hours until 4 days have passed since the first -# failed delivery. - -# Domain Error Retries -# ------ ----- ------- - -* * F,2h,15m; G,16h,1h,1.5; F,4d,6h - - - -###################################################################### -# REWRITE CONFIGURATION # -###################################################################### - -# There are no rewriting specifications in this default configuration file. -begin rewrite - - - -###################################################################### -# AUTHENTICATION CONFIGURATION # -###################################################################### - -# There are no authenticator specifications in this default configuration file. - -begin authenticators - -fixed_plain: - driver = plaintext - public_name = PLAIN - server_condition = ${lookup mysql{SELECT email FROM MYSQL_EMAILTABLE WHERE email='${quote_mysql:$2}' AND cryptpwd=encrypt('${quote_mysql:$3}', cryptpwd) AND active = '1'}{1}fail} - server_set_id = $2 - -fixed_login: - driver = plaintext - public_name = LOGIN - server_prompts = "Username:: : Password::" - server_condition = ${lookup mysql{SELECT email FROM MYSQL_EMAILTABLE WHERE email='${quote_mysql:$1}' AND cryptpwd=encrypt('${quote_mysql:$2}', cryptpwd) AND active = '1'}{1}fail} - server_set_id = $1 - -cram: - driver = cram_md5 - public_name = CRAM-MD5 - server_secret = "${lookup mysql {SELECT clearpwd FROM mail_box WHERE email = '${sg {$1}{'}{}}' AND active = '1'} {$value} fail}" - server_set_id = $1 - - -###################################################################### -# CONFIGURATION FOR local_scan() # -###################################################################### - -# If you have built Exim to include a local_scan() function that contains -# tables for private options, you can define those options here. Remember to -# uncomment the "begin" line. It is commented by default because it provokes -# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS -# set in the Local/Makefile. - -# begin local_scan - - -# End of Exim configuration file - diff --git a/config/exim4/exim4_without_amavisd.conf.template b/config/exim4/exim4_without_amavisd.conf.template deleted file mode 100644 index 20bdcba86b284139bd54a233e7ec94a92703a719..0000000000000000000000000000000000000000 --- a/config/exim4/exim4_without_amavisd.conf.template +++ /dev/null @@ -1,554 +0,0 @@ -###################################################################### -# MAIN CONFIGURATION SETTINGS # -###################################################################### - -# MySQL defines -MYSQL_SERVER=localhost -MYSQL_USER=root -MYSQL_PASSWORD= -MYSQL_DB=mailserver -MYSQL_EMAILTABLE=mail_box -MYSQL_DOMAINTABLE=mail_domain -MYSQL_WHITETABLE=mail_whitelist -MYSQL_BLACKTABLE=mail_blacklist - -# Server ID for Multiserver Setups -MAILSERVER_ID=1 -MAILSERVER_HOSTNAME=mail. -MAILSERVER_IP=192.168.0.108 -MAILSERVER_EXIM_BINARY=/usr/sbin/exim4 -MAILSERVER_SPAMC_BINARY=/usr/bin/spamc - -# Mailman vars -MAILMAN_HOME=/var/lib/mailman -MAILMAN_WRAP=MAILMAN_HOME/mail/wrapper -MAILMAN_UID=list -MAILMAN_GID=list - -# MySQL queries -# MYSQL_Q_LDOMAIN=SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND type = 'local' -# MYSQL_Q_RDOMAIN=SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND type = 'relay' - -MYSQL_Q_VSCAN=SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND opt_virscan='yes' - - -MM_HOME=${lookup mysql{SELECT mm_home FROM mail_mailman_domain WHERE domain='${quote_mysql:domain}'}} -MM_LISTCHK=MM_HOME/lists/${lc::$local_part}/config.pck -MM_WRAP=${lookup mysql{SELECT mm_wrap FROM mail_mailman_domain WHERE domain='${quote_mysql:domain}'}} - -# MySQL connection -hide mysql_servers = "MYSQL_SERVER/MYSQL_DB/MYSQL_USER/MYSQL_PASSWORD" - -# starting 'normal' config - -primary_hostname = MAILSERVER_HOSTNAME - -domainlist local_domains = mysql;SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND type = 'local' -domainlist relay_to_domains = mysql;SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='${quote_mysql:$domain}' AND (type = 'relay' OR type = 'alias') -hostlist relay_from_hosts = 127.0.0.1 -domainlist mmdomains = ${lookup mysql {SELECT domain FROM mail_mailman_domain}} - -# acl_smtp_rcpt = acl_check_rcpt - -qualify_domain = -# qualify_recipient = - -# allow_domain_literals - -never_users = root -trusted_users = mail - -host_lookup = * -rfc1413_hosts = * -rfc1413_query_timeout = 15s - -check_spool_space = 50M -check_log_space = 20M -return_size_limit = 20k -message_size_limit = 20M - -# sender_unqualified_hosts = -# recipient_unqualified_hosts = - -# percent_hack_domains = - -ignore_bounce_errors_after = 2d -timeout_frozen_after = 7d - -deliver_queue_load_max = 8 -queue_only_load = 10 -remote_max_parallel = 15 - -#tls_certificate = -#tls_privatekey = -#tls_advertise_hosts = * - -# SSL/TLS cert and key -tls_certificate = /etc/exim4/smtpd.cert -tls_privatekey = /etc/exim4/smtpd.key - -# Advertise TLS to anyone -tls_advertise_hosts = * - -# Require auth over SSL only. -# auth_over_tls_hosts = * - -helo_try_verify_hosts = !+relay_from_hosts - -av_scanner = clamd:/var/run/clamav/clamd.ctl -spamd_address = 127.0.0.1 783 - -acl_smtp_rcpt = acl_check_rcpt -#acl_smtp_mail = acl_check_sender -acl_smtp_connect = acl_check_host -acl_smtp_data = acl_check_data -acl_smtp_helo = acl_check_helo - - -###################################################################### -# ACL CONFIGURATION # -# Specifies access control lists for incoming SMTP mail # -###################################################################### - -begin acl - -acl_check_rcpt: - - accept hosts = : - - deny domains = +local_domains - local_parts = ^[.] : ^.*[@%!/|] - - deny domains = !+local_domains - local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ - - accept local_parts = postmaster - domains = +local_domains - - require verify = sender - - # Whitelist - - - # Blacklist - deny senders = ${lookup mysql {SELECT DISTINCT address FROM MYSQL_BLACKTABLE WHERE '${quote_mysql:$sender_address}' LIKE address \ - AND (recipient = '' OR recipient = '${quote_mysql:$domain}' OR recipient = '${quote_mysql:$local_part}@${quote_mysql:$domain}') \ - AND active = '1' AND server_id = 'MAILSERVER_ID'}{$value}} - log_message = Blacklisted. Sender: <$sender_address> Recipient: <$local_part@$domain> - - accept domains = +local_domains - endpass - verify = recipient - - accept domains = +relay_to_domains - endpass - verify = recipient - - accept hosts = +relay_from_hosts - - accept authenticated = * - - deny message = relay not permitted - - -acl_check_host: - accept - hosts = +relay_from_hosts - #deny - # log_message = match host_reject.list - # hosts = /etc/exim4/filters/host_reject.list - - accept - -acl_check_helo: - accept hosts = +relay_from_hosts - # If the HELO pretend to be this host - deny condition = ${if or { \ - {eq {${lc:$sender_helo_name}}{MAILSERVER_HOSTNAME}} \ - {eq {${lc:$sender_helo_name}}{MAILSERVER_IP}} \ - } {true}{false} } - # by default we accept - accept - - -acl_check_data: - - accept hosts = +relay_from_hosts - - # if there is a windows executable as attachment then we reject - deny message = This message contains an attachment of a type which we do not accept (.$found_extension) - demime = bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs:url - - # spamassassin - warn message = X-SA-Score: $spam_score - spam = nobody:true - - warn message = X-SA-Report: $spam_report - spam = nobody:true - condition = ${if >{$spam_score_int}{0}{true}{false}} - - warn message = X-SA-Status: Yes - spam = nobody:true - condition = ${if >{$spam_score_int}{50}{true}{false}} - - deny message = This message scored $spam_score spam points. - spam = nobody:true - condition = ${if >{$spam_score_int}{70}{true}{false}} - - # clamav - deny message = This message contains a virus or other harmful content ($malware_name) - demime = * - malware = * - log_message = Virus found in Message - - # accept by default - accept - - - - -###################################################################### -# ROUTERS CONFIGURATION # -# Specifies how addresses are handled # -###################################################################### -# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! # -# An address is passed to each router in turn until it is accepted. # -###################################################################### - -begin routers - -fail_router: - driver = redirect - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND active='0'}{$value}} - data = ":fail:" - allow_fail - -domain_aliases: - driver=redirect - domains=${lookup mysql{SELECT domain FROM mail_domain WHERE domain='${domain}' AND type = 'alias'}} - data=$local_part@${lookup mysql{SELECT destination FROM mail_domain WHERE domain='${domain}'}} - -mailman_router: - driver = accept - domains = +mmdomains - require_files = MM_LISTCHK - local_part_suffix_optional - local_part_suffix = -admin : \ - -bounces : -bounces+* : \ - -confirm : -confirm+* : \ - -join : -leave : \ - -owner : -request : \ - -subscribe : -unsubscribe - transport = mailman_transport - -dnslookup: - driver = dnslookup - domains = ! +local_domains - transport = remote_smtp - ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 - no_more - -# Blacklists werden jetzt in den ACL geprüft -#blacklist_router: -# driver = manualroute -# senders = ${lookup mysql {SELECT DISTINCT address FROM MYSQL_BLACKTABLE WHERE '${quote_mysql:$sender_address}' LIKE address AND recipient = '${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} -# # condition = "${if !def:h_X-Spam-Flag: {1}{0}}" -# # headers_add = X-Spam-Flag: YES -# route_list = * localhost -# # self = pass -# transport = devnull_transport -# verify = false - -#system_aliases: -# driver = redirect -# allow_fail -# allow_defer -# data = ${lookup{$local_part}lsearch{/etc/aliases}} -# user = exim -# file_transport = address_file -# pipe_transport = address_pipe - -#mysql_systemalias: -# driver = redirect -# allow_fail -# allow_defer -# data = ${lookup mysql{SELECT dest FROM mail_systemalias WHERE local_part='${quote_mysql:$local_part}'}} - -mysql_email_alias: - driver = redirect - allow_fail - allow_defer - data = ${lookup mysql{ SELECT destination FROM mail_redirect WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}' AND type = 'alias'}} - -mysql_email_forward: - driver = redirect - data = ${lookup mysql{ SELECT destination FROM mail_redirect WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}' AND type = 'forward'}} - -#spamcheck_router: -# driver = manualroute -# domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND spamscan='yes'}{$value}} -# senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} -# condition = ${if and { \ -# {!eq {$received_protocol}{spam-scanned}} \ -# {!eq {$received_protocol}{local}} \ -# } {1}{0}} -# headers_remove = X-Spam-Flag -# route_list = "* localhost byname" -# transport = spamcheck -# verify = false - -#spamdelete_router: -# driver = manualroute -# domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND spamdelete = '1'}{$value}} -# # condition = "${if eq{$h_X-Spam-Flag:}{YES} {1}{0}}" -# condition = "${if match{$h_X-Spam-Flag}{YES} {1}{0}}" -# route_list = "* localhost byname" -# transport = devnull_transport -# verify = false - - -spamrewrite_router: - driver = manualroute - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} - condition = ${if and { \ - {>{$spam_score_int}{${lookup mysql {SELECT spam_rewrite_score_int FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}}}}\ - {!eq {$received_protocol}{spam-rewrite}} \ - {!eq {$received_protocol}{local}} \ - }{true}{false}} - headers_remove = Subject - headers_add = Subject: ${lookup mysql {SELECT spam_rewrite_subject FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} $header_subject - route_list = "* localhost byname" - transport = spamrewrite_transport - verify = false - -spamredirect_router: - driver = manualroute - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} - condition = ${if >{$spam_score_int}{${lookup mysql {SELECT spam_redirect_score_int FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}}}{true}{false}} - route_list = "* localhost byname" - transport = spamredirect_transport - verify = false - -spamdelete_router: - driver = manualroute - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - senders = ! ${lookup mysql {SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE MYSQL_WHITETABLE.address}{$value}} - condition = ${if and { \ - {>{$spam_score_int}{${lookup mysql {SELECT spam_delete_score_int FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}}}}\ - {!eq {$received_protocol}{spam-rewrite}} \ - {!eq {$received_protocol}{local}} \ - }{true}{false}} - route_list = "* localhost byname" - transport = devnull_transport - verify = false - -autoresponder_router: - driver = accept - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND autoresponder='yes'}{$value}} - transport = autoresponder_transport - unseen - -# cc_router: -# driver = redirect -# data = ${lookup mysql {SELECT cc FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{$value}} -# unseen - -# forward_router: -# driver = redirect -# data = ${lookup mysql {SELECT forward FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND forward != ''}{$value}} - -local_mailbox_router: - driver = accept - domains = ${lookup mysql {SELECT SUBSTRING_INDEX(email,'@',-1) FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}') AND maildir != '' AND active = '1'}{$value}} - transport = local_delivery - -mysql_catchall_router: - driver=redirect - data=${lookup mysql{ SELECT destination FROM mail_domain_catchall WHERE domain='${domain}'}} - allow_fail - allow_defer - -###################################################################### -# TRANSPORTS CONFIGURATION # -###################################################################### -# ORDER DOES NOT MATTER # -# Only one appropriate transport is called for each delivery. # -###################################################################### - -begin transports - -######################## -# Remote smtp transport -######################## - -remote_smtp: - driver = smtp - -################### -# Mailman transport -################### - -mailman_transport: - driver = pipe - command = /var/mailman/lists.mas-services.co.uk/mail/mailman \ - '${if def:local_part_suffix \ - {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \ - {post}}' \ - $local_part - current_directory = ${lookup mysql{SELECT mm_home FROM mail_mailman_domain WHERE domain='${domain}'}} - home_directory = ${lookup mysql{SELECT mm_home FROM mail_mailman_domain WHERE domain='${domain}'}} - user = ${lookup mysql{SELECT mm_user FROM mail_mailman_domain WHERE domain='${domain}'}} - group = ${lookup mysql{SELECT mm_group FROM mail_mailman_domain WHERE domain='${domain}'}} - - -################################################################################# -# This transport is only for rewriting the header of the message with ***SPAM*** -################################################################################# - -spamrewrite_transport: - driver = pipe - command = MAILSERVER_EXIM_BINARY -oMr spam-rewrite -bS - use_bsmtp = true - home_directory = "/tmp" - current_directory = "/tmp" - user = mail - group = mail - log_output = true - return_fail_output = true - return_path_add = false - message_prefix = - message_suffix = - -###################################################### -# This transport is only for redirecting SPAM messages -###################################################### - -spamredirect_transport: - driver = appendfile - directory = ${lookup mysql {SELECT concat(spam_redirect_maildir,'/Maildir') FROM mail_spamfilter WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}'}{$value}} - maildir_format - user = mail - group = mail - mode = 0660 - directory_mode = 0770 - -########################## -# Local delivery transport -########################## - -local_delivery: - driver = appendfile - directory = ${lookup mysql {SELECT concat(maildir,'/Maildir') FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{$value}} - maildir_format - user = mail - group = mail - quota = ${lookup mysql{select quota from MYSQL_EMAILTABLE where email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{${value}M}} - quota_is_inclusive = false - maildir_tag = ,S=$message_size - quota_size_regex = ,S=(\d+): - quota_warn_threshold = 75% - maildir_use_size_file = false - quota_warn_message = "To: $local_part@$domain\n\ - Subject: Mailbox quota warning\n\n\ - This message was automatically generated by the mail delivery software.\n\n\ - You are now using over 75% of your allocated mail storage quota.\n\n\ - If your mailbox fills completely, further incoming messages will be automatically\n\ - returned to their senders.\n\n\ - Please take note of this and remove unwanted mail from your mailbox.\n" - mode = 0660 - directory_mode = 0770 - -########################## -# autoresponder transport -########################## - -autoresponder_transport: - driver = autoreply - to = ${sender_address} - from = "vacation@${domain}" - subject = "Autoresponder: ${local_part}@${domain}" - text = ${lookup mysql {SELECT autoresponder_text FROM MYSQL_EMAILTABLE WHERE email=CONCAT('${quote_mysql:$local_part}','@','${quote_mysql:$domain}')}{$value}} - -########################## -# devnull transport -########################## - -devnull_transport: - driver = appendfile - file = /dev/null - user = mail - - -###################################################################### -# RETRY CONFIGURATION # -###################################################################### - -begin retry - -# This single retry rule applies to all domains and all errors. It specifies -# retries every 15 minutes for 2 hours, then increasing retry intervals, -# starting at 1 hour and increasing each time by a factor of 1.5, up to 16 -# hours, then retries every 6 hours until 4 days have passed since the first -# failed delivery. - -# Domain Error Retries -# ------ ----- ------- - -* * F,2h,15m; G,16h,1h,1.5; F,4d,6h - - - -###################################################################### -# REWRITE CONFIGURATION # -###################################################################### - -# There are no rewriting specifications in this default configuration file. -begin rewrite - - - -###################################################################### -# AUTHENTICATION CONFIGURATION # -###################################################################### - -# There are no authenticator specifications in this default configuration file. - -begin authenticators - -fixed_plain: - driver = plaintext - public_name = PLAIN - server_condition = ${lookup mysql{SELECT email FROM MYSQL_EMAILTABLE WHERE email='${quote_mysql:$2}' AND cryptpwd=encrypt('${quote_mysql:$3}', cryptpwd) AND active = '1'}{1}fail} - server_set_id = $2 - -fixed_login: - driver = plaintext - public_name = LOGIN - server_prompts = "Username:: : Password::" - server_condition = ${lookup mysql{SELECT email FROM MYSQL_EMAILTABLE WHERE email='${quote_mysql:$1}' AND cryptpwd=encrypt('${quote_mysql:$2}', cryptpwd) AND active = '1'}{1}fail} - server_set_id = $1 - -cram: - driver = cram_md5 - public_name = CRAM-MD5 - server_secret = "${lookup mysql {SELECT clearpwd FROM mail_box WHERE email = '${sg {$1}{'}{}}' AND active = '1'} {$value} fail}" - server_set_id = $1 - - -###################################################################### -# CONFIGURATION FOR local_scan() # -###################################################################### - -# If you have built Exim to include a local_scan() function that contains -# tables for private options, you can define those options here. Remember to -# uncomment the "begin" line. It is commented by default because it provokes -# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS -# set in the Local/Makefile. - -# begin local_scan - - -# End of Exim configuration file - diff --git a/config/exim4/readme.txt b/config/exim4/readme.txt new file mode 100644 index 0000000000000000000000000000000000000000..3d1c083f2b8104f1e5d6a7d5296767e3ca1999cc --- /dev/null +++ b/config/exim4/readme.txt @@ -0,0 +1,6 @@ + +Exim is not officially supported by ISPConfig. If you want to +try to use it anyway, take a look atbthis thread: + +http://www.howtoforge.com/forums/showthread.php?t=52117 +