3 вопроса

EXIM, sendmail, postfix, Dovecot и прочие. Решение проблем связанных с работой электронной почты

Модератор: xM

Правила форума
Убедительная просьба юзать теги [code] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
quest
рядовой
Сообщения: 10
Зарегистрирован: 2007-06-22 12:42:59

3 вопроса

Непрочитанное сообщение quest » 2007-07-06 10:35:41

Добрый день.
Может не нашел в документации, тогда буду благодарен за ссылку на нужное место. Есть 3 вопроса
1. Как заставить exim забирать по etrn письма? (у нас очередь дополнительно держиться у провайдера в сслучае если мы не доступны, и вот не могу получить оттуда письма)
2. Как разделить пользователей на 2 группы - тех кто имеет право отсылать письма на другие домены и тех кто может пересылать почту только внутри домена.
3. Написал в конфге вот так -
hostlist host_reject = !ex1.com:!ex2.com:!ru:*
в обработке
deny hosts = +host_reject
message = You are banned. Go away.

но почему-то не работает.

Укажите направление куда копать

Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2460 рублей (8 CPU, 8Gb RAM, 2x500Gb HDD, RAID 3ware 9750):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

Аватара пользователя
Alex Keda
стреляли...
Сообщения: 35056
Зарегистрирован: 2004-10-18 14:25:19
Откуда: Made in USSR
Контактная информация:

Непрочитанное сообщение Alex Keda » 2007-07-06 10:39:18

1. вообще, насчёт забирать, думаю лучше использовать специализированный софт - типа fetchmail.
2. создай файлики/таблицу в БД, и в роутерах по ним поисск - уж как организовать - тебе видней - кого бльше и кк проще
3. логи давай.
и вообе отладку используй - у exim очень хорошая отладка.
редко такая бывает...
Убей их всех! Бог потом рассортирует...

Аватара пользователя
dikens3
подполковник
Сообщения: 4856
Зарегистрирован: 2006-09-06 16:24:08
Откуда: Нижний Новгород
Контактная информация:

Re: 3 вопроса

Непрочитанное сообщение dikens3 » 2007-07-06 10:55:17

quest писал(а):1. Как заставить exim забирать по etrn письма? (у нас очередь дополнительно держиться у провайдера в сслучае если мы не доступны, и вот не могу получить оттуда письма)
Ответ выше.
2. Как разделить пользователей на 2 группы - тех кто имеет право отсылать письма на другие домены и тех кто может пересылать почту только внутри домена.
Можно сделать аутентификацию для пользователей имеющих право отправлять письма во внешний мир:

Код: Выделить всё

# Принимаем аутентифицированных для внешних доменов
  accept    authenticated = *
            !domains       = +local_domains

# Принимаем, если получатель и домен наши и существуют.
  accept   domains       = +local_domains
           endpass
           message       = "Unknown user"
           verify        = recipient

# Остальных прибиваем
  deny     message       = relay not permitted
3. Написал в конфге вот так -
hostlist host_reject = !ex1.com:!ex2.com:!ru:*
в обработке
deny hosts = +host_reject
message = You are banned. Go away.
но почему-то не работает.
Что нужно блокировать: Все, за исключением или только определённые хосты?
Лучше установить FreeBSD, чем потратить 30 лет на Linux'ы и выяснить какой из них хуже.

quest
рядовой
Сообщения: 10
Зарегистрирован: 2007-06-22 12:42:59

Непрочитанное сообщение quest » 2007-07-06 11:39:36

######################################################################
# Runtime configurationfile for Exim #
######################################################################
#######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################

primary_hostname = myDomain.ru
#primary_hostname =
domainlist local_domains = myDomain.ru
#${lookup mysql{SELECT domain FROM domains \
# WHERE domain='${domain}' AND \
# (type='LOCAL' OR type='VIRTUAL')}}
#domainlist relay_to_domains = ${lookup mysql{SELECT domain FROM domains \
# WHERE domain='${domain}' AND type='RELAY'}}
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1:192.168.2.0/24
auth_advertise_hosts = *
daemon_smtp_ports = 25 : 465
hostlist host_reject = !c1.com:!g1.com:!ru:*
#tls_on_connect_ports = 465
#tls_advertise_hosts = *
#tls_certificate = /usr/local/etc/ssl/certs/mail.pem
#tls_privatekey = /usr/local/etc/ssl/certs/mail.pem
log_file_path = /var/log/exim/exim_%s.log
log_selector = \
+all_parents \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+smtp_confirmation \
+smtp_syntax_error \
+smtp_protocol_error \
+arguments \
-queue_run
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_mime = acl_check_mime
qualify_domain = universal.onego.ru
allow_domain_literals = false
never_users = root
#host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 30m
timeout_frozen_after = 3d
freeze_tell = postmaster
message_size_limit = 10M
smtp_accept_max = 100
smtp_accept_max_per_connection = 10
smtp_accept_max_per_host = 10
split_spool_directory = true
remote_max_parallel = 15
exim_user=mailnull
exim_group=mailnull
smtp_banner = "Welcome on our mail server!\n \
Have a nice day!\n\n${primary_hostname} ESMTP"

hide mysql_servers = localhost/exim/exim/exim

######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl

acl_check_rcpt:

accept hosts = :

# deny domains = +local_domains
# local_parts = ^[] : ^*[@%!/|]

# deny domains = !+local_domains
# local_parts = ^[/|] : ^*[@%!] : ^.*/\\.\\./

accept local_parts = postmaster
domains = +local_domains

require verify = sender

deny message = HELO/EHLO required by SMTP RFC
condition = ${if eq{$sender_helo_name}{}{yes}{no}}

deny message = Go Away! You are spammer.
condition = ${if match{$sender_host_name} \
{bezeqint\\.net|net\\.il|dialup|dsl|pool|peer|dhcp} \
{yes}{no}}

deny message = rejected because \
$sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
log_message = found in $dnslist_domain
dnslists = relays.ordb.org
deny message = message from \
$sender_host_address rejected - see http://njabl.org/
log_message = found in $dnslist_domain
dnslists = dnsbl.njabl.org
deny message = rejected because \
$sender_host_address for bad WHOIS info, see http://www.rfc-ignorant.org/
log_message = found in $dnslist_domain
dnslists = ipwhois.rfc-ignorant.org
deny message = rejected because $sender_host_address \
is in a black list at $dnslist_domain\n$dnslist_text
log_message = found in $dnslist_domain
dnslists = dialups.mail-abuse.org
deny message = rejected because $sender_host_address \
is in a black list at $dnslist_domain\n$dnslist_text
log_message = found in $dnslist_domain
dnslists = list.dsbl.org
deny message = Spam blocked see: \
http://www.spamcop.net/w3m?action=check ... st_address
log_message = found in $dnslist_domain
dnslists = bl.spamcop.net
deny message = rejected, $sender_host_address \
Open Proxy, see: $dnslist_domain\n$dnslist_text
log_message = found in $dnslist_domain
dnslists = dnsbl.void.ru

# ����� ��� ����� deny hosts = +host_reject
message = You are banned. Go away.

accept domains = +local_domains
endpass
message = unknown user
verify = recipient

accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient

accept hosts = +relay_from_hosts
accept authenticated = *


deny message = relay not permitted

acl_check_mime:

warn decode = default

deny message = Blacklisted file extension detected ($mime_filename)
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com|\.vbs|\.cpl)$\N} \
{1}{0}}

deny message = Sorry, noone speaks chinese here
condition = ${if eq{$mime_charset}{gb2312}{1}{0}}

accept

######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################

begin routers

dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM aliases \
WHERE local_part='${local_part}' AND domain='${domain}'}}

userforward:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM userforward \
WHERE local_part='${local_part}' AND domain='${domain}'}}

virtual_localuser:
driver = accept
domains = ${lookup mysql{SELECT domain from domains WHERE domain='${domain}'}}
local_parts = ${lookup mysql{SELECT login from users \
WHERE login='${local_part}' AND domain='${domain}'}}
transport = local_delivery

######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################

begin transports

remote_smtp:
driver = smtp

local_delivery:
driver = appendfile
check_string = ""
create_directory
delivery_date_add
directory = /var/mail/$domain/$local_part
directory_mode = 770
envelope_to_add
group = mailnull
user = mailnull
maildir_format
maildir_tag = ,S=$message_size
message_prefix = ""
message_suffix = ""
mode = 0660
quota = ${lookup mysql{SELECT quota FROM users \
WHERE login='${local_part}' AND domain='${domain}'}{${value}M}}
quota_size_regex = S=(\d+)$
quota_warn_threshold = 75%
return_path_add

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_reply:
driver = autoreply

######################################################################
# RETRY CONFIGURATION #
######################################################################

begin retry

* quota
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h


######################################################################
# REWRITE CONFIGURATION #
######################################################################

begin rewrite

######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################

begin authenticators

auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT login FROM users \
WHERE login = '${quote_mysql:${local_part:$2}}' \
AND domain = '${quote_mysql:${domain:$2}}' \
AND decrypt = '${quote_mysql:$3}' \
AND status = '1'}{yes}{no}}
server_prompts = :
server_set_id = $2

auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT login FROM users \
WHERE login = '${quote_mysql:${local_part:$1}}' \
AND domain = '${quote_mysql:${domain:$1}}' \
AND decrypt = '${quote_mysql:$2}' \
AND status = '1'}{yes}{no}}
server_prompts = Username:: : Password::
server_set_id = $1

auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT decrypt FROM users \
WHERE login = '${quote_mysql:${local_part:$1}}' \
AND domain = '${quote_mysql:${domain:$1}}' \
AND status = '1'}{$value}fail}
server_set_id = $1

# End of Exim configuration file

мой конфиг

Аватара пользователя
Alex Keda
стреляли...
Сообщения: 35056
Зарегистрирован: 2004-10-18 14:25:19
Откуда: Made in USSR
Контактная информация:

Непрочитанное сообщение Alex Keda » 2007-07-06 12:13:30

почему-то даже читать не хочется без

Код: Выделить всё

учись ценить время других - иначе никто не будет ценить твоё
Убей их всех! Бог потом рассортирует...

quest
рядовой
Сообщения: 10
Зарегистрирован: 2007-06-22 12:42:59

Непрочитанное сообщение quest » 2007-07-06 16:05:53

Код: Выделить всё

2007-07-06 12:45:03 unexpected disconnection while reading SMTP command from (ANancy-152-1-52-130.w83-194.abo.wanadoo.fr) [83.194.3.130]
2007-07-06 12:45:12 DNS list lookup defer (probably timeout) for 4.2.168.192.relays.ordb.org: assumed not in list
2007-07-06 12:45:26 DNS list lookup defer (probably timeout) for 150.66.19.81.relays.ordb.org: assumed not in list
2007-07-06 12:45:38 1I6j2i-000Jgj-LQ SMTP error from remote mail server after end of data: host imx1.rambler.ru [81.19.66.150]: 450 <lazonen-in@mydomain.ru>: Sender address rejected: unverified address: Address verification in progress
2007-07-06 12:45:42 DNS list lookup defer (probably timeout) for 4.2.168.192.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:45:57 H=(mpifg.de.s8a2.psmtp.com) [58.140.145.252] sender verify defer for <bcurnow@cityweb.de>: host lookup did not complete
2007-07-06 12:45:57 H=(mpifg.de.s8a2.psmtp.com) [58.140.145.252] F=<bcurnow@cityweb.de> temporarily rejected RCPT <all@mydomain.ru>: Could not complete sender verify
2007-07-06 12:45:57 H=(mpifg.de.s8a2.psmtp.com) [58.140.145.252] F=<bcurnow@cityweb.de> temporarily rejected RCPT <buhgalter@mydomain.ru>: Could not complete sender verify
2007-07-06 12:45:57 H=(mpifg.de.s8a2.psmtp.com) [58.140.145.252] F=<bcurnow@cityweb.de> temporarily rejected RCPT <bket_in@mydomain.ru>: Could not complete sender verify
2007-07-06 12:46:00 unexpected disconnection while reading SMTP command from (mpifg.de.s8a2.psmtp.com) [58.140.145.252]
2007-07-06 12:46:03 DNS list lookup defer (probably timeout) for 16.192.109.212.relays.ordb.org: assumed not in list
2007-07-06 12:46:11 DNS list lookup defer (probably timeout) for 150.66.19.81.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:46:12 DNS list lookup defer (probably timeout) for 4.2.168.192.dialups.mail-abuse.org: assumed not in list
2007-07-06 12:46:21 DNS list lookup defer (probably timeout) for 4.2.168.192.relays.ordb.org: assumed not in list
2007-07-06 12:46:42 DNS list lookup defer (probably timeout) for 4.2.168.192.list.dsbl.org: assumed not in list
2007-07-06 12:46:49 DNS list lookup defer (probably timeout) for 16.192.109.212.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:46:51 DNS list lookup defer (probably timeout) for 4.2.168.192.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:46:52 H=(mail1.provider.ru) [196.176.136.3] sender verify defer for <akstcworksnjmnsdgs@worksnj.com>: host lookup did not complete
2007-07-06 12:46:52 H=(mail1.provider.ru) [196.176.136.3] F=<akstcworksnjmnsdgs@worksnj.com> temporarily rejected RCPT <334329723.20060823183516@mydomain.ru>: Could not complete sender verify
2007-07-06 12:47:01 DNS list lookup defer (probably timeout) for 150.66.19.81.list.dsbl.org: assumed not in list
2007-07-06 12:47:02 DNS list lookup defer (probably timeout) for 6.88.19.81.relays.ordb.org: assumed not in list
2007-07-06 12:47:12 DNS list lookup defer (probably timeout) for 4.2.168.192.bl.spamcop.net: assumed not in list
2007-07-06 12:47:12 no IP address found for host ru (during SMTP connection from mailserver1.domain.samba (mailserver1) [192.168.2.4])
2007-07-06 12:47:12 unexpected disconnection while reading SMTP command from mailserver1.domain.samba (mailserver1) [192.168.2.4]
2007-07-06 12:47:19 DNS list lookup defer (probably timeout) for 16.192.109.212.dialups.mail-abuse.org: assumed not in list
2007-07-06 12:47:21 DNS list lookup defer (probably timeout) for 4.2.168.192.dialups.mail-abuse.org: assumed not in list
2007-07-06 12:47:31 DNS list lookup defer (probably timeout) for 150.66.19.81.bl.spamcop.net: assumed not in list
2007-07-06 12:47:32 DNS list lookup defer (probably timeout) for 6.88.19.81.dnsbl.njabl.org: assumed not in list
2007-07-06 12:47:49 DNS list lookup defer (probably timeout) for 16.192.109.212.list.dsbl.org: assumed not in list
2007-07-06 12:47:51 DNS list lookup defer (probably timeout) for 4.2.168.192.list.dsbl.org: assumed not in list
2007-07-06 12:48:01 DNS list lookup defer (probably timeout) for 150.66.19.81.dnsbl.void.ru: assumed not in list
2007-07-06 12:48:01 no IP address found for host ru (during SMTP connection from (mx6.rambler.ru) [81.19.66.150])
2007-07-06 12:48:02 DNS list lookup defer (probably timeout) for 6.88.19.81.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:48:19 DNS list lookup defer (probably timeout) for 16.192.109.212.bl.spamcop.net: assumed not in list
2007-07-06 12:48:21 DNS list lookup defer (probably timeout) for 4.2.168.192.bl.spamcop.net: assumed not in list
2007-07-06 12:48:32 DNS list lookup defer (probably timeout) for 6.88.19.81.dialups.mail-abuse.org: assumed not in list
2007-07-06 12:48:49 DNS list lookup defer (probably timeout) for 16.192.109.212.dnsbl.void.ru: assumed not in list
2007-07-06 12:48:49 no IP address found for host ru (during SMTP connection from (host.54.ru) [212.109.192.16])
2007-07-06 12:48:51 DNS list lookup defer (probably timeout) for 4.2.168.192.dnsbl.void.ru: assumed not in list
2007-07-06 12:48:51 no IP address found for host ru (during SMTP connection from mailserver1.domain.samba (mailserver1) [192.168.2.4])
2007-07-06 12:48:53 1I6jUh-000JlO-W5 <= tkachenko-an@mydomain.ru H=mailserver1.domain.samba (mailserver1) [192.168.2.4] P=smtp S=2894713 id=00ab01c7bfaa$659ea5f0$0402a8c0@mailserver1 from <tkachenko-an@mydomain.ru> for druzhinin-as@mydomain.ru
2007-07-06 12:48:53 cwd=/var/spool/exim 3 args: /usr/local/sbin/exim -Mc 1I6jUh-000JlO-W5
2007-07-06 12:48:53 1I6jUh-000JlO-W5 => druzhinin-as <druzhinin-as@mydomain.ru> R=virtual_localuser T=local_delivery
2007-07-06 12:48:53 1I6jUh-000JlO-W5 Completed
2007-07-06 12:49:02 DNS list lookup defer (probably timeout) for 6.88.19.81.list.dsbl.org: assumed not in list
2007-07-06 12:49:32 DNS list lookup defer (probably timeout) for 6.88.19.81.bl.spamcop.net: assumed not in list
2007-07-06 12:50:02 DNS list lookup defer (probably timeout) for 6.88.19.81.dnsbl.void.ru: assumed not in list
2007-07-06 12:50:02 no IP address found for host ru (during SMTP connection from (mx13.rambler.ru) [81.19.88.6])
2007-07-06 12:51:10 unexpected disconnection while reading SMTP command from (mail1.provider.ru) [196.176.136.3] (error: Operation timed out)
2007-07-06 12:53:36 DNS list lookup defer (probably timeout) for 4.2.168.192.relays.ordb.org: assumed not in list
2007-07-06 12:53:49 SMTP command timeout on connection from (host.54.ru) [212.109.192.16]
2007-07-06 12:54:07 DNS list lookup defer (probably timeout) for 4.2.168.192.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:54:07 no IP address found for host ru (during SMTP connection from mailserver1.domain.samba (mailserver1) [192.168.2.4])
2007-07-06 12:54:07 1I6jZn-000JmG-M3 <= tkachenko-an@mydomain.ru H=mailserver1.domain.samba (mailserver1) [192.168.2.4] P=smtp S=107398 id=00bd01c7bfab$21c65f70$0402a8c0@mailserver1 from <tkachenko-an@mydomain.ru> for buharcev@gpgspb.ru
2007-07-06 12:54:07 cwd=/var/spool/exim 3 args: /usr/local/sbin/exim -Mc 1I6jZn-000JmG-M3
2007-07-06 12:54:23 1I6jZn-000JmG-M3 relay1.peterlink.ru [195.242.2.6] No route to host
2007-07-06 12:54:37 DNS list lookup defer (probably timeout) for 4.2.168.192.relays.ordb.org: assumed not in list
2007-07-06 12:54:57 1I6jZn-000JmG-M3 relay2.peterlink.ru [195.242.2.7] No route to host
2007-07-06 12:54:57 1I6jZn-000JmG-M3 == buharcev@gpgspb.ru R=dnslookup T=remote_smtp defer (65): No route to host
2007-07-06 12:55:07 DNS list lookup defer (probably timeout) for 4.2.168.192.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:55:07 DNS list lookup defer (probably timeout) for 4.2.168.192.relays.ordb.org: assumed not in list
2007-07-06 12:55:08 no IP address found for host ru (during SMTP connection from mailserver1.domain.samba (mailserver1) [192.168.2.4])
2007-07-06 12:55:08 1I6jam-000JmO-9c <= tkachenko-an@mydomain.ru H=mailserver1.domain.samba (mailserver1) [192.168.2.4] P=smtp S=1867 id=00cd01c7bfab$45e69280$0402a8c0@mailserver1 from <tkachenko-an@mydomain.ru> for vladimir@jazz-smell.ru
2007-07-06 12:55:08 cwd=/var/spool/exim 3 args: /usr/local/sbin/exim -Mc 1I6jam-000JmO-9c
2007-07-06 12:55:20 1I6jam-000JmO-9c relay.wm.ru [195.9.14.97] No route to host
2007-07-06 12:55:37 DNS list lookup defer (probably timeout) for 4.2.168.192.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:55:45 1I6j2i-000Jgj-LQ SMTP timeout while connected to imx1.rambler.ru [81.19.88.6] after end of data (363059 bytes written): Operation timed out
2007-07-06 12:55:54 DNS list lookup defer (probably timeout) for 4.2.168.192.relays.ordb.org: assumed not in list
2007-07-06 12:56:07 DNS list lookup defer (probably timeout) for 4.2.168.192.dialups.mail-abuse.org: assumed not in list
2007-07-06 12:56:24 DNS list lookup defer (probably timeout) for 4.2.168.192.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 12:56:35 1I6jam-000JmO-9c relay1.wm.ru [195.9.14.14] No route to host
2007-07-06 12:56:35 1I6jam-000JmO-9c == vladimir@jazz-smell.ru R=dnslookup T=remote_smtp defer (65): No route to host
2007-07-06 12:56:37 DNS list lookup defer (probably timeout) for 4.2.168.192.list.dsbl.org: assumed not in list
2007-07-06 12:56:54 DNS list lookup defer (probably timeout) for 4.2.168.192.dialups.mail-abuse.org: assumed not in list
2007-07-06 12:57:00 1I6j2i-000Jgj-LQ imx1.rambler.ru [81.19.66.115] No route to host
2007-07-06 12:57:07 DNS list lookup defer (probably timeout) for 4.2.168.192.bl.spamcop.net: assumed not in list
2007-07-06 12:57:07 no IP address found for host ru (during SMTP connection from mailserver1.domain.samba (mailserver1) [192.168.2.4])
2007-07-06 12:57:07 1I6jch-000JmT-Qp <= druzhinin-as@mydomain.ru H=mailserver1.domain.samba (mailserver1) [192.168.2.4] P=smtp S=1671 id=024601c7bfab$8d258e30$0402a8c0@mailserver1 from <druzhinin-as@mydomain.ru> for MKustova@Dixy.Spb.Ru
2007-07-06 12:57:07 cwd=/var/spool/exim 3 args: /usr/local/sbin/exim -Mc 1I6jch-000JmT-Qp
2007-07-06 12:57:22 1I6j2i-000Jgj-LQ imx1.rambler.ru [81.19.88.5] No route to host
2007-07-06 12:57:24 DNS list lookup defer (probably timeout) for 4.2.168.192.list.dsbl.org: assumed not in list
2007-07-06 12:57:44 1I6jch-000JmT-Qp mail.dixy.spb.ru [81.3.146.161] No route to host
2007-07-06 12:57:54 DNS list lookup defer (probably timeout) for 4.2.168.192.bl.spamcop.net: assumed not in list
2007-07-06 12:57:54 no IP address found for host ru (during SMTP connection from mailserver1.domain.samba (mailserver1) [192.168.2.4])
2007-07-06 12:57:54 1I6jdS-000Jms-6z <= tkachenko-an@mydomain.ru H=mailserver1.domain.samba (mailserver1) [192.168.2.4] P=smtp S=6220 id=00d901c7bfab$a8c9d1a0$0402a8c0@mailserver1 from <tkachenko-an@mydomain.ru> for vladimir@jazz-smell.ru
2007-07-06 12:57:54 cwd=/var/spool/exim 3 args: /usr/local/sbin/exim -Mc 1I6jdS-000Jms-6z
2007-07-06 12:57:54 1I6jdS-000Jms-6z == vladimir@jazz-smell.ru R=dnslookup T=remote_smtp defer (-53): retry time not reached for any host
2007-07-06 12:57:56 1I6j2i-000Jgj-LQ imx1.rambler.ru [81.19.88.3] No route to host
2007-07-06 12:57:56 1I6j2i-000Jgj-LQ == alcoru@rambler.ru R=dnslookup T=remote_smtp defer (65): No route to host
2007-07-06 12:58:00 1I6jch-000JmT-Qp mail.dixy.spb.ru [81.3.135.38] No route to host
2007-07-06 12:58:00 1I6jch-000JmT-Qp == mkustova@dixy.spb.ru <MKustova@Dixy.Spb.Ru> R=dnslookup T=remote_smtp defer (65): No route to host
2007-07-06 13:06:39 DNS list lookup defer (probably timeout) for 4.2.168.192.relays.ordb.org: assumed not in list
2007-07-06 13:07:09 DNS list lookup defer (probably timeout) for 4.2.168.192.ipwhois.rfc-ignorant.org: assumed not in list
2007-07-06 13:07:39 DNS list lookup defer (probably timeout) for 4.2.168.192.dialups.mail-abuse.org: assumed not in list
2007-07-06 13:08:09 DNS list lookup defer (probably timeout) for 4.2.168.192.list.dsbl.org: assumed not in list
2007-07-06 13:08:39 DNS list lookup defer (probably timeout) for 4.2.168.192.bl.spamcop.net: assumed not in list
2007-07-06 13:08:39 no IP address found for host ru (during SMTP connection from mailserver1.domain.samba (mailserver1) [192.168.2.4])
2007-07-06 13:08:39 1I6jnr-000JoN-8r <= konovalova-sv@mydomain.ru H=mailserver1.domain.samba (mailserver1) [192.168.2.4] P=smtp S=319402 id=005b01c7bfad$2941e420$0402a8c0@mailserver1 from <konovalova-sv@mydomain.ru> for SKorable@JNJRU.JNJ.com
2007-07-06 13:08:39 cwd=/var/spool/exim 3 args: /usr/local/sbin/exim -Mc 1I6jnr-000JoN-8r
2007-07-06 13:09:09 1I6jnr-000JoN-8r == skorable@jnjru.jnj.com <SKorable@JNJRU.JNJ.com> R=dnslookup defer (-1): host lookup did not complete
это лог

Код: Выделить всё


######################################################################
#                  Runtime configurationfile for Exim               #
######################################################################
#######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################

primary_hostname = mail.universal.onego.ru
#primary_hostname = 
domainlist local_domains = universal.onego.ru
#${lookup mysql{SELECT domain FROM domains \
#                        WHERE domain='${domain}' AND \
#                        (type='LOCAL' OR type='VIRTUAL')}}
#domainlist relay_to_domains = ${lookup mysql{SELECT domain FROM domains \
#                        WHERE domain='${domain}' AND type='RELAY'}}
domainlist relay_to_domains = 
hostlist   relay_from_hosts = 127.0.0.1:192.168.2.0/24
auth_advertise_hosts = *
daemon_smtp_ports = 25 : 465
hostlist host_reject = !colgate.com:!gillette.com:!ru:*
#tls_on_connect_ports = 465
#tls_advertise_hosts = *
#tls_certificate = /usr/local/etc/ssl/certs/mail.pem
#tls_privatekey = /usr/local/etc/ssl/certs/mail.pem
log_file_path = /var/log/exim/exim_%s.log
log_selector = \
        +all_parents \
        +lost_incoming_connection \
        +received_sender \
        +received_recipients \
        +smtp_confirmation \
        +smtp_syntax_error \
        +smtp_protocol_error \
	+arguments \
        -queue_run
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_mime = acl_check_mime
qualify_domain = universal.onego.ru
allow_domain_literals = false
never_users = root
#host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 30m
timeout_frozen_after = 3d
freeze_tell = postmaster
message_size_limit = 10M
smtp_accept_max = 100
smtp_accept_max_per_connection = 10
smtp_accept_max_per_host = 10
split_spool_directory = true
remote_max_parallel = 15
exim_user=mailnull
exim_group=mailnull
smtp_banner = "Welcome on our mail server!\n \
    Have a  nice day!\n\n${primary_hostname} ESMTP"

hide mysql_servers = localhost/exim/exim/exim

######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################
begin acl

acl_check_rcpt:

  accept  hosts = :

#  deny    domains       = +local_domains
#          local_parts   = ^[] : ^*[@%!/|]

#  deny    domains       = !+local_domains
#          local_parts   = ^[/|] : ^*[@%!] : ^.*/\\.\\./

  accept  local_parts   = postmaster
          domains       = +local_domains

  require verify        = sender

  deny    message       = HELO/EHLO required by SMTP RFC
          condition     = ${if eq{$sender_helo_name}{}{yes}{no}}

  deny    message       = Go Away! You are spammer.
          condition     = ${if match{$sender_host_name} \
                          {bezeqint\\.net|net\\.il|dialup|dsl|pool|peer|dhcp} \
                          {yes}{no}}

  deny    message       = rejected because \
  $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
          log_message   = found in $dnslist_domain
          dnslists      = relays.ordb.org
  deny    message       = message from \
  $sender_host_address rejected - see http://njabl.org/
          log_message   = found in $dnslist_domain
          dnslists      = dnsbl.njabl.org
  deny    message       = rejected because \
  $sender_host_address for bad WHOIS info, see http://www.rfc-ignorant.org/
          log_message   = found in $dnslist_domain
          dnslists      = ipwhois.rfc-ignorant.org
  deny    message       = rejected because $sender_host_address \
  is in a black list at $dnslist_domain\n$dnslist_text
          log_message   = found in $dnslist_domain
          dnslists      = dialups.mail-abuse.org
  deny    message       = rejected because $sender_host_address \
  is in a black list at $dnslist_domain\n$dnslist_text
          log_message   = found in $dnslist_domain
          dnslists      = list.dsbl.org
  deny    message       = Spam blocked see: \
  http://www.spamcop.net/w3m?action=checkblock&ip=$sender_host_address
          log_message   = found in $dnslist_domain
          dnslists      = bl.spamcop.net
  deny    message       = rejected, $sender_host_address \
  Open Proxy, see: $dnslist_domain\n$dnslist_text
          log_message   = found in $dnslist_domain
          dnslists      = dnsbl.void.ru

# ����� ��� �����  deny   hosts		= +host_reject
	    message	= You are banned. Go away.

  accept  domains       = +local_domains
          endpass
          message       = unknown user
          verify        = recipient

  accept  domains       = +relay_to_domains
          endpass
          message       = unrouteable address
          verify        = recipient

  accept  hosts         = +relay_from_hosts
  accept  authenticated = *

  
  deny    message       = relay not permitted

acl_check_mime:

  warn decode = default

  deny message = Blacklisted file extension detected ($mime_filename)
       condition = ${if match \
                    {${lc:$mime_filename}} \
                    {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com|\.vbs|\.cpl)$\N} \
                    {1}{0}}

  deny message = Sorry, noone speaks chinese here
       condition = ${if eq{$mime_charset}{gb2312}{1}{0}}

accept

######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################
#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
# An address is passed to each router in turn until it is accepted.  #
######################################################################

begin routers

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more

system_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup mysql{SELECT recipients FROM aliases \
         WHERE local_part='${local_part}' AND domain='${domain}'}}

userforward:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup mysql{SELECT recipients FROM userforward \
         WHERE local_part='${local_part}' AND domain='${domain}'}}

virtual_localuser:
  driver = accept
  domains = ${lookup mysql{SELECT domain from domains WHERE domain='${domain}'}}
  local_parts = ${lookup mysql{SELECT login from users \
                WHERE login='${local_part}' AND domain='${domain}'}}
  transport = local_delivery

######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################

begin transports

remote_smtp:
  driver = smtp

local_delivery:
  driver = appendfile
  check_string = ""
  create_directory
  delivery_date_add
  directory = /var/mail/$domain/$local_part
  directory_mode = 770
  envelope_to_add
  group = mailnull
  user = mailnull
  maildir_format
  maildir_tag = ,S=$message_size
  message_prefix = ""
  message_suffix = ""
  mode = 0660
  quota = ${lookup mysql{SELECT quota FROM users \
          WHERE login='${local_part}' AND domain='${domain}'}{${value}M}}
  quota_size_regex = S=(\d+)$
  quota_warn_threshold = 75%
  return_path_add

 address_pipe:
  driver = pipe
  return_output

address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add

address_reply:
  driver = autoreply

######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################

begin retry

*                      quota
*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h


######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################

begin rewrite

######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################

begin authenticators

auth_plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${lookup mysql{SELECT login FROM users \
                        WHERE login = '${quote_mysql:${local_part:$2}}' \
                        AND domain = '${quote_mysql:${domain:$2}}' \
                        AND decrypt = '${quote_mysql:$3}' \
                        AND status = '1'}{yes}{no}}
  server_prompts = :
server_set_id = $2

auth_login:
  driver = plaintext
  public_name = LOGIN
  server_condition = ${lookup mysql{SELECT login FROM users \
                        WHERE login = '${quote_mysql:${local_part:$1}}' \
                        AND domain = '${quote_mysql:${domain:$1}}' \
                        AND decrypt = '${quote_mysql:$2}' \
                        AND status = '1'}{yes}{no}}
  server_prompts = Username:: : Password::
server_set_id = $1

auth_cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = ${lookup mysql{SELECT decrypt FROM users \
                        WHERE login = '${quote_mysql:${local_part:$1}}' \
                        AND domain = '${quote_mysql:${domain:$1}}' \
                        AND status = '1'}{$value}fail}
server_set_id = $1

# End of Exim configuration file

Извините, не придал значения этим тэгам.

Аватара пользователя
dikens3
подполковник
Сообщения: 4856
Зарегистрирован: 2006-09-06 16:24:08
Откуда: Нижний Новгород
Контактная информация:

Непрочитанное сообщение dikens3 » 2007-07-06 17:34:35

От нас что нужно?
Всё что хотел, я написал.

Могу лишь посоветовать убрать проверку в некоторых блок листах, ибо закрыты или не работают, судя по логам:

Код: Выделить всё

relays.ordb.org
rfc-ignorant.org
dialups.mail-abuse.org
dnsbl.void.ru
И т.д.
Не стоит пихать всё подряд.
Лучше установить FreeBSD, чем потратить 30 лет на Linux'ы и выяснить какой из них хуже.

quest
рядовой
Сообщения: 10
Зарегистрирован: 2007-06-22 12:42:59

Непрочитанное сообщение quest » 2007-07-10 13:17:49

Подскажите почему не фильтрует по host_reject? Мне нужно оставить только сайта из зоны com и все из зоны ru.

Как пользоваться отладкой? Не увидел в документации.

Аватара пользователя
dikens3
подполковник
Сообщения: 4856
Зарегистрирован: 2006-09-06 16:24:08
Откуда: Нижний Новгород
Контактная информация:

Непрочитанное сообщение dikens3 » 2007-07-10 13:27:32

quest писал(а):Подскажите почему не фильтрует по host_reject? Мне нужно оставить только сайта из зоны com и все из зоны ru.
Эта опция уже отмирает, возможно что она использует IP-Адреса, а не имена. Хотя хз.
Лучше установить FreeBSD, чем потратить 30 лет на Linux'ы и выяснить какой из них хуже.

quest
рядовой
Сообщения: 10
Зарегистрирован: 2007-06-22 12:42:59

Непрочитанное сообщение quest » 2007-07-10 13:31:16

А как тогда ограничить?