авторизация через exim

EXIM, sendmail, postfix, Dovecot и прочие. Решение проблем связанных с работой электронной почты

Модератор: xM

Правила форума
Убедительная просьба юзать теги [code] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
john1213
проходил мимо
Сообщения: 2
Зарегистрирован: 2012-03-23 12:30:28

авторизация через exim

Непрочитанное сообщение john1213 » 2012-03-23 12:34:08

Здравствуйте.
Хочу еще раз поднять эту тему
Пересмотрел весь инет но решения для себя пока не нашел.
Может кто подскажет.
Если в exim.conf ставишь hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/24 то идет ошибка relay not permitted, если добавляешь
белый ip все нормально рабатает, но исходящая почта идет без авторизациию.Спамером быть не хочется.

Конфиг exim.conf представляю

[spoiler]



primary_hostname = maydomen.ru


domainlist local_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}
domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}



hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/24

acl_smtp_rcpt = acl_check_rcpt
#acl_smtp_mime = acl_check_mime
acl_smtp_data = acl_check_data


# av_scanner = clamd:/tmp/clamd

# spamd_address = 127.0.0.1 783


# Allow any client to use TLS.
# tls_advertise_hosts = *

# Аутентификация по паролю для следующих хостов:
auth_advertise_hosts = *


# tls_certificate = /etc/ssl/exim.crt
# tls_privatekey = /etc/ssl/exim.pem


daemon_smtp_ports = 25 : 465 : 587
# tls_on_connect_ports = 465


qualify_domain = maydomen.ru


qualify_recipient = maydomen.ru



allow_domain_literals = false




# Пользователь от которого работает exim
exim_user = mail

# группа в кторой работает exim
exim_group = mail

# Note that the default setting means you cannot deliver mail addressed to root
# as if it were a normal user. This isn't usually a problem, as most sites have
# an alias for root that redirects such mail to a human administrator.

never_users = root


host_lookup = *


rfc1413_hosts = *
rfc1413_query_timeout = 5s


ignore_bounce_errors_after = 2d

# This option cancels (removes) frozen messages that are older than a week.

timeout_frozen_after = 7d






smtp_banner = Privet Chuvak

hide mysql_servers = 127.0.0.1/exim/exim/exim


log_selector = \
-all_parents \
-connection_reject \
-incoming_interface \
-lost_incoming_connection \
-received_sender \
-received_recipients \
-smtp_confirmation \
-smtp_syntax_error \
-smtp_protocol_error \
-queue_run

# Убираем собственную временную метку exim`a из логов, её ставит
# сам syslogd - нефига дублировать
syslog_timestamp = no


acl_check_rcpt:


# Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
# testing for an empty sending host field.

# Пропускаем аутентифицированных пользователей
accept authenticated = *

# Пропускаем указанные компьютеры
accept domains = +local_domains
accept hosts = +relay_from_hosts
control = dkim_disable_verify


deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]


deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./


# Accept mail to postmaster in any local domain, regardless of the source,
# and without verifying the sender.

accept local_parts = postmaster
domains = +local_domains

# Deny unless the sender address can be verified.

require verify = sender


accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify


accept authenticated = *
control = submission
control = dkim_disable_verify


require message = relay not permitted
domains = +local_domains : +relay_to_domains

accept


acl_check_data:


accept

dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}}

# data = ${lookup{$local_part}lsearch{/etc/mail/aliases}}





userforward:
driver = redirect
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
file = $home/.forward
# allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply

# This router runs procmail if users have a .procmailrc file
procmail:
check_local_user
driver = accept
transport = procmail_pipe
require_files = ${local_part}:+${home}:+${home}/.procmailrc:+/usr/bin/procmail
no_verify

# This router runs maildrop if users have a .mailfilter file
maildrop:
check_local_user
driver = accept
transport = maildrop_pipe
require_files = ${local_part}:+${home}:+${home}/.mailfilter:+/usr/bin/maildrop
no_verify



localuser:
driver = accept
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
transport = local_delivery
cannot_route_message = Unknown user

# Всё что осталось - это локальные адресаты.
# Доставляем почту в dovecot
dovecot_user:
driver = accept
condition = ${lookup mysql{SELECT `goto` FROM \
`alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}{yes}{no}}
transport = dovecot_delivery

begin transports

# This transport is used for delivering messages over SMTP connections.

remote_smtp:
driver = smtp


# Доставка локальным адресатам - в dovecot

dovecot_delivery:
driver = pipe
command = /usr/libexec/dovecot/deliver -d $local_part@$domain -f $sender_address -a $original_local_part@$original_domain
message_prefix =
message_suffix =
delivery_date_add
envelope_to_add
return_path_add
log_output
user = mail
temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78


address_pipe:
driver = pipe
return_output

# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the userforward router.

address_reply:
driver = autoreply

# This transport is used for procmail
procmail_pipe:
driver = pipe
command = "/usr/bin/procmail -d ${local_part}"
return_path_add
delivery_date_add
envelope_to_add

# This transport is used for courier-maildrop filtering (Maildir filter system)
maildrop_pipe:
driver = pipe
command = "/usr/bin/maildrop -d ${local_part}"
return_path_add
delivery_date_add
envelope_to_add

begin retry



# Address or Domain Error Retries
# ----------------- ----- -------

* * F,2h,15m; G,16h,1h,1.5; F,4d,6h








begin authenticators


PLAIN:
driver = plaintext
server_set_id = $auth2
server_prompts = <| Username: | Password:
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$auth1}' AND `password` = \
'${quote_mysql:$auth2}'}{yes}{no}}
server_advertise_condition = ${if def:tls_cipher }
# server_prompts = :
# server_condition = Authentication is not yet configured
# server_advertise_condition = ${if def:tls_cipher }


LOGIN:
driver = plaintext
server_set_id = $auth1
server_prompts = <| Username: | Password:
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$auth1}' AND `password` = \
'${quote_mysql:$auth2}'}{yes}{no}}
server_advertise_condition = ${if def:tls_cipher }

auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT `password` FROM \
`mailbox` WHERE `username` \
= '${quote_mysql:$auth1}'}{$value}fail}
server_set_id = $1




# begin local_scan

# End of Exim configuration file
[/spoiler]

Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

Аватара пользователя
Alex Keda
стреляли...
Сообщения: 35352
Зарегистрирован: 2004-10-18 14:25:19
Откуда: Made in USSR
Контактная информация:

Re: авторизация через exim

Непрочитанное сообщение Alex Keda » 2012-03-23 13:25:38

портяночку-то неплохо бы по правилам оформить
Убей их всех! Бог потом рассортирует...

john1213
проходил мимо
Сообщения: 2
Зарегистрирован: 2012-03-23 12:30:28

работа outlook через exim

Непрочитанное сообщение john1213 » 2012-04-02 14:23:13

Здравствуйте.

Подскажите кто сталкивался.

С любым клиентом работает по smtp аутентификации кром outlook не через наши подсети.

Конфиг выложу если надо

Заранее спасибо.