Модератор: xM
все вроде ничего но вот решил покрутить и улучшить людям жизнь, проблема в том что толком с экзимом не общался никогда все sendmail да postfix а это чудо юдо весьма отличается:) так вот рыл рыл на просторах инета да не совесм нашел ответы на все свои вопросы собстевнно прошу помошщи у вас, и так есть exim+courier+mysql+spamassasin, так и не понял как ко всему этоу прикрутить spf, spamass-milter , и грейлистинг на сайте lissyara.su чет тоже по этому поводжу ниче внятного ненашел:( помогите! 
прикрепленной к чему?princeps писал(а):прикреплённую тему про экзим смотри. там всё есть
а не как установить спамасассин и еастроить экзим на работоспособность:)
Если вам непонятно, тогда прямая ссылка, для ленивых.sckif писал(а):народ ну я же конкретно спросил про SPF! и режим милтера в спамасассине
Код: Выделить всё
unknown ACL verb "acl_local_deny_exceptions" in "acl_local_deny_exceptions"
Код: Выделить всё
#####SPF
accept
hosts = : +relay_from_hosts
deny
message = [SPF] $sender_host_address is not allowed to send mail \
from $sender_address_domain
log_message = SPF check failed.
# spf = fail
warn
message = $spf_received
#####SPF2
deny
message = The sender address does not seem to be valid, and SPF \
information does not grant $sender_host_address explicit \
authority to send mail from $sender_address_domain
log_message = SPF check failed.
!verify = sender/callout,random,postmaster
# !spf = pass
Приведи все строчки из конфига про greylist, ты, похоже, не определил aclsckif писал(а):народ не дайте умереть:) ошибка greylistКод: Выделить всё
unknown ACL verb "acl_local_deny_exceptions" in "acl_local_deny_exceptions"
Код: Выделить всё
local_interfaces = 0.0.0.0
smtp_banner = "Welcome !\n\
This system does not accept Unsolicited \
Commercial Email\nand will blacklist \
offenders via our spam processor.\nHave a \
nice day!\n\n${primary_hostname} "
primary_hostname = relay.domain.ru
hostlist relay_from_hosts = /etc/exim4/access
hostlist trust_hosts = /etc/exim4/trust-hosts
domainlist local_domains = /etc/exim4/local-host-names
#domainlist relay_to_domains = /etc/exim4/relay-domains
#domainlist antispam_domains = /etc/exim4/spam-domains
domainlist antispam_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE `domain`='${domain}' AND `active`='1' AND `sa_active`='1'}}
domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
system_filter = /etc/exim4/filters/dupmail.filter
system_filter_user = Debian-exim
system_filter_reply_transport = address_reply
# MySQL database host/db/user/pass
hide mysql_servers = 127.0.0.1/se_local/se_logos/se_logos
#Gray List
SPAM_ENABLED = yes
#VACATION = yes
#GREYLIST_ENABLED = yes
#GREYLIST_LOG_ENABLED = yes
GREYLIST_INITIAL_DELAY = 10 MINUTE
GREYLIST_INITIAL_LIFETIME = 4 HOUR
GREYLIST_WHITE_LIFETIME = 15 DAY
GREYLIST_BOUNCE_LIFETIME = 0 HOUR
GREYLIST_TABLE = exim_greylist
GREYLIST_LOG_TABLE = exim_greylist_log
.ifdef GREYLIST_ENABLED
# database macros
#.include_if_exists <file name>
GREYLIST_TEST = SELECT CASE \
WHEN now() > block_expires THEN "accepted" \
ELSE "deferred" \
END AS result, id \
FROM GREYLIST_TABLE \
WHERE (now() < record_expires) \
AND (sender = '${quote_mysql:$sender_address}' \
OR (type='MANUAL' \
AND ( sender IS NULL \
OR sender = '${quote_mysql:@$sender_address_domain}' \
) \
) \
) \
AND (recipient = '${quote_mysql:$local_part@$domain}' \
OR (type = 'MANUAL' \
AND ( recipient IS on = ${if eq{$sender_host_name}{}{yes}{no}}
NULL \
OR recipient = '${quote_mysql:$local_part@}' \
OR recipient = '${quote_mysql:@$domain}' \
) \
) \
) \
AND (relay_ip = '${quote_mysql:$sender_host_address}' \
OR (type='MANUAL' \
AND ( relay_ip IS NULL \
OR relay_ip =
substring('${quote_mysql:$sender_host_address}',1,length(relay_ip)
) \
) \
) \
) \
ORDER BY result DESC LIMIT 1
GREYLIST_ADD = INSERT INTO GREYLIST_TABLE \
(relay_ip, sender, recipient, block_expires, \
record_expires, create_time, type) \
VALUES ( '${quote_mysql:$sender_host_address}', \
'${quote_mysql:$sender_address}', \
'${quote_mysql:$local_part@$domain}', \
DATE_ADD(now(), INTERVAL GREYLIST_INITIAL_DELAY), \
DATE_ADD(now(), INTERVAL GREYLIST_INITIAL_LIFETIME), \
now(), \
'AUTO' \
)
GREYLIST_DEFER_HIT = UPDATE GREYLIST_TABLE \
SET blockcount=blockcount+1 \
WHERE id = $acl_m9
GREYLIST_OK_COUNT = UPDATE GREYLIST_TABLE \
SET passcount=passcount+1 \
WHERE id = $acl_m9
GREYLIST_OK_NEWTIME = UPDATE GREYLIST_TABLE \
SET record_expires = DATE_ADD(now(), INTERVAL GREYLIST_WHITE_LIFETIME) \
WHERE id = $acl_m9 AND type='AUTO'
GREYLIST_OK_BOUNCE = UPDATE GREYLIST_TABLE \
SET record_expires = DATE_ADD(now(), INTERVAL GREYLIST_BOUNCE_LIFETIME) \
WHERE id = $acl_m9 AND type='AUTO'
GREYLIST_LOG = INSERT INTO GREYLIST_LOG_TABLE \
(listid, timestamp, kind) \
VALUES ($acl_m9, now(), '$acl_m8')
WHITELIST_OK = SELECT white_mail FROM whitelist WHERE white_mail =
'${quote_mysql:@$sender_address_domain}'
.endif
GLOBAL_ALIAS = SELECT goto FROM alias \
WHERE address='${quote_mysql:$local_part}@${quote_mysql:$domain}' \
AND domain='${quote_mysql:$domain}' \
AND `active`='1'
.ifdef VACATION
VAC_ACCESS = SELECT * FROM mailbox WHERE address='${quote_mysql:$local_part}@${quote_mysql:$domain}' \
AND domain='${quote_mysql:$domain}'\
AND `active`='1'
.ifdef VACATION
VAC_ACCESS = SELECT * FROM mailbox WHERE address='${quote_mysql:$local_part}@${quote_mysql:$domain}' \
AND domain='${quote_mysql:$domain}'\
AND `active`='1'
.endif
.ifdef SPAM_ENABLED
RCPT_LIST = SELECT IF \
(STRCMP(username, '${quote_mysql:$local_part@$domain}'),'reject','accept') \
AS result FROM recipients WHERE username='${quote_mysql:$local_part@$domain}'\
AND domain='${quote_mysql:$domain}' \
AND `active`='1'
SND_LIST = SELECT IF \
(STRCMP(mailfrom, '${quote_mysql:$sender_address}'),'accept','reject') \
AS result FROM senders WHERE mailfrom='${quote_mysql:$sender_address}' \
#AND rcpt='${quote_mysql:$local_part@$domain}' \
AND domain='${quote_mysql:$domain}' \
AND `active`='1'
.endif
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_mime = acl_check_mime
acl_smtp_data = acl_check_content
#acl_smtp_connect = acl_check_host
#acl_smtp_data = ${lookup {$local_domains} lsearch\
# {/etc/exim4/acllist}{yes}{no}}
#acl_smtp_data = /etc/exim4/\
# ${lookup {$local_domains} lsearch\
#{/etc/exim4/acllist}{$value}{default}}
av_scanner = clamd:/var/run/clamav/clamd.ctl
#av_scanner = clamd:127.0.0.1 3310
spamd_address = 127.0.0.1 783
qualify_domain = domain.ru
qualify_recipient = domain.ru
allow_domain_literals = true
never_users = root
#host_lookup = *
#rfc1413_hosts = *
rfc1413_query_timeout = 0s
sender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts
ignore_bounce_errors_after = 45m
timeout_frozen_after = 2d
helo_allow_chars = _
accept_8bitmime = true
message_size_limit = 15M
smtp_accept_max = 80
smtp_accept_max_per_host = 8
smtp_accept_queue_per_connection = 20
split_spool_directory = true
print_topbitchars = true
#log_selector = +all
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
#-GreyList (before rcpt and data):
.ifdef GREYLIST_ENABLED
greylist_acl:
warn set acl_m8 = ${lookup mysql{GREYLIST_TEST}{$value}{result=unknown}}
set acl_m9 = ${extract{id}{$acl_m8}{$value}{-1}}
set acl_m8 = ${extract{result}{$acl_m8}{$value}{unknown}}
accept
condition = ${if eq{$acl_m8}{unknown}{1}}
condition = ${lookup mysql{GREYLIST_ADD}{yes}{no}}
.ifdef GREYLIST_LOG_ENABLED
warn condition = ${lookup mysql{GREYLIST_LOG}}
.endif
accept
condition = ${if eq{$acl_m8}{deferred}{1}}
condition = ${lookup mysql{GREYLIST_DEFER_HIT}{yes}{yes}}
warn condition = ${lookup mysql{GREYLIST_OK_COUNT}}
warn !senders = : postmaster@*
condition = ${lookup mysql{GREYLIST_OK_NEWTIME}}
warn senders = : postmaster@*
condition = ${lookup mysql{GREYLIST_OK_BOUNCE}}
deny
.endif
acl_check_rcpt:
defer
message = $sender_host_address is not yet authorized to deliver \
mail from <$sender_address> to <$local_part@$domain>. \
Please try later.
log_message = greylisted.
!senders = :
!hosts = : +relay_from_hosts : \
${if exists {/etc/greylistd/whitelist-hosts}\
{/etc/greylistd/whitelist-hosts}{}} : \
${if exists {/var/lib/greylistd/whitelist-hosts}\
{/var/lib/greylistd/whitelist-hosts}{}}
!authenticated = *
# !acl = acl_local_deny_exceptions
domains = +local_domains : +relay_to_domains
verify = recipient/callout=20s,use_sender,defer_ok
condition = ${readsocket{/var/run/greylistd/socket}\
{--grey \
$sender_host_address \
$sender_address \
$local_part@$domain}\
{5s}{}{false}}
# Deny if blacklisted by greylist
deny
message = $sender_host_address is blacklisted from delivering \
mail from <$sender_address> to <$local_part@$domain>.
log_message = blacklisted.
!senders = :
!authenticated = *
verify = recipient/callout=20s,use_sender,defer_ok
condition = ${readsocket{/var/run/greylistd/socket}\
{--black \
$sender_host_address \
$sender_address \
$local_part@$domain}\
{5s}{}{false}}
# Deny if blacklisted by greylist
deny
message = $sender_host_address is blacklisted from delivering \
mail from <$sender_address> to <$local_part@$domain>.
log_message = blacklisted.
!senders = :
!authenticated = *
verify = recipient/callout=20s,use_sender,defer_ok
condition = ${readsocket{/var/run/greylistd/socket}\
{--black \
$sender_host_address \
$sender_address \
$local_part@$domain}\
{5s}{}{false}}
accept hosts = :
deny domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = "incorrect symbol in address"
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
# Deny unless the sender address can be verified.
require verify = sender
log_message = "Verify user failed."
deny message = "HELO/EHLO require by SMTP RFC"
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept domains = +local_domains
endpass
verify = recipient
# Accept if the address is in a domain for which we are relaying, but again,
# only if the recipient can be verified.
.ifdef SPAM_ENABLED
#Set pass Spam FLAG for RCPT
warn
#domains = +antispam_domains
recipients = /etc/exim4/recipients
set acl_m1 = 1
#set acl_m1 = ${lookup mysql{RCPT_LIST}{$value}{result=unknown}}
#set acl_m1 = ${extract{result}{$acl_m1}{$value}{unknown}}
log_message = Values $acl_m1 TEST .
#Set pass Spam Senders
warn
!senders = /etc/exim4/senders
#domains = +antispam_domains
set acl_m100 = 1
#set acl_m100 = ${lookup mysql{SND_LIST}{$value}{result=unknown}}
.endif
.ifdef GREYLIST_ENABLED
defer hosts = ! +relay_from_hosts
domains = +relay_to_domains
!authenticated = *
#!senders = ${lookup mysql{WHITELIST_OK}{$value}{result=unknown}}
!senders = : postmaster@* : Mailer-Daemon@* : *@ptn.ru : *@sertolovo.ru :
*@odnoklassniki.ru : *@lincomp.ru : *@nic.ru : *@rt.ru : *@megafonkavkaz.ru :
*@nwgsm.com : *@sonicduo.com : *@uralskygsm.com : *@mgsm.ru : *@nnz.ru :
*@telros.ru : *@inetserver.polysan.ru : *@sats.spb.ru : *@kurgan.usi.ru :
*@delfa.ru : *@dux.ru : *@telros.ru : *@delfa.net : *@canox.ru : *@canox.ru :
*@sathyasai.ru : *@cisco.com : *@gmx.net : *@ogogo.info : *@list.ru :
*@orange-ftgroup.ru : *@satgate.net : *@nktrio.ru : *@st.spb.ru
acl = greylist_acl
message = greylisted - try again after 10 minit
.endif
accept domains = +relay_to_domains
endpass
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = The message was rejected because HELO is an IP address
log_message = not present HELO/EHLO greeting, send from $sender_address to $local_part@$domain.
condition = ${if isip{$sender_helo_name}{yes}{no}}
deny message = relay not permitted
deny message = "Your IP in HELO - access denied!"
hosts = * : !+relay_from_hosts
condition = ${if eq{$sender_helo_name}\
{$sender_host_address}{true}{false}}
deny condition = ${if eq{$sender_helo_name}\
{$interface_address}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "main IP in your HELO! Access denied!"
deny condition = ${if match{$sender_helo_name}\
{\N^\d+$\N}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "can not be only number in HELO!"
deny message = Fully-qualified hostname in HELO required
condition = ${if match {$sender_helo_name}{\\.}{no}{yes}}
logwrite = "USE POINT IN HELO NAME (helo=$sender_helo_name)"
deny message = "Restricted word in hostname."
condition = ${if match{$sender_host_name} \
{dsl|adsl|dial|dialup|pool|peer|dhcp|range|corbina|telenet|avangard|mdp|dynamic|static|vline|ppoe} \
{yes}{no}}
warn
set acl_m0 = 30s
warn
hosts = +relay_from_hosts : localhost : 127.0.0.1/8 : 192.168.0.0/16 : 172.10.0.0/24 : 172.11.0.0/24
set acl_m0 = 0s
deny message = "Unknown user"
domains = domain.ru : domain.local
!verify = recipient
deny message = "You in blacklist - $dnslist_domain --> $dnslist_text"
!senders = *@domain.ru : *@domain.local
log_message = found in BLACKLISTS
dnslists = cbl.abuseat.org : bl.csma.biz : multihop.dsbl.org : unconfirmed.dsbl.org : dnsbl.void.ru : zen.spamhaus.org : smtp.dnsbl.sorbs.net : psbl.surriel.com : bl.spamcop.net : cbl.abuseat.org : bl.csma.biz : sbl-xbl.spamhaus.org : dialups.mail-abuse.org : dul.ru : blackholes.mail-abuse.org : relays.mail-abuse.org : dul.dnsbl.sorbs.net : combined.njabl.org
deny dnslists = cbl.abuseat.org : bl.csma.biz : multihop.dsbl.org : unconfirmed.dsbl.org : dnsbl.void.ru : zen.spamhaus.org : smtp.dnsbl.sorbs.net : psbl.surriel.com : bl.spamcop.net : cbl.abuseat.org : bl.csma.biz : sbl-xbl.spamhaus.org : dialups.mail-abuse.org : dul.ru : blackholes.mail-abuse.org : relays.mail-abuse.org : dul.dnsbl.sorbs.net : combined.njabl.org
deny log_message = "Verify user failed (callout)"
!senders = : Mailer-Daemon@* : postmaster@rambler.ru : gluck@mail.subscribe.ru
!authenticated = *
!verify = sender/callout=30s,defer_ok,maxwait=60s,random
#### DENY restricted characters in address
deny message = "Restricted characters in address"
domains = !+local_domains
message = "Restricted characters in address"
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
#### DENY mailing to e1 from outside
deny domains = +local_domains
local_parts = e1
!senders = *@domain.ru
message = "Incoming mail for this user is restricted"
#### CHECK USER AND DOMAIN
accept domains = domain.ru : domain.local
endpass
message = "Unknown user"
verify = recipient
accept hosts = +relay_from_hosts
#### DEFAULT DENY
deny message = "RELAY NOT PERMITTED"
###GREYLIST
acl_rcpt_to:
defer
message = $sender_host_address is not yet authorized to deliver mail \
from <$sender_address> to <$local_part@$domain>. \
Please try later.
log_message = greylisted.
domains = +local_domains : +relay_to_domains
!senders = : postmaster@*
set acl_m9 = $sender_host_address $sender_address $local_part@$domain
set acl_m9 = ${readsocket{/var/run/greylistd/socket}{$acl_m9}{5s}{}{}}
condition = ${if eq {$acl_m9}{grey}{true}{false}}
defer
message = $sender_host_address is not yet authorized to send \
delivery status reports to <$recipients>. \
Please try later.
log_message = greylisted.
senders = : postmaster@*
set acl_m9 = $sender_host_address $recipients
set acl_m9 = ${readsocket{/var/run/greylistd/socket}{$acl_m9}{5s}{}{}}
condition = ${if eq {$acl_m9}{grey}{true}{false}}
#####SPF
accept
hosts = : +relay_from_hosts
deny
message = [SPF] $sender_host_address is not allowed to send mail \
from $sender_address_domain
log_message = SPF check failed.
# spf = fail
warn
message = $spf_received
#####SPF2
deny
message = The sender address does not seem to be valid, and SPF \
information does not grant $sender_host_address explicit \
authority to send mail from $sender_address_domain
log_message = SPF check failed.
!verify = sender/callout,random,postmaster
# !spf = pass
# Add a SPF-Received: header to the message
warn
message = $spf_received
######SPF3
deny
message = [SPF] $sender_host_address is not allowed to send mail \
from $sender_address_domain.
log_message = SPF check failed.
set acl_m9 = -ipv4=$sender_host_address \
-sender=$sender_address \
-helo=$sender_helo_name
set acl_m9 = ${run{/usr/bin/spfquery $acl_m9}}
condition = ${if eq {$runrc}{1}{true}{false}}
#######################MY###########################################
acl_check_mime:
# Just decode MIME parts to disk.
warn decode = default
# ...... ......... ..... . ........ .............
deny message = Blacklisted file extension detected ($mime_filename)
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.pif|\.bat|\.scr|\.lnk|\.com|\.vbs|\.cpl|\.exe)$\N}\
{1}{0}}
accept
acl_logos_test:
warn message = TEST TEST TEST
deny
acl_check_content:
# Reject virus infested messages.
deny message = This message contains malware ($malware_name)
malware = *
.ifdef SPAM_ENABLED
# Always add X-Spam-Score and X-Spam-Report headers, using SA system-wide settings
# (user "mail"), no matter if over threshold or not.
warn message = X-Spam-Score: $spam_score ($spam_bar)
spam = mailnull
#mail:true
warn message = X-Spam-Report: $spam_report
spam = mailnull
#mail:true
# Add X-Spam-Flag if spam is over system-wide threshold
warn message = X-Spam-Flag: YES
spam = mailnull
#mail
warn message = Subject: [* ***SPAM*** $spam_score *** *] $h_Subject:
spam = mailnull
#mail
# Reject spam messages with score over 7.0, using an extra condition.
deny message = This message scored $spam_score points. Spam detected!
log_message = Values $acl_m1 SCORE $spam_score_int $spam_score $spam_bar from $sender_address .
hosts = ! +trust_hosts
spam = mailnull
#mail:true
condition = ${if eq{$acl_m1}{1}{1}}
condition = ${if >{$spam_score_int}{50}{1}{0}}
deny message = This message scored $spam_score points. Spam detected!
hosts = ! +trust_hosts
spam = mailnull
condition = ${if eq{$acl_m2}{1}{1}}
condition = ${if >{$spam_score_int}{150}{1}{0}}
warn acl = acl_logos_test
message = Subject: ES $h_Subject:
.endif
.ifdef GREYLIST_ENABLED
defer hosts = ! +relay_from_hosts
#domains = +relay_to_domains
!authenticated = *
senders = : postmaster@* : Mailer-Daemon@*
acl = greylist_acl
message = greylisted - try again after 10 minit
.endif
# finally accept all the rest
accept
begin routers
###
##LOGOS
global_aliases:
driver = redirect
allow_fail
allow_defer
domains = /etc/exim4/relay-domains
data = "${lookup {$local_part@$domain} dbm {/etc/exim4/db/globalalias.db} {$value}fail}"
#data = ${lookup mysql{SELECT recipients FROM aliases \
# WHERE local_part='${local_part}' AND domain='${domain}'}}
file_transport = address_file
pipe_transport = address_pipe
alias:
driver = redirect
allow_fail
allow_defer
domains = +relay_to_domains
data = ${lookup mysql{GLOBAL_ALIAS} {$value}}
file_transport = address_file
pipe_transport = address_pipe
hub_route:
driver = manualroute
transport = remote_smtp
domains = ! frpt.ru : ! *.frpt.ru : ! free-port.ru : ! *.free-port.ru
route_data = ${lookup {$domain} dbm {/etc/exim4/db/mailertable.db}}
dnslookup:
driver = dnslookup
domains = ! +local_domains : ! +relay_to_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
virtualuser_alias:
driver = redirect
allow_fail
allow_defer
domains = +local_domains
data = "${lookup {$local_part@$domain} dbm {/etc/exim4/db/virtusertable.db} {$value}fail}"
file_transport = address_file
pipe_transport = address_pipe
global_alias:
driver = redirect
allow_fail
allow_defer
domains = +relay_to_domains
data = "${lookup {$local_part@$domain} dbm {/etc/exim4/db/globalalias.db} {$value}fail}"
file_transport = address_file
pipe_transport = address_pipe
###
#Vacation
.ifdef VACATION
vacation:
debug_print = "R: virtual_domain: for $local_part@$domain"
driver = accept
domains = +relay_to_domains
require_files = /etc/exim4/autoreplay/$local_part@$domain #${lookup mysql{VAC_ACCESS}}
#/etc/exim4/autoreplay/$local_part@$domain
unseen
transport = vacation_transport
.endif
###
virtual_domain:
debug_print = "R: virtual_domain: for $local_part@$domain"
driver = accept
domains = +relay_to_domains
condition = ${lookup mysql{ SELECT username FROM mailbox \
WHERE username='${quote_mysql:$local_part}@${quote_mysql:$domain}' \
AND domain='${quote_mysql:$domain}' \
AND active='1' } {$value}fail}
transport = virtual_smtp
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
domains = +local_domains
data = ${lookup{$local_part}lsearch{/etc/exim4/aliases}}
# user = exim
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
domains = +local_domains
check_local_user
file = /etc/exim4/forward/$local_part
no_verify
no_expn
check_ancestor
# allow_filter
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
localuser:
driver = accept
domains = +local_domains
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
begin transports
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
file = /var/spool/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
# mode = 0660
virtual_smtp:
debug_print = "T: virtual_smtp: for $local_part@$domain"
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
create_directory
group = mail
user = mail
directory = /var/spool/popmail/${domain}/${local_part}/Maildir
directory_mode = 700
message_prefix = ""
message_suffix = ""
mode = 0660
vacation_transport:
driver = autoreply
from = autoreplay@domain.ru
to = $sender_address
subject = [ AUTOREPLY ]
text = SELECT email FROM mailbox WHERE email='${quote_mysql:$local_part}@${quote_mysql:$domain}' \
AND domain='${quote_mysql:$domain}' AND `active`='1'}{$value}}
#text = ${lookup mysql {SELECT body FROM vacation WHERE \
# email='${quote_mysql:$local_part}@${quote_mysql:$domain}' \
# AND domain='${quote_mysql:$domain}' AND `active`='1'}{$value}}
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
*@relay.domain.ru $1@domain.ru F
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_prompts = "Login::"
server_condition = "${if eq{$3} {${lookup mysql{ \
SELECT password FROM mailbox WHERE username='${local_part:$2}@${domain:$2}' \
AND domain='${domain:$2}' AND active='1'} \
{$value} {false}}} {1}{0}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_condition = "${if eq{$2} {${lookup mysql{ SELECT password FROM mailbox \
WHERE username='${local_part:$1}@${domain:$1}' \
AND domain='${domain:$1}' AND active='1'} \
{$value} {false}}} {1}{0}}"
server_prompts = "Username:: : Password::"
server_set_id = $1
# End of Exim configuration file
Код: Выделить всё
To compile Exim with SPF support, set these additional flags in
Local/Makefile:
EXPERIMENTAL_SPF=yes
CFLAGS=-DSPF -I/usr/local/include
EXTRALIBS_EXIM=-L/usr/local/lib -lspf2
This assumes that the libspf2 files are installed in
their default locations.
You can now run SPF checks in incoming SMTP by using the "spf"
ACL condition in either the MAIL.....
и собирал из сорцов под freebsd. Работает до сих пор. 
весь инет перерыл не найду хаутушку на это дело никак:(
И ложные срабатывания бывают раз в полгода. ) и ещё что-то, уже не помню что - не так часто приходится туда лазить Да, собственно, на этом сайте можешь посмотреть статьи про экзим, я все правила оттуда брал.