прошу помощи так как сам уже не знаю как быть и что делать
стоит exim+spamassasin
Месяца два назад начал сыпаться спам от самого себя, в конфиге экзима создал правило
Код: Выделить всё
deny domains = +local_domains
sender_domains = +local_domains
message = Reject. Local policy.
log_message = Reject. Remote sender use my local domainни одного спама от самого себя
но тут чтото не нормальное началось
за 3 дня 80 писем спама от себя(((
помогите разобраться
выкладываю конфиг экзима
Код: Выделить всё
primary_hostname = mail.мойдомен.ru
hide mysql_servers = localhost/exim/exim/exim
domainlist local_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}
domainlist relay_to_domains = ${lookup mysql{SELECT `domain` \
FROM `domain` WHERE \
`domain`='${domain}' AND \
`active`='1'}}
hostlist relay_from_hosts = localhost:127.0.0.0/8:10.10.10.0/24
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
av_scanner = clamd:/var/run/clamav/clamd.sock
# Адрес куда слать на проверку спама (SpamAssasin)
spamd_address = 127.0.0.1 783
qualify_domain = мойдомен.ru
qualify_recipient = мойдомен.ru
allow_domain_literals = false
exim_user = mailnull
exim_group = mail
never_users = root
rfc1413_query_timeout = 0s
sender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts
ignore_bounce_errors_after = 45m
timeout_frozen_after = 1d
freeze_tell = test@мойдомен.ru
helo_accept_junk_hosts = 10.10.10.0/16:
auto_thaw = 1h
smtp_banner = "$primary_hostname, ESMTP $version_number"
smtp_accept_max = 50
smtp_accept_max_per_connection = 25
smtp_connect_backlog = 30
smtp_accept_max_per_host = 20
split_spool_directory = true
remote_max_parallel = 15
return_size_limit = 70k
message_size_limit = 10M
helo_allow_chars = _
smtp_enforce_sync = true
log_selector = \
+all_parents \
+connection_reject \
+incoming_interface \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+smtp_confirmation \
+smtp_syntax_error \
+smtp_protocol_error \
-queue_run
syslog_timestamp = yes
# ---== Фильтр копирование проходящей почты ==---
system_filter = /usr/local/etc/exim/filters/system-filter
system_filter_pipe_transport = address_pipe
# Скрипт "system-filter" запускается от того же пользователя что и Exim.
system_filter_user = mailnull
system_filter_group = mail
begin acl
acl_check_rcpt:
accept hosts = :
deny message = "incorrect symbol in address"
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = "incorrect symbol in address"
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
require verify = sender
deny message = "HELO/EHLO require by SMTP RFC"
!senders = :
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept authenticated = *
deny domains = +local_domains
sender_domains = +local_domains
message = Reject. Local policy.
log_message = Reject. Remote sender use my local domain
deny message = "Your IP in HELO - access denied!"
hosts = * : !+relay_from_hosts : !81-196.mydomain.ru
!senders = :
condition = ${if eq{$sender_helo_name}\
{$sender_host_address}{true}{false}}
deny condition = ${if eq{$sender_helo_name}\
{$interface_address}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
!senders = :
message = "main IP in your HELO! Access denied!"
deny condition = ${if match{$sender_helo_name}\
{\N^\d+$\N}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
!senders = :
message = "can not be only number in HELO!"
deny hosts = !+relay_from_hosts
domains = +local_domains
!senders = :
condition = ${if or{ { eq{$sender_address}{$local_part@$domain} } { eq{$sender_address_domain}{$domain} } } }
log_message = The same local addresses or domain in MAIL FROM and RCPT TO from nonlocal relay
message = Access denied
deny condition = ${if eq{$sender_address}{}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
!senders = :
message = "А какого HELO пустое?! Не по RFC..."
deny condition = ${if match{$sender_address}{\N^\s+$\N}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
!senders = :
message = "А какого HELO пустое (тока пробелы)?! Не по RFC..."
deny condition = ${if eq{$sender_address}{}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
!senders = :
message = "Where sender of this mail?!"
deny message = "your hostname is bad (adsl, poll, ppp & etc)."
!senders = :
condition = ${if match{$sender_host_name} \
{adsl|dialup|pool|peer|dhcp} \
{yes}{no}}
warn
set acl_m0 = 30s
warn
hosts = +relay_from_hosts: 127.0.0.1/8 : 10.10.10.0/24 :
set acl_m0 = 0s
warn
logwrite = Delay $acl_m0 for $sender_host_name \
[$sender_host_address] with HELO=$sender_helo_name. Mail \
from $sender_address to $local_part@$domain.
delay = $acl_m0
accept domains = +local_domains
endpass
message = "In my mailserver not stored this user"
verify = recipient
accept domains = +relay_to_domains
endpass
message = "main server not know how relay to this address"
verify = recipient
deny message = "you in blacklist - $dnslist_domain \n $dnslist_text"
dnslists = cbl.abuseat.org : \
ubl.spamhaus.org : \
dnsbl-1.uceprotect.net : \
db.wpbl.info : \
dnsbl.njabl.org : \
accept hosts = +relay_from_hosts
deny message = "Unknown user"
condition = ${if match{$recipients}{mailer-daemon}{yes}{no}}
deny message = "Unknown user"
senders = : postmaster@rambler.ru
deny log_message = Отправитель неправильный
!authenticated = *
!verify = sender/callout=20s,defer_ok,maxwait=30s
deny log_message = Recipient verify failed
authenticated = *
!verify = recipient/callout
deny message = "Homo hominus lupus est"
acl_check_data:
# Проверяем письмо на вирусы
deny malware = *
message = "In e-mail found VIRUS - $malware_name"
# Проверяем письмо на спам
warn message = X-Spam-Score: $spam_score ($spam_bar)
hosts = !+relay_from_hosts
spam = spamd: true
warn message = X-Spam-Report: $spam_report
hosts = !+relay_from_hosts
spam = spamd: true
warn message = Subject: ***SPAM*** $h_Subject:
hosts = !+relay_from_hosts
spam = nobody
deny message = This message scored $spam_score spam points.
spam = spamd: true
hosts = *
# hosts = !+relay_from_hosts
condition = ${if >{$spam_score_int}{80}{1}{0}}
accept
