Настройка внутреннего почтовика со следующим выносом

[Sanyh]

настраиваю сейчас Freebsd 7
пока машина ноходится в локальной сети но потом ее нужно задействовать как прокси и почтовый серевер, притом чтобы пользователи не заметили изменений и не сидели без интернета и почты.
0. как это сделать и реально ли?
1. в настоящее время почта и интернет работают через MS ISA 2004 + Exchange 2003
2. имею комп с FreeBSD 7,
с 3 мя сетевыми интерфейсами:
один будет локальный
один внешний
третий так болтается, пока.

В настоящее время установлены Samba, apache 2,mysql 5, php 5, php-extensions, squid+sams

и сейчас пытаюсь настроить почту по статье http://www.lissyara.su/?id=1175
поставил exim но в логах у него:

Код: Выделить всё

2008-09-19 08:52:24 1KgVAW-0000C5-SM <= root@free.southcoal.local U=root P=local S=842 from <root@free.southcoal.local> for root
2008-09-19 08:52:25 1KgVAW-0000C5-SM Error in system filter: failed to expand "${lookup mysql{SELECT 'address' FROM 'alias' WHERE 'address'='$recipients' AND 'copy_mail'='1' LIM
2008-09-19 08:52:27 exim 4.69 daemon started: pid=902, -q30m, listening for SMTP on port 25 (IPv6 and IPv4)
2008-09-19 08:52:27 1KgFwN-0000C3-O3 Error in system filter: failed to expand "${lookup mysql{SELECT 'address' FROM 'alias' WHERE 'address'='$recipients' AND 'copy_mail'='1' LIM
2008-09-19 08:52:27 1KgGwo-0000C5-QT Error in system filter: failed to expand "${lookup mysql{SELECT 'address' FROM 'alias' WHERE 'address'='$recipients' AND 'copy_mail'='1' LIM
2008-09-19 08:52:27 1KgPi8-0001vV-30 Error in system filter: failed to expand "${lookup mysql{SELECT 'address' FROM 'alias' WHERE 'address'='$recipients' AND 'copy_mail'='1' LIM
2008-09-19 08:52:27 1KgPi8-0001wZ-AA Error in system filter: failed to expand "${lookup mysql{SELECT 'address' FROM 'alias' WHERE 'address'='$recipients' AND 'copy_mail'='1' LIM
2008-09-19 08:52:27 1KgHBX-0001YJ-N5 Error in system filter: failed to expand "${lookup mysql{SELECT 'address' FROM 'alias' WHERE 'address'='$recipients' AND 'copy_mail'='1' LIM
2008-09-19 08:52:27 1KgVAW-0000C5-SM Error in system filter: failed to expand "${lookup mysql{SELECT 'address' FROM 'alias' WHERE 'address'='$recipients' AND 'copy_mail'='1' LIM

3. . подскажите как сделать почтовый сервер внутри локальной сети, т.е. все на нем настроить а потом по быстрому сменить настройки на внешний интерфейс, возможно ли так и как сделать?
4 и как в настройках сервера что указывать в качестве названий доменов, название машины с локальным доменом или интернетовским доменом, т.е. при настройках конфигов я в непонятках что писать в качестве хоста/сервера

[Хостинг HostFood.ru]

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

[Sanyh]

вот полная ошибка

Код: Выделить всё

Sep 19 15:39:51 free exim[1276]: 1KgbK3-0000C5-UV Error in system filter: failed to expand "${lookup mysql{SELECT 'address'
FROM 'alias' WHERE 'address'='${quote_mysql:$recipients}'
AND 'copy_mail'='1' LIMIT 1}}" in filter file: lookup of "SELECT 'address' FROM 'alias'
WHERE 'address'='root@free.southcoal.local' AND 'copy_mail'='1' LIMIT 1" gave DEFER: no MySQL servers defined (mysql_servers option)

[Sanyh]

конфиги

authdaemonrc

Код: Выделить всё

authmodulelist="authmysql"
authmodulelistorig="authmysql"
daemons=5
authdaemonvar=/var/run/authdaemond
subsystem=mail
DEBUG_LOGIN=2
DEFAULTOPTIONS="wbnodsn=1"
LOGGEROPTS=""

authmysqlrc

Код: Выделить всё

MYSQL_SERVER            localhost
MYSQL_USERNAME          exim
MYSQL_PASSWORD          exim
MYSQL_PORT              3306
MYSQL_DATABASE          exim
MYSQL_USER_TABLE        'mailbox'
MYSQL_CLEAR_PWFIELD     'password'
MYSQL_UID_FIELD         88
MYSQL_GID_FIELD         88
MYSQL_LOGIN_FIELD       'username'
MYSQL_NAME_FIELD        'name'
MYSQL_MAILDIR_FIELD     CONCAT('/var/mail/exim/', 'maildir')
MYSQL_HOME_FIELD        CONCAT('/var/mail/exim/', 'maildir')
DEFAULT_DOMAIL          localhost

configure

Код: Выделить всё

primary_hostname =free.southcoal.local
domainlist local_domains = ${lookup mysql{SELECT 'domain' \
			    FROM 'domain' WHERE \
			    'domain'='${domain}' AND \
			    'actice'='1'}}
			    
domainlist relay_to_domains =${lookup mysql{SELECT 'domain' \
			    FROM 'domain' WHERE \
			    'domain'='${domain}' AND \
			    'actice'='1'}}
			
hostlist   relay_from_hosts = localhost:127.0.0.0/8:192.168.1.0/16
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
av_scanner = clamd:/var/run/clamav/clamd
qualify_domain =free.southcoal.local
qualify_recipient =free.southcoal.local
allow_domain_literals = false
exim_user = mailnull
exim_group = mail
never_users = root
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 45m
timeout_frozen_after = 15d
freeze_tell = spirit@southcoal.ru
helo_accept_junk_hosts=192.168.1.0/16
auto_thaw = 1h
smtp_banner = "primary_hostname, ESMTP EXIM $version_number"
smtp_accept_max = 50
smtp_accept_max_per_connection=25
smtp_connect_backlog = 30
smtp_accept_max_per_host = 20

split_spool_directory = true
remote_max_parallel = 15
return_size_limit = 70k
message_size_limit = 24M
helo_allow_chars =  _
smtp_enforce_sync = true

log_selector = \
    +all_parents \
    +connection_reject \
    +incoming_interface \
    +lost_incoming_connection \
    +received_sender \
    +received_recipients \
    +smtp_confirmation \
    +smtp_syntax_error \
    +smtp_protocol_error \
    -queue_run

syslog_timestamp = no
system_filter = /usr/local/etc/exim/copy_mail.conf

begin acl
acl_check_rcpt:
  accept  hosts = :

  deny    message       = "оЕДПРХУФЙНЩЕ УЙНЧПМЩ Ч БДТЕУЕ"
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]


  deny    message       = "оЕДПРХУФЙНЩЕ УЙНЧПМЩ Ч БДТЕУЕ"
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

    deny	message		= "HELO/EHLO ПВСЪБОП ВЩФШ РП SMTP RFC" 
		condition	= ${if q{sender_helo_name}{}{yes}{no}}



 accept  authenticated = *


    deny	message		= "оЕ ОБДП РЙИБФШ УЧПК IP Ч ЛБЮЕУФЧЕ HELO!"
		hosts		= *:!+relay_from_hosts
		condition	=${if eq{$sender_helo_name}\
				{$sender_host_address}{true}{false}}

    deny	message		= "ьФП НПК IP-БДТЕУ!рЫЕМ РТПЮШ!"
		hosts		= !127.0.0.1 : !localhost : *
		condition	=${if eq{$sender_helo_name}\
				{$interface_address}{yes}{no}}



    deny	message		= "ч HELO ОЕ НПЗХФ ВЩФШ ФПЛП ГЙЖТЩ"
		hosts		= !127.0.0.1:!localhost:*
		condition	=${if match{$sender_helo_name}\
				{\N^\d+$\N}{yes}{no}}



    deny	message		= "оЕ ОТБЧЙФУС НОЕ чБЫ ИПУФ..."
		condition	=${if match{$sender_helo_name}\
				{adsl|dialup|pool|peer|dhcp} \
				{yes}{no}}


    deny	message		= "host in blacklist - $dnslist_domain \n $dnslist_text""
		dnslists	= opm.blitzed.org : \
				proxies.blackholes.easynet.nl : \
				cbl.abuseseat.org : \
				bl.spamcop.net : \
				bl.csma.biz : \
				dynablock.njabl.org : \

    warn
	    set acl_m0 = 20s
	    
    warn
	    hosts = +relay_from_hosts : 80.254.120.230
	    set acl_m0 = 0s
	    
    warn	
	    logwrite = Delay $acl_m0 for $sender_host_name \
	    [$sender_host_address] with HELO=$sender_helo_name. Mail \
	    from $sender_address to $local_part@doamin.
	    delay = $acl_m0
 
 
 accept domains		=+local_domains
	endpass
	message		="ч ЬФПН ДПНЕОЕ ОЕФ ФБЛПЗП РПМШЪПЧБФЕМС"
	verify		=recipient
 
 accept domains		=+relay_to_domains
	endpass
	message		="нПС УЕТЧЕТБ ОЕ ЪОБФШ НБТЫТХФ ОБ ЬФПФ ИПУФ..."
	verify		=recipient
	
 accept hosts		=+relay_from_hosts
 deny message	=	"уЧПВПДЕО. ьФП ФЕВЕ ОЕ пРЕОтЕМЕК."
 acl_check_data:
    deny malware = *
    message = "In e-mail found VIRUS - $malware_name"
    accept
 

begin routers

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more



system_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup mysql{SELECT 'go' FROM 'alias' WHERE \
	'address'='${quote_mysql:$local_part@domain}' OR \
	'address'='${quote_mysql:@$domain}'}}

mysqluser:
    driver = accept
    condition = ${if eq{}{$lookup mysql{SELECT 'maildir' FROM 'mailbox' \
    WHERE 'username'='${quote_mysql:$local_part@domain}'}}}{no}{yes}}
    transport = mysql_delivery
    


begin transports
remote_smtp:
  driver = smtp


mysql_delivery:
    driver = appendfile
    check_string = ""
    create_directory
    delivery_date_add
    directory = ${lookup mysql{SELECT CONCAT('var/mail/exim/', 'maildir') \
		FROM 'mailbox' WHERE 'username'='${local_part}@${domain}'}}
    directory_mode = 770
    envelope_to_add
    group = mail
    maildir_format
    maildir_tag = ,S=$message_size
    message_prefix = ""
    message_suffix = ""
    mode = 0600

 address_file:
    driver = appendfile
    delivery_date_add
    envelope_to_add
    return_path_add
    
 address_pipe:
    driver = pipe
    return_output
 address_reply:
    driver = autoreply


begin retry


*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h

begin rewrite
begin authenticators

auth_plain:
    driver = plaintext
    public_name = PLAIN
    server_condition = ${lookup mysql{SELECT 'username' FROM \
			'mailbox' WHERE 'username' = \
			'${quote_mysql:$1}' AND 'password' = \
			'${quote_mysql:$2}'}{yes}{no}}
    server_prompts = :
    server_set_id = $2
    
        



auth_login:
    driver = plaintext
    public_name = LOGIN
    server_condition = ${lookup mysql{SELECT 'username' FROM \
			'mailbox' WHERE 'username' = \
			'${quote_mysql:$1}' AND 'password' = \
			'${quote_mysql:$2}'}{yes}{no}}
    server_prompts = Username:: : Password::
    server_set_id = $1


auth_cram_md5:
    driver = cram_md5
    public_name = CRAM-MD5
    server_secret = ${lookup mysql{SELECT 'password' FROM \
			'mailbox' WHERE 'username' \
			= '${quote_mysql:$1}'}{$value}fail}
    server_set_id = $1

copy_mail.conf

Код: Выделить всё

#!/bin/sh

if $recipients is "${lookup mysql{SELECT 'address' FROM 'alias' WHERE \
		    'address'='$recipients' AND 'copy_mail'='1' LIMIT 1}}"

then
    unseen deliver mail-copy-mailbox@southcoal.ru
endif


if $sender_address is "${lookup mysql{SELECT 'address' FROM 'alias' WHERE \
			'address'='$sender_address' AND 'copy_mail'='1' LIMIT 1}}"
			

then

    unseen deliver mail-copy-mailbox@southcoal.ru
    
endif