В логах нашел следующее:
Код: Выделить всё
WARNING: lstat() failed on: /var/spool/exim/scan/1RHY0i-0002iz-TK
Код: Выделить всё
mailnull:*:26:clamav
Код: Выделить всё
syslog_timestamp = no
begin acl
acl_check_rcpt:
accept hosts = :
deny message = "incorrect symbol in address"
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = "incorrect symbol in address"
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
deny message = "HELO/EHLO require by SMTP RFC"
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept authenticated = *
deny message = "Your IP in HELO - access denied!"
hosts = * : !+relay_from_hosts : !81-196.domain-ak.ru
condition = ${if eq{$sender_helo_name}{$sender_host_address}{true}{false}}
deny condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "main IP in your HELO! Access denied!"
deny condition = ${if match{$sender_helo_name}{\N^\d+$\N}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "can not be only number in HELO!"
deny condition = ${if eq{$sender_address}{}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "Sender address is empty?! not for RFC..."
#deny condition = ${lookup mysql{SELECT `goto` FROM `alias` WHERE `address`='${quote_mysql:$local_part@domain-ak.ru}'}{no}{yes}}
# hosts = !127.0.0.1 : !localhost : !192.168.0.0/24 : *
# message = "No such user!"
#deny condition = ${if match{$sender_helo_name}{masterhost.ru}{no}{yes}}
# hosts = !127.0.0.1 : !localhost : *
# message = "Access deny!"
warn
set acl_m0 = 30s
warn
hosts = +relay_from_hosts : 127.0.0.1/8 : 192.168.0.0/24
set acl_m0 = 0s
warn
deny local_parts = ^.*[@%!/|] : ^\\.
accept local_parts = postmaster
domains = +local_domains
require verify = sender
deny message = SPAMM !!! Access denied - $sender_host_address listed by dns.rfc-ignorant.org
dnslists = dns.rfc-ignorant.org
deny message = SPAMM !!! message from $sender_host_address rejected - see http://njabl.org/
dnslists = dnsbl.njabl.org
deny message = SPAMM !!! rejected because $sender_host_address for bad WHOIS info, see list.dsbl.org
dnslists = list.dsbl.org
deny message = SPAMM !!! rejected because $sender_host_address is in a black list at sbl.spamhaus.org
dnslists = sbl.spamhaus.org
deny message = SPAMM !!! rejected because $sender_host_address is in a black list at dul.ru
dnslists = dul.ru
deny message = SPAMM !!! Spam blocked see: http://www.spamcop.net/w3m?action=checkblock&ip=$sender_host_address
dnslists = bl.spamcop.net
deny message = SPAMM !!! rejected because $sender_host_address is in a black list at relays.ordb.org
dnslists = relays.ordb.org
deny message = SPAMM !!! rejected, $sender_host_address Open Proxy, see: $dnslist_domain\n$dnslist_text
dnslists = dnsbl.void.ru
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
acl_check_data:
warn message = X-Spam-Report: $spam_report\nX-Spam-Score:$spam_score\nX-Spam-Score-Int:$spam_score_int
condition = ${if <{$message_size}{200k}{1}{0}}
hosts = !+relay_from_hosts
spam = spamd:true
deny message = Sorry! We don't need your spam!
hosts = !+relay_from_hosts
condition = ${if >{$spam_score_int}{69}{1}{0}}
#////////////////////////////////////////////////////////////
#//antivirus here //
#////////////////////////////////////////////////////////////
warn message = X-Quarantine-Me-Malware: $malware_name
log_message = Malware found: $malware_name
demime = *
malware = */defer_ok
set acl_m2 = $malware_name
accept
begin routers
#/////////////////////////////////////////////////////////
#// antiviruses router //
#/////////////////////////////////////////////////////////
check_malware:
driver = redirect
condition = ${if def:h_X-Quarantine-Me-Malware: {1}{0}}
headers_remove = Subject
headers_add = Subject: [CLAMAV: $acl_m2] $h_Subject
data = furryyiff@inbox.ru
file_transport = address_file
#//////////////////////////////////////////////////////////
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT `goto` FROM `alias` WHERE \
`address`='${quote_mysql:$local_part@$domain}' OR \
`address`='${quote_mysql:@$domain}'}}
mysqluser:
driver = accept
condition = ${if eq{}{${lookup mysql{SELECT `maildir` FROM `mailbox` \
WHERE `username`='${quote_mysql:$local_part@$domain}'}}}{no}{yes}}
transport = mysql_delivery
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
begin transports
remote_smtp:
driver = smtp
mysql_delivery:
driver = appendfile
check_string = ""
create_directory
delivery_date_add
directory = ${lookup mysql{SELECT CONCAT('/var/mail/exim/', `maildir`) \
FROM `mailbox` WHERE `username`='${local_part}@${domain}'}}
directory_mode = 770
envelope_to_add
group = mail
maildir_format
maildir_tag = ,S=$message_size
message_prefix = ""
message_suffix = ""
mode = 0600
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_pipe:
driver = pipe
return_output
address_reply:
driver = autoreply
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
*@furmail.ru $local_part@furmail.ru Eh
begin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$1}' AND `password` = \
'${quote_mysql:$2}'}{yes}{no}}
server_prompts = :
server_set_id = $2
auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT `username` FROM \
`mailbox` WHERE `username` = \
'${quote_mysql:$1}' AND `password` = \
'${quote_mysql:$2}'}{yes}{no}}
server_prompts = Username:: : Password::
server_set_id = $1
# А так авторизуется "Летучая Мышь" - TheBat!
auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT `password` FROM \
`mailbox` WHERE `username` \
= '${quote_mysql:$1}'}{$value}fail}
server_set_id = $1
Код: Выделить всё
local.cf
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
trusted_networks 192.168/16 127/8 # all in 192.168.*.* and 127.*.*.*
trusted_networks 127. # all in 127.*.*.* localhost
# whitelist
whitelist_from *@furmail.ru
whitelist_from localhost
# blacklist
#blacklist_from
#blacklist_to
rewrite_subject 1
subject_tag ***SPAM***
required_hits 5.0
report_safe 0
use_terse_report 0
use_bayes 1
auto_learn 1
skip_rbl_checks 0
use_razor2 0
use_dcc 0
use_pyzor 0
always_add_report 1
#use_auto_whitelist 1
#auto_whitelist_path /etc/mail/spamassassin/auto_whitelist
#bayes_path /etc/mail/spamassassin/bayes
ok_languages ru en
ok_locales ru en
report_charset windows-1251
lang ru
#score NAME_OF_TEST 3.0
#score MIME_HTML_ONLY 2.0
#score HTML_MESSAGE 1.0
#score HTML_FONTCOLOR_RED 2.0
score FROM_ILLEGAL_CHARS 1.5
score HEAD_ILLEGAL_CHARS 1.5
#end
Код: Выделить всё
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 2M
LogClean yes
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/db/clamav
LocalSocket /var/run/clamav/clamd.sock
FixStaleSocket yes
User clamav
AllowSupplementaryGroups yes
ScanMail yes
ScanArchive yes
Так же при старте системы пишет о невозможности создания сокета на 127.0.0.1 порт 783 от spamd