alesniak

Witam, Nie jestem adminem, dostałem serwer skonfigurowany przez dostawcę hostingu, ale chyba nie do końca tak jak sie należy. Od kilku dni coś wysyła spam z mojego serwera. Blokuję adresy, z których jest połączenie na firewall'u ale na następny dzień idzie znowu z innych adresów. Oto fragment logów z mainlog'a: 2017-01-20 02:41:39 SMTP connection from [198.20.83.172]:54327 I=[ip_mojego_serwera]:25 (TCP/IP connection count = 2) 2017-01-20 02:41:40 198.20.83.172 whitelisted in local domains whitelist 2017-01-20 02:41:42 1cUOCz-0007DA-Nr <= pnjfc@gmail.com H=(server01windows) [198.20.83.172]:54327 I=[ip_mojego_serwera]:25 P=esmtp S=1184 T="Re: Aumente seu P�nis em at�\n 10cm Naturalmente! M�todo Comprovado." from <pnjfc@gmail.com> for karech@uol.com.br karech@uol.com.br criss_sjc@hotmail.com silviapaula7@yahoo.com.br i.abreu@grupofiat.com.br rsfaca@hotmail.com mines_minas@yahoo.com.br edgaroliveira1979@yahoo.com.br helenammpataro@gmail.com nolletas@hotmail.com filipemodelo@hotmail.com 2017-01-20 02:41:42 SMTP connection from (server01windows) [198.20.83.172]:54327 I=[ip_mojego_serwera]:25 closed by QUIT 2017-01-20 02:41:46 SMTP connection from [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 (TCP/IP connection count = 2) 2017-01-20 02:41:46 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <sheilafreire.miranda@hotmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:46 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <sheilafreire.miranda@hotmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:46 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <xer@netwizard.com.br>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:47 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <mercinho_gatinho100@hotmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:48 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <hondex@gmail.com>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:49 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <msposito@zipmail.com.br>: R1: HELO should be a FQDN or address literal (See RFC 2821 4.1.1.1) 2017-01-20 02:41:51 H=(server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 F=<jucci@hotmail.com> rejected RCPT <djdf_ailton@hotmail.com>: REJECTED - Too many failed recipients - count = 6: response to "RCPT TO:<djdf_ailton@hotmail.com>" from mx2.hotmail.com [65.54.188.126] was: 550 Requested action not taken: mailbox unavailable 2017-01-20 02:41:51 SMTP connection from (server01windows) [198.20.83.172]:54400 I=[ip_mojego_serwera]:25 closed by DROP in ACL Z tego co sprawdziłem to można bez problemu słać maile przez mój serwer przez port 25 bez autoryzacji i chyba taką metodą jestem nękany. Pytanie w jaki sensowny sposób mogę to załatać. Port 25 nie jest mi potrzebny dla użytkowników bo wszyscy są skonfigurowani na 587. Konfiguracja systemu: CentOS 7.0 + Exim 4.87 + csf: v9.29 + DirectAdmin Będę wdzięczny za sugestie. pozdr. AL

W pophosts nie ma tych ip. A oto plik konfiguracyjny exim'a # SpamBlockerTechnology* powered exim.conf, Version 4.4.3 # Dec 5, 2015 # Exim configuration file for DirectAdmin # Requires exim.pl as distributed by DirectAdmin here: # http://files.directadmin.com/services/exim.pl version 21 or higher # ClamAV optional # SpamAssassin optional # Dovecot/IMAP Mandatory # *SpamBlockerTechnology is a Trademark of NoBaloney Internet Services: # http://www.nobaloney.net # # WARNING! Do NOT use this exim.conf Exim configuration file unless you # make the required modifications to your Exim configuration # following the instructions in the README file included in this # distribution: # README-SpamBlockerVersion4exim.conf.txt # # The original exim.conf file distributed with Exim 4, includes the # following copyright notice: # # Copyright (C) 2002 University of Cambridge, Cambridge, UK # # Portions of the file are taken from the exim.conf file as # distributed with DirectAdmin (http://www.directadmin.com/) # # Copyright (C) 2003-2011 JBMC Software, St Albert, AB, Canada # # Portions of this file are written by NoBaloney Internet Services # and are copyright as follows: # # Copyright (C) 2004-2011 NoBaloney Internet Services, Riverside, Calif., USA # # The entire Exim 4 distribution, including the exim.conf file, is # distributed under the GNU GENERAL PUBLIC LICENSE, Version 2, # June 1991. If you do not have a copy of the GNU GENERAL PUBLIC LICENSE # you may download it, in it's entirety, from the website at: # # http://www.nobaloney.net/exim/gnu-gpl-v2.txt # # Thanks to all the members of the DirectAdmin community and of the exim # community who have given their # much needed and appreciated help. # # The most recent version of this file may always downloaded from the website # at: http://www.nobaloney.net/downloads/spamblocker # # MODIFICATION INSTRUCTIONS # # YOU MUST MAKE THE CHANGES TO THIS # SpamBlockerTechnology* powered exim.conf, Version 4.0 # file as documented in the README file. # # The README file for this version is named: # README-SpamBlockerVersion4exim.conf.txt # CONFIGURATION STARTS HERE #EDIT#1: # primary_hostname = smtp_active_hostname = ${if exists{/etc/virtual/helo_data}{${lookup{$interface_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}} #EDIT#2-CLAMAV: # av_scanner = clamd:/var/run/clamav/clamd .include_if_exists /etc/exim.clamav.load.conf #Block Cracking variables .include_if_exists /etc/exim.blockcracking/variables.conf #Easy Spam Figher variables .include_if_exists /etc/exim.easy_spam_fighter/variables.conf #SRS .include_if_exists /etc/exim.srs.conf #EDIT#3: # qualify_domain = #EDIT#4: perl_startup = do '/etc/exim.pl' #EDIT#5: system_filter = /etc/system_filter.exim #EDIT#6: untrusted_set_sender = * #EDIT#7: daemon_smtp_ports = 25 : 587 : 465 tls_on_connect_ports = 465 #EDIT#8: local_from_check = false RBL_DNS_LIST=\ cbl.abuseat.org : \ bl.spamcop.net : \ combined.rbl.msrbl.net : \ b.barracudacentral.org : \ zen.spamhaus.org : \ hostkarma.junkemailfilter.com=127.0.0.2 .include /etc/exim.variables.conf .include /etc/exim.strings.conf .include_if_exists /etc/exim.strings.conf.custom #EDIT#10: helo_allow_chars = _ #EDIT#11: #log_selector = \ # +delivery_size \ # +sender_on_delivery \ # +received_recipients \ # +received_sender \ # +smtp_confirmation \ # +subject \ # +smtp_incomplete_transaction \ # -dnslist_defer \ # -host_lookup_failed \ # -queue_run \ # -rejected_header \ # -retry_defer \ # -skip_delivery \ # +arguments log_selector = +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn #EDIT#12: syslog_duplication = false #EDIT#13: acl_not_smtp = acl_script acl_smtp_auth = acl_check_auth acl_smtp_connect = acl_connect acl_smtp_helo = acl_check_helo acl_smtp_mail = ${if ={$interface_port}{587} {accept}{acl_check_mail}} acl_smtp_rcpt = acl_check_recipient acl_smtp_dkim = ${if ={$interface_port}{587} {accept}{acl_check_dkim}} acl_smtp_data = acl_check_message acl_smtp_mime = acl_check_mime #EDIT#14: addresslist whitelist_senders = nwildlsearch;/etc/virtual/whitelist_senders addresslist blacklist_senders = nwildlsearch;/etc/virtual/blacklist_senders domainlist blacklist_domains = nwildlsearch;/etc/virtual/blacklist_domains domainlist whitelist_domains = nwildlsearch;/etc/virtual/whitelist_domains domainlist local_domains = lsearch;/etc/virtual/domains domainlist relay_domains = lsearch;/etc/virtual/domains domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains domainlist skip_rbl_domains = nwildlsearch;/etc/virtual/skip_rbl_domains hostlist skip_rbl_hosts = ${if exists{/etc/virtual/skip_rbl_hosts}{wildlsearch;/etc/virtual/skip_rbl_hosts}} hostlist skip_rbl_hosts_ip = ${if exists{/etc/virtual/skip_rbl_hosts_ip}{/etc/virtual/skip_rbl_hosts_ip}} hostlist auth_relay_hosts = * hostlist bad_sender_hosts = nwildlsearch;/etc/virtual/bad_sender_hosts hostlist bad_sender_hosts_ip = /etc/virtual/bad_sender_hosts_ip hostlist whitelist_hosts = nwildlsearch;/etc/virtual/whitelist_hosts hostlist whitelist_hosts_ip = /etc/virtual/whitelist_hosts_ip BLACKLIST_USERNAMES = /etc/virtual/blacklist_usernames #EDIT#15: #domainlist skip_av_domains = nwildlsearch;/etc/virtual/skip_av_domains #EDIT#16: hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts #EDIT#17: never_users = root #EDIT#18: host_lookup = * #EDIT#19: rfc1413_hosts = * rfc1413_query_timeout = 0s #EDIT#20: #exim.variables.conf #EDIT#21: #exim.variables.conf #EDIT#22: #exim.variables.conf #EDIT#23: tls_certificate = /etc/exim.cert tls_privatekey = /etc/exim.key openssl_options = +no_sslv2 +no_sslv3 tls_require_ciphers = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP tls_advertise_hosts = * #auth_over_tls_hosts = * .include_if_exists /etc/exim.variables.conf.post ################################################################################## # Access Control Lists ################################################################################## begin acl ###################################### # ACL CONNECT ###################################### #EDIT#24: acl_connect: warn set acl_m_spam_assassin_has_run = 0 warn set acl_m_is_whitelisted = 0 .include_if_exists /etc/exim.easy_spam_fighter/connect.conf accept hosts = * ###################################### # ACL CHECK MAIL ###################################### acl_check_mail: accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} #EDIT#31: accept sender_domains = +whitelist_domains logwrite = $sender_host_address whitelisted in local domains whitelist set acl_m_is_whitelisted = 1 accept hosts = +whitelist_hosts logwrite = $sender_host_address whitelisted in local hosts whitelist set acl_m_is_whitelisted = 1 accept hosts = +whitelist_hosts_ip logwrite = $sender_host_address whitelisted in local hosts IP whitelist set acl_m_is_whitelisted = 1 # accept if envelope sender is in whitelist accept senders = +whitelist_senders logwrite = $sender_host_address whitelisted in local sender whitelist set acl_m_is_whitelisted = 1 .include_if_exists /etc/exim.easy_spam_fighter/check_mail.conf accept ###################################### # ACL CHECK AUTH ###################################### #EDIT#24.5# acl_check_auth: drop set acl_m_authcount = ${eval10:0$acl_m_authcount+1} condition = ${if >{$acl_m_authcount}{2}} delay = 10s message = ONLY_ONE_AUTH_PER_CONN accept ###################################### # ACL CHECK HELO ###################################### #EDIT#25: acl_check_helo: # accept mail originating on this server unconditionally accept hosts = @[] : @ # deny if the HELO pretends to be this host deny message = HELO_HOST_IMPERSANATION condition = ${if or { \ {eq{$sender_helo_name}{$smtp_active_hostname}} \ {eq{$sender_helo_name}{[$interface_address]}} \ } {true}{false} } # deny if the HELO is an IP address deny message = HELO_IS_IP condition = ${if eq{$interface_port}{25}} condition = ${if isip{$sender_helo_name}} # deny if hostname if ylmf-pc, which accounts for a HUGE percentage of BF attacks deny message = HELO_BLOCKED_FOR_ABUSE condition = ${if eq{$sender_helo_name}{ylmf-pc}} # deny if the HELO pretends to be one of the domains hosted on the server deny message = HELO_IS_LOCAL_DOMAIN condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}} hosts = ! +relay_hosts accept ###################################### # ACL SCRIPT ###################################### acl_script: discard set acl_m_uid = ${perl{find_uid}} set acl_m_username = ${perl{get_username}{$acl_m_uid}} condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}} condition = ${if >{${perl{hit_limit_user}{$acl_m_username}}}{1}} message = USER_TOO_MANY discard condition = ${if !eq{$originator_uid}{$exim_uid}} condition = ${if exists{BLACKLIST_USERNAMES}} condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}} message = USER_ON_BLACKLIST_SCRIPT .include_if_exists /etc/exim.blockcracking/script.conf accept .include_if_exists /etc/exim.blockcracking/script.recipients.conf ###################################### # ACL CHECK RECIPIENT ###################################### #EDIT#26: acl_check_recipient: # block certain well-known exploits, Deny for local domains if # local parts begin with a dot or contain @ % ! / | deny domains = +local_domains local_parts = ^[.] : ^.*[@%!/|] # If you've hit the limit, you can't send anymore. Requires exim.pl 17+ drop message = AUTH_TOO_MANY condition = ${perl{auth_hit_limit_acl}} authenticated = * drop message = MULTIPLE_BOUNCE_RECIPIENTS senders = : postmaster@* condition = ${if >{$recipients_count}{0}{true}{false}} drop message = TOO_MANY_FAILED_RECIPIENTS log_message = REJECTED - Too many failed recipients - count = $rcpt_fail_count condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}} !verify = recipient/callout=2m,defer_ok,use_sender drop message = DOMAIN_SUSPENDED domains = +local_domains condition = ${if exists{/etc/virtual/${domain}_off}{yes}{no}} drop authenticated = * condition = ${if exists{BLACKLIST_USERNAMES}} set acl_m_uid = ${perl{find_uid_auth_id}{$authenticated_id}} set acl_m_username = ${perl{get_username}{$acl_m_uid}} condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}} condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}} message = USER_ON_BLACKLIST_SMTP logwrite = User account $acl_m_username is blocked via BLACKLIST_USERNAMES accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} #Block Cracking - https://github.com/Exim/exim/wiki/BlockCracking .include_if_exists /etc/exim.blockcracking/auth.conf # restrict port 587 to authenticated users only # see also daemon_smtp_ports above accept hosts = +auth_relay_hosts condition = ${if eq {$interface_port}{587} {yes}{no}} endpass message = RELAY_NOT_PERMITTED_AUTH authenticated = * # Deny all Mailer-Daemon messages not for us: deny message = We didn't send the message senders = : domains = !+relay_domains # Deny if the recipient doesn't exist: deny message = NO_SUCH_RECIPIENT domains = +local_domains !verify = recipient # Remaining Mailer-Daemon messages must be for us accept senders = : domains = +relay_domains #EDIT#27: # 1st deny checks if it's a hostname or IPV4 address with dots or IPV6 address deny message = R1: HELO_SHOULD_BE_FQDN !authenticated = * condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}} ## 2nd deny makes sure the hostname doesn't end with a dot (invalid) # deny message = R2: HELO_SHOULD_BE_FQDN # !authenticated = * # condition = ${if match{$sender_helo_name}{\N\.$\N}} # 3rd deny makes sure the hostname has no double-dots (invalid) deny message = R3: HELO_SHOULD_BE_FQDN !authenticated = * condition = ${if match{$sender_helo_name}{\N\.\.\N}} ## 4th deny make sure the hostname doesn't end in .home (invalid domain) # deny message = R4: HELO_SHOULD_BE_FQDN # !authenticated = * # condition = ${if match{$sender_helo_name}{\N\.home$\N}} #EDIT#28: # warn domains = +skip_av_domains # set acl_m0 = $tod_epoch #EDIT#29: deny domains = !+local_domains local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ #EDIT#30: accept hosts = : logwrite = Whitelisted as having local origination #EDIT#32: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_SENDER domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip senders = +blacklist_senders #EDIT#33: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_HOST # only for domains that do want to be tested against RBLs domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip hosts = +bad_sender_hosts #EDIT#34: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_IP hosts = +bad_sender_hosts_ip #EDIT#35: accept domains = +local_domains sender_domains = !+blacklist_domains hosts = !+bad_sender_hosts hosts = !+bad_sender_hosts_ip dnslists = list.dnswl.org logwrite = $sender_host_address whitelisted in list.dnswl.org #EDIT#36: # accept domains = +local_domains # dnslists = hostkarma.junkemailfilter.com=127.0.0.1 # logwrite = $sender_host_address whitelisted in hostkarma.junkemailfilter.com #EDIT#37: # accept local_parts = whitelist # domains = example.com #EDIT#38: require verify = sender #EDIT#39: deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_DOMAIN domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip sender_domains = +blacklist_domains #EDIT#40: # deny message = 554 denied. 5.7.1 Forged Paypal Mail, not sent from PayPal. # senders = *@paypal.com # condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}} #EDIT#41: warn hosts = +skip_rbl_hosts logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts warn hosts = +skip_rbl_hosts_ip logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts_ip warn domains = +skip_rbl_domains logwrite = $sender_host_address RBL whitelisted $domain in skip_rbl_domains deny message = RBL_BLOCKED_BY_LIST hosts = !+relay_hosts domains = +use_rbl_domains domains = !+skip_rbl_domains hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip !authenticated = * dnslists = RBL_DNS_LIST .include_if_exists /etc/exim.easy_spam_fighter/check_rcpt.conf #COMMENT#43: # ACCEPT EMAIL BEGINNING HERE # accept if address is in a local domain as long as recipient can be verified accept domains = +local_domains endpass message = UNKNOWN_USER verify = recipient #COMMENT#44 # accept if address is in a domain for which we relay as long as recipient # can be verified accept domains = +relay_domains endpass verify = recipient #EDIT#45: accept hosts = +relay_hosts add_header = X-Relay-Host: $sender_host_address accept hosts = +auth_relay_hosts endpass message = AUTH_REQUIRED authenticated = * # FINAL DENY EMAIL BEFORE DATA BEGINS HERE # default at end of acl causes a "deny", but line below will give # an explicit error message: deny message = RELAY_NOT_PERMITTED ###################################### # ACL CHECK DKIM ###################################### acl_check_dkim: accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} .include_if_exists /etc/exim.easy_spam_fighter/check_dkim.conf accept ###################################### # ACL CHECK MESSAGE ###################################### # ACL that is used after the DATA command (ClamAV) acl_check_message: deny message = This message contains malformed MIME ($demime_reason) demime = * condition = ${if >{$demime_errorlevel}{2}{1}{0}} deny message = This message contains a virus or other harmful content ($malware_name) demime = * malware = */defer_ok deny message = This message contains an attachment of a type which we do not accept (.$found_extension) demime = bat:com:pif:prf:scr:vbs warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}} .include_if_exists /etc/exim.easy_spam_fighter/check_message.conf #EDIT#46: .include_if_exists /etc/exim.clamav.conf ## accept without checking if in skip_av_domains # accept condition =${if and {{def:acl_m0}{def:acl_m0}} {true}{false}} ## deny if email contains malformed MIME header # deny message = CLAM_MALFORMED_MIME # demime = * # condition = ${if >{$demime_errorlevel}{2}{1}{0}} ## deny if email containing virus or other harmful content # deny message = CLAM_HAS_VIRUS # demime = * # malware = * ## deny if email contains an attachment of type we don't accept. # deny message = CLAM_BAD_ATTACHMENT # demime = bat:com:pif:prf:scr:vbs:html ## Accept but put warning into headers if message over 1000k # warn message = CLAM_SKIPPED # condition = ${if >={$message_size}{1000k} {1}{0}} # warn message = CLAM_CLEAN ## The end of the acl_check_message acl (ClamAV) ## Do NOT comment out the line below or all messages will be denied. accept ###################################### # ACL that is used for each MIME attachment in the email. acl_check_mime: .include_if_exists /etc/exim.check_mime.conf.custom .include_if_exists /etc/exim.easy_spam_fighter/check_mime.conf accept ################################################################################## # AUTHENTICATION CONFIGURATION ################################################################################## begin authenticators plain: driver = plaintext public_name = PLAIN server_prompts = : server_condition = "${perl{smtpauth}{0}}" server_set_id = $2 login: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" server_condition = "${perl{smtpauth}{0}}" server_set_id = $1 #EDIT#47: # REWRITE CONFIGURATION # There is no rewriting specification in this exim.conf file. If your # configuration requires one, it would go here ################################################################################## # ROUTERS CONFIGURATION ################################################################################## begin routers #EDIT#48: lookuphost: driver = dnslookup domains = ! +local_domains ignore_target_hosts = 127.0.0.0/8 condition = "${perl{check_limits}}" transport = remote_smtp no_more # RELATED: http://help.directadmin.com/item.php?id=153 # smart_route: # driver = manualroute # domains = ! +local_domains # ignore_target_hosts = 127.0.0.0/8 # condition = "${perl{check_limits}}" # route_list = !+local_domains HOSTNAME-or-IP# # transport = remote_smtp #COMMENT#49: #DIRECTORS CONFIGURATION .include_if_exists /etc/exim.spamassassin.conf #EDIT#50: # Spam Assassin #spamcheck_director removed. Use the exim.spamassassin.conf majordomo_aliases: driver = redirect allow_defer allow_fail data = ${if exists{/etc/virtual/${domain}/majordomo/list.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/list.aliases}}}} domains = lsearch;/etc/virtual/domainowners file_transport = address_file group = daemon pipe_transport = majordomo_pipe retry_use_local_part no_rewrite user = majordomo majordomo_private: driver = redirect allow_defer allow_fail #condition = "${if eq {$received_protocol} {local} {true} {false} }" condition = "${if or { {eq {$received_protocol} {local}} \ {eq {$received_protocol} {spam-scanned}} } {true} {false} }" data = ${if exists{/etc/virtual/${domain}/majordomo/private.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/private.aliases}}}} domains = lsearch;/etc/virtual/domainowners file_transport = address_file group = daemon pipe_transport = majordomo_pipe retry_use_local_part user = majordomo domain_filter: driver = redirect allow_filter no_check_local_user condition = "${if exists{/etc/virtual/${domain}/filter}{yes}{no}}" user = "${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}" group = "mail" file = /etc/virtual/${domain}/filter directory_transport = address_file pipe_transport = virtual_address_pipe retry_use_local_part no_verify uservacation: # uservacation reply to all except errors, bounces, lists driver = accept condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/vacation.conf}{yes}{no}} condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}} require_files = /etc/virtual/${domain}/reply/${local_part}.msg # do not reply to errors and bounces or lists senders = " ! ^.*-request@.*:\ ! ^owner-.*@.*:\ ! ^postmaster@.*:\ ! ^listmaster@.*:\ ! ^mailer-daemon@.*\ ! ^root@.*" transport = uservacation unseen userautoreply: driver = accept condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/autoresponder.conf}{yes}{no}} condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}} require_files = /etc/virtual/${domain}/reply/${local_part}.msg # do not reply to errors and bounces or lists senders = " ! ^.*-request@.*:\ ! ^owner-.*@.*:\ ! ^postmaster@.*:\ ! ^listmaster@.*:\ ! ^mailer-daemon@.*\ ! ^root@.*" transport = userautoreply unseen virtual_aliases_nostar: driver = redirect srs = forward allow_defer allow_fail data = ${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}} file_transport = address_file group = mail pipe_transport = virtual_address_pipe retry_use_local_part unseen #include_domain = true virtual_user: driver = accept condition = ${perl{save_virtual_user}} domains = lsearch;/etc/virtual/domainowners group = mail retry_use_local_part transport = dovecot_lmtp_udp # accept only if local_part is not in the aliases file # (this implements catch-all) virtual_aliases: driver = redirect srs = forward allow_defer allow_fail condition = ${if eq {}{${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}}{yes}{no}} data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch*{/etc/virtual/$domain/aliases}}}} file_transport = address_file group = mail pipe_transport = virtual_address_pipe retry_use_local_part #include_domain = true #COMMENT#51: drop_solo_alias: driver = redirect allow_defer allow_fail data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch{/etc/virtual/$domain/aliases}}}} file_transport = devnull group = mail pipe_transport = devnull retry_use_local_part #include_domain = true srs_router: driver = redirect srs = reverseandforward data = ${srs_recipient} #COMMENT#52: userforward: driver = redirect allow_filter check_ancestor check_local_user no_expn file = $home/.forward file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply no_verify system_aliases: driver = redirect allow_defer allow_fail data = ${lookup{$local_part}lsearch{/etc/aliases}} file_transport = address_file pipe_transport = address_pipe retry_use_local_part # user = exim localuser: driver = accept check_local_user condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}" transport = local_delivery #COMMENT#53: ################################################################################## # TRANSPORTS CONFIGURATION ################################################################################## begin transports #COMMENT#54: spamcheck: driver = pipe batch_max = 100 command = /usr/sbin/exim -oMr spam-scanned -bS current_directory = "/tmp" group = mail home_directory = "/tmp" log_output message_prefix = message_suffix = return_fail_output no_return_path_add transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}} use_bsmtp user = mail #COMMENT#55: majordomo_pipe: driver = pipe group = daemon return_fail_output user = majordomo #COMMENT#56: local_delivery: driver = appendfile delivery_date_add envelope_to_add directory = /home/$local_part/Maildir/ directory_mode = 770 create_directory = true maildir_format group = mail mode = 0660 return_path_add user = ${local_part} #COMMENT#57: virtual_localdelivery: driver = appendfile create_directory delivery_date_add directory_mode = 770 envelope_to_add directory = /home/${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}/imap/${domain}/${local_part}/Maildir maildir_format group = mail mode = 660 return_path_add user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}" quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}} #EDIT#58: uservacation: driver = autoreply file = /etc/virtual/${domain}/reply/${local_part}.msg from = "${local_part}@${domain}" log = /etc/virtual/${domain}/reply/${local_part}.log no_return_message headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}} subject = ${if def:h_Subject: {\ ${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\ {${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\ {Autoreply}\ }: ${quote:${escape:${length_60:$h_Subject:}}}}\ {I am on vacation}} to = "${sender_address}" user = mail once = /etc/virtual/${domain}/reply/${local_part}.once once_file_size = 100K once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}} #COMMENT#59: userautoreply: driver = autoreply bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}} file = /etc/virtual/${domain}/reply/${local_part}.msg from = "${local_part}@${domain}" log = /etc/virtual/${domain}/reply/${local_part}.log no_return_message headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}} subject = ${if def:h_Subject: {\ ${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\ {${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\ {Autoreply}\ }: ${quote:${escape:${length_60:$h_Subject:}}}}\ {Autoreply Message}} to = "${sender_address}" user = mail once = /etc/virtual/${domain}/reply/${local_part}.once once_file_size = 100K once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}} #COMMENT#60: devnull: driver = appendfile file = /dev/null #COMMENT#61: remote_smtp: driver = smtp headers_add = "${if def:authenticated_id{X-Authenticated-Id: ${authenticated_id}}}" interface = <; ${if exists{/etc/virtual/domainips}{${lookup{$sender_address_domain}lsearch*{/etc/virtual/domainips}}}} helo_data = ${if exists{/etc/virtual/helo_data}{${lookup{$sending_ip_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}} .include_if_exists /etc/exim.dkim.conf #EDIT#62: address_pipe: driver = pipe return_output virtual_address_pipe: driver = pipe group = nobody return_output user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}" .include_if_exists /etc/exim.cagefs.pipe.conf #COMMENT#63: address_file: driver = appendfile delivery_date_add envelope_to_add return_path_add #COMMENT#64: address_reply: driver = autoreply dovecot_lmtp_udp: driver = lmtp socket = /var/run/dovecot/lmtp #maximum number of deliveries per batch, default 1 batch_max = 200 delivery_date_add envelope_to_add return_path_add user = mail ################################################################################## # RETRY CONFIGURATION ################################################################################## #EDIT#65: # Domain Error Retries # ------ ----- ------- begin retry * quota * * F,2h,15m; G,16h,1h,1.5; F,4d,8h # End of Exim 4 configuration

A gdzie szukać pliku z tą whitelistą?