From: Sergey Kobzar <tod.zullu@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re[6]: [gentoo-user] OT - Exim question
Date: Fri, 14 Mar 2008 11:25:18 +0200 [thread overview]
Message-ID: <262295639.20080314112518@gmail.com> (raw)
In-Reply-To: <1205460469.11582.23.camel@camille.espersunited.com>
Hi Michael,
See comments below.
> Here's the config. I think I have my sed command correct to remove the
> commented lines from the listing:
> baby ~ # cat /etc/exim/exim.conf | sed /#/d
> domainlist local_domains = @ : espersunited.com :
^^^^^^^^^^^^^^^^^^^^^^^^^^^ - Did you really spit domainlist on few
lines w/o backslashes at the end of each line or it's your MUA?
> baby.espersunited.com : localhost : localdomain :
> camille.espersunited.com : catherine.espersunited.com : camille :
> catherine
Did you really spit domainlist on few lines w/o backslashes at the
end of each line or it's your MUA?
> domainlist relay_to_domains =
> hostlist relay_from_hosts = 127.0.0.1 : 192.168.1.2 : 192.168.1.3 :
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - Same as domainlist local_domains above
> 192.168.1.4 : 192.168.0.2 192.168.1.100
> acl_smtp_rcpt = acl_check_rcpt
> acl_smtp_data = acl_check_data
> acl_smtp_mime = acl_check_mime
> av_scanner = clamd:/tmp/clamd
> spamd_address = 127.0.0.1 783
> qualify_domain = espersunited.com
> never_users = root
> host_lookup = *
^^^^^^^^^^^^^^^^^^ - try change it to something like:
host_lookup = !192.168.0.0/24: !192.168.1.0/24
> rfc1413_hosts = *
> rfc1413_query_timeout = 5s
^^^^^^^^^^^^^^^^^^^^^^^^^^^^ you can freely set it to 0s
> sender_unqualified_hosts = baby.espersunited.com :
^^^^^^^^^^^^^^^^^^^^^^^^^^ - usually you don't need this in case of
correct MUA settings.
> camille.espersunited.com : catherine.espersunited.com :
> localhost.localdomain
> recipient_unqualified_hosts = baby.espersunited.com :
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - same as for sender_unqualified_hosts
> camille.espersunited.com : catherine.espersunited.com :
> localhost.localdomain
> ignore_bounce_errors_after = 2d
> timeout_frozen_after = 7d
> begin acl
> acl_check_rcpt:
> accept hosts = :
> deny message = Restricted characters in address
> domains = +local_domains
> local_parts = ^[.] : ^.*[@%!/|]
> deny message = Restricted characters in address
> domains = !+local_domains
> local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
> accept local_parts = postmaster
> domains = +local_domains
> require verify = sender
^^^^^^^^^^^^^^^^^^ - are you sure you really need this in your case?
:)
> accept hosts = +relay_from_hosts
> control = submission
> accept authenticated = *
> control = submission
> require message = relay not permitted
> domains = +local_domains : +relay_to_domains
> require verify = recipient
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - this does not work as expected. Use
something like 'require verify = recipient/callout=60s,defer_ok'.
> accept
> acl_check_data:
>
> warn message = X-SpamScore: $spam_score ($spam_bar)
> spam = nobody:true
> warn message = X-SpamReport: $spam_report
> spam = nobody:true
> warn message = X-Spam-Flag: ${if \
> >{$spam_score_int}{58}{Almost Certainly}\
> {${if >{$spam_score_int}{55}{Probably}\
> {${if >{$spam_score_int}{50}{Possibly}{Doubtful}\
> }}}}}
> spam = nobody
> warn message = Subject: [*SPAM*] $h_Subject ${if \
> >{$spam_score_int}{58}{Almost Certainly}\
> {${if >{$spam_score_int}{55}{Probably}\
> {${if >{$spam_score_int}{50}{Possibly}{Doubtful}\
> }}}}}
> spam = nobody
> deny message = Rejected: spam score $spam_score
> spam = nobody:true
> condition = ${if >{$spam_score_int}{60}{1}{0}}
Worth to set message size limit here for spam checking.
> accept
> acl_check_mime:
> warn decode = default
> deny message = Blacklisted file extension detected
> condition = ${if match \
> {${lc:$mime_filename}} \
> {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com|.vbs)$\N} \
> {1}{0}}
> accept
> acl_check_content:
> deny message = Serious MIME defect detected ($demime_reason)
> demime = *
> condition = ${if >{$demime_errorlevel}{2}{1}{0}}
> deny message = This message contains malware ($malware_name)
> malware = *
> warn message = X-Spam-Score: $spam_score ($spam_bar)
> spam = nobody:true
> warn message = X-Spam-Report: $spam_report
> spam = nobody:true
> warn message = Subject: [*SPAM*] $h_Subject
> spam = nobody
> deny message = This message scored $spam_score points.
> Congratulations!
> spam = nobody:true
> condition = ${if >{$spam_score_int}{50}{1}{0}}
Why do you check message for spam twice? %)
> accept
> begin routers
> dnslookup:
> driver = dnslookup
> domains = ! +local_domains
> transport = remote_smtp
> ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
> no_more
> system_aliases:
> driver = redirect
> allow_fail
> allow_defer
> data = ${lookup{$local_part}lsearch{/etc/mail/aliases}}
> file_transport = address_file
> pipe_transport = address_pipe
> userforward:
> driver = redirect
> check_local_user
> file = $home/.forward
> no_verify
> no_expn
> check_ancestor
> file_transport = address_file
> pipe_transport = address_pipe
> reply_transport = address_reply
> localuser:
> driver = accept
> check_local_user
> transport = local_delivery
> cannot_route_message = Unknown user
> begin transports
> remote_smtp:
> driver = smtp
> local_delivery:
> driver = appendfile
> directory = /home/$local_part/.maildir
> maildir_format
> delivery_date_add
> envelope_to_add
> return_path_add
> address_pipe:
> driver = pipe
> return_output
> address_file:
> driver = appendfile
> delivery_date_add
> envelope_to_add
> return_path_add
> address_reply:
> driver = autoreply
> begin retry
> * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
> begin rewrite
> begin authenticators
> I'm not quite sure how to word the host_lookup option. I'm not sure how
> to tell it not to do host lookups for my network and subnetwork, but
> still do lookups for everyone else...
See above.
http://exim.org/exim-html-current/doc/html/spec_html/index.html - one
of the reasons why I like Exim very much :)
--
Sergey
--
gentoo-user@lists.gentoo.org mailing list
next prev parent reply other threads:[~2008-03-14 9:25 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-13 17:38 [gentoo-user] OT - Exim question Michael Sullivan
2008-03-13 18:21 ` Sergey Kobzar
2008-03-13 19:25 ` Michael Sullivan
2008-03-13 19:47 ` Re[2]: " Sergey Kobzar
2008-03-13 20:15 ` Michael Sullivan
2008-03-13 20:29 ` Re[4]: " Sergey Kobzar
2008-03-14 2:07 ` Michael Sullivan
2008-03-14 9:25 ` Sergey Kobzar [this message]
2008-03-13 21:32 ` kashani
2008-03-14 2:20 ` Michael Sullivan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=262295639.20080314112518@gmail.com \
--to=tod.zullu@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox