वहाँ 7 सेंटो है, यह एक्ज़िम के लिए वेस्टैचप डिफ़ॉल्ट सेटिंग्स का खर्च करता है, मुझे अपना मेल अपने सर्वर से केवल डोमेन test.com और site.com पर भेजने की आवश्यकता है, मेरे सर्वर से बाकी मेल को ब्लॉक किया जाना चाहिए
एक्ज़िम कॉन्फ़िगरेशन:
SPAMASSASSIN = yes
SPAM_SCORE = 50
CLAMD = yes
add_environment = <; PATH=/bin:/usr/bin
keep_environment =
disable_ipv6=true
domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/
hostlist relay_from_hosts = 127.0.0.1
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
no_local_from_check
untrusted_set_sender = *
acl_smtp_connect = acl_check_spammers
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
.ifdef SPAMASSASSIN
spamd_address = 127.0.0.1 783
.endif
.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.sock
.endif
tls_advertise_hosts = *
tls_certificate = /usr/local/vesta/ssl/certificate.crt
tls_privatekey = /usr/local/vesta/ssl/certificate.key
daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
begin acl
acl_check_spammers:
accept hosts = +whitelist
drop message = Your host in blacklist on this server.
log_message = Host in blacklist
hosts = +spammers
accept
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s
drop condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address
accept
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
require verify = sender
accept hosts = +relay_from_hosts
control = submission
accept authenticated = *
control = submission/domain=
deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
require message = relay not permitted
domains = +local_domains : +relay_to_domains
deny message = smtp auth requried
sender_domains = +local_domains
!authenticated = *
require verify = recipient
.ifdef CLAMD
warn set acl_m0 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes
.endif
.ifdef SPAMASSASSIN
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
accept
acl_check_data:
.ifdef CLAMD
deny message = Message contains a virus ($malware_name) and has been rejected
malware = *
condition = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
.ifdef SPAMASSASSIN
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = spamd:true/defer_ok
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept
begin authenticators
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
begin routers
dnslookup:
driver = dnslookup
domains = *
transport = remote_smtp
no_more
userforward:
driver = redirect
check_local_user
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
autoreplay:
driver = accept
require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg
condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
retry_use_local_part
transport = userautoreply
unseen
aliases:
driver = redirect
headers_add = X-redirected: yes
data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
require_files = /etc/exim/domains/$domain/aliases
redirect_router = dnslookup
pipe_transport = address_pipe
unseen
localuser_fwd_only:
driver = accept
transport = devnull
condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}}
localuser_spam:
driver = accept
transport = local_spam_delivery
condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}}
localuser:
driver = accept
transport = local_delivery
condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}}
catchall:
driver = redirect
headers_add = X-redirected: yes
require_files = /etc/exim/domains/$domain/aliases
data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
file_transport = local_delivery
redirect_router = dnslookup
terminate_alias:
driver = accept
transport = devnull
condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}}
begin transports
remote_smtp:
driver = smtp
#helo_data = $sender_address_domain
dkim_domain = DKIM_DOMAIN
dkim_selector = mail
dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed
dkim_strict = 0
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
local_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_warn_threshold = 75%
local_spam_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota_warn_threshold = 75%
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
userautoreply:
driver = autoreply
file = /etc/exim/domains/$domain/autoreply.${local_part}.msg
from = "${local_part}@${domain}"
headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
to = "${sender_address}"
devnull:
driver = appendfile
file = /dev/null
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
मुख्य कॉन्फ़िगरेशन में जोड़ा गया /etc/exim/exim.conf लाइनों के शुरू होने के तुरंत बाद, यानी मैंने इस तरह से किया
begin routers
check_outgoing_from_header:
driver = redirect
domains = ! +local_domains
condition = ${if !match {$header_from:}{$sender_address}}
allow_fail
data = :fail: You can not send mail from here with From: $header_from as sender: $sender_address
check_outgoing:
driver = redirect
domains = ! +local_domains
senders = ! : ! *@lsearch;/etc/exim/allowed_domains : ! lsearch;/etc/exim/allowed_mails
allow_fail
data = :fail: You can not send mail from this mailbox from this server.
अच्छी तरह से, अनुमत अनुमतियों की अनुमति दी गई फ़ाइलों में_मैं और अनुमत_मैल उन मेलों को भेज सकते हैं, जिनमें फ़ाइल अनुमति दी गई है।
Exim -d + all -bt test@test.com के माध्यम से जाँच की गई
exim -d+all -bt test@test.com
11:58:30 30782 Exim version 4.89 uid=0 gid=0 pid=30782 D=fffdffff
Berkeley DB: Berkeley DB 5.3.21: (May 11, 2012)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc TCPwrappers OpenSSL Content_Scanning DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm nis nis0 nisplus passwd sq
lite
Authenticators: cram_md5 cyrus_sasl dovecot gsasl plaintext spa tls
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Compiler: GCC [4.8.5 20150623 (Red Hat 4.8.5-16)]
Library version: Glibc: Compile: 2.17
Runtime: 2.17
Library version: OpenSSL: Compile: OpenSSL 1.0.2k-fips 26 Jan 2017
Runtime: OpenSSL 1.0.2k-fips 26 Jan 2017
: built on: reproducible build, date unspecified
Library version: Cyrus SASL: Compile: 2.1.26
Runtime: 2.1.26 [Cyrus SASL]
Library version: GNU SASL: Compile: 1.8.0
Runtime: 1.8.0
Library version: PCRE: Compile: 8.32
Runtime: 8.32 2012-11-30
11:58:30 30782 Loading lookup modules from /usr/lib64/exim/4.89-2.el7/lookups
11:58:30 30782 Loaded 0 lookup modules
11:58:30 30782 Total 18 lookups
Library version: SQLite: Compile: 3.7.17
Runtime: 3.7.17
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST: "/etc/exim/trusted-configs"
11:58:30 30782 changed uid/gid: forcing real = effective
11:58:30 30782 uid=0 gid=0 pid=30782
11:58:30 30782 auxiliary group list: <none>
11:58:30 30782 seeking password data for user "root": cache not available
11:58:30 30782 getpwnam() succeeded uid=0 gid=0
11:58:30 30783 changed uid/gid: calling tls_validate_require_cipher
11:58:30 30783 uid=93 gid=93 pid=30783
11:58:30 30783 auxiliary group list: <none>
11:58:30 30782 tls_validate_require_cipher child 30783 ended: status=0x0
11:58:30 30782 configuration file is /etc/exim/exim.conf
11:58:30 30782 log selectors = 00000ffc 06320202
11:58:30 30782 trusted user
11:58:30 30782 admin user
11:58:30 30782 DSN: check_outgoing_from_header propagating DSN
11:58:30 30782 DSN: check_outgoing propagating DSN
11:58:30 30782 DSN: dnslookup propagating DSN
11:58:30 30782 DSN: userforward propagating DSN
11:58:30 30782 DSN: procmail propagating DSN
11:58:30 30782 DSN: autoreplay propagating DSN
11:58:30 30782 DSN: aliases propagating DSN
11:58:30 30782 DSN: localuser_fwd_only propagating DSN
11:58:30 30782 DSN: localuser_spam propagating DSN
11:58:30 30782 DSN: localuser propagating DSN
11:58:30 30782 DSN: catchall propagating DSN
11:58:30 30782 DSN: terminate_alias propagating DSN
11:58:30 30782 originator: uid=0 gid=0 login=root name=root
11:58:30 30782 sender address = root@dev.test.com
11:58:30 30782 Address testing: uid=0 gid=93 euid=0 egid=93
11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:58:30 30782 Testing test@test.com
11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:58:30 30782 Considering test@test.com
11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:58:30 30782 routing test@test.com
11:58:30 30782 --------> check_outgoing_from_header router <--------
11:58:30 30782 local_part=dg domain=test.com
11:58:30 30782 checking domains
11:58:30 30782 search_open: dsearch "/etc/exim/domains/"
11:58:30 30782 search_find: file="/etc/exim/domains/"
11:58:30 30782 key="test.com" partial=-1 affix=NULL starflags=0
11:58:30 30782 LRU list:
11:58:30 30782 5/etc/exim/domains/
11:58:30 30782 End
11:58:30 30782 internal_search_find: file="/etc/exim/domains/"
11:58:30 30782 type=dsearch key="test.com"
11:58:30 30782 file lookup required for test.com
11:58:30 30782 in /etc/exim/domains/
11:58:30 30782 lookup failed
11:58:30 30782 test.com in "dsearch;/etc/exim/domains/"? no (end of list)
11:58:30 30782 test.com in "! +local_domains"? yes (end of list)
11:58:30 30782 checking "condition" "${if !match {$header_from:}{$sender_address}}"...
11:58:30 30782 /considering: ${if !match {$header_from:}{$sender_address}}
11:58:30 30782 /considering: $header_from:}{$sender_address}}
11:58:30 30782 |__expanding: $header_from:
11:58:30 30782 \_____result:
11:58:30 30782 /considering: $sender_address}}
11:58:30 30782 |__expanding: $sender_address
11:58:30 30782 \_____result: root@dev.test.com
11:58:30 30782 |__condition: !match {$header_from:}{$sender_address}
11:58:30 30782 |_____result: true
11:58:30 30782 |__expanding: ${if !match {$header_from:}{$sender_address}}
11:58:30 30782 \_____result: true
11:58:30 30782 calling check_outgoing_from_header router
11:58:30 30782 rda_interpret (string): :fail: You can not send mail from here with From: $header_from as sender: $sender_address
11:58:30 30782 /considering: :fail: You can not send mail from here with From: $header_from as sender: $sender_address
11:58:30 30782 |__expanding: :fail: You can not send mail from here with From: $header_from as sender: $sender_address
11:58:30 30782 \_____result: :fail: You can not send mail from here with From: as sender: root@dev.test.com
11:58:30 30782 expanded: :fail: You can not send mail from here with From: as sender: root@dev.test.com
11:58:30 30782 file is not a filter file
11:58:30 30782 parse_forward_list: :fail: You can not send mail from here with From: as sender: root@dev.test.com
11:58:30 30782 extract item: :fail: You can not send mail from here with From: as sender: root@dev.test.com
11:58:30 30782 check_outgoing_from_header router forced address failure
test@test.com is undeliverable: You can not send mail from here with From: as sender: root@dev.test.com
11:58:30 30782 search_tidyup called
11:58:30 30782 >>>>>>>>>>>>>>>> Exim pid=30782 terminating with rc=2 >>>>>>>>>>>>>>>>
मैं कैसे नियमावली तय करता हूं राउटर शुरू करता हूं या क्या मुझे अन्य नियम लिखने चाहिए, शायद एसीएल
समस्या क्या है ? आपका हेडर खाली है और जैसे कि आपके पहले चेक से उम्मीद के अनुसार भेजा जा रहा है ...
—
Tensibai
मुझे यह चाहिए कि मैं domain test.com को मेल भेजूँ। अन्य डोमेन को अवरुद्ध किया जाना चाहिए, क्या आप मुझे बता सकते हैं कि मुझे अपने कॉन्फ़िगरेशन में क्या ठीक करना है?
—
Garcia
आपके कॉन्फिगरेशन में कुछ भी नहीं है, इस मामले में आपको जो ब्लॉक करना है वह खाली 'फ़ील्ड से' है, यह प्रेषक पक्ष है जिसे आपको फ़ील्ड को ठीक से भरने की आवश्यकता है। कृप्या संपादित करें आपका प्रश्न स्पष्ट रूप से बताता है कि आप क्या कर रहे हैं और क्या विफल हो रहा है, यहां तक कि टिप्पणी के साथ यह वास्तव में स्पष्ट नहीं है कि आप क्या करना चाहते हैं और आपका कॉन्फ़िगरेशन कैसे किया जाता है (हमें इस बात का कोई पता नहीं है कि छूट के लिए आपकी अनुमत_ फ़ाइलों के अंदर क्या है) उनके साथ क्या प्रयास किया गया है, यह बताने के लिए मैं एक शब्द के बिना कॉन्फ़िगरेशन के ब्लॉक से पार्स कर सकता हूं।
—
Tensibai
मुझे अपने मेल को केवल डोमेन test.com और site.com पर भेजने की आवश्यकता है, मेरे सर्वर के बाकी मेल को अवरुद्ध किया जाना चाहिए मैंने अपना पोस्ट एक प्रश्न के साथ तय किया है, देखो अब यह स्पष्ट है कि मैं क्या करना चाहता हूं?
—
Garcia