केवल विशिष्ट डोमेन पर भेजना


1

वहाँ 7 सेंटो है, यह एक्ज़िम के लिए वेस्टैचप डिफ़ॉल्ट सेटिंग्स का खर्च करता है, मुझे अपना मेल अपने सर्वर से केवल डोमेन test.com और site.com पर भेजने की आवश्यकता है, मेरे सर्वर से बाकी मेल को ब्लॉक किया जाना चाहिए

एक्ज़िम कॉन्फ़िगरेशन:

SPAMASSASSIN = yes
SPAM_SCORE = 50
CLAMD =  yes
add_environment = <; PATH=/bin:/usr/bin
keep_environment =
disable_ipv6=true
domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/
hostlist relay_from_hosts = 127.0.0.1
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
no_local_from_check   
untrusted_set_sender = *
acl_smtp_connect = acl_check_spammers
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
.ifdef SPAMASSASSIN   
spamd_address = 127.0.0.1 783
.endif
.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.sock
.endif
tls_advertise_hosts = *
tls_certificate = /usr/local/vesta/ssl/certificate.crt
tls_privatekey = /usr/local/vesta/ssl/certificate.key
daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
begin acl
acl_check_spammers:   
  accept  hosts         = +whitelist
  drop    message       = Your host in blacklist on this server.
          log_message   = Host in blacklist
          hosts         = +spammers
  accept
acl_check_mail:
  deny    condition     = ${if eq{$sender_helo_name}{}}
          message       = HELO required before MAIL
  drop    message       = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
          condition     = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
          condition     = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
          delay         = 45s
  drop    condition     = ${if isip{$sender_helo_name}}
          message       = Access denied - Invalid HELO name (See RFC2821 4.1.3)
  drop    condition     = ${if eq{[$interface_address]}{$sender_helo_name}}
          message       = $interface_address is _my_ address
  accept
acl_check_rcpt:
  accept  hosts         = :
  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  require verify        = sender
  accept  hosts         = +relay_from_hosts
          control       = submission
  accept  authenticated = *
          control       = submission/domain=
  deny    message       = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
          hosts         = !+whitelist
          dnslists      = ${readfile {/etc/exim/dnsbl.conf}{:}}
  require message       = relay not permitted
          domains       = +local_domains : +relay_to_domains
  deny    message       = smtp auth requried
         sender_domains = +local_domains
         !authenticated = *
  require verify        = recipient
.ifdef CLAMD
  warn    set acl_m0    = no
  warn    condition     = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
          set acl_m0    = yes
.endif
.ifdef SPAMASSASSIN   
  warn    set acl_m1    = no
  warn    condition     = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
          set acl_m1    = yes
.endif
  accept
acl_check_data:
.ifdef CLAMD
  deny   message        = Message contains a virus ($malware_name) and has been rejected
         malware        = *
         condition      = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
.ifdef SPAMASSASSIN   
  warn   !authenticated = *
         hosts          = !+relay_from_hosts
         condition      = ${if < {$message_size}{100K}}
         condition      = ${if eq{$acl_m1}{yes}{yes}{no}}
         spam           = spamd:true/defer_ok
         add_header     = X-Spam-Score: $spam_score_int
         add_header     = X-Spam-Bar: $spam_bar
         add_header     = X-Spam-Report: $spam_report
         set acl_m2     = $spam_score_int
  warn   condition      = ${if !eq{$acl_m2}{} {yes}{no}}
         condition      = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
         add_header     = X-Spam-Status: Yes
         message        = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
  accept
acl_check_mime:
  deny   message        = Blacklisted file extension detected
         condition      = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
  accept
begin authenticators  
dovecot_plain:
  driver = dovecot
  public_name = PLAIN 
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1
dovecot_login:
  driver = dovecot
  public_name = LOGIN 
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1
begin routers
dnslookup:
  driver = dnslookup  
  domains = *
  transport = remote_smtp
  no_more
userforward:
  driver = redirect   
  check_local_user
  file = $home/.forward
  allow_filter
  no_verify
  no_expn
  check_ancestor
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply
procmail:
  driver = accept
  check_local_user
  require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
  transport = procmail
  no_verify
autoreplay:
  driver = accept
  require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg
  condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
  retry_use_local_part
  transport = userautoreply
  unseen
aliases:
  driver = redirect   
  headers_add = X-redirected: yes
  data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
  require_files = /etc/exim/domains/$domain/aliases
  redirect_router = dnslookup
  pipe_transport = address_pipe
  unseen
localuser_fwd_only:   
  driver = accept
  transport = devnull 
  condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}}
localuser_spam:
  driver = accept
  transport = local_spam_delivery
  condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}}
localuser:
  driver = accept
  transport = local_delivery
  condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}}
catchall:
  driver = redirect   
  headers_add = X-redirected: yes
  require_files = /etc/exim/domains/$domain/aliases
  data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
  file_transport = local_delivery
  redirect_router = dnslookup
terminate_alias:
  driver = accept
  transport = devnull 
  condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}}
begin transports
remote_smtp:
  driver = smtp
  #helo_data = $sender_address_domain
  dkim_domain = DKIM_DOMAIN
  dkim_selector = mail
  dkim_private_key = DKIM_PRIVATE_KEY
  dkim_canon = relaxed
  dkim_strict = 0
procmail:
  driver = pipe
  command = "/usr/bin/procmail -d $local_part"
  return_path_add
  delivery_date_add   
  envelope_to_add
  user = $local_part  
  initgroups
  return_output
local_delivery:
  driver = appendfile 
  maildir_format
  maildir_use_size_file
  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
  group = mail
  create_directory
  directory_mode = 770
  mode = 660
  use_lockfile = no   
  delivery_date_add   
  envelope_to_add
  return_path_add
  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
  quota_warn_threshold = 75%
local_spam_delivery:  
  driver = appendfile 
  maildir_format
  maildir_use_size_file
  user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
  group = mail
  create_directory
  directory_mode = 770
  mode = 660
  use_lockfile = no   
  delivery_date_add   
  envelope_to_add
  return_path_add
  directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
  quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
  quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
  quota_warn_threshold = 75%
address_pipe:
  driver = pipe
  return_output
address_file:
  driver = appendfile 
  delivery_date_add   
  envelope_to_add
  return_path_add
address_reply:
  driver = autoreply  
userautoreply:
  driver = autoreply  
  file = /etc/exim/domains/$domain/autoreply.${local_part}.msg
  from = "${local_part}@${domain}"
  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
  subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
  to = "${sender_address}"
devnull:
  driver = appendfile 
  file = /dev/null
begin retry
*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite

मुख्य कॉन्फ़िगरेशन में जोड़ा गया /etc/exim/exim.conf लाइनों के शुरू होने के तुरंत बाद, यानी मैंने इस तरह से किया

begin routers

check_outgoing_from_header:
    driver = redirect
    domains = ! +local_domains
    condition = ${if !match {$header_from:}{$sender_address}}
    allow_fail
    data = :fail: You can not send mail from here with From: $header_from as sender: $sender_address

check_outgoing:
    driver = redirect
    domains = ! +local_domains
    senders = ! : ! *@lsearch;/etc/exim/allowed_domains : ! lsearch;/etc/exim/allowed_mails
    allow_fail
    data = :fail: You can not send mail from this mailbox from this server.

अच्छी तरह से, अनुमत अनुमतियों की अनुमति दी गई फ़ाइलों में_मैं और अनुमत_मैल उन मेलों को भेज सकते हैं, जिनमें फ़ाइल अनुमति दी गई है।

Exim -d + all -bt test@test.com के माध्यम से जाँच की गई

exim -d+all -bt test@test.com
11:58:30 30782 Exim version 4.89 uid=0 gid=0 pid=30782 D=fffdffff
Berkeley DB: Berkeley DB 5.3.21: (May 11, 2012)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc TCPwrappers OpenSSL Content_Scanning DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm nis nis0 nisplus passwd sq
lite
Authenticators: cram_md5 cyrus_sasl dovecot gsasl plaintext spa tls
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0  
Configure owner: 0:0  
Size of off_t: 8
Compiler: GCC [4.8.5 20150623 (Red Hat 4.8.5-16)]
Library version: Glibc: Compile: 2.17
                        Runtime: 2.17
Library version: OpenSSL: Compile: OpenSSL 1.0.2k-fips  26 Jan 2017
                          Runtime: OpenSSL 1.0.2k-fips  26 Jan 2017
                                 : built on: reproducible build, date unspecified
Library version: Cyrus SASL: Compile: 2.1.26
                             Runtime: 2.1.26 [Cyrus SASL]
Library version: GNU SASL: Compile: 1.8.0
                           Runtime: 1.8.0
Library version: PCRE: Compile: 8.32
                       Runtime: 8.32 2012-11-30
11:58:30 30782 Loading lookup modules from /usr/lib64/exim/4.89-2.el7/lookups
11:58:30 30782 Loaded 0 lookup modules
11:58:30 30782 Total 18 lookups
Library version: SQLite: Compile: 3.7.17
                         Runtime: 3.7.17
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST: "/etc/exim/trusted-configs"
11:58:30 30782 changed uid/gid: forcing real = effective
11:58:30 30782   uid=0 gid=0 pid=30782
11:58:30 30782   auxiliary group list: <none>
11:58:30 30782 seeking password data for user "root": cache not available
11:58:30 30782 getpwnam() succeeded uid=0 gid=0
11:58:30 30783 changed uid/gid: calling tls_validate_require_cipher
11:58:30 30783   uid=93 gid=93 pid=30783
11:58:30 30783   auxiliary group list: <none>
11:58:30 30782 tls_validate_require_cipher child 30783 ended: status=0x0
11:58:30 30782 configuration file is /etc/exim/exim.conf
11:58:30 30782 log selectors = 00000ffc 06320202
11:58:30 30782 trusted user
11:58:30 30782 admin user
11:58:30 30782 DSN: check_outgoing_from_header propagating DSN
11:58:30 30782 DSN: check_outgoing propagating DSN
11:58:30 30782 DSN: dnslookup propagating DSN
11:58:30 30782 DSN: userforward propagating DSN
11:58:30 30782 DSN: procmail propagating DSN
11:58:30 30782 DSN: autoreplay propagating DSN
11:58:30 30782 DSN: aliases propagating DSN
11:58:30 30782 DSN: localuser_fwd_only propagating DSN
11:58:30 30782 DSN: localuser_spam propagating DSN
11:58:30 30782 DSN: localuser propagating DSN
11:58:30 30782 DSN: catchall propagating DSN
11:58:30 30782 DSN: terminate_alias propagating DSN
11:58:30 30782 originator: uid=0 gid=0 login=root name=root
11:58:30 30782 sender address = root@dev.test.com
11:58:30 30782 Address testing: uid=0 gid=93 euid=0 egid=93
11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:58:30 30782 Testing test@test.com
11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:58:30 30782 Considering test@test.com
11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
11:58:30 30782 routing test@test.com
11:58:30 30782 --------> check_outgoing_from_header router <--------
11:58:30 30782 local_part=dg domain=test.com
11:58:30 30782 checking domains
11:58:30 30782 search_open: dsearch "/etc/exim/domains/"
11:58:30 30782 search_find: file="/etc/exim/domains/"
11:58:30 30782   key="test.com" partial=-1 affix=NULL starflags=0
11:58:30 30782 LRU list:
11:58:30 30782   5/etc/exim/domains/
11:58:30 30782   End  
11:58:30 30782 internal_search_find: file="/etc/exim/domains/"
11:58:30 30782   type=dsearch key="test.com"
11:58:30 30782 file lookup required for test.com
11:58:30 30782   in /etc/exim/domains/
11:58:30 30782 lookup failed
11:58:30 30782 test.com in "dsearch;/etc/exim/domains/"? no (end of list)
11:58:30 30782 test.com in "! +local_domains"? yes (end of list)
11:58:30 30782 checking "condition" "${if !match {$header_from:}{$sender_address}}"...
 11:58:30 30782 /considering: ${if !match {$header_from:}{$sender_address}}
  11:58:30 30782 /considering: $header_from:}{$sender_address}}
  11:58:30 30782 |__expanding: $header_from:
  11:58:30 30782 \_____result:
  11:58:30 30782 /considering: $sender_address}}
  11:58:30 30782 |__expanding: $sender_address
  11:58:30 30782 \_____result: root@dev.test.com
 11:58:30 30782 |__condition: !match {$header_from:}{$sender_address}
 11:58:30 30782 |_____result: true
 11:58:30 30782 |__expanding: ${if !match {$header_from:}{$sender_address}}
 11:58:30 30782 \_____result: true
11:58:30 30782 calling check_outgoing_from_header router
11:58:30 30782 rda_interpret (string): :fail: You can not send mail from here with From: $header_from as sender: $sender_address
 11:58:30 30782 /considering: :fail: You can not send mail from here with From: $header_from as sender: $sender_address
 11:58:30 30782 |__expanding: :fail: You can not send mail from here with From: $header_from as sender: $sender_address
 11:58:30 30782 \_____result: :fail: You can not send mail from here with From:  as sender: root@dev.test.com
11:58:30 30782 expanded: :fail: You can not send mail from here with From:  as sender: root@dev.test.com
11:58:30 30782 file is not a filter file
11:58:30 30782 parse_forward_list: :fail: You can not send mail from here with From:  as sender: root@dev.test.com
11:58:30 30782 extract item: :fail: You can not send mail from here with From:  as sender: root@dev.test.com
11:58:30 30782 check_outgoing_from_header router forced address failure
test@test.com is undeliverable: You can not send mail from here with From:  as sender: root@dev.test.com
11:58:30 30782 search_tidyup called
11:58:30 30782 >>>>>>>>>>>>>>>> Exim pid=30782 terminating with rc=2 >>>>>>>>>>>>>>>>

मैं कैसे नियमावली तय करता हूं राउटर शुरू करता हूं या क्या मुझे अन्य नियम लिखने चाहिए, शायद एसीएल


समस्या क्या है ? आपका हेडर खाली है और जैसे कि आपके पहले चेक से उम्मीद के अनुसार भेजा जा रहा है ...
Tensibai

मुझे यह चाहिए कि मैं domain test.com को मेल भेजूँ। अन्य डोमेन को अवरुद्ध किया जाना चाहिए, क्या आप मुझे बता सकते हैं कि मुझे अपने कॉन्फ़िगरेशन में क्या ठीक करना है?
Garcia

आपके कॉन्फिगरेशन में कुछ भी नहीं है, इस मामले में आपको जो ब्लॉक करना है वह खाली 'फ़ील्ड से' है, यह प्रेषक पक्ष है जिसे आपको फ़ील्ड को ठीक से भरने की आवश्यकता है। कृप्या संपादित करें आपका प्रश्न स्पष्ट रूप से बताता है कि आप क्या कर रहे हैं और क्या विफल हो रहा है, यहां तक ​​कि टिप्पणी के साथ यह वास्तव में स्पष्ट नहीं है कि आप क्या करना चाहते हैं और आपका कॉन्फ़िगरेशन कैसे किया जाता है (हमें इस बात का कोई पता नहीं है कि छूट के लिए आपकी अनुमत_ फ़ाइलों के अंदर क्या है) उनके साथ क्या प्रयास किया गया है, यह बताने के लिए मैं एक शब्द के बिना कॉन्फ़िगरेशन के ब्लॉक से पार्स कर सकता हूं।
Tensibai

मुझे अपने मेल को केवल डोमेन test.com और site.com पर भेजने की आवश्यकता है, मेरे सर्वर के बाकी मेल को अवरुद्ध किया जाना चाहिए मैंने अपना पोस्ट एक प्रश्न के साथ तय किया है, देखो अब यह स्पष्ट है कि मैं क्या करना चाहता हूं?
Garcia
हमारी साइट का प्रयोग करके, आप स्वीकार करते हैं कि आपने हमारी Cookie Policy और निजता नीति को पढ़ और समझा लिया है।
Licensed under cc by-sa 3.0 with attribution required.