Wiki

User Tools

Site Tools

Trace:
exim4:config

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
exim4:config [2016/11/23 16:47] peterexim4:config [2020/07/15 09:30] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ====== Exim4 - Config ====== ====== Exim4 - Config ======
  
 +
 +http://networkgeekstuff.com/networking/tutorial-email-server-for-a-small-company-including-imap-for-mobiles-spf-and-dkim/
 TODO TODO
  
Line 11: Line 13:
  
 <WRAP info> <WRAP info>
-A different user could be used as the owner instead of using the **mail** user account, and if so simply ensure that you adjust for all subsequent instructions in this setup.+**NOTE**:  A different user could be used as the owner instead of using the **mail** user account, and if so simply ensure that you adjust for all subsequent instructions in this setup.
  
 For example, you could create a different user account named exim: For example, you could create a different user account named exim:
Line 39: Line 41:
  
 <WRAP info> <WRAP info>
-Ubuntu usually has the **mail** user having:+**NOTE**:  Ubuntu usually has the **mail** user having:
  
   * a UID value of 8.     * a UID value of 8.  
Line 138: Line 140:
 openssl ecparam -list_curves openssl ecparam -list_curves
  
-openssl rsa req -passin Pa551923w0rd -in 1_sharewiz.net.csr -noout -text+openssl rsa req -passin password -in 1_sharewiz.net.csr -noout -text
  
  
Line 176: Line 178:
 ==== configure ==== ==== configure ====
  
-<code+<file bash configure
-configure:+######################################################################  
 +# Runtime configuration file for Exim #  
 +###################################################################### 
  
-  ################################################## ####################  +Include main settings. 
-  # Runtime configuration file for Exim #  +include /usr/local/etc/exim/100.main.conf
-  ################################################## #################### +
  
-  Inklyudim main settings +Include settings Greylisting. 
- .include /usr/local/etc/exim/100.main.conf+.include /usr/local/etc/exim/110.greylist.conf
  
- Inklyudim settings Greylisting +### ACL configuration for incoming mail. 
- .include /usr/local/etc/exim/110.greylist.conf+begin acl
  
- ### ACL configuration for incoming mail +Start ACL - "working" for the ACL Greylisting 
- begin acl+.ifdef USE_GREYLIST 
 +greylist_acl: 
 +.include /usr/local/etc/exim/200.acl-greylist.conf 
 +.endif
  
- Start ACL - "workingfor the ACL Greylisting +Verify the HELO. 
- .ifdef USE_GREYLIST+acl_check_helo: 
 +  accept hosts = +relay_from_hosts 
 +  drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} } 
 +  message   "Dropped spammer pretending to be us
 +  drop condition = ${if match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} } 
 +  message   = "Dropped IP-only or IP-starting helo" 
 +accept
  
- greylist_acl: 
- .include /usr/local/etc/exim/200.acl-greylist.conf 
  
- .endif+# These rules are triggered for each email. 
 +acl_check_rcpt: 
 +  warn set acl_c_lp = $local_part@$domain
  
- Verifying the HELO +  Acl_check_rcpt - checking the syntax is correct 
- acl_check_helo: +  .include /usr/local/etc/exim/400.acl-check-rcpt-syntax.conf
-  accept hosts = +relay_from_hosts +
-  drop condition = ${if match {$sender_helo_name} {MY_IP} {yes} {no}} +
-  message = "Dropped spammer pretending to be us" +
-  drop condition = ${if match {$sender_helo_name} {^ [0-9] \[0-9] \[0-9] \. [0-9]} {yes} {no}} +
-  message = "Dropped IP-only or IP-starting helo" +
- accept+
  
- These rules are triggered for each letter +  Acl_check_rcpt - anti-spam - Host and others. 
- acl_check_rcpt:+  .include /usr/local/etc/exim/410.acl-check-rcpt-spam.conf
  
- warn set acl_c_lp = $local_part @ $ domain+  # Acl_check_rcpt - black-lists, delays, etc. 
 +  .include /usr/local/etc/exim/420.acl-check-rcpt-end.conf
  
- # Acl_check_rcpt - checking the syntax is correct 
- .include /usr/local/etc/exim/400.acl-check-rcpt-syntax.conf 
  
- Acl_check_rcpt - anti-spam - Host and others+Check the message body
- .include /usr/local/etc/exim/410.acl-check-rcpt-spam.conf+acl_check_content:
  
- Acl_check_rcpt - black-lists, delays, etc. +  Include configuration message body check 
- .include /usr/local/etc/exim/420.acl-check-rcpt-end.conf+  .include /usr/local/etc/exim/500.acl-check-data.conf
  
- # Check the message body  
-  acl_check_content: 
  
- Inklyudim configuration message body check +What do we do with the mail. 
- .include /usr/local/etc/exim/500.acl-check-data.conf+begin routers
  
- What do we do with the mail +  Include router configuration 
- begin routers +  .include /usr/local/etc/exim/600.routers.conf
- # Inklyudim configuration routrerov +
- .include /usr/local/etc/exim/600.routers.conf+
  
- # Start transports - both deliver mail 
- begin transports 
- # Inklyudim transports 
- .include /usr/local/etc/exim/700.transports.conf 
  
- Configuration of repetition and rewriting +Start transports - Delivers the mail. 
- .include /usr/local/etc/exim/800.retry.conf+begin transports
  
- #begin rewrite+  Include transports. 
 +  .include /usr/local/etc/exim/700.transports.conf
  
- # Authentication section when sending emails. + 
- begin authenticators +# Configuration of repetition and rewriting. 
- # Authenticate users. +.include /usr/local/etc/exim/800.retry.conf 
- .include /usr/local/etc/exim/900.authenticators.conf  + 
-</code>+ 
 +#begin rewrite 
 + 
 + 
 +# Authentication section when sending emails. 
 +begin authenticators 
 +  # Authenticate users. 
 +  .include /usr/local/etc/exim/900.authenticators.conf  
 +</file>
  
  
Line 256: Line 262:
  
 <code> <code>
-  # Set the variables +# Set the variables. 
- MY_IP = 123.123.123.123 +MY_IP = 123.123.123.123 
- INTERNAL_IP = 192.168.1.2+INTERNAL_IP = 192.168.1.2
  
- # Settings Vexim +# Settings Vexim. 
- USE_SPF = true +USE_SPF = true 
- USE_AV = true +USE_AV = true 
- USE_SPAMD = true +USE_SPAMD = true 
- USE_GREYLIST = true +USE_GREYLIST = true 
- TLS = true+TLS = true
  
- # Whitelisting +# Whitelisting. 
- hostlist whitelist_hosts = net-iplsearch; /usr/local/etc/exim/whitelist-hosts +hostlist whitelist_hosts = net-iplsearch; /usr/local/etc/exim/whitelist-hosts 
- addresslist whitelist_sender = wildlsearch; /usr/local/etc/exim/whitelist-sender+addresslist whitelist_sender = wildlsearch; /usr/local/etc/exim/whitelist-sender
  
- # In IPv6 we do not work +# In IPv6 we do not work. 
- disable_ipv6 = true+disable_ipv6 = true
  
- # User and group from which will run the entire bundle +# User and group from which will run the entire bundle. 
- exim_user = exim +exim_user = exim 
- exim_group = mail+exim_group = mail
  
- # There were mailings settings, do not use - no setup +# There were mailings settings, do not use - no setup. 
- MAILMAN_HOME = / usr / local / mailman +MAILMAN_HOME = /usr/local/mailman 
- MAILMAN_WRAP = MAILMAN_HOME / mail / mailman +MAILMAN_WRAP = MAILMAN_HOME/mail/mailman 
- MAILMAN_USER = exim +MAILMAN_USER = exim 
- MAILMAN_GROUP = mail+MAILMAN_GROUP = mail
  
- # Enter the credentials to connect to the MySQL server.  +# Enter the credentials to connect to the MySQL server.  
-  # Word `hide`, first, means that when  +# Word `hide`, first, means that when  
-  # Check config command call  +# Check config command call  
-  # Exim -bV config_file these data will not be displayed.  +# Exim -bV config_file these data will not be displayed.  
-  # If without it - it will be shown ... Recording format:  +# If without it - it will be shown ... Recording format:  
-  # Host / dbname / user / password +# Host / dbname / user / password 
- hide mysql_servers = localhost :: (/tmp/mysql.sock) /mail/exim/8975f9i7vioyuhg+hide mysql_servers = localhost::(/tmp/mysql.sock)/mail/exim/8975f9i7vioyuhg
  
- # Interfaces to listen +# Interfaces to listen. 
- local_interfaces = MY_IP+local_interfaces = MY_IP
  
- # Host Name.  Used EHLO.  +# Host Name.  Used EHLO.  
-  # Listed on the other points, if they are not specified, the type qualify_domain and other ..  +# Listed on the other points, if they are not specified, the type qualify_domain and other ..  
-  # If there are not found anything (comment out the line), then used that returns the uname () function +# If there are not found anything (comment out the line), then used that returns the uname () function. 
- primary_hostname = sharewiz.net+primary_hostname = sharewiz.net
  
- # Request for sampling Domain Information +# Request for sampling Domain Information. 
- VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql: $domain}' +VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}' 
- RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql: $domain}' +RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay'  AND domain = '${quote_mysql:$domain}' 
- ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql: $domain}'+ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'
  
- # Make a list of local domains.  Next, the list will appear in the form of + local_domains  +# Make a list of local domains.  Next, the list will appear in the form of + local_domains. 
-  # In this case, the domains are selected from the database MySQL.  Also, you can simply scroll through the colon. +# In this case, the domains are selected from the database MySQL.  Also, you can simply scroll through the colon. 
- domainlist local_domains = @: ${lookup mysql {VIRTUAL_DOMAINS}}: ${lookup mysql {ALIAS_DOMAINS}} +domainlist local_domains = @ : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}} 
- domainlist relay_to_domains = ${lookup mysql {RELAY_DOMAINS}}+domainlist relay_to_domains = ${lookup mysql{RELAY_DOMAINS}}
  
- # List of trusted networks from which mail will go without a number of checks +# List of trusted networks from which mail will go without a number of checks. 
- hostlist relay_from_hosts = localhost: MY_IP: 192.168.100.0/20: 192.168.80.0/24 +hostlist   relay_from_hosts = localhost : MY_IP : 192.168.100.0/20 : 192.168.80.0/24
  
- # Enter the name acl`ov for checking mail. +# Enter the name acl for checking mail. 
- acl_smtp_rcpt = acl_check_rcpt +acl_smtp_rcpt = acl_check_rcpt 
- acl_smtp_data = acl_check_content +acl_smtp_data = acl_check_content 
- acl_smtp_helo = acl_check_helo+acl_smtp_helo = acl_check_helo
  
- # If the setting is said to check mail for viruses - connect +# If the setting is said to check mail for viruses - connect. 
- .ifdef USE_AV +.ifdef USE_AV 
- av_scanner = clamd: /var/run/clamav/clamd.sock +av_scanner = clamd:/var/run/clamav/clamd.sock 
- .endif+.endif
  
- # If the setting is said to check mail for spam - connect 
- .ifdef USE_SPAMD 
- spamd_address = /var/run/spamd.sock 
- .endif 
  
- # If the setting is said to work with support for SSL - connect +# If the setting is said to check mail for spam - connect. 
- .ifdef TLS +.ifdef USE_SPAMD 
-  # SSL / TLS cert and key +spamd_address = /var/run/spamd.sock 
-  tls_certificate = /etc/ssl/certs/mail.pem +.endif
-  tls_privatekey = /etc/ssl/certs/mail.pem +
-  # Advertise TLS to anyone +
-  tls_advertise_hosts = * +
-  tls_on_connect_ports = 465 +
- .endif+
  
- # Domain name is added to the local senders (real  
-  # Of users of the system) that  mail is sent from the root, will be from  
-  # Root @ domen_ukazannyy_zdes.  If the item is not specified, it is used  
-  # Hostname of `primary_hostname`. 
- qualify_domain = sharewiz.net 
  
- # Host Name for the situation, return to the previous one - is the domain name to be added to the e-mail  +# If the setting is said to work with support for SSL - connect. 
-  # Of system users, well and in general for the post, which came on the address type `root` etc ... +.ifdef TLS 
 + # SSL/TLS cert and key 
 + tls_certificate = /etc/ssl/certs/mail.pem 
 + tls_privatekey = /etc/ssl/certs/mail.pem 
 + # Advertise TLS to anyone 
 + tls_advertise_hosts = * 
 + tls_on_connect_ports=465 
 +.endif 
 + 
 + 
 +# Domain name is added to the local senders (real users of the system) that mail is sent from the root, will be from  
 +# root@sharewiz.net.  If this item is not specified, then the hostname of `primary_hostname` is used. 
 +qualify_domain = sharewiz.net 
 + 
 +# Host Name for the situation, return to the previous one - is the domain name to be added to the e-mail  
 +# Of system users, well and in general for the post, which came on the address type `root` etc ... 
   Eton # If the item is not specified then the value obtained from the preceding paragraph - `qualify_domain`   Eton # If the item is not specified then the value obtained from the preceding paragraph - `qualify_domain`
  qualify_recipient = sharewiz.net  qualify_recipient = sharewiz.net
Line 474: Line 481:
  system_filter_group = mail     system_filter_group = mail   
 </code> </code>
- 
  
 ==== 110.greylist.conf ==== ==== 110.greylist.conf ====
exim4/config.1479919675.txt.gz · Last modified: 2020/07/15 09:30 (external edit)
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki