Differences

This shows you the differences between two versions of the page.

--- exim4:config [2016/11/24 11:47] – [Determine the user account which will be the owner of this mail setup] peter
+++ exim4:config [2020/07/15 09:30] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 ====== Exim4 - Config ======
+http://networkgeekstuff.com/networking/tutorial-email-server-for-a-small-company-including-imap-for-mobiles-spf-and-dkim/
 TODO
@@ Line 39: / Line 41: @@
 <WRAP info>
-Ubuntu usually has the **mail** user having:
+**NOTE**:  Ubuntu usually has the **mail** user having:
   * a UID value of 8.
@@ Line 138: / Line 140: @@
 openssl ecparam -list_curves
-openssl rsa req -passin Pa551923w0rd -in 1_sharewiz.net.csr -noout -text
+openssl rsa req -passin password -in 1_sharewiz.net.csr -noout -text
@@ Line 176: / Line 178: @@
 ==== configure ====
-<code>
+<file bash configure>
-configure:
+######################################################################
+# Runtime configuration file for Exim #
+######################################################################
-  ################################################## ####################
+# Include main settings.
-  # Runtime configuration file for Exim #
+include /usr/local/etc/exim/100.main.conf
-  ################################################## ####################
-  # Inklyudim main settings
+# Include settings Greylisting.
- .include /usr/local/etc/exim/100.main.conf
+.include /usr/local/etc/exim/110.greylist.conf
- # Inklyudim settings Greylisting
+### ACL configuration for incoming mail.
- .include /usr/local/etc/exim/110.greylist.conf
+begin acl
- ### ACL configuration for incoming mail
+# Start ACL - "working" for the ACL Greylisting
- begin acl
+.ifdef USE_GREYLIST
+greylist_acl:
+.include /usr/local/etc/exim/200.acl-greylist.conf
+.endif
- # Start ACL - "working" for the ACL Greylisting
+# Verify the HELO.
- .ifdef USE_GREYLIST
+acl_check_helo:
+  accept hosts = +relay_from_hosts
+  drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} }
+  message   = "Dropped spammer pretending to be us"
+  drop condition = ${if match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} }
+  message   = "Dropped IP-only or IP-starting helo"
+accept
- greylist_acl:
- .include /usr/local/etc/exim/200.acl-greylist.conf
- .endif
+# These rules are triggered for each email.
+acl_check_rcpt:
+  warn set acl_c_lp = $local_part@$domain
- # Verifying the HELO
+  # Acl_check_rcpt - checking the syntax is correct
- acl_check_helo:
+  .include /usr/local/etc/exim/400.acl-check-rcpt-syntax.conf
-  accept hosts = +relay_from_hosts
-  drop condition = ${if match {$sender_helo_name} {MY_IP} {yes} {no}}
-  message = "Dropped spammer pretending to be us"
-  drop condition = ${if match {$sender_helo_name} {^ [0-9] \. [0-9] \. [0-9] \. [0-9]} {yes} {no}}
-  message = "Dropped IP-only or IP-starting helo"
- accept
- # These rules are triggered for each letter
+  # Acl_check_rcpt - anti-spam - Host and others.
- acl_check_rcpt:
+  .include /usr/local/etc/exim/410.acl-check-rcpt-spam.conf
- warn set acl_c_lp = $local_part @ $ domain
+  # Acl_check_rcpt - black-lists, delays, etc.
+  .include /usr/local/etc/exim/420.acl-check-rcpt-end.conf
- # Acl_check_rcpt - checking the syntax is correct
- .include /usr/local/etc/exim/400.acl-check-rcpt-syntax.conf
- # Acl_check_rcpt - anti-spam - Host and others.
+# Check the message body.
- .include /usr/local/etc/exim/410.acl-check-rcpt-spam.conf
+acl_check_content:
- # Acl_check_rcpt - black-lists, delays, etc.
+  # Include configuration message body check
- .include /usr/local/etc/exim/420.acl-check-rcpt-end.conf
+  .include /usr/local/etc/exim/500.acl-check-data.conf
- # Check the message body
-  acl_check_content:
- # Inklyudim configuration message body check
+# What do we do with the mail.
- .include /usr/local/etc/exim/500.acl-check-data.conf
+begin routers
- # What do we do with the mail
+  # Include router configuration.
- begin routers
+  .include /usr/local/etc/exim/600.routers.conf
- # Inklyudim configuration routrerov
- .include /usr/local/etc/exim/600.routers.conf
- # Start transports - both deliver mail
- begin transports
- # Inklyudim transports
- .include /usr/local/etc/exim/700.transports.conf
- # Configuration of repetition and rewriting
+# Start transports - Delivers the mail.
- .include /usr/local/etc/exim/800.retry.conf
+begin transports
- #begin rewrite
+  # Include transports.
+  .include /usr/local/etc/exim/700.transports.conf
- # Authentication section when sending emails.
- begin authenticators
+# Configuration of repetition and rewriting.
- # Authenticate users.
+.include /usr/local/etc/exim/800.retry.conf
- .include /usr/local/etc/exim/900.authenticators.conf
-</code>
+#begin rewrite
+# Authentication section when sending emails.
+begin authenticators
+  # Authenticate users.
+  .include /usr/local/etc/exim/900.authenticators.conf
+</file>
@@ Line 256: / Line 262: @@
 <code>
-  # Set the variables
+# Set the variables.
- MY_IP = 123.123.123.123
+MY_IP = 123.123.123.123
- INTERNAL_IP = 192.168.1.2
+INTERNAL_IP = 192.168.1.2
- # Settings Vexim
+# Settings Vexim.
- USE_SPF = true
+USE_SPF = true
- USE_AV = true
+USE_AV = true
- USE_SPAMD = true
+USE_SPAMD = true
- USE_GREYLIST = true
+USE_GREYLIST = true
- TLS = true
+TLS = true
- # Whitelisting
+# Whitelisting.
- hostlist whitelist_hosts = net-iplsearch; /usr/local/etc/exim/whitelist-hosts
+hostlist whitelist_hosts = net-iplsearch; /usr/local/etc/exim/whitelist-hosts
- addresslist whitelist_sender = wildlsearch; /usr/local/etc/exim/whitelist-sender
+addresslist whitelist_sender = wildlsearch; /usr/local/etc/exim/whitelist-sender
- # In IPv6 we do not work
+# In IPv6 we do not work.
- disable_ipv6 = true
+disable_ipv6 = true
- # User and group from which will run the entire bundle
+# User and group from which will run the entire bundle.
- exim_user = exim
+exim_user = exim
- exim_group = mail
+exim_group = mail
- # There were mailings settings, do not use - no setup
+# There were mailings settings, do not use - no setup.
- MAILMAN_HOME = / usr / local / mailman
+MAILMAN_HOME = /usr/local/mailman
- MAILMAN_WRAP = MAILMAN_HOME / mail / mailman
+MAILMAN_WRAP = MAILMAN_HOME/mail/mailman
- MAILMAN_USER = exim
+MAILMAN_USER = exim
- MAILMAN_GROUP = mail
+MAILMAN_GROUP = mail
- # Enter the credentials to connect to the MySQL server.
+# Enter the credentials to connect to the MySQL server.
-  # Word `hide`, first, means that when
+# Word `hide`, first, means that when
-  # Check config command call
+# Check config command call
-  # Exim -bV config_file these data will not be displayed.
+# Exim -bV config_file these data will not be displayed.
-  # If without it - it will be shown ... Recording format:
+# If without it - it will be shown ... Recording format:
-  # Host / dbname / user / password
+# Host / dbname / user / password
- hide mysql_servers = localhost :: (/tmp/mysql.sock) /mail/exim/8975f9i7vioyuhg
+hide mysql_servers = localhost::(/tmp/mysql.sock)/mail/exim/8975f9i7vioyuhg
- # Interfaces to listen
+# Interfaces to listen.
- local_interfaces = MY_IP
+local_interfaces = MY_IP
- # Host Name.  Used EHLO.
+# Host Name.  Used EHLO.
-  # Listed on the other points, if they are not specified, the type qualify_domain and other ..
+# Listed on the other points, if they are not specified, the type qualify_domain and other ..
-  # If there are not found anything (comment out the line), then used that returns the uname () function
+# If there are not found anything (comment out the line), then used that returns the uname () function.
- primary_hostname = sharewiz.net
+primary_hostname = sharewiz.net
- # Request for sampling Domain Information
+# Request for sampling Domain Information.
- VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql: $domain}'
+VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
- RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql: $domain}'
+RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay'  AND domain = '${quote_mysql:$domain}'
- ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql: $domain}'
+ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'
- # Make a list of local domains.  Next, the list will appear in the form of + local_domains
+# Make a list of local domains.  Next, the list will appear in the form of + local_domains.
-  # In this case, the domains are selected from the database MySQL.  Also, you can simply scroll through the colon.
+# In this case, the domains are selected from the database MySQL.  Also, you can simply scroll through the colon.
- domainlist local_domains = @: ${lookup mysql {VIRTUAL_DOMAINS}}: ${lookup mysql {ALIAS_DOMAINS}}
+domainlist local_domains = @ : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
- domainlist relay_to_domains = ${lookup mysql {RELAY_DOMAINS}}
+domainlist relay_to_domains = ${lookup mysql{RELAY_DOMAINS}}
- # List of trusted networks from which mail will go without a number of checks
+# List of trusted networks from which mail will go without a number of checks.
- hostlist relay_from_hosts = localhost: MY_IP: 192.168.100.0/20: 192.168.80.0/24
+hostlist   relay_from_hosts = localhost : MY_IP : 192.168.100.0/20 : 192.168.80.0/24
- # Enter the name acl`ov for checking mail.
+# Enter the name acl for checking mail.
- acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_rcpt = acl_check_rcpt
- acl_smtp_data = acl_check_content
+acl_smtp_data = acl_check_content
- acl_smtp_helo = acl_check_helo
+acl_smtp_helo = acl_check_helo
- # If the setting is said to check mail for viruses - connect
+# If the setting is said to check mail for viruses - connect.
- .ifdef USE_AV
+.ifdef USE_AV
- av_scanner = clamd: /var/run/clamav/clamd.sock
+av_scanner = clamd:/var/run/clamav/clamd.sock
- .endif
+.endif
- # If the setting is said to check mail for spam - connect
- .ifdef USE_SPAMD
- spamd_address = /var/run/spamd.sock
- .endif
- # If the setting is said to work with support for SSL - connect
+# If the setting is said to check mail for spam - connect.
- .ifdef TLS
+.ifdef USE_SPAMD
-  # SSL / TLS cert and key
+spamd_address = /var/run/spamd.sock
-  tls_certificate = /etc/ssl/certs/mail.pem
+.endif
-  tls_privatekey = /etc/ssl/certs/mail.pem
-  # Advertise TLS to anyone
-  tls_advertise_hosts = *
-  tls_on_connect_ports = 465
- .endif
- # Domain name is added to the local senders (real
-  # Of users of the system) that  mail is sent from the root, will be from
-  # Root @ domen_ukazannyy_zdes.  If the item is not specified, it is used
-  # Hostname of `primary_hostname`.
- qualify_domain = sharewiz.net
- # Host Name for the situation, return to the previous one - is the domain name to be added to the e-mail
+# If the setting is said to work with support for SSL - connect.
-  # Of system users, well and in general for the post, which came on the address type `root` etc ...
+.ifdef TLS
+ # SSL/TLS cert and key
+ tls_certificate = /etc/ssl/certs/mail.pem
+ tls_privatekey = /etc/ssl/certs/mail.pem
+ # Advertise TLS to anyone
+ tls_advertise_hosts = *
+ tls_on_connect_ports=465
+.endif
+# Domain name is added to the local senders (real users of the system) that mail is sent from the root, will be from
+# root@sharewiz.net.  If this item is not specified, then the hostname of `primary_hostname` is used.
+qualify_domain = sharewiz.net
+# Host Name for the situation, return to the previous one - is the domain name to be added to the e-mail
+# Of system users, well and in general for the post, which came on the address type `root` etc ...
   Eton # If the item is not specified then the value obtained from the preceding paragraph - `qualify_domain`
  qualify_recipient = sharewiz.net
@@ Line 474: / Line 481: @@
  system_filter_group = mail
 </code>
 ==== 110.greylist.conf ====