Differences

This shows you the differences between two versions of the page.

--- exim4:configuration_file [2016/11/04 11:05] – peter
+++ exim4:configuration_file [2020/07/15 09:30] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
 ====== Exim4 - Configuration File ======
+<WRAP todo>
+http://alex.mamchenkov.net/2010/06/24/exim-dovecot-and-mysql/
+http://t-machine.org/index.php/2014/06/27/webmail-on-your-debian-server-exim4-dovecot-roundcube/
+http://www1.alx.pl/w/linux/exim-sql.conf
+https://weijl.org/virtual-domains-with-exim4-dovecot-dspam-and-mysql/
+</WRAP>
 The context is a host server with a public IP (5.42.134.35, www.sharewiz.net), which is also used as local mail server:
@@ Line 10: / Line 18: @@
 # If exim is used localy in batch mode (exim4 -bs) then "$host" is empty, the ": :" adds the empty string.
 hostlist   own_hosts = 127.0.0.1 : : 192.168.0.2 : 192.168.0.3 : 5.42.134.35
-domainlist public_domains = maretmmanu.org
+domainlist public_domains = sharewiz.net
 </file>
+===== ACLs =====
 Here is the ACL section of my Exim configuration file
@@ Line 212: / Line 224: @@
-Another config
+===== Another config =====
 <file>
@@ Line 219: / Line 231: @@
 ######################################################################
-hostlist   own_hosts = 127.0.0.1 : 192.168.109.24 : 192.168.109.23 : 82.224.147.80
+hostlist   own_hosts = 127.0.0.1 : 192.168.1.2 : 192.168.1.3 : 5.42.134.35
-domainlist public_domains = maretmmanu.org
+domainlist public_domains = sharewiz.net
  . . .
 # Mandatory to use  "verify = helo"
@@ Line 254: / Line 266: @@
 	# If the HELO pretend to be this host
 	deny	condition = ${if or { \
-					{eq {${lc:$sender_helo_name}}{maretmmanu.org}} \
+					{eq {${lc:$sender_helo_name}}{sharewiz.net}} \
-					{eq {${lc:$sender_helo_name}}{82.224.147.80}} \
+					{eq {${lc:$sender_helo_name}}{5.42.134.35}} \
 				    } {true}{false} }
@@ Line 336: / Line 348: @@
         ## spamassassin, spams are never big and spamassassin can die on big emails, so we
-        ## limit its use under 500ko.
+        ## limit its use under 500k.
         accept  condition = ${if >={$message_size}{500k}{yes}{no}}
         warn    message = X-SA-Score: $spam_score
@@ Line 352: / Line 364: @@
         # accept by default
         accept
+</file>
+===== A Basic config =====
+<file bash /etc/exim4/exim4.conf>
+local_scan_path = /usr/lib/exim4/local_scan/sa-exim.so
+hide pgsql_servers = localhost::5433/authdb/poczta/poczta1
+primary_hostname = czarny06.aklin
+domainlist local_domains = @ : czarny06.aklin : poczta.czarny06.aklin
+domainlist relay_to_domains = czarny02.aklin : czarny04.aklin
+hostlist   relay_from_hosts = 127.0.0.1 : 10.0.3.67
+domainlist exdomains = fiw.local
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_not_smtp  = wiadomosci_z_sendmaila
+av_scanner = clamd:/var/run/clamav/clamd.ctl
+tls_advertise_hosts = *
+tls_certificate = /etc/exim4/mail.crt
+tls_privatekey = /etc/exim4/mail.key
+daemon_smtp_ports = 25 : 465 : 587
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = !10.0.2.0/24
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+begin acl
+wiadomosci_z_sendmaila:
+  accept  add_header    = X-SA-Nie-Uruchamiaj-Mnie: 9787be32e0cb6ae2b4e06f57c6461893
+acl_check_rcpt:
+  warn	local_parts = pracownicy
+  	domains = +local_domains
+  	add_header = Reply-To: pracownicy@czarny06.aklin
+  warn  hosts = czarny02.aklin : czarny04.aklin
+  	add_header    = X-SA-Nie-Uruchamiaj-Mnie: 9787be32e0cb6ae2b4e06f57c6461893
+  accept  hosts = :
+  	  add_header    = X-SA-Nie-Uruchamiaj-Mnie: 9787be32e0cb6ae2b4e06f57c6461893
+  deny    message       = Restricted characters in address
+          domains       = +local_domains
+          local_parts   = ^[.] : ^.*[@%!/|]
+  deny    message       = Restricted characters in address
+          domains       = !+local_domains
+          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+  accept  local_parts   = postmaster
+          domains       = +local_domains
+  require verify        = sender
+  accept  hosts         = +relay_from_hosts
+  	  add_header    = X-SA-Nie-Uruchamiaj-Mnie: 9787be32e0cb6ae2b4e06f57c6461893
+          control       = submission
+  accept  authenticated = *
+	  add_header	= X-SA-Nie-Uruchamiaj-Mnie: 9787be32e0cb6ae2b4e06f57c6461893
+          control       = submission
+  require message = relay not permitted
+          domains = +local_domains : +relay_to_domains : +exdomains
+  require verify = recipient
+  accept
+acl_check_data:
+  deny    malware    = *
+          message    = This message contains a virus ($malware_name).
+  accept
+begin routers
+dnslookup:
+  driver = dnslookup
+  domains = ! +local_domains : ! +exdomains
+  transport = remote_smtp
+  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
+  no_more
+aliases_poczta_czarny_06_aklin:
+  driver = redirect
+  allow_fail
+  allow_defer
+  domains = poczta.czarny06.aklin
+  data = ${lookup{$local_part}lsearch{/etc/aliases-poczta}}
+  file_transport = address_file
+  pipe_transport = address_pipe
+system_aliases:
+  driver = redirect
+  allow_fail
+  allow_defer
+  data = ${lookup pgsql{select goto from alias where address = '${local_part}'}{$value}}
+  file_transport = address_file
+  pipe_transport = address_pipe
+userforward:
+  driver = redirect
+  check_local_user
+  file = $home/.forward
+  no_verify
+  no_expn
+  check_ancestor
+  file_transport = address_file
+  pipe_transport = address_pipe
+  reply_transport = address_reply
+localuser_spam_flag:
+  driver = accept
+  condition = ${lookup pgsql{select count(account_id) from account where username = '${local_part}'}{$value}}
+  condition = ${if eq {$h_X-Spam-Flag}{YES} {1}{0}}
+  transport = local_delivery_spam
+localuser:
+  driver = accept
+  condition = ${lookup pgsql{select count(account_id) from account where username = '${local_part}'}{$value}}
+  transport = local_delivery
+  cannot_route_message = Unknown user
+begin transports
+remote_smtp:
+  driver = smtp
+  headers_remove = X-SA-Nie-Uruchamiaj-Mnie : X-SA-Exim-Connect-IP : X-SA-Exim-Rcpt-To : X-SA-Exim-Mail-From
+remote_smtp_ex:
+  driver = smtp
+  headers_remove = X-SA-Nie-Uruchamiaj-Mnie : X-SA-Exim-Connect-IP : X-SA-Exim-Rcpt-To : X-SA-Exim-Mail-From
+  hosts_avoid_tls = *
+local_delivery:
+  driver = appendfile
+  maildir_format
+  directory = ${lookup pgsql{SELECT maildir FROM account WHERE username = '$local_part'}{$value}}
+ # file = /var/mail/$local_part
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  group = mail
+  mode = 0660
+  headers_remove = X-SA-Nie-Uruchamiaj-Mnie : X-SA-Exim-Connect-IP : X-SA-Exim-Rcpt-To : X-SA-Exim-Mail-From
+  user = dovecot
+local_delivery_spam:
+  driver = appendfile
+  maildir_format
+  directory = ${lookup pgsql{SELECT maildir FROM account WHERE username = '$local_part'}{$value}}/.spam
+ # file = /var/mail/$local_part
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+  group = mail
+  mode = 0660
+  headers_remove = X-SA-Nie-Uruchamiaj-Mnie : X-SA-Exim-Connect-IP : X-SA-Exim-Rcpt-To : X-SA-Exim-Mail-From
+  user = dovecot
+address_pipe:
+  driver = pipe
+  return_output
+address_file:
+  driver = appendfile
+  delivery_date_add
+  envelope_to_add
+  return_path_add
+address_reply:
+  driver = autoreply
+begin retry
+*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
+begin rewrite
+begin authenticators
+PLAIN:
+  driver                     = plaintext
+  server_set_id              = $auth2
+  server_prompts             = :
+  server_condition           = ${lookup pgsql{select count(account_id) from account where username = '$2' and password = '$3'}{$value}}
+  server_advertise_condition = ${if def:tls_cipher }
+LOGIN:
+  driver                     = plaintext
+  server_set_id              = $auth1
+  server_prompts             = <| Username: | Password:
+  server_condition           = ${lookup pgsql{select count(account_id) from account where username = '$1' and password = '$2'}{$value}}
+  server_advertise_condition = ${if def:tls_cipher }
 </file>