PDA

View Full Version : After Build EXIM and Dovecot get Problem ! Help ?



Dauser2007
01-13-2008, 03:32 PM
After Build EXIM and Dovecot get Problem ! Help ?


Exim Mainlog:


2008-01-14 07:27:32 H=(210.22.15.179) [121.35.254.3] F=<sun_caroline@msn.com> rejected RCPT <fluttering@gmail.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:32 H=(210.22.15.179) [121.35.254.3] F=<jennifer_harry@gmail.com> rejected RCPT <aconfirm@gmail.com>: Forged Gmail, not sent from your account.
2008-01-14 07:27:32 H=(210.22.15.179) [121.35.254.3] F=<joanne_luan@yahoo.co.id> rejected RCPT <jazzkid.yang@msa.hinet.net>: authentication required
2008-01-14 07:27:32 H=(210.22.15.179) [121.35.254.3] incomplete transaction (QUIT) from <jennifer_harry@gmail.com>
2008-01-14 07:27:32 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<gary_teresa@xuite.net> rejected RCPT <ace721010@sinamail.com>: authentication required
2008-01-14 07:27:32 H=(210.22.15.179) [121.35.254.3] F=<joanne_luan@yahoo.co.id> rejected RCPT <jazzkid@ms34.hinet.net>: authentication required
2008-01-14 07:27:32 H=(ppp89-110-27-217.pppoe.avangarddsl.ru) [121.35.254.3] F=<huaiinfo@ms81.hinet.net> rejected RCPT <acme82@ms37.hinet.net>: authentication required
2008-01-14 07:27:33 H=(210.22.15.179) [121.35.254.3] F=<joanne_luan@yahoo.co.id> rejected RCPT <jazzking@ms2.hinet.net>: authentication required
2008-01-14 07:27:33 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<gary_teresa@xuite.net> rejected RCPT <ace730507a@sinamail.com>: authentication required
2008-01-14 07:27:33 H=(210.22.15.179) [121.35.254.3] F=<joanne_luan@yahoo.co.id> rejected RCPT <jazzkobe@ms23.hinet.net>: authentication required
2008-01-14 07:27:33 H=(210.22.15.179) [121.35.254.3] incomplete transaction (RSET) from <an-sj@umail.hinet.net>
2008-01-14 07:27:33 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] incomplete transaction (RSET) from <gary_teresa@xuite.net>
2008-01-14 07:27:34 H=(210.22.15.179) [121.35.254.3] F=<sun_caroline@msn.com> rejected RCPT <flutters@gcn.net.tw>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:34 H=(210.22.15.179) [121.35.254.3] incomplete transaction (RSET) from <joanne_luan@yahoo.co.id>
2008-01-14 07:27:34 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter.kuo@wimart.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:35 H=(210.22.15.179) [121.35.254.3] F=<sungcw@ms15.hinet.net> rejected RCPT <jazzl.yang@msa.hinet.net>: authentication required
2008-01-14 07:27:35 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<mjdean@hotmail.com> rejected RCPT <ace7691360@sinamail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:27:35 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter.lin@wiharper.com.tw>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:35 H=(210.22.15.179) [121.35.254.3] F=<sungcw@ms15.hinet.net> rejected RCPT <jazzl166e6@ms32.hinet.net>: authentication required
2008-01-14 07:27:35 H=(cuscon6427.tstt.net.tt) [121.35.254.3] F=<joe.lawrence@msa.hinet.net> rejected RCPT <abs@aliner.com.tw>: authentication required
2008-01-14 07:27:35 H=(210.22.15.179) [121.35.254.3] F=<sungcw@ms15.hinet.net> rejected RCPT <jazzl1ba74@ms32.hinet.net>: authentication required
2008-01-14 07:27:35 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter.pan@westin.com.tw>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:35 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<mjdean@hotmail.com> rejected RCPT <ace770@sinamail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:27:36 H=(210.22.15.179) [121.35.254.3] incomplete transaction (QUIT) from <sungcw@ms15.hinet.net>
2008-01-14 07:27:36 H=(210.22.15.179) [121.35.254.3] F=<sun_caroline@msn.com> rejected RCPT <fluttervertigo@gmail.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:36 H=(200.175.223.191.dialup.gvt.net.br) [121.35.254.3] F=<wen.xyz@msa.hinet.net> rejected RCPT <chloe_you@giga.net.tw>: authentication required
2008-01-14 07:27:36 H=(ppp89-110-27-217.pppoe.avangarddsl.ru) [121.35.254.3] F=<huaiinfo@ms81.hinet.net> rejected RCPT <acme99@ms15.hinet.net>: authentication required
2008-01-14 07:27:36 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter.stenberg@wcc2004.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:36 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] incomplete transaction (RSET) from <mjdean@hotmail.com>
2008-01-14 07:27:36 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter.waldman@wsj.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:37 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter.wyatt@wanadoo.nl>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:37 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace7783x@sinamail.com>: authentication required
2008-01-14 07:27:37 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter648@wxs.nl>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:38 H=(210.22.15.179) [121.35.254.3] F=<sun_caroline@msn.com> rejected RCPT <fluttsi@gmail.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:38 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace8388@sinamail.com>: authentication required
2008-01-14 07:27:38 H=(history.org.ua) [121.35.254.3] F=<pao-hua@hotmail.com> rejected RCPT <helen.joanna@msa.hinet.net>: Forged hotmail mail, not sent from your account.
2008-01-14 07:27:39 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace888@seed.net.tw>: authentication required
2008-01-14 07:27:39 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter@walindi.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:39 H=(210.22.15.179) [121.35.254.3] F=<yvonnelaurent@msn.com> rejected RCPT <peter@warlockstudio.com>: Forged MSN mail, not sent from your account.
2008-01-14 07:27:39 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace88ace@sinamail.com>: authentication required
2008-01-14 07:27:40 H=(210.22.15.179) [121.35.254.3] F=<deanchiang@ms22.hinet.net> rejected RCPT <hc.turbo@msa.hinet.net>: authentication required
2008-01-14 07:27:40 H=(210.22.15.179) [121.35.254.3] incomplete transaction (QUIT) from <yvonnelaurent@msn.com>
2008-01-14 07:27:40 H=(cuscon6427.tstt.net.tt) [121.35.254.3] F=<joe.lawrence@msa.hinet.net> rejected RCPT <abs@amctech.com.tw>: authentication required
2008-01-14 07:27:40 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace9.tw@sinamail.com>: authentication required
2008-01-14 07:27:41 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace9097@sinamail.com>: authentication required
2008-01-14 07:27:41 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace9876ace@sinamail.com>: authentication required
2008-01-14 07:27:42 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace99000@sinamail.com>: authentication required
2008-01-14 07:27:43 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] F=<daphnelien@cm1.hinet.net> rejected RCPT <ace999@sinamail.com>: authentication required
2008-01-14 07:27:43 H=(cuscon6427.tstt.net.tt) [121.35.254.3] F=<joe.lawrence@msa.hinet.net> rejected RCPT <abs@amic.com.tw>: authentication required
2008-01-14 07:27:43 H=(dedint-200-52-14-99.mtyxl.axtel.net) [121.35.254.3] incomplete transaction (QUIT) from <daphnelien@cm1.hinet.net>



Exim Regeclogs:


2008-01-14 07:28:41 H=(210.22.15.179) [121.35.254.3] F=<pang_cha@hotmail.com> rejected RCPT <tvare@sinamail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:41 H=(210.22.15.179) [121.35.254.3] F=<niufiona@ms57.hinet.net> rejected RCPT <adamchiu@pchome.com.tw>: authentication required
2008-01-14 07:28:41 H=(host198.bulletproof.com.br) [121.35.254.3] F=<shakuo@cm1.hinet.net> rejected RCPT <petitionist@ms34.hinet.net>: authentication required
2008-01-14 07:28:41 H=(210.22.15.179) [121.35.254.3] F=<niufiona@ms57.hinet.net> rejected RCPT <adamf0621@pchome.com.tw>: authentication required
2008-01-14 07:28:41 H=(190-50-110-225.speedy.com.ar) [121.35.254.3] F=<hsuiris@yahoo.com.cn> rejected RCPT <pgb@ms15.hinet.net>: authentication required
2008-01-14 07:28:41 H=(210.22.15.179) [121.35.254.3] F=<niufiona@ms57.hinet.net> rejected RCPT <adamhou@pchome.com.tw>: authentication required
2008-01-14 07:28:41 H=(210.22.15.179) [121.35.254.3] F=<niufiona@ms57.hinet.net> rejected RCPT <adamhung@phihong.com.tw>: authentication required
2008-01-14 07:28:41 H=(210.22.15.179) [121.35.254.3] F=<hsun.zo@hotmail.com> rejected RCPT <tvavpc@sinamail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:41 H=(210.22.15.179) [121.35.254.3] F=<niufiona@ms57.hinet.net> rejected RCPT <adamilg@pchome.com.tw>: authentication required
2008-01-14 07:28:41 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<hsin-lao@umail.hinet.net> rejected RCPT <mieh_uo@giga.net.tw>: authentication required
2008-01-14 07:28:42 H=(host198.bulletproof.com.br) [121.35.254.3] F=<shakuo@cm1.hinet.net> rejected RCPT <petitionist@ms41.hinet.net>: authentication required
2008-01-14 07:28:42 H=(190-50-110-225.speedy.com.ar) [121.35.254.3] F=<hsuiris@yahoo.com.cn> rejected RCPT <pgb@ms16.hinet.net>: authentication required
2008-01-14 07:28:42 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acut.mail@gmail.com>: authentication required
2008-01-14 07:28:42 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<hsin-lao@umail.hinet.net> rejected RCPT <mieh_up@giga.net.tw>: authentication required
2008-01-14 07:28:42 H=(host198.bulletproof.com.br) [121.35.254.3] F=<shakuo@cm1.hinet.net> rejected RCPT <petitionist@ms47.hinet.net>: authentication required
2008-01-14 07:28:43 H=(history.org.ua) [121.35.254.3] F=<jay_chin@hotmail.com> rejected RCPT <helen.john@msa.hinet.net>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:43 H=(190-50-110-225.speedy.com.ar) [121.35.254.3] F=<hsuiris@yahoo.com.cn> rejected RCPT <pgb@ms17.hinet.net>: authentication required
2008-01-14 07:28:43 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acute@gcn.net.tw>: authentication required
2008-01-14 07:28:43 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<hsin-lao@umail.hinet.net> rejected RCPT <mieh_uper@giga.net.tw>: authentication required
2008-01-14 07:28:43 H=(200.175.223.191.dialup.gvt.net.br) [121.35.254.3] F=<lily.kate@msa.hinet.net> rejected RCPT <tsui.gl@msa.hinet.net>: authentication required
2008-01-14 07:28:43 H=(210.22.15.179) [121.35.254.3] F=<nunggreen@hotmail.com> rejected RCPT <aclibre@gmail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:43 H=(host198.bulletproof.com.br) [121.35.254.3] F=<shakuo@cm1.hinet.net> rejected RCPT <petitionist@ms52.hinet.net>: authentication required
2008-01-14 07:28:43 H=(210.22.15.179) [121.35.254.3] F=<nunggreen@hotmail.com> rejected RCPT <acligeiro@gmail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:44 H=(190-50-110-225.speedy.com.ar) [121.35.254.3] F=<hsuiris@yahoo.com.cn> rejected RCPT <pgb@ms18.hinet.net>: authentication required
2008-01-14 07:28:44 H=(210.22.15.179) [121.35.254.3] F=<nunggreen@hotmail.com> rejected RCPT <aclimateaffair@gmail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:44 H=(210.22.15.179) [121.35.254.3] F=<nunggreen@hotmail.com> rejected RCPT <aclipscomb@gmail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:44 H=(host198.bulletproof.com.br) [121.35.254.3] F=<shakuo@cm1.hinet.net> rejected RCPT <petitionist@ms56.hinet.net>: authentication required
2008-01-14 07:28:44 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acute@giga.net.tw>: authentication required
2008-01-14 07:28:44 H=(210.22.15.179) [121.35.254.3] F=<nunggreen@hotmail.com> rejected RCPT <aclj@gmail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:45 H=(190-50-110-225.speedy.com.ar) [121.35.254.3] F=<hsuiris@yahoo.com.cn> rejected RCPT <pgb@ms19.hinet.net>: authentication required
2008-01-14 07:28:45 H=(210.22.15.179) [121.35.254.3] F=<nunggreen@hotmail.com> rejected RCPT <acljxicdnt@gmail.com>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:45 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<lai_hsin@gmail.com> rejected RCPT <mieh_us@giga.net.tw>: Forged Gmail, not sent from your account.
2008-01-14 07:28:45 H=(host198.bulletproof.com.br) [121.35.254.3] F=<shakuo@cm1.hinet.net> rejected RCPT <petitionist@ms57.hinet.net>: authentication required
2008-01-14 07:28:45 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<lai_hsin@gmail.com> rejected RCPT <mieh_usa@giga.net.tw>: Forged Gmail, not sent from your account.
2008-01-14 07:28:46 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acutepolitics@gmail.com>: authentication required
2008-01-14 07:28:46 H=(host198.bulletproof.com.br) [121.35.254.3] F=<shakuo@cm1.hinet.net> rejected RCPT <petitionist@ms62.hinet.net>: authentication required
2008-01-14 07:28:47 H=(200.175.223.191.dialup.gvt.net.br) [121.35.254.3] F=<wen.xyz@msa.hinet.net> rejected RCPT <chloecoy@gmail.com>: authentication required
2008-01-14 07:28:47 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acutionsale@gmail.com>: authentication required
2008-01-14 07:28:47 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<sy-jane@umail.hinet.net> rejected RCPT <mieh_use@giga.net.tw>: authentication required
2008-01-14 07:28:48 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<sy-jane@umail.hinet.net> rejected RCPT <mieh_user@giga.net.tw>: authentication required
2008-01-14 07:28:49 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<sy-jane@umail.hinet.net> rejected RCPT <mieh_ut@giga.net.tw>: authentication required
2008-01-14 07:28:49 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acutrim@gmail.com>: authentication required
2008-01-14 07:28:49 H=(dsl-200-78-121-244.prod-infinitum.com.mx) [121.35.254.3] F=<sy-jane@umail.hinet.net> rejected RCPT <mieh_uu@giga.net.tw>: authentication required
2008-01-14 07:28:50 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acuwestny@gmail.com>: authentication required
2008-01-14 07:28:51 H=(history.org.ua) [121.35.254.3] F=<jay_chin@hotmail.com> rejected RCPT <helen.johnny@msa.hinet.net>: Forged hotmail mail, not sent from your account.
2008-01-14 07:28:52 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<al_samuel@xuite.net> rejected RCPT <acuyoga@gmail.com>: authentication required
2008-01-14 07:28:54 H=(190-50-110-225.speedy.com.ar) [121.35.254.3] F=<hsuiris@yahoo.com.cn> rejected RCPT <pgb@ms2.hinet.net>: authentication required
2008-01-14 07:28:54 H=(200.175.223.191.dialup.gvt.net.br) [121.35.254.3] F=<wen.xyz@msa.hinet.net> rejected RCPT <chloedco@gmail.com>: authentication required
2008-01-14 07:28:55 H=(190-50-110-225.speedy.com.ar) [121.35.254.3] F=<hsuiris@yahoo.com.cn> rejected RCPT <pgb@ms21.hinet.net>: authentication required
2008-01-14 07:28:56 H=(Static-IP-cr200713729.cable.net.co) [121.35.254.3] F=<vincentshuang@yahoo.co.kr> rejected RCPT <acuzamendoza@gmail.com>: authentication required



What to do is now ?

Big Thanks

Dauser

nobaloney
01-14-2008, 12:16 PM
You should probably edit your exim.conf file and remove all the Forged account checks; we're removing them from the final version.

Other than that, log snippets don't really explain anything; can you tell us what is or isn't happening?

Jeff

Dauser2007
01-14-2008, 12:35 PM
thanks!

this is the exim conf files, where i should to be move ?


################################################################################
# DirectAdmin exim.conf #
# SpamBlocker with VirusBlocker #
# Dovecot Enabled #
# Version 3.0-beta #
# Exim configuration file for DirectAdmin/Exim 4.24 and above #
# Requires exim.pl as distributed by DirectAdmin here: #
# http://files.directadmin.com/services/exim.pl #
# Dated 20-Dec-2006 15:33 or later #
######### IMPORTANT ########## IMPORTANT ########## IMPORTANT ##################
# WARNING! Be sure to back up your previous exim.conf file before #
# attempting to use this exim.conf file. #
# #
# Do NOT use this exim.conf Exim configuration file unless you #
# make the required modifications to your Exim configuration #
# following the instructions in the README file included in this #
# distribution. #
# #
# This is version "3.0-beta of the SpamBlocker exim.conf file as #
# distributed by NoBaloney Internet Services for DirectAdmin based #
# servers. #
# #
# More information about NoBaloney.net may be found at: #
# http://www.nobaloney.net/ #
# #
# More information about DirectAdmin may be found at: #
# http://www.directadmin.com/ #
# #
# This Exim configuration file has been modified from the original #
# as distributed with Exim 4. The modifications have been made by: #
# #
# Jeff Lasman #
# NoBaloney Internet Services #
# Post Office Box 52200 #
# Riverside, CA 92517-3200 #
# spamblocker@nobaloney.net #
# (915) 643-5345 #
# #
# The SpamBlocker exim.conf file has been modified from the original #
# exim.conf file as distributed with Exim 4, which includes the #
# following copyright notice: #
# #
# Copyright (C) 2002 University of Cambridge, Cambridge, UK #
# #
# Portions of the file are taken from the exim.conf file as #
# distributed with DirectAdmin (http://www.directadmin.com/), #
# #
# Copyright (C) 2003-2006 JBMC Software, St Albert, AB, Canada #
# #
# Portions of this file are written by Jeff Lasman, of #
# NoBaloney Internet Services and are copyright as follows: #
# #
# Copyright (C) 2004-2006 NoBaloney Internet Services, #
# Riverside, Calif., USA #
# #
# The entire Exim 4 distribution, including the exim.conf file, is #
# distributed under the GNU GENERAL PUBLIC LICENSE, Version 2, #
# June 1991. If you do not have a copy of the GNU GENERAL #
# PUBLIC LICENSE you may download it, in it's entirety, from #
# the website at: #
# #
# http://www.nobaloney.net/exim/gnu-gpl-v2.txt #
# #
################################################################################
# #
# The most recent version of this SpamBlocker exim.conf file may #
# always downloaded from the website at #
# #
# http://www.nobaloney.net/exim/exim.conf.spamblocked #
# #
######### IMPORTANT ########## IMPORTANT ########## IMPORTANT ##################
# #
# Whenever you change Exim's configuration file, you *must* remember #
# to HUP the Exim daemon, because it will not pick up the new #
# configuration until you do. However, any other Exim processes that #
# are started, for example, a process started by an MUA in order to #
# send a message, will see the new configuration as soon as it is in #
# place. #
# #
# You do not need to HUP the daemon for changes in auxiliary files #
# that are referenced from this file. They are read every time they #
# are used. #
# #
# It is usually a good idea to test a new configuration for #
# syntactic correctness before installing it (for example, by #
# running the command "exim -C /config/file.new -bV"). #
# #
### MODIFICATION INSTRUCTIONS ########## MODIFICATION INSTRUCTIONS #############
# #
# YOU MUST MAKE THE CHANGES TO THIS SpamBlocked exim.conf file as #
# documented in the README file. #
# #
# The README file for this version is named: #
# ReadMe.-SpamBlocker.3.0.txt #
# #
################################################################################

# Specify your host's canonical name here. This should normally be the
# fully qualified "official" name of your host. If this option is not
# set, the uname() function is called to obtain the name. In many cases
# this does the right thing and you need not set anything explicitly.

# primary_hostname =

# uncomment to define AntiVirus scanner here:
av_scanner = clamd:/var/run/clamav/clamd

# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@rome.ex" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.

# qualify_domain =

# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.

# qualify_recipient =

# the next line is required to start the smtp auth script included
# in DirectAdmin

perl_startup = do '/etc/exim.pl'

# the next line is required to start the system_filter included in
# DirectAdmin to refuse potentiallly harmful payloads in
# email messages

system_filter = /etc/system_filter.exim

# next line to allow incoming email submission port 587
# see also check_recipient port 587 ruleset

daemon_smtp_ports = 25 : 587

# SET SOME MEANINGFUL LIMITS
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment

message_size_limit = 20M
smtp_receive_timeout = 5m
smtp_accept_max = 100
message_body_visible = 3000
print_topbitchars = true

# ALLOW UNDERSCORE IN EMAIL DOMAIN NAME
# domains shouldn't use the underscore character "_" but some
# may. Because John Postel, one of the architects of the Internet,
# said "Be liberal in what you accept and conservative in what you
# transmit, we choose to allow underscore in email domain names so we
# can receive email form domains which use the underscore character
# in their domain name.
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment

helo_allow_chars = _

# CHANGE LOGGING BEHAVIOR
# We weren't happy with the default Exim logging behavior through
# syslog; it didn't give us enough information. So we turned off
# syslog behavior and changed the logging behavior to give us what we
# felt was more helpful information. You may choose to delete or modify
# this section.
# OPTIONAL MODIFICATIONS:
# These defaults work for us; you may wish to modify them
# for your environment

log_selector = \
+delivery_size \
+sender_on_delivery \
+received_recipients \
+received_sender \
+smtp_confirmation \
+subject \
+smtp_incomplete_transaction \
-dnslist_defer \
-host_lookup_failed \
-queue_run \
-rejected_header \
-retry_defer \
-skip_delivery

syslog_duplication = false

# These options specify the Access Control Lists (ACLs) that
# are used for incoming SMTP messages - after the CONNECT, RCPT and DATA
# commands, respectively.
# (uncomment check_connect if used below)

# acl_smtp_connect = check_connect
acl_smtp_rcpt = check_recipient
acl_smtp_data = check_message

# define local lists

addresslist whitelist_senders = lsearch;/etc/virtual/whitelist_senders
addresslist blacklist_senders = lsearch;/etc/virtual/blacklist_senders
domainlist blacklist_domains = lsearch;/etc/virtual/blacklist_domains
domainlist whitelist_domains = lsearch;/etc/virtual/whitelist_domains
domainlist local_domains = lsearch;/etc/virtual/domains
domainlist relay_domains = lsearch;/etc/virtual/domains : localhost
domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains
domainlist skip_av_domains = lsearch;/etc/virtual/skip_av_domains
hostlist auth_relay_hosts = *
hostlist bad_sender_hosts = lsearch;/etc/virtual/bad_sender_hosts
hostlist bad_sender_hosts_ip = net-lsearch;/etc/virtual/bad_sender_hosts
hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts : 127.0.0.1
hostlist whitelist_hosts = lsearch;/etc/virtual/whitelist_hosts
hostlist whitelist_hosts_ip = net-lsearch;/etc/virtual/whitelist_hosts

# DO NOT ALLOW HOST LITERALS
# OPTIONAL MODIFICATIONS:
# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then:
# uncomment the line "local_domains_include_host_literals"
# uncomment out the line "allow_domain_literals"
# This is not recommended for today's Internet.
# These defaults work for us; you may wish to uncomment the two lines
# directly below to allow domain literals in your environment
# see also the "domain_literal" router below.

# local_domains_include_host_literals
# allow_domain_literals

# NO LOCAL DELIVERIES TO ROOT
# OPTIONAL MODIFICATIONS:
# No local deliveries will ever be run under the uids of these users
# (a colon-separated list). An attempt to do so gets changed so that
# it runs under the uid of "nobody" instead. This is a paranoic safety
# catch. Note the default setting means you cannot deliver mail
# addressed to root as if it were a normal user. This isn't usually a
# problem, as most sites have an alias for root that redirects such mail
# to a human administrator.

never_users = root

# DO HOST LOOKUP
# OPTIONAL MODIFICATIONS:
# The setting below causes Exim to do a reverse DNS lookup on all
# incoming IP calls, in order to get the true host name. If you feel
# this is too expensive, you can specify the networks for which a lookup
# is done, or remove the setting entirely.

host_lookup = *

# DISALLOW IDENT CALLBACKS
# OPTIONAL MODIFICATIONS:
# Exim may be set to make RFC 1413 (ident) callbacks for all incoming
# SMTP calls. You can limit the hosts to which these calls are made,
# and/or change the timeout that is used. If you set the timeout to zero,
# all RFC 1413 calls are disabled. RFC 1413 calls are cheap and can
# provide useful information for tracing problem messages, but some
# hosts and firewalls have problems with them. This can result in a
# timeout instead of an immediate refused connection, leading to delays
# on starting up an SMTP session. By default we disable callbacks for
# incoming SMTP calls. You may change rfc1413_query_timeout to 30s or
# some other positive number of seconds to enable callbacks for incoming
# SMTP calls.

rfc1413_hosts = *
rfc1413_query_timeout = 0s

# BOUNCE MESSAGES
# OPTIONAL MODIFICATIONS:
# When Exim can neither deliver a message nor return it to sender, it
# "freezes" the delivery error message (aka "bounce message"). There are
# also other circumstances in which messages get frozen. They will stay
# on the queue forever unless one or both of the following options is
# set.

# This option unfreezes bounce messages after two days, tries
# once more to deliver them, and ignores any delivery failures.
ignore_bounce_errors_after = 2d

# This option cancels (removes) frozen messages that are older than five
# days.
timeout_frozen_after = 5d

# TRUSTED USERS
# OPTIONAL MODIFICATIONS:
# if you must add additional trusted users, do so here; continue the
# colon-delimited list

trusted_users = mail:majordomo:apache:diradmin

# SSL/TLS cert and key
tls_certificate = /etc/exim.cert
tls_privatekey = /etc/exim.key

tls_advertise_hosts = *
#auth_over_tls_hosts = *

######################################################################
# ACLs #
######################################################################

begin acl

# SKIP MX ACL used at connect time:
# IF YOU USE OTHER THAN MAIN IP# FOR MX INSERT MAIN IP# TO
# TO REPLACE PLACEHOLDER, AND UNCOMMENT THIS SECTION
# check_connect:
# defer log_message = Spammer Connected to fake MX record
# condition = ${if match{$interface_address}{(XX.XX.XX.XX)}{true}{false}}

# ACL that is used after the RCPT command
check_recipient:

# to block certain wellknown exploits, Deny for local domains if
# local parts begin with a dot or contain @ % ! / |
deny domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]

# set acl_m0 to use later in data acl if in skip_av_domains
warn domains = +skip_av_domains
set acl_m0 = $tod_epoch

# to restrict port 587 to authenticated users only
# see also daemon_smtp_ports above
accept hosts = +auth_relay_hosts
condition = ${if eq {$interface_port}{587} {yes}{no}}
endpass
message = relay not permitted, authentication required
authenticated = *

# allow local users to send outgoing messages using slashes
# and vertical bars in their local parts.
# Block outgoing local parts that begin with a dot, slash, or vertical
# bar but allows them within the local part.
# The sequence \..\ is barred. The usage of @ % and ! is barred as
# before. The motivation is to prevent your users (or their virii)
# from mounting certain kinds of attacks on remote sites.
deny domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

# local source whitelist
# accept if the source is local SMTP (i.e. not over TCP/IP).
# Test for this by testing for an empty sending host field.
accept hosts = :

# sender domains whitelist
# accept if sender domain is in whitelist
accept sender_domains = +whitelist_domains

# sender hosts whitelist
# accept if sender host is in whitelist
accept hosts = +whitelist_hosts
accept hosts = +whitelist_hosts_ip

# envelope senders whitelist
# accept if envelope sender is in whitelist
accept senders = +whitelist_senders

# accept mail to postmaster in any local domain, regardless of source
accept local_parts = postmaster
domains = +local_domains

# accept mail to abuse in any local domain, regardless of source
accept local_parts = abuse
domains = +local_domains

# accept mail to hostmaster in any local domain, regardless of source
accept local_parts = hostmaster
domains =+local_domains

# OPTIONAL MODIFICATIONS:
# If the page you're using to notify senders of blocked email of how
# to get their address unblocked will use a web form to send you email so
# you'll know to unblock those senders, then you may leave these lines
# commented out. However, if you'll be telling your senders of blocked
# email to send an email to errors@yourdomain.com, then you should
# replace "errors" with the left side of the email address you'll be
# using, and "example.com" with the right side of the email address and
# then uncomment the second two lines, leaving the first one commented.
# Doing this will mean anyone can send email to this specific address,
# even if they're at a blocked domain, and even if your domain is using
# blocklists.

# accept mail to errors@example.com, regardless of source
# accept local_parts = errors
# domains = example.com

# OPTIONAL MODIFICATIONS:
# By default we do NOT require sender verification.
# Sender verification denies unless sender address can be verified:
# If you want to require sender verification, i.e., that the sending
# address is routable and mail can be delivered to it, then
# uncomment the next line. If you do not want to require sender
# verification, leave the line commented out

#require verify = sender

# OPTIONAL MODIFICATIONS:
# in the below ACL entries replace "http://www.example.com/" with
# the full URL of your own whitelist page

# deny domains in local blacklist
deny message = Email blocked by LBL - to unblock see http://www.example.com/
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
sender_domains = +blacklist_domains

# deny hostnames in bad_sender_hosts blacklist
deny message = Email blocked by BSHL - to unblock see http://www.example.com/
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
hosts = +bad_sender_hosts

# deny IPs in bad_sender_hosts blacklist
deny message = Email blocked by BSHL - to unblock see http://www.example.com/
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
hosts = +bad_sender_hosts_ip

# deny email addresses in blacklist_senders
deny message = Email blocked by BSAL - to unblock see http://www.example.com/
domains = use_rbl_domains
deny senders = +blacklist_senders

######################
# FORGED MAIL CHECKS #
# host name based ! #
######################

deny message = Forged Yahoo mail, not sent from your account.
senders = *@yahoo.com
condition = ${if match {$sender_host_name}{\Nyahoo.com$\N}{no}{yes}}

deny message = Forged hotmail mail, not sent from your account.
senders = *@hotmail.com
condition = ${if match {$sender_host_name}{\N(hotmail|msn).com$\N}{no}{yes}}

deny message = Forged MSN mail, not sent from your account.
senders = *@msn.com
condition = ${if match {$sender_host_name}{\N(hotmail|msn).com$\N}{no}{yes}}

deny message = Forged AOL mail, not sent from your account.
senders = *@aol.com
condition = ${if match {$sender_host_name}{\Naol.com$\N}{no}{yes}}

deny message = Forged Netscape Mail, not sent from your account.
senders = *@netscape.com
condition = ${if match {$sender_host_name}{\Nnetscape.com$\N}{no}{yes}}

deny message = Forged Netscape Mail, not sent from your account.
senders = *@netscape.net
condition = ${if match {$sender_host_name}{\Nnetscape.net$\N}{no}{yes}}

deny message = Forged Comcast Mail, not sent from your account.
senders = *@comcast.net
condition = ${if match {$sender_host_name}{\Ncomcast.net$\N}{no}{yes}}

deny message = Forged Comcast Mail, not sent from your account.
senders = *@comcast.com
condition = ${if match {$sender_host_name}{\Ncomcast.com$\N}{no}{yes}}

deny message = Forged Verizon Mail, not sent from your account.
senders = *@verizon.com
condition = ${if match {$sender_host_name}{\Nverizon.com$\N}{no}{yes}}

deny message = Forged Verizon Mail, not sent from your account.
senders = *@verizon.net
condition = ${if match {$sender_host_name}{\Nverizon.net$\N}{no}{yes}}

deny message = Forged Paypal Mail, not sent from PayPal.
senders = *@paypal.com
condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}}

deny message = Forged Prodigy Mail, not sent from your account.
senders = *@prodigy.com
condition = ${if match {$sender_host_name}{\Nprodigy.com$\N}{no}{yes}}

deny message = Forged Prodigy Mail, not sent from your account.
senders = *@prodigy.net
condition = ${if match {$sender_host_name}{\Nprodigy.net$\N}{no}{yes}}

deny message = Forged RoadRunner Mail, not sent from your account.
senders = *@rr.com
condition = ${if match {$sender_host_name}{\Nrr.com$\N}{no}{yes}}

deny message = Forged RoadRunner Mail, not sent from your account.
senders = *@rr.net
condition = ${if match {$sender_host_name}{\Nrr.net$\N}{no}{yes}}

deny message = Forged Gmail, not sent from your account.
senders = *@gmail.com
condition = ${if match {$sender_host_name}{\N(gmail|google).com$\N}{no}{yes}}

##########################
# BLOCKLIST EMAIL CHECKS #
# IP BASED #
##########################

# Next deny stuff from blacklists for hosts in use_rbl_domains
# bypassing checking for authenticated users

# deny using spamhaus
deny message = Email blocked by SPAMHAUS - to unblock see http://www.example.com/
# only for domains that do want to be tested against RBLs
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = sbl.spamhaus.org

# deny using njabl
deny message = Email blocked by NJABL - to unblock see http://www.example.com/
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = dnsbl.njabl.org

# deny using cbl
deny message = Email blocked by CBL - to unblock see http://www.example.com/
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = cbl.abuseat.org

# deny using safe.dnsbl.sorbs.net
deny message = Email blocked by SORBS - to unblock see http://www.example.com/
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = safe.dnsbl.sorbs.net

# deny using list.dsbl.org (single stage open SMTP relays)
deny message = Email blocked by DSBL - to unblock see http://www.example.com/
hosts = !+relay_hosts
domains =+use_rbl_domains
!authenticated = *
dnslists = list.dsbl.org

# deny using spamcop : moved to last place to check logs to see how much it blocks
deny message = Email blocked by SPAMCOP - to unblock see http://www.example.com/
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = bl.spamcop.net

##########################
# BLOCKLIST EMAIL CHECKS #
# NAME BASED #
##########################

# deny using sorbs name based list
deny message = Email blocked by SORBS - to unblock see http://www.example.com/
domains =+use_rbl_domains
# rhsbl list is name based
dnslists = rhsbl.sorbs.net/$sender_address_domain

###############################
# ACCEPTING EMAIL BEGINS HERE #
###############################

# accept if address is in a local domain as long as recipient can be verified
accept domains = +local_domains
endpass
message = "Unknown User"
verify = recipient

# accept if address is in a domain for which we relay as long as recipient
# can be verified
accept domains = +relay_domains
endpass
verify=recipient

# accept if message comes for a host for which we are an outgoing relay
# recipient verification is omitted because many MUA clients don't cope
# well with SMTP error responses. If you are actually relaying from MTAs
# then you should probably add recipient verify here

accept hosts = +relay_hosts
accept hosts = +auth_relay_hosts
endpass
message = authentication required
authenticated = *

################################
# FINAL DENY EMAIL BEGINS HERE #
################################

# default at end of acl causes a "deny", but line below will give
# an explicit error message:
deny message = relay not permitted

# ACL that is used after the DATA command
check_message:

deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *
deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com:pif:prf:scr:vbs
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
deny condition = ${if def:acl_c0{${if exists{/etc/virtual/.smtp_deny/$acl_c0} {yes}}}}
message = User $acl_c0 is not allowed to use SMTP
accept

deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *
deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com:pif:prf:scr:vbs
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus

# accept without checking if in skip_av_domains
accept condition =${if and {{def:acl_m0}{def:acl_m0}} {true}{false}}

deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}

deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *

deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com:pif:prf:scr:vbs

warn message = X-Antivirus-Scanner: Seems clean. You should still use an Antivirus Scanner
accept

######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################

begin authenticators

plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = "${perl{smtpauth}}"
server_set_id = $2

login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${perl{smtpauth}}"
server_set_id = $1


######################################################################
# REWRITE CONFIGURATION #
######################################################################

# There are no rewriting specifications in this exim.conf file

######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################

begin routers

# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.

# This router routes to remote hosts over SMTP using a DNS lookup. Any domain
# that resolves to an IP address on the loopback interface (127.0.0.0/8) is
# treated as if it had no DNS entry.

lookuphost:
driver = dnslookup
domains = ! +local_domains
ignore_target_hosts = 127.0.0.0/8
condition = "${perl{check_limits}}"
transport = remote_smtp
no_more

# This router routes to remote hosts over SMTP by explicit IP address,
# when an email address is given in "domain literal" form, for example,
# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
# little-known these days, and has been exploited by evil people seeking
# to abuse SMTP relays. Consequently it is commented out in the default
# configuration. If you uncomment this router, you also need to
# uncomment "include_domain_literals" above, so that Exim can recognize
# the syntax of domain literal addresses.

# domain_literal:
# driver = ipliteral
# transport = remote_smtp

######################################################################
# DIRECTORS CONFIGURATION #
# Specifies how local addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A local address is passed to each in turn until it is accepted. #
######################################################################

# Local addresses are those with a domain that matches some item in the
# "local_domains" setting above, or those which are passed back from the
# routers because of a "self=local" setting (not used in this configuration).

# Spam Assassin
spamcheck_director:
driver = accept
condition = "${if and { \
{!def:h_X-Spam-Flag:} \
{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} \
{exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
} {1}{0}}"
retry_use_local_part
transport = spamcheck
no_verify

majordomo_aliases:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/${domain}/majordomo/list.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/list.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
no_rewrite
user = majordomo

majordomo_private:
driver = redirect
allow_defer
allow_fail
#condition = "${if eq {$received_protocol} {local} {true} {false} }"
condition = "${if or { {eq {$received_protocol} {local}} \
{eq {$received_protocol} {spam-scanned}} } {true} {false} }"
data = ${if exists{/etc/virtual/${domain}/majordomo/private.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/private.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
user = majordomo

domain_filter:
driver = redirect
allow_filter
no_check_local_user
condition = "${if exists{/etc/virtual/${domain}/filter}{yes}{no}}"
user = "mail"
file = /etc/virtual/${domain}/filter
directory_transport = address_file
pipe_transport = virtual_address_pipe
retry_use_local_part
no_verify

uservacation:
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/vacation.conf}{yes}{no}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
transport = uservacation
unseen

userautoreply:
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/autoresponder.conf}{yes}{no}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
transport = userautoreply
unseen

virtual_aliases_nostar:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
unseen
#include_domain = true

virtual_user:
driver = accept
condition = ${perl{save_virtual_user}}
domains = lsearch;/etc/virtual/domainowners
group = mail
retry_use_local_part
transport = virtual_localdelivery

# accept it only if local_part is not in the aliases file
# otherwise known as thet catch-all
virtual_aliases:
driver = redirect
allow_defer
allow_fail
condition = ${if eq {}{${if exists{/etc/virtual/${domain}/aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}}}}}{yes}{no}}
data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch*{/etc/virtual/$domain/aliases}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
#include_domain = true

# if we have an alias, but no passwd entry we have to drop the email because the
# first alias is unseen (so that you can forward as well as save it)
# The save part is "seen" (virtual_user), but the forward before it isn't. This
# will be the spot where we "see" the email so that it doesn't send a bounce if
# we have an alias but no pop.
drop_solo_alias:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch{/etc/virtual/$domain/aliases}}}}
file_transport = devnull
group = mail
#pipe_transport = virtual_address_pipe
pipe_transport = devnull
retry_use_local_part
#include_domain = true

# This director handles forwarding using traditional .forward files.
# If you want it also to allow mail filtering when a forward file
# starts with the string "# Exim filter", uncomment the "filter" option.
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A. The three transports specified at the
# end are those that are used when forwarding generates a direct delivery
# to a file, or to a pipe, or sets up an auto-reply, respectively.

userforward:
driver = redirect
allow_filter
check_ancestor
check_local_user
no_expn
file = $home/.forward
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
no_verify

system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim

localuser:
driver = accept
check_local_user
condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}"
transport = local_delivery

# This director matches local user mailboxes.

######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################

# A transport is used only when referenced from a director or a router that
# successfully handles an address.


# Spam Assassin
begin transports

spamcheck:
driver = pipe
batch_max = 100
command = /usr/sbin/exim -oMr spam-scanned -bS
current_directory = "/tmp"
group = mail
home_directory = "/tmp"
log_output
message_prefix =
message_suffix =
return_fail_output
no_return_path_add
transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}
use_bsmtp
user = mail
# must use a privileged user to set $received_protocol on the way back in!


#majordomo
majordomo_pipe:
driver = pipe
group = daemon
return_fail_output
user = majordomo

# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# local user, and requires the sticky bit to be set on the /var/mail directory.
# Some systems use the alternative approach of running mail deliveries under a
# particular group instead of using the sticky bit. The commented options below
# show how this can be done.

local_delivery:
driver = appendfile
delivery_date_add
envelope_to_add
directory = /home/$local_part/Maildir/
directory_mode = 770
create_directory = true
maildir_format
group = mail
mode = 0660
return_path_add
user = ${local_part}

## for delivering virtual domains to their own mail spool

virtual_localdelivery:
driver = appendfile
create_directory
delivery_date_add
directory_mode = 770
envelope_to_add
directory = /home/${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}/imap/${domain}/${local_part}/Maildir
maildir_format
group = mail
mode = 660
return_path_add
user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}"
quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}}

## vacation transport
uservacation:
driver = autoreply
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {I am on vacation}}"
text = "\
------ ------\n\n\
This message was automatically generated by email software\n\
The delivery of your message has not been affected.\n\n\
------ ------\n\n"
to = "${sender_address}"
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once

userautoreply:
driver = autoreply
bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}}
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}"
to = "${sender_address}"
user = mail
#once = /etc/virtual/${domain}/reply/${local_part}.once

devnull:
driver = appendfile
file = /dev/null

# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp

# This transport is used for handling pipe deliveries generated by alias
# or .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe in the directors
# section below.

address_pipe:
driver = pipe
return_output

virtual_address_pipe:
driver = pipe
group = nobody
return_output
user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"

# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

# This transport is used for handling autoreplies generated by the filtering
# option of the forwardfile director.

address_reply:
driver = autoreply

######################################################################
# RETRY CONFIGURATION #
######################################################################

# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 8 hours until 4 days have passed since the first
# failed delivery.

# Domain Error Retries
# ------ ----- -------


begin retry

* * F,2h,15m; G,16h,1h,1.5; F,4d,8h


# End of Exim 4 configuration

nobaloney
01-14-2008, 12:44 PM
Look for this section:

######################
# FORGED MAIL CHECKS #
# host name based ! #
######################
and remove the ones that you don't want, or comment out the lines.

Personally we've removed all except PayPal.

Jeff

SajtXL
01-14-2008, 12:45 PM
This section

######################
# FORGED MAIL CHECKS #
# host name based ! #
######################

deny message = Forged Yahoo mail..........
All "Forget"

Dauser2007
01-14-2008, 12:50 PM
mean's remove :

deny message = Forged Yahoo mail, not sent from your account.
senders = *@yahoo.com
condition = ${if match {$sender_host_name}{\Nyahoo.com$\N}{no}{yes}}

something like those yet?

thanks

nobaloney
01-14-2008, 12:52 PM
Yes, comment out all three lines.

Jeff

Dauser2007
01-14-2008, 01:07 PM
But the logs look like some one try to send the email out by my Server !this is the problems!

BR.,

Dauser2007
01-14-2008, 01:22 PM
I have just forllow jlasman way , but when i read the logs which is there is same problem;


2008-01-15 05:10:50 H=122-116-17-133.hinet-ip.hinet.net (202.104.148.130) [122.116.17.133] F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: authentication required
2008-01-15 05:12:25 H=(210.22.15.179) [121.35.254.3] F=<ck-anny@yahoo.com.tw> rejected RCPT <fame@ms27.hinet.net>: authentication required
2008-01-15 05:12:26 H=(210.22.15.179) [121.35.254.3] F=<ck-anny@yahoo.com.tw> rejected RCPT <fame@ms28.hinet.net>: authentication required
2008-01-15 05:12:27 H=(210.22.15.179) [121.35.254.3] F=<ck-anny@yahoo.com.tw> rejected RCPT <fame@ms29.hinet.net>: authentication required
2008-01-15 05:12:28 H=(210.22.15.179) [121.35.254.3] F=<ck-anny@yahoo.com.tw> rejected RCPT <fame@ms33.hinet.net>: authentication required
2008-01-15 05:12:29 H=(210.22.15.179) [121.35.254.3] F=<ck-anny@yahoo.com.tw> rejected RCPT <fame@ms34.hinet.net>: authentication required
2008-01-15 05:12:30 H=(210.22.15.179) [121.35.254.3] F=<ck-anny@yahoo.com.tw> rejected RCPT <fame@ms35.hinet.net>: authentication required
2008-01-15 05:12:32 H=(210.22.15.179) [121.35.254.3] F=<ck-anny@yahoo.com.tw> rejected RCPT <fame@ms36.hinet.net>: authentication required
2008-01-15 05:12:34 H=(210.22.15.179) [121.35.254.3] F=<ys-sm@umail.hinet.net> rejected RCPT <fame@ms37.hinet.net>: authentication required
2008-01-15 05:12:35 H=(210.22.15.179) [121.35.254.3] F=<ys-sm@umail.hinet.net> rejected RCPT <fame@ms38.hinet.net>: authentication required
2008-01-15 05:12:36 H=(210.22.15.179) [121.35.254.3] F=<ys-sm@umail.hinet.net> rejected RCPT <fame@ms39.hinet.net>: authentication required
2008-01-15 05:12:37 H=(210.22.15.179) [121.35.254.3] F=<ys-sm@umail.hinet.net> rejected RCPT <fame@ms41.hinet.net>: authentication required
2008-01-15 05:12:38 H=(210.22.15.179) [121.35.254.3] F=<ys-sm@umail.hinet.net> rejected RCPT <fame@ms45.hinet.net>: authentication required
2008-01-15 05:12:41 H=(210.22.15.179) [121.35.254.3] F=<ken_daisy@gmail.com> rejected RCPT <fame@ms48.hinet.net>: authentication required
2008-01-15 05:12:42 H=(210.22.15.179) [121.35.254.3] F=<ken_daisy@gmail.com> rejected RCPT <fame@ms51.hinet.net>: authentication required
2008-01-15 05:12:42 H=(210.22.15.179) [121.35.254.3] F=<ken_daisy@gmail.com> rejected RCPT <fame@ms53.hinet.net>: authentication required
2008-01-15 05:12:43 H=(210.22.15.179) [121.35.254.3] F=<ken_daisy@gmail.com> rejected RCPT <fame@ms58.hinet.net>: authentication required
2008-01-15 05:12:44 H=(210.22.15.179) [121.35.254.3] F=<ken_daisy@gmail.com> rejected RCPT <fame@ms59.hinet.net>: authentication required
2008-01-15 05:15:07 1JEWeA-0000sC-PU H=(mx106.mail.alipay.com) [121.35.254.3] F=<service@mail.alipay.com> temporarily rejected after DATA

nobaloney
01-15-2008, 08:55 PM
I have just forllow jlasman way , but when i read the logs which is there is same problem;
This looks like a different issue. Let's look at the first entry:

2008-01-15 05:10:50 H=122-116-17-133.hinet-ip.hinet.net (202.104.148.130) [122.116.17.133] F=<rurdhd@hotmail.com> rejected RCPT <toxxx@mail2000.com.tw>: authentication required
Are you hotmail? No? Are you mail2000.com.tw? I don't know, but I don't think so, because neither of them has any of the signatures of a DirectAdmin machine.

So then, it appears that spammers are trying to use your machine as an open really, and these line entries are in your log are simply proof that your server won't let them do it. I guess my SpamBlocker implementation of the exim.conf file works afterall ;).

Jeff

Dauser2007
01-15-2008, 09:18 PM
Anyway dunno why become so many required!

At last , i have to ban those kindly IP then erverything right now going to normal! anyway thanks so much !