youds
Verified User
Hi all,
Not very often I post as I find the forums are quite useful for informative information already but this one I can't seem to get a handle of.
Basically, its a fresh(ish) server and it can't run exim. At first it couldn't run Dovecot but a simple ./build dovecot fixed that. Here's what I have done so far:
As you can see, I'm. having no luck on this at all! I have a list of posts I've read here:
https://forum.directadmin.com/showthread.php?t=23931
https://help.directadmin.com/item.php?id=576
https://forum.directadmin.com/showthread.php?t=49097
https://forum.directadmin.com/showthread.php?t=21651
https://forum.directadmin.com/showthread.php?t=23931
Nut no luck. One has the same problem but the fix wasn't for me.
Here's the exit mainlog:
and exim.conf:
If you can help please do so.
Not very often I post as I find the forums are quite useful for informative information already but this one I can't seem to get a handle of.
Basically, its a fresh(ish) server and it can't run exim. At first it couldn't run Dovecot but a simple ./build dovecot fixed that. Here's what I have done so far:
Code:
/usr/bin/ld: cannot find -lsrs_alt
collect2: error: ld returned 1 exit status
make[1]: *** [exim] Error 1
make[1]: Leaving directory `/usr/local/directadmin/custombuild/exim-4.92.3/build-Linux-x86_64'
make: *** [all] Error 2
Code:
- $ service dovecot status
- $ ./build exim d
- $ cd ../scripts
- $ cd /usr/local/directadmin/scripts
- $ ./exim.sh
- $ cd /usr/local/directadmin/custombuild
- $ ./build update
- $ ./build set exim yes
- $ ./build set eximconf yes
- $ ./build set eximconf_release 4.5
- $ ./build set spamassassin yes
- $ ./build update
- $ ./build exim
- $ ./build exim_conf
- $ ./build exim
- $ yum install gdbm-devel
- $ yum install lgdbm
- $ yum install lgdbmyum search gdbm
- $ yum search gdbm
- $ yum install gdbm*
- $ cd /usr/local/directadmin/custombuild
- $ ./build update
- $ ./build set eximconf yes
- $ ./build set eximconf_release 4.5
- $ ./build set blockcracking yes
- $ ./build set easy_spam_fighter yes
- $ ./build set spamd spamassassin
- $ ./build set exim yes
- $ ./build exim
- $ ./build set dovecot_conf yes
- $ ./build dovecot_conf
- $ yum search lspf
- $ yum search spf
- $ yum install libspf*
- $ yum install libspf2
- $ yum install libspf2-devel
- $ ./build exim
- $ locate _alt
- $ yum search srs_alt
- $ yum search ld
- $ yum install lldb
- $ ./build exim
- $ yum install db4-devel cyrus-sasl-devel perl-ExtUtils-Embed
- $ cd /usr/local/directadmin/custombuild
- $ ./build update
- $ ./build set exim yes
- $ ./build exim
- $ yum -y install libtool-libs
- $ ./build exim
- $ ./build libtool ./build libtool
- $ ./build libtool
- $ ./build eximAs you can see, I'm. having no luck on this at all! I have a list of posts I've read here:
https://forum.directadmin.com/showthread.php?t=23931
https://help.directadmin.com/item.php?id=576
https://forum.directadmin.com/showthread.php?t=49097
https://forum.directadmin.com/showthread.php?t=21651
https://forum.directadmin.com/showthread.php?t=23931
Nut no luck. One has the same problem but the fix wasn't for me.
Here's the exit mainlog:
Code:
mainlog paniclog rejectlog
********HIDDEN********
********HIDDEN********
2019-10-28 09:18:58 unexpected disconnection while reading SMTP command from ([********HIDDEN********] D=1s
2019-10-28 09:19:11 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=test10)
2019-10-28 09:19:24 ReverseDNS: No reverse DNS for mailserver at 41.202.207.128, +100 Spam score
********HIDDEN********
********HIDDEN********
2019-10-28 09:19:24 unexpected disconnection while reading SMTP command from ([********HIDDEN********] D=1s
2019-10-28 09:19:35 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=email)
2019-10-28 09:19:48 ReverseDNS: No reverse DNS for mailserver at 154.72.163.105, +100 Spam score
********HIDDEN********
********HIDDEN********
2019-10-28 09:19:49 unexpected disconnection while reading SMTP command from ([********HIDDEN********] D=1s
2019-10-28 09:20:28 ReverseDNS: No reverse DNS for mailserver at 41.202.207.128, +100 Spam score
********HIDDEN********
********HIDDEN********
2019-10-28 09:20:28 unexpected disconnection while reading SMTP command from ([********HIDDEN********] D=1s
2019-10-28 09:21:15 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=frank)
2019-10-28 09:22:06 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=newsletter)
2019-10-28 09:23:49 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=bank)
2019-10-28 09:25:41 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=webmail)
2019-10-28 09:26:38 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=jordan)
2019-10-28 09:26:58 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=test01)
2019-10-28 09:28:41 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=jones)
********HIDDEN********
2019-10-28 09:32:22 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
********HIDDEN********
2019-10-28 09:32:22 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0Rq-0002hM-R4
2019-10-28 09:32:22 1iP0Rq-0002hM-R4 User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
2019-10-28 09:32:22 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
********HIDDEN********
2019-10-28 09:32:22 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0Rq-0002hP-TL
2019-10-28 09:32:22 1iP0Rq-0002hP-TL User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
2019-10-28 09:32:22 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
********HIDDEN********
2019-10-28 09:32:23 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
2019-10-28 09:32:23 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0Rq-0002hT-VM
2019-10-28 09:32:23 1iP0Rq-0002hT-VM User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
********HIDDEN********
2019-10-28 09:32:23 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0Rr-0002hX-10
2019-10-28 09:32:23 1iP0Rr-0002hX-10 User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
2019-10-28 09:32:23 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
********HIDDEN********
2019-10-28 09:32:23 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0Rr-0002hb-3U
2019-10-28 09:32:23 1iP0Rr-0002hb-3U User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
2019-10-28 09:33:15 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=apache)
2019-10-28 09:33:54 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=password)
********HIDDEN********
********HIDDEN********
2019-10-28 09:35:16 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=compaq)
2019-10-28 09:39:08 TLS error on connection from [********HIDDEN********] (SSL_accept): error:00000000:lib(0):func(0):reason(0)
2019-10-28 09:39:26 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=copier)
2019-10-28 09:40:18 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=postfix)
2019-10-28 09:40:26 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=acer)
********HIDDEN********
2019-10-28 09:42:57 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=admin1)
2019-10-28 09:43:49 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=black)
2019-10-28 09:46:40 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=access)
2019-10-28 09:49:13 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=andrew)
********HIDDEN********
2019-10-28 09:51:21 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0kB-0002qk-4d
********HIDDEN********
2019-10-28 09:51:22 1iP0kB-0002qk-4d Completed
2019-10-28 09:51:25 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
********HIDDEN********
2019-10-28 09:51:25 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0kH-0002r6-Lp
2019-10-28 09:51:25 1iP0kH-0002r6-Lp User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
2019-10-28 09:52:19 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=charlie)
2019-10-28 09:52:30 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=webtest)
2019-10-28 09:53:05 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=reception)
2019-10-28 09:53:35 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=maryland)
2019-10-28 09:53:45 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=asdf)
2019-10-28 09:53:50 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=alex)
2019-10-28 09:53:58 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=summer)
2019-10-28 09:55:41 ReverseDNS: No reverse DNS for mailserver at 37.17.178.74, +100 Spam score
********HIDDEN********
********HIDDEN********
2019-10-28 09:55:41 unexpected disconnection while reading SMTP command from ([********HIDDEN********] D=1s
2019-10-28 09:56:24 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=root)
2019-10-28 09:56:26 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=webmaster)
2019-10-28 09:58:31 cwd=/etc/csf 4 args: /usr/sbin/sendmail -f root -t
********HIDDEN********
2019-10-28 09:58:31 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1iP0r9-0002vT-Rv
2019-10-28 09:58:31 1iP0r9-0002vT-Rv User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
2019-10-28 10:00:01 cwd=/root 9 args: /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t -f root
2019-10-28 10:00:01 cwd=/root 9 args: /usr/sbin/sendmail -FCronDaemon -i -odi -oem -oi -t -f root
********HIDDEN********
2019-10-28 10:00:01 cwd=/var/spool/exim 4 args: /usr/sbin/exim -odi -Mc 1iP0sb-0002wv-Ju
2019-10-28 10:00:01 1iP0sb-0002wv-Ju User 0 set for local_delivery transport is on the never_users list
********HIDDEN********
********HIDDEN********
********HIDDEN********
2019-10-28 10:02:04 login authenticator failed for (User) [********HIDDEN********]: 535 Incorrect authentication data (set_id=baseball)
2019-10-28 10:02:05 SMTP connection from smtp-coi-g18-051.aweber.com [********HIDDEN********] closed after SIGTERMand exim.conf:
Code:
# SpamBlockerTechnology* powered exim.conf, Version 4.5.18
# August 15, 2018
# Exim configuration file for DirectAdmin
# Requires exim.pl as distributed by DirectAdmin here:
# http://files.directadmin.com/services/exim.pl version 21 or higher
# ClamAV optional
# SpamAssassin optional
# Dovecot/IMAP Mandatory
# *SpamBlockerTechnology is a Trademark of NoBaloney Internet Services:
# http://www.nobaloney.net
#
# WARNING! Do NOT use this exim.conf Exim configuration file unless you
# make the required modifications to your Exim configuration
# following the instructions in the README file included in this
# distribution:
# README-SpamBlockerVersion4exim.conf.txt
#
# The original exim.conf file distributed with Exim 4, includes the
# following copyright notice:
#
# Copyright (C) 2002 University of Cambridge, Cambridge, UK
#
# Portions of the file are taken from the exim.conf file as
# distributed with DirectAdmin (http://www.directadmin.com/)
#
# Copyright (C) 2003-2011 JBMC Software, St Albert, AB, Canada
#
# Portions of this file are written by NoBaloney Internet Services
# and are copyright as follows:
#
# Copyright (C) 2004-2011 NoBaloney Internet Services, Riverside, Calif., USA
#
# The entire Exim 4 distribution, including the exim.conf file, is
# distributed under the GNU GENERAL PUBLIC LICENSE, Version 2,
# June 1991. If you do not have a copy of the GNU GENERAL PUBLIC LICENSE
# you may download it, in it's entirety, from the website at:
#
# http://www.nobaloney.net/exim/gnu-gpl-v2.txt
#
# Thanks to all the members of the DirectAdmin community and of the exim
# community who have given their # much needed and appreciated help.
#
# The most recent version of this file may always downloaded from the website
# at: http://www.nobaloney.net/downloads/spamblocker
#
# MODIFICATION INSTRUCTIONS
#
# YOU MUST MAKE THE CHANGES TO THIS
# SpamBlockerTechnology* powered exim.conf, Version 4.0
# file as documented in the README file.
#
# The README file for this version is named:
# README-SpamBlockerVersion4exim.conf.txt
# CONFIGURATION STARTS HERE
#EDIT#1:
# primary_hostname =
smtp_active_hostname = ${if exists{/etc/virtual/helo_data}{${lookup{$interface_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}}
#EDIT#2-CLAMAV:
# av_scanner = clamd:/var/run/clamav/clamd
#.include_if_exists /etc/exim.clamav.load.conf
#Block Cracking variables
.include_if_exists /etc/exim.blockcracking/variables.conf
#Easy Spam Figher variables
.include_if_exists /etc/exim.easy_spam_fighter/variables.conf
#SRS
.include_if_exists /etc/exim.srs.conf
#EDIT#3:
# qualify_domain =
#EDIT#4:
perl_startup = do '/etc/exim.pl'
#EDIT#5:
system_filter = /etc/system_filter.exim
#EDIT#6:
untrusted_set_sender = *
#EDIT#7:
#daemon_smtp_ports=25 : 587 : 465 moved to exim.variables.conf
#tls_on_connect_ports = 465 moved to exim.variables.conf
#EDIT#8:
local_from_check = false
RBL_DNS_LIST=\
cbl.abuseat.org : \
bl.spamcop.net : \
b.barracudacentral.org : \
zen.spamhaus.org
.include /etc/exim.variables.conf
.include /etc/exim.strings.conf
.include_if_exists /etc/exim.strings.conf.custom
#EDIT#10:
helo_allow_chars = _
#EDIT#11:
log_selector = \
+delivery_size \
+sender_on_delivery \
+received_recipients \
+received_sender \
+smtp_confirmation \
+subject \
+smtp_incomplete_transaction \
-dnslist_defer \
-host_lookup_failed \
-queue_run \
-rejected_header \
-retry_defer \
-skip_delivery \
+arguments
#EDIT#12:
syslog_duplication = false
#EDIT#13:
acl_not_smtp = acl_script
acl_smtp_auth = acl_check_auth
acl_smtp_connect = acl_connect
acl_smtp_helo = acl_check_helo
acl_smtp_mail = ${if ={$interface_port}{587} {accept} {${if ={$interface_port}{10025} {acl_smtp_mail_proxy}{acl_check_mail}}}}
acl_smtp_mailauth = smtp_mailauth
acl_smtp_rcpt = acl_check_recipient
acl_smtp_dkim = ${if ={$interface_port}{587} {accept}{acl_check_dkim}}
acl_smtp_data = acl_check_message
acl_smtp_mime = acl_check_mime
#EDIT#14:
addresslist whitelist_senders = nwildlsearch;/etc/virtual/whitelist_senders
addresslist blacklist_senders = nwildlsearch;/etc/virtual/blacklist_senders
domainlist blacklist_domains = nwildlsearch;/etc/virtual/blacklist_domains
domainlist whitelist_domains = nwildlsearch;/etc/virtual/whitelist_domains
domainlist local_domains = lsearch;/etc/virtual/domains
domainlist relay_domains = lsearch;/etc/virtual/domains
domainlist use_rbl_domains = lsearch;/etc/virtual/use_rbl_domains
domainlist skip_rbl_domains = nwildlsearch;/etc/virtual/skip_rbl_domains
hostlist skip_rbl_hosts = ${if exists{/etc/virtual/skip_rbl_hosts}{wildlsearch;/etc/virtual/skip_rbl_hosts}}
hostlist skip_rbl_hosts_ip = ${if exists{/etc/virtual/skip_rbl_hosts_ip}{/etc/virtual/skip_rbl_hosts_ip}}
hostlist auth_relay_hosts = *
hostlist bad_sender_hosts = nwildlsearch;/etc/virtual/bad_sender_hosts
hostlist bad_sender_hosts_ip = /etc/virtual/bad_sender_hosts_ip
hostlist whitelist_hosts = nwildlsearch;/etc/virtual/whitelist_hosts
hostlist whitelist_hosts_ip = /etc/virtual/whitelist_hosts_ip
hostlist proxy_hosts_ip = ${if exists{/etc/virtual/proxy_hosts_ip}{/etc/virtual/proxy_hosts_ip}}
BLACKLIST_USERNAMES = /etc/virtual/blacklist_usernames
BLACKLIST_SMTP_USERNAMES = /etc/virtual/blacklist_smtp_usernames
BLACKLIST_SCRIPT_USERNAMES = /etc/virtual/blacklist_script_usernames
#EDIT#15:
#domainlist skip_av_domains = nwildlsearch;/etc/virtual/skip_av_domains
#EDIT#16:
#relay_hosts/pophosts moved to variables.conf
#EDIT#17:
never_users = root
#EDIT#18:
host_lookup = *
#EDIT#19:
rfc1413_hosts = *
rfc1413_query_timeout = 0s
#EDIT#20:
#exim.variables.conf
#EDIT#21:
#exim.variables.conf
#EDIT#22:
#exim.variables.conf
#EDIT#23:
tls_advertise_hosts = *
#auth_over_tls_hosts = *
.include_if_exists /etc/exim.variables.conf.post
##################################################################################
# Access Control Lists
##################################################################################
begin acl
######################################
# ACL CONNECT
######################################
#EDIT#24:
acl_connect:
warn set acl_c_spam_assassin_has_run = 0
warn set acl_m_is_whitelisted = 0
.include_if_exists /etc/exim.easy_spam_fighter/connect.conf
accept hosts = *
######################################
# ACL CHECK MAIL
######################################
acl_check_mail:
accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
#EDIT#31:
accept sender_domains = +whitelist_domains
logwrite = $sender_host_address whitelisted in local domains whitelist
set acl_m_is_whitelisted = 1
accept hosts = +whitelist_hosts
logwrite = $sender_host_address whitelisted in local hosts whitelist
set acl_m_is_whitelisted = 1
accept hosts = +whitelist_hosts_ip
logwrite = $sender_host_address whitelisted in local hosts IP whitelist
set acl_m_is_whitelisted = 1
# accept if envelope sender is in whitelist
accept senders = +whitelist_senders
logwrite = $sender_host_address whitelisted in local sender whitelist
set acl_m_is_whitelisted = 1
.include_if_exists /etc/exim.easy_spam_fighter/check_mail.conf
accept
######################################
# ACL CHECK AUTH
######################################
smtp_mailauth:
accept
hosts = <; 127.0.0.1 ; ::1
condition = ${if eq{$interface_port}{10025}}
log_message = Will accept MAIL AUTH parameter for $authenticated_sender
deny
acl_smtp_mail_proxy:
deny
condition = ${if eq{$interface_port}{10025}}
condition = ${if eq{$authenticated_sender}{}}
message = All connections on port $interface_port need MAIL AUTH sender
######################################
# ACL CHECK AUTH
######################################
#EDIT#24.5#
acl_check_auth:
drop set acl_m_authcount = ${eval10:0$acl_m_authcount+1}
condition = ${if >{$acl_m_authcount}{2}}
delay = 10s
message = ONLY_ONE_AUTH_PER_CONN
accept
######################################
# ACL CHECK HELO
######################################
#EDIT#25:
acl_check_helo:
.include_if_exists /etc/exim.acl_check_helo.pre.conf
# accept mail originating on this server unconditionally
accept hosts = <; @[]; 127.0.0.0/8 ; ::1 ; @
# deny if the HELO pretends to be this host
deny message = HELO_HOST_IMPERSANATION
condition = ${if or { \
{eq{$sender_helo_name}{$smtp_active_hostname}} \
{eq{$sender_helo_name}{[$interface_address]}} \
} {true}{false} }
# deny if the HELO is an IP address
deny message = HELO_IS_IP
condition = ${if eq{$interface_port}{25}}
condition = ${if isip{$sender_helo_name}}
# deny if hostname if ylmf-pc, which accounts for a HUGE percentage of BF attacks
deny message = HELO_BLOCKED_FOR_ABUSE
condition = ${if eq{$sender_helo_name}{ylmf-pc}}
# deny if the HELO pretends to be one of the domains hosted on the server
deny message = HELO_IS_LOCAL_DOMAIN
condition = ${if match_domain{$sender_helo_name}{+local_domains}{true}{false}}
hosts = ! +relay_hosts
.include_if_exists /etc/exim.acl_check_helo.post.conf
accept
######################################
# ACL SCRIPT
######################################
acl_script:
.include_if_exists /etc/exim.acl_script.pre.conf
discard set acl_m_uid = ${perl{find_uid}}
set acl_m_username = ${perl{get_username}{$acl_m_uid}}
condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}}
condition = ${if >{${perl{hit_limit_user}{$acl_m_username}}}{1}}
message = USER_TOO_MANY
discard condition = ${if !eq{$originator_uid}{$exim_uid}}
condition = ${if exists{BLACKLIST_USERNAMES}}
condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}}
message = USER_ON_BLACKLIST_SCRIPT BLACKLIST_USERNAMES
discard condition = ${if !eq{$originator_uid}{$exim_uid}}
condition = ${if exists{BLACKLIST_SCRIPT_USERNAMES}}
condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_SCRIPT_USERNAMES}{1}{0}}
message = USER_ON_BLACKLIST_SCRIPT BLACKLIST_SCRIPT_USERNAMES
.include_if_exists /etc/exim.blockcracking/script.conf
accept
.include_if_exists /etc/exim.blockcracking/script.recipients.conf
######################################
# ACL CHECK RECIPIENT
######################################
#EDIT#26:
acl_check_recipient:
.include_if_exists /etc/exim.acl_check_recipient.pre.conf
# block certain well-known exploits, Deny for local domains if
# local parts begin with a dot or contain @ % ! / |
deny domains = +local_domains
message = Invalid characters in local_part
local_parts = ^[.] : ^.*[@%!|]
# If you've hit the limit, you can't send anymore. Requires exim.pl 17+
drop message = AUTH_TOO_MANY
condition = ${perl{auth_hit_limit_acl}}
authenticated = *
drop message = MULTIPLE_BOUNCE_RECIPIENTS
senders = : postmaster@*
condition = ${if >{$recipients_count}{0}{true}{false}}
drop message = TOO_MANY_FAILED_RECIPIENTS
log_message = REJECTED - Too many failed recipients - count = $rcpt_fail_count
condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
!verify = recipient/callout=2m,defer_ok,use_sender
defer message = DOMAIN_SUSPENDED
domains = +local_domains
condition = ${if exists{/etc/virtual/${domain}_off}{yes}{no}}
drop authenticated = *
condition = ${if exists{BLACKLIST_USERNAMES}}
set acl_m_uid = ${perl{find_uid_auth_id}{$authenticated_id}}
set acl_m_username = ${perl{get_username}{$acl_m_uid}}
condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}}
condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_USERNAMES}{1}{0}}
message = USER_ON_BLACKLIST_SMTP
logwrite = User account $acl_m_username is blocked via BLACKLIST_USERNAMES
drop authenticated = *
condition = ${if exists{BLACKLIST_SMTP_USERNAMES}}
set acl_m_uid = ${perl{find_uid_auth_id}{$authenticated_id}}
set acl_m_username = ${perl{get_username}{$acl_m_uid}}
condition = ${if !eq {$acl_m_uid}{-1}{yes}{no}}
condition = ${lookup{$acl_m_username}lsearch{BLACKLIST_SMTP_USERNAMES}{1}{0}}
message = USER_ON_BLACKLIST_SMTP
logwrite = User account $acl_m_username is blocked via BLACKLIST_SMTP_USERNAMES
.include_if_exists /etc/exim.easy_spam_fighter/check_rcpt.mid.conf
accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
.include_if_exists /etc/exim.acl_check_recipient.mid.conf
#Block Cracking - https://github.com/Exim/exim/wiki/BlockCracking
.include_if_exists /etc/exim.blockcracking/auth.conf
# restrict port 587 to authenticated users only
# see also daemon_smtp_ports above
accept hosts = +auth_relay_hosts
condition = ${if eq {$interface_port}{587} {yes}{no}}
endpass
message = RELAY_NOT_PERMITTED_AUTH
authenticated = *
# Deny all Mailer-Daemon messages not for us:
deny message = We didn't send the message
senders = :
domains = !+relay_domains
!authenticated = *
# Deny if the recipient doesn't exist:
deny message = NO_SUCH_RECIPIENT
domains = +local_domains
!verify = recipient
# Remaining Mailer-Daemon messages must be for us
accept senders = :
domains = +relay_domains
#EDIT#27:
# 1st deny checks if it's a hostname or IPV4 address with dots or IPV6 address
deny message = R1: HELO_SHOULD_BE_FQDN
!authenticated = *
condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
## 2nd deny makes sure the hostname doesn't end with a dot (invalid)
# deny message = R2: HELO_SHOULD_BE_FQDN
# !authenticated = *
# condition = ${if match{$sender_helo_name}{\N\.$\N}}
# 3rd deny makes sure the hostname has no double-dots (invalid)
deny message = R3: HELO_SHOULD_BE_FQDN
!authenticated = *
condition = ${if match{$sender_helo_name}{\N\.\.\N}}
## 4th deny make sure the hostname doesn't end in .home (invalid domain)
# deny message = R4: HELO_SHOULD_BE_FQDN
# !authenticated = *
# condition = ${if match{$sender_helo_name}{\N\.home$\N}}
#EDIT#28:
# warn domains = +skip_av_domains
# set acl_m0 = $tod_epoch
#EDIT#29:
deny domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
#EDIT#30:
accept hosts = :
logwrite = Whitelisted as having local origination
#EDIT#32:
deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_SENDER
domains = +use_rbl_domains
domains = !+skip_rbl_domains
hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
senders = +blacklist_senders
#EDIT#33:
deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_HOST
# only for domains that do want to be tested against RBLs
domains = +use_rbl_domains
domains = !+skip_rbl_domains
hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
hosts = +bad_sender_hosts
#EDIT#34:
deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_IP
hosts = +bad_sender_hosts_ip
#EDIT#35:
accept domains = +local_domains
sender_domains = !+blacklist_domains
hosts = !+bad_sender_hosts
hosts = !+bad_sender_hosts_ip
dnslists = list.dnswl.org&0.0.0.2
dnslists = list.dnswl.org!=127.0.0.255
logwrite = $sender_host_address whitelisted in list.dnswl.org
#EDIT#36:
# accept domains = +local_domains
# dnslists = hostkarma.junkemailfilter.com=127.0.0.1
# logwrite = $sender_host_address whitelisted in hostkarma.junkemailfilter.com
#EDIT#37:
# accept local_parts = whitelist
# domains = example.com
#EDIT#38:
require verify = sender
#EDIT#39:
deny message = 554 denied. 5.7.1 BLOCKED_DUE_TO_SPAM_DOMAIN
domains = +use_rbl_domains
domains = !+skip_rbl_domains
hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
sender_domains = +blacklist_domains
#EDIT#40:
# deny message = 554 denied. 5.7.1 Forged Paypal Mail, not sent from PayPal.
# senders = *@paypal.com
# condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}}
#EDIT#41:
warn hosts = +skip_rbl_hosts
logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts
warn hosts = +skip_rbl_hosts_ip
logwrite = $sender_host_address RBL whitelisted in skip_rbl_hosts_ip
warn domains = +skip_rbl_domains
logwrite = $sender_host_address RBL whitelisted $domain in skip_rbl_domains
deny message = RBL_BLOCKED_BY_LIST
hosts = !+relay_hosts
domains = +use_rbl_domains
domains = !+skip_rbl_domains
hosts = !+skip_rbl_hosts : !+skip_rbl_hosts_ip
!authenticated = *
dnslists = RBL_DNS_LIST
.include_if_exists /etc/exim.easy_spam_fighter/check_rcpt.conf
.include_if_exists /etc/exim.greylist.conf
#COMMENT#43:
# ACCEPT EMAIL BEGINNING HERE
# accept if address is in a local domain as long as recipient can be verified
accept domains = +local_domains
endpass
message = UNKNOWN_USER
verify = recipient
#COMMENT#44
# accept if address is in a domain for which we relay as long as recipient
# can be verified
accept domains = +relay_domains
endpass
verify = recipient
#EDIT#45:
accept hosts = +relay_hosts
add_header = X-Relay-Host: $sender_host_address
accept hosts = +auth_relay_hosts
endpass
message = AUTH_REQUIRED
authenticated = *
.include_if_exists /etc/exim.acl_check_recipient.post.conf
# FINAL DENY EMAIL BEFORE DATA BEGINS HERE
# default at end of acl causes a "deny", but line below will give
# an explicit error message:
deny message = RELAY_NOT_PERMITTED
######################################
# ACL CHECK DKIM
######################################
acl_check_dkim:
accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
.include_if_exists /etc/exim.easy_spam_fighter/check_dkim.conf
accept
######################################
# ACL CHECK MESSAGE
######################################
# ACL that is used after the DATA command (ClamAV)
acl_check_message:
warn
set acl_c_spam_assassin_has_run = 0
.include_if_exists /etc/exim.acl_check_message.pre.conf
#EDIT#46.1#T9653
warn condition = ${if !def:h_Message-ID: {yes}{no}}
message = Adding Message-ID header because it is missing!
add_header = Message-ID: <GENERATED-WASMISSING-$message_exim_id@$primary_hostname>
accept condition = ${if eq{$acl_m_is_whitelisted}{1}{1}{0}}
.include_if_exists /etc/exim.easy_spam_fighter/check_message.conf
#EDIT#46:
#.include_if_exists /etc/exim.clamav.conf
.include_if_exists /etc/exim.acl_check_message.post.conf
accept
######################################
# ACL that is used for each MIME attachment in the email.
acl_check_mime:
.include_if_exists /etc/exim.check_mime.conf.custom
.include_if_exists /etc/exim.easy_spam_fighter/check_mime.conf
accept
##################################################################################
# AUTHENTICATION CONFIGURATION
##################################################################################
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = "${perl{smtpauth}{0}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${perl{smtpauth}{0}}"
server_set_id = $1
#EDIT#47:
# REWRITE CONFIGURATION
# There is no rewriting specification in this exim.conf file. If your
# configuration requires one, it would go here
.include_if_exists /etc/exim.authenticators.post.conf
##################################################################################
# ROUTERS CONFIGURATION
##################################################################################
begin routers
#EDIT#48:
.include_if_exists /etc/exim.routers.pre.conf
lookuphost:
driver = dnslookup
domains = ! +local_domains
ignore_target_hosts = 127.0.0.0/8
condition = "${perl{check_limits}}"
transport = remote_smtp
no_more
# RELATED: http://help.directadmin.com/item.php?id=153
# smart_route:
# driver = manualroute
# domains = ! +local_domains
# ignore_target_hosts = 127.0.0.0/8
# condition = "${perl{check_limits}}"
# route_list = !+local_domains HOSTNAME-or-IP#
# transport = remote_smtp
#COMMENT#49:
#DIRECTORS CONFIGURATION
.include_if_exists /etc/exim.spamassassin.conf
#EDIT#50:
# Spam Assassin
#spamcheck_director removed. Use the exim.spamassassin.conf
majordomo_aliases:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/${domain}/majordomo/list.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/list.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
no_rewrite
user = majordomo
majordomo_private:
driver = redirect
allow_defer
allow_fail
#condition = "${if eq {$received_protocol} {local} {true} {false} }"
condition = "${if or { {eq {$received_protocol} {local}} \
{eq {$received_protocol} {spam-scanned}} } {true} {false} }"
data = ${if exists{/etc/virtual/${domain}/majordomo/private.aliases}{${lookup{$local_part}lsearch{/etc/virtual/${domain}/majordomo/private.aliases}}}}
domains = lsearch;/etc/virtual/domainowners
file_transport = address_file
group = daemon
pipe_transport = majordomo_pipe
retry_use_local_part
user = majordomo
domain_filter:
driver = redirect
allow_filter
no_check_local_user
condition = "${if exists{/etc/virtual/${domain}/filter}{yes}{no}}"
user = "${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}"
group = "mail"
file = /etc/virtual/${domain}/filter
directory_transport = address_file
pipe_transport = virtual_address_pipe
retry_use_local_part
no_verify
uservacation:
# uservacation reply to all except errors, bounces, lists
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/vacation.conf}{yes}{no}}
condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
# do not reply to errors and bounces or lists
senders = " ! ^.*-request@.*:\
! ^owner-.*@.*:\
! ^postmaster@.*:\
! ^listmaster@.*:\
! ^mailer-daemon@.*\
! ^root@.*"
transport = uservacation
unseen
userautoreply:
driver = accept
condition = ${lookup{$local_part} lsearch {/etc/virtual/${domain}/autoresponder.conf}{yes}{no}}
condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}}
require_files = /etc/virtual/${domain}/reply/${local_part}.msg
# do not reply to errors and bounces or lists
senders = " ! ^.*-request@.*:\
! ^owner-.*@.*:\
! ^postmaster@.*:\
! ^listmaster@.*:\
! ^mailer-daemon@.*\
! ^root@.*"
transport = userautoreply
unseen
#any callbacks doing sender verify checks to this server accept SRS0 encoded emails if they exist, else the verify will fail.
#until we figure out how to extract the original forwarder name in exim, we'll accept and drop all SRS0 encoded emails.
#the srs_recipient is the original remote sender, so we dont want to forwarder there, else it will generated untraced backscatter (no data=srs_recipient)
#I had found srs_orig_recipient variable, but wasn't able to use it to check for local fordwarders.
#so any email to [email protected] will be accepted and dropped into the :blackhole:, which should be sufficient to satisfy the sender verify, and prevent any spam since it's always dropped.
#if the final recipient hits "reply", it should already go to the orignal remote sender, not to the SRS name.
srs_router:
driver = redirect
condition = ${if exists{/etc/exim.srs.forward.conf}}
srs = reverse
data = :blackhole:
domains = +local_domains
#forwarder exists
#user exists
virtual_user_unseen:
driver = accept
condition = ${if exists{/etc/virtual/${domain}/passwd}{1}{0}}
condition = ${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}{1}{0}}
condition = ${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}{${if eq{$value}{$local_part}{0}{1}}}{0}}
condition = ${perl{save_virtual_user}}
domains = lsearch;/etc/virtual/domainowners
group = mail
.include_if_exists /etc/exim/local_part_suffix.conf
retry_use_local_part
transport = dovecot_lmtp_udp
unseen
#forwarder exists
#user does not exist
virtual_aliases_nouser_nostar:
driver = redirect
.include_if_exists /etc/exim.srs.forward.conf
allow_defer
allow_fail
condition = ${if exists{/etc/virtual/${domain}/passwd}{1}{0}}
condition = ${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}{1}{0}}
condition = ${lookup{$local_part}lsearch{/etc/virtual/${domain}/passwd}{0}{1}}
data = ${lookup{$local_part}lsearch{/etc/virtual/$domain/aliases}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
.include_if_exists /etc/exim/local_part_suffix.conf
#forwarder does not exist
#user exists
virtual_user:
driver = accept
condition = ${if exists{/etc/virtual/${domain}/passwd}{1}{0}}
condition = ${lookup{$local_part}lsearch{/etc/virtual/${domain}/aliases}{0}{1}}
condition = ${perl{save_virtual_user}}
domains = lsearch;/etc/virtual/domainowners
group = mail
retry_use_local_part
transport = dovecot_lmtp_udp
.include_if_exists /etc/exim/local_part_suffix.conf
#wildcard forwarder
#user should have already been caught above
virtual_aliases:
#only the wildcard will be used here
driver = redirect
.include_if_exists /etc/exim.srs.forward.conf
allow_defer
allow_fail
data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch*{/etc/virtual/$domain/aliases}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
.include_if_exists /etc/exim/local_part_suffix.conf
#COMMENT#51:
drop_solo_alias:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/virtual/$domain/aliases}{${lookup{$local_part}lsearch{/etc/virtual/$domain/aliases}}}}
file_transport = devnull
group = mail
pipe_transport = devnull
retry_use_local_part
#include_domain = true
.include_if_exists /etc/exim/local_part_suffix.conf
#COMMENT#52:
userforward:
driver = redirect
allow_filter
check_ancestor
check_local_user
no_expn
file = $home/.forward
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
directory_transport = address_directory
no_verify
system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim
localuser:
driver = accept
check_local_user
condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}"
transport = local_delivery
#COMMENT#53:
##################################################################################
# TRANSPORTS CONFIGURATION
##################################################################################
begin transports
.include_if_exists /etc/exim.transports.pre.conf
#COMMENT#54:
spamcheck:
driver = pipe
batch_max = 100
command = /usr/sbin/exim -oMr spam-scanned -bS
current_directory = "/tmp"
group = mail
home_directory = "/tmp"
log_output
message_prefix =
message_suffix =
return_fail_output
no_return_path_add
transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}
use_bsmtp
user = mail
#COMMENT#55:
majordomo_pipe:
driver = pipe
group = daemon
return_fail_output
user = majordomo
#COMMENT#56:
local_delivery:
driver = appendfile
delivery_date_add
envelope_to_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/Maildir/"
directory_mode = 770
create_directory = true
maildir_format
group = mail
mode = 0660
return_path_add
user = ${local_part}
#COMMENT#57:
virtual_localdelivery:
driver = appendfile
create_directory
delivery_date_add
directory_mode = 770
envelope_to_add
directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}}lsearch{/etc/passwd}{$value}}}}/imap/${domain}/${local_part}/Maildir"
maildir_format
group = mail
mode = 660
return_path_add
user = "${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}"
quota = ${if exists{/etc/virtual/${domain}/quota}{${lookup{$local_part}lsearch*{/etc/virtual/${domain}/quota}{$value}{0}}}{0}}
.include_if_exists /etc/exim/virtual_localdelivery.conf.post
#EDIT#58:
uservacation:
driver = autoreply
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}}
subject = ${if def:h_Subject: {\
${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\
{${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\
{Autoreply}\
}: ${quote:${escape:${length_60:$h_Subject:}}}}\
{I am on vacation}}
to = "${reply_address}"
user = mail
once = /etc/virtual/${domain}/reply/${local_part}.once
once_file_size = 100K
once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}}
#COMMENT#59:
userautoreply:
driver = autoreply
bcc = ${lookup{${local_part}} lsearch {/etc/virtual/${domain}/autoresponder.conf}{$value}}
file = /etc/virtual/${domain}/reply/${local_part}.msg
from = "${local_part}@${domain}"
log = /etc/virtual/${domain}/reply/${local_part}.log
no_return_message
headers = ${if exists{/etc/virtual/${domain}/reply/${local_part}.headers}{${readfile{/etc/virtual/${domain}/reply/${local_part}.headers}}}}
subject = ${if def:h_Subject: {\
${if exists{/etc/virtual/${domain}/reply/${local_part}.subject}\
{${readfile{/etc/virtual/${domain}/reply/${local_part}.subject}{}}}\
{Autoreply}\
}: ${quote:${escape:${length_60:$h_Subject:}}}}\
{Autoreply Message}}
to = "${reply_address}"
user = mail
once = /etc/virtual/${domain}/reply/${local_part}.once
once_file_size = 100K
once_repeat = ${if exists{/etc/virtual/${domain}/reply/${local_part}.once_time}{${readfile{/etc/virtual/${domain}/reply/${local_part}.once_time}{}}}{2d}}
#COMMENT#60:
devnull:
driver = appendfile
file = /dev/null
#COMMENT#61:
remote_smtp:
driver = smtp
headers_add = "${if def:authenticated_id{X-Authenticated-Id: ${authenticated_id}}}"
interface = <; ${if exists{/etc/virtual/domainips}{${lookup{$sender_address_domain}lsearch*{/etc/virtual/domainips}}}}
helo_data = ${if exists{/etc/virtual/helo_data}{${lookup{$sending_ip_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}}
hosts_try_chunking =
.include_if_exists /etc/exim.dkim.conf
#EDIT#62:
address_pipe:
driver = pipe
return_output
virtual_address_pipe:
driver = pipe
group = nobody
return_output
user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"
.include_if_exists /etc/exim.cagefs.pipe.conf
#COMMENT#63:
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
#COMMENT#64:
address_reply:
driver = autoreply
dovecot_lmtp_udp:
driver = lmtp
socket = /var/run/dovecot/lmtp
#maximum number of deliveries per batch, default 1
batch_max = 200
delivery_date_add
envelope_to_add
return_path_add
user = mail
address_directory:
driver = appendfile
maildir_format
maildir_use_size_file
delivery_date_add
envelope_to_add
return_path_add
##################################################################################
# RETRY CONFIGURATION
##################################################################################
#EDIT#65:
# Domain Error Retries
# ------ ----- -------
begin retry
* quota
* * F,2h,15m; G,16h,1h,1.5; F,4d,8h
# End of Exim 4 configurationIf you can help please do so.
Last edited: