LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-14-2009, 01:36 PM   #1
mkp
Member
 
Registered: Jul 2008
Posts: 57

Rep: Reputation: 15
Need help with exim.


Hi, i have mail server with exim+spamassassin, some of users start to get message from MAILER-DAEMON or mail delivery subsystem, i think this is a bounce messages. What i need to change in exim to reject them. This is my exim.conf:

Code:
domainlist 
domainlist local_domains = domain.com
relay_to_domains =
hostlist   relay_from_hosts = 127.0.0.1: 192.168.0.0/16
log_file_path = syslog
message_size_limit = 30M
smtp_receive_timeout=5m
smtp_accept_queue = 100
smtp_accept_max = 40
smtp_accept_max_per_host = 5
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
av_scanner = clamd:/var/run/clamav/clamd.sock
spamd_address = /var/run/spamd.sock
#spamd_address = 127.0.0.1 783
never_users = root
#host_lookup =
host_lookup = 0.0.0.0/0
host_lookup_order = byaddr
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 1d
errors_reply_to = postmaster@domain.com
timeout_frozen_after = 3d
timeout_frozen_after = 3d
helo_allow_chars = _
begin acl
acl_check_rcpt:
  accept  hosts = :
  deny    hosts = 

  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  accept  local_parts   = postmaster
          domains       = +local_domains
  require verify        = sender
  accept  domains       = +local_domains
          endpass
          verify        = recipient
  accept  hosts         = +relay_from_hosts
          control       = submission
                  domains               = !+local_domains
  accept  authenticated = *
          control       = submission
  accept  domains       = +relay_to_domains
          endpass
          verify        = recipient
  deny    message       = relay not permitted
acl_check_data:

  deny message = Serious MIME defect detected ($demime_reason)
  demime = *
  deny    message   = This message contains a virus ($malware_name) and has been rejected.
        # skip virus check when message is larger than 1MB
        condition = ${if <{$message_size}{1m}{1}{0}}
        demime = *
        malware = *


#    warn    message = X-SA-Report: $spam_report
#               spam = mail:true
#       condition = ${if >{$spam_score_int}{0}{1}{0}}
#    warn    message = X-SA-Status: Yes
#               spam = mail:true
#       condition = ${if >{$spam_score_int}{40}{1}{0}}
#    deny    message = This message scored $spam_score spam points.
#               spam = mail:true
#       condition = ${if >{$spam_score_int}{120}{1}{0}}



      warn message   = X-Spam_score: $spam_score\n\
                       X-Spam_score_int: $spam_score_int:\n\
                       X-Spam_bar: $spam_bar\n\
                       X-Spam_report: $spam_report
#                      X-Spam_flag: Yes
#                 condition = ${if <{$message_size}{100k}{1}{0}}
                     spam      = mail:true
      deny message = This message was classified as SPAM
                  condition = ${if >{$spam_score_int}{55}}
  accept
begin routers


spamassassin_router:
        driver = accept
        transport = spamassassin
        condition = ${if eq {$received_protocol}{smtp}{}}
#        no_verify
#       no_expn

first_liases:
        driver = redirect
        domains = +local_domains
        data = ${lookup{$local_part@$domain}lsearch{/etc/aliases}}
        user = mail
        file_transport = address_file
        pipe_transport = address_pipe
        allow_fail
        allow_defer


localuser:
        driver = accept
        domains = +local_domains
        check_local_user
        address_data = "spam_score=40 use_spam_folder=1 mark_spam_prio=1"
        transport = local_delivery
        cannot_route_message = Unknown user


dnslookup:
        driver = dnslookup
        domains = ! +local_domains
        transport = remote_smtp
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8

last_fail:
        driver = redirect
        allow_fail
        data = :fail:No such user $local_part at $domain
        no_more
begin transports


# This transport is used for delivering messages over SMTP connections.

remote_smtp:
  driver = smtp

local_delivery:
  driver = appendfile
  user = $local_part
  group = mail
  maildir_format
  delivery_date_add
  envelope_to_add
  return_path_add
  mode = 0660
  headers_remove=${if and{{MARK_SPAM}{or{{IS_SPAM}{IS_LOW_PRIO}}}}{X-MSMail-Priority:X-Priority}{}}
  headers_add  = ${if and{{MARK_SPAM}{IS_SPAM}}{X-MSMail-Priority: Low}{}}
  directory = $home/Maildir${if and{{IS_SPAM}{USE_SPAM_FLDR}}{/.SPAM}{}}
address_pipe:
  driver = pipe
  return_output

address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add

address_reply:
  driver = autoreply



antivirus:
  driver = pipe
  batch_max = 200
  command = /bin/nice -19 /inet/src/scan/ph ${pipe_addresses}
  return_output = false
  return_path_add = false
  user = mail
  group = mail

spamassassin:
  driver = pipe
  use_bsmtp = true
  command = /usr/exim/bin/exim -bS -oMr sa-checked
  transport_filter = /usr/bin/spamc -f
  home_directory = /tmp
  current_directory = /tmp
  user = mail
  group = mail
  log_output = true
begin retry

begin rewrite


begin authenticators

dovecot_plain:
        driver = dovecot
        public_name = LOGIN
        #server_prompts = "Username:: : Password::"
        server_socket = /var/run/dovecot/auth-client

Last edited by mkp; 11-18-2009 at 01:37 AM.
 
Old 11-14-2009, 01:40 PM   #2
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,527

Rep: Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898
Quote:
i think this is a bounce messages.
First figure out what the messages are.
 
Old 11-14-2009, 01:54 PM   #3
mkp
Member
 
Registered: Jul 2008
Posts: 57

Original Poster
Rep: Reputation: 15
1:
Return-path: <>
Envelope-to: ludmil@domain.com
Delivery-date: Fri, 13 Nov 2009 18:29:08 +0200
Received: from nvkbank.ru ([88.147.255.114] helo=mailsrv2.nvk.int)
by mail.domain.com with esmtp (Exim 4.68)
id 1N8z1G-0000Pj-Pz
for ludmil@domain.com; Fri, 13 Nov 2009 18:29:08 +0200
From: postmaster@nvk.int
To: ludmil@domain.com
Date: Fri, 13 Nov 2009 19:27:58 +0300
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="9B095B5ADSN=_01CA639C022DF13600006D5Cmailsrv2.nvk.int"
X-DSNContext: 7ce717b1 - 1391 - 00000002 - C00402D1
Message-ID: <hO06wLJkI000032ce@mailsrv2.nvk.int>
Subject: Delivery Status Notification (Failure)
X-Spam_score: 1.1
X-Spam_score_int: 11:
X-Spam_bar: +
X-Spam_report: Spam detection software, running on the system "mail.domain.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: This is an automatically generated Delivery Status Notification.
Unable to deliver message to the following recipients, due to being unable
to connect successfully to the destination mail server. icepskav_1955@nvkbank.ru
ieawypakbttv@nvkbank.ru ign@nvkbank.ru igor@nvkbank.ru iholimpo@nvkbank.ru
ik@nvkbank.ru ike-8224645@nvkbank.ru ikonorova@nvkbank.ru ilya@nvkbank.ru
[...]
Content analysis details: (1.1 points, 4.0 required)
pts rule name description

2:
Return-path: <>
Envelope-to: ludmil@domain.com
Delivery-date: Sat, 14 Nov 2009 11:00:35 +0200
Received: from ws002.soc-ws.pu.ru ([195.70.218.2] helo=hq.soc.pu.ru)
by mail.domain.com with esmtp (Exim 4.68)
id 1N9EUj-0003s1-9q
for ludmil@domain.com; Sat, 14 Nov 2009 11:00:35 +0200
Received: from localhost (localhost)
by hq.soc.pu.ru (8.13.6/8.13.6) id nADDBkp8094355;
Sat, 14 Nov 2009 11:46:46 +0300 (MSK)
(envelope-from MAILER-DAEMON)
Date: Sat, 14 Nov 2009 11:46:46 +0300 (MSK)
From: Mail Delivery Subsystem <MAILER-DAEMON@hq.soc.pu.ru>
Message-Id: <200911140846.nADDBkp8094355@hq.soc.pu.ru>
To: <ludmil@domain.com>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="nADDBkp8094355.1258188406/hq.soc.pu.ru"
Content-Transfer-Encoding: 8bit
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
X-Spam_score: 3.3
X-Spam_score_int: 33:
X-Spam_bar: +++
X-Spam_report: Spam detection software, running on the system "mail.domain.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.

May be i'm wrong about bounce messages.

Last edited by mkp; 11-14-2009 at 01:56 PM.
 
Old 11-15-2009, 12:20 PM   #4
mkp
Member
 
Registered: Jul 2008
Posts: 57

Original Poster
Rep: Reputation: 15
Anyone?

Last edited by mkp; 11-15-2009 at 12:24 PM.
 
Old 11-15-2009, 10:55 PM   #5
Smartpatrol
Member
 
Registered: Sep 2009
Posts: 196

Rep: Reputation: 38
...

Last edited by Smartpatrol; 03-11-2010 at 09:49 PM.
 
Old 11-16-2009, 12:33 AM   #6
mkp
Member
 
Registered: Jul 2008
Posts: 57

Original Poster
Rep: Reputation: 15
Thanks, i'll try it, i have domainlist local_domains = domain.com , just miss to post it.
 
Old 11-16-2009, 06:40 AM   #7
mkp
Member
 
Registered: Jul 2008
Posts: 57

Original Poster
Rep: Reputation: 15
Smartpatrol,not work. Maybe i miss something. Where i need put domainlist local_domains = domain.com , now it's on top in exim.conf.

Last edited by mkp; 11-16-2009 at 07:59 AM.
 
Old 11-18-2009, 01:37 AM   #8
mkp
Member
 
Registered: Jul 2008
Posts: 57

Original Poster
Rep: Reputation: 15
bump
 
Old 11-20-2009, 10:36 PM   #9
Smartpatrol
Member
 
Registered: Sep 2009
Posts: 196

Rep: Reputation: 38
...

Last edited by Smartpatrol; 03-11-2010 at 09:50 PM.
 
Old 11-23-2009, 12:59 AM   #10
mkp
Member
 
Registered: Jul 2008
Posts: 57

Original Poster
Rep: Reputation: 15
When put this in exim.conf

Code:
deny   condition      = ${if match {$sender_address_domain}\
                          {\N^(localhost|local|localhost\.localdomain|localdomain)$\N}\
                          {yes}{no}}
i recieve error 451 while trying to send message:

The message could not be sent. The authentication setting might not be correct for your outgoing e-mail [SMTP] server. For help solving this problem, go to Help, search for "Troubleshoot Windows Mail", and read the "I'm having problems sending e-mail" section. If you need help determining the proper server settings, please contact your e-mail service provider.

The rejected e-mail address was 'user@domain.com'. Subject 'test', Account: 'mail.domain.com (1)', Server: 'mail.domain.com', Protocol: SMTP, Server Response: '451 Temporary local problem - please try later', Port: 25, Secure(SSL): No, Server Error: 451, Error Number: 0x800CCC79

Is it good idea to change outgoing port from 25 to 587?

My new exim.conf:

Code:
primary_hostname = mail.domain.com
domainlist local_domains = domain.com
domainlist domains_we_reject = *.*.*.ru:*.*.ru:*.ru:*.br:*.in:*.cn:*.rus
domainlist relay_to_domains =
hostlist   relay_from_hosts = 127.0.0.1: 192.168.0.0/16
log_file_path = syslog
message_size_limit = 30M
smtp_receive_timeout=5m
smtp_accept_queue = 100
smtp_accept_max = 40
smtp_accept_max_per_host = 5
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
av_scanner = clamd:/var/run/clamav/clamd.sock
spamd_address = /var/run/spamd.sock
#spamd_address = 127.0.0.1 783
never_users = root
#host_lookup =
host_lookup = 0.0.0.0/0
host_lookup_order = byaddr
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 1d
errors_reply_to = postmaster@domain.com
timeout_frozen_after = 3d
timeout_frozen_after = 3d
helo_try_verify_hosts = !+relay_from_hosts
helo_allow_chars = 
begin acl
acl_check_rcpt:
check_recipient:
# stop bounce from us, lets do it by sender's server
accept domains = +local_domains
endpass
message = unknown user
verify = recipient

  accept  hosts = :
  deny    hosts = 
  deny
          log_message = match in spam list
          dnslists = bl.spamcop.net:sbl.spamhaus.org
  deny    sender_domains = +domains_we_reject
          message = Unknown users
  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  accept  local_parts   = postmaster
          domains       = +local_domains
  require verify        = sender
  accept  domains       = +local_domains
          endpass
          verify        = recipient
  accept  hosts         = +relay_from_hosts
          control       = submission
          domains               = !+local_domains
  accept  authenticated = *
          control       = submission
  accept  domains       = +relay_to_domains
          endpass
          verify        = recipient
  deny    message       = relay not permitted

acl_check_data:

  deny message = Serious MIME defect detected ($demime_reason)
  demime = *
  deny    message   = This message contains a virus ($malware_name) and has been rejected.
        # skip virus check when message is larger than 1MB
        condition = ${if <{$message_size}{1m}{1}{0}}
        demime = *
        malware = *


#    warn    message = X-SA-Report: $spam_report
#               spam = mail:true
#       condition = ${if >{$spam_score_int}{0}{1}{0}}
#    warn    message = X-SA-Status: Yes
#               spam = mail:true
#       condition = ${if >{$spam_score_int}{40}{1}{0}}
#    deny    message = This message scored $spam_score spam points.
#               spam = mail:true
#       condition = ${if >{$spam_score_int}{120}{1}{0}}



      warn message   = X-Spam_score: $spam_score\n\
                       X-Spam_score_int: $spam_score_int:\n\
                       X-Spam_bar: $spam_bar\n\
                       X-Spam_report: $spam_report
#                      X-Spam_flag: Yes
                 condition = ${if <{$message_size}{500k}{1}{0}}
                     spam      = mail:true
      deny message = This message was classified as SPAM
                  condition = ${if >{$spam_score_int}{55}}
  accept
begin routers


spamassassin_router:
        driver = accept
        transport = spamassassin
        condition = ${if eq {$received_protocol}{smtp}{}}
#       no_verify
#       no_expn

first_liases:
        driver = redirect
        domains = +local_domains
        data = ${lookup{$local_part@$domain}lsearch{/etc/aliases}}
        user = mail
        file_transport = address_file
        pipe_transport = address_pipe
        allow_fail
        allow_defer


localuser:
        driver = accept
        domains = +local_domains
        check_local_user
        address_data = "spam_score=40 use_spam_folder=1 mark_spam_prio=1"
        transport = local_delivery
        cannot_route_message = Unknown user


dnslookup:
        driver = dnslookup
        domains = ! +local_domains
        transport = remote_smtp
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
	no_more

last_fail:
        driver = redirect
        allow_fail
        data = :fail:No such user $local_part at $domain
        no_more

begin transports


# This transport is used for delivering messages over SMTP connections.

remote_smtp:
  driver = smtp

local_delivery:
  driver = appendfile
  user = $local_part
  group = mail
  maildir_format
  delivery_date_add
  envelope_to_add
  return_path_add
  mode = 0660
  headers_remove=${if and{{MARK_SPAM}{or{{IS_SPAM}{IS_LOW_PRIO}}}}{X-MSMail-Priority:X-Priority}{}}
  headers_add  = ${if and{{MARK_SPAM}{IS_SPAM}}{X-MSMail-Priority: Low}{}}
  directory = $home/Maildir${if and{{IS_SPAM}{USE_SPAM_FLDR}}{/.SPAM}{}}
address_pipe:
  driver = pipe
  return_output

address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add

address_reply:
  driver = autoreply



antivirus:
  driver = pipe
  batch_max = 200
  command = /bin/nice -19 /inet/src/scan/ph ${pipe_addresses}
  return_output = false
  return_path_add = false
  user = mail
  group = mail

spamassassin:
  driver = pipe
  use_bsmtp = true
  command = /usr/exim/bin/exim -bS -oMr sa-checked
  transport_filter = /usr/bin/spamc -f
  home_directory = /tmp
  current_directory = /tmp
  user = mail
  group = mail
  log_output = true
  return_fail_output = true

begin retry

begin rewrite


begin authenticators

dovecot_plain:
        driver = dovecot
        public_name = LOGIN
        #server_prompts = "Username:: : Password::"
        server_socket = /var/run/dovecot/auth-client

Last edited by mkp; 11-23-2009 at 05:53 AM.
 
Old 11-24-2009, 03:35 PM   #11
Smartpatrol
Member
 
Registered: Sep 2009
Posts: 196

Rep: Reputation: 38
...

Last edited by Smartpatrol; 03-11-2010 at 09:50 PM. Reason: spelling
 
Old 11-25-2009, 12:50 AM   #12
mkp
Member
 
Registered: Jul 2008
Posts: 57

Original Poster
Rep: Reputation: 15
...

Last edited by mkp; 11-25-2009 at 07:22 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
exim question (for exim gurus) graziano1968 Linux - General 6 02-06-2009 03:04 AM
Etch + exim4 + sa-exim: sa-exim is not loading Thalagyrt Debian 0 04-18-2007 10:12 AM
Exim Help!! blakeless Linux - Software 2 03-10-2005 06:46 PM
someone help me with exim KoopaTroopa Linux - Software 2 08-30-2004 05:23 PM
exim is failed !!! error:package exim is not installed apache Linux - Software 0 06-24-2004 05:55 AM


All times are GMT -5. The time now is 02:07 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration