msb/vmail-stack
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

remove ifdef GREYLIST_ENABLED, misc fixes and updates

Browse Source
This commit is contained in:
Matthew Saunders Brown 2022-12-12 08:31:14 -08:00
parent 38fe0ebe2d
commit 0703ab4cc4
2 changed files with 60 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
etc/exim4/exim4.conf
View File

@ -108,7 +108,6 @@ GREYLIST_BOUNCE_LIFETIME = 0 HOUR
GREYLIST_TABLE=vm_greylisting GREYLIST_TABLE=vm_greylisting
GREYLIST_RESENDERS_TABLE=vm_greylisting_resenders GREYLIST_RESENDERS_TABLE=vm_greylisting_resenders
.ifdef GREYLIST_ENABLED
# database macros # database macros
GREYLIST_TEST = SELECT CASE \ GREYLIST_TEST = SELECT CASE \
WHEN now() > block_expires THEN "accepted" \ WHEN now() > block_expires THEN "accepted" \
@ -167,7 +166,7 @@ GREYLIST_OK_BOUNCE = UPDATE GREYLIST_TABLE \
WHERE id = $acl_m9 AND type='AUTO' WHERE id = $acl_m9 AND type='AUTO'
GREYLIST_RESENDERS_UPDATE = REPLACE INTO GREYLIST_RESENDERS_TABLE SET hostname = '${quote_mysql:$acl_m_sender}' GREYLIST_RESENDERS_UPDATE = REPLACE INTO GREYLIST_RESENDERS_TABLE SET hostname = '${quote_mysql:$acl_m_sender}'
.endif
# No deliveries will ever be run under the uids of these users (a colon- # No deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so causes a panic error to be logged, and # separated list). An attempt to do so causes a panic error to be logged, and
# the delivery to be deferred. This is a paranoic safety catch. Note that the # the delivery to be deferred. This is a paranoic safety catch. Note that the
@ -235,7 +234,7 @@ begin acl
# since we use it inside a defer with acl = greylist_acl, # since we use it inside a defer with acl = greylist_acl,
# accepting here makes the condition TRUE thus deferring, # accepting here makes the condition TRUE thus deferring,
# denying here makes the condition FALSE thus not deferring # denying here makes the condition FALSE thus not deferring
.ifdef GREYLIST_ENABLED #
greylist_acl: greylist_acl:
# For regular deliveries, check greylist. # For regular deliveries, check greylist.
@ -278,21 +277,20 @@ greylist_acl:
deny deny
add_header = X-DNS-Greylist: mail from $sender_address to $local_part@$domain accepted by greylisting add_header = X-DNS-Greylist: mail from $sender_address to $local_part@$domain accepted by greylisting
condition = ${lookup mysql{GREYLIST_RESENDERS_UPDATE}} condition = ${lookup mysql{GREYLIST_RESENDERS_UPDATE}}
.endif
# This access control list is used at the start of an incoming # This access control list is used at the start of an incoming
# connection. The tests are run in order until the connection # connection. The tests are run in order until the connection
# is either accepted or denied. # is either accepted or denied.
#
acl_connect: acl_connect:
# In this pass, we do not perform any checks here. # In this pass, we do not perform any checks here.
accept accept
# This access control list is used for the HELO or EHLO command in # This access control list is used for the HELO or EHLO command in
# an incoming SMTP transaction. The tests are run in order until the # an incoming SMTP transaction. The tests are run in order until the
# greeting is either accepted or denied. # greeting is either accepted or denied.
#
acl_helo: acl_helo:
# Early rejection of brute-force bots under the name 'ylmf-pc' # Early rejection of brute-force bots under the name 'ylmf-pc'
@ -306,7 +304,6 @@ acl_helo:
# incoming SMTP transaction. The tests are run in order until the # incoming SMTP transaction. The tests are run in order until the
# sender address is either accepted or denied. # sender address is either accepted or denied.
# #
acl_mail_from: acl_mail_from:
# Accept the command. # Accept the command.
@ -315,7 +312,7 @@ acl_mail_from:
# This access control list is used for every RCPT command in an # This access control list is used for every RCPT command in an
# incoming SMTP message. The tests are run in order until the # incoming SMTP message. The tests are run in order until the
# recipient address is either accepted or denied. # recipient address is either accepted or denied.
#
acl_check_dkim: acl_check_dkim:
###################################################################### ######################################################################
@ -327,14 +324,14 @@ acl_check_dkim:
dkim_status = fail dkim_status = fail
logwrite = DKIM test failed: $dkim_verify_reason logwrite = DKIM test failed: $dkim_verify_reason
add_header = X-DKIM-Status: fail: $dkim_verify_reason add_header = X-DKIM-Status: fail: $dkim_verify_reason
add_header = X-Junk-Flag: YES set acl_m_junk = yes
# DKIM invalid # DKIM invalid
accept accept
dkim_status = invalid dkim_status = invalid
logwrite = DKIM test invalid: $dkim_verify_reason logwrite = DKIM test invalid: $dkim_verify_reason
add_header = X-DKIM-Status: invalid: $dkim_verify_reason add_header = X-DKIM-Status: invalid: $dkim_verify_reason
add_header = X-Junk-Flag: YES set acl_m_junk = yes
# DKIM none # DKIM none
accept accept
@ -364,11 +361,6 @@ acl_rcpt_to:
accept accept
hosts = : +relay_from_hosts hosts = : +relay_from_hosts
# Accept if the message arrived over an authenticated connection,
# from any host. Again, these messages are usually from MUAs, so
# recipient verification is omitted.
#
# Get rate limit for user and log current rate. # Get rate limit for user and log current rate.
# Hourly rate limit is extracted from db, multiplied by 10 to get daily rate limit. # Hourly rate limit is extracted from db, multiplied by 10 to get daily rate limit.
# The idea being that the hourly rate limit should be a maximum, peak rate, not a sustained rate. # The idea being that the hourly rate limit should be a maximum, peak rate, not a sustained rate.
@ -401,20 +393,17 @@ acl_rcpt_to:
accept accept
authenticated = * authenticated = *
###################################################################### ######################################################################
# Hello checks # Hello checks
###################################################################### ######################################################################
# If the remote host greets with an IP address, then reject the mail. # If the remote host greets with an IP address, then reject the mail.
#
deny deny
message = Message was delivered by ratware message = Message was delivered by ratware
log_message = remote host used IP address in HELO/EHLO greeting log_message = remote host used IP address in HELO/EHLO greeting
condition = ${if isip {$sender_helo_name}{true}{false}} condition = ${if isip {$sender_helo_name}{true}{false}}
# Likewise if the peer greets with one of our own names # Likewise if the peer greets with one of our own names
#
deny deny
message = Message was delivered by ratware message = Message was delivered by ratware
log_message = remote host used our name in HELO/EHLO greeting. log_message = remote host used our name in HELO/EHLO greeting.
@ -427,10 +416,7 @@ acl_rcpt_to:
log_message = remote host did not present HELO/EHLO greeting. log_message = remote host did not present HELO/EHLO greeting.
condition = ${if def:sender_helo_name {false}{true}} condition = ${if def:sender_helo_name {false}{true}}
# If HELO verification fails, we add a X-HELO-Warning: header in the message.
# If HELO verification fails, we add a X-HELO-Warning: header in
# the message.
#
warn warn
!verify = helo !verify = helo
message = X-HELO-Warning: Remote host $sender_host_address \ message = X-HELO-Warning: Remote host $sender_host_address \
@ -515,7 +501,6 @@ acl_rcpt_to:
senders = : postmaster@* senders = : postmaster@*
condition = $recipients_count condition = $recipients_count
# Reject the recipient address if it is not in a domain for # Reject the recipient address if it is not in a domain for
# which we are handling mail. # which we are handling mail.
# #
@ -523,7 +508,6 @@ acl_rcpt_to:
message = relay not permitted message = relay not permitted
!domains = +local_domains : +relay_to_domains !domains = +local_domains : +relay_to_domains
# Reject the recipient if it is not a valid mailbox. # Reject the recipient if it is not a valid mailbox.
# If the mailbox is not on our system (e.g. if we are a # If the mailbox is not on our system (e.g. if we are a
# backup MX for the recipient domain), then perform a # backup MX for the recipient domain), then perform a
@ -541,11 +525,7 @@ acl_rcpt_to:
condition = WHITELISTED condition = WHITELISTED
logwrite = From: $sender_address To: $local_part@$domain is whitelisted in sa_userpref logwrite = From: $sender_address To: $local_part@$domain is whitelisted in sa_userpref
add_header = X-Whitelist-Flag: YES add_header = X-Whitelist-Flag: YES
set acl_m_whitelist = yes
# skip any further checks if the address is already marked Junk (by DKIM)
accept
condition = ${if eq {$header_X-Junk-Flag:}{YES}}
logwrite = Skipping SPF/DNSBL/Greylist checks as message already failed DKIM
###################################################################### ######################################################################
# DNS checks # DNS checks
@ -570,33 +550,34 @@ acl_rcpt_to:
# add SPF header # add SPF header
accept accept
!senders = :
condition = ${run{/usr/bin/spfquery --scope mfrom \ condition = ${run{/usr/bin/spfquery --scope mfrom \
--identity ${quote:$sender_address} \ --identity ${quote:$sender_address} \
--ip-address ${quote:$sender_host_address}} \ --ip-address ${quote:$sender_host_address}} \
{no}{${if eq {$runrc}{1}{yes}{no}}}} {no}{${if eq {$runrc}{1}{yes}{no}}}}
add_header = Received-SPF: fail add_header = Received-SPF: fail
add_header = X-Junk-Flag: YES set acl_m_junk = yes
## log_message = SPF check failed. #log_message = SPF check failed.
warn warn
condition = ${if eq {$runrc}{0}{yes}{no}} condition = ${if eq {$runrc}{0}{yes}{no}}
add_header = Received-SPF: pass add_header = Received-SPF: pass
## log_message = SPF check: pass #log_message = SPF check: pass
warn warn
condition = ${if eq {$runrc}{2}{yes}{no}} condition = ${if eq {$runrc}{2}{yes}{no}}
add_header = Received-SPF: softfail add_header = Received-SPF: softfail
## log_message = SPF check: softfail #log_message = SPF check: softfail
warn warn
condition = ${if eq {$runrc}{3}{yes}{no}} condition = ${if eq {$runrc}{3}{yes}{no}}
add_header = Received-SPF: neutral add_header = Received-SPF: neutral
## log_message = SPF check: neutral #log_message = SPF check: neutral
warn warn
condition = ${if eq {$runrc}{4}{yes}{no}} condition = ${if eq {$runrc}{4}{yes}{no}}
add_header = Received-SPF: permerror add_header = Received-SPF: permerror
## log_message = SPF check: permerror #log_message = SPF check: permerror
warn warn
condition = ${if eq {$runrc}{5}{yes}{no}} condition = ${if eq {$runrc}{5}{yes}{no}}
@ -606,7 +587,7 @@ acl_rcpt_to:
warn warn
condition = ${if eq {$runrc}{6}{yes}{no}} condition = ${if eq {$runrc}{6}{yes}{no}}
add_header = Received-SPF: none add_header = Received-SPF: none
## log_message = SPF check: none #log_message = SPF check: none
warn warn
condition = ${if >{$runrc}{6}{yes}{no}} condition = ${if >{$runrc}{6}{yes}{no}}
@ -618,35 +599,37 @@ acl_rcpt_to:
dnslists = zen.spamhaus.org dnslists = zen.spamhaus.org
logwrite = Warning: $sender_host_address is listed in DNSBL $dnslist_domain ${if def:dnslist_text {($dnslist_text)}} logwrite = Warning: $sender_host_address is listed in DNSBL $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}
add_header = X-DNS-Blacklist: $sender_host_address is listed in $dnslist_domain ${if def:dnslist_text {($dnslist_text)}} add_header = X-DNS-Blacklist: $sender_host_address is listed in $dnslist_domain ${if def:dnslist_text {($dnslist_text)}}
add_header = X-Junk-Flag: YES set acl_m_junk = yes
# will never get here if X-Whitelist-Flag or X-Junk-Flag (gets set with X-DNS-Blacklist) or X-DNS-Whitelist headers are set above # greylisting
.ifdef GREYLIST_ENABLED # if $sender_host_name is set use that. run command strips of leftmost subdomain if this is a third or higher level domain
# if $sender_host_name is set use that.
# run command strips of leftmost subdomain if this is a third or higher level domain
warn warn
condition = ${if def:sender_host_name} condition = ${if def:sender_host_name}
set acl_m_sender = ${run{/bin/bash /etc/exim4/return-resender.sh $sender_host_name}{$value}{$sender_host_name}} set acl_m_sender = ${run{/bin/bash /etc/exim4/return-resender.sh $sender_host_name}{$value}{$sender_host_name}}
# if $sender_host_name is not set use $sender_helo_name
# if sender_helo_name not set email was already rejected (deny) earlier in this acl # if $sender_host_name is not set use $sender_helo_name. if sender_helo_name not set email was already rejected (deny) earlier in this acl
warn warn
condition = ${if !def:sender_host_name} condition = ${if !def:sender_host_name}
set acl_m_sender = $sender_helo_name set acl_m_sender = $sender_helo_name
# bypass greylisting if sender listed in skip_greylisting_hosts
accept
hosts = +skip_greylisting_hosts
log_message = skipping greylisting due to match in skip_greylisting_hosts
# bypass greylisting if the sending host is a known resender # bypass greylisting if the sending host is a known resender
accept accept
condition = ${lookup mysql{SELECT id FROM GREYLIST_RESENDERS_TABLE WHERE hostname = '${quote_mysql:$acl_m_sender}'}{yes}{no}} condition = ${lookup mysql{SELECT id FROM GREYLIST_RESENDERS_TABLE WHERE hostname = '${quote_mysql:$acl_m_sender}'}{yes}{no}}
condition = ${lookup mysql{UPDATE GREYLIST_RESENDERS_TABLE SET count=count+1, timestamp = NOW() WHERE hostname = '${quote_mysql:$acl_m_sender}'}{yes}{yes}} condition = ${lookup mysql{UPDATE GREYLIST_RESENDERS_TABLE SET count=count+1, timestamp = NOW() WHERE hostname = '${quote_mysql:$acl_m_sender}'}{yes}{yes}}
add_header = X-DNS-Greylist: known resender add_header = X-DNS-Greylist: known resender
logwrite = skipping greylisting for $acl_m_sender due to match in GREYLIST_RESENDERS_TABLE logwrite = skipping greylisting for $acl_m_sender due to match in GREYLIST_RESENDERS_TABLE
accept
hosts = +skip_greylisting_hosts # run greylisting acl
log_message = skipping greylisting due to match in skip_greylisting_hosts
defer defer
!senders = : postmaster@* !senders = : postmaster@*
!hosts = +skip_greylisting_hosts !hosts = +skip_greylisting_hosts
acl = greylist_acl acl = greylist_acl
message = greylisted - try again later message = greylisted - try again later
.endif
# Otherwise, the recipient address is OK. # Otherwise, the recipient address is OK.
# #
@ -655,7 +638,7 @@ acl_rcpt_to:
# This access control list is used for message data received via # This access control list is used for message data received via
# SMTP. The tests are run in order until the recipient address # SMTP. The tests are run in order until the recipient address
# is either accepted or denied. # is either accepted or denied.
#
acl_data: acl_data:
# Add Message-ID if missing in messages received from our own hosts. # Add Message-ID if missing in messages received from our own hosts.
@ -665,6 +648,7 @@ acl_data:
message = Message-ID: <E$message_id@$primary_hostname> message = Message-ID: <E$message_id@$primary_hostname>
# add domain keys status header # add domain keys status header
#
#warn #warn
# message = DomainKey-Status: $dk_status # message = DomainKey-Status: $dk_status
# !condition = ${if eq{$dk_status}{}{1}{0}} # !condition = ${if eq{$dk_status}{}{1}{0}}
@ -689,17 +673,11 @@ acl_data:
# MESSAGE_SIZE_LIMIT # MESSAGE_SIZE_LIMIT
# condition = ${if >{$message_size}{MESSAGE_SIZE_LIMIT}{true}{false}} # condition = ${if >{$message_size}{MESSAGE_SIZE_LIMIT}{true}{false}}
# skip any further checks if the address is already marked Junk # Check if the address list header is syntactically correct.
accept
condition = ${if eq {$header_X-Junk-Flag:}{YES}}
logwrite = Skipping header_syntax and header_sender checks as message already marked Junk
# Deny unless the address list header is syntactically correct.
# Note that some specialized MTAs, such as certain mailing list # Note that some specialized MTAs, such as certain mailing list
# servers, do not automatically generate a Message-ID for bounces. # servers, do not automatically generate a Message-ID for bounces.
# Thus, we add the check for a non-empty sender. # Thus, we add the check for a non-empty sender.
# (email feedback reports from aol fail this check) # (email feedback reports from aol fail this check)
#deny
accept accept
message = X-RFC2822-Error: Your message does not conform to RFC2822 standard message = X-RFC2822-Error: Your message does not conform to RFC2822 standard
log_message = message header failed RFC2822 syntax check log_message = message header failed RFC2822 syntax check
@ -707,7 +685,7 @@ acl_data:
!senders = : postmaster@* !senders = : postmaster@*
!verify = header_syntax !verify = header_syntax
add_header = X-RFC2822-Error: Your message does not conform to RFC2822 standard add_header = X-RFC2822-Error: Your message does not conform to RFC2822 standard
add_header = X-Junk-Flag: YES set acl_m_junk = yes
# Warn unless there is a verifiable sender address in at least # Warn unless there is a verifiable sender address in at least
# one of the "Sender:", "Reply-To:", or "From:" header lines. # one of the "Sender:", "Reply-To:", or "From:" header lines.
@ -718,12 +696,12 @@ acl_data:
# Deny if the message contains a virus. Before enabling this check, you # Deny if the message contains a virus. Before enabling this check, you
# must install a virus scanner and set the av_scanner option above. # must install a virus scanner and set the av_scanner option above.
## accept #
## condition = ${if ! def:header_X-Junk-Flag: } #accept
## malware = */defer_ok # malware = */defer_ok
## log_message = This message contains a virus ($malware_name). # log_message = This message contains a virus ($malware_name).
## add_header = X-Virus-Warning: This message contains a virus ($malware_name). # add_header = X-Virus-Warning: This message contains a virus ($malware_name).
## add_header = X-Junk-Flag: YES # set acl_m_junk = yes
# Accept the message. # Accept the message.
# #
@ -805,29 +783,30 @@ virtual_alias:
domains = +local_domains domains = +local_domains
local_part_suffix = +* local_part_suffix = +*
local_part_suffix_optional = true local_part_suffix_optional = true
condition = ${if !eq {$received_protocol}{spam-scanned}} ## condition = ${if !eq {$received_protocol}{spam-scanned}}
data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='${local_part}' AND vm_aliases.domain='${domain}'}} data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='${local_part}' AND vm_aliases.domain='${domain}'}}
junk_filter: junk_filter:
driver = accept driver = accept
domains = +local_domains domains = +local_domains
condition = ${if eq{$acl_m_junk}{yes}}
condition = ${if !eq{$acl_m_whitelist}{yes}}
condition = ${if !eq {$received_protocol}{spam-scanned}}
local_part_suffix = +* local_part_suffix = +*
local_part_suffix_optional = true local_part_suffix_optional = true
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter > '0'}} local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter > '0'}}
condition = ${if eq {$header_X-Junk-Flag:}{YES}} headers_add = X-Junk-Flag: YES
condition = ${if !eq {$header_X-Whitelist-Flag:}{YES}}
condition = ${if !eq {$received_protocol}{spam-scanned}}
transport = junk_delivery transport = junk_delivery
spam_filter: spam_filter:
driver = accept driver = accept
domains = +local_domains domains = +local_domains
condition = ${if eq {$received_protocol}{spam-scanned}}
condition = ${if eq {$header_X-Spam-Flag:}{YES}}
## condition = ${if !eq {$header_X-Whitelist-Flag:}{YES}}
local_part_suffix = +* local_part_suffix = +*
local_part_suffix_optional = true local_part_suffix_optional = true
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter = '2'}} local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter = '2'}}
condition = ${if eq {$received_protocol}{spam-scanned}}
condition = ${if eq {$header_X-Spam-Flag:}{YES}}
condition = ${if !eq {$header_X-Whitelist-Flag:}{YES}}
transport = junk_delivery transport = junk_delivery
virtual_vacation: virtual_vacation:
@ -840,6 +819,7 @@ virtual_vacation:
# add options for start & end date fields to above query # add options for start & end date fields to above query
# do not reply to errors or lists or spam-scanned messages, require vacation message in db # do not reply to errors or lists or spam-scanned messages, require vacation message in db
condition = ${if !match {$h_precedence:} {(?i)junk|bulk|list}} condition = ${if !match {$h_precedence:} {(?i)junk|bulk|list}}
condition = ${if !eq{$acl_m_junk}{yes}}
condition = ${if !eq {$received_protocol}{spam-scanned}} condition = ${if !eq {$received_protocol}{spam-scanned}}
condition = ${if !eq {$sender_address} {}} condition = ${if !eq {$sender_address} {}}
no_expn no_expn
@ -864,6 +844,7 @@ virtual_autoresponder:
# add options for start & end date fields to above query # add options for start & end date fields to above query
# do not reply to errors or lists or spam-scanned messages, require autoresponder message in db # do not reply to errors or lists or spam-scanned messages, require autoresponder message in db
condition = ${if !match {$h_precedence:} {(?i)junk|bulk|list}} condition = ${if !match {$h_precedence:} {(?i)junk|bulk|list}}
condition = ${if !eq{$acl_m_junk}{yes}}
condition = ${if !eq {$received_protocol}{spam-scanned}} condition = ${if !eq {$received_protocol}{spam-scanned}}
condition = ${if !eq {$sender_address} {}} condition = ${if !eq {$sender_address} {}}
no_expn no_expn
@ -899,13 +880,13 @@ spamcheck_router:
# uncomment next line to bypass spamcheck when testing address routing with "exim -bt user@example.com" # uncomment next line to bypass spamcheck when testing address routing with "exim -bt user@example.com"
#address_test = false #address_test = false
domains = +local_domains domains = +local_domains
local_part_suffix = +*
local_part_suffix_optional = true
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0'}}
condition = ${if !eq {$received_protocol}{spam-scanned}} condition = ${if !eq {$received_protocol}{spam-scanned}}
condition = ${if !eq {$sender_address_domain}{$domain}} condition = ${if !eq {$sender_address_domain}{$domain}}
condition = ${if !eq {$header_X-Whitelist-Flag:}{YES}} condition = ${if !eq{$acl_m_whitelist}{yes}}
condition = ${if < {$message_size}{512k}} condition = ${if < {$message_size}{512k}}
local_part_suffix = +*
local_part_suffix_optional = true
local_parts = ${lookup mysql{SELECT vm_mboxes.mbox FROM vm_mboxes WHERE vm_mboxes.mbox='${local_part}' AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_mboxes.filter = '2'}}
headers_remove = X-Spam-Checker-Version:X-Spam-Flag:X-Spam-Level:X-Spam-Status:X-Spam-Score:X-Spam-Report headers_remove = X-Spam-Checker-Version:X-Spam-Flag:X-Spam-Level:X-Spam-Status:X-Spam-Score:X-Spam-Report
transport = spamcheck transport = spamcheck
@ -939,7 +920,7 @@ lmtp_localuser:
virtual_alias_catchall: virtual_alias_catchall:
driver = redirect driver = redirect
domains = +local_domains domains = +local_domains
condition = ${if !eq {$received_protocol}{spam-scanned}} ## condition = ${if !eq {$received_protocol}{spam-scanned}}
data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='catchall' AND vm_aliases.domain='${domain}'}} data = ${lookup mysql{SELECT CONCAT(vm_aliases.mbox,'@','${domain}') FROM vm_mboxes, vm_aliases WHERE vm_mboxes.mbox=vm_aliases.mbox AND vm_mboxes.domain='${domain}' AND vm_mboxes.status > '0' AND vm_aliases.alias='catchall' AND vm_aliases.domain='${domain}'}}
# This router handles aliasing using a linearly searched alias file with the # This router handles aliasing using a linearly searched alias file with the

8
etc/exim4/exim_local.conf
View File

@ -2,14 +2,6 @@ qualify_domain = example.com
hide mysql_servers = localhost/vmail/vmail/password hide mysql_servers = localhost/vmail/vmail/password
# comment out to disable Greylisting
GREYLIST_ENABLED=
# only use 1 of the following at a time:
# disable for now as clamav is not currently enabled
#VIRUS_WARN=
#VIRUS_DENY=
# Uncomment and change values to override defaults already in main config # Uncomment and change values to override defaults already in main config
#smtp_accept_max = 50 #smtp_accept_max = 50
#smtp_accept_max_per_host = 10 #smtp_accept_max_per_host = 10