[Exim] critique on config

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Peter Galbavy
Dátum:  
Címzett: exim-users
Tárgy: [Exim] critique on config
I have been building a surreal virtual system over the past while, and
I would love any feedback on how to make things run "better" or
whatever.

On the other hand, if the strange things I have done are any use to
those reading the list or a future mail archive - welcome.

Notes: The mailing list stuff and majordomo are leftovers and are not
live; comments on a retry policy would be welcome... defaults appears
OK to me. Comments to increasing reliablitiy / security also.

In case it is too surreal (it does work) the idea is that mail for

    user@??? ->
    /u/abc/abc001/domains/example.com/mail/boxes/user/INBOX


    in mbx format (for heavily hacked UWash IMAP to get to)


and
    user+mailbox@??? ->
    /u/abc/abc001/domains/example.com/mail/boxes/user/mailbox


I am worried by the later "+mailbox" extension in the case of idiot
kiddies mailing to user+../../doh@??? etc. How can I filter
these types of patterns "trivially" ?

Hmm, I have added a thought to the file below - note that the IMAP
seperator is hacked to be '+' and not '/' - so filtering '/' should
be fine :)

All mailboxes in a domain are owned by the same users - who owns the
domain. (abc001 in this case).

One thing in particular; if a domain owner sets up an alias file
which contains "* somewhere@???" to forward all mail, is
there anyway I can give exceptions *without* using another file and
still use smartuser to drop usernames through ?

Let me try that again: If I want to deliver sales@??? to a
local mailbox, but everything else to be forwarded, can I do this in
one "alias" style file ?

TIA to all who got this far in reading - here's the file.

######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################


#
# Macros
#
EXIM_HOME    = /etc/exim
EXIM_DB        = EXIM_HOME/db


MATCH_PLUS    = match{$local_part}{^([^+]+)\\+(.*)\$}
#
# is this better ?
# MATCH_PLUS    = match{$local_part}{^([^+]+)\\+([^/]+)\$}
#
MATCH_LOCAL    = ${if MATCH_PLUS {$1}{$local_part}}
MATCH_MAILBOX    = ${if MATCH_PLUS {$2}{INBOX}}


LOOKUP_USERNAME    = ${lookup{$domain}dbm{EXIM_DB/localdomains.db}{$value}}
LOOKUP_PASSWD    = ${lookup{LOOKUP_USERNAME}nis{passwd.byname}{$value}}
LOOKUP_USERDIR    = ${extract{6}{:}{LOOKUP_PASSWD}}
LOOKUP_MAILDIR    = LOOKUP_USERDIR/domains/$domain/mail
LOOKUP_BOXDIR    = LOOKUP_MAILDIR/boxes/MATCH_LOCAL
LOOKUP_LISTDIR    = LOOKUP_MAILDIR/lists



exim_user = "exim"
exim_group = "mail"

######

primary_hostname = knowledge.com
forbid_domain_literals
local_domains = dbm;EXIM_DB/localdomains.db
never_users = root
trusted_groups = wheel
host_lookup = 0.0.0.0/0
#receiver_verify
sender_verify
# rbl_domains = rbl.maps.vix.com:dul.maps.vix.com:relays.orbs.org
remote_max_parallel = 10
ignore_errmsg_errors
rfc1413_query_timeout = 5s
finduser_retries = 10
log_file_path = /var/spool/exim/log/%s.log

smtp_verify = true
smtp_expn_hosts = localhost

end

######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################


remote_smtp:
driver = smtp

local_delivery:
driver = appendfile
file = LOOKUP_BOXDIR/MATCH_MAILBOX
delivery_date_add
envelope_to_add
return_path_add
from_hack
mbx_format

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
current_directory = LOOKUP_BOXDIR
delivery_date_add
envelope_to_add
return_path_add
mbx_format

address_reply:
driver = autoreply

majordomo_pipe:
driver = pipe
return_output
path = EXIM_HOME/majordomo
home_directory = LOOKUP_LISTDIR

end

######################################################################
#                      DIRECTORS CONFIGURATION                       #
#             Specifies how local addresses are handled              #
######################################################################
#                          ORDER DOES MATTER                         #
#   A local address is passed to each in turn until it is accepted.  #
######################################################################


#
# Match domain specific aliases in aliases.db in each directory
#
domain_aliases:
driver = aliasfile
optional
qualify_preserve_domain
file = LOOKUP_MAILDIR/aliases
search_type = lsearch*
skip_syntax_errors
syntax_errors_to = postmaster@$domain
errors_to = postmaster@$domain
user = LOOKUP_USERNAME
group = LOOKUP_USERNAME

lists_aliases:
driver = aliasfile
condition = 0
optional
qualify_preserve_domain
file = LOOKUP_MAILDIR/lists.db
search_type = dbm
skip_syntax_errors
syntax_errors_to = list-owner@$domain
errors_to = list-owner@$domain
pipe_transport = majordomo_pipe
user = LOOKUP_USERNAME
group = LOOKUP_USERNAME

lists_private:
  driver = aliasfile
  optional
  qualify_preserve_domain
  file = LOOKUP_MAILDIR/lists-private.db
  search_type = dbm
  condition = 0
#  condition = "${if eq {$received_protocol}{local} \
#              {${if eq {$sender_ident}{exim} \
#              {true}{false}}}{false}}"
  user = LOOKUP_USERNAME
  group = LOOKUP_USERNAME


userforward:
driver = forwardfile
home_directory = LOOKUP_BOXDIR
file_directory = LOOKUP_BOXDIR
file = LOOKUP_BOXDIR/.forward
check_local_user = false
check_ancestor
filter
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
user = LOOKUP_USERNAME
group = LOOKUP_USERNAME

localuser:
driver = smartuser
transport = local_delivery
condition = ${lookup {MATCH_LOCAL} lsearch {LOOKUP_MAILDIR/passwd} {1} {0}}
user = LOOKUP_USERNAME
group = LOOKUP_USERNAME

end



######################################################################
#                      ROUTERS CONFIGURATION                         #
#            Specifies how remote addresses are handled              #
######################################################################
#                          ORDER DOES MATTER                         #
#  A remote address is passed to each in turn until it is accepted.  #
######################################################################


lookuphost:
driver = lookuphost
transport = remote_smtp

end


######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################


# Domain               Error       Retries
# ------               -----       -------


*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,8h


end



######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################








--
Peter Galbavy
Knowledge Matters Ltd
http://www.knowledge.com/