[Exim] Re: confusing local_delivery problems

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Brian White
Datum:  
To: exim-users
CC: Phil.Pennock
Betreff: [Exim] Re: confusing local_delivery problems
By request... Here's my /etc/exim.conf file as part of the body.

###############################################################################

# This is the main exim configuration file.
# It was originally generated by `eximconfig', part of the exim package
# distributed with Debian, but it may edited by the mail system administrator.
# This file originally generated by eximconfig at Mon Oct 5 10:07:18 EDT 1998
# See exim info section for details of the things that can be configured here.

# Modified by Brian White <bcwhite@???> to be generically used
# on any Debian system normally or with virtual domains.

# Please see the manual for a complete list
# of all the runtime configuration options that can be included in a
# configuration file.

# This file is divided into several parts, all but the last of which are
# terminated by a line containing the word "end". The parts must appear
# in the correct order, and all must be present (even if some of them are
# in fact empty). Blank lines, and lines starting with # are ignored.

######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################


# The string must contain a list of IP addresses, in dotted-quad format
# for IPv4 addresses, or in colon-separated format (with colons doubled)
# for IPv6 addresses. These are used for two different purposes:
#
#    * When a daemon is started to listen for incoming SMTP calls, it
#      listens only on the interfaces identified here, that is, it calls
#      `bind()' for these interfaces only. An error occurs if it is unable
#      to bind a listening socket to any interface.
#
#    * Only the IP addresses listed here are taken as the local host's
#      addresses when routing mail and checking for mail loops.




# This specifies the name of the current host. This is used in the HELO
# command for outgoing SMTP messages, and as the default for qualify_domain.
# If it is not set, Exim calls uname() to find it. If this fails, Exim
# panics and dies. If the name returned by uname() contains only one
# component, Exim passes it to gethostbyname() in order to obtain the fully
# qualified version.

primary_hostname = dragon.bcwhite.dhs.org

# Specify the domain you want to be added to all unqualified addresses
# here. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.

qualify_domain = bcwhite.dhs.org

# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.

qualify_recipient = bcwhite.dhs.org

# Specify your local domains as a colon-separated list here. If this option
# is not set (i.e. not mentioned in the configuration file), the
# qualify_recipient value is used as the only local domain. If you do not want
# to do any local deliveries, uncomment the following line, but do not supply
# any data for it. This sets local_domains to an empty string, which is not
# the same as not mentioning it at all. An empty string specifies that there
# are no local domains; not setting it at all causes the default value (the
# setting of qualify_recipient) to be used.

local_domains = localhost:dragon.bcwhite.dhs.org:mail.bcwhite.dhs.org:mail.bcwhite.dhs.org:lsearch;/etc/exim/domains

# Allow mail addressed to our hostname, or to our IP address.

local_domains_include_host = true
local_domains_include_host_literals = true

# Domains we relay for; that is domains that aren't considered local but we
# accept mail for them.

relay_domains = *.bcwhite.dhs.org:bcwhite.dhs.org:lsearch;/etc/exim/domains

# If this is uncommented, we accept and relay mail for all domains we are
# in the DNS as an MX for.

relay_domains_include_local_mx = true

# No local deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so gets changed so that it runs under the
# uid of "nobody" instead. This is a paranoic safety catch. Note the default
# setting means you cannot deliver mail addressed to root as if it were a
# normal user. This isn't usually a problem, as most sites have an alias for
# root that redirects such mail to a human administrator.

never_users = root

# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.

host_lookup = 0.0.0.0/0

# Exim contains support for the Realtime Blocking List (RBL) that is being
# maintained as part of the DNS. See http://maps.vix.com/rbl/ for background.
# Uncommenting the following line will make Exim reject mail from any
# host whose IP address is blacklisted in the RBL at maps.vix.com.

rbl_domains = rbl.maps.vix.com
rbl_hosts = "!10.0.0.0/8:!192.168.255.0/24:*"
rbl_reject_recipients = true
rbl_warn_header = true

# If the `sender_verify' option is true, envelope sender addresses on incoming
# SMTP messages are checked to ensure that they are valid. Messages with
# invalid envelope senders are rejected with a permanent error code if
# `sender_verify_reject' is set (the default). Otherwise a warning is
# logged. See section "Sender verification" in chapter "Verification of
# incoming mail" for details of the rejection, which can happen at three
# different points in the SMTP dialogue. If a sender cannot immediately be
# verified, a temporary error code is returned after reading the data (so the
# headers can be logged). The `sender_try_verify' option is less severe: it
# operates in exactly the same way as `sender_verify' except that if an
# address cannot immediately be verified, it is accepted instead of being
# temporarily rejected.

sender_verify = true
sender_verify_fixup = true
sender_verify_reject = false

# The following turns on sender verification in order to try and reduce the
# amount of incoming spam. With `headers_sender_verify', exim insists on
# there being at least one verifyable address in one of the `Sender:',
# `Reply-To:', or `From:' headers (which are checked in that order) on all
# incoming SMTP messages. If one cannot be found, the message is rejected,
# unless `headers_checks_fail' is unset, in which case a warning entry is
# written to the reject log.

headers_check_syntax = true
headers_sender_verify = true
headers_checks_fail = false

# This option lists recipient addresses which are exceptions to any policy for
# recipient rejection, that is, as a result of `sender_reject_recipients',
# etc. This option is entirely independent of any checks for unwanted message
# relaying. However, it does interact with the RBL options.

recipients_reject_except = postmaster@???

# The setting below allows your host to be used as a mail relay by only
# the hosts in the specified networks. See the section of the manual
# entitled "Control of relaying" for more info.

host_accept_relay = 127.0.0.1/8:206.47.27.93/32:10.0.0.0/8

# If you want Exim to support the "percent hack" for all your local domains,
# uncomment the following line. This is the feature by which mail addressed
# to x%y@z (where z is one of your local domains) is locally rerouted to
# x@y and sent on. Otherwise x%y is treated as an ordinary local part.

# percent_hack_domains=*

# If this option is set, then any process that is running as one of the
# listed users may pass a message to Exim and specify the sender's
# address using the "-f" command line option, without Exim's adding a
# "Sender" header.

trusted_users = mail:list:www-data

# If this option is true, the SMTP command VRFY is supported on incoming
# SMTP connections; otherwise it is not.

smtp_verify = true

# Some operating systems use the "gecos" field in the system password file
# to hold other information in addition to users' real names. Exim looks up
# this field when it is creating "sender" and "from" headers. If these options
# are set, exim uses "gecos_pattern" to parse the gecos field, and then
# expands "gecos_name" as the user's name. $1 etc refer to sub-fields matched
# by the pattern.

gecos_pattern = ^([^,:]*)
gecos_name = $1

# This string defines the contents of the \`Received' message header that
# is added to each message, except for the timestamp, which is automatically
# added on at the end, preceded by a semicolon. The string is expanded each
# time it is used.

received_header_text = "Received: \
          ${if def:sender_fullhost {from ${sender_fullhost} \
          ${if def:sender_ident {(${sender_ident})}}\n\t}\
          {${if def:sender_ident {from ${sender_ident} }}}}\
          by ${primary_hostname} \
          ${if def:received_protocol {with ${received_protocol}}} \
          (Exim ${version_number} #${compile_number} (Debian))\n\t\
          id ${message_id}"


# If this option is set to a non-zero time, a new delivery is attempted on
# frozen messages if this much time has passed since the message was frozen.

auto_thaw = 24h

# These options allow for checking of disc resources before a
# message is accepted.
#
# If there is less space or fewer inodes than requested, Exim refuses to
# accept incoming mail. In the case of SMTP input this is done by giving a
# 452 temporary error response to the MAIL FROM command. If ESMTP is in use
# and there was a SIZE parameter on the MAIL FROM command, its value is
# added to the check_spool_space value, and the check is performed even if
# check_spool_space is zero.
#
# For non-SMTP input and for batched SMTP input, the test is done at start-
# up; on failure a message is written to stderr and Exim exits with a non-
# zero code, as it obviously cannot send an error message of any kind.

check_spool_inodes = 100
check_spool_space = 10M

# The string is expanded at the time a warning message might be sent. If the
# result of the expansion is a forced failure, an empty string, or a string
# matching any of '0', 'no' or 'false' (the comparison being done
# caselessly) then the warning message is not sent. For example, the following
# suppresses the sending of warnings about messages that have 'bulk' or
# 'list' or 'junk' in a Precedence: header. Note that the colon to terminate
# the header name is necessary because } may legally occur in header names.

delay_warning_condition = "${if match{$h_precedence:}{(?i)bulk|list|junk}{no}{yes}}"

# When this option is set, no message deliveries are ever done if the system
# load average is greater than its value, except for deliveries forced with
# the -M option. If deliver_queue_load_max is not set and the load gets this
# high during a queue run, the run is abandoned. There are some operating
# systems for which Exim cannot determine the load average (see chapter 1);
# for these this option has no effect.

deliver_load_max = 4

# If this option is set, its value is used to determine whether to abandon a
# queue run, instead of the value of deliver_load_max.

deliver_queue_load_max = 20

# On systems running NIS or other schemes in which user and group infor-
# mation is distributed from a remote system, there can be times when
# getpwnam() and related functions fail, even when given valid data, because
# things time out. Unfortunately these failures cannot be distinguished from
# genuine 'not found' errors. If finduser_retries is set greater than zero,
# Exim will try that many extra times to find a user or a group, waiting for
# one second between tries.

finduser_retries = 4

# On encountering certain errors, Exim freezes a message, which means that
# no further delivery attempts take place until an administrator thaws it.
# If this option is set, a message is sent to errors_address every time a
# message is frozen, unless the message is itself a delivery error message.
# (Without this exception there is the possibility of looping.) If several
# of the message's addresses cause freezing, only a single message is sent
# to the mail administrator. The reason(s) for freezing will be found in the
# message log.

freeze_tell_mailmaster = true

# This option limits the maximum size of message that Exim will process.
# Zero means no limit. It should be set somewhat larger than
# `return_size_limit' if the latter is non-zero. Incoming SMTP messages
# are failed with a 552 error if the limit is exceeded; locally-generated
# messages either get a stderr message or a delivery failure message to
# the sender, depending on the `-oe' setting, in the normal way.
# Rejection of an oversized message is logged in both the main and the
# reject logs.

message_size_limit = 8M

# If the system load average is higher than this value, all incoming
# messages are queued, and no automatic deliveries are started. If this
# happens during local or remote SMTP input, all subsequent messages on the
# same connection are queued. Deliveries will subsequently be performed by
# queue running processes, unless the load is higher than deliver_load_max.
# There are some operating systems for which Exim cannot determine the load
# average (see chapter 1); for these this option has no effect. See also
# smtp_accept_queue and smtp_load_reserve.

queue_only_load = 4

# When there are a number of remote deliveries for a message, they are
# sorted by domain into the order given by this list.

remote_sort = "*bcwhite.dhs.org:*bcwhite.dhs.org:*"

# This option sets a limit in bytes on the size of messages that are
# returned to senders. If it is set to zero there is no limit. If the
# body of any message that is to be included in an error message is
# greater than the limit, it is truncated, and a comment pointing this
# out is added at the top. The actual cutoff may be greater than the
# value given, owing to the use of buffering for transferring the message
# in chunks. The idea is just to save bandwidth on those undeliverable
# 15-megabyte messages. If `message_size_limit' is set, the value of
# `return_size_limit' should be somewhat smaller.

return_size_limit = 10k

# This specifies the maximum number of simultaneous incoming SMTP calls that
# Exim will accept. It applies only to the listening daemon; there is no
# control (in Exim) when incoming SMTP is being handled by inetd. If the
# value is set to zero, no limit is applied.

smtp_accept_max = 20

# If the number of simultaneous incoming SMTP calls handled via the
# listening daemon exceeds this value, then messages received are simply
# placed on the queue, and no delivery processes are started automatically.
# A value of zero implies no limit, and clearly any non-zero value is useful
# only if it is less than the smtp_accept_max value (unless that is zero).
# See also queue_only, queue_only_load, queue_smtp, and the various -od
# command line options.

smtp_accept_queue = 10

# DNS lookups give a `try again' response for the DNS error
# `non-Authoritive host found or SERVERFAIL'. This can cause Exim to keep
# trying to deliver a message, or to give repeated temporary errors to
# incoming mail. Sometimes the effect is caused by a badly set up
# nameserver and may persist for a long time. If a domain which exhibits
# this problem matches anything in `dns_again_means_nonexist' then it is
# treated as if it did not exist. This option should be used with care.

dns_again_means_nonexist = *.precidia.com

# When `errmsg_file' is set, it must point to a template file for
# constructing error messages. The file consists of a series of text
# items, separated by lines consisting of exactly four asterisks. If the
# file cannot be opened, default text is used and a message is written to
# the main and panic logs. If any text item in the file is empty, default
# text is used for that item.

errmsg_file = /etc/exim/errmsg




######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################



# This transport is used for local delivery to cyrus (imap) mailboxes.

# cyrus mail delivery
local_delivery:
driver = pipe
user = cyrus
command = "/usr/sbin/cyrdeliver -e -q ${local_part}"
home_directory = /tmp
return_path_add
return_output
prefix = ""


# This transport is used for handling pipe addresses generated by alias
# or .forward files. It has a conventional name, since it is not actually
# mentioned elsewhere in this configuration file. (A different name *can*
# be specified via the "address_pipe_transport" option if you really want
# to.) If the pipe generates any standard output, it is returned to the sender
# of the message as a delivery error. Set return_fail_output instead if you
# want this to happen only when the pipe fails to complete normally.

address_pipe:
driver = pipe
return_output

# This transport is used for handling file addresses generated by alias
# or .forward files. It has a conventional name, since it is not actually
# mentioned elsewhere in this configuration file.

address_file:
driver = appendfile

# This transport is used for handling file addresses generated by alias
# or .forward files if the path ends in "/", which causes it to be treated
# as a directory name rather than a file name. Each message is then delivered
# to a unique file in the directory. If instead you want all such deliveries to
# be in the "maildir" format that is used by some other mail software,
# uncomment the final option below. If this is done, the directory specified
# in the .forward or alias file is the base maildir directory.
#
# Should you want to be able to specify either maildir or non-maildir
# directory-style deliveries, then you must set up yet another transport,
# called address_directory2. This is used if the path ends in "//" so should
# be the one used for maildir, as the double slash suggests another level
# of directory. In the absence of address_directory2, paths ending in //
# are passed to address_directory.

address_directory:
driver = appendfile
no_from_hack
prefix = ""
suffix = ""
# maildir_format

# This transport is used for handling autoreplies generated by the filtering
# option of the forwardfile director. It has a conventional name, since it
# is not actually mentioned elsewhere in this configuration file.

address_reply:
driver = autoreply

# This transport is used for delivering messages over SMTP connections.

remote_smtp:
driver = smtp

procmail_pipe:
driver = pipe
#envelope_to_add
command = "/usr/bin/procmail -d ${local_part}"
user = ${local_part}

virtual_procmail:
driver = pipe
#envelope_to_add
command = "/usr/bin/procmail -d ${lookup{$domain:multidrop}lsearch{/etc/exim/domains}{$value}{$local_part}}"
user = ${lookup{$domain:multidrop}lsearch{/etc/exim/domains}{$value}{mail}}

#vacation_pipe:
# driver = pipe
# command = "/usr/bin/vacation ${local_part}"
# user = ${local_part}



######################################################################
#                      DIRECTORS CONFIGURATION                       #
#             Specifies how local addresses are handled              #
######################################################################
#                          ORDER DOES MATTER                         #
#   A local address is passed to each in turn until it is accepted.  #
######################################################################



# This allows email to always be delivered to the one postmaster

postmaster:
local_parts = postmaster
driver = aliasfile
file_transport = address_file
pipe_transport = address_pipe
file = /etc/aliases
search_type = lsearch



# This allows local delivery to be forced, avoiding alias files and
# forwarding.

real_local:
prefix = real-
driver = localuser
transport = local_delivery


# This director handles aliasing using a traditional /etc/aliases file.
# If any of your aliases expand to pipes or files, you will need to set
# up a user and a group for these deliveries to run under. You can do
# this by uncommenting the "user" option below (changing the user name
# as appropriate) and adding a "group" option if necessary.

system_aliases:
driver = aliasfile
pipe_transport = address_pipe
file = /etc/aliases
search_type = lsearch


# This director handles forwarding using traditional .forward files.
# It also allows mail filtering when a forward file starts with the
# string "# Exim filter": to disable filtering, uncomment the "filter"
# option. The check_ancestor option means that if the forward file
# generates an address that is an ancestor of the current one, the
# current one gets passed on instead. This covers the case where A is
# aliased to B and B has a .forward file pointing to A.

userforward:
driver = forwardfile
no_verify
check_ancestor
file_directory = /etc/exim/filters
file = ${local_part}
filter
reply_transport = address_reply
file_transport = address_file
pipe_transport = address_pipe


# This director uses procmail if a user ~/.procmailrc file exists

procmail:
require_files = ${local_part}:+${home}/.procmailrc
driver = localuser
transport = procmail_pipe


# This director implements the vacation program

#vacation:
# require_files = ${local_part}:+${home}/.vacation.msg
# driver = localuser
# transport = vacation_pipe




# This director matches local user mailboxes.

localuser:
driver = localuser
transport = local_delivery



######################################################################
#                      ROUTERS CONFIGURATION                         #
#            Specifies how remote addresses are handled              #
######################################################################
#                          ORDER DOES MATTER                         #
#  A remote address is passed to each in turn until it is accepted.  #
######################################################################


# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.

# Relay local domains to the correct central mail server
# Mail will automatically try to forward to mailhost with a smaller
# priority in the MX record.

# If the mail is for a company site, forward it there directly (over VPN).


#gsi_route:
# domains = grouptheory.com:secura.com
# driver = domainlist
# transport = remote_smtp
# route_list = "* mail.grouptheory.com"

# Forward outgoing off-site email to a smarthost (if we have one)


# This router routes to remote hosts over SMTP using a DNS lookup with
# default options.

lookuphost:
driver = lookuphost
transport = remote_smtp

# This router routes to remote hosts over SMTP by explicit IP address,
# given as a "domain literal" in the form [nnn.nnn.nnn.nnn]. The RFCs
# require this facility, which is why it is enabled by default in Exim.
# If you want to lock it out, set forbid_domain_literals in the main
# configuration section above.

literal:
driver = ipliteral
transport = remote_smtp



######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################


# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 2 hours and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 8 hours until 4 days have passed since the first
# failed delivery.

# Domain                   Error           Retries
# ------                   -----           -------
*.bcwhite.dhs.org        *        F,1d,10m; F,6d,30m
*                       *        F,2h,15m; G,16h,2h,1.5; F,4d,8h




######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################



# This is an example of a useful rewriting rule---it looks up the real
# address of all local users in a file

# *@verisim.com    ${lookup{$1}lsearch{/etc/email-addresses}\
#                        {$value}fail} bcfrF


# End of Exim configuration file

###############################################################################


                                          Brian
                                  ( bcwhite@??? )


-------------------------------------------------------------------------------
                Disinformation is not as good as datinformation.