Re: [Exim] 4.12 stable or wait for 4.13?

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Nico Erfurth
Fecha:  
A: Wolfgang.Fuertbauer
Cc: exim-users, dean
Asunto: Re: [Exim] 4.12 stable or wait for 4.13?
Wolfgang.Fuertbauer@??? wrote:
> Dean,
>
> in my environment 4.12 works perfect (uprade was 1 day after announce);
> but I'm using only basic features see the attached config ...


Just some comments on your config :)

> acl_check_rcpt:


......

>   deny    hosts = +rbl_hosts
>       message = host is listed in $dnslist_domain
>       dnslists = blackholes.mail-abuse.org :\

....
>
>   deny    domains       = !+local_domains : *

                                               ^ useless

>           !verify       = sender/callout=30s


......

>   accept  local_parts   = postmaster
>           domains       = +local_domains


IMHO this should be done before the rbl-checking, RBLs aren't perfect.
If a customer wants to mail to your postmaster account that he's
blacklisted, he will be unable to reach you.

>   require verify        = sender
>   accept  domains       = +local_domains
>           endpass
>           message       = unknown user
>           verify        = recipient
>   accept  domains       = +relay_to_domains
>           endpass
>           message       = unrouteable address
>           verify        = recipient


>   accept  hosts         = +relay_from_hosts
>   accept  authenticated = *

These two checks should also be done before you check for the RBL, so
hosts that are allowed to relay are able to, not depending on an RBL.
Same for authenticated users.

> begin routers
>
> spam_user:
> driver = accept
> local_parts = spam
> transport = spam_local
>
> dnslookup:
> driver = dnslookup
> domains = ! +local_domains
> transport = remote_smtp
> ignore_target_hosts = 127.0.0.0/8
> no_more
>
> smart_relay:
> driver = manualroute
> domains = +local_domains
> transport = remote_smtp
> route_list = * horn.intern.ebewe.at


All routers after this one are useless, at least as far as I can see :)

.....