Re: [Exim] Using ACL to block spaam... possible?

Etusivu
Poista viesti
Vastaa
Lähettäjä: Lukas
Päiväys:  
Vastaanottaja: exim-users
Aihe: Re: [Exim] Using ACL to block spaam... possible?
Hi all!!

Tim... you were right... I was using a bad address (in my network).
Now I set up HOSTLIST RELAY_FROM_HOST to 127.0.0.1 only and tested averything also using a laptop connected via dial up connection to the internet (so that it has nothing to do with my network). I made modifications to config following your advice. I pasted the new config below.

Everithings seems to work well. I have only one problem. I cannot send mail outside my network. No way at all. And the same problem has the laptop (that is configured to use my server as smtp). I can deliver to my mailboxes, from my network and also from the laptop. But cannot use my server to deliver to some other servers. Why?

Tim... I greatly appreciate your request to Philip about Auth documentation!!

Here follow some lines from my log. They were succesful attempt to spam. I stopped them as soon I realized the problem.

2003-03-18 18:12:22 HBYFSF-0000DQ-00 mx9.hanmail.net [211.43.197.85]: Connection refused
2003-03-18 18:12:23 HBYFSF-0000DQ-00 Remote host mx9.hanmail.net [211.43.197.45] closed connection in response to initial connection
2003-03-18 18:12:23 HBYFSF-0000DQ-00 == yohan7942@??? R=dnslookup T=remote_smtp defer (-18): Remote host mx9.hanmail.net [211.43.197.45] closed connection in response to initial connection
2003-03-18 18:12:25 HBYFSN-0000DQ-00 <= webschool@??? H=(151.38.133.230) [211.192.35.28] P=smtp S=17563 id=z5NVLjDsUaD2Fy3Ea7vOtgn4XsVOLoRg@LocalHost
2003-03-18 18:12:30 HBYFST-0000DQ-00 <= webschool@??? H=(151.38.133.230) [211.192.35.28] P=smtp S=17563 id=7tIXfSS1HeyF5LIQsL946eugjOImFwTq@LocalHost
2003-03-18 18:12:32 HBYFST-0000DQ-00 Remote host mx9.hanmail.net [211.43.197.124] closed connection in response to initial connection
2003-03-18 18:12:32 HBYFST-0000DQ-00 == yogo-k@??? R=dnslookup T=remote_smtp defer (-18): Remote host mx9.hanmail.net [211.43.197.124] closed connection in response to initial connection
2003-03-18 18:12:35 HBYFSY-0000DQ-00 <= webschool@??? H=(151.38.133.230) [211.192.35.28] P=smtp S=17575 id=Uq8Bk4I0ewIWPDsBXkeiDoK1VHOANOwh@LocalHost
2003-03-18 18:12:35 HBYFSY-0000DQ-00 no immediate delivery: more than 10 messages received in one connection
2003-03-18 18:12:36 HBYFSA-0000DQ-00 => yoheejun@??? R=dnslookup T=remote_smtp H=mx8.hanmail.net [211.43.197.75]*
2003-03-18 18:12:36 HBYFSA-0000DQ-00 Completed
2003-03-18 18:12:50 HBYFSN-0000DQ-00 => yoh301@??? R=dnslookup T=remote_smtp H=mx9.hanmail.net [211.43.197.124]
2003-03-18 18:12:50 HBYFSN-0000DQ-00 Completed
2003-03-18 18:12:50 HBYFST-0000DQ-00 Spool file is locked (another process is handling this message)
2003-03-18 18:12:53 HBYFST-0000DQ-00 => yogo-k@??? R=dnslookup T=remote_smtp H=mx8.hanmail.net [211.43.197.75]*
2003-03-18 18:12:53 HBYFST-0000DQ-00 Completed
2003-03-18 18:13:09 HBYFSF-0000DQ-00 => yohan7942@??? R=dnslookup T=remote_smtp H=mx8.hanmail.net [211.43.197.75]*
2003-03-18 18:13:09 HBYFSF-0000DQ-00 Completed
2003-03-18 18:13:26 HBYFS2-0000DQ-00 => yohrt@??? R=dnslookup T=remote_smtp H=mx8.hanmail.net [211.43.197.75]*
2003-03-18 18:13:26 HBYFS2-0000DQ-00 Completed


Thanx a lot everybody

Lukas



######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################


hide mysql_servers = localhost/server_mail/root/password

primary_hostname = mail.spirit.it

domainlist local_domains      = \
        ${lookup mysql {SELECT domain FROM domains \
        WHERE type="local" and domain="${domain}" }}


domainlist relay_to_domains = \
       ${lookup mysql {SELECT domain FROM domains \
        WHERE type="relay" }}


hostlist relay_from_hosts =


never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 10s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
message_size_limit = 20M
bounce_return_message = false
# return_size_limit = 50K

system_filter = /usr/local/exim/system_filter.exim

smtp_banner = $primary_hostname ESMTP Exim $version_number $tod_full

acl_smtp_auth = acl_check_auth
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data

auth_advertise_hosts = *

#tls_advertise_hosts = *

MAILMAN_HOME=/usr/local/mailman
MAILMAN_WRAP=MAILMAN_HOME/mail/mailman

MAILMAN_USER=mailman
MAILMAN_GROUP=1


######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################


begin acl


acl_check_auth:
  accept
  accept encrypted = *
  accept condition = ${if eq{${uc:$smtp_command_argument}}\
                   {CRAM-MD5}{yes}{no}}
  deny   message   = TLS encryption or CRAM-MD5 required




acl_check_rcpt:

  accept  hosts          = :
  deny    local_parts    = ^.*[@%!/|] : ^\\.



  deny    senders        = ${lookup mysql{SELECT sender FROM deny_sender \
                           WHERE '$sender_address' rlike sender} {$sender_address}}
          message        = We don't want mail from: $sender_address


  deny    hosts          = net-lsearch;/usr/local/exim/reject-hosts.txt : \
                           net24-lsearch;/usr/local/exim/reject-hosts.txt
          message        = Connection denied for: $sender_host_address


  drop    message        = Too many bad recipients ${eval:$rcpt_fail_count} out of $rcpt_count
          condition      = ${if = {${eval:$rcpt_fail_count}}{1}{yes}{no}}



  accept  local_parts    = postmaster
          domains        =  local_domains
          verify         = recipient


accept authenticated = *

  require verify         = sender



  accept  domains        =  local_domains
          endpass
          message        = Unknown user.
          verify         = recipient


  accept  domains        =  relay_to_domains
          endpass
          message        = Unrouteable address.
          verify         = recipient


  accept  hosts          =  relay_from_hosts



  deny    message        = Authentication required - Relay not permitted.




acl_check_data:

  deny    sender_domains = aol.com
          message        = X-Forgery: NOT AOL MAILER
          condition = ${if match {${lc:$h_X-Mailer:}} {a(?:ol|tlas)} {no}{yes}}


#  deny    sender_domains = *.ru : *.ua : *.fm : *.co.kr
#          message        = We do not relay!


  accept  senders = !:
          message = A valid sender header is required!
          verify = header_sender


  deny   !condition = $header_X-WhitelistedRCPT-nohdrfromcallback:
         !verify = header_sender/callout=90s


accept

######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################
#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
# An address is passed to each router in turn until it is accepted.  #
######################################################################


begin routers


dnslookup:
driver = dnslookup
domains = ! local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

mailman_router:
  driver = accept
  require_files = MAILMAN_HOME/lists/$local_part/config.pck
  local_part_suffix_optional
  local_part_suffix = -bounces : -bounces * : \
                 -confirm * : -join : -leave : \
                 -owner : -request : -admin
  transport = mailman_transport


mysql_sys_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup mysql {SELECT dest FROM aliases \
            WHERE email='${local_part}' AND type="system"}}


mysql_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup mysql {SELECT dest FROM aliases \
            WHERE email='${local_part}@${domain}' AND type="site"}}


mysql_user:
  driver = accept
  condition = ${if eq{} {${lookup mysql {SELECT home FROM passwd \
                WHERE id='${local_part}@${domain}'}}} {no}{yes}}
  retry_use_local_part
  transport=mysql_delivery




######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################


begin transports

remote_smtp:
driver = smtp


mysql_delivery:
  driver = appendfile
  maildir_format
  directory = \
     /var/mail/${lookup mysql{SELECT maildir \
     FROM passwd WHERE id='${local_part}@${domain}'}}
  delivery_date_add
  #envelope_to_add = true
  #return_path_add = true
  maildir_tag = ,S=$message_size
  quota = \
    "${lookup mysql{SELECT quota FROM passwd WHERE \
    user = '$local_part' AND domain = '$domain'}{${value}M}}"
  quota_is_inclusive = false
  quota_size_regex = S=(\d ):
  quota_warn_threshold = 75%
  quota_warn_message = "\
        To: $local_part@$domain\n\
          Subject: Mailbox quota warning\n\n\
          This message was automatically generated by the mail delivery software.\n\n\
          You are now using over 75% of your allocated mail storage quota.\n\n\
          If your mailbox fills completely, further incoming messages will be automatically\n\
          returned to their senders.\n\n\
          Please take note of this and remove unwanted mail from your mailbox.\n"
  user = 1100
  group = 1100
# headers_add
# message_prefix
# mode


mailman_transport:
    driver = pipe
    command = MAILMAN_WRAP \
              '${if def:local_part_suffix \
                    {${sg{$local_part_suffix}{-(\\w )(\\ .*)?}{\$1}}} \
                    {post}}' \
              $local_part
    current_directory = MAILMAN_HOME
    home_directory = MAILMAN_HOME
    user = MAILMAN_USER
    group = MAILMAN_GROUP



######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################


begin retry


# Domain               Error       Retries
# ------               -----       -------


*                      quota
*                      *           F,2h,10m; G,16h,1h,1.5; F,4d,6h


######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################


# There are no rewriting specifications in this default configuration file.

begin rewrite



######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################


# There are no authenticator specifications in this default configuration file.

begin authenticators


plain:
  driver = plaintext
  public_name = PLAIN
  server_prompts = :
  server_condition = \
    ${lookup mysql{SELECT if(count(*), "1", "0") \
    FROM passwd WHERE id = '${quote_mysql:$2}' and \
    clear = '${quote_mysql:$3}'}}
  server_set_id = $2



cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = \
    ${lookup mysql{SELECT clear FROM passwd \
    WHERE id='$1'}{$value}fail}
  server_set_id = $1



login:
  driver = plaintext
  public_name = LOGIN
  server_prompts = "Username:: : Password::"
  server_condition = \
    ${lookup mysql{SELECT if(count(*), "1", "0") \
    FROM passwd WHERE id = '${quote_mysql:$1}' and \
    clear = '${quote_mysql:$2}'}}
  server_set_id = $1



# End of Exim configuration file