[Exim] exim, cyrus and virtual domains

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Tom Lazar
Fecha:  
A: exim-users
Asunto: [Exim] exim, cyrus and virtual domains
hello,

i'm currently trying to figure out, how to use exim 4.20 with cyrus
2.1.14. moving away from a linux/sendmail/cyrus environment to a
freebsd/exim/cyrus flavour i'm hitting a brickwall when trying to
reproduce the 'virtusertable' functionality in exim.

while googling for answers i came across an archive of a post here post
at
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030428/
053217.html where Josh Siegel provided sample routers.

the problem is, though, that it doesn't work quite as expected and i
was wondering, if anyone could be so kind as to take a look at the
following setup?

consider, first, the following entry in my 'virtusertable':

support@???       support_fesh_com


and next my 'virtusertable' router:

virtusertable:
driver = redirect
allow_fail
allow_defer
qualify_preserve_domain
data =
${lookup{$local_part@$domain}lsearch{/usr/local/etc/exim/virtusertable}}
user = mailnull
file_transport = address_file
pipe_transport = address_pipe


when i call exim thus:

exim -d -bt support@???

i find, that support@??? gets properly resolved to
support_fesh_com BUT THEN instead of being delivered locally it is
passed back into the (queue?) as support_fesh_com@???
which then in turned is resolved into another account via

trying default match @ohne-microsoft.de

[snip]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Testing support@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Considering support@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

routing support@???
--------> dnslookup router <--------
[snip]
--------> system_aliases router <--------
[snip]
--------> virtusertable router <--------
local_part=support domain=ohne-microsoft.de
calling virtusertable router
[snip]
lookup yielded: support_fesh_com
expanded: support_fesh_com
file is not a filter file
parse_forward_list: support_fesh_com
extract item: support_fesh_com
virtusertable router generated support_fesh_com@???
errors_to=NULL transport=NULL
uid=unset gid=unset home=NULL
routed by virtusertable router
envelope to: support@???
transport: <none>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Considering support_fesh_com@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

routing support_fesh_com@???


one attempt to fix this, was to add an explicit mapping in
virtusertable such as

support_fesh_com@???        support_fesh_com


THEN i get

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Considering support_fesh_com@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

routing support_fesh_com@???
[snip]

and finally

--------> virtusertable router <--------
virtusertable router skipped: previously routed
support_fesh_com@???

now it reaches the second virtusertable router, where strangely, it is
declined(!?):
--------> virtusertable2 router <--------
local_part=support_fesh_com domain=ohne-microsoft.de
calling virtusertable2 router
rda_interpret (string):
${lookup{@$domain}lsearch{/usr/local/etc/exim/virtusertable}}
search_open: lsearch "/usr/local/etc/exim/virtusertable"
cached open
search_find: file="/usr/local/etc/exim/virtusertable"
key="@ohne-microsoft.de" partial=-1 affix=NULL starflags=0
LRU list:
8/usr/local/etc/exim/virtusertable
8/etc/aliases
End
internal_search_find: file="/usr/local/etc/exim/virtusertable"
type=lsearch key="@ohne-microsoft.de"
file lookup required for @ohne-microsoft.de
in /usr/local/etc/exim/virtusertable
lookup failed
expanded:
file is not a filter file
parse_forward_list:
virtusertable2 router declined for support_fesh_com@???

finally it ends up in local delivery...

surely this can't be the way it's supposed to be?

for starters, i haven't really understood how the proposed solution
works. why the two routers? what's the second one's function?

things that i have modified from the example:

a) the names of the routers (duh!)
b) i'm using a different mail user (mailnull, the exim user)

one problem could be that in order for exim to deliver mail to cyrus
users that are not local users i had to add a catch-all router at the
very end like this:

# anything that made it until here will be handed to cyrus

cyrususer:
driver = accept
transport = local_delivery

is that the right way to get non-local (non-system) users to be passed
to cyrus?

i'm not sure anyone would care to even read an email such as this until
here, but if you did: thanks!

any input will be greatly appreciated,

kind regards,

tom lazar, berlin, germany

here's my exim/configure
--------------
primary_hostname = smtp.tomster.org

domainlist local_domains = lists.tomster.org :
lists.klingendes-museum.de : primary.tomster.org : thesilencer.de :
ds80-237-202-128.dedicated.hosteurope.de : ohne-microsoft.de

domainlist relay_to_domains =
hostlist relay_from_hosts = localhost


# acces controls

acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = check_data
acl_smtp_helo = check_helo

# qualify_domain =

# qualify_recipient =


# allow_domain_literals


exim_user = mailnull
exim_group = mail
never_users = root

host_lookup = *


rfc1413_hosts = *
rfc1413_query_timeout = 30s


# sender_unqualified_hosts =
# recipient_unqualified_hosts =

# tls configuration

tls_advertise_hosts = *
tls_certificate = /var/cert/mail.pem
tls_privatekey = /var/cert/mail.pem

#

# percent_hack_domains =

ignore_bounce_errors_after = 2d

timeout_frozen_after = 7d
###
# Mailman
###
# Home dir for your Mailman installation -- aka Mailman's prefix
# directory.
MAILMAN_HOME=/usr/local/mailman
MAILMAN_WRAP=MAILMAN_HOME/mail/mailman

# User and group for Mailman, should match your --with-mail-gid
# switch to Mailman's configure script.
MAILMAN_USER=mailman
MAILMAN_GROUP=mail
#MAILMAN_USER=mailnull
#MAILMAN_GROUP=mailnull


######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################


begin acl

acl_check_rcpt:

accept hosts = :

   deny    local_parts   = ^.*[@%!/|] : ^\\.


   accept  local_parts   = postmaster
           domains       = +local_domains


#  require verify        = sender


   accept  domains       = +local_domains
           endpass
           message       = unknown user
           verify        = recipient


   accept  domains       = +relay_to_domains
           endpass
           message       = unrouteable address
           verify        = recipient


   accept  hosts         = +relay_from_hosts


accept authenticated = *

   deny    message       = relay not permitted




#
# Sobig checks from http://www.enyo.de/fw/software/exim/sobig.html
#

check_helo:
# Accept locally generated mail.
accept hosts = :

# Accept only arguments with a ".".
accept condition = ${if match{$sender_helo_name}{\\.}{yes}{no}}
deny message = syntactically invalid argument

check_data:
    deny condition = \
           ${if match{$message_body} \
              {(Please s|S)ee the attached file for details} \
              {yes}{no}}
         condition = ${if >{$message_size}{98000}{yes}{no}}
         condition = \
           ${if eq{$header_X-MailScanner:}{Found to be clean} \
              {yes}{no}}
         message = "Sobig virus detected"


    accept
######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################
#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
# An address is passed to each router in turn until it is accepted.  #
######################################################################


begin routers

dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more


system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
user = mailnull
group = mail
file_transport = address_file
pipe_transport = address_pipe


virtusertable:
driver = redirect
allow_fail
allow_defer
qualify_preserve_domain
data =
${lookup{$local_part@$domain}lsearch{/usr/local/etc/exim/virtusertable}}
user = mailnull
file_transport = address_file
pipe_transport = address_pipe


userforward:
driver = redirect
check_local_user
file = $home/.forward
no_verify
no_expn
check_ancestor
# allow_filter
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
condition = ${if exists{$home/.forward} {yes} {no} }


###
# Mailman
###
mailman_router:
     driver = accept
     domains = lists.tomster.org : lists.klingendes-museum.de


     require_files = MAILMAN_HOME/lists/$local_part/config.pck
     local_part_suffix_optional
     local_part_suffix = -bounces : -bounces+* : \
                         -confirm+* : -join : -leave : \
                         -owner : -request : -admin
     transport = mailman_transport




# This router matches local user mailboxes.

localuser:
driver = accept
check_local_user
transport = local_delivery

virtusertable2:
driver = redirect
allow_fail
allow_defer
qualify_preserve_domain
data = ${lookup{@$domain}lsearch{/usr/local/etc/exim/virtusertable}}
user = mailnull
file_transport = address_file
pipe_transport = address_pipe


# anything that made it until here will be handed to cyrus

cyrususer:
driver = accept
transport = local_delivery

######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################


begin transports

# This transport is used for delivering messages over SMTP connections.

remote_smtp:
driver = smtp

local_delivery:
driver = lmtp
command = "/usr/local/cyrus/bin/deliver -l"
batch_max = 20
user = cyrus


address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add


address_reply:
driver = autoreply


###
# Mailman
###
mailman_transport:
     driver = pipe
     command = MAILMAN_WRAP \
               '${if def:local_part_suffix \
                     {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
                     {post}}' \
               $local_part
     current_directory = MAILMAN_HOME
     home_directory = MAILMAN_HOME
     user = MAILMAN_USER
     group = MAILMAN_GROUP


######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################


begin retry


*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h


######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################


begin rewrite

######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################


begin authenticators
--------------
and the complete output of exim -bt -d :
exim -d -bt support@???
Exim version 4.20 uid=0 gid=0 pid=91385 D=fbb95cfd
Probably Berkeley DB version 1.8x (native mode)
Support for: IPv6 PAM Perl OpenSSL
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
changed uid/gid: forcing real = effective
uid=0 gid=0 pid=91385
auxiliary group list: 0
configuration file is /usr/local/etc/exim/configure
log selector = 020d99d8
trusted user
admin user
finduser used cached passwd data for mailnull
finduser used cached passwd data for mailnull
originator: uid=0 gid=0 login=root name=Charlie Root
sender address = root@???
Address testing: uid=0 gid=6 euid=0 egid=6
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Testing support@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Considering support@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

routing support@???
--------> dnslookup router <--------
local_part=support domain=ohne-microsoft.de
checking domains
ohne-microsoft.de in "lists.tomster.org : lists.klingendes-museum.de :
primary.tomster.org : thesilencer.de :
ds80-237-202-128.dedicated.hosteurope.de : ohne-microsoft.de"? yes
(matched "ohne-microsoft.de")
ohne-microsoft.de in "! +local_domains"? no (matched "! +local_domains")
dnslookup router skipped: domains mismatch
--------> system_aliases router <--------
local_part=support domain=ohne-microsoft.de
calling system_aliases router
rda_interpret (string): ${lookup{$local_part}lsearch{/etc/aliases}}
search_open: lsearch "/etc/aliases"
search_find: file="/etc/aliases"
key="support" partial=-1 affix=NULL starflags=0
LRU list:
8/etc/aliases
End
internal_search_find: file="/etc/aliases"
type=lsearch key="support"
file lookup required for support
in /etc/aliases
lookup failed
expanded:
file is not a filter file
parse_forward_list:
system_aliases router declined for support@???
--------> virtusertable router <--------
local_part=support domain=ohne-microsoft.de
calling virtusertable router
rda_interpret (string):
${lookup{$local_part@$domain}lsearch*@{/usr/local/etc/exim/
virtusertable}}
search_open: lsearch "/usr/local/etc/exim/virtusertable"
search_find: file="/usr/local/etc/exim/virtusertable"
key="support@???" partial=-1 affix=NULL starflags=2
LRU list:
8/usr/local/etc/exim/virtusertable
8/etc/aliases
End
internal_search_find: file="/usr/local/etc/exim/virtusertable"
type=lsearch key="support@???"
file lookup required for support@???
in /usr/local/etc/exim/virtusertable
lookup yielded: support_fesh_com
expanded: support_fesh_com
file is not a filter file
parse_forward_list: support_fesh_com
extract item: support_fesh_com
virtusertable router generated support_fesh_com@???
errors_to=NULL transport=NULL
uid=unset gid=unset home=NULL
routed by virtusertable router
envelope to: support@???
transport: <none>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

Considering support_fesh_com@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

routing support_fesh_com@???



--
tom lazar <tom@???>