Re: [Exim] exim, cyrus and virtual domains

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Ben Lutgens
Date:  
À: exim-users
Sujet: Re: [Exim] exim, cyrus and virtual domains
On Tuesday, Aug 26, 2003, at 08:59 US/Central, Tom Lazar wrote:
> and next my 'virtusertable' router:
>
> virtusertable:
> driver = redirect
> allow_fail
> allow_defer
> qualify_preserve_domain
> data =
> ${lookup{$local_part@$domain}lsearch{/usr/local/etc/exim/
> virtusertable}}
> user = mailnull
> file_transport = address_file
> pipe_transport = address_pipe


Because of the way cyrus works its best to use its local delivery agent.

Try something like this:

virtusertable:
driver = redirect
allow_fail
allow_defer
qualify_preserve_domain
data =

${lookup{$local_part@$domain}lsearch{/usr/local/etc/exim/virtusertable}}
user = mailnull
transport = local_delivery_cyrus

Then in transports do something like so:
local_delivery_cyrus:
driver = pipe
command = /usr/lib/cyrus-imapd/deliver $local_part
group = mail
user = cyrus
return_output
log_output
message_prefix =
message_suffix =

Note: The above transport works for me, but I am NOT doing and virt
domain stuff. However, given your virt domain bit is correct (which it
appears to be) this should work for you.

Don't forget to make sure that the path to deliver is right.


>
>
> when i call exim thus:
>
> exim -d -bt support@???
>
> i find, that support@??? gets properly resolved to
> support_fesh_com BUT THEN instead of being delivered locally it is
> passed back into the (queue?) as support_fesh_com@???
> which then in turned is resolved into another account via
>
> trying default match @ohne-microsoft.de
>
> [snip]
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Testing support@???
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Considering support@???
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> routing support@???
> --------> dnslookup router <--------
> [snip]
> --------> system_aliases router <--------
> [snip]
> --------> virtusertable router <--------
> local_part=support domain=ohne-microsoft.de
> calling virtusertable router
> [snip]
> lookup yielded: support_fesh_com
> expanded: support_fesh_com
> file is not a filter file
> parse_forward_list: support_fesh_com
> extract item: support_fesh_com
> virtusertable router generated support_fesh_com@???
> errors_to=NULL transport=NULL
> uid=unset gid=unset home=NULL
> routed by virtusertable router
> envelope to: support@???
> transport: <none>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Considering support_fesh_com@???
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> routing support_fesh_com@???
>
>
> one attempt to fix this, was to add an explicit mapping in
> virtusertable such as
>
> support_fesh_com@???        support_fesh_com

>
> THEN i get
>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Considering support_fesh_com@???
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> routing support_fesh_com@???
> [snip]
>
> and finally
>
> --------> virtusertable router <--------
> virtusertable router skipped: previously routed
> support_fesh_com@???
>
> now it reaches the second virtusertable router, where strangely, it is
> declined(!?):
> --------> virtusertable2 router <--------
> local_part=support_fesh_com domain=ohne-microsoft.de
> calling virtusertable2 router
> rda_interpret (string):
> ${lookup{@$domain}lsearch{/usr/local/etc/exim/virtusertable}}
> search_open: lsearch "/usr/local/etc/exim/virtusertable"
> cached open
> search_find: file="/usr/local/etc/exim/virtusertable"
> key="@ohne-microsoft.de" partial=-1 affix=NULL starflags=0
> LRU list:
> 8/usr/local/etc/exim/virtusertable
> 8/etc/aliases
> End
> internal_search_find: file="/usr/local/etc/exim/virtusertable"
> type=lsearch key="@ohne-microsoft.de"
> file lookup required for @ohne-microsoft.de
> in /usr/local/etc/exim/virtusertable
> lookup failed
> expanded:
> file is not a filter file
> parse_forward_list:
> virtusertable2 router declined for support_fesh_com@???
>
> finally it ends up in local delivery...
>
> surely this can't be the way it's supposed to be?
>
> for starters, i haven't really understood how the proposed solution
> works. why the two routers? what's the second one's function?
>
> things that i have modified from the example:
>
> a) the names of the routers (duh!)
> b) i'm using a different mail user (mailnull, the exim user)
>
> one problem could be that in order for exim to deliver mail to cyrus
> users that are not local users i had to add a catch-all router at the
> very end like this:
>
> # anything that made it until here will be handed to cyrus
>
> cyrususer:
> driver = accept
> transport = local_delivery
>
> is that the right way to get non-local (non-system) users to be passed
> to cyrus?
>
> i'm not sure anyone would care to even read an email such as this until
> here, but if you did: thanks!
>
> any input will be greatly appreciated,
>
> kind regards,
>
> tom lazar, berlin, germany
>
> here's my exim/configure
> --------------
> primary_hostname = smtp.tomster.org
>
> domainlist local_domains = lists.tomster.org :
> lists.klingendes-museum.de : primary.tomster.org : thesilencer.de :
> ds80-237-202-128.dedicated.hosteurope.de : ohne-microsoft.de
>
> domainlist relay_to_domains =
> hostlist relay_from_hosts = localhost
>
>
> # acces controls
>
> acl_smtp_rcpt = acl_check_rcpt
> acl_smtp_data = check_data
> acl_smtp_helo = check_helo
>
> # qualify_domain =
>
> # qualify_recipient =
>
>
> # allow_domain_literals
>
>
> exim_user = mailnull
> exim_group = mail
> never_users = root
>
> host_lookup = *
>
>
> rfc1413_hosts = *
> rfc1413_query_timeout = 30s
>
>
> # sender_unqualified_hosts =
> # recipient_unqualified_hosts =
>
> # tls configuration
>
> tls_advertise_hosts = *
> tls_certificate = /var/cert/mail.pem
> tls_privatekey = /var/cert/mail.pem
>
> #
>
> # percent_hack_domains =
>
> ignore_bounce_errors_after = 2d
>
> timeout_frozen_after = 7d
> ###
> # Mailman
> ###
> # Home dir for your Mailman installation -- aka Mailman's prefix
> # directory.
> MAILMAN_HOME=/usr/local/mailman
> MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
>
> # User and group for Mailman, should match your --with-mail-gid
> # switch to Mailman's configure script.
> MAILMAN_USER=mailman
> MAILMAN_GROUP=mail
> #MAILMAN_USER=mailnull
> #MAILMAN_GROUP=mailnull
>
>
> ######################################################################
> #                       ACL CONFIGURATION                            #
> #         Specifies access control lists for incoming SMTP mail      #
> ######################################################################

>
> begin acl
>
> acl_check_rcpt:
>
> accept hosts = :
>
>   deny    local_parts   = ^.*[@%!/|] : ^\\.

>
>   accept  local_parts   = postmaster
>           domains       = +local_domains

>
> #  require verify        = sender

>
>   accept  domains       = +local_domains
>           endpass
>           message       = unknown user
>           verify        = recipient

>
>   accept  domains       = +relay_to_domains
>           endpass
>           message       = unrouteable address
>           verify        = recipient

>
>   accept  hosts         = +relay_from_hosts

>
> accept authenticated = *
>
>   deny    message       = relay not permitted

>
>
>
> #
> # Sobig checks from http://www.enyo.de/fw/software/exim/sobig.html
> #
>
> check_helo:
> # Accept locally generated mail.
> accept hosts = :
>
> # Accept only arguments with a ".".
> accept condition = ${if match{$sender_helo_name}{\\.}{yes}{no}}
> deny message = syntactically invalid argument
>
> check_data:
>    deny condition = \
>           ${if match{$message_body} \
>              {(Please s|S)ee the attached file for details} \
>              {yes}{no}}
>         condition = ${if >{$message_size}{98000}{yes}{no}}
>         condition = \
>           ${if eq{$header_X-MailScanner:}{Found to be clean} \
>              {yes}{no}}
>         message = "Sobig virus detected"

>
>    accept
> ######################################################################
> #                      ROUTERS CONFIGURATION                         #
> #               Specifies how addresses are handled                  #
> ######################################################################
> #     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
> # An address is passed to each router in turn until it is accepted.  #
> ######################################################################

>
> begin routers
>
> dnslookup:
> driver = dnslookup
> domains = ! +local_domains
> transport = remote_smtp
> ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
> no_more
>
>
> system_aliases:
> driver = redirect
> allow_fail
> allow_defer
> data = ${lookup{$local_part}lsearch{/etc/aliases}}
> user = mailnull
> group = mail
> file_transport = address_file
> pipe_transport = address_pipe
>
>
> virtusertable:
> driver = redirect
> allow_fail
> allow_defer
> qualify_preserve_domain
> data =
> ${lookup{$local_part@$domain}lsearch{/usr/local/etc/exim/
> virtusertable}}
> user = mailnull
> file_transport = address_file
> pipe_transport = address_pipe
>
>
> userforward:
> driver = redirect
> check_local_user
> file = $home/.forward
> no_verify
> no_expn
> check_ancestor
> # allow_filter
> file_transport = address_file
> pipe_transport = address_pipe
> reply_transport = address_reply
> condition = ${if exists{$home/.forward} {yes} {no} }
>
>
> ###
> # Mailman
> ###
> mailman_router:
>     driver = accept
>     domains = lists.tomster.org : lists.klingendes-museum.de

>
>     require_files = MAILMAN_HOME/lists/$local_part/config.pck
>     local_part_suffix_optional
>     local_part_suffix = -bounces : -bounces+* : \
>                         -confirm+* : -join : -leave : \
>                         -owner : -request : -admin
>     transport = mailman_transport

>
>
>
> # This router matches local user mailboxes.
>
> localuser:
> driver = accept
> check_local_user
> transport = local_delivery
>
> virtusertable2:
> driver = redirect
> allow_fail
> allow_defer
> qualify_preserve_domain
> data = ${lookup{@$domain}lsearch{/usr/local/etc/exim/virtusertable}}
> user = mailnull
> file_transport = address_file
> pipe_transport = address_pipe
>
>
> # anything that made it until here will be handed to cyrus
>
> cyrususer:
> driver = accept
> transport = local_delivery
>
> ######################################################################
> #                      TRANSPORTS CONFIGURATION                      #
> ######################################################################
> #                       ORDER DOES NOT MATTER                        #
> #     Only one appropriate transport is called for each delivery.    #
> ######################################################################

>
> begin transports
>
> # This transport is used for delivering messages over SMTP connections.
>
> remote_smtp:
> driver = smtp
>
> local_delivery:
> driver = lmtp
> command = "/usr/local/cyrus/bin/deliver -l"
> batch_max = 20
> user = cyrus
>
>
> address_pipe:
> driver = pipe
> return_output
>
> address_file:
> driver = appendfile
> delivery_date_add
> envelope_to_add
> return_path_add
>
>
> address_reply:
> driver = autoreply
>
>
> ###
> # Mailman
> ###
> mailman_transport:
>     driver = pipe
>     command = MAILMAN_WRAP \
>               '${if def:local_part_suffix \
>                     {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
>                     {post}}' \
>               $local_part
>     current_directory = MAILMAN_HOME
>     home_directory = MAILMAN_HOME
>     user = MAILMAN_USER
>     group = MAILMAN_GROUP

>
> ######################################################################
> #                      RETRY CONFIGURATION                           #
> ######################################################################

>
> begin retry
>
>
> *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h

>
> ######################################################################
> #                      REWRITE CONFIGURATION                         #
> ######################################################################

>
> begin rewrite
>
> ######################################################################
> #                   AUTHENTICATION CONFIGURATION                     #
> ######################################################################

>
> begin authenticators
> --------------
> and the complete output of exim -bt -d :
> exim -d -bt support@???
> Exim version 4.20 uid=0 gid=0 pid=91385 D=fbb95cfd
> Probably Berkeley DB version 1.8x (native mode)
> Support for: IPv6 PAM Perl OpenSSL
> Authenticators: cram_md5 plaintext spa
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
> changed uid/gid: forcing real = effective
> uid=0 gid=0 pid=91385
> auxiliary group list: 0
> configuration file is /usr/local/etc/exim/configure
> log selector = 020d99d8
> trusted user
> admin user
> finduser used cached passwd data for mailnull
> finduser used cached passwd data for mailnull
> originator: uid=0 gid=0 login=root name=Charlie Root
> sender address = root@???
> Address testing: uid=0 gid=6 euid=0 egid=6
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Testing support@???
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Considering support@???
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> routing support@???
> --------> dnslookup router <--------
> local_part=support domain=ohne-microsoft.de
> checking domains
> ohne-microsoft.de in "lists.tomster.org : lists.klingendes-museum.de :
> primary.tomster.org : thesilencer.de :
> ds80-237-202-128.dedicated.hosteurope.de : ohne-microsoft.de"? yes
> (matched "ohne-microsoft.de")
> ohne-microsoft.de in "! +local_domains"? no (matched "!
> +local_domains")
> dnslookup router skipped: domains mismatch
> --------> system_aliases router <--------
> local_part=support domain=ohne-microsoft.de
> calling system_aliases router
> rda_interpret (string): ${lookup{$local_part}lsearch{/etc/aliases}}
> search_open: lsearch "/etc/aliases"
> search_find: file="/etc/aliases"
> key="support" partial=-1 affix=NULL starflags=0
> LRU list:
> 8/etc/aliases
> End
> internal_search_find: file="/etc/aliases"
> type=lsearch key="support"
> file lookup required for support
> in /etc/aliases
> lookup failed
> expanded:
> file is not a filter file
> parse_forward_list:
> system_aliases router declined for support@???
> --------> virtusertable router <--------
> local_part=support domain=ohne-microsoft.de
> calling virtusertable router
> rda_interpret (string):
> ${lookup{$local_part@$domain}lsearch*@{/usr/local/etc/exim/
> virtusertable}}
> search_open: lsearch "/usr/local/etc/exim/virtusertable"
> search_find: file="/usr/local/etc/exim/virtusertable"
> key="support@???" partial=-1 affix=NULL starflags=2
> LRU list:
> 8/usr/local/etc/exim/virtusertable
> 8/etc/aliases
> End
> internal_search_find: file="/usr/local/etc/exim/virtusertable"
> type=lsearch key="support@???"
> file lookup required for support@???
> in /usr/local/etc/exim/virtusertable
> lookup yielded: support_fesh_com
> expanded: support_fesh_com
> file is not a filter file
> parse_forward_list: support_fesh_com
> extract item: support_fesh_com
> virtusertable router generated support_fesh_com@???
> errors_to=NULL transport=NULL
> uid=unset gid=unset home=NULL
> routed by virtusertable router
> envelope to: support@???
> transport: <none>
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Considering support_fesh_com@???
> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> routing support_fesh_com@???
>
>
>
> --
> tom lazar <tom@???>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> Exim details at http://www.exim.org/ ##
>
>
>

--
Ben Lutgens
US Admins, Inc
System Administrator / Server Gumby