This is a multi-part message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Hello I ' m newbie to exim. I formed exim with smtp authentication, and works well. Although I have noticed that if any remote host establishes connection with my smtp and try to send messages to any of my local domains can freely send without to be necessary the authentication. I will have forgotten something in the configuration?.
I'm running Exim version 4.24 in Redhat 9 with mysql. Thanks in advance.
Regards,
Guille
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
MESSAGE_SIZE_LIMIT = 10M
daemon_smtp_port = 25
hide mysql_servers = localhost/mail/root/password
# Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name. In many cases this does
# the right thing and you need not set anything explicitly.
# primary_hostname =
# The next three settings create two lists of domains and one list of hosts.
# These lists are referred to later in this configuration using the syntax
# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
# are all colon-separated lists:
domainlist local_domains = ${lookup mysql{SELECT domainname FROM domains \
WHERE domainname='$domain' AND type='LOCAL'}}
domainlist relay_to_domains = ${lookup mysql{SELECT domainname FROM domains \
WHERE domainname='$domain' AND type='RELAY'}}
hostlist relay_from_hosts = *
acl_smtp_rcpt = acl_check_rcpt
never_users = root
# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 30s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
smtp_accept_max = 500
freeze_tell = postmaster
split_spool_directory
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_rcpt:
accept hosts = : 127.0.0.1/8
deny domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
#############################################################################
accept local_parts = postmaster
domains = +local_domains
require verify = sender/callout=postmaster,random
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient
## accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
# domain_literal:
# driver = ipliteral
# domains = ! +local_domains
# transport = remote_smtp
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
mysql_aliases:
driver = redirect
file_transport = address_file
pipe_transport = address_pipe
data = ${lookup mysql{SELECT sendto FROM aliases WHERE (username='$local_part' AND domainname='$domain') OR (username='*' AND domainname='$domain')}}
#system_aliases:
# driver = redirect
# allow_fail
# allow_defer
# data = ${lookup{$local_part}lsearch{/usr/exim/aliases}}
# user = exim
# file_transport = address_file
# pipe_transport = address_pipe
#userforward:
# driver = redirect
# check_local_user
# file = $home/.forward
# no_verify
# no_expn
# check_ancestor
# allow_filter
# file_transport = address_file
# pipe_transport = address_pipe
# reply_transport = address_reply
# This router matches local user mailboxes. If the router fails, the error
# message is "Unknown user".
#localuser:
# driver = accept
# check_local_user
# transport = local_delivery
# cannot_route_message = Unknown user
mysql_autorespond:
driver = accept
condition = ${if eq{} {${lookup mysql{SELECT autoresponder \
FROM users WHERE autoresponder='yes' \
AND username='$local_part' \
AND domainname='$domain' AND status='1'}}}{no}{yes}}
no_verify
no_expn
unseen
transport = address_mysql
# This router matches virtual mailboxes from MySQL database.
mysqluser:
driver = accept
condition = ${if eq{} {${lookup mysql {SELECT username FROM users WHERE username='$local_part' AND domainname='$domain' AND status='1'}}}{no}{yes}}
transport = local_delivery
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a router that successfully
# handles an address.
begin transports
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
file = /export/mail/$domain/${substr_0_1:$local_part}/${substr_1_1:$local_part}/$local_part
create_directory
delivery_date_add
envelope_to_add
return_path_add
user=exim
group = mail
mode = 0660
directory_mode = 0770
quota = ${lookup mysql{SELECT quota FROM users WHERE username='$local_part' AND domainname='$domain'}{$value}{1024M}}
quota_warn_threshold = ${lookup mysql{SELECT quotawarn FROM users WHERE username='$local_part' AND domainname='$domain'}{$value}{80%}}
quota_warn_message = "\
To: $local_part@$domain\n\
Subject: Su casilla de correo en $domain\n\n\
Este mensaje es creado automaticamente por el software\n\
de entrega del correo en $domain.\n\n\
El volumen de su casilla ha excedido el 80% de la misma.\n\
Elimine por favor, correos antiguos\n\
para evitar el posible rechazo de mails entrantes.\n\
Ante cualquier inconveniente comuniquese con el soporte tecnico.\n\n\
----------------------------------------------------------------\n\n\
This message is automatically created by the mail delivery software\n\
at $domain.\n\n\
The size of your mailbox has exceeded a warning threshold that is\n\
set by the system administrator. Please remove mails from your\n\
mailbox in order to avoid possible rejection of incoming mail.\n\n\
Feel free to contact our tech support if you encounter any problems.\n\n\
----------------------------------------------------------------\n\n\"
#address_pipe:
# driver = pipe
# return_output
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
#address_file:
# driver = appendfile
# delivery_date_add
# envelope_to_add
# return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the userforward router.
#address_reply:
# driver = autoreply
# Para el autoreply.
address_mysql:
driver = autoreply
reply_to = "${local_part}@${domain}"
to = ${sender_address}
subject = ${lookup mysql{SELECT arsubject FROM users WHERE username='$local_part' AND domainname='$domain'}{$value}{Automatic reply from ${local_part}@${domain}}}
text = ${lookup mysql{SELECT artext FROM users WHERE username='$local_part' AND domainname='$domain'}{$value}}
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
* quota
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
begin authenticators
fixed_login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = "${if and { \
{!eq{$1}{}} \
{!eq{$2}{}} \
{eq{$2}{${lookup mysql{SELECT password FROM users \
WHERE username='${local_part:$1}' \
AND domainname='${domain:$1}'}{$value}fail}}} \
} {yes}{no}}"
server_set_id = $1
fixed_plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = "${if and { \
{!eq{$2}{}} \
{!eq{$3}{}} \
{eq{$3}{${lookup mysql{SELECT password FROM users \
WHERE username='${local_part:$2}' \
AND domainname='${domain:$2}'}{$value}fail}}} \
} {yes}{no}}"
server_set_id = $2
######################################################################
# CONFIGURATION FOR local_scan() #
######################################################################
# If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.
# begin local_scan
# End of Exim configuration file
--
