Hello all,
Before I start I think it worth mentioning that I have read the FAQ on
this and trawled the archive to no avail.
I've got exim 4 setup to pass all incoming mail to spam assassin via its
own transport. As far as I can tell this all works lovely, but when the
email comes back into the system I get the following:-
2005-01-19 01:35:29 1Cr4kr-0003nX-MW <= adam@??? H=localhost
(mail.adamfowler.co.uk) [127.0.0.1] P=smtp S=738
id=2495.81.111.49.216.1106098529.squirrel@???
Sent by Squirrelmail
2005-01-19 01:35:30 1Cr4kr-0003ne-TM <= adam@??? U=exim
P=spam-scanned S=1054
id=2495.81.111.49.216.1106098529.squirrel@???
Modified by Spamc and sent back into exim via /usr/sbin/exim -oMr
spam-scanned -bS
2005-01-19 01:35:30 1Cr4kr-0003ne-TM lowest numbered MX record points to
local host: adamfowler.co.uk
2005-01-19 01:35:30 1Cr4kr-0003ne-TM == adam@??? R=dnslookup
defer (-1): lowest numbered MX record points to local host
2005-01-19 01:35:30 1Cr4kr-0003ne-TM Frozen
Oh dear.
2005-01-19 01:35:30 1Cr4kr-0003nX-MW => adam <adam@???>
R=spamcheck_router T=spamcheck
2005-01-19 01:35:30 1Cr4kr-0003nX-MW Completed
As far as I can tell the last two lines are a relic of performing the
spamc operation before returning and printing the messages.
What's really bizarre about this is that I know for a fact that
+local_domains is correctly being yanked out of mysql, as when I put this
in the spamcheck in the domains field, it gobbles all my email.
Even MORE bizarre is the fact I've set self = pass and no_more in the
dnslookup router!!! So even if they do resolve to local they should still
get passed onto the next router.
I've even tried explicitly setting primary_hostname to
mail.adamfowler.co.uk, but to no avail.
I've tried all sorts of variations on a theme for my configuration file
(as attached) but I can't get anywhere. I've followed directions on
supporting virtual hosts + exim +spam assassin to the letter as far as I
can tell (although now my config is a bit messy due to trying to fix it).
Any random and weird ideas are much appreciated!
(Note that to test it I'm sending email from adam@??? to
adam@???. )
Thanks,
Adam.
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
hide mysql_servers = host/db/user/pwd
# edited out before posting for obvious reasons
primary_hostname = mail.adamfowler.co.uk
#domainlist local_domains = @ : ${lookup mysql {SELECT userid FROM domains \
# WHERE userid="${quote_mysql:${domain}}" }}
domainlist local_domains = @ : ${lookup mysql {SELECT userid FROM domains }} : *.adamfowler.co.uk : p15150903.pureserver.info : adamfowler.co.uk
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1 : moutng.kundenserver.de : 212.227.126.186
# domainlist relay_to_domains = *.myco.com : my.friend.org
# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16
acl_smtp_rcpt = acl_check_rcpt
# qualify_domain =
# qualify_recipient =
#extra_local_interfaces = <; 82.165.31.161
# allow_domain_literals
never_users = root
# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 30s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
freeze_tell = adam@???
####################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_rcpt:
accept hosts = 82.165.31.161
accept hosts = :
accept hosts = *.adamfowler.co.uk
deny local_parts = ^.*[@%!/|] : ^\\.
accept domains = +local_domains
accept local_parts = postmaster
domains = +local_domains
# require verify = sender
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
dnslookup:
debug_print = "R: dnslookup for $local_part@$domain"
driver = dnslookup
verify_recipient = false
verify_sender = false
condition = "${if !eq {$received_protocol}{spam-scanned} {yes}{no} }"
domains = !+local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 82.165.31.161
self = pass
no_more
# The remaining routers handle addresses in the local domain(s).
spamcheck_router:
debug_print = "R: spamcheck_router for $local_part@$domain"
# for testing our domain only
domains = libertex.co.uk
no_verify
# check_local_user # DONT use this - local users only
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
# condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
condition = "${if !eq {$received_protocol}{spam-scanned} {yes}{no} }"
driver = accept
transport = spamcheck
virtual_user:
driver = redirect
allow_fail
allow_defer
# AA added
# allow_filter
data = ${lookup mysql{ SELECT maildir FROM users \
WHERE id='${quote_mysql:${local_part}@${domain}}' }}
directory_transport = address_directory
file_transport = address_file
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
condition = ${if eq {$domain}{$primary_hostname} {yes}{no} }
#userforward:
# driver = redirect
# check_local_user
# file = $home/.forward
# no_verify
# no_expn
# check_ancestor
## allow_filter
# file_transport = address_file
# directory_transport = address_directory
# reply_transport = address_reply
localuser:
driver = accept
check_local_user
transport = local_delivery
condition = ${if eq {$domain}{$primary_hostname} {yes}{no} }
#virtual_userforward:
# driver = redirect
# router_home_directory = ${lookup mysql{ SELECT home FROM users \
# WHERE id='${quote_mysql:${local_part}@${domain}}' }}
# file = ${lookup mysql{ SELECT home FROM users \
# WHERE id='${quote_mysql:${local_part}@${domain}}' }}/.forward
# no_verify
# no_expn
# forbid_filter_existstest
# forbid_filter_lookup
# check_ancestor
# allow_filter
# directory_transport = address_directory
# reply_transport = address_reply
# user = mail
#virtual_user_spam:
# driver = redirect
# allow_fail
# allow_defer
# condition = ${if eq {$received_protocol}{spam-scanned} }
## condition = ${if and {$header_X-Spam-Status: contains "Yes" or "${if def:header_X-Spam-Flag {def}{undef}}" is "def" }} {{eq {$received_protocol}{spam-scanned}} {1}{0} }
### condition = ${if def:h_X-Spam-Flag {def}{undef}} is "def"
# data = ${lookup mysql{ SELECT maildir FROM users \
# WHERE id='${quote_mysql:${local_part}@${domain}}' }}/.Spam
# directory_transport = address_directory
# file_transport = address_file
#
## maybe also try this if:
## $h_X-Spam-Status: CONTAINS "Yes"
## or
## "${if def:h_X-Spam-Flag {def}{undef}}" is "def"
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
begin transports
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
spamcheck:
debug_print = "T: spamassassin_pipe for $local_part@$domain"
driver = pipe
command = /usr/sbin/exim -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc
home_directory = "/tmp"
current_directory = "/tmp"
# must use a privileged user to set $received_protocol on the way back in!
# user = mail
# group = mail
user = exim
group = exim
#log_output = true
log_defer_output = true
log_fail_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
maildir_format
delivery_date_add
envelope_to_add
return_path_add
address_directory:
driver = appendfile
maildir_format
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators
cram:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT clear FROM users WHERE id='${quote_mysql:$1}'}{$value}fail}
server_set_id = $1
#plain:
# driver = plaintext
# public_name = PLAIN
# server_condition = \
# ${if crypteq{$2}{${lookup mysql{SELECT crypt FROM users WHERE id='${quote_mysql:$1}'}{$value}fail}} {yes}{no}}
# server_set_id = $1
# End of Exim configuration file
