[exim] not your average lowest numbered MX record points to …

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Adam Fowler
Data:  
Para: exim-users
Assunto: [exim] not your average lowest numbered MX record points to local host...
Hello all,

Before I start I think it worth mentioning that I have read the FAQ on
this and trawled the archive to no avail.

I've got exim 4 setup to pass all incoming mail to spam assassin via its
own transport. As far as I can tell this all works lovely, but when the
email comes back into the system I get the following:-

2005-01-19 01:35:29 1Cr4kr-0003nX-MW <= adam@??? H=localhost
(mail.adamfowler.co.uk) [127.0.0.1] P=smtp S=738
id=2495.81.111.49.216.1106098529.squirrel@???

Sent by Squirrelmail

2005-01-19 01:35:30 1Cr4kr-0003ne-TM <= adam@??? U=exim
P=spam-scanned S=1054
id=2495.81.111.49.216.1106098529.squirrel@???

Modified by Spamc and sent back into exim via /usr/sbin/exim -oMr
spam-scanned -bS

2005-01-19 01:35:30 1Cr4kr-0003ne-TM lowest numbered MX record points to
local host: adamfowler.co.uk
2005-01-19 01:35:30 1Cr4kr-0003ne-TM == adam@??? R=dnslookup
defer (-1): lowest numbered MX record points to local host
2005-01-19 01:35:30 1Cr4kr-0003ne-TM Frozen

Oh dear.

2005-01-19 01:35:30 1Cr4kr-0003nX-MW => adam <adam@???>
R=spamcheck_router T=spamcheck
2005-01-19 01:35:30 1Cr4kr-0003nX-MW Completed

As far as I can tell the last two lines are a relic of performing the
spamc operation before returning and printing the messages.

What's really bizarre about this is that I know for a fact that
+local_domains is correctly being yanked out of mysql, as when I put this
in the spamcheck in the domains field, it gobbles all my email.

Even MORE bizarre is the fact I've set self = pass and no_more in the
dnslookup router!!! So even if they do resolve to local they should still
get passed onto the next router.

I've even tried explicitly setting primary_hostname to
mail.adamfowler.co.uk, but to no avail.

I've tried all sorts of variations on a theme for my configuration file
(as attached) but I can't get anywhere. I've followed directions on
supporting virtual hosts + exim +spam assassin to the letter as far as I
can tell (although now my config is a bit messy due to trying to fix it).

Any random and weird ideas are much appreciated!

(Note that to test it I'm sending email from adam@??? to
adam@???. )

Thanks,

Adam.
######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################



hide mysql_servers = host/db/user/pwd
# edited out before posting for obvious reasons

primary_hostname = mail.adamfowler.co.uk

#domainlist local_domains = @ : ${lookup mysql {SELECT userid FROM domains \
#    WHERE userid="${quote_mysql:${domain}}" }}
domainlist local_domains = @ : ${lookup mysql {SELECT userid FROM domains }} : *.adamfowler.co.uk : p15150903.pureserver.info : adamfowler.co.uk
domainlist relay_to_domains =
hostlist   relay_from_hosts = 127.0.0.1 : moutng.kundenserver.de : 212.227.126.186


# domainlist relay_to_domains = *.myco.com : my.friend.org
# hostlist relay_from_hosts = 127.0.0.1 : 192.168.0.0/16

acl_smtp_rcpt = acl_check_rcpt

# qualify_domain =
# qualify_recipient =

#extra_local_interfaces = <; 82.165.31.161

# allow_domain_literals


never_users = root


# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.

host_lookup = *


rfc1413_hosts = *
rfc1413_query_timeout = 30s


ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d

freeze_tell = adam@???


####################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################


begin acl

acl_check_rcpt:
  accept  hosts = 82.165.31.161
  accept  hosts = :
  accept  hosts = *.adamfowler.co.uk
  deny    local_parts   = ^.*[@%!/|] : ^\\.
  accept  domains       = +local_domains
  accept  local_parts   = postmaster
          domains       = +local_domains
#  require verify        = sender
  accept  domains       = +local_domains
          endpass
          message       = unknown user
          verify        = recipient
  accept  domains       = +relay_to_domains
          endpass
          message       = unrouteable address
          verify        = recipient
  accept  hosts         = +relay_from_hosts
  accept  authenticated = *
  deny    message       = relay not permitted




######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################
#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
# An address is passed to each router in turn until it is accepted.  #
######################################################################


begin routers

dnslookup:
    debug_print = "R: dnslookup for $local_part@$domain"
  driver = dnslookup
  verify_recipient = false
  verify_sender = false
  condition = "${if !eq {$received_protocol}{spam-scanned} {yes}{no} }"
  domains = !+local_domains 
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 82.165.31.161
  self = pass
  no_more




# The remaining routers handle addresses in the local domain(s).

spamcheck_router:
    debug_print = "R: spamcheck_router for $local_part@$domain"
# for testing our domain only
  domains = libertex.co.uk
  no_verify
#  check_local_user # DONT use this - local users only
# When to scan a message :
#   -   it isn't already flagged as spam
#   -   it isn't already scanned
#  condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
  condition = "${if !eq {$received_protocol}{spam-scanned} {yes}{no} }"
  driver = accept
  transport = spamcheck


virtual_user:
  driver = redirect
  allow_fail
  allow_defer
# AA added
#  allow_filter
  data = ${lookup mysql{ SELECT maildir FROM users \
          WHERE id='${quote_mysql:${local_part}@${domain}}' }}
  directory_transport = address_directory
  file_transport = address_file


system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
condition = ${if eq {$domain}{$primary_hostname} {yes}{no} }

#userforward:
# driver = redirect
# check_local_user
# file = $home/.forward
# no_verify
# no_expn
# check_ancestor
## allow_filter
# file_transport = address_file
# directory_transport = address_directory
# reply_transport = address_reply


localuser:
driver = accept
check_local_user
transport = local_delivery
condition = ${if eq {$domain}{$primary_hostname} {yes}{no} }

#virtual_userforward:
#  driver = redirect
#  router_home_directory = ${lookup mysql{ SELECT home FROM users \
#         WHERE id='${quote_mysql:${local_part}@${domain}}' }}
#  file = ${lookup mysql{ SELECT home FROM users \
#         WHERE id='${quote_mysql:${local_part}@${domain}}' }}/.forward
#  no_verify
#  no_expn
#  forbid_filter_existstest
#  forbid_filter_lookup
#  check_ancestor
#  allow_filter
#  directory_transport = address_directory
#  reply_transport = address_reply
#  user = mail


#virtual_user_spam:
#  driver = redirect
#  allow_fail
#  allow_defer
#  condition = ${if eq {$received_protocol}{spam-scanned} }
##  condition = ${if and {$header_X-Spam-Status: contains "Yes" or "${if def:header_X-Spam-Flag {def}{undef}}" is "def" }} {{eq {$received_protocol}{spam-scanned}} {1}{0} }
###  condition = ${if def:h_X-Spam-Flag {def}{undef}} is "def" 
#  data = ${lookup mysql{ SELECT maildir FROM users \
#          WHERE id='${quote_mysql:${local_part}@${domain}}' }}/.Spam
#  directory_transport = address_directory
#  file_transport = address_file
#  
## maybe also try this if:
## $h_X-Spam-Status: CONTAINS "Yes"
##                  or
##               "${if def:h_X-Spam-Flag {def}{undef}}" is "def"





######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################


begin transports


remote_smtp:
driver = smtp

local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add

spamcheck:
    debug_print = "T: spamassassin_pipe for $local_part@$domain"
    driver = pipe
    command = /usr/sbin/exim -oMr spam-scanned -bS
    use_bsmtp = true
    transport_filter = /usr/bin/spamc
    home_directory = "/tmp"
    current_directory = "/tmp"
    # must use a privileged user to set $received_protocol on the way back in!
#    user = mail
#    group = mail
    user = exim
    group = exim
    #log_output = true
    log_defer_output = true
    log_fail_output = true
    return_fail_output = true
    return_path_add = false
    message_prefix =
    message_suffix =


address_pipe:
driver = pipe
return_output


address_file:
driver = appendfile
maildir_format
delivery_date_add
envelope_to_add
return_path_add

address_directory:
driver = appendfile
maildir_format
delivery_date_add
envelope_to_add
return_path_add


address_reply:
driver = autoreply



######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################


begin retry

# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.

# Domain               Error       Retries
# ------               -----       -------


*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h




######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################


# There are no rewriting specifications in this default configuration file.

begin rewrite



######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################


begin authenticators

cram:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT clear FROM users WHERE id='${quote_mysql:$1}'}{$value}fail}
server_set_id = $1

#plain:
#  driver = plaintext
#  public_name = PLAIN
#  server_condition = \
#        ${if crypteq{$2}{${lookup mysql{SELECT crypt FROM users WHERE id='${quote_mysql:$1}'}{$value}fail}} {yes}{no}}
#  server_set_id = $1



# End of Exim configuration file