Khalid
Try replacing everything in your ACL section with the contents of the
attached file, and see whether it makes any difference.
You can test it yourself by going into SSH and typing
exim -bhc 70.156.1.178
EHLO FALCON
MAIL FROM: user@???
RCPT TO: localuser@???
DATA
Whatever
.
QUIT
- Mark
#!!#######################################################!!#
#!!# This new section of the configuration contains ACLs #!!#
#!!# (Access Control Lists) derived from the Exim 3 #!!#
#!!# policy control options. #!!#
#!!#######################################################!!#
#!!# These ACLs are crudely constructed from Exim 3 options.
#!!# They are almost certainly not optimal. You should study #!!# them and rewrite as necessary.
begin acl
#!!# ACL that is used after the RCPT command
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
accept domains = +relay_domains
warn message = ${perl{popbeforesmtpwarn}{$sender_host_name}}
hosts = +relay_hosts
accept hosts = +relay_hosts
warn message = ${perl{popbeforesmtpwarn}{$sender_host_address}}
condition = ${perl{checkrelayhost}{$sender_host_address}}
accept condition = ${perl{checkrelayhost}{$sender_host_address}}
accept hosts = +auth_relay_hosts
endpass
message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication turned on in your email client.
authenticated = *
deny message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication turned on in your email client.
# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
{yes}{no}}
accept condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
{yes}{no}}
# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
{yes}{no}}
accept condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
{yes}{no}}
#sender verifications are required for all messages that are not sent to lists
require verify = sender
accept domains = +local_domains
endpass
#recipient verifications are required for all messages that are not sent to the local machine
#this was done at multiple users requests
message = "The recipient cannot be verified. $acl_verify_message"
verify = recipient
accept
domains = +local_domains
local_parts = postmaster:abuse
!hosts = @[]
!authenticated = *
deny
message = Message rejected because your mail server $sender_fullhost \ is blacklisted at $dnslist_domain for sending spams ($dnslist_text)...
dnslists = relays.ordb.org :\
sbl-xbl.spamhaus.org :\
hil.habeas.com :\
list.dsbl.org :\
cbl.abuseat.org : \
bl.spamcop.net :\
dnsbl.njabl.org :\
blackholes.easynet.nl : \
dynablock.easynet.nl :\
proxies.blackholes.easynet.nl :\
spam.dnsbl.sorbs.net :\
korea.services.net :\
brazil.blackholes.us :\
nigeria.blackholes.us :\
argentina.blackholes.us :\
malaysia.blackholes.us :\
singapore.blackholes.us :\
taiwan.blackholes.us :\
porn.rhs.mailpolice.com
delay = 3s
require verify = reverse_host_lookup
message = your mail server IP address ($sender_host_address) has no reverse DNS PTR hostname. \
Please consider contacting us through our website or call us...\
#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
##### clamav ACL, reject virus infected mails with proper error
deny message = This message contains malformed MIME ($demime_reason).
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = Hiding of file extensions(CLSID hidden) is not allowed.
regex = ^(?i)Content-Disposition::(.*?)filename=\\s*"+((\{[a-hA-H0-9-]{25,}\})|((.*?)\\s{10,}(.*?)))"+\$
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = */defer_ok
deny message = Potentially executable attachment ".$found_extension". If you meant \
to send this file then please package it up as a zip file and resend it.
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:eml:exe:hlp:hta:inf:ins:isp:jse:lnk:mdb:mde:msc:msi:msp:pcd:pif:reg:scr:sct:shs:url:vbs:vbe:wsf:wsh:wsc
# Add X-Scanned Header
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
##### end clamav ACL
accept
