[exim] exim with sqlite, bogofilter and dovecot

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Vasiliy Tolstov
Date:  
À: exim-users
Sujet: [exim] exim with sqlite, bogofilter and dovecot
Hello!

Some time ago a reconfigure my mail server, all except bogofilter
transport works.

But if i enable bofogilter transport message does not delivery (may be
loop.. ?)
Can You tell me what is my mistake?
P.S. exim.conf in attach



--
Vasiliy Tolstov <v.tolstov@???>
Selfip.Ru
primary_hostname = mail.selfip.ru

domainlist local_domains = ${lookup sqlite {/etc/mail/base.db \
                SELECT domain FROM domains WHERE domain='${domain}' AND \
                            type='local' and active=1}}


domainlist virtual_domains = ${lookup sqlite {/etc/mail/base.db \
                SELECT domain FROM domains WHERE domain='${domain}' AND \
                type='virtual' and active=1}}

            
domainlist relay_domains = ${lookup sqlite {/etc/mail/base.db \
               SELECT domain FROM domains WHERE domain='${domain}' AND \
               type='relay' and active=1}}

            
hostlist   relay_from_hosts = localhost : 77.221.141.148 : 77.221.143.26 : 127.0.0.1
exim_user = mail
exim_group = mail
local_interfaces = 127.0.0.1
auth_advertise_hosts = *
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
tls_advertise_hosts = *
tls_certificate = /etc/ssl/exim/mail.pem
tls_privatekey = /etc/ssl/exim/mail.pem
log_selector = \
    +address_rewrite \
    +all_parents \
    +arguments \
    +connection_reject \
    +delay_delivery \
    +delivery_size \
    +dnslist_defer \
    +incoming_interface \
    +incoming_port \
    +lost_incoming_connection \
    +queue_run \
    +received_sender \
    +received_recipients \
    +retry_defer \
    +sender_on_delivery \
    +size_reject \
    +skip_delivery \
    +smtp_confirmation \
    +smtp_connection \
    +smtp_protocol_error \
    +smtp_syntax_error \
    +subject \
    +tls_cipher \
    +tls_peerdn \
        +all_parents \
        +smtp_incomplete_transaction
log_file_path = syslog
percent_hack_domains = yes
allow_mx_to_ip = yes
disable_ipv6 = no
qualify_domain = selfip.ru
qualify_recipient = selfip.ru
allow_domain_literals = true
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 10m
timeout_frozen_after = 3d
freeze_tell = postmaster
message_size_limit = 150M
smtp_accept_max = 50
sender_unqualified_hosts = +relay_from_hosts
recipient_unqualified_hosts = +relay_from_hosts
smtp_accept_max_per_connection = 20
smtp_accept_max_per_host = 10
split_spool_directory = true
remote_max_parallel = 15
syslog_timestamp = no
smtp_banner = "${primary_hostname}"
helo_accept_junk_hosts = localhost : 77.221.141.148 : 77.221.143.26 : 127.0.0.1
xclient_allow_hosts = localhost : 77.221.141.148 : 77.221.143.26 : 127.0.0.1
helo_allow_chars = _
#bi_command= command to rebuild alises in db
host_lookup_order = byaddr:bydns


acl_smtp_connect=acl_check_connect
acl_smtp_data=acl_check_data
acl_smtp_mail=acl_check_mail
acl_smtp_mime=acl_check_mime
acl_smtp_rcpt=acl_check_rcpt
acl_smtp_helo=acl_check_helo
begin acl
#
#acl_not_smtp ACL for non-SMTP messages
#acl_not_smtp_mime ACL for non-SMTP MIME parts
#acl_not_smtp_start ACL at start of non-SMTP message
#acl_smtp_auth ACL for AUTH
#acl_smtp_connect ACL for start of SMTP connection
#acl_smtp_data ACL after DATA is complete
#acl_smtp_etrn ACL for ETRN
#acl_smtp_expn ACL for EXPN
#acl_smtp_helo ACL for HELO or EHLO
#acl_smtp_mail ACL for MAIL
#acl_smtp_mailauth ACL for the AUTH parameter of MAIL
#acl_smtp_mime ACL for content-scanning MIME parts
#acl_smtp_notquit ACL for non-QUIT terminations
#acl_smtp_predata ACL at start of DATA command
#acl_smtp_quit ACL for QUIT
#acl_smtp_rcpt ACL for RCPT
#acl_smtp_starttls ACL for STARTTLS
#acl_smtp_vrfy ACL for VRFY
#
acl_check_connect:
  accept     hosts         = +relay_from_hosts


  accept     hosts         = ${lookup sqlite {/etc/mail/base.db \
                        SELECT cidr FROM whitelist as list,users where users.login='root' and list.user=users.id and list.active=1}}
             set acl_c_white = true


  deny         hosts         = ${lookup sqlite {/etc/mail/base.db \
                           SELECT cidr FROM blacklist as list,users where users.login='root' and list.user=users.id and list.active=1}}
        set acl_c_black = true


accept

acl_check_mail:
  deny        senders     = ^\\|.*@
        message     = Addresses starting with | are denied. Prove that you are not a spammer.
        log_message     = $sender_address denied becouse it starting with pipe.
  accept

    
acl_check_rcpt:
  accept    hosts         = :


  warn        hosts         = +relay_from_hosts
               control     = submission/sender_retain

    
  deny        domains           = +local_domains
              local_parts       = ^[.] : ^.*[@%!/|]


  deny        domains           = !+local_domains
              local_parts       = ^[./|] : ^.*[@%!] : ^.*/\\.\\./


  accept      local_parts       = postmaster
              domains           = +local_domains


  require     verify            = sender


  deny          condition         = ${if eq{$sender_helo_name}\
                            {$interface_address}{yes}{no}}
           hosts             = !127.0.0.1 : !localhost : *


  accept      domains           = +local_domains
              endpass
              message           = unknown user
              verify            = recipient


  accept      domains           = +relay_domains
              endpass
              message           = unrouteable address
              verify            = recipient


  accept      hosts             = +relay_from_hosts


  accept      authenticated     = *


  deny        message           = relay not permitted


  warn        !authenticated  = * 
          log_message     = Feeding message to DK validator.
        control     = dk_verify


  accept      hosts             = +relay_from_hosts


  deny        message           = "No such user in this server"



acl_check_helo:
  accept    hosts         = +relay_from_hosts


#  deny    condition = ${if or { \
#              {eq {${lc:$sender_helo_name}}{HOSTNAME}} \
#            {eq {${lc:$sender_helo_name}}{IP}} \
#            } {true}{false} }


  deny         hosts       = !+relay_from_hosts
               message     = HELO should be Fully Qualified Domain Name  Host.Domain.Tld  See RFC821
               condition     = ${if !match {$sender_helo_name} {\N.*[A-Za-z].*\..*[A-Za-z].*\N} {yes}{no}}


accept

acl_check_mime:
  warn        decode         = default


accept

acl_check_data:
  warn        
            condition       = ${if eq{$dk_is_signed}{1} {true}{false} }
            add_header      = :at_start:X-DK-Auth: $primary_hostname; domainkeys=$dk_status; header.sender=$dk_sender
            log_message    = $dk_result


  deny          message         = [SPF] $sender_host_address is not allowed to send mail \
                                  from $sender_address_domain
                log_message     = SPF check failed.
                spf         = fail


  warn          message         = $spf_received



  deny        message        = This message contains a MIME error ($demime_reason)
          demime         = *
        condition     = ${if >{$demime_errorlevel}{2}{1}{0}}


  deny        message     = Message body is empty.
        condition     = ${if eq{$body_linecount}{0}}                                                                                   

    
  deny         message     = This message contains NUL characters.                                                                    
            condition     = ${if >{$body_zerocount}{0} } 


accept

begin routers

dnslookup:
  driver             = dnslookup
  domains             = ! +local_domains
  transport             = remote_smtp
  ignore_target_hosts         = 0.0.0.0 : localhost : 127.0.0.0/8 : 77.221.141.148 : 77.221.143.26
  no_more


#spamcheck_router:
#  domains             = +local_domains : +relay_domains : +virtual_domains
#  local_parts                   = ${lookup sqlite {/etc/mail/base.db \
#                                  SELECT login from users,domains,user_aliases WHERE \
#                                  users.domain=domains.id and \
#                                  domains.domain='${domain}' and \
#                                  ((users.id=user_aliases.user and \
#                                 user_aliases.local_part='${local_part}') or \
#                                  (users.login='${local_part}'))}}
#  no_verify
#  headers_remove         = X-FILTER-SPAM : \
#                   X-Spam-Score : \
#                  X-Spam-Score-Gate : \
#                  X-Spam-Report : \
#                  X-Spam-Gate-Subject : \
#                  X-Spam-Flag : X-S : \
#                  X-Spam-Ystatus : \
#                  X-Spam-Yversion : \
#                  X-Spam-Checker-Version : \
#                  X-Spam-Level : \
#                  X-Spam-Status
#  condition            = ${if !eq {$received_protocol}{bogodone} {1}{0}} 
#  driver             = accept
#  transport             = spamcheck_transport


system_aliases:
  driver             = redirect
  allow_fail
  allow_defer
  data                 = ${lookup sqlite {/etc/mail/base.db \
                     SELECT recipient FROM system_aliases WHERE local_part='${local_part}'}}
  domains             = local_domains


userforward:
  driver             = redirect
  allow_fail
  allow_defer
  data                 = ${lookup sqlite {/etc/mail/base.db \
                     SELECT recipient FROM forward WHERE local_part='${local_part}'}}
  domains            = +local_domains : +relay_domains : +virtual_domains


dovecot_delivery:
  driver             = accept
  domains             = +local_domains : +relay_domains : +virtual_domains
  condition             = ${lookup sqlite {/etc/mail/base.db \
                    SELECT distinct login,user_aliases.local_part from users,domains,user_aliases WHERE \
                  users.domain=domains.id and \
                  domains.domain='${domain}' and \
                  ((users.id=user_aliases.user and \
                  user_aliases.local_part='${local_part}') or \
                  (users.login='${local_part}'))}{yes}{no}}
  cannot_route_message         = Unknown user
  transport             = delivery


begin transports

spamcheck_transport:
  driver             = pipe
  command             = "/usr/sbin/exim -oMr bogodone -bS"
  use_bsmtp             = true
  transport_filter         = "/usr/bin/bogofilter -c /etc/mail/bogofilter.conf -D -v -l -p -e -b"
  return_fail_output         = true
  group             = mail
  user                 = ${lookup sqlite{/etc/mail/base.db \
                                  SELECT distinct login from users,domains,user_aliases WHERE \
                                  users.domain=domains.id and \
                                  domains.domain='${domain}' and \
                                  ((users.id=user_aliases.user and \
                                  user_aliases.local_part='${local_part}') or \
                                  (users.login='${local_part}'))}}
  home_directory         = ${lookup sqlite{/etc/mail/base.db \
                    SELECT distinct home || '/.bogofilter' from users,domains,user_aliases WHERE \
                                  users.domain=domains.id and \
                                  domains.domain='${domain}' and \
                                  ((users.id=user_aliases.user and \
                                  user_aliases.local_part='${local_part}') or \
                                  (users.login='${local_part}'))}}
  current_directory         = ${lookup sqlite{/etc/mail/base.db \
                    SELECT distinct home || '/.bogofilter' from users,domains,user_aliases WHERE \
                                  users.domain=domains.id and \
                                  domains.domain='${domain}' and \
                                  ((users.id=user_aliases.user and \
                                  user_aliases.local_part='${local_part}') or \
                                  (users.login='${local_part}'))}}
  log_output             = true
  temp_errors             = * 
  message_prefix         = "" 
  message_suffix         = ""
  return_path_add         = false


remote_smtp:
  driver             = smtp
  dk_selector             = dk
  dk_private_key         = /etc/ssl/exim/rsa.private
  dk_canon             = nofws


address_pipe:
  driver             = pipe
  return_output


address_file:
  driver             = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add


address_reply:
  driver             = autoreply


delivery:
  driver             = pipe
  command             = /usr/libexec/dovecot/deliver -s -d $local_part@$domain
  message_prefix         = ""
  message_suffix         = ""
  user                          = ${lookup sqlite{/etc/mail/base.db \
                    SELECT distinct login from users,domains,user_aliases WHERE \
                                  users.domain=domains.id and \
                                  domains.domain='${domain}' and \
                                  ((users.id=user_aliases.user and \
                                  user_aliases.local_part='${local_part}') or \
                                 (users.login='${local_part}'))}}
  group                = ${lookup sqlite{/etc/mail/base.db \
                    SELECT distinct login from users,domains,user_aliases WHERE \
                                  users.domain=domains.id and \
                                  domains.domain='${domain}' and \
                                  ((users.id=user_aliases.user and \
                                  user_aliases.local_part='${local_part}') or \
                                  (users.login='${local_part}'))}}
#  group                = mail
  log_output
  delivery_date_add
  envelope_to_add
  return_path_add


begin retry

*                      quota
*                      *           F,2h,5m; G,16h,1h,1.5; F,5d,3h



begin rewrite


begin authenticators

auth_login:
  driver             = dovecot
  public_name             = LOGIN
  server_socket         = /var/run/dovecot/auth-client
  server_set_id         = $auth1


auth_plain:
  driver             = dovecot
  public_name             = PLAIN
  server_socket         = /var/run/dovecot/auth-client
  server_set_id         = $auth1


auth_cram_md5:
  driver             = dovecot
  public_name             = CRAM-MD5
  server_socket         = /var/run/dovecot/auth-client
  server_set_id         = $auth1


auth_digest_md5:
  driver             = dovecot
  public_name             = DIGEST-MD5
  server_socket         = /var/run/dovecot/auth-client
  server_set_id         = $auth1