Right, I really want to ditch postfix
for good except on my main server that does Majordomo and
Virtual DNS, we are seeing high load that I am forced to switch back
to postfix.
MY configure file reads:
primary_hostname = primary server
domainlist local_domains = @:<huge list of Domain names>
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1 : 204.209.81.0/24 : 192.168.0.0/16 : 208.118.93.0/24: 208.118.94.0/24
trusted_users = exim : majordomo
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
# acl_check_data access control list (see below).
av_scanner = clamd:127.0.0.1 3310
# For spam scanning, there is a similar option that defines the interface to
# SpamAssassin. You do not need to set this if you are using the default, which
# is shown in this commented example. As for virus scanning, you must also
# modify the acl_check_data access control list to enable spam scanning.
spamd_address = 127.0.0.1 783
# Allow any client to use TLS.
tls_advertise_hosts = *
tls_certificate = /usr/exim/exim.crt
tls_privatekey = /usr/exim/exim.key
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
# qualify_domain =
# qualify_recipient =
# allow_domain_literals
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
#
# percent_hack_domains =
#
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
auto_thaw = 1m
# split_spool_directory = true
#spool_directory = /var/spool/exim.in
#log_file_path=/var/log/exim/%s
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_rcpt:
accept hosts = :
control = dkim_disable_verify
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify
accept authenticated = *
control = submission
control = dkim_disable_verify
require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient
#
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
dnslists = sbl-xbl.spamhaus.org : \
dnsbl.njabl.org : \
combined.njabl.org : \
dev.null.dk : \
flowgoaway.com : \
relays.visi.com : \
bl.spamcop.net : \
hostkarma.junkemailfilter.com=127.0.0.2
#
warn dnslists = sbl-xbl.spamhaus.org: \
dnsbl.njabl.org : \
combined.njabl.org : \
dev.null.dk : \
flowgoaway.com : \
relays.visi.com : \
bl.spamcop.net : \
hostkarma.junkemailfilter.com=127.0.0.2
add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain
log_message = found in $dnslist_domain
# require verify = csa
accept
acl_check_data:
deny malware = *
message = This message contains a virus ($malware_name).
warn spam = nobody
add_header = X-Spam_score: $spam_score\n\
X-Spam_score_int: $spam_score_int\n\
X-Spam_bar: $spam_bar\n\
X-Spam_report: $spam_report
accept
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
#virtual system_aliases1
system_aliases1:
driver = redirect
allow_fail
allow_defer
qualify_preserve_domain
data = ${lookup{$local_part@$domain}lsearch{/usr/exim/virtual/virtualemail}}
user = exim
file_transport = address_file
pipe_transport = address_pipe
#main system aliases
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
# user = exim
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
file = $home/.forward
# allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
localuser:
driver = accept
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
transport = local_delivery
cannot_route_message = Unknown user
# For virtual hosting
#virtual:
# driver = redirect
# domains = dsearch;/usr/exim/virtual
# data = ${lookup{$local_part}lsearch{/usr/exim/virtual/$domain}}
# no_more
#For virtual hosting
system_aliases2:
driver = redirect
allow_fail
allow_defer
qualify_preserve_domain
data = ${lookup{@$domain}lsearch{/usr/exim/virtual/virtualemail}}
user = exim
file_transport = address_file
pipe_transport = address_pipe
#Majordomo
lists:
driver = redirect
# domains = nk.ca
file = /usr/home/majordomo/lists/$local_part
forbid_pipe
forbid_file
errors_to = $local_part-request@???
user = majordomo
no_more
begin transports
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0600
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
PLAIN:
driver = plaintext
server_set_id = $auth2
server_prompts = :
server_condition = Authentication is not yet configured
server_advertise_condition = ${if def:tls_cipher }
LOGIN:
driver = plaintext
server_set_id = $auth1
server_prompts = <| Username: | Password:
server_condition = Authentication is not yet configured
server_advertise_condition = ${if def:tls_cipher }
# begin local_scan
# End of Exim configuration file
Right, where do I start? No problem on sec server.
Also running current Clamav and SpamAssassin
--
Member - Liberal International This is doctor@??? Ici doctor@???
God, Queen and country! Never Satan President Republic! Beware AntiChrist rising!
http://twitter.com/rootnl2k http://www.facebook.com/dyadallee
UK Time for a Common Sense change vote Liberal Democrat / Alliance
