Re: [exim] Some problems

Etusivu
Poista viesti
Vastaa
Lähettäjä: Ian Eiloart
Päiväys:  
Vastaanottaja: The Doctor, exim-users
Aihe: Re: [exim] Some problems


--On 16 March 2011 22:00:47 -0600 The Doctor <doctor@???>
wrote:

> Right number of issues.


You've got the correct number of issues? Or "Right, I've got a number of
issues?"

Would you care to tell us what the issues are?


Way down below this config file, you say inbound messages sometimes take a
while to arrive. Have you checked "Received" headers to determine which
step is taking the time? have you checked your log files to see whether you
are temporarily rejecting messages, or whether connections are timing out
(being dropped)?

>
> ----------------------- ns2 config file -----------------
>
>
> primary_hostname = ns2
> local_interfaces = 0.0.0.0.25 : 127.0.0.1.10025 : 0.0.0.0.465 :
> 0.0.0.0.587 domainlist local_domains = @
> domainlist relay_to_domains =
> hostlist relay_from_hosts = 127.0.0.1 : 204.209.81.0/24 : 192.168.0.0/16
> : 208.118.93.0/24: 208.118.94.0/24 acl_smtp_rcpt = acl_check_rcpt
> acl_smtp_data = acl_check_data
> av_scanner = clamd:127.0.0.1 3310
> spamd_address = 127.0.0.1 783
> tls_advertise_hosts = *
> tls_certificate = /usr/exim/ca.crt
> tls_privatekey = /usr/exim/ca.key
> daemon_smtp_ports = 25 : 465 : 587
> tls_on_connect_ports =   465
> never_users = root
> host_lookup = *
> rfc1413_hosts = *
> rfc1413_query_timeout = 5s
> ignore_bounce_errors_after = 2d
> timeout_frozen_after = 7d
> auto_thaw = 1m
> begin acl
> acl_check_rcpt:
>   # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this
> by   # testing for an empty sending host field.
>   accept  hosts = :
>           control = dkim_disable_verify

>
> #########################################################################
> ####   # The following section of the ACL is concerned with local parts
> that contain   # @ or % or ! or / or | or dots in unusual places.
>   #
>   # The characters other than dots are rarely found in genuine local
> parts, but   # are often tried by people looking to circumvent relaying
> restrictions.   # Therefore, although they are valid in local parts,
> these rules lock them   # out, as a precaution.
>   #
>   # Empty components (two dots in a row) are not valid in RFC 2822, but
> Exim   # allows them because they have been encountered. (Consider local
> parts   # constructed as "firstinitial.secondinitial.familyname" when
> applied to   # someone like me, who has no second initial.) However, a
> local part starting   # with a dot or containing /../ can cause trouble
> if it is used as part of a   # file name (e.g. for a mailing list). This
> is also true for local parts that   # contain slashes. A pipe symbol can
> also be troublesome if the local part is   # incorporated unthinkingly
> into a shell command line.
>   #
>   # Two different rules are used. The first one is stricter, and is
> applied to   # messages that are addressed to one of the local domains
> handled by this   # host. The line "domains = +local_domains" restricts
> it to domains that are   # defined by the "domainlist local_domains"
> setting above. The rule  blocks   # local parts that begin with a dot or
> contain @ % ! / or |. If you have   # local accounts that include these
> characters, you will have to modify this   # rule.
>   deny    message       = Restricted characters in address
>           domains       = +local_domains
>           local_parts   = ^[.] : ^.*[@%!/|]
>   # The second rule applies to all other domains, and is less strict. The
> line   # "domains = !+local_domains" restricts it to domains that are NOT
> defined by   # the "domainlist local_domains" setting above. The
> exclamation mark is a   # negating operator. This rule allows your own
> users to send outgoing   # messages to sites that use slashes and
> vertical bars in their local parts.   # It blocks local parts that begin
> with a dot, slash, or vertical bar, but   # allows these characters
> within the local part. However, the sequence /../   # is barred. The use
> of @ % and ! is blocked, as before. The motivation here   # is to prevent
> your users (or your users' viruses) from mounting certain   # kinds of
> attack on remote sites.
>   deny    message       = Restricted characters in address
>           domains       = !+local_domains
>           local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

>
> #########################################################################
> ####   # Accept mail to postmaster in any local domain, regardless of the
> source,   # and without verifying the sender.
>   accept  local_parts   = postmaster
>           domains       = +local_domains
>   # Deny unless the sender address can be verified.
>   require verify        = sender
>   # Accept if the message comes from one of the hosts for which we are an
>   # outgoing relay. It is assumed that such hosts are most likely to be
> MUAs,   # so we set control=submission to make Exim treat the message as a
>   # submission. It will fix up various errors in the message, for
> example, the   # lack of a Date: header line. If you are actually
> relaying out out from   # MTAs, you may want to disable this. If you are
> handling both relaying from   # MTAs and submissions from MUAs you should
> probably split them into two   # lists, and handle them differently.
>   # Recipient verification is omitted here, because in many cases the
> clients   # are dumb MUAs that don't cope well with SMTP error responses.
> If you are   # actually relaying out from MTAs, you should probably add
> recipient   # verification here.
>   # Note that, by putting this test before any DNS black list checks, you
> will   # always accept from these hosts, even if they end up on a black
> list. The   # assumption is that they are your friends, and if they get
> onto a black   # list, it is a mistake.
>   accept  hosts         = +relay_from_hosts
>           control       = submission
>           control       = dkim_disable_verify
>   # Accept if the message arrived over an authenticated connection, from
>   # any host. Again, these messages are usually from MUAs, so recipient
>   # verification is omitted, and submission mode is set. And again, we do
> this   # check before any black list tests.
>   accept  authenticated = *
>           control       = submission
>           control       = dkim_disable_verify
>   # Insist that any other recipient address that we accept is either in
> one of   # our local domains, or is in a domain for which we explicitly
> allow   # relaying. Any other domain is rejected as being unacceptable
> for relaying.   require message = relay not permitted
>           domains = +local_domains : +relay_to_domains
>   # We also require all accepted addresses to be verifiable. This check
> will   # do local part verification for local domains, but only check the
> domain   # for remote domains. The only way to check local parts for the
> remote   # relay domains is to use a callout (add /callout), but please
> read the   # documentation about callouts before doing this.
>   require verify = recipient

>
> #########################################################################
> ####   # There are no default checks on DNS black lists because the
> domains that   # contain these lists are changing all the time. However,
> here are two   # examples of how you can get Exim to perform a DNS black
> list lookup at this   # point. The first one denies, whereas the second
> just warns.
>   #
>    deny    message       = rejected because $sender_host_address is in a
> black list at $dnslist_domain\n$dnslist_text
>             dnslists = sbl-xbl.spamhaus.org : \
>              dnsbl.njabl.org : \
>              combined.njabl.org : \
>              dev.null.dk : \
>              relays.visi.com : \
>              bl.spamcop.net : \
>              hostkarma.junkemailfilter.com=127.0.0.2
>   #
>    warn   dnslists = sbl-xbl.spamhaus.org: \
>              dnsbl.njabl.org : \
>              combined.njabl.org : \
>              dev.null.dk : \
>              relays.visi.com : \
>              bl.spamcop.net : \
>              hostkarma.junkemailfilter.com=127.0.0.2
>            add_header    = X-Warning: $sender_host_address is in a black
> list at $dnslist_domain            log_message   = found in
> $dnslist_domain

>
> #########################################################################
> ####
> #########################################################################
> #### # This check is commented out because it is recognized that not
> every # sysadmin will want to do it. If you enable it, the check
> performs # Client SMTP Authorization (csa) checks on the sending host.
> These checks # do DNS lookups for SRV records. The CSA proposal is
> currently (May 2005) # an Internet draft. You can, of course, add
> additional conditions to this # ACL statement to restrict the CSA
> checks to certain hosts only. #
> # require verify = csa
>
> #########################################################################
> #### # At this point, the address has passed all the checks that have
> been # configured, so we accept it unconditionally.
> accept
> acl_check_data:
>
>   accept authenticated = *
>   # Deny if the message contains a virus. Before enabling this check, you
>   # must install a virus scanner and set the av_scanner option above.
>   #
>    deny    malware    = *
>            message    = This message contains a virus ($malware_name).
>   # Add headers to a message if it is judged to be spam. Before enabling
> this,   # you must install SpamAssassin. You may also need to set the
> spamd_address   # option above.
>   #
>    warn    spam       = nobody
>            add_header = X-Spam_score: $spam_score\n\
>                         X-Spam_score_int: $spam_score_int\n\
>                         X-Spam_bar: $spam_bar\n\
>                         X-Spam_report: $spam_report
>   # Accept the message.
>   accept
> begin routers
> check_dnslookup:
>   driver = dnslookup
>   domains = ! +local_domains
>   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
>   verify_only
>   pass_router = amavis
>   no_more
> check_system_aliases:
>   driver = redirect
>   allow_fail
>   allow_defer
>   data = ${lookup{$local_part}lsearch{/etc/aliases}}
>   verify_only
>   pass_router = amavis
> check_localuser:
>   driver = accept
>   check_local_user
>   verify_only
>   pass_router = amavis
> failed_address_router:
>   driver = accept
>   verify_only
>   fail_verify
> amavis:
>   driver = manualroute
>   # Do NOT run if received via 10025/tcp or if already spam-scanned
>   # or if bounce message ($sender_address="")
>   condition = "${if or {{eq {$interface_port}{10025}} \
>       {eq {$received_protocol}{spam-scanned}} \
>       {eq {$sender_address}{}} \
>       }{0}{1}}"
>   transport = amavis
>   route_list = "* localhost byname"
>   self = send
> dnslookup:
>   driver = dnslookup
>   domains = ! +local_domains
>   transport = remote_smtp
>   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
>   no_more
> system_aliases:
>   driver = redirect
>   allow_fail
>   allow_defer
>   data = ${lookup{$local_part}lsearch{/etc/aliases}}
>   file_transport = address_file
>   pipe_transport = address_pipe
> userforward:
>   driver = redirect
>   check_local_user
>   file = $home/.forward
>   no_verify
>   no_expn
>   check_ancestor
>   file_transport = address_file
>   pipe_transport = address_pipe
>   reply_transport = address_reply
> localuser:
>   driver = accept
>   check_local_user
>   transport = local_delivery
>   cannot_route_message = Unknown user
>   # Do NOT run if received via 10025/tcp or if already spam-scanned
>   # or if bounce message ($sender_address="")
> begin transports
> remote_smtp:
>   driver = smtp
>   hosts_avoid_tls=*
> amavis:
>   driver = smtp
>   port = 10024
>   allow_localhost
> local_delivery:
>   driver = appendfile
>   file = /var/mail/$local_part
>   delivery_date_add
>   envelope_to_add
>   return_path_add
>   group = mail
>   mode = 0600
> address_pipe:
>   driver = pipe
>   return_output
> address_file:
>   driver = appendfile
>   delivery_date_add
>   envelope_to_add
>   return_path_add
> address_reply:
>   driver = autoreply
> begin retry
> *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
> begin rewrite
> begin authenticators
> PLAIN:
>   driver                     = plaintext
>   public_name                = PLAIN
>   server_set_id              = $auth2
>   server_prompts             = :
>   server_condition           = ${if saslauthd{{$2}{$3}}{1}{0}}
>   server_advertise_condition = ${if def:tls_cipher }
> LOGIN:
>   driver                     = plaintext
>   public_name                = LOGIN
>   server_set_id              = $auth1
>  server_prompts             = <| Username: | Password:
>  server_condition           =  ${if saslauthd{{$1}{$2}}{1}{0}}
>   server_advertise_condition = ${if def:tls_cipher }

>
>
> ---- end of conf file ----------------------------
>
>
> I wish to add that if an e-mail is done via port 465 then do not subject
> it to anti-viral tests.
>
> -------------- ns1 configuration -----------------------
>
>
> primary_hostname = ns1
> local_interfaces = 0.0.0.0.25 :  127.0.0.1.10025  : 0.0.0.0.465 :
> 0.0.0.0.587 domainlist local_domains =
> @:secure.nl2k.ab.ca:mail.nl2k.ab.ca:mail.nk.ca:nk.ca:nl2k.ca:nl2k.ab.ca:d
> octor.nl2k.ab.ca:lsearch;/usr/exim/vdom3  domainlist relay_to_domains =
> hostlist relay_from_hosts = 204.209.81.0/24 : 127.0.0.1 :
> 208.118.93.0/24: 208.118.94.0/24 trusted_users = exim : majordomo
> acl_smtp_rcpt = acl_check_rcpt
> acl_smtp_data = acl_check_data
> av_scanner = clamd:127.0.0.1 3310
> spamd_address = 127.0.0.1 783
> tls_advertise_hosts = *
> tls_certificate = /usr/exim/ca.crt
> tls_privatekey = /usr/exim/ca.key
> daemon_smtp_ports = 25 : 465 : 587
> tls_on_connect_ports =   465
> never_users = root
> host_lookup = *
> rfc1413_hosts = *
> rfc1413_query_timeout = 5s
> ignore_bounce_errors_after = 2h
> timeout_frozen_after = 6h
> auto_thaw = 1m
> begin acl
> acl_check_rcpt:
>   # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this
> by   # testing for an empty sending host field.
>   accept  hosts = :
>           control = dkim_enable_verify

>
> #########################################################################
> ####   # The following section of the ACL is concerned with local parts
> that contain   # @ or % or ! or / or | or dots in unusual places.
>   #
>   # The characters other than dots are rarely found in genuine local
> parts, but   # are often tried by people looking to circumvent relaying
> restrictions.   # Therefore, although they are valid in local parts,
> these rules lock them   # out, as a precaution.
>   #
>   # Empty components (two dots in a row) are not valid in RFC 2822, but
> Exim   # allows them because they have been encountered. (Consider local
> parts   # constructed as "firstinitial.secondinitial.familyname" when
> applied to   # someone like me, who has no second initial.) However, a
> local part starting   # with a dot or containing /../ can cause trouble
> if it is used as part of a   # file name (e.g. for a mailing list). This
> is also true for local parts that   # contain slashes. A pipe symbol can
> also be troublesome if the local part is   # incorporated unthinkingly
> into a shell command line.
>   #
>   # Two different rules are used. The first one is stricter, and is
> applied to   # messages that are addressed to one of the local domains
> handled by this   # host. The line "domains = +local_domains" restricts
> it to domains that are   # defined by the "domainlist local_domains"
> setting above. The rule  blocks   # local parts that begin with a dot or
> contain @ % ! / or |. If you have   # local accounts that include these
> characters, you will have to modify this   # rule.
>   deny    message       = Restricted characters in address
>           domains       = +local_domains
>           local_parts   = ^[.] : ^.*[@%!/|]
>   # The second rule applies to all other domains, and is less strict. The
> line   # "domains = !+local_domains" restricts it to domains that are NOT
> defined by   # the "domainlist local_domains" setting above. The
> exclamation mark is a   # negating operator. This rule allows your own
> users to send outgoing   # messages to sites that use slashes and
> vertical bars in their local parts.   # It blocks local parts that begin
> with a dot, slash, or vertical bar, but   # allows these characters
> within the local part. However, the sequence /../   # is barred. The use
> of @ % and ! is blocked, as before. The motivation here   # is to prevent
> your users (or your users' viruses) from mounting certain   # kinds of
> attack on remote sites.
>   deny    message       = Restricted characters in address
>           domains       = !+local_domains
>           local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

>
> #########################################################################
> ####   # Accept mail to postmaster in any local domain, regardless of the
> source,   # and without verifying the sender.
>   accept  local_parts   = postmaster
>           domains       = +local_domains:lsearch;/usr/exim/vdom3
>   # Deny unless the sender address can be verified.
>   ##require verify        = sender
>   accept  domains       = +local_domains:lsearch;/usr/exim/vdom3
>   endpass

>
>
> /*
>
> The above is commented out as virtual e-mail addresses are not
> being recognised properly. I am using a dbm file.
> How Do I get exim to realises that we have local and virtual that needs
> supporting ?
>
>
> */
>   ## Sender Verify on 'Recipient'
> drop    message = REJECTED - Sender Verify Failed - error code
> \"$sender_verify_failure\"\n\n\ The return address you are using for this
> email message <$sender_address>\ does not seem to be a working account.
>         log_message = REJECTED - Sender Verify Failed - error code
> \"$sender_verify_failure\"         !hosts = +no_verify
>         !verify = sender/callout=2m,defer_ok
>         condition = ${if eq{recipient}{$sender_verify_failure}}
> deny    message   = REJECTED - Recipient Verify Failed - User Not Found
>         domains   = +all_mail_handled_locally
>         !verify   = recipient/callout=2m,defer_ok,use_sender
> warn    domains = +local_domains:lsearch;/usr/exim/vdom3
>                 !verify = recipient
>                 set acl_c0 = ${eval: $acl_c0+1}
>                 delay = ${eval: ($acl_c0 - 1) * 60}s
>   # Accept if the message comes from one of the hosts for which we are an
>   # outgoing relay. It is assumed that such hosts are most likely to be
> MUAs,   # so we set control=submission to make Exim treat the message as a
>   # submission. It will fix up various errors in the message, for
> example, the   # lack of a Date: header line. If you are actually
> relaying out out from   # MTAs, you may want to disable this. If you are
> handling both relaying from   # MTAs and submissions from MUAs you should
> probably split them into two   # lists, and handle them differently.
>   # Recipient verification is omitted here, because in many cases the
> clients   # are dumb MUAs that don't cope well with SMTP error responses.
> If you are   # actually relaying out from MTAs, you should probably add
> recipient   # verification here.
>   # Note that, by putting this test before any DNS black list checks, you
> will   # always accept from these hosts, even if they end up on a black
> list. The   # assumption is that they are your friends, and if they get
> onto a black   # list, it is a mistake.
>   accept  hosts         = +relay_from_hosts
>           control       = submission
>           control       = dkim_disable_verify
>   # Accept if the message arrived over an authenticated connection, from
>   # any host. Again, these messages are usually from MUAs, so recipient
>   # verification is omitted, and submission mode is set. And again, we do
> this   # check before any black list tests.
>   accept  authenticated = *
>           control       = submission
>           control       = dkim_disable_verify
>   # Insist that any other recipient address that we accept is either in
> one of   # our local domains, or is in a domain for which we explicitly
> allow   # relaying. Any other domain is rejected as being unacceptable
> for relaying.   require message = relay not permitted
>           domains = +local_domains : +relay_to_domains
>   # We also require all accepted addresses to be verifiable. This check
> will   # do local part verification for local domains, but only check the
> domain   # for remote domains. The only way to check local parts for the
> remote   # relay domains is to use a callout (add /callout), but please
> read the   # documentation about callouts before doing this.
>   require verify = recipient

>
> #########################################################################
> ####   # There are no default checks on DNS black lists because the
> domains that   # contain these lists are changing all the time. However,
> here are two   # examples of how you can get Exim to perform a DNS black
> list lookup at this   # point. The first one denies, whereas the second
> just warns.
>   #
>    deny    message       = rejected because $sender_host_address is in a
> black list at $dnslist_domain\n$dnslist_text
>             dnslists = sbl-xbl.spamhaus.org : \
>              dnsbl.njabl.org : \
>              combined.njabl.org : \
>              dev.null.dk : \
>              relays.visi.com : \
>              bl.spamcop.net : \
>              hostkarma.junkemailfilter.com=127.0.0.2
>   #
>    warn   dnslists = sbl-xbl.spamhaus.org: \
>              dnsbl.njabl.org : \
>              combined.njabl.org : \
>              dev.null.dk : \
>              relays.visi.com : \
>              bl.spamcop.net : \
>              hostkarma.junkemailfilter.com=127.0.0.2
>            add_header    = X-Warning: $sender_host_address is in a black
> list at $dnslist_domain            log_message   = found in
> $dnslist_domain

>
> #########################################################################
> ####
> #########################################################################
> #### # This check is commented out because it is recognized that not
> every # sysadmin will want to do it. If you enable it, the check
> performs # Client SMTP Authorization (csa) checks on the sending host.
> These checks # do DNS lookups for SRV records. The CSA proposal is
> currently (May 2005) # an Internet draft. You can, of course, add
> additional conditions to this # ACL statement to restrict the CSA
> checks to certain hosts only. #
> # require verify = csa
>
> #########################################################################
> ####   # At this point, the address has passed all the checks that have
> been   # configured, so we accept it unconditionally.
>   accept
> acl_check_data:
>   # Deny if the message contains a virus. Before enabling this check, you
>   # must install a virus scanner and set the av_scanner option above.
>   #
>    deny    malware    = *
>            message    = This message contains a virus ($malware_name).
>   # Add headers to a message if it is judged to be spam. Before enabling
> this,   # you must install SpamAssassin. You may also need to set the
> spamd_address   # option above.
>   #
>    warn    spam       = nobody
>            add_header = X-Spam_score: $spam_score\n\
>                         X-Spam_score_int: $spam_score_int\n\
>                         X-Spam_bar: $spam_bar\n\
>                         X-Spam_report: $spam_report
>   # Accept the message.
>   accept
> begin routers
> check_dnslookup:
>   driver = dnslookup
>   domains = ! +local_domains
>   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
>   verify_only
>   pass_router = amavis
>   no_more
> check_system_aliases:
>   driver = redirect
>   allow_fail
>   allow_defer
>   data = ${lookup{$local_part}lsearch{/etc/aliases}}
>   verify_only
>   pass_router = amavis
> check_localuser:
>   driver = accept
>   check_local_user
>   verify_only
>   pass_router = amavis
> failed_address_router:
>   driver = accept
>   verify_only
>   fail_verify
> domains_virtual:
>   domains       = +local_domains
>   driver = redirect
>   data=${lookup{$local_part@$domain}dbm{/usr/exim/virtemail}}

>
> domains_virtual_others:
>   domains       = +local_domains
>   driver = redirect
>   data=${lookup{@$domain}dbm{/usr/exim/virtemail}}
> amavis:
>   driver = manualroute
>   # Do NOT run if received via 10025/tcp or if already spam-scanned
>   # or if bounce message ($sender_address="")
>   condition = "${if or {{eq {$interface_port}{10025}} \
>       {eq {$received_protocol}{spam-scanned}} \
>       {eq {$sender_address}{}} \
>       }{0}{1}}"
>   transport = amavis
>   route_list = "* localhost byname"
>   self = send
> dnslookup:
>   driver = dnslookup
>   domains = ! +local_domains
>   transport = remote_smtp
>   ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
>   no_more
> system_aliases:
>   driver = redirect
>   allow_fail
>   allow_defer
>   data = ${lookup{$local_part}lsearch{/etc/aliases}}
>   file_transport = address_file
>   pipe_transport = address_pipe
> userforward:
>   driver = redirect
>   check_local_user
>   file = $home/.forward
>   no_verify
>   no_expn
>   check_ancestor
>   file_transport = address_file
>   pipe_transport = address_pipe
>   reply_transport = address_reply
> localuser:
>   driver = accept
>   check_local_user
>   transport = local_delivery
>   cannot_route_message = Unknown user
> procmail:
>   driver = accept
>   check_local_user
>   require_files = $home/.procmailrc
>   transport = procmail_pipe
>   # Do NOT run if received via 10025/tcp or if already spam-scanned
>   # or if bounce message ($sender_address="")
> lists:
>   driver = redirect
>   file = /usr/home/majordomo/lists/$local_part
>   forbid_pipe
>   forbid_file
>   errors_to = $local_part-request@???
>   user = majordomo
>   no_more
> begin transports
> remote_smtp:
>   driver = smtp
> procmail_pipe:
>   driver = pipe
>   command = /usr/bin/procmail -d $local_part
>   return_path_add
>   delivery_date_add
>   envelope_to_add
>   check_string = "From "
>   escape_string = ">From "
>   umask = 077
>   user = $local_part
>   group = mail

>
> amavis:
>   driver = smtp
>   port = 10024
>   allow_localhost
> local_delivery:
>   driver = appendfile
>   file = /var/mail/$local_part
>   delivery_date_add
>   envelope_to_add
>   return_path_add
>   group = mail
>   mode = 0600
> address_pipe:
>   driver = pipe
>   return_output
> address_file:
>   driver = appendfile
>   delivery_date_add
>   envelope_to_add
>   return_path_add
> address_reply:
>   driver = autoreply
> begin retry
> *                      *           F,1h,15m; G,10h,1h,1.5; F,7d,1h
> begin rewrite
> begin authenticators
> PLAIN:
>   driver                     = plaintext
>   public_name                = PLAIN
>   server_set_id              = $auth2
>   server_prompts             = :
>   server_condition           = ${if saslauthd{{$2}{$3}}{1}{0}}
>   server_advertise_condition = ${if def:tls_cipher }
> LOGIN:
>   driver                     = plaintext
>   public_name                = LOGIN
>   server_set_id              = $auth1
>  server_prompts             = <| Username: | Password:
>  server_condition           = ${if saslauthd{{$1}{$2}}{1}{0}}
>   server_advertise_condition = ${if def:tls_cipher }

>
>
> -------------------------- end of ns1 ---------------
>
> Also noticed mail taking about 1 minute to about several hours of days to
> come in. How do I rectify this?
>
>
> --
> Member - Liberal International    This is doctor@??? Ici
> doctor@??? God, Queen and country! Never Satan President Republic!
> Beware AntiChrist rising!  http://twitter.com/rootnl2k
> http://www.facebook.com/dyadallee
> Now is the time time to declare your allegiance!




--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/