Re: [exim] Some problems

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Dominic Benson
Dátum:  
Címzett: exim-users
Új témák: [exim] state.gov users cannot send to my exim mail server
Tárgy: Re: [exim] Some problems

On 21 Mar 2011, at 20:20, The Doctor wrote:

> On Mon, Mar 21, 2011 at 05:26:16PM +0000, Dominic Benson wrote:
>> On 21/03/11 16:10, The Doctor wrote:
>>>
>>>>> -------------- ns1 configuration -----------------------
>>>>>
>>>>>
>>>>> primary_hostname = ns1
>>>>> local_interfaces = 0.0.0.0.25 :  127.0.0.1.10025  : 0.0.0.0.465 :
>>>>> 0.0.0.0.587 domainlist local_domains =
>>>>> @:secure.nl2k.ab.ca:mail.nl2k.ab.ca:mail.nk.ca:nk.ca:nl2k.ca:nl2k.ab.ca:d
>>>>> octor.nl2k.ab.ca:lsearch;/usr/exim/vdom3  domainlist relay_to_domains =
>>>>> hostlist relay_from_hosts = 204.209.81.0/24 : 127.0.0.1 :
>>>>> 208.118.93.0/24: 208.118.94.0/24 trusted_users = exim : majordomo
>>>>> acl_smtp_rcpt = acl_check_rcpt
>>>>> acl_smtp_data = acl_check_data
>>>>> av_scanner = clamd:127.0.0.1 3310
>>>>> spamd_address = 127.0.0.1 783
>>>>> tls_advertise_hosts = *
>>>>> tls_certificate = /usr/exim/ca.crt
>>>>> tls_privatekey = /usr/exim/ca.key
>>>>> daemon_smtp_ports = 25 : 465 : 587
>>>>> tls_on_connect_ports =   465
>>>>> never_users = root
>>>>> host_lookup = *
>>>>> rfc1413_hosts = *
>>>>> rfc1413_query_timeout = 5s
>>>>> ignore_bounce_errors_after = 2h
>>>>> timeout_frozen_after = 6h
>>>>> auto_thaw = 1m
>>>>> begin acl
>>>>> acl_check_rcpt:
>>>>>   # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this
>>>>> by   # testing for an empty sending host field.
>>>>>   accept  hosts = :
>>>>>           control = dkim_enable_verify
>>>>> #
>>>>>   deny    message       = Restricted characters in address
>>>>>           domains       = +local_domains
>>>>>           local_parts   = ^[.] : ^.*[@%!/|]
>>>>> #
>>>>>   deny    message       = Restricted characters in address
>>>>>           domains       = !+local_domains
>>>>>           local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

>>>>>
>>>>>   accept  local_parts   = postmaster
>>>>>           domains       = +local_domains:lsearch;/usr/exim/vdom3
>>>>>   # Deny unless the sender address can be verified.
>>>>>   ##require verify        = sender
>>>>>   accept  domains       = +local_domains:lsearch;/usr/exim/vdom3
>>>>>   endpass

>>>>>
>>>>>
>>>>> /*
>>>>>
>>>>> The above is commented out as virtual e-mail addresses are not
>>>>> being recognised properly. I am using a dbm file.
>>>>> How Do I get exim to realises that we have local and virtual that needs
>>>>> supporting ?
>>>>>
>>>>>
>>>>> */
>>>
>>> I doubt C comments exists in exim for its configure file.
>>>
>>> Again here is what the above is saying:
>>>
>>> The above is commented out as virtual e-mail addresses are not
>>> being recognised properly. I am using a dbm file.
>>> How Do I get exim to realise that we have local and virtual that needs
>>> supporting ?
>>>
>>
>> If it's a dbm, I think you should use the dbm lookup instead of lsearch.
>>
>> This does assume that the keys in the file are the domains you want to
>> accept. If they're e-mail addresses, you'll need a different lookup.
>
> The vdom3 file is not in a dbm format, but the virtemail is.


OK, I misunderstood your explanation. How is the vdom3 file formatted? This might be pertinent to the problem...

>
>>
>> <snip rest of config>
>>>>> Also noticed mail taking about 1 minute to about several hours of days to
>>>>> come in. How do I rectify this?
>>
>> Have you got any more info about what has been going on in the interim? Are
>> the senders having to retry repeatedly? Do you have a massive mail queue
>> which can take an age to clear? Does it apply only to external e-mail?
>
> YEs when I do a exim -bp the messages are frozen and
> that is exactly what is happening.


Are the frozen messages bound for internal or external addresses? Are they addresses that should work, or that shouldn't have been accepted in the first place (e.g. bounces to nonexistent senders).
If they should have worked, can you post an example error response from your mail log? If they shouldn't be there at all, can you find where they came from (exim bounce, bad outbound, bad inbound, local source, amavis bounce)?

>
> IT is happeneing to external e-mail and delays even some internal e-mail
>
>>
>>> If the ns1 questions can also be answered, then we should be a go.
>>>
>>> Once established, what is the best CA authority reasonably priced
>>> for EXIM SSL certificates?
>>
>> RapidSSL is pretty cheap and (as the name implies) quick.
>>
>>
>
> Will check.
>