On 21 Mar 2011, at 22:49, The Doctor wrote:
> On Mon, Mar 21, 2011 at 10:35:11PM +0000, Dominic Benson wrote:
>>
>> On 21 Mar 2011, at 20:20, The Doctor wrote:
>>
>>> On Mon, Mar 21, 2011 at 05:26:16PM +0000, Dominic Benson wrote:
>>>> On 21/03/11 16:10, The Doctor wrote:
>>>>>
>>>>>>> -------------- ns1 configuration -----------------------
>>>>>>>
>>>>>>>
>>>>>>> primary_hostname = ns1
>>>>>>> local_interfaces = 0.0.0.0.25 : 127.0.0.1.10025 : 0.0.0.0.465 :
>>>>>>> 0.0.0.0.587 domainlist local_domains =
>>>>>>> @:secure.nl2k.ab.ca:mail.nl2k.ab.ca:mail.nk.ca:nk.ca:nl2k.ca:nl2k.ab.ca:d
>>>>>>> octor.nl2k.ab.ca:lsearch;/usr/exim/vdom3 domainlist relay_to_domains =
>>>>>>> hostlist relay_from_hosts = 204.209.81.0/24 : 127.0.0.1 :
>>>>>>> 208.118.93.0/24: 208.118.94.0/24 trusted_users = exim : majordomo
>>>>>>> acl_smtp_rcpt = acl_check_rcpt
>>>>>>> acl_smtp_data = acl_check_data
>>>>>>> av_scanner = clamd:127.0.0.1 3310
>>>>>>> spamd_address = 127.0.0.1 783
>>>>>>> tls_advertise_hosts = *
>>>>>>> tls_certificate = /usr/exim/ca.crt
>>>>>>> tls_privatekey = /usr/exim/ca.key
>>>>>>> daemon_smtp_ports = 25 : 465 : 587
>>>>>>> tls_on_connect_ports = 465
>>>>>>> never_users = root
>>>>>>> host_lookup = *
>>>>>>> rfc1413_hosts = *
>>>>>>> rfc1413_query_timeout = 5s
>>>>>>> ignore_bounce_errors_after = 2h
>>>>>>> timeout_frozen_after = 6h
>>>>>>> auto_thaw = 1m
>>>>>>> begin acl
>>>>>>> acl_check_rcpt:
>>>>>>> # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this
>>>>>>> by # testing for an empty sending host field.
>>>>>>> accept hosts = :
>>>>>>> control = dkim_enable_verify
>>>>>>> #
>>>>>>> deny message = Restricted characters in address
>>>>>>> domains = +local_domains
>>>>>>> local_parts = ^[.] : ^.*[@%!/|]
>>>>>>> #
>>>>>>> deny message = Restricted characters in address
>>>>>>> domains = !+local_domains
>>>>>>> local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
>>>>>>>
>>>>>>> accept local_parts = postmaster
>>>>>>> domains = +local_domains:lsearch;/usr/exim/vdom3
>>>>>>> # Deny unless the sender address can be verified.
>>>>>>> ##require verify = sender
>>>>>>> accept domains = +local_domains:lsearch;/usr/exim/vdom3
>>>>>>> endpass
>>>>>>>
>>>>>>>
>>>>>>> /*
>>>>>>>
>>>>>>> The above is commented out as virtual e-mail addresses are not
>>>>>>> being recognised properly. I am using a dbm file.
>>>>>>> How Do I get exim to realises that we have local and virtual that needs
>>>>>>> supporting ?
>>>>>>>
>>>>>>>
>>>>>>> */
>>>>>
>>>>> I doubt C comments exists in exim for its configure file.
>>>>>
>>>>> Again here is what the above is saying:
>>>>>
>>>>> The above is commented out as virtual e-mail addresses are not
>>>>> being recognised properly. I am using a dbm file.
>>>>> How Do I get exim to realise that we have local and virtual that needs
>>>>> supporting ?
>>>>>
>>>>
>>>> If it's a dbm, I think you should use the dbm lookup instead of lsearch.
>>>>
>>>> This does assume that the keys in the file are the domains you want to
>>>> accept. If they're e-mail addresses, you'll need a different lookup.
>>>
>>> The vdom3 file is not in a dbm format, but the virtemail is.
>>
>> OK, I misunderstood your explanation. How is the vdom3 file formatted? This might be pertinent to the problem...
>
> vdom3 is just one domain per file.
per *line*?
>
>>
>>>
>>>>
>>>> <snip rest of config>
>>>>>>> Also noticed mail taking about 1 minute to about several hours of days to
>>>>>>> come in. How do I rectify this?
>>>>
>>>> Have you got any more info about what has been going on in the interim? Are
>>>> the senders having to retry repeatedly? Do you have a massive mail queue
>>>> which can take an age to clear? Does it apply only to external e-mail?
>>>
>>> YEs when I do a exim -bp the messages are frozen and
>>> that is exactly what is happening.
>>
>> Are the frozen messages bound for internal or external addresses? Are they addresses that should work, or that shouldn't have been accepted in the first place (e.g. bounces to nonexistent senders).
>> If they should have worked, can you post an example error response from your mail log? If they shouldn't be there at all, can you find where they came from (exim bounce, bad outbound, bad inbound, local source, amavis bounce)?
>>
>
> IIRC external addresses. However exim is getting
> overloaded having to handle too many frozen messages that legit messages coming in are getting delayed for days.
Yes, but this feels like the 'real' problem. Frozen messages should be a small minority.
>
> Would you like an attache log(s) of the last full day of using exim?
Possibly. If you could also include the exim4 -bp output that would be helpful. I probably won't get around to looking at it until the morning, it's getting late here...