Re: [exim] Cannot send mail to gmail.com after reconfigure E…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Face
Date:  
À: exim-users
Sujet: Re: [exim] Cannot send mail to gmail.com after reconfigure Exim 4.76?
cannot start exim with this error:
2011-09-07 18:07:14 Exim configuration error in line 821 of
/etc/mail.d/exim.d/exim.conf:
error in ACL: unknown ACL condition/modifier in "demime = *"



here is my configuration



########################################################################
#       macro.conf {
########################################################################
hide mysql_servers = localhost/EmailSystem/exim/Mypasswrd
GREYLIST_TIMEOUT = ${eval:60*10}
GREYLIST_SPAM_THRESHOLD = ${eval:10*1}
SPAM_FILESIZE_LIMIT = 1M
VIRUS_FILESIZE_LIMIT = 32M
MYSQL_LOG=INSERT INTO `spamlog` ( `ID`, `MessageID`, `SenderIP`,
`SenderPort`, `SenderHostname`, `SenderHelo`, `SenderAddress`,
`RecipientAddress`, `Username`, `Domain`, `LoadAverage`, `SpamScore`,
`MessageSize`, `BodySize`, `MessageLines`, `BodyLines`,
`ReceivedHeaders`, `ReceivedProtocol`, `Cipher`, `Authenticated`,
`SenderVerify`, `Age`, `TimeStamp`) \
        VALUES( '${quote_mysql:$message_exim_id}', \
            '${quote_mysql:$header_Message-ID:}', \
            '${quote_mysql:$sender_host_address}', \
            '${quote_mysql:$sender_host_port}', \
            '${quote_mysql:$sender_host_name}', \
            '${quote_mysql:$sender_helo_name}', \
            '${quote_mysql:$sender_address}', \
            CONCAT('${quote_mysql:$original_local_part}','@','${quote_mysql:$original_domain}'),
\
            '${quote_mysql:$local_part}', '${quote_mysql:$domain}', \
            '${quote_mysql:$load_average}/1000', \
            '${quote_mysql:$header_X-Spam-Score:}', \
            '${quote_mysql:$message_size}', \
            '${quote_mysql:$message_body_size}', \
            '${quote_mysql:$message_linecount}', \
            '${quote_mysql:$body_linecount}', \
            '${quote_mysql:$received_count}', \
            '${quote_mysql:$received_protocol}', \
            '${quote_mysql:$tls_cipher}', \
            '${quote_mysql:$authenticated_id}', \
            '${quote_mysql:$header_X-Sender-Verify:}', \
            '${quote_mysql:$message_age}', \
            NOW() )


########################################################################
#     MAIN CONFIGURATION SETTINGS {
########################################################################
daemon_smtp_ports = smtp : smtps : submission
smtp_enforce_sync = false
primary_hostname = smtp.aldimna.com
domainlist local_domains = ${lookup mysql {\
                  SELECT domain FROM user WHERE domain='${quote_mysql:$domain}' \
                UNION \
                  SELECT domain FROM alias WHERE domain='${quote_mysql:$domain}' \
                UNION \
                  SELECT domain FROM catchall WHERE domain='${quote_mysql:$domain}'\
               }}
domainlist     relay_to_domains = $smtp_active_hostname
hostlist     relay_from_hosts = 127.0.0.1 : 10.0.1.0/24 : 10.0.0.0/24 :
10.0.0.0/26 : 10.0.1.0/26
untrusted_set_sender = *
local_sender_retain = true
local_from_check = false


smtp_banner = \t$smtp_active_hostname ESMTP\n\tExim $version_number\n\t$tod_full
tls_advertise_hosts = *
tls_on_connect_ports = 465        
tls_certificate = /etc/ssl/certs/SMTP-Certificate.crt
tls_privatekey = /etc/ssl/private/SMTP-Certificate.key
log_selector = +tls_cipher +tls_peerdn +all_parents +deliver_time
+delivery_size +queue_time +queue_time_overall +received_recipients
+received_sender +smtp_confirmation +lost_incoming_connection
+smtp_incomplete_transaction +smtp_protocol_error +smtp_syntax_error
acl_smtp_connect = acl_check_connect
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
#av_scanner = $acl_m0
av_scanner = clamd:/var/run/clamav/clamd.sock
spamd_address = /var/run/spamassassin/spamd.sock
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
split_spool_directory = true
########################################################################
#        10-acl.conf {
########################################################################
begin acl


acl_check_connect:
  accept
acl_check_helo:
  accept
acl_check_rcpt:
  accept  hosts = :
  defer message         = Your Message is currently still greylisted!
Please try again later.
    log_message     = message from ${sender_address} over
[${sender_host_address}] is still GreyListed
    !authenticated  = *
    condition       = ${if >={GREYLIST_TIMEOUT}{${lookup mysql{\
                SELECT (UNIX_TIMESTAMP()-MAX(first_seen)) AS QueueTime \
                FROM greylist \
                WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
                AND SenderAddress = '${quote_mysql:$sender_address}' \
              }{$value}{${eval:GREYLIST_TIMEOUT+1}}}}{true}{false}}
  warn  authenticated     = *
      message     = X-Authenticated-User: $authenticated_id\n\
              X-Authenticator: $sender_host_authenticated
  deny     message     = Sender claims to have a local address, but is
neither authenticated nor relayed (try using SMTP-AUTH!)
      log_message       = Forged Sender address (claims to be local user
[${sender_address}], but isn't authenticated)
      !hosts        = +relay_from_hosts
    !authenticated     = *
    condition     = ${if match_domain{$sender_address_domain}{+local_domains}}


  warn    message         = You cannot be localhost.localdomain in the internet
      log_message     = HELO is faked as localhost.localdomain
    condition       = ${if match{$sender_helo_name}{\Nlocalhost\.localdomain\N}}
  warn    message         = X-Invalid-HELO: HELO is IP only (See RFC2821 4.1.3)
      log_message     = HELO ($sender_helo_name) is IP only (See RFC2821 4.1.3)
        condition       = ${if isip{$sender_helo_name}}


  warn    message         = X-Invalid-HELO: HELO is no FQDN (contains no
dot) (See RFC2821 4.1.1.1)
      log_message     = HELO ($sender_helo_name) is no FQDN (contains no
dot) (See RFC2821 4.1.1.1)
        condition       = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}                  
        condition       = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}


  warn    message         = X-Invalid-HELO: HELO is no FQDN (ends in dot)
(See RFC2821 4.1.1.1)
      log_message     = HELO ($sender_helo_name) is no FQDN (ends in dot)
(See RFC2821 4.1.1.1)
    condition       = ${if match{$sender_helo_name}{\N\.$\N}}


  warn    message         = X-Invalid-HELO: HELO is no FQDN (contains double
dot) (See RFC2821 4.1.1.1)
      log_message     = HELO ($sender_helo_name) is no FQDN (contains double
dot) (See RFC2821 4.1.1.1)
    condition       = ${if match{$sender_helo_name}{\N\.\.\N}}

    
  warn    message            = X-Invalid-HELO: Host impersonating [$primary_hostname]
      log_message     = HELO ($sender_helo_name) impersonating [$primary_hostname]
          condition       = ${if match{$sender_helo_name}{$primary_hostname}{yes}{no}}


  warn    message            = X-Invalid-HELO: $interface_address is _my_ address
      log_message     = HELO ($sender_helo_name) uses _my_ address
($interface_address)
      condition       = ${if or{{\
                  eq{[$interface_address]}{$sender_helo_name}\
              }{\
                  eq{$interface_address}{$sender_helo_name}\
              }}}

    
  warn    message         = X-Invalid-HELO: no HELO
      log_message     = no HELO ($sender_helo_name)
        condition       = ${if !def:sender_helo_name}


  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]


  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./


  accept  local_parts   = postmaster
          domains       = +local_domains


  require verify        = sender


  warn    message        = X-Sender-Verify: FAILED ($sender_verify_failure)
      log_message    = Sender ($sender_address) could not be verified using
callout: $acl_verify_message ($sender_verify_failure)
      !verify        = sender/callout=10s,random


  warn    message        = X-Sender-Verify: SUCCEEDED (sender exists & accepts mail)
      verify        = sender/callout=10s,random

    
  accept  hosts         = +relay_from_hosts
          control       = submission


  accept  authenticated = *
      control       = submission/sender_retain/domain=


  require message = relay not permitted
          domains = +local_domains : +relay_to_domains
  require verify = recipient


accept

acl_check_data:
  deny  message     = $found_extension files are not accepted here
        demime         = com:exe:vbs:bat:pif:reg:scr

    
  deny  message     = Serious MIME defect detected ($demime_reason).
      demime         = *
    condition     = ${if >{$demime_errorlevel}{2}{1}{0}}
  deny    message       = This message contains a virus ($malware_name) and
is rejected.
      log_message     = rejected VIRUS ($malware_name) from $sender_address
to $recipients (ClamAV)
      set acl_m0     = clamd:/var/run/clamav/clamd.sock
    condition     = ${if < {$message_size}{VIRUS_FILESIZE_LIMIT}}
      demime           = *
    malware       = *
  deny    demime         = zip:rar:arj:tar:tgz:gz:bz2
    condition      = ${run{/etc/exim/scan_archive.sh $message_exim_id
${lc:$found_extension}}{no}{yes}}
    message        = This message contains an unwanted binary Attachment
in ${uc:$found_extension} file using a double extension
    log_message    = ${uc:$found_extension} archive contains potential
dangerous double extension.
    delay          = 15s
  warn    message        = X-Spam-Score: $spam_score\n\
                            X-Spam-Score-Int: $spam_score_int\n\
                            X-Spam-Bar: $spam_bar\n\
                            X-Spam-Report: $spam_report
    !authenticated  = *
    condition     = ${if < {$message_size}{SPAM_FILESIZE_LIMIT}}
    spam          = spamassassin:true
  defer    message        = Temporary error while spam-scanning. Please try again later.
      log_message    = message temporarily rejected, because of spam-scan
error (maybe timeout)
    !authenticated  = *
    condition     = ${if < {$message_size}{SPAM_FILESIZE_LIMIT}}
    condition    = ${if !def:spam_score}


  deny  message     = This message is classified as UBE (SPAM) and
therefore rejected. You scored $spam_score points. Congratulations!
    !authenticated  = *
    condition     = ${if >={$spam_score_int}{${lookup mysql{\
                SELECT ((max(spam_threshold)*2+10)*10) AS spam_reject_threshold \
                FROM user \
                WHERE SMTP_allowed='YES' \
              }{$value}{15}}}{true}{false}}
  defer message       = Your Message will be greylisted! Please try again
in GREYLIST_TIMEOUT seconds.
  log_message         = message from ${sender_address} over
[${sender_host_address}] will be GreyListed as it scores $spam_score
spam points
  !authenticated      = *
  condition           = ${if

>={$spam_score_int}{GREYLIST_SPAM_THRESHOLD}{true}{false}}

  condition           = ${lookup mysql{ \
                    SELECT MAX(first_seen) \
                FROM greylist \
                WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
                AND SenderAddress = '${quote_mysql:$sender_address}' \
              }{false}{true}}
  condition           = ${lookup mysql{ \
                    INSERT INTO greylist ( SenderIP, SenderAddress, first_seen ) \
                VALUES ( '${quote_mysql:$sender_host_address}',
'${quote_mysql:$sender_address}', UNIX_TIMESTAMP() ) \
              }{$value}fail}


  warn     message       = X-GreyList: Message successfully passed
GreyListing after $acl_m0 seconds.
      log_message     = message from ${sender_address} over
[${sender_host_address}] with HELO ($sender_helo_name) successfully
passed GreyListing after $acl_m0 seconds and scores $spam_score spam
points
      !authenticated  = *
      condition       = ${lookup mysql{ \
                SELECT MAX(first_seen) \
                FROM greylist \
                WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
                AND SenderAddress = '${quote_mysql:$sender_address}' \
              }{true}{false}}
      set     acl_m0  = ${eval:$tod_epoch-${lookup mysql{ \
                  SELECT MAX(first_seen) \
                  FROM greylist \
                  WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
                  AND SenderAddress = '${quote_mysql:$sender_address}' \
              }{$value}}}



  warn  message     = X-Exim-Version: $version_number (build at $compile_date)\n\
              X-Date: $tod_log\n\
              X-Connected-IP: $sender_host_address:$sender_host_port

            
  warn message        = X-Message-Linecount: $message_linecount\n\
                X-Body-Linecount: $body_linecount\n\
              X-Message-Size: $message_size\n\
              X-Body-Size: $message_body_size

            
warn log_message = DEBUG load_avgx1000: $load_average spam_score:
$spam_score message_size: $message_size
            
  accept
########################################################################
#       20-routers.conf {
########################################################################
begin routers


dnslookup:
    driver = dnslookup
    domains = ! +local_domains
    transport = remote_smtp
    ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
    no_more


mysql_all_domain_alias:
  driver     = redirect
  domains     = +local_domains
  local_parts     = alle
  data         = ${lookup mysql{ \
              SELECT CONCAT(username,'@',domain) AS sendto \
            FROM user \
            WHERE domain='${quote_mysql:$domain}' \
            AND SMTP_allowed='YES' \
          }}
  condition     = ${if or {{\
              def:authenticated_id\
            }{\
                  eq {$sender_host_address}{127.0.0.1}\
            }}\
          }
  file_transport = address_file
  pipe_transport = address_pipe
mysql_alias:
  driver         = redirect
  # restriction to local domains only may be a double check, as data
takes care of it already ;-)
  domains         = +local_domains
  file_transport     = address_file
  pipe_transport     = address_pipe
  data             = ${if or {{\
                       def:authenticated_id\
               }{\
                   eq {$sender_host_address}{127.0.0.1}\
               }}{\
                  ${lookup mysql{ \
                    SELECT sendto \
                    FROM alias \
                    WHERE ( username='${quote_mysql:$local_part}' \
                    AND (domain='${quote_mysql:$domain}' OR domain='') )}}\
               } {\
                ${lookup mysql{ \
                    SELECT sendto \
                    FROM alias \
                    WHERE ( ( username='${quote_mysql:$local_part}' AND
(domain='${quote_mysql:$domain}' OR domain='') ) \
                    AND internal='NO' )}}\
               }}
  local_part_suffix     = +*
  local_part_suffix_optional



mysql_user_condition:
  driver         = accept
  domains         = +local_domains
  caseful_local_part     = true
  condition         = ${if and {{\
                      # existing user
                      eq {${lookup mysql{ \
                        SELECT CONCAT(username,'@',domain) AS email \
                        FROM user \
                        WHERE username='${quote_mysql:$local_part}' \
                        AND domain='${quote_mysql:$domain}' \
                        AND SMTP_allowed='YES' \
                    }{true}{false}}}{true}\
                     }{\
                    # different conditions
                    or {{\
                        # suffix contains #before# and date (yyyymmdd) is not yet
#before#yyyymmdd
                        and {{\
                            eq {${sg{$local_part_suffix}{^#([^#]+)#[0-9]\{8\}\$}{\$1}}}{before}\
                            }{\
                            lt {$tod_logfile}{${sg{$local_part_suffix}{^#[^#]+#([0-9]\{8\})\$}{\$1}}}\
                                     }\
                           }\
                       }{\
                        # suffix contains #fromdomain# and the domain-name of sender
                        and {{\
                            eq {${sg{$local_part_suffix}{^#([^#]+)#.*\$}{\$1}}}{fromdomain}\
                            }{\
                            eq {$sender_address_domain}{${sg{$local_part_suffix}{^#[^#]+#(.*)\$}{\$1}}}\
                                     }\
                             }\
                           }{\
                        # suffix contains #b64from# and the base64 encoded address of
sender    DOES NOT WORK YET!
                        and {{\
                            eq {${sg{$local_part_suffix}{^#([^#]+)#.*\$}{\$1}}}{b64from}\
                                }{\
                            eq {${str2b64:$sender_address}}{${sg{$local_part_suffix}{^#[^#]+#(.*)\$}{\$1}}}\
                                         }\
                             }\
                           }\
                    }\
                   }\
                 }\
              }
  local_part_suffix     = #*
  transport         = local_mysql_delivery


mysql_user:
  driver         = accept
  # restriction to local domains only may be a double check, as the
condition takes care of it already ;-)
  domains         = +local_domains
  condition         = ${lookup mysql{ \
                  SELECT CONCAT(username,'@',domain) AS email \
                FROM user \
                WHERE username='${quote_mysql:$local_part}' \
                AND domain='${quote_mysql:$domain}' \
                AND SMTP_allowed='YES' \
              }{true}{false}}
  local_part_suffix     = +*
  local_part_suffix_optional
  transport         = local_mysql_delivery
  no_more


mysql_catchall:
  driver         = redirect
  # restriction to local domains only may be a double check, as data
takes care of it already ;-)
  domains         = +local_domains
  file_transport     = address_file
  pipe_transport     = address_pipe
  data             = ${lookup mysql{ \
                    SELECT sendto \
                FROM catchall \
                WHERE domain='${quote_mysql:$domain}' \
              }}


system_aliases:
  driver         = redirect
  allow_fail
  allow_defer
  data             = ${lookup{$local_part}lsearch{/etc/mail/aliases}}
  file_transport     = address_file
  pipe_transport     = address_pipe


localuser:
  driver         = accept
  check_local_user
  transport = local_delivery
  cannot_route_message     = Unknown user
########################################################################
#       30-transports.conf {
########################################################################
begin transports


remote_smtp:
    driver = smtp


spamcheck:
    driver = pipe
    command = /usr/exim/bin/exim -oMr spam-scanned -bS
    use_bsmtp = true
    transport_filter = /usr/bin/vendor_perl/spamc
    home_directory = "/tmp"
    current_directory = "/tmp"
    user = mail
    group = mail
    log_output = true
    return_fail_output = true
    return_path_add = false
    message_prefix =
    message_suffix =


local_delivery:
    driver = appendfile
    directory = /var/mail/${local_part}/
    maildir_format
    delivery_date_add
    envelope_to_add
    return_path_add
    group = mail
    mode = 0660


local_mysql_delivery:
  driver     = appendfile
  directory     = /var/mail/${domain}/${local_part}/
  maildir_format
  delivery_date_add
  envelope_to_add
  return_path_add
  user         = mail
  group     = mail
  mode         = 0660
  headers_remove = Subject : X-Spam-Flag : X-Spam-Score-Int :
X-Spam-Score : X-Spam-Bar : X-Spam-Report
  headers_add     = "X-Spam-Threshold: ${lookup mysql{ \
                           SELECT spam_threshold \
                    FROM user \
                    WHERE username='${quote_mysql:$local_part}' \
                    AND domain='${quote_mysql:$domain}' \
                    AND SMTP_allowed='YES' \
                      }{$value}{ERROR}}\n\
            X-Spam-Score: $header_X-Spam-Score:\n\
          X-Spam-Score-Int: $header_X-Spam-Score-Int:\n\
          X-Spam-Bar: $header_X-Spam-Bar:\n\
          X-Spam-Report: $header_X-Spam-Report:\n\
                  X-Spam-Flag: ${if def:header_X-Spam-Score-Int:{\
                     ${if >={${eval:${sg{$header_X-Spam-Score-Int:}{^.*\n}{}}}}\
                         {${lookup mysql{ \
                            SELECT spam_threshold*10 \
                            FROM user \
                            WHERE username='${quote_mysql:$local_part}' \
                            AND domain='${quote_mysql:$domain}' \
                            AND SMTP_allowed='YES' \
                        }{$value}{ERROR}}}{YES}{NO}}\
                    }{\
                    UNKNOWN\
                }}\n\
          Subject: ${if def:header_X-Spam-Score-Int:{\
                     ${if >={${eval:${sg{$header_X-Spam-Score-Int:}{^.*\n}{}}}}\
                        {${lookup mysql{ \
                            SELECT spam_threshold*10 \
                            FROM user \
                            WHERE username='${quote_mysql:$local_part}' \
                            AND domain='${quote_mysql:$domain}' \
                            AND SMTP_allowed='YES' \
                        }{$value}{ERROR}}}{${lookup mysql{ \
                                    SELECT spam_tag \
                                    FROM user \
                                    WHERE username='${quote_mysql:$local_part}' \
                                    AND domain='${quote_mysql:$domain}' \
                                    AND SMTP_allowed='YES' \
                                   }{$value}{ERROR}}$h_subject:}{$h_subject:}}\
                }{$h_subject:}}\n\
          X-Delivered-To: $original_local_part@$original_domain
($local_part@$domain)\n\
          X-Message-Age: $message_age"
address_pipe:
    driver = pipe
    return_fail_output
    return_path_add
    environment = EXTENSION=${substr_1:$local_part_suffix}


address_file:
    driver = appendfile
    delivery_date_add
    envelope_to_add
    return_path_add


address_directory:
    driver = appendfile
    maildir_format
    delivery_date_add
    envelope_to_add
    return_path_add


address_reply:
    driver = autoreply
########################################################################
#       40-retry.conf {
########################################################################
begin retry
# Address or Domain    Error       Retries
# -----------------    -----       -------
*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
########################################################################
#       50-rewrite.conf {
########################################################################
begin rewrite
########################################################################
#       60-authenticators.conf {
########################################################################
begin authenticators


login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_advertise_condition     = ${if eq{$tls_cipher}{}{no}{yes}}
server_condition         = ${if crypteq {$2}{\{sha1\}${lookup mysql{ \
                                SELECT password \
                                FROM user \
                                WHERE CONCAT(username,'@',domain)='${quote_mysql:$1}' \
                                AND SMTPAUTH_allowed='YES' \
                                }}}{yes}{no}}
server_set_id = $1




--
Sincerely,