Главная > Linux > Конфигурация exim

Конфигурация exim

Пример конфигурации acl_check_rcpt

MYSQL_DOMAINS = SELECT domain FROM domains WHERE domain=’${domain}’ AND (type=’LOCAL’ OR type=’VIRTUAL’)

MYSQL_ADD_WHITELIST_RECIPIENT = INSERT INTO whitelist(src_email,dst_email,record_expires) VALUES (’$sender_address’,'$local_part@$domain’,DATE_ADD(now(), INTERVAL 180 DAY))

MYSQL_UPDATE_WHITELIST_RECIPIENT  = UPDATE whitelist SET record_expires=DATE_ADD(now(), INTERVAL 180 DAY) WHERE dst_email=’$local_part@$domain’

MYSQL_DEL_WHITELIST_EXPIRED  = DELETE FROM whitelist WHERE record_expires < now()

MYSQL_WHITELIST_CHECK_SENDER   = SELECT CASE WHEN now() - record_expires > 0 THEN 2 ELSE 1 END FROM whitelist WHERE dst_email=’$sender_address’  LIMIT 1

MYSQL_WHITELIST_CHECK_RECIPIENT  = SELECT CASE WHEN now() - record_expires > 0 THEN 2 ELSE 1 END FROM whitelist WHERE dst_email=’$local_part@$domain’  LIMIT 1

#acl_m0=$domain
#acl_m1=$local_part
#acl_m3 = check (sender, recipient)@domain in list of localDomains
#acl_m6 = delay before send email for alien clienta
#acl_m18 set “whitelist” if sender in WHITELIST
#acl_m19 = check recipient email in whitelist, 1 = YES, 2 = date EXPIRED, 0 = not

acl_check_rcpt:

accept  hosts = :

deny    domains       = +local_domains
local_parts   = ^[.] : ^.*[@%!/|]

deny    domains       = !+local_domains
local_parts   = ^[./|] : ^.*[@%!] : ^.*/\.\./

accept  local_parts   = postmaster
domains       = +local_domains

# check valid domain name
require verify  = sender

warn  set acl_m3    = ${lookup mysql{MYSQL_DOMAINS}}

deny  condition   = ${if eq{$sender_helo_name} {$interface_address}{yes}{no}}
hosts         = !127.0.0.1 : !localhost : *
logwrite      = SpamBlock: main IP in your HELO! Access denied!
message       = “main IP in your HELO! Access denied!”

deny  condition   = ${if match{$sender_helo_name}{N^d+$N}{yes}{no}}
hosts         = !127.0.0.1 : !localhost : *
logwrite      = SpamBlock: can not be only number in HELO
message       = “can not be only number in HELO! Access denied!”

deny  message       = “HELOEHLO need for me. Access denied!”
condition     = ${if eq{$sender_helo_name}{}{yes}{no}}
logwrite      = SpamBlock: no HELO
delay         = 30s

deny  message       = “We dont allow IP-only in hello. Access denied!”
condition     = ${if isip{$sender_helo_name}{yes}{no}}
hosts         = !127.0.0.1 : !+relay_from_hosts
logwrite      = SpamBlock:IP-only in HELO
delay         = 30s

#check sender in whitelist (sql db)- incoming message to our domains
warn    domains       = +local_domains
set acl_m19  = ${lookup mysql{MYSQL_WHITELIST_CHECK_SENDER}{$value}{0}}

#set default delay for all hosts
warn
set acl_m6 = 10s

#set ZERO delay for relayHosts
warn
hosts = +relay_from_hosts
set acl_m6 = 0s

#set ZERO delay for authenticated
warn
authenticated = *
set acl_m6 = 0s

#check var, and set m18 (if user in whitelis m18=whitelist) for acl_check_data and ACCEPT for whiteList sender
accept  domains       = +local_domains
condition     = ${if eq{$acl_m19}{1}{yes}{no}}
set acl_m18 = whitelist
logwrite=User [$sender_address] in WHITE list (message for:$local_part@$domain), accepted

#set delay for other
warn
logwrite = Set delay $acl_m6 for $sender_host_name
[$sender_host_address] with HELO=$sender_helo_name. Mail
from $sender_address to $local_part@$domain.
delay = $acl_m6

deny    message       = “your hostname is bad (adsl, poll, ppp & etc). Access denied!”
condition    = ${if and {{!eq{$acl_m19}{1}} {match{$sender_host_name}
{adsl|dialup|pool|peer|dhcp|pppoe|dynamic|.home.|ppp-|dsl-|Dynamic|.user.|.dsl.|.dyn.|.ttnet.net.tr}}}
{yes}{no}}
hosts         = !127.0.0.1 : !+relay_from_hosts: *
logwrite      = SpamBlock: black host, hostname is bad (adsl, poll, ppp & etc)
delay         = 30s

deny  hosts = !+relay_from_hosts
domains   = +local_domains
condition = ${if eq{$sender_address}{$local_part@$domain} {yes}{no} }
logwrite = SpamBlock: The same local addresses or domain in MAIL FROM and RCPT TO from nonlocal relay
message     = The same local addresses or domain in MAIL FROM and RCPT TO from nonlocal relay. Access denied!

deny  hosts = !+relay_from_hosts
domains   = +local_domains
condition = ${if eq{$sender_address_domain}{$domain} {yes}{no}}
logwrite = SpamBlock: The same domain in MAIL FROM and RCPT TO from nonlocal relay
message     = The same domain in MAIL FROM and RCPT TO from nonlocal relay. Access denied!

deny  message       = So many recipients …. not allow. Access denied!
hosts         = !127.0.0.1 : !+relay_from_hosts : *
condition     = ${if and {{!eq{$acl_m19}{1}} {>{$rcpt_count}{MAX_RCPT_USERS}}} }
logwrite      = SpamBlock: many recipients from $sender_address count: $rcpt_count
delay         = 30s

#update date experied recipient in white list (acl_m19==1 if whitelist, acl_m3: if recipient from unknown_domain->acl_m3=”, example info@ropnet.ru)
warn
authenticated = *
set acl_m19   = ${lookup mysql{MYSQL_WHITELIST_CHECK_RECIPIENT}{$value}{0}}
condition     = ${if and {{eq{$acl_m3}{}}{!eq{$acl_m19}{0}}}{yes}{no}}
set acl_m19   = ${lookup mysql{MYSQL_UPDATE_WHITELIST_RECIPIENT}}
logwrite      = “Update date expired for $local_part@$domain in WHITE list”

warn
hosts         = +relay_from_hosts
set acl_m19   = ${lookup mysql{MYSQL_WHITELIST_CHECK_RECIPIENT}{$value}{0}}
condition     = ${if and {{eq{$acl_m3}{}}{!eq{$acl_m19}{0}}}{yes}{no}}
set acl_m19   = ${lookup mysql{MYSQL_UPDATE_WHITELIST_RECIPIENT}}
logwrite      = “Update date expired for $local_part@$domain in WHITE list”

#if acl_m19==0 -> new recipient, add to whitelist
warn
authenticated = *
condition     = ${if and {{eq{$acl_m3}{}}{eq{$acl_m19}{0}}}{yes}{no}}
set acl_m19   = ${lookup mysql{MYSQL_DEL_WHITELIST_EXPIRED}}
set acl_m19   = ${lookup mysql{MYSQL_ADD_WHITELIST_RECIPIENT}}
logwrite      = Add $local_part@$domain to WHITE list

warn
hosts         = +relay_from_hosts
condition     = ${if and {{eq{$acl_m3}{}}{eq{$acl_m19}{0}}}{yes}{no}}
set acl_m19   = ${lookup mysql{MYSQL_DEL_WHITELIST_EXPIRED}}
set acl_m19   = ${lookup mysql{MYSQL_ADD_WHITELIST_RECIPIENT}}
logwrite      = Add $local_part@$domain to WHITE list

warn
set acl_m0=$domain
set acl_m1=$local_part

accept  domains       = +local_domains
#        set acl_m0=$domain
#        set acl_m1=$local_part
endpass
message       = unknown user
verify        = recipient

accept  domains       = +relay_to_domains
endpass
message       = unrouteable address
verify        = recipient

accept  hosts         = +relay_from_hosts
logwrite      = sent message from relay_hosts: $sender_host_address

accept  authenticated = *
logwrite      = send message from authenticated user: $sender_address

deny    message       = relay not permitted

admin Linux ,

  1. | #1

    Ценные рекомендации, возьму на заметку.

  2. | #2

    Ничего себе ! Не знал об этом…

  3. | #3

    Прикольно !

  4. | #4

    Респект автору ! Хорошо написано…

  5. | #5

    С кем вы разговариваете, это всё боты?

  6. | #6

    Без каптчи вам так они всё заспамят…

  7. | #7

    Порядок!

  8. admin
    | #8

    @Аленка
    Дауж…задолбали..

  9. talPalWeato
    | #9

    Работаю менеджером. Хочу сделать интернет магазин. Порекомендуйте человека или организацию, кто поможет мне в этом. Главное чтоб человек, который его делает был адекватный и недорого.

  1. Пока что нет уведомлений.