----- Original Message ----- From: "Ted Cooper" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]>; <[email protected]> Sent: Monday, March 17, 2008 11:00 AM Subject: Re: [exim] Better Tracking
> Grant Peel wrote: >> accept hosts = : >> dnslists = ips.backscatterer.org >> message = This message looks like a bounce, and your server is >> listed at \ >> ips.backscatterer.org, so I assume that this is >> "backscatter". \ >> Please configure your mail server to not send >> "backscatter >> spam". \ >> For advice, try http://www.dontbouncespam.org/ >> log_message = ATTENTION BACKSCATTERER > > Changed my mind about it all after going back and reading your emails. > It is definitely this block in your RCPT ACL unless you really do happen > to accept mail for AOL. > > You are essentially an open relay to anyone on the ips.backscatterer.org > list. Change the above chuck to something like > > acl_check_rcpt: > accept hosts = : > > deny dnslists = ips.backscatterer.org > message = You smell like fried fish > logwrite = :reject:ATTENTION BACKSCATTERER > > .. rest > > logwrite over log_message since I've got it in my mind that log_message > might not work ... don't really know why, but it's habit now. > -- > The Exim Manual > http://www.exim.org/docs.html > http://www.exim.org/exim-html-current/doc/html/spec_html/index.html > > -- > ## List details at http://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > > Ted, Since I really seem to have your attention, I am really wanting to understand how to check the RCPT at acl time as mentioned a few emails back. Not sure I really have mye head around it. Also, Here is the latest copy of my configure file.... ###################################################################### # MAIN CONFIGURATION SETTINGS # ###################################################################### primary_hostname = constellation.********.com domainlist local_domains = /etc/virtual/domains domainlist relay_to_domains = hostlist relay_from_hosts = /etc/virtual/domains hostlist blacklisted_domains = /etc/virtual/blacklist acl_smtp_rcpt = acl_check_rcpt trusted_users = mailnull:root:webmail:www exim_user = mailnull exim_group = mail never_users = host_lookup = * rfc1413_hosts = * rfc1413_query_timeout = 0s ignore_bounce_errors_after = 0s timeout_frozen_after = 1d return_path_remove untrusted_set_sender = * helo_allow_chars = _ daemon_smtp_ports = 25 : 109 bounce_message_file = /usr/local/etc/exim/bounce_message_file warn_message_file = /usr/local/etc/exim/warn_message_file return_size_limit = 10000 bounce_return_message = false delay_warning = 72h log_selector = +incoming_interface ###################################################################### # ACL CONFIGURATION # # Specifies access control lists for incoming SMTP mail # ###################################################################### begin acl acl_check_rcpt: accept hosts = : deny dnslists = ips.backscatterer.org message = This message looks like a bounce, and your server is listed at \ ips.backscatterer.org, so I assume that this is "backscatter". \ Please configure your mail server to not send "backscatter spam". \ For advice, try http://www.dontbouncespam.org/ log_message = ATTENTION BACKSCATTERER deny local_parts = [EMAIL PROTECTED]/|] : ^\\. deny senders = : condition = ${if ! eq{$recipients_count}{1}{1}} message = Bounces must have only a single recipient log_message = Another denied due to backscatter-Single Recipient # accept local_parts = postmaster # domains = +local_domains require verify = sender deny message = rejected because $sender_host_address was \ found in our blacklist log_message = domain found in $blacklisted_domains hosts = +blacklisted_domains accept domains = +local_domains endpass message = unknown user verify = recipient accept domains = +relay_to_domains endpass message = unrouteable address verify = recipient accept hosts = +relay_from_hosts accept authenticated = * ###################################################################### # ROUTERS CONFIGURATION # # Specifies how addresses are handled # ###################################################################### # THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! # # An address is passed to each router in turn until it is accepted. # ###################################################################### begin routers dnslookup_****: driver = dnslookup domains = ! +local_domains condition = ${if eq {$sender_address_domain}{****.on.ca}{Yes}{No}} transport = remote_smtp_**** ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 no_more dnslookup_owm: driver = dnslookup domains = ! +local_domains condition = ${if eq {$sender_host_address}{127.0.0.1} {yes}{no}} transport = remote_smtp_owm ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 no_more dnslookup: driver = dnslookup domains = ! +local_domains transport = remote_smtp ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 no_more #majordomo_aliases: # driver = redirect # allow_defer # allow_fail # require_files = /home/$domain/majordomo/aliases.majordomo # data = ${lookup{$local_part}lsearch{/home/$domain/majordomo/aliases.majordomo}} # domains = /etc/virtual/domains # file_transport = address_file # pipe_transport = majordomo_pipe # retry_use_local_part # no_rewrite # user = majordom spamcheck_router: driver = accept no_verify condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}" transport = spamcheck virtual_alias: driver = redirect allow_defer allow_fail data = ${lookup {$local_part} lsearch {/home/$domain/mail/aliases}} domains = /etc/virtual/domains require_files = /home/$domain/mail/aliases # condition add per advice from Phil condition = ${lookup {$local_part} lsearch {/home/$domain/mail/aliases} {yes}{no}} qualify_preserve_domain retry_use_local_part check_ancestor one_time file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply autoreply_router: driver = accept require_files = /home/$domain/mail/auto-replies/$local_part transport = autoreply_transport no_verify unseen virtual_localuser: driver = accept require_files = /etc/virtual/$domain/passwd domains = /etc/virtual/domains condition = ${lookup {$local_part} lsearch {/etc/virtual/$domain/passwd}{$value}} transport = virtual_localdelivery virtual_catchall: driver = redirect allow_defer allow_fail data = ${lookup {catchall} lsearch {/home/$domain/mail/aliases}} domains = /etc/virtual/domains require_files = /home/$domain/mail/aliases # condition added per advice from Phil condition = ${lookup {catchall}lsearch{/home/$domain/mail/aliases} {yes}{no}} qualify_preserve_domain retry_use_local_part check_ancestor one_time file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply localuser: driver = accept check_local_user condition = ${lookup {$sender_helo_name} lsearch {/etc/virtual/domains}{YES}{NO}} transport = local_delivery ###################################################################### # TRANSPORTS CONFIGURATION # ###################################################################### # ORDER DOES NOT MATTER # # Only one appropriate transport is called for each delivery. # ###################################################################### begin transports remote_smtp_****: driver = smtp return_path_add = true remote_smtp_owm: driver = smtp helo_data = $sender_address_domain interface = ${lookup dnsdb{a=$sender_address_domain}} return_path_add = true debug_print = "XX T: remote_smtp for [EMAIL PROTECTED] Sent VIA $interface_address XX" remote_smtp: driver = smtp helo_data = ${lookup dnsdb{defer_never,ptr=$interface_address}{$value}{$primary_hostname}} interface = $interface_address return_path_add = true debug_print = "XX T: remote_smtp for [EMAIL PROTECTED] Sent VIA $interface_address XX" autoreply_transport: driver = pipe command = /usr/local/bin/autoreply.pl /home/$domain/mail/auto-replies/$local_part spamcheck: driver = pipe command = /usr/local/sbin/exim -oMr spam-scanned -bS use_bsmtp = true transport_filter = /usr/local/bin/spamc -u ${lookup{$domain}lsearch{/etc/virtual/domains_users}} home_directory = "/tmp" current_directory = "/tmp" # must use a privileged user to set $received_protocol on the way back in! user = mailnull ## user = ${lookup{$domain}lsearch{/etc/virtual/domains_users}} group = mailnull log_output = true return_fail_output = false return_path_add message_prefix = message_suffix = virtual_localdelivery: driver = appendfile create_directory = true directory_mode = 700 file = /var/spool/virtual/${domain}/${local_part} headers_remove = "Bcc" return_path_add # user = mailnull user = ${lookup{$domain}lsearch{/etc/virtual/domains_users}} group = mail mode = 660 #frontpage_forms: # driver = appendfile # file = /tmp/junkmail # user = mailnull local_delivery: driver = appendfile file = /$home/mail/$local_part delivery_date_add envelope_to_add return_path_add user = mailnull group = mail mode = 0660 address_pipe: driver = pipe return_output user = thenetnow # user = ${lookup{$domain}lsearch{/etc/virtual/domains_users}} #majordomo_pipe: # driver = pipe # return_fail_output # user = majordom address_file: driver = appendfile delivery_date_add envelope_to_add return_path_add address_reply: driver = autoreply ###################################################################### # RETRY CONFIGURATION # ###################################################################### begin retry # Domain Error Retries # ------ ----- ------- * quota_7d * quota F,72h,1h; * * F,12h,15m; F,24h,30m; F,36h,60m ###################################################################### # REWRITE CONFIGURATION # ###################################################################### # There are no rewriting specifications in this default configuration file. begin rewrite ###################################################################### # AUTHENTICATION CONFIGURATION # ###################################################################### # There are no authenticator specifications in this default configuration file. begin authenticators # For Netscape/Mozilla plain: driver = plaintext public_name = PLAIN server_condition = "${if and{ {!eq{$2}{}}{!eq{$3}{}} \ {crypteq {$3} {${lookup {${local_part:$2}} lsearch \ {/etc/virtual/${domain:$2}/passwd}\ {$value} {*:*}}}} } {1}{0}}" server_set_id = $2 # For Outlook/Outlook Express login: driver = plaintext public_name = LOGIN server_prompts = "Username:: : Password::" server_condition = "${if and{ {!eq{$1}{}}{!eq{$2}{}} \ {crypteq {$2} {${lookup {${local_part:$1}} lsearch \ {/etc/virtual/${domain:$1}/passwd}\ {$value} {*:*}}}} } {1}{0}}" server_set_id = $1 # End of Exim configuration file -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
