Todd, Lena,
Todd Lyons wrote:
Any chance you can show us the directories all the way from / up to
/etc/virtuals/$domain/aliases, and the file aliases as well?
Lena wrote:
Directories (folders) need to have 755 permissions instead of 644.
Bingo! By focusing my attention on the aliases files, and their
permissions, I had heretofore managed to overlook the fact that some of
the "$domain" directories that hold those files had 744 permissions.
(All of the other directories on the path had 755 permissions.) After
changing the permissions to 755, the -bv test cases now work on the
files in their previously normal location.
I wrote:
...know even less about *nix than I ever thought I did.
Actually, it seems it wasn't my knowledge lacking so much as attention
to ALL the details. (Senior lapses?) Thank you both for restoring my sanity.
My latest configuration now has the following verify statements in the
RCPT acl:
require message = Unknown recipient $local_part
hosts = ! +relay_from_hosts
domains = +local_domains
verify = recipient/success_on_redirect
I have also rewritten the entire set of exim routers for both efficiency
and readability. If you see something I could improve, I would
appreciate any advice:
begin routers
# -------------------------
dnslookup:
# -------------------------
driver = dnslookup
#run this router only for mail addressed to outside domains.
domains = ! +local_domains
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
transport = remote_smtp
no_more
# -------------------------
verify_system_aliases:
# -------------------------
driver = redirect
allow_fail
allow_defer
verify_only
verify_recipient
domains = +virtual_domains
data = ${lookup{$local_part} lsearch {/etc/aliases}}
# -------------------------
verify_virtual_domain__aliases:
# -------------------------
driver = redirect
allow_fail
allow_defer
verify_only
verify_recipient
domains = +virtual_domains
require_files = VIRTUALS
data = ${lookup{$local_part} lsearch {VIRTUALS}}
# -------------------------
route_system_aliases:
# -------------------------
driver = redirect
no_verify
allow_fail
allow_defer
domains = +virtual_domains
data = ${lookup{$local_part} lsearch {/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
#
# -------------------------
route_virtual_domain_aliases:
# -------------------------
driver = redirect
no_verify
allow_defer
allow_fail
domains = +virtual_domains
require_files = VIRTUALS
data = ${lookup{$local_part} lsearch* {VIRTUALS}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
# -------------------------
# -------------------------
route_local_users:
# -------------------------
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
On 10/30/2014 5:44 AM, Todd Lyons wrote:
On Wed, Oct 29, 2014 at 3:41 PM, Phillip Carroll
<[email protected]> wrote:
require_files = VIRTUALS
...where in the main configuration, the macro was defined as
VIRTUALS = /etc/virtuals/$domain/aliases
When this change was tested, the require_files statement produced a
permissions failure when the router was run in verify mode! (I presume this
permissions failure is also what caused exists{file} to return false,
although the debug output does not reveal this.)
I don't understand the reason for the permissions failure. /etc/virtuals,
and all descendants, are owned by user "mail". User exim is a member of the
"mail" group. All of the folders, and all of the aliases files have 644
permissions, which means they are both group readable and world readable by
user exim. If not, then I know even less about *nix than I ever thought I
did.
Any chance you can show us the directories all the way from / up to
/etc/virtuals/$domain/aliases, and the file aliases as well? You can
obfuscate the domain, that's fine. I just want to see the permissions
and ownership of each directory up to and including the aliases file.
...Todd
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
