2006-08-23 17:42:07 1GG1QF-00081E-3o Subject:
2006-08-23 17:42:07 1GG1QF-00081E-3o H=(mail2.valornet.net) [69.30.128.27] F=<kkappes@valornet.com> temporarily rejected after DATA: failed to expand ACL string "${perl{surblspamcheck}}": Undefined subroutine &main::surblspamcheck called.
I am getting this on most all e-mails, even empty ones.
Here is my exim file.
#!!# cPanel Exim 4 Config
log_selector = -host_lookup_failed -lost_incoming_connection
# For debugging purpose add +subject and +argument.
# It will show the subject of email and the folder of the script invoking sendmail.
#
# 200c-04-22 00:50:19 cwd=/home/username/public_html/spamsource 3 args: /usr/sbin/sendmail -t -i
#
# You will find spammer on your server easier.
# log_selector = +subject +arguments -host_lookup_failed -lost_incoming_connection
any help is appreciated,
Thanks, Kevin
domainlist rbl_blacklist = lsearch;/etc/rblblacklist
domainlist rbl_bypass = lsearch;/etc/rblbypass
hostlist rbl_whitelist = lsearch;/etc/relayhosts : partial-lsearch;/etc/rblwhitelist
#!!#perl_startup = do '/etc/exim_surbl.pl'
acl_smtp_connect = acl_check_host
acl_smtp_mail = acl_check_sender
hostlist rv_relay_hosts = net-iplsearch;/etc/relayhosts
domainlist rv_rbl_receiver_domain_whitelist = lsearch;/usr/local/cpanel/base/eximacl/rv_rbl_receiver_domain_whitelist
hostlist rv_rbl_server_ip_whitelist = net-iplsearch;/usr/local/cpanel/base/eximacl/rv_rbl_server_ip_whitelist
addresslist rv_rbl_sender_address_whitelist= lsearch*@;/usr/local/cpanel/base/eximacl/rv_rbl_sender_address_whitelist
# If you implement HELO test, skip these 3 lines.
# If you don't implement HELO test, you need to remove # in a line below to declare rv_relay_host.
# hostlist rv_relay_hosts = net-iplsearch;/etc/relayhosts
addresslist rv_spam_sender_address_whitelist= lsearch*@;/usr/local/cpanel/base/eximacl/rv_spam_sender_address_whitelist
#!!# These options specify the Access Control Lists (ACLs) that
#!!# are used for incoming SMTP messages - after the RCPT and DATA
#!!# commands, respectively.
acl_smtp_rcpt = check_recipient
acl_smtp_data = check_message
#!!# This setting defines a named domain list called
#!!# local_domains, created from the old options that
#!!# referred to local domains. It will be referenced
#!!# later on by the syntax "+local_domains".
#!!# Other domain and host lists may follow.
domainlist local_domains = lsearch;/etc/localdomains
domainlist relay_domains = lsearch;/etc/localdomains : \
lsearch;/etc/secondarymx
hostlist relay_hosts = lsearch;/etc/relayhosts : \
localhost
hostlist auth_relay_hosts = *
######################################################################
# Runtime configuration file for Exim #
######################################################################
# This is a default configuration file which will operate correctly in
# uncomplicated installations. Please see the manual for a complete list
# of all the runtime configuration options that can be included in a
# configuration file. There are many more than are mentioned here. The
# manual is in the file doc/spec.txt in the Exim distribution as a plain
# ASCII file. Other formats (PostScript, Texinfo, HTML) are available from
# the Exim ftp sites. The manual is also online via the Exim web sites.
# This file is divided into several parts, all but the last of which are
# terminated by a line containing the word "end". The parts must appear
# in the correct order, and all must be present (even if some of them are
# in fact empty). Blank lines, and lines starting with # are ignored.
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
perl_startup = do '/etc/exim.pl'
#dns_retry = 1
#dns_retrans = 1s
# Specify your host's canonical name here. This should normally be the fully
# qualified "official" name of your host. If this option is not set, the
# uname() function is called to obtain the name.
smtp_banner = "${primary_hostname} ESMTP Exim ${version_number} \
\#${compile_number} ${tod_full} \n\
We do not authorize the use of this system to transport unsolicited, \n\
and/or bulk e-mail."
#nobody as the sender seems to annoy people
untrusted_set_sender = *
local_from_check = false
rfc1413_query_timeout = 2s
split_spool_directory = yes
smtp_connect_backlog = 50
smtp_accept_max = 100
# primary_hostname =
deliver_queue_load_max = 3
auto_thaw = 6d
ignore_bounce_errors_after = 7d
timeout_frozen_after = 8d
# Specify the domain you want to be added to all unqualified addresses
# here. An unqualified address is one that does not contain an "@" character
# followed by a domain. For example, "caesar@rome.ex" is a fully qualified
# address, but the string "caesar" (i.e. just a login name) is an unqualified
# email address. Unqualified addresses are accepted only from local callers by
# default. See the receiver_unqualified_{hosts,nets} options if you want
# to permit unqualified addresses from remote sources. If this option is
# not set, the primary_hostname value is used for qualification.
# qualify_domain =
# If you want unqualified recipient addresses to be qualified with a different
# domain to unqualified sender addresses, specify the recipient domain here.
# If this option is not set, the qualify_domain value is used.
# qualify_recipient =
# Specify your local domains as a colon-separated list here. If this option
# is not set (i.e. not mentioned in the configuration file), the
# qualify_recipient value is used as the only local domain. If you do not want
# to do any local deliveries, uncomment the following line, but do not supply
# any data for it. This sets local_domains to an empty string, which is not
# the same as not mentioning it at all. An empty string specifies that there
# are no local domains; not setting it at all causes the default value (the
# setting of qualify_recipient) to be used.
#!!# message_filter renamed system_filter
system_filter = /etc/antivirus.exim
message_body_visible = 5000
# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above.
# local_domains_include_host_literals
# No local deliveries will ever be run under the uids of these users (a colon-
# separated list). An attempt to do so gets changed so that it runs under the
# uid of "nobody" instead. This is a paranoic safety catch. Note the default
# setting means you cannot deliver mail addressed to root as if it were a
# normal user. This isn't usually a problem, as most sites have an alias for
# root that redirects such mail to a human administrator.
never_users = root
# The use of your host as a mail relay by any host, including the local host
# calling its own SMTP port, is locked out by default. If you want to permit
# relaying from the local host, you should set
#
# host_accept_relay = localhost
#
# If you want to permit relaying through your host from certain hosts or IP
# networks, you need to set the option appropriately, for example
#
#
#
# If you are an MX backup or gateway of some kind for some domains, you must
# set relay_domains to match those domains. This will allow any host to
# relay through your host to those domains.
#
# See the section of the manual entitled "Control of relaying" for more
# information.
# The setting below causes Exim to do a reverse DNS lookup on all incoming
# IP calls, in order to get the true host name. If you feel this is too
# expensive, you can specify the networks for which a lookup is done, or
# remove the setting entirely.
#host_lookup = 0.0.0.0/0
# By default, Exim expects all envelope addresses to be fully qualified, that
# is, they must contain both a local part and a domain. If you want to accept
# unqualified addresses (just a local part) from certain hosts, you can specify
# these hosts by setting one or both of
#
# receiver_unqualified_hosts =
# sender_unqualified_hosts =
#
# to control sender and receiver addresses, respectively. When this is done,
# unqualified addresses are qualified using the settings of qualify_domain
# and/or qualify_recipient (see above).
# Exim contains support for the Realtime Blocking List (RBL) that is being
# maintained as part of the DNS. See http://maps.vix.com/rbl/ for background.
# Uncommenting the first line below will make Exim reject mail from any
# host whose IP address is blacklisted in the RBL at maps.vix.com. Some
# others have followed the RBL lead and have produced other lists: DUL is
# a list of dial-up addresses, and ORBS is a list of open relay systems. The
# second line below checks all three lists.
# rbl_domains = rbl.maps.vix.com
# rbl_domains = rbl.maps.vix.com
# If you want Exim to support the "percent hack" for all your local domains,
# uncomment the following line. This is the feature by which mail addressed
# to x%y@z (where z is one of your local domains) is locally rerouted to
# x@y and sent on. Otherwise x%y is treated as an ordinary local part.
# percent_hack_domains = *
#sender_host_accept = +include_unknown:*
#sender_host_reject = +include_unknown:lsearch*;/etc/spammers
tls_certificate = /etc/exim.crt
tls_privatekey = /etc/exim.key
tls_advertise_hosts = *
helo_accept_junk_hosts = *
smtp_enforce_sync = false
#!!#######################################################!!#
#!!# This new section of the configuration contains ACLs #!!#
#!!# (Access Control Lists) derived from the Exim 3 #!!#
#!!# policy control options. #!!#
#!!#######################################################!!#
#!!# These ACLs are crudely constructed from Exim 3 options.
#!!# They are almost certainly not optimal. You should study
#!!# them and rewrite as necessary.
begin acl
#!!# This ACL is used at the start of an incoming connection.
#!!# The tests are run in order until the connection is
#!!# either accepted or denied.
acl_check_host:
##
# Reject email sent from mail server IP listed in the blacklist
##
deny message = Host $sender_host_address is blocked
hosts = /usr/local/cpanel/base/eximacl/rv_server_ip_blacklist
delay = 3s
accept
#!!# This ACL is used for the MAIL FROM: command in an
#!!# incoming SMTP transaction. The tests are run in order until the
#!!# sender address is either accepted or denied.
acl_check_sender:
##
# Reject email sent from sender listed in the blacklist
##
deny message = Sender $sender_address is blocked
senders = /usr/local/cpanel/base/eximacl/rv_sender_address_blacklist
delay = 3s
accept
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :
#**#
#**# RBL List Begin
#**#
#
# Always accept mail to postmaster & abuse for any local domain
#
accept domains = +local_domains
local_parts = postmaster:abuse
#
# Check sending hosts against DNS black lists.
# Reject message if address listed in blacklist.
deny message = Message rejected because $sender_fullhost \
is blacklisted at $dnslist_domain see $dnslist_text
dnslists = dnsbl.njabl.org : \
bl.spamcop.net : \
blackholes.easynet.nl : \
dynablock.easynet.nl : \
proxies.blackholes.easynet.nl : \
sbl.spamhaus.org : \
list.dsbl.org : \
cbl.abuseat.org : \
relays.ordb.org
# RBL Bypass Local Domain List
!domains = +rbl_bypass
# RBL Whitelist incoming hosts
!hosts = +rbl_whitelist
#**#
#**# RBL List End
#**#
drop hosts = /etc/exim_deny
!hosts = /etc/exim_deny_whitelist
message = Connection denied after dictionary attack
log_message = Connection denied from $sender_host_address after dictionary attack
!hosts = +relay_hosts
!authenticated = *
drop message = Appears to be a dictionary attack
log_message = Dictionary attack (after $rcpt_fail_count failures)
condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
condition = ${run{/etc/exim_deny.pl $sender_host_address }{yes}{no}}
!verify = recipient
!hosts = /etc/exim_deny_whitelist
!hosts = +relay_hosts
!authenticated = *
############################################
# FORGED MAIL CHECKS
############################################
deny message = Forged Yahoo mail, connection denied!
log_message = Forged Yahoo mail, connection denied!
senders = *@yahoo.com
condition = ${if match {$sender_host_name}{\Nyahoo.com$\N}{no}{yes}}
delay = 3s
deny message = Forged hotmail mail, connection denied!
log_message = Forged hotmail mail, connection denied!
senders = *@hotmail.com
condition = ${if match {$sender_host_name}{\Nhotmail.com$\N}{no}{yes}}
delay = 3s
deny message = Forged MSN mail, connection denied!
log_message = Forged MSN mail, connection denied!
senders = *@msn.com
condition = ${if match {$sender_host_name}{\N(hotmail|msn).com$\N}{no}{yes}}
delay = 3s
deny message = Forged AOL mail, connection denied!
log_message = Forged AOL mail, connection denied!
senders = *@aol.com
condition = ${if match {$sender_host_name}{\Nmx.aol.com$\N}{no}{yes}}
delay = 3s
deny message = Forged Netscape Mail, connection denied!
log_message = Forged Netscape Mail, connection denied!
senders = *@netscape.com
condition = ${if match {$sender_host_name}{\Nnetscape.com$\N}{no}{yes}}
delay = 3s
deny message = Forged Netscape Mail, connection denied!
log_message = Forged Netscape Mail, connection denied!
senders = *@netscape.net
condition = ${if match {$sender_host_name}{\Nnetscape.net$\N}{no}{yes}}
delay = 3s
deny message = Forged Comcast Mail, connection denied!
log_message = Forged Comcast Mail, connection denied!
senders = *@comcast.net
condition = ${if match {$sender_host_name}{\Ncomcast.net$\N}{no}{yes}}
delay = 3s
deny message = Forged Comcast Mail, connection denied!
log_message = Forged Comcast Mail, connection denied!
senders = *@comcast.com
condition = ${if match {$sender_host_name}{\Ncomcast.com$\N}{no}{yes}}
delay = 3s
deny message = Forged Verizon Mail, connection denied!
log_message = Forged Verizon Mail, connection denied!
senders = *@verizon.com
condition = ${if match {$sender_host_name}{\Nverizon.com$\N}{no}{yes}}
delay = 3s
deny message = Forged Verizon Mail, connection denied!
log_message = Forged Verizon Mail, connection denied!
senders = *@verizon.net
condition = ${if match {$sender_host_name}{\Nverizon.net$\N}{no}{yes}}
delay = 3s
deny message = Forged Paypal Mail, connection denied!
log_message = Forged Paypal Mail, connection denied!
senders = *@paypal.com
condition = ${if match {$sender_host_name}{\Npaypal.com$\N}{no}{yes}}
delay = 3s
deny message = Forged Prodigy Mail, connection denied!
log_message = Forged Prodigy Mail, connection denied!
senders = *@prodigy.com
condition = ${if match {$sender_host_name}{\Nprodigy.com$\N}{no}{yes}}
delay = 3s
deny message = Forged Prodigy Mail, connection denied!
log_message = Forged Prodigy Mail, connection denied!
senders = *@prodigy.net
condition = ${if match {$sender_host_name}{\Nprodigy.net$\N}{no}{yes}}
delay = 3s
deny message = Forged RoadRunner Mail, connection denied!
log_message = Forged RoadRunner Mail, connection denied!
senders = *@rr.com
condition = ${if match {$sender_host_name}{\Nrr.com$\N}{no}{yes}}
delay = 3s
deny message = Forged RoadRunner Mail, connection denied!
log_message = Forged RoadRunner Mail, connection denied!
senders = *@rr.net
condition = ${if match {$sender_host_name}{\Nrr.net$\N}{no}{yes}}
delay = 3s
deny message = Forged Gmail, connection denied!
log_message = Forged Gmail, connection denied!
senders = *@gmail.com
condition = ${if match {$sender_host_name}{\Ngmail.com$\N}{no}{yes}}
delay = 3s
# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
{yes}{no}}
accept condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
{yes}{no}}
# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
{yes}{no}}
accept condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
{yes}{no}}
#if it gets here it isn't mailman
#sender verifications are required for all messages that are not sent to lists
##
# Be polite and say HELO. Reject anything from hosts that havn't given
# a valid HELO/EHLO to us.
##
deny message = Bad HELO: Empty HELO, please see RFC 2821 section 4.1.1.1
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
delay = 3s
##
# Forged hostname -HELOs as one of my own IPs
##
# Forged HELO (our ip/hostname)
deny message = Forged HELO: you are not $sender_helo_name as that is our IP Address and you are not allowed to use it in HELO/EHLO as per RFC Standards.
!hosts = @[]
!hosts = +rv_relay_hosts
!authenticated = *
condition = ${if eq{$sender_helo_name}{$interface_address}{yes}{no}}
delay = 3s
##
# Forged hostname - HELOs as my own hostname or domain
##
deny message = Forged HELO: you are not $sender_helo_name our local domain and you are not allowed to use as per RFC Standards.
# accept helo which is in local_domain if we relay or had smtp auth
!hosts = @[]
!hosts = +rv_relay_hosts
!authenticated = *
condition = ${if match_domain{$sender_helo_name}{+local_domains}{yes}{no}}
delay = 3s
##
# Hacked HELO (DOMAIN.com) (constructed by viruses)
##
deny message = Hacked HELO: you are not $sender_helo_name
condition = ${if match {$sender_helo_name}{\N^[A-Z0-9]+\.[a-z]+$\N}{yes}{no}}
condition = ${if match {$sender_helo_name}{\N^[0-9]+\.[a-z]+$\N}{no}{yes}}
!hosts = @[]
!hosts = +rv_relay_hosts
!authenticated = *
delay = 3s
require verify = sender/callout
##
# Reject email sent from server listed in DNS blacklists.
##
deny message = Message rejected because $sender_fullhost is blacklisted at $dnslist_domain see $dnslist_text
!hosts = @[]
!hosts = +rv_relay_hosts
!authenticated = *
# RBL Bypass Local Domain List
!domains = +rv_rbl_receiver_domain_whitelist
# RBL Whitelist Incoming hosts
!hosts = +rv_rbl_server_ip_whitelist
# RBL Bypass Sender Domain List
!senders = +rv_rbl_sender_address_whitelist
# The following is a list of RBL to check for spam.
dnslists = list.dsbl.org : \
sbl.spamhaus.org : \
relays.ordb.org
delay = 3s
##
# If the receiver domain is on this server, accept only the receiver email addresses that exist.
# Default address for the receiver domain have to set to :fail: to work with this ACL.
# If the default address set to :blackhole: or /dev/null, Exim will always think that email exist.
# Domains being attacked by dictionary attack spam are suggested to set default address to :fail:.
##
accept domains = +local_domains
endpass
message = "The recipient cannot be verified. Please check all recipients of this message to verify they are valid."
log_message = unknown user
verify = recipient
accept domains = +relay_domains
warn message = ${perl{popbeforesmtpwarn}{$sender_host_name}}
hosts = +relay_hosts
accept hosts = +relay_hosts
warn message = ${perl{popbeforesmtpwarn}{$sender_host_address}}
condition = ${perl{checkrelayhost}{$sender_host_address}}
accept condition = ${perl{checkrelayhost}{$sender_host_address}}
accept hosts = +auth_relay_hosts
endpass
message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication turned on in your email client.
authenticated = *
deny message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication turned on in your email client.
#------------------------------------------------
#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
##
# Reject messages with serious MIME container errors
##
deny message = This message contains malformed MIME ($demime_reason).
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
##
# Reject messages attach illegal extension files
##
deny message = We do not accept ".$found_extension" attachments here. If you meant to send this file then please package it up as a zip file and resend it.
# You might need to remove some of these extensions if you want to allow your user get these files
demime = bat:cmd:com:cpl:pif:reg:scr
##
# Reject messages attach attach a file with a CLSID in the name
# which causes Windows to hide the file extension.
##
deny message = Hiding of file extensions(CLSID hidden) is not allowed.
regex = ^(?i)Content-Disposition:
.*?)filename=\\s*"+((\{[a-hA-H0-9-]{25,}\})|((.*?)\\s{10,}(.*?)))"+\$##
# Add a warning header if email contains illegal extension files but acccept the message
##
warn message = X-Antivirus-Filetype: Infected - $found_extension
# You might need to remove some of these extensions if you want to allow your user get these files
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:eml:exe:hlp:hta:inf:ins:isp:jse:lnk:mdb:mde:
sc:msi:msp:pcd:pif:reg:scr:sct:shs:url:vbs:vbe:wsf:wsh:wsc
##
# Add a warning header if email contains Virus but acccept the message
##
warn message = X-Antivirus-Scanner: Infected - $malware_name
demime = *
malware = */defer_ok
# Log the message subject
warn
logwrite = Subject: $h_Subject:
deny set acl_m1 = ${perl{surblspamcheck}}
message = Message contains blacklisted domain $acl_m1. See http://www.surbl.org/lists.html. (Rule 21)
log_message = Message contains blacklisted domain $acl_m1. See http://www.surbl.org/lists.html. R=$recipients (Rule 21)
condition = ${if eq {$acl_m1}{false} {no}{yes} }
# Messages larger than 200k are accepted without spam scanning to reduce spamd load
accept condition = ${if >{$message_size}{200k}{true}}
##
# Reject spam messages with score over 15.
# Keep in mind that $spam_score_int is the messages score multiplied by ten.
##
deny message = Spam score too high ($spam_score)
# Bypass Sender that usually send a lot of emails to reduce spamd load
!senders = +rv_spam_sender_address_whitelist
spam = mailnull:true/defer_ok
condition = ${if >{$spam_score_int}{150}{1}{0}}
##
# Add a warning header if email scored between 12 and 15.
# Delete email in the System Filter File, if sender or receiver is not listed in the whitelists.
##
warn message = X-Exiscan-SA-Spam: Yes
# Bypass Sender that usually send a lot of emails to reduce spamd load
!senders = +rv_spam_sender_address_whitelist
spam = mailnull:true/defer_ok
condition = ${if >{$spam_score_int}{120}{1}{0}}
##
# Rewrite subject if email scored between 9 and 15.
##
# Always put X-Spam-Score header in the message.
# It looks like this:
# X-Exiscan-SA-Score: 6.6 (++++++)
# When a MUA cannot match numbers, it can match for an
# equivalent number of '+' signs.
warn message = X-Exiscan-SA-Score: $spam_score ($spam_bar)\
# Put X-Spam-Report header in the message.
# This is a multiline header that informs the user
# which tests a message has "hit", and how much a
# test has contributed to the score.
\nX-Exiscan-SA-Report: $spam_report\
# For the subject tag, we prepare a new subject header in the
# ACL, then swap it with the original Subject in the system filter.
\nX-Exiscan-SA-New-Subject: *SPAM* $h_subject:
# Bypass Sender that usually send a lot of emails to reduce spamd load
!senders = +rv_spam_sender_address_whitelist
spam = mailnull:true/defer_ok
condition = ${if >{$spam_score_int}{90}{1}{0}}
accept
#-----------------------------------------------
begin authenticators
fixed_plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = "${perl{checkuserpass}{$1}{$2}{$3}}"
server_set_id = $2
fixed_login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${perl{checkuserpass}{$1}{$2}}"
server_set_id = $1
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
#!!#######################################################!!#
#!!# Here follow routers created from the old routers, #!!#
#!!# for handling non-local domains. #!!#
#!!#######################################################!!#
begin routers
#!!# If we are trying to deliver to a remote mailman domain that is on the localhost
#!!# let it go though even if its not in /etc/localdomains since mailman will eat
#!!# up 100% of the cpu if we don't
mailman_virtual_router:
driver = accept
require_files = /usr/local/cpanel/3rdparty/mailman/lists/${lc::$local_part}_${lc::$domain}/config.pck
local_part_suffix_optional
local_part_suffix = -admin : \
-bounces : -bounces+* : \
-confirm : -confirm+* : \
-join : -leave : \
-owner : -request : \
-subscribe : -unsubscribe
transport = mailman_virtual_transport
mailman_virtual_router_nodns:
driver = accept
require_files = /usr/local/cpanel/3rdparty/mailman/lists/${lc::$local_part}/config.pck
condition = \
${if or {{match{$local_part}{.*_.*}} \
{eq{$local_part}{mailman}}} \
{1}{0}}
local_part_suffix_optional
local_part_suffix = -admin : \
-bounces : -bounces+* : \
-confirm : -confirm+* : \
-join : -leave : \
-owner : -request : \
-subscribe : -unsubscribe
domains = +local_domains
transport = mailman_virtual_transport_nodns
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################
# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.
democheck:
driver = redirect
condition = "${perl{democheck}}"
data = :fail: demo accounts are not permitted to relay email
# Deny and send notice to list of rejected domains.
reject_domains:
driver = redirect
# RBL Blacklist incoming hosts
domains = +rbl_blacklist
allow_fail
data = :fail: Connection rejected: SPAM source $domain is manually blacklisted.
# This router routes to remote hosts over SMTP using a DNS lookup with
# default options.
lookuphost:
driver = dnslookup
condition = "${perl{checkspam}}"
domains = ! +local_domains
#ignore verisign to prevent waste of bandwidth
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
headers_add = "${perl{mailtrapheaders}}"
transport = remote_smtp
# This router routes to remote hosts over SMTP by explicit IP address,
# given as a "domain literal" in the form [nnn.nnn.nnn.nnn]. The RFCs
# require this facility, which is why it is enabled by default in Exim.
# If you want to lock it out, set forbid_domain_literals in the main
# configuration section above.
literal:
driver = ipliteral
condition = "${perl{checkspam}}"
domains = ! +local_domains
headers_add = "${perl{mailtrapheaders}}"
transport = remote_smtp
#!!# This new router is put here to fail all domains that
#!!# were not in local_domains in the Exim 3 configuration.
fail_remote_domains:
driver = redirect
domains = ! +local_domains
allow_fail
data = :fail: unrouteable mail domain "$domain"
#!!#######################################################!!#
#!!# Here follow routers created from the old directors, #!!#
#!!# for handling local domains. #!!#
#!!#######################################################!!#
######################################################################
# DIRECTORS CONFIGURATION #
# Specifies how local addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A local address is passed to each in turn until it is accepted. #
######################################################################
# Local addresses are those with a domain that matches some item in the
# "local_domains" setting above, or those which are passed back from the
# routers because of a "self=local" setting (not used in this configuration).
# This director handles aliasing using a traditional /etc/aliases file.
# If any of your aliases expand to pipes or files, you will need to set
# up a user and a group for these deliveries to run under. You can do
# this by uncommenting the "user" option below (changing the user name
# as appropriate) and adding a "group" option if necessary. Alternatively, you
# can specify "user" on the transports that are used. Note that those
# listed below are the same as are used for .forward files; you might want
# to set up different ones for pipe and file deliveries from aliases.
#spam_filter:
# driver = forwardfile
# file = /etc/spam.filter
# no_check_local_user
# no_verify
# filter
# allow_system_actions
virtual_sa_user:
driver = accept
headers_add="${perl{gensaheader_virtual}{$domain}}"
condition = "${perl{checksa_deliver}{$domain}{$local_part}{$received_protocol}}"
domains = lsearch;/etc/userdomains
retry_use_local_part
transport = virtual_sa_userdelivery
sa_localuser:
driver = accept
check_local_user
headers_add="${perl{gensaheader}{$local_part}}"
condition = "${perl{checkusersa}{$local_part}{$received_protocol}}"
domains = ! lsearch;/etc/userdomains
transport = local_sa_delivery
central_filter:
#!!# filter renamed allow_filter
driver = redirect
allow_filter
no_check_local_user
file = /etc/vfilters/${domain}
file_transport = address_file
pipe_transport = virtual_address_pipe
reply_transport = address_reply
retry_use_local_part
user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
no_verify
central_user_filter:
driver = redirect
allow_filter
check_local_user
domains = ! lsearch;/etc/userdomains
condition = "${perl{hasfilterfile}{$local_part}}"
file = "${perl{getfilterfile}{$local_part}}"
file_transport = address_file
pipe_transport = virtual_address_pipe
reply_transport = address_reply
retry_use_local_part
no_verify
virtual_aliases_nostar:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/valiases/$domain}{${lookup{$local_part@$domain}lsearch{/etc/valiases/$domain}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
retry_use_local_part
domains = lsearch;/etc/localdomains
unseen
virtual_user_spam:
driver = accept
condition = "${perl{check_deliver_spam}{$domain}{$local_part}}"
headers_remove="x-spam-exim"
domains = lsearch;/etc/userdomains
retry_use_local_part
transport = virtual_userdelivery_spam
virtual_user:
driver = accept
condition = "${perl{check_deliver}{$domain}{$local_part}}"
headers_remove="x-spam-exim"
domains = lsearch;/etc/userdomains
retry_use_local_part
transport = virtual_userdelivery
has_alias_but_no_mailbox_discarded_to_prevent_loop:
driver = redirect
condition = "${perl{checkvalias}{$domain}{$local_part}}"
domains = lsearch;/etc/localdomains
data="#Exim Filter\nseen finish"
group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
allow_filter
disable_logging = true
virtual_aliases:
driver = redirect
allow_defer
allow_fail
data = ${if exists{/etc/valiases/$domain}{${lookup{*}lsearch{/etc/valiases/$domain}}}}
file_transport = address_file
group = mail
pipe_transport = virtual_address_pipe
domains = lsearch;/etc/localdomains
retry_use_local_part
# This director handles forwarding using traditional .forward files.
# If you want it also to allow mail filtering when a forward file
# starts with the string "# Exim filter", uncomment the "filter" option.
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A. The three transports specified at the
# end are those that are used when forwarding generates a direct delivery
# to a file, or to a pipe, or sets up an auto-reply, respectively.
system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim
local_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/localaliases}}
file_transport = address_file
pipe_transport = address_pipe
check_local_user
userforward:
#!!# filter renamed allow_filter
driver = redirect
allow_filter
check_ancestor
check_local_user
domains = ! lsearch;/etc/userdomains
no_expn
file = $home/.forward
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
no_verify
localuser_spam:
driver = accept
headers_remove="x-spam-exim"
condition = "${perl{checkuserspambox}{$local_part}}"
check_local_user
domains = ! lsearch;/etc/userdomains
transport = local_delivery_spam
localuser:
driver = accept
headers_remove="x-spam-exim"
check_local_user
domains = ! lsearch;/etc/userdomains
transport = local_delivery
# This director matches local user mailboxes.
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a director or a router that
# successfully handles an address.
# This transport is used for delivering messages over SMTP connections.
begin transports
remote_smtp:
driver = smtp
# This transport is used for local delivery to user mailboxes. By default
# it will be run under the uid and gid of the local user, and requires
# the sticky bit to be set on the /var/mail directory. Some systems use
# the alternative approach of running mail deliveries under a particular
# group instead of using the sticky bit. The commented options below show
# how this can be done.
local_delivery:
driver = appendfile
delivery_date_add
envelope_to_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/mail"
maildir_format
group = mail
mode = 0660
return_path_add
user = $local_part
local_delivery_spam:
driver = appendfile
delivery_date_add
envelope_to_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/mail/.spam"
maildir_format
group = mail
mode = 0660
return_path_add
user = $local_part
local_sa_delivery:
driver = pipe
command = /usr/sbin/sendmail -bS
use_bsmtp = true
transport_filter = "/usr/bin/spamc"
user = $local_part
group = mail
log_output = true
current_directory = "/tmp"
home_directory = "/tmp"
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
timeout_defer = true
transport_filter_timeout = 5m
temp_errors = 2
# This transport is used for handling pipe deliveries generated by alias
# or .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe below.
address_pipe:
driver = pipe
return_output
virtual_address_pipe:
driver = pipe
group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
return_output
user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
# This transport is used for handling deliveries directly to files that are
# generated by aliassing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the forwardfile director.
virtual_sa_userdelivery:
driver = pipe
command = /usr/sbin/sendmail -bS
use_bsmtp = true
transport_filter = "/usr/bin/spamc"
user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
group = mail
log_output = true
current_directory = "/tmp"
home_directory = "/tmp"
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
timeout_defer = true
transport_filter_timeout = 5m
temp_errors = 2
virtual_userdelivery_spam:
driver = appendfile
delivery_date_add
envelope_to_add
directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}/.spam"
maildir_format
group = mail
mode = 0660
quota = "${if exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota}{$value}}} {}}"
quota_directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}"
return_path_add
user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
virtual_userdelivery:
driver = appendfile
delivery_date_add
envelope_to_add
directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}"
maildir_format
group = mail
mode = 0660
quota = "${if exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/etc/${domain}/quota}{$value}}} {}}"
quota_directory = "${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/mail/${domain}/${local_part}"
return_path_add
user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
address_reply:
driver = autoreply
mailman_virtual_transport:
driver = pipe
command = /usr/local/cpanel/3rdparty/mailman/mail/mailman \
'${if def:local_part_suffix \
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
{post}}' \
${lc:$local_part}_${lc:$domain}
current_directory = /usr/local/cpanel/3rdparty/mailman
home_directory = /usr/local/cpanel/3rdparty/mailman
user = mailman
group = mailman
mailman_virtual_transport_nodns:
driver = pipe
command = /usr/local/cpanel/3rdparty/mailman/mail/mailman \
'${if def:local_part_suffix \
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
{post}}' \
${lc:$local_part}
current_directory = /usr/local/cpanel/3rdparty/mailman
home_directory = /usr/local/cpanel/3rdparty/mailman
user = mailman
group = mailman
######################################################################
# RETRY CONFIGURATION #
######################################################################
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 8 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,8h
# End of Exim 4 configuration