Cały cfg mam prawie domyślny EXIMa tak jak było w instalacji EOS.
########################################################################## #
# ABY przetestowac plik konfiguracyjny uruchom recznie polecenie ponizej #
# "exim -C /config/file.new -bV"). #
# #
########### IMPORTANT ########## IMPORTANT ########### IMPORTANT ###########
# Połączenie z baza
hide mysql_servers = "localhost/poczta/poczta/eospoczta"
# ewentualne uruchomienie spamassassin
#local_scan_path = /usr/lib/exim/local_scan/sa-exim.so
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
# Adres IP (lub adresy) interfejsów, na których ma słuchać Exim
# - domyślnie słucha na wszystkich (0.0.0.0)
#local_interfaces = adres_ip
# Odpłotkuj powyższe i wpisz adres IP (lub adresy oddzielone dwukropkiem),
# jeśli chcesz, aby Exim pracował wyłącznie na konkretnych interfejsach.
# Przydaje się, jeśli mamy kilka publicznych adresów IP - warto wtedy ustawić Exima
# na innym adresie niż (S)NAT - jeśli któryś z klientów zza NAT-u zacznie masowo
# wysyłać spam i znajdzie się na RBL-ach, to nasz serwer pozostanie "czysty",
# bo na czarnej liście znajdzie się adres NAT-u, a nie Exima
#### powinno się też wtedy odpłotkować wpis "interface" i wpisać ten sam adres IP
#### w transporcie "remote_smtp" w sekcji "TRANSPORTS"
# porty nasluchujace i port tls
daemon_smtp_ports = 25:465
tls_on_connect_ports = 465
# Poniżej podajemy np. nasze IP, domenę i nazwę mx, czesto spamerzy usiłują sie przedstawiać jako my
# - to posłuży do ich odrzucania na etapie EHLO
MY_IP = XXX.XXX.XXX.XXX
MY_DOM = XXX.com
MY_MX = XXX.com
################################################################
############# Pełna nazwa domenowa serwera (FQDN) ##############
primary_hostname = XXX.com
# Domena (lub kilka domen oddzielonych dwukropkiem) dla kont systemowych
domainlist system_domains = @ :
# Lista domen wirtualnych w mysql
domainlist mysql_local_domains = ${lookup mysql {SELECT nazwa FROM domeny WHERE nazwa="${domain}" AND alias=''}}
# Lista domen, które są aliasami domenowymi
#domainlist mysql_alias_domains = ${lookup mysql {SELECT nazwa FROM domeny WHERE nazwa="${domain}" AND alias!=''}}
# Jeśli zdecydujesz korzystać z powyższego, należy dopisać (po dwukropku)
# +mysql_alias_domains do listy domen lokalnych "local_domains" (poniżej)
# oraz odpłotkować router "mysql_domain_alias" w sekcji "ROUTERS".
# lista domen lokalnych, czyli wszystkie domeny obsługiwane przez serwer ( w tym również "wirtualne" )
domainlist local_domains = +system_domains : +mysql_local_domains
# Jeśli twój serwer jest zapasowym MX-em dla jakichś domen - dopisz je tutaj,
# w przeciwnym razie NIE WPISUJ NIC, bo zrobisz sobie open-relay !!!!
domainlist relay_to_domains =
# jeśli masz zapasowe MX - dopisz je tutaj (nazwy albo IP, oddzielone dwukropkiem),
# w przeciwnym razie NIE DOPISUJ NIC, bo zrobisz sobie open-relay !!!!
hostlist relay_from_hosts = 127.0.0.1
######## GREYLISTING ########
# Zapłotkuj poniższą linię, jeśli NIE chcesz używać greylistingu
GREYLIST_ENABLED=
# smtp baner
smtp_banner = +OK super.duper.baner.wyswietlany.w.naglowkach ready
# odwolanie do skanera antywirusowego, jesli z tego rezygnujesz - zapłotkuj też
# odpowiednie linie w acl_check_data w sekcji ACL CONFIGURATION
av_scanner = clamd:/var/lib/clamav/clamd.socket
#spamd_address = 127.0.0.1 783
# Domena, która będzie dodawana do adresu w przypadku, kiedy adres ten zawiera
# tylko część lokalną (bez domeny).
# Jeśli zostanie to zapłotkowane, to użyta będzie wartość wpisana w "primary_hostname".
# W zasadzie dotyczy tylko maili generowanych lokalnie.
qualify_domain = XXX.com
# Domena, która będzie dodawana do adresu ODBIORCY w przypadku, kiedy adres ten
# zawiera tylko część lokalną (bez domeny).
# Jeśli pozostanie to zapłotkowane, to będzie użyta wartość wpisana w "qualify_domain",
# a jeśli i tamto jest zapłotkowane, to zostanie użyte "primary_hostname".
# Podobnie, jak w przypadku "qualify_domain", dotyczy maili generowanych lokalnie.
#qualify_recipient =
# Odhaszuj poniższe, jesli chcesz dostawac maile od
user@111.222.333.444,
# bedziesz miał wiecej spamu
#allow_domain_literals
# To juz jest wbudowane na etapie kompilacji wiec moze byc zahaszowane
# ale mozesz odhaszowac np. gdybys chcial wyciac usera nobody...
#never_users = root
# Poniższe ustawienie powoduje, że Exim robi rev-DNS lookup dla każdego
# łączącego się hosta w celu uzyskania jego nazwy.
host_lookup = *
# The settings below, which are actually the same as the defaults in the
# code, cause Exim to make RFC 1413 (ident) callbacks for all incoming SMTP
# calls. You can limit the hosts to which these calls are made, and/or change
# the timeout that is used. If you set the timeout to zero, all RFC 1413 calls
# are disabled. RFC 1413 calls are cheap and can provide useful information
# for tracing problem messages, but some hosts and firewalls have problems
# with them. This can result in a timeout instead of an immediate refused
# connection, leading to delays on starting up an SMTP session.
#rfc1413_hosts = *
#rfc1413_query_timeout = 30s
# By default, Exim expects all envelope addresses to be fully qualified, that
# is, they must contain both a local part and a domain. If you want to accept
# unqualified addresses (just a local part) from certain hosts, you can specify
# these hosts by setting one or both of
#
# sender_unqualified_hosts =
# recipient_unqualified_hosts =
#
# to control sender and recipient addresses, respectively. When this is done,
# unqualified addresses are qualified using the settings of qualify_domain
# and/or qualify_recipient (see above).
# If you want Exim to support the "percent hack" for certain domains,
# uncomment the following line and provide a list of domains. The "percent
# hack" is the feature by which mail addressed to x%y@z (where z is one of
# the domains listed) is locally rerouted to x@y and sent on. If z is not one
# of the "percent hack" domains, x%y is treated as an ordinary local part. This
# hack is rarely needed nowadays; you should not enable it unless you are sure
# that you really need it.
#
# percent_hack_domains =
#
# As well as setting this option you will also need to remove the test
# for local parts containing % in the ACL definition below.
############################################
# scieżki do certyfikatow
tls_certificate = /etc/mail/exim.crt
tls_privatekey = /etc/mail/exim.key
tls_advertise_hosts = *
#tls_verify_hosts = *
# ograniczenie wielkosci pojedynczego maila
message_size_limit = 50M
# Zmienia nagłówki w przetwarzanej poczcie.
# Uwaga - "Windows Mail SMTP" możesz sobie zmienić na cokolwiek innego
received_header_text = "Received: \
${if def:sender_fullhost {from ${sender_fullhost}\n\t } \
{${if def:sender_ident {from ${sender_ident} }} \
${if def:sender_helo_name {(helo=${sender_helo_name})\n\t }}}}\
by ${primary_hostname} (Windows Mail SMTP) \
${if def:received_protocol {with ${received_protocol}}}\n\t \
${if def:tls_cipher {(tls_cipher ${tls_cipher}) }}\
${if def:tls_peerdn {(tls_peerdn ${tls_peerdn}) }}\
id ${message_id}\
${if def:received_for {\n\t for <$received_for>}}"
# This option unfreezes frozen bounce messages after two days, tries
# once more to deliver them, and ignores any delivery failures.
ignore_bounce_errors_after = 2d
# This option cancels (removes) frozen messages that are older than a week.
timeout_frozen_after = 7d
# Deklaracje list kontroli dostępu (ACL)
acl_smtp_auth = acl_check_auth
acl_smtp_helo = acl_check_helo
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
# Makra z zapytaniami SQL dla białych i czarnych list
WHITE_HOST_QUERY = SELECT CASE WHEN id > 0 THEN '${quote_mysql:$sender_host_address}' ELSE '' END \
FROM `white_hosts` WHERE '${quote_mysql:$sender_host_name}' REGEXP \
CONCAT('^', REPLACE(REPLACE(`host`, '.', '[.full-stop.]'), '*', '.*'), '\$') \
OR '${quote_mysql:$sender_host_address}' REGEXP \
CONCAT('^', REPLACE(REPLACE(`host`, '.', '[.full-stop.]'), '*', '.*'), '\$') LIMIT 1
BLACK_HOST_QUERY = SELECT CASE WHEN id > 0 THEN '${quote_mysql:$sender_host_address}' ELSE '' END \
FROM `black_hosts` WHERE '${quote_mysql:$sender_host_name}' REGEXP \
CONCAT('^', REPLACE(REPLACE(`host`, '.', '[.full-stop.]'), '*', '.*'), '\$') \
OR '${quote_mysql:$sender_host_address}' REGEXP \
CONCAT('^', REPLACE(REPLACE(`host`, '.', '[.full-stop.]'), '*', '.*'), '\$') LIMIT 1
WHITE_SENDER_QUERY = SELECT CASE WHEN id > 0 THEN '${quote_mysql:$sender_address}' ELSE '' END \
FROM `white_senders` WHERE '${quote_mysql:$sender_address}' REGEXP \
CONCAT('^', REPLACE(REPLACE(`adres`, '.', '[.full-stop.]'), '*', '.*'), '\$') LIMIT 1
BLACK_SENDER_QUERY = SELECT CASE WHEN id > 0 THEN '${quote_mysql:$sender_address}' ELSE '' END \
FROM `black_senders` WHERE '${quote_mysql:$sender_address}' REGEXP \
CONCAT('^', REPLACE(REPLACE(`adres`, '.', '[.full-stop.]'), '*', '.*'), '\$') LIMIT 1
WHITE_RCPT_QUERY = SELECT CASE WHEN id > 0 THEN '${quote_mysql:$local_part@$domain}' ELSE '' END \
FROM `white_tos` WHERE '${quote_mysql:$local_part@$domain}' REGEXP \
CONCAT('^', REPLACE(REPLACE(`adres`, '.', '[.full-stop.]'), '*', '.*'), '\$') LIMIT 1
hostlist white_hosts = mysql;WHITE_HOST_QUERY
hostlist black_hosts = mysql;BLACK_HOST_QUERY
addresslist white_senders = mysql;WHITE_SENDER_QUERY
addresslist black_senders = mysql;BLACK_SENDER_QUERY
.ifdef GREYLIST_ENABLED
.include /etc/mail/grey.conf
.endif
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
# Wymuszenie STARTTLS przed autentykacją
acl_check_auth:
accept encrypted = *
deny message = STARTTLS required before AUTH
acl_check_mail:
deny authenticated = *
condition = ${if eq{$authenticated_id}{$sender_address}{0}{1}}
message = Login nie zgodny z adresem nadawcy !
# zapłotkuj poniższe 4 linie, jeśli NIE chcesz blokować wysyłania poczty z kont wirtualnych,
# które mają ustawioną blokadę
deny authenticated = *
condition = ${lookup mysql {SELECT nazwa FROM skrzynki WHERE \
nazwa='${sender_address_local_part}' AND domena='${sender_address_domain}' AND blokada='0'}{0}{1}}
message = Konto zablokowane! Skontaktuj sie z administratorem
accept
# odrzucanie poczty z hostów, które próbują się podszyć pod nas,
# podając HELO wskazujące na nasz własny serwer
# albo podajc w HELO "localhost" , "*.localdomain" czy "127.0.0.1"
acl_check_helo:
accept hosts = :
accept hosts = +relay_from_hosts
drop condition = ${if match{$sender_helo_name}{MY_IP}{yes}{no} }
message = "Dropped spammer pretending to be us"
drop condition = ${if match{$sender_helo_name}{MY_DOM}{yes}{no} }
message = "Dropped spammer pretending to be us"
drop condition = ${if match{$sender_helo_name}{MY_MX}{yes}{no} }
message = "Dropped spammer pretending to be us"
drop condition = ${if match{$sender_helo_name}{^[0-9].[0-9].[0-9].[0-9]}{yes}{no} }
message = "Dropped IP-only or IP-starting helo"
drop message = $sender_helo_name is a silly HELO
condition = ${if match\
{$sender_helo_name}\
{\N^(127\.0\.0\.1|localhost(\.localdomain)?)$\N}\
{yes}{no}}
accept
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
require message = Can't verify sender
verify = sender
accept local_parts = postmaster
domains = +local_domains
accept hosts = +relay_from_hosts
accept authenticated = *
require message = Najpierw sie zaloguj - Authenticate first
sender_domains = !+local_domains
message = relay not permitted
domains = +local_domains : +relay_to_domains
message = Can't verify recipient
verify = recipient
# Globalna white-lista adresów nadawców
accept senders = +white_senders
# Globalna white-lista hostów
accept hosts = +white_hosts
# Odpłotkuj poniższe, jeśli chcesz odrzucać pocztę z hostów, dla których
# DNS lookup na nazwie hosta, uzyskanej w wyniku rev-DNS lookup, daje
# inne IP, niż to, z którego się dany host łączy.
# UWAGA - może odrzucać dużo "dobrej" poczty
# deny message = DNS lookup failed for host $sender_host_address.
# !verify = reverse_host_lookup
# blokada dynamicznych IP
drop message = Client Policy Restriction: Reverse DNS indicates end user IP.
condition = ${lookup{$sender_host_name}wildlsearch{/etc/mail/dynamicranges}{true}{false}}
# Globalna black-lista adresów nadawców
# Odrzucanie poczty od niechcianych nadawców ( adres kopertowy )
deny message = Sender envelope address $sender_address is locally blacklisted here.
senders = +black_senders
# Globalna black-lista hostów
# Odrzucanie poczty wysyłanej z niechcianych hostów
deny message = Host $sender_host_address is locally blacklisted here.
hosts = +black_hosts
# tu wprowadzamy korzystanie z rbl - jest siedem list - mozna wiecej dodac albo którąś usunąć
# lista serwerów rbl znajduje się w pliku /etc/mail/rblists -
# - pod dokonaniu zmian w tym pliku NIE potrzeba restartować Exima.
deny message = DNSBL listed at $dnslist_domain\n$dnslist_text
dnslists = /etc/mail/rblists
.ifdef GREYLIST_ENABLED
defer !senders = : postmaster@*
condition = ${lookup mysql{WHITE_RCPT_QUERY}{no}{yes}}
acl = greylist_acl
message = Greylisted - please try again later
.endif
accept
####### tu sie zaczyna sekcja skanowania treści ( "EXISCAN" ) ########
acl_check_data:
accept hosts = : 127.0.0.1
deny message = This message contains a MIME error ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
.ifdef GREYLIST_ENABLED
defer senders = : postmaster@*
condition = ${lookup mysql{WHITE_RCPT_QUERY}{no}{yes}}
!hosts = +white_hosts
!senders = +white_senders
acl = greylist_acl
message = Greylisted - try again later
.endif
# Można dodać plik z hostami, z których wirusy i inne badziewie są mile widziane
#accept hosts = /etc/mail/dontscan
# odrzucanie poczty zawierającej potencjalnie niebezpieczne załączniki
deny message = Pliki z rozszerzeniem $found_extension nie sa tutaj mile widziane
demime = scr:vbs:bat:lnk:pif:exe:com:dll:reg
# odrzucanie poczty zawierającej wirusy wykryte przez clamav
##### zapłotkuj poniższe 2 linie, jeśli NIE używasz clamav ######
deny message = Virus found - Znaleziono wirusa ( $malware_name )
malware = *
accept
######################### GREYLIST ACL ########################
.ifdef GREYLIST_ENABLED
greylist_acl:
warn set acl_m8 = ${lookup mysql{GREYLIST_TEST}{$value}{result=unknown}}
set acl_m9 = ${extract{id}{$acl_m8}{$value}{-1}}
set acl_m8 = ${extract{result}{$acl_m8}{$value}{unknown}}
accept condition = ${if eq{$acl_m8}{unknown}{1}}
condition = ${lookup mysql{GREYLIST_ADD}{yes}{no}}
# Odpłotkuj poniżej, jeśli chcesz zapisywać logi greylistingu w bazie mySQL
# warn condition = ${lookup mysql{GREYLIST_LOG}}
accept condition = ${if eq{$acl_m8}{deferred}{1}}
condition = ${lookup mysql{GREYLIST_DEFER_HIT}{yes}{yes}}
warn condition = ${lookup mysql{GREYLIST_OK_COUNT}}
warn !senders = : postmaster@*
condition = ${lookup mysql{GREYLIST_OK_NEWTIME}}
warn senders = : postmaster@*
condition = ${lookup mysql{GREYLIST_OK_BOUNCE}}
deny
.endif
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
# This router routes to remote hosts over SMTP by explicit IP address,
# when an email address is given in "domain literal" form, for example,
# <user@[192.168.35.64]>. The RFCs require this facility. However, it is
# little-known these days, and has been exploited by evil people seeking
# to abuse SMTP relays. Consequently it is commented out in the default
# configuration. If you uncomment this router, you also need to uncomment
# allow_domain_literals above, so that Exim can recognize the syntax of
# domain literal addresses.
# domain_literal:
# driver = ipliteral
# domains = ! +local_domains
# transport = remote_smtp
# This router routes addresses that are not in local domains by doing a DNS
# lookup on the domain name. Any domain that resolves to 0.0.0.0 or to a
# loopback interface address (127.0.0.0/8) is treated as if it had no DNS
# entry. Note that 0.0.0.0 is the same as 0.0.0.0/32, which is commonly treated
# as the local host inside the network stack. It is not 0.0.0.0/0, the default
# route. If the DNS lookup fails, no further routers are tried because of
# the no_more setting, and consequently the address is unrouteable.
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
# The remaining routers handle addresses in the local domain(s).
# aliasy domenowe - odpłotkuj poniższe, jeśli chcesz ich używać
#mysql_domain_alias:
# driver = redirect
# domains = +mysql_alias_domains
# allow_fail
# allow_defer
# data = ${lookup mysql {SELECT CONCAT('${local_part}@', alias) FROM domeny WHERE \
# nazwa='${domain}' AND alias!=''}}
mysql_alias:
driver = redirect
domains = +mysql_local_domains
allow_fail
allow_defer
# Jeśli chcesz odrzucać pocztę PRZYCHODZĄCĄ na alias wirtualny, który ma ustawioną blokadę,
# zapłotkuj następne dwie linie i odpłotkuj 6 kolejnych
data = ${lookup mysql {SELECT alias FROM skrzynki WHERE nazwa='${local_part}' \
AND domena='${domain}' AND alias!='' AND alias!=CONCAT('${local_part}@','${domain}')}}
# condition = ${lookup mysql {SELECT alias FROM skrzynki WHERE nazwa='${local_part}' \
# AND domena='${domain}' AND alias!='' AND alias!=CONCAT('${local_part}@','${domain}') }{yes}{no}}
# data = ${lookup mysql {SELECT alias FROM skrzynki WHERE nazwa='${local_part}' \
# AND domena='${domain}' AND alias!='' AND alias!=CONCAT('${local_part}@','${domain}') AND blokada='0' }}
# no_more
# cannot_route_message = Konto zablokowane!
# Poniżej odpłotkuj 3 zakomentowane linie, jeśli chcesz odrzucać pocztę PRZYCHODZĄCĄ
# na konta wirtualne, dla których ustawiona jest blokada.
mysql_localuser:
driver = accept
domains = +mysql_local_domains
condition = ${lookup mysql {SELECT nazwa FROM skrzynki WHERE \
nazwa='${local_part}' AND domena='${domain}' AND alias=''}{yes}{no}}
# address_data = ${lookup mysql {SELECT nazwa FROM skrzynki WHERE \
# nazwa='${local_part}' AND domena='${domain}' AND alias='' AND blokada='0'}{$value}fail}
transport = mysql_delivery
no_more
# cannot_route_message = Konto zablokowane !
# This router handles aliasing using a linearly searched alias file with the
# name /etc/mail/aliases. When this configuration is installed automatically,
# the name gets inserted into this file from whatever is set in Exim's
# build-time configuration. The default path is the traditional /etc/aliases.
# If you install this configuration by hand, you need to specify the correct
# path in the "data" setting below.
#
##### NB You must ensure that the alias file exists. It used to be the case
##### NB that every Unix had that file, because it was the Sendmail default.
##### NB These days, there are systems that don't have it. Your aliases
##### NB file should at least contain an alias for "postmaster".
#
# If any of your aliases expand to pipes or files, you will need to set
# up a user and a group for these deliveries to run under. You can do
# this by uncommenting the "user" option below (changing the user name
# as appropriate) and adding a "group" option if necessary. Alternatively, you
# can specify "user" on the transports that are used. Note that the transports
# listed below are the same as are used for .forward files; you might want
# to set up different ones for pipe and file deliveries from aliases.
#####################################################################
###### Aliasy globalne ("systemowe") z pliku /etc/mail/aliases ######
# Można używać aliasów typu:
#
# konto1: innekonto
# konto2:
cos@tam.pl# konto3:
inne@konto.pl,
cos@tam.pl, konto1
#
konto3@domena.pl:
jasiu@inna.domena.pl#
# Priorytet ma alias z domeną, czyli jeśli w pliku /etc/mail/aliases
# znajdą się wszystkie powyższe wpisy, to poczta przychodząca
# na adres
'konto3@domena.pl' pójdzie na
'jasiu@inna.domena.pl'
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{${local_part}@${domain}}lsearch{/etc/mail/aliases}{$value}{${lookup{$local_part}lsearch{/etc/mail/aliases}}}}
# user = exim
file_transport = address_file
pipe_transport = address_pipe
# This router handles forwarding using traditional .forward files in users'
# home directories. If you want it also to allow mail filtering when a forward
# file starts with the string "# Exim filter", uncomment the "allow_filter"
# option.
# The no_verify setting means that this router is skipped when Exim is
# verifying addresses. Similarly, no_expn means that this router is skipped if
# Exim is processing an EXPN command.
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A.
# The three transports specified at the end are those that are used when
# forwarding generates a direct delivery to a file, or to a pipe, or sets
# up an auto-reply, respectively.
userforward:
driver = redirect
domains = +system_domains
check_local_user
file = $home/.forward
no_verify
no_expn
check_ancestor
allow_filter
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
#################################
# procmail
#################################
#procmail:
# driver = accept
# domains = +system_domains
# check_local_user
# transport = procmail_pipe
# cannot_route_message = Procmail error
################################
# This router matches local user mailboxes. If the router fails, the error
# message is "Unknown user".
localuser:
driver = accept
domains = +system_domains
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a router that successfully
# handles an address.
begin transports
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
driver = smtp
# odpłotkuj poniższe i wpisz adres IP, jeśli ustawiłeś na początku konfigu opcję "local_interfaces"
#interface = Adres_IP
mysql_delivery:
driver = appendfile
# domyślny format przechowywania dla kont wirtualnych: maildir
# jeśli chcesz mbox - zapłotkuj poniższe 2 linie i odpłotkuj trzecią
maildir_format = true
directory = /var/spool/mail/${domain}/${local_part}
# file = /var/spool/mail/${domain}/${local_part}
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# local user, and requires the sticky bit to be set on the /var/spool/mail directory.
# Some systems use the alternative approach of running mail deliveries under a
# particular group instead of using the sticky bit. The commented options below
# show how this can be done.
local_delivery:
driver = appendfile
# domyślny format przechowywania dla kont systemowych: mbox
# jeśli chcesz maildir - zapłotkuj poniższą linię i odpłotkuj dwie kolejne
file = /var/spool/mail/$local_part
# maildir_format = true
# directory = /var/spool/mail/local/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
# mode = 0660
# This transport is used for handling pipe deliveries generated by alias or
# .forward files. If the pipe generates any standard output, it is returned
# to the sender of the message as a delivery error. Set return_fail_output
# instead of return_output if you want this to happen only when the pipe fails
# to complete normally. You can set different transports for aliases and
# forwards if you want to - see the references to address_pipe in the routers
# section above.
address_pipe:
driver = pipe
return_output
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
# This transport is used for handling autoreplies generated by the filtering
# option of the userforward router.
address_reply:
driver = autoreply
####################################
# procmail
####################################
procmail_pipe:
driver = pipe
command = /usr/bin/procmail -d $local_part
return_path_add
delivery_date_add
envelope_to_add
# check_string = "From "
# escape_string = ">From "
user = $local_part
group = mail
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = "${if and { \
{!eq{$2}{}} \
{!eq{$3}{}} \
{crypteq{$3}{${lookup mysql{SELECT haslo FROM skrzynki WHERE ( domena = '${domain:$2}' AND nazwa = '${local_part:$2}') }{$value}fail}} }} {1}{0}}"
server_set_id = $2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${if and { \
{!eq{$1}{}} \
{!eq{$2}{}} \
{crypteq{$2}{${lookup mysql{SELECT haslo FROM skrzynki WHERE (domena = '${domain:$1}' AND nazwa = '${local_part:$1}') }{$value}fail}} }} {1}{0}}"
server_set_id = $1
######################################################################
# CONFIGURATION FOR local_scan() #
######################################################################
# If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.
# begin local_scan
# End of Exim configuration file
Zaloguj się
Zarejestruj się
FAQ
Szukaj
