back
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
# MySQL defines
MYSQL_SERVER=localhost
MYSQL_USER=exim
MYSQL_PASSWORD=eximpass
MYSQL_DB=email
MYSQL_EMAILTABLE=emailtable
MYSQL_DOMAINTABLE=domaintable
MYSQL_DOMAINRTABLE=relaytable
MYSQL_WHITETABLE=whitelist
MYSQL_BLACKTABLE=blacklist
MYSQL_AUTHTABLE=boxauth
# Mailman vars
MAILMAN_HOME=/var/lib/mailman
MAILMAN_WRAP=MAILMAN_HOME/mail/wrapper
MAILMAN_UID=list
MAILMAN_GID=list
# MySQL queries
MYSQL_Q_ISAWAY=SELECT domain FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}' AND is_away='yes'
MYSQL_Q_AWAYTEXT=SELECT away_text FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}'
MYSQL_Q_FORWARD=SELECT forward FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}' AND forward != ''
MYSQL_Q_CC=SELECT cc FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}'
MYSQL_Q_LOCAL=SELECT domain FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}' AND box != ''
MYSQL_Q_WCLOCAL=SELECT domain FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='*' AND forward != ''
MYSQL_Q_WCLOCFW=SELECT forward FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='*' AND forward != ''
MYSQL_Q_LDOMAIN=SELECT DISTINCT domain FROM MYSQL_DOMAINTABLE WHERE domain='$domain'
MYSQL_Q_RDOMAIN=SELECT DISTINCT domain FROM MYSQL_DOMAINRTABLE WHERE domain='$domain'
MYSQL_Q_BOXNAME=SELECT box FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}'
MYSQL_Q_SPAMC=SELECT domain FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}' AND opt_spamscan='yes'
MYSQL_Q_VSCAN=SELECT domain FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}' AND opt_virscan='yes'
MYSQL_Q_SPAMPURGE=SELECT domain FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}' AND opt_spampurge='yes'
MYSQL_Q_DISABLED=SELECT domain FROM MYSQL_EMAILTABLE WHERE domain='${quote_mysql:$domain}' AND local_part='${quote_mysql:$local_part}' AND is_enabled='no'
MYSQL_Q_WHITELIST=SELECT DISTINCT MYSQL_WHITETABLE.address FROM MYSQL_WHITETABLE WHERE '${quote_mysql:$sender_address}' LIKE whitelist.address
MYSQL_Q_BLACKLIST=SELECT DISTINCT MYSQL_BLACKTABLE.address FROM MYSQL_BLACKTABLE WHERE '${quote_mysql:$sender_address}' LIKE blacklist.address
MYSQL_Q_AUTHPWD1=SELECT boxname FROM MYSQL_AUTHTABLE WHERE boxname='$2' AND boxpwd=encrypt('$3',boxpwd)
MYSQL_Q_AUTHPWD2=SELECT boxname FROM MYSQL_AUTHTABLE WHERE boxname='$1' AND boxpwd=encrypt('$2',boxpwd)
# MySQL connection
hide mysql_servers = "MYSQL_SERVER/MYSQL_DB/MYSQL_USER/MYSQL_PASSWORD"
# starting 'normal' config
primary_hostname = mail.
domainlist local_domains = mysql;MYSQL_Q_LDOMAIN
domainlist relay_to_domains = mysql;MYSQL_Q_RDOMAIN
hostlist relay_from_hosts = 127.0.0.1
acl_smtp_rcpt = acl_check_rcpt
qualify_domain =
# qualify_recipient =
# allow_domain_literals
never_users = root
trusted_users = amavis : list
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 15s
check_spool_space = 50M
check_log_space = 20M
return_size_limit = 20k
message_size_limit = 20M
# sender_unqualified_hosts =
# recipient_unqualified_hosts =
# percent_hack_domains =
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
deliver_queue_load_max = 8
queue_only_load = 10
remote_max_parallel = 15
#tls_certificate =
#tls_privatekey =
#tls_advertise_hosts = *
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_rcpt:
accept hosts = :
deny domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept domains = +local_domains
endpass
verify = recipient
accept domains = +relay_to_domains
endpass
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
fail_router:
driver = redirect
domains = ${lookup mysql {MYSQL_Q_DISABLED}{$value}}
data = ":fail:"
allow_fail
##uncomment, if you plan to use mailman (www.list.org)
#mailman_aliases:
# driver = redirect
# allow_fail
# allow_defer
# data = ${lookup{$local_part}lsearch{/etc/aliases.mailman}}
# file_transport = address_file
# pipe_transport = address_pipe
amavis_director:
driver = manualroute
domains = ${lookup mysql {MYSQL_Q_VSCAN}{$value}}
condition = "${if or { \
{eq{$received_protocol}{scanned-ok}} \
{eq{$received_protocol}{spam-scanned}} \
# if you like to scan mails from localhost too, then comment the following line (not good for big mailman lists...)
{eq{$sender_host_address}{127.0.0.1}} \
} \
{0}{1}}"
route_list = "* localhost byname"
transport = amavis
verify = false
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
blacklist_router:
driver = manualroute
senders = ${lookup mysql {MYSQL_Q_BLACKLIST}{$value}}
condition = "${if !def:h_X-Spam-Flag: {1}{0}}"
headers_add = X-Spam-Flag: YES
route_list = * localhost
self = pass
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
# user = exim
file_transport = address_file
pipe_transport = address_pipe
spamcheck_director:
driver = manualroute
domains = ${lookup mysql {MYSQL_Q_SPAMC}{$value}}
senders = ! ${lookup mysql {MYSQL_Q_WHITELIST}{$value}}
condition = ${if and { \
{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} \
} {1}{0}}
headers_remove = X-Spam-Flag
route_list = "* localhost byname"
transport = spamcheck
verify = false
spampurge_director:
driver = manualroute
domains = ${lookup mysql {MYSQL_Q_SPAMPURGE}{$value}}
condition = "${if eq{$h_X-Spam-Flag:}{YES} {1}{0}}"
route_list = "* localhost byname"
transport = devnull_transport
verify = false
vacation_director:
driver = accept
domains = ${lookup mysql {MYSQL_Q_ISAWAY}{$value}}
transport = vacation_autoreply
unseen
virtual_cc_director:
driver = redirect
data = ${lookup mysql {MYSQL_Q_CC}{$value}}
unseen
virtual_forward_director:
driver = redirect
data = ${lookup mysql {MYSQL_Q_FORWARD}{$value}}
virtual_local_mailbox:
driver = accept
domains = ${lookup mysql {MYSQL_Q_LOCAL}{$value}}
transport = virtual_local_md_delivery
virtual_wclocal_redirect:
driver = redirect
domains = ${lookup mysql {MYSQL_Q_WCLOCAL}{$value}}
data = ${lookup mysql {MYSQL_Q_WCLOCFW}{$value}}
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
begin transports
remote_smtp:
driver = smtp
devnull_delivery:
driver = appendfile
file = /dev/null
group = mail
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
amavis:
driver = pipe
command = "/usr/sbin/amavis <${sender_address}> ${pipe_addresses}"
message_prefix =
message_suffix =
check_string =
escape_string =
# for debugging change return_output to true
return_output = false
return_path_add = false
user = amavis
group = mail
path = "/bin:/sbin:/usr/bin:/usr/sbin"
current_directory = "/var/amavis"
spamcheck:
driver = pipe
command = /usr/sbin/exim -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = "/usr/bin/spamc"
home_directory = "/tmp"
current_directory = "/tmp"
user = exim
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
virtual_local_md_delivery:
driver = appendfile
directory = /var/spool/virtual_mail/${lookup mysql {MYSQL_Q_BOXNAME}{$value}}
maildir_format
user = exim
group = mail
mode = 0660
directory_mode = 0770
vacation_autoreply:
driver = autoreply
to = ${sender_address}
from = "vacation@${domain}"
subject = "Ihre Nachricht an ${local_part}@${domain}"
text = ${lookup mysql {MYSQL_Q_AWAYTEXT}{$value}}
devnull_transport:
driver = appendfile
file = /dev/null
user = exim
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.
# Domain Error Retries
# ------ ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
# There are no authenticator specifications in this default configuration file.
begin authenticators
fixed_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{MYSQL_Q_AUTHPWD1}{1}fail}
server_set_id = $2
fixed_login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${lookup mysql{MYSQL_Q_AUTHPWD2}{1}fail}
server_set_id = $1
######################################################################
# CONFIGURATION FOR local_scan() #
######################################################################
# If you have built Exim to include a local_scan() function that contains
# tables for private options, you can define those options here. Remember to
# uncomment the "begin" line. It is commented by default because it provokes
# an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS
# set in the Local/Makefile.
# begin local_scan
# End of Exim configuration file
back