eine Frage zum Zusammenspiel von Exim, SA und /etc/aliases.
Ich habe seit geraumer Zeit die (v)Exim/SA/mailman Installation am laufen und es funktioniert auch wunderbar. Bis auf den einen Punkt, dass in mails an Einträge in /etc/aliases der X-Spam-Score geschrieben aber nicht beachtet wird. (seit dem letzten upgrade auf 4.50-8?)
In /etc/aliases stehen postmaster, root und abuse, die an eine Admin-Adresse weitergeleitet werden.
Code: Select all
postmaster: root
abuse: root
root: admin@domain.tld
Da mein Bedarf an Anatrim, VdIAGRA etc langsam gedeckt ist, meine Frage:
kann mir jemand auf die Sprünge helfen, wo der Fehler liegt? Wie bekomme ich o.g. Adressen auch SA-gefiltert? Neuer Router/Transport, Reihernfolge, ...?
vielen Dank i.v.
Exim: 4.50-8sarge2
SA: 3.1.0a-2
exim4.conf:
Code: Select all
system_filter = /etc/exim4/system_filter
system_filter_user = Debian-exim
MAILMAN_HOME=/var/lib/mailman
MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
MAILMAN_USER=list
MAILMAN_GROUP=daemon
MY_IP = ***.***.***.***
VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'
domainlist local_domains = @ : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
domainlist relay_to_domains = ${lookup mysql{RELAY_DOMAINS}}
hostlist relay_from_hosts = localhost
trusted_users = vmail:www-data
hide mysql_servers = localhost::(/var/run/mysqld/mysqld.sock)/vexim/vexim/*******
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_content
acl_smtp_helo = acl_check_helo
av_scanner = clamd:/var/run/clamav/clamd.ctl
spamd_address = 127.0.0.1 783
exim_user = Debian-exim
exim_group = Debian-exim
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 1d
timeout_frozen_after = 5d
log_selector = +all
begin acl
.include /etc/exim4/vexim-acl-check-spf.conf
#.include /usr/local/etc/exim/vexim-acl-check-spf.conf
acl_check_helo:
# Include Vexim specific helo ACLs
.include /etc/exim4/vexim-acl-check-helo.conf
acl_check_rcpt:
accept hosts = :
.include /etc/exim4/vexim-acl-check-rcpt.conf
deny local_parts = ^.*[@%!/|] : ^\.
accept local_parts = postmaster
domains = +local_domains
accept domains = +local_domains
endpass
verify = recipient
accept domains = +relay_to_domains
endpass
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
acl_check_content:
.include /etc/exim4/vexim-acl-check-content.conf
accept
begin routers
mailman_router:
driver = accept
require_files = MAILMAN_HOME/lists/$local_part/config.pck
local_part_suffix_optional
local_part_suffix = -bounces : -bounces+* :
-confirm+* : -join : -leave :
-owner : -request : -admin
headers_remove = X-Spam-Score:X-Spam-Report
transport = mailman_transport
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
ditch_maxmsgsize:
driver = redirect
allow_fail
condition = ${if >{$message_size}{${lookup mysql{select users.maxmsgsize from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.maxmsgsize > 0
and users.domain_id=domains.domain_id }{${value}K}fail}} {yes}{no}}
data = :fail:nYour message is too big.n
Your message was rejected because the user $local_part@$domainn
does not accept messages larger than
${lookup mysql{select users.maxmsgsize from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.maxmsgsize > 0
and users.domain_id=domains.domain_id}{${value}K}fail} Kb.
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_malware:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if and { {match {$h_X-ACL-Warn:}{.*malware.*}}
{eq {${lookup mysql{select users.on_avscan from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.on_avscan = '1'
and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
ditch_spam:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if >{$spam_score_int}{${lookup mysql{select users.sa_refuse * 10 from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.on_spamassassin = '1'
and users.domain_id=domains.domain_id
and users.sa_refuse > 0 }{$value}fail}} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_hdrmailer:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains
where blocklists.blockhdr = 'x-mailer'
and blocklists.blockval = '${quote_mysql:$h_x-mailer:}'
and users.localpart = '${quote_mysql:$local_part}'
and domains.domain = '${quote_mysql:$domain}'
and domains.domain_id=blocklists.domain_id
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_hdrto:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains
where blocklists.blockhdr = 'to'
and blocklists.blockval = '${quote_mysql:$h_to:}'
and users.localpart = '${quote_mysql:$local_part}'
and domains.domain = '${quote_mysql:$domain}'
and domains.domain_id=blocklists.domain_id
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_hdrfrom:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains
where blocklists.blockhdr = 'from'
and blocklists.blockval = '${quote_mysql:$h_from:}'
and users.localpart = '${quote_mysql:$local_part}'
and domains.domain = '${quote_mysql:$domain}'
and domains.domain_id=blocklists.domain_id
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
ditch_hdrsubject:
driver = redirect
allow_fail
data = :blackhole:
condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains
where blocklists.blockhdr = 'subject'
and blocklists.blockval = '${quote_mysql:$h_subject:}'
and users.localpart = '${quote_mysql:$local_part}'
and domains.domain = '${quote_mysql:$domain}'
and domains.domain_id=blocklists.domain_id
and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
virtual_vacation:
driver = accept
condition = ${if and { {!match {$h_precedence:}{(?i)junk|bulk|list}}
{eq {${lookup mysql{select users.on_vacation from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.on_vacation = '1'
and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
no_verify
no_expn
unseen
transport = virtual_vacation_delivery
virtual_forward:
driver = redirect
check_ancestor
data = ${lookup mysql{select forward from users,domains
where localpart='${quote_mysql:$local_part}'
and domain='${quote_mysql:$domain}'
and users.domain_id=domains.domain_id
and on_forward = '1'}}
# We explicitly make this condition NOT forward mailing list mail!
condition = ${if and { {!match {$h_precedence:}{(?i)junk|bulk|list}}
{eq {${lookup mysql{select users.on_forward from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.on_forward = '1'
and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
virtual_domains:
driver = redirect
allow_fail
data = ${lookup mysql{select smtp from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and domains.enabled = '1'
and users.enabled = '1'
and users.domain_id = domains.domain_id}}
headers_add = ${if >{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.on_spamassassin = '1'
and users.domain_id=domains.domain_id }{$value}fail}} {X-Spam-Flag: YESn}{} }
headers_remove = ${if or { { <{$spam_score_int}{1} }
{ <{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.on_spamassassin = 1
and users.domain_id=domains.domain_id}{$value}fail}} }
{ eq {0}{${lookup mysql{select users.sa_tag * 10 from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.on_spamassassin = 0
and users.domain_id=domains.domain_id}{$value}fail}}}
} {X-Spam-Score:X-Spam-Report} }
local_part_suffix = -*
local_part_suffix_optional
retry_use_local_part
file_transport = virtual_delivery
reply_transport = address_reply
pipe_transport = address_pipe
virtual_domains_catchall:
driver = redirect
allow_fail
data = ${lookup mysql{select smtp from users,domains where localpart = '*'
and domain = '${quote_mysql:$domain}'
and users.domain_id = domains.domain_id}}
retry_use_local_part
file_transport = virtual_delivery
reply_transport = address_reply
pipe_transport = address_pipe_catchall
virtual_domain_alias:
driver = redirect
allow_fail
data = ${lookup mysql{select concat('${quote_mysql:$local_part}@', domain)
from domains,domainalias where domainalias.alias = '${quote_mysql:$domain}'
and domainalias.domain_id = domains.domain_id}}
retry_use_local_part
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
user = Debian-exim
group = Debian-exim
file_transport = address_file
pipe_transport = address_pipe
localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
begin transports
mailman_transport:
driver = pipe
command = MAILMAN_WRAP
'${if def:local_part_suffix
{${sg{$local_part_suffix}{-(\w+)(\+.*)?}{$1}}}
{post}}'
$local_part
current_directory = MAILMAN_HOME
home_directory = MAILMAN_HOME
user = MAILMAN_USER
group = MAILMAN_GROUP
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
user = $local_part
mode = 0660
no_mode_fail_narrower
virtual_delivery:
driver = appendfile
envelope_to_add
return_path_add
mode = 0600
maildir_format = true
create_directory = true
directory = ${lookup mysql{select smtp from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.domain_id = domains.domain_id}}
user = ${lookup mysql{select users.uid from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.domain_id = domains.domain_id}}
group = ${lookup mysql{select users.gid from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.domain_id = domains.domain_id}}
quota = ${lookup mysql{select users.quota from users,domains
where localpart = '${quote_mysql:$local_part}'
and domain = '${quote_mysql:$domain}'
and users.domain_id = domains.domain_id}{${value}M}}
quota_is_inclusive = false
#quota_size_regex = ,S=(d+):
quota_warn_threshold = 75%
maildir_use_size_file = false
quota_warn_message = "To: $local_part@$domainn
Subject: Mailbox quota warningnn
This message was automatically generated by the mail delivery software.nn
You are now using over 75% of your allocated mail storage quota.nn
If your mailbox fills completely, further incoming messages will be automaticallyn
returned to their senders.nn
Please take note of this and remove unwanted mail from your mailbox.n"
virtual_vacation_delivery:
driver = autoreply
from = "${local_part}@${domain}"
to = ${sender_address}
subject = "Autoreply from ${local_part}@${domain}"
text = ${lookup mysql{select vacation from users,domains
where domain='${quote_mysql:$domain}'
and localpart='${quote_mysql:$local_part}'
and users.domain_id=domains.domain_id}}
address_pipe:
driver = pipe
return_output
user = ${lookup mysql{select users.uid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
group = ${lookup mysql{select users.gid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
address_pipe_catchall:
driver = pipe
return_output
user = ${lookup mysql{select users.uid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
group = ${lookup mysql{select users.gid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
address_pipe_local:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators
plain_login:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT '1' FROM users
WHERE username = '${quote_mysql:$2}'
AND clear = '${quote_mysql:$3}'} {yes}{no}}
server_set_id = $2
fixed_login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${lookup mysql{SELECT '1' FROM users
WHERE username = '${quote_mysql:$1}'
AND clear = '${quote_mysql:$2}'} {yes}{no}}
server_set_id = $1
fixed_cram:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT clear FROM users
WHERE username = '${quote_mysql:$1}'}{$value}fail}
server_set_id = $1