Exim4 Fragen...
Hallo!
Letzte Woche habe ich mir einen "Debian Sarge Heimserver" aufgesetzt und
mittlerweile läuft (fast) alles zu meiner Zufriedenheit. Nur mit der
Konfiguration von Exim4 komme ich nicht so ganz zurecht - die Doku dazu
ist zwar sehr umfangreich, aber leider auch erschlagend...
Der Server soll im Wesentlichen:
o Interne Mails zustellen (homer.billroth.lan)
o Externe Mails über verschiedene Smarthosts zustellen (je nach "From:")
o In externen Mails die billroth.lan Adressen umschreiben
o ClamAV und Spamassassin einbinden
Letzteres funktioniert schon, die ersten drei Punkte nur teilweise.
Eingerichte habe ich Exim nach dem Howto in [1], meine Konfiguration ist
unten.
Wenn ich von Thunderbird (unter Windows, Rechner im LAN) eine externe
Mail verschicke ist alles gut:
2006-05-27 11:38:14 no host name found for IP address 192.168.0.100
2006-05-27 11:38:14 no IP address found for host billroth.lan (during
SMTP connection from [192.168.0.100])
2006-05-27 11:38:14 no IP address found for host billroth.lan (during
SMTP connection from [192.168.0.100])
2006-05-27 11:38:15 1FjvFO-0003ZQ-LZ <= news@billroth.de
H=([192.168.0.100]) [192.168.0.100] P=esmtp S=820
id=44781E05.4000800@billroth.de
2006-05-27 11:38:51 1FjvFO-0003ZQ-LZ => john@doe.de <john@doe.de>
R=smarthost_list T=remote_smtp_list H=smtp.1und1.de [212.227.15.167]
X=TLS-1.0:RSA ...
2006-05-27 11:38:51 1FjvFO-0003ZQ-LZ Completed
Mache ich das Selbe mit mutt passiert das:
2006-05-27 11:42:32 1FjvJY-0003Zp-4J <= ts@homer.billroth.lan U=ts
P=local S=807 id=20060527094231.GA13743@billroth.lan
2006-05-27 11:42:32 1FjvJY-0003Zp-4J ** john@doe.de: Unknown user
2006-05-27 11:42:32 1FjvJY-0003Zr-Ml <= <> R=1FjvJY-0003Zp-4J
U=Debian-exim P=local S=1623
2006-05-27 11:42:32 1FjvJY-0003Zp-4J Completed
Mir ist in etwa klar was da passiert, da im ersten Fall die Mail vom
"externen" news@billroth.de abgeschickt wird (und somit auch extern
zugestellt wird) im zweiten Fall aber von einem lokalen User (und somit
auch versucht wird lokal zuzustellen). Das ist aber nicht das Verhalten,
dass ich möchte (s.o.). Exim soll kapieren, was eine externe und was
eine interne Mail ist... ;-)
Frage: Wie bekomme ich das oben genannte Verhalten hin?
Vielen Dank für's Lesen dieses langen Postings!!
Schönes Wochenende!
# /etc/exim4/exim4.conf
CONFDIR = /etc/exim4
primary_hostname = homer.billroth.lan
domainlist local_domains = @:localhost:billroth.lan:billroth.ath.cx
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1 : ::::1 : 192.168.0.0/24
sender_unqualified_hosts = @:localhost:billroth.lan:billroth.ath.cx
recipient_unqualified_hosts = @:localhost:billroth.lan:billroth.ath.cx
av_scanner = clamd:/var/run/clamav/clamd.ctl
tls_certificate = /etc/exim4/exim4.cert.pem
tls_privatekey = /etc/exim4/exim4.key.pem
tls_advertise_hosts = *
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
begin acl
acl_check_rcpt:
accept hosts = : 127.0.0.1
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept domains = +local_domains
endpass
verify = recipient
accept domains = +relay_to_domains
endpass
verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
acl_check_data:
warn message = X-Virus: FOUND ($malware_name)
demime = *
malware = *
warn condition = ${if !def:header_Date: {1}}
hosts = :
message = Date: $tod_full
accept
begin routers
smarthost_list:
debug_print = "R: smarthost list for $local_part@$domain"
driver = manualroute
domains = ! +local_domains
senders = wildlsearch;CONFDIR/sender.smarthost.passwd
transport = remote_smtp_list
route_list = *
${extract{1}{:}{${lookup{$sender_address}wildlsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}
host_find_failed = defer
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
localuser:
driver = accept
check_local_user
transport = procmail_pipe
cannot_route_message = Unknown user
begin transports
remote_smtp:
driver = smtp
remote_smtp_list:
debug_print = "T: remote_smtp_list for $local_part@$domain"
driver = smtp
hosts_require_auth =
${extract{1}{:}{${lookup{$sender_address}lsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
procmail_pipe:
debug_print = "T: procmail_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/procmail"
user = $local_part
return_path_add
delivery_date_add
envelope_to_add
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
client_send =
"^${extract{2}{::}{${lookup{$sender_address}lsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}\
^${extract{3}{::}{${lookup{$sender_address}lsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}"
server_condition = \
${if eq {${readsocket{/var/run/courier/authdaemon/socket}\
{AUTH
${strlen:exim\nlogin\n$2\n$3\n}\nexim\nlogin\n$2\n$3\n}}}{FAIL\n}{no}{yes}}
server_set_id = $2
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
login:
driver = plaintext
public_name = LOGIN
client_send = ":
${extract{2}{::}{${lookup{$sender_address}lsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}
\
:
${extract{3}{::}{${lookup{$sender_address}lsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}"
server_prompts = Username:: : Password::
server_condition = ${if eq
{${readsocket{/var/run/courier/authdaemon/socket} \
{AUTH
${strlen:exim\nlogin\n$1\n$2\n}\nexim\nlogin\n$1\n$2\n}}}{FAIL\n}{no}{yes}}
server_set_id = $1
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
cram_md5:
driver = cram_md5
public_name = CRAM-MD5
client_name =
${extract{2}{:}{${lookup{$sender_address}lsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}
client_secret =
${extract{3}{:}{${lookup{$sender_address}lsearch{CONFDIR/sender.smarthost.passwd}{$value}fail}}}
Tom
--
Read Mail Real Fast:
# rm -rf /
Reply to: