Страница 1 из 2 12 ПоследняяПоследняя
Показано с 1 по 10 из 12

Тема: Война со Спамом, Thunderbird не отправляет письма

  1. #1
    Junior Member
    Регистрация
    12.12.2017
    Сообщений
    7

    Angry Война со Спамом, Thunderbird не отправляет письма

    Добрый день!
    Есть несколько проблем, очень долго бродил по сетям интернета, но так и не разобрался, очень рассчитываю на вашу помощь.

    Проблема №1. Спам: задолбался вытаскивать ип сервера и спам баз, постоянно растут логи, отправляется почта от несуществующих пользователей, переделывал уже конфиг 1000 раз но ничего не помогает

    Exim + Dovecot + Centos7

    Конфигом и логами могу поделиться

    На сервере около 15 доменов, в каждом примерно 10+ почтовых доменов

    Как закрыть данное г... ибо это просто ужас???


    Проблема №2. По советам хостера, взял дополнительный ип адрес для почтовых доменов, перевел несколько почтовых доменов на новый ип.
    Добавляю почту в Thunderbird, с сервера подтягивает всю инфо, папки, письма и получает почту отлично, а вот отправить я ничего не могу, постоянно просит пароль, пароль верный, я его обновлял в панеле, я его менял в панеле просто не принимает пароль, а вот когда нажимаю отмена, вот что выдает

    Ошибка отправления сообщения.
    Отправка сообщения с использованием Сервера исходящей почты (SMTP) «smtp.site.com» не удалась по неизвестной причине. Убедитесь, что указали корректные параметры Сервера исходящей почты (SMTP) и попробуйте снова.
    самое интересное, что через roundcube работает все прекрасно и на старом ип Thunderbird тоже работает, почему так с новым ип, непонятно..

    Заранее спасибо за помощь...


    PS. Я не сильно в этом силен, так сказать начинающий, подскажите куда рыть, может кто сталкивался с таким....
    Последний раз редактировалось ntym; 12.12.2017 в 20:13.

  2. #2
    Senior Member
    Регистрация
    09.04.2013
    Адрес
    Москва
    Сообщений
    2,049

    По умолчанию

    Так может просто ящик какой-то взломали?
    Что в логах то

  3. #3
    Junior Member
    Регистрация
    12.12.2017
    Сообщений
    7

    По умолчанию Логи

    Вот кусок лога свежий, куча ящиков даже не существует, но с них или пытаются отправить или отправили письма
    Код:
    2017-12-13 18:11:59 no host name found for IP address 114.67.64.90
    2017-12-13 18:12:03 1eP1Cy-0005QN-SQ H=(panda-gift.site) [114.67.64.90] F=<bounce-452-131299340-248-248@panda-gift.site> rejected after DATA: Content analisis tool detect spam (from bounce-452-131299340-248-248@panda-gift.site to vinita.
    2017-12-13 18:14:46 1eP1Fe-0005RI-AN DKIM: d=twitter.com s=dkim-201406 c=relaxed/relaxed a=rsa-sha256 t=1513149284 [verification succeeded]
    2017-12-13 18:14:47 1eP1Fe-0005RI-AN From n05134c089e-83729c8491ad49f98f3cad3cccb85481-info===googlemee.com.au@bounce.twitter.com to info@googlemee.com.au X-Spam_score: -23.
    2017-12-13 18:14:47 1eP1Fe-0005RI-AN <= n05134c089e-83729c8491ad49f98f3cad3cccb85481-info===googlemee.com.au@bounce.twitter.com H=spring-chicken-bj.twitter.com [199.16.156.175] P=esmtps X=TLSv1.2:AES128-GCM-SHA256:128 S=42130 id=CE.26.22
    2017-12-13 18:14:47 1eP1Fe-0005RI-AN => info <info@googlemee.com.au> R=procmail T=dovecot_deliver_pipe
    2017-12-13 18:14:47 1eP1Fe-0005RI-AN Completed
    2017-12-13 18:15:07 no host name found for IP address 202.29.178.159
    2017-12-13 18:15:12 1eP1Fz-0005Rv-VL H=(node-rmq.pool-101-108.dynamic.totbb.net) [202.29.178.159] F=<Katie.Hallylay@universalgroups.com> rejected after DATA: Content analisis tool detect spam (from Katie.Hallylay@universalgroups.com to r
    2017-12-13 18:17:05 no host name found for IP address 223.68.192.243
    2017-12-13 18:17:08 auth_login authenticator failed for (USER) [223.68.192.243]: 535 Incorrect authentication data (set_id=shop@myspiros.net)
    2017-12-13 18:19:05 no host name found for IP address 185.134.28.29
    2017-12-13 18:19:06 no host name found for IP address 185.134.28.29
    2017-12-13 18:19:07 auth_login authenticator failed for (USER) [185.134.28.29]: 535 Incorrect authentication data (set_id=abuse@universalgroups.com)
    2017-12-13 18:19:12 auth_login authenticator failed for (USER) [185.134.28.29]: 535 Incorrect authentication data (set_id=abuse@universaluni.com)
    2017-12-13 18:20:07 Start queue run: pid=21048
    2017-12-13 18:20:07 1eOzev-0004mA-Hq mx1.netsolmail.net [209.17.115.10] Cannot assign requested address
    2017-12-13 18:20:07 1eOzev-0004mA-Hq == hfdgwffhe@rhl.com R=dnslookup T=remote_smtp defer (99): Cannot assign requested address
    2017-12-13 18:20:07 1eOv0V-0002jW-BB Message is frozen
    2017-12-13 18:20:07 1eOihy-0005kt-95 == markecting1@universalgroup.biz routing defer (-51): retry time not reached
    2017-12-13 18:20:15 1eOkKP-0006fK-4U mx027.blackyun.net [180.76.134.66] Cannot assign requested address
    2017-12-13 18:20:15 1eOkKP-0006fK-4U mx028.blackyun.net [180.76.156.30] Cannot assign requested address
    2017-12-13 18:20:15 1eOkKP-0006fK-4U mx026.blackyun.net [59.110.20.214] Cannot assign requested address
    2017-12-13 18:20:15 1eOkKP-0006fK-4U mx029.blackyun.net [180.76.167.210] Cannot assign requested address
    2017-12-13 18:20:15 1eOkKP-0006fK-4U == barry@blackyun.net R=dnslookup T=remote_smtp defer (99): Cannot assign requested address
    2017-12-13 18:20:16 1eOwTP-0003Jh-2I etb-3.mail.tiscali.it [213.205.33.61] Cannot assign requested address
    2017-12-13 18:20:16 1eOwTP-0003Jh-2I etb-3.mail.tiscali.it [213.205.33.64] Cannot assign requested address
    2017-12-13 18:20:16 1eOwTP-0003Jh-2I etb-3.mail.tiscali.it [213.205.33.63] Cannot assign requested address
    2017-12-13 18:20:16 1eOwTP-0003Jh-2I etb-3.mail.tiscali.it [213.205.33.62] Cannot assign requested address
    2017-12-13 18:20:16 1eOwTP-0003Jh-2I imp-5.mail.tiscali.it [213.205.33.244] Cannot assign requested address
    2017-12-13 18:20:16 1eOwTP-0003Jh-2I == spameri@tiscali.it R=dnslookup T=remote_smtp defer (99): Cannot assign requested address
    2017-12-13 18:20:16 1eOzgv-0004oH-GU etb-2.mail.tiscali.it [213.205.33.63] Cannot assign requested address
    2017-12-13 18:20:16 1eOzgv-0004oH-GU etb-2.mail.tiscali.it [213.205.33.61] Cannot assign requested address
    2017-12-13 18:20:16 1eOzgv-0004oH-GU etb-2.mail.tiscali.it [213.205.33.64] Cannot assign requested address
    2017-12-13 18:20:16 1eOzgv-0004oH-GU etb-2.mail.tiscali.it [213.205.33.62] Cannot assign requested address
    2017-12-13 18:20:16 1eOzgv-0004oH-GU == spameri@tiscali.it R=dnslookup T=remote_smtp defer (99): Cannot assign requested address
    2017-12-13 18:20:16 1eOzlp-0004sH-NP luy.com [184.168.221.104] Cannot assign requested address
    2017-12-13 18:20:16 1eOzlp-0004sH-NP == kdhge42q4ergreh@luy.com R=dnslookup T=remote_smtp defer (99): Cannot assign requested address
    2017-12-13 18:20:16 1eOieW-0005j5-9h == marketing1@universalgroup.biz routing defer (-51): retry time not reached
    2017-12-13 18:20:16 1eOl35-0006x2-6I retail-smtp-in.amazon.com [72.21.215.74] Cannot assign requested address
    2017-12-13 18:20:16 1eOl35-0006x2-6I == bkthhahayqqu@marketplace.amazon.com <bKthhaHaYqQU@marketplace.amazon.com> R=dnslookup T=remote_smtp defer (99): Cannot assign requested address
    2017-12-13 18:20:17 1eOpAl-0000Ql-00 imf.usa.com [69.10.42.209] Cannot assign requested address
    2017-12-13 18:20:17 1eOpAl-0000Ql-00 == info@imf.usa.com R=dnslookup T=remote_smtp defer (99): Cannot assign requested address
    2017-12-13 18:20:17 End queue run: pid=21048
    2017-12-13 18:21:43 no IP address found for host 186.193.18-010.acessecomunicacao.com.br (during SMTP connection from [186.193.18.10])
    2017-12-13 18:21:48 1eP1MP-0005V3-N2 H=(advantageboats.com) [186.193.18.10] F=<odjvobvfu@advantageboats.com> rejected after DATA: Content analisis tool detect spam (from odjvobvfu@advantageboats.com to info@googlemee.com.au). Contact The

    а вот что происходит, когда я пытаюсь подключиться к серверу с помощью Thunderbird

    Код:
    2017-12-13 18:22:02 SSL_write: (from [xxx.xxx.xxx.xxx]) syscall: Broken pipe
    2017-12-13 18:22:02 SSL_write error 5
    2017-12-13 18:22:02 SSL_write: (from [xxx.xxx.xxx.xxx]) syscall: Broken pipe
    2017-12-13 18:22:02 SSL_write error 5
    2017-12-13 18:22:02 TLS error on connection from [xxx.xxx.xxx.xxx] (SSL_accept): error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number
    2017-12-13 18:22:02 TLS client disconnected cleanly (rejected our certificate?)
    2017-12-13 18:22:02 TLS error on connection from [xxx.xxx.xxx.xxx] (SSL_accept): error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number
    2017-12-13 18:22:02 TLS client disconnected cleanly (rejected our certificate?)

  4. #4
    Junior Member
    Регистрация
    12.12.2017
    Сообщений
    7

    По умолчанию Очередь Exim

    Вот такие письма в очереди
    Код:
    18h  3.9K 1eOkKP-0006fK-4U <>
              barry@blackyun.net
    
    18h  106K 1eOl35-0006x2-6I <>
              bKthhaHaYqQU@marketplace.amazon.com
    
    13h  6.2K 1eOpAl-0000Ql-00 <>
              info@imf.usa.com
    
     7h  8.1K 1eOv0V-0002jW-BB <> *** frozen ***
              hqv@gbmiz.com
    
     6h  1.8K 1eOwTP-0003Jh-2I <spameri@tiscali.it>
              spameri@tiscali.it
    
     2h  2.7K 1eOzev-0004mA-Hq <>
              hfdgwffhe@rhl.com
    
     2h  1.8K 1eOzgv-0004oH-GU <spameri@tiscali.it>
              spameri@tiscali.it
    
     2h  2.9K 1eOzlp-0004sH-NP <>
              kdhge42q4ergreh@luy.com

    открыл письмо по заголовку командой exim -Mvh
    Код:
    [root@myhost exim]# exim -Mvh 1eOzlp-0004sH-NP
    1eOzlp-0004sH-NP-H
    exim 93 93
    <>
    1513143593 0
    -ident exim
    -received_protocol local
    -body_linecount 58
    -max_received_linelength 81
    -allow_unqualified_recipient
    -allow_unqualified_sender
    -localerror
    XX
    1
    kdhge42q4ergreh@luy.com
    
    144P Received: from exim by myhost.net with local (Exim 4.84_2)
            id 1eOzlp-0004sH-NP
            for kdhge42q4ergreh@luy.com; Wed, 13 Dec 2017 16:39:53 +1100
    050  X-Failed-Recipients: visnovec@myhost2.com
    029  Auto-Submitted: auto-replied
    056F From: Mail Delivery System <Mailer-Daemon@myhost.net>
    028T To: kdhge42q4ergreh@luy.com
    059  Subject: Mail delivery failed: returning message to sender
    045I Message-Id: <E1eOzlp-0004sH-NP@myhost.net>
    038  Date: Wed, 13 Dec 2017 16:39:53 +1100
    myhost.net - домен моего сервера
    myhost2.com - домен есть на сервере. а вот почтового ящика нет

  5. #5
    Senior Member
    Регистрация
    09.04.2013
    Адрес
    Москва
    Сообщений
    2,049

    По умолчанию

    Сделайте выборку с лога, по конкретному ID сообщения
    в очереди скорей всего уже "отлупы" обратно о том, что письма не доставлены
    Отправленные письма удаляются с очереди

  6. #6

    По умолчанию

    У вас пересылка, случайно, на другой сервер не стоит?

  7. #7
    Junior Member
    Регистрация
    12.12.2017
    Сообщений
    7

    По умолчанию exim.comf

    Добрый день!
    Половина вопросов уже отпала.

    Осталась одна проблема, не подключается Thunderbird к серверу, буду точнее
    почту с сервера я получаю, а вот отправить почту не могу, отказывается принимать пароль, пароль 100% верный, так как через roundcube заходит, прием передача работает хорошо. Тестировал так же на Outlook, тоже без проблем.

    Пересылок на другой сервер нет.

    я не сильно силен в этом, но почта работает exim+dovecot, выборка аккаунтов я так понял идет не из базы.

    Вот конфиг, не пугайтесь ибо до меня его ктото ковырял и я пробовал много вариантов, буду очень благодарен, если поможете подкорректировать

    Код:
    SA_ENABLE = yes
    VIRUS_SCAN = yes
    SA_SPAMD_USER = root
    SA_SCORE_REJECT = 50
    USE_GNUTLS=yes
    SUPPORT_TLS=yes
    SA_ABUSE_ADDR = The System Administrator
    #log_selector =  \
    #        +all_parents \
    #        +lost_incoming_connection \
    #        +received_sender \
    #        +received_recipients \
    #        +tls_cipher +tls_peerdn \
    #        +smtp_confirmation \
    #        +smtp_syntax_error \
    #        +smtp_protocol_error
    
    
    log_selector = \ 
        +address_rewrite \ 
        +all_parents \ 
            +arguments \ 
                +connection_reject \ 
                    +delay_delivery \ 
                        +delivery_size \ 
                            +dnslist_defer \ 
                                +incoming_interface \ 
                                    +incoming_port \ 
                                    +lost_incoming_connection \ 
                                        +queue_run \ 
                                            +received_sender \ 
                                            +received_recipients \ 
                                                +sender_on_delivery \ 
                                                    +size_reject \ 
                                                        +skip_delivery \ 
                                                        +smtp_confirmation \ 
                                                        +smtp_syntax_error \ 
                                                        +smtp_protocol_error \ 
                                                            +subject \ 
                                                                +tls_cipher \ 
                                                                    +tls_peerdn \ 
                                                                    -queue_run 
    
    
    
    qualify_domain = localhost: myip
    qualify_recipient = localhost:myip
    
    # TLS/SSL
    tls_advertise_hosts = *
    tls_certificate = /etc/exim/ssl/exim.crt
    tls_privatekey = /etc/exim/ssl/exim.key
    daemon_smtp_ports = 25 : 587 : 465
    tls_on_connect_ports = 465
    
    
    .ifdef SA_ENABLE
    spamd_address = 127.0.0.1 783
    .endif
    
    trusted_groups = exim
    trusted_users = exim
    #trusted_users = apache
    
    
    domainlist local_domains = lsearch;/etc/exim/domains
    domainlist dummy_domains = lsearch;/etc/exim/domains
    hostlist relay_from_hosts = 127.0.0.1
    #hostlist relay_from_hosts = 
    #auth_advertise_hosts = 127.0.0.1
    
    keep_environment = 
    
    #domainlist relay_to_domains = lsearch;/etc/exim/domains
    exim_user = exim
    exim_group = exim
    
    .ifdef VIRUS_SCAN
    av_scanner = clamd:/var/run/clamd.scan/clamd.sock
    .endif
    
    never_users = root
    host_lookup = *
    rfc1413_hosts = *
    rfc1413_query_timeout = 0s
    ignore_bounce_errors_after = 2d
    timeout_frozen_after = 7d
    acl_smtp_rcpt = accept
    acl_smtp_data = acl_check_data
    acl_not_smtp = acl_not_smtp
    #acl_smtp_connect = acl_check_connect
    smtp_enforce_sync = false
    
    .ifdef DKIM_ENABLE
    acl_smtp_dkim = acl_check_dkim
    .endif
    
    begin acl
    
            acl_not_smtp:
            deny message = Sender rate overlimit - $sender_rate / $sender_rate_period
            ratelimit = 50 / 1h / leaky
            accept
    
            acl_check_rcpt:
            deny message = Sender rate SMTP overlimit - $sender_rate / $sender_rate_period
            ratelimit = 100 / 1h / leaky
            
            accept  hosts = net-lsearch;/etc/exim/whitelist
    
    acl_check_auth:
    accept
        encrypted = *
        accept
            condition = ${if eq{${uc:$smtp_command_argument}}{CRAM-MD5}}
            deny
                message   = TLS encryption or CRAM-MD5 required
    
    
    	acl_check_not_smtp:
    		# check ratelimits by local user
    		warn	condition	= ${if match_local_part{$sender_ident}{lsearch;/etc/exim/ratelimits} {yes}{no}}
    				set	acl_c9	= $sender_ident
    		warn	condition	= ${if match_local_part{$sender_address}{lsearch;/etc/exim/ratelimits} {yes}{no}}
    				set acl_c9	= $sender_address
    		deny	condition	= ${if and{{!eq{$acl_c9}{}}{>{$acl_c8}{0}}}{yes}{no}}
    				set acl_c8	= ${lookup{$acl_c9}lsearch*{/etc/exim/ratelimits}}
    				ratelimit	= $acl_c8 / 1h / strict / $acl_c9
    				message		= Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c9
    .ifdef DEFAULT_RATELIMIT
    		# check ratelimits by default
    		warn    set acl_c7	= $sender_ident
    		warn    condition	= ${if eq{$acl_c7}{} {yes}{no}}
    				set acl_c7	= $sender_address
    		deny    condition	= ${if and{{!eq{$acl_c7}{}}{eq{$acl_c8}{}}}{yes}{no}}
    				ratelimit	= DEFAULT_RATELIMIT / 1h / strict / $acl_c7
    				message		= Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c7
    .endif
    
    		accept
    	
    	#acl_check_rcpt:
    
    .ifdef VIRUS_SCAN
    		warn
    		    set acl_m3 = no
    		warn
    		    condition = ${lookup{$domain}lsearch{/etc/clamav.whitelist} {yes}{no}}
    		    set acl_m3 = ok
    .endif
    
    		accept	hosts = +relay_from_hosts
    				!authenticated = *
                    set acl_m6 = whitelisted
    
    		accept	domains = +local_domains : +relay_to_domains
    				condition = ${lookup{$sender_address}wildlsearch{/etc/exim/whitelist}{yes}{no}}
    				set acl_m6 = whitelisted
    				logwrite = Accepted from $sender_address to $local_part@$domain by whitelist.
    
    		accept	domains = +local_domains : +relay_to_domains
    				hosts = net-lsearch;/etc/exim/whitelist
    				set acl_m6 = whitelisted
    				logwrite = Accepted from $sender_address to $local_part@$domain by whitelist.
    
    		deny	condition = ${lookup{$sender_address}wildlsearch{/etc/exim/blacklist}{yes}{no}}
    				set acl_m6 = blacklisted
    				logwrite = Rejected from $sender_address to $local_part@$domain by blacklist.
    
    		deny	hosts = net-lsearch;/etc/exim/blacklist
    				set acl_m6 = blacklisted
    				logwrite = Rejected from $sender_address to $local_part@$domain by blacklist.
    		
    		deny	message       = Restricted characters in address
    				domains       = +local_domains
    				local_parts   = ^[.] : ^.*[@%!/|]
    
    		deny    message       = Restricted characters in address
    				domains       = !+local_domains
    				local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
    
    		accept  local_parts   = postmaster
    				verify        = recipient
    				domains       = +local_domains
    
    		require verify        = sender
    
    		# check ratelimits by emails
    		warn	authenticated = *
    				set acl_c0	= group${extract{2}{:}{${lookup{$authenticated_id}lsearch{/etc/exim/passwd}}}}
    				set acl_c1	= ${lookup{$authenticated_id}lsearch*{/etc/exim/ratelimits}}
    				ratelimit	= ${lookup{$acl_c0}lsearch*{/etc/exim/ratelimits}} / 1h / strict / $acl_c0
    				ratelimit	= $acl_c1 / 1h / strict / $authenticated_id
    				log_message	= Sender rate overlimit - $sender_rate / $sender_rate_period / $authenticated_id
    				condition	= ${if match_local_part{$authenticated_id}{lsearch;/etc/exim/ratelimits} {yes}{no}}
    		deny	authenticated = *
    				set acl_c1	= ${lookup{$authenticated_id}lsearch*{/etc/exim/ratelimits}}
    				ratelimit	= $acl_c1 / 1h / leaky / $authenticated_id
    				message		= Sender rate overlimit - $sender_rate / $sender_rate_period / $authenticated_id
    				condition	= ${if match_local_part{$authenticated_id}{lsearch;/etc/exim/ratelimits} {yes}{no}}
    		# check ratelimits by group
    		warn	authenticated = *
    				set acl_c0	= group${extract{2}{:}{${lookup{$authenticated_id}lsearch{/etc/exim/passwd}}}}
    				ratelimit	= ${lookup{$acl_c0}lsearch*{/etc/exim/ratelimits}} / 1h / strict / $acl_c0
    				log_message	= Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c0
    				condition	= ${if match_local_part{$acl_c0}{lsearch;/etc/exim/ratelimits} {yes}{no}}
    		deny	authenticated = *
    				set acl_c0	= group${extract{2}{:}{${lookup{$authenticated_id}lsearch{/etc/exim/passwd}}}}
    				ratelimit	= ${lookup{$acl_c0}lsearch*{/etc/exim/ratelimits}} / 1h / leaky / $acl_c0
    				message		= Sender rate overlimit - $sender_rate / $sender_rate_period / $acl_c0
    				condition	= ${if match_local_part{$acl_c0}{lsearch;/etc/exim/ratelimits} {yes}{no}}
    .ifdef DEFAULT_RATELIMIT
    		# check ratelimits by default
    		deny	authenticated = *
    				ratelimit	= DEFAULT_RATELIMIT / 1h / strict / $authenticated_id
    				message		= Sender rate overlimit - $sender_rate / $sender_rate_period / $authenticated_id
    				condition	= ${if or{{eq{$acl_c1}{}}{eq{$acl_c0}{}}}{yes}{no}}
    .endif

  8. #8
    Junior Member
    Регистрация
    12.12.2017
    Сообщений
    7

    По умолчанию exim.conf_2

    Код:
    		accept  hosts         = +relay_from_hosts
    				!authenticated = *
    				control       = submission/sender_retain
    
    		accept  authenticated = *
    				condition     = ${if eq{${extract{5}{:}{${lookup{$authenticated_id}lsearch{/etc/exim/passwd}}}}}{no} {yes}{no}}
    				condition     = ${if eq{${extract{3}{:}{${lookup{${domain:$authenticated_id}}lsearch{/etc/exim/domains}}}}}{no} {yes}{no}}
    				control       = submission/sender_retain
    
    		deny    message       = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text
    				dnslists      = ${readfile {/etc/exim/dnsbllist}{:}}
    
    		require message       = relay not permitted
    				domains       = +local_domains : +relay_to_domains
    
    		require verify        = recipient
    
    .ifdef POSTGREY_SOCKET
    		defer log_message = greylisted host $sender_host_address
    			set acl_m0  = request=smtpd_access_policy\nprotocol_state=RCPT\nprotocol_name=${uc:$received_protocol}\nhelo_name=$sender_helo_name\nclient_address=$sender_host_address\nclient_name=$sender_host_name\nsender=$sender_address\nrecipient=$local_part@$domain\ninstance=$sender_host_address/$sender_address/$local_part@$domain\n\n
    			set acl_m0  = ${sg{${readsocket{POSTGREY_SOCKET}{$acl_m0}{5s}{}{action=DUNNO}}}{action=}{}}
    			message     = ${sg{$acl_m0}{^\\w+\\s*}{}}
    			condition   = ${if eq{${uc:${substr{0}{5}{$acl_m0}}}}{DEFER}{true}{false}}
    .endif
    
    		accept
    
            acl_check_data:
    
                accept
                    condition = ${if >{$load_average}{3000} {yes}{no}}
                    logwrite = Accept message without spamd and antivirus check because LA > 3.
    
    .ifdef VIRUS_SCAN
            accept
                condition = ${if >{$message_body_size}{2M} {yes}{no}}
                logwrite = Accept message without antivirus check because body size $message_body_size not critical
    
            warn
                condition = ${if eq{$acl_m3}{no} {yes}{no}}
                add_header = X-Scanned-By: ${extract{1}{/}{${readsocket{/var/run/clamd.scan/clamd.sock}{VERSION}{1s}{} {unscanned}}}}; $tod_full\n
    
            deny
                message = This message contains virus ($malware_name)
                hosts   = *
                malware = *
                log_message = Rejected: this message contains virus ($malware_name)
                condition = ${if eq{$acl_m3}{no}{yes}{no}}
    .endif
    .ifdef SA_ENABLE
            warn
                !authenticated = *
                hosts = !127.0.0.1/24
                condition = ${if < {$message_size}{1K}}
                spam       = SA_SPAMD_USER:true
                add_header = X-Spam_score: $spam_score\n\
                       X-Spam_score_int: $spam_score_int\n\
                       X-Spam_bar: $spam_bar\n\
                       X-Spam_report: $spam_report
    
            warn
                !authenticated = *
                hosts = !+relay_from_hosts
                spam       = SA_SPAMD_USER:true/defer_ok
                add_header = X-Spam_score: $spam_score\n\
                        X-Spam_score_int: $spam_score_int\n\
                        X-Spam_bar: $spam_bar\n\
                        X-Spam_report: $spam_report
                set acl_m4 = $spam_score_int
                condition = ${if and{{<{$message_size}{100K}}{<{$acl_m4}{SA_SCORE_REJECT}}} {yes}{no}}
                logwrite = From $sender_address to $recipients X-Spam_score: $acl_m4.
    
            deny
            	condition = ${if and{{>{$message_size}{10K}}{!eq{$acl_m4}{}}{>{$acl_m4}{SA_SCORE_REJECT}}} {yes}{no}}
                message = Content analisis tool detect spam (from $sender_address to $recipients). Contact SA_ABUSE_ADDR.
    .endif
    
    		accept
    
    .ifdef DKIM_ENABLE
    	acl_check_dkim:
    
            warn
                dkim_status = fail
                logwrite = DKIM test failed: $dkim_verify_reason
                add_header = X-DKIM-FAIL: DKIM test failed: (address=$sender_address domain=$dkim_cur_signer), signature is bad.
    
            warn
                dkim_status = invalid
                add_header = :at_start:Authentication-Results: $dkim_cur_signer ($dkim_verify_status); $dkim_verify_reason
                logwrite = DKIM test passed (address=$sender_address domain=$dkim_cur_signer), but signature is invalid.
    
            accept
                dkim_status = pass
                add_header = :at_start:Authentication-Results: dkim=$dkim_verify_status, header.i=@$dkim_cur_signer
                logwrite = DKIM test passed (address=$sender_address domain=$dkim_cur_signer), good signature.
    
    	accept
    .endif
    begin routers
    	dnslookup:
    		driver = dnslookup
    		domains = !+dummy_domains
    		transport = remote_smtp
    		ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
    		self = pass
    		no_more
    
    	disabled_domains:
    		driver = redirect
    		condition = ${extract{3}{:}{${lookup{$domain}lsearch{/etc/exim/domains}}}}
    		allow_fail = yes
    		data = :fail: Domain disabled
    		no_more
    
    	disabled_users:
    		driver = redirect
    		condition = ${extract{5}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}
    		allow_fail = yes
    		data = :fail: User disabled
    		no_more
    
    	local_domains:
    		driver = redirect
    		condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}{no}{yes}}
    		data = ${quote_local_part:$local_part}@${extract{1}{:}{${lookup{$domain}lsearch{/etc/exim/domains}}}}
    		cannot_route_message = Unknown user
    		redirect_router = dnslookup
    		no_more
    
    	aliases:
    		driver = redirect
    		data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/aliases}}}}
    		condition = ${if exists{/etc/exim/aliases} {yes} {no} }
    		redirect_router = dnslookup
    		pipe_transport = address_pipe
    
    	procmail:
    		no_verify
    		driver = accept
    		transport = dovecot_deliver_pipe
    		transport_home_directory = ${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}
    		condition = ${lookup {$local_part@$domain} lsearch {/etc/exim/passwd} {yes} {no} }
    
    	local_users:
    		driver = accept
    		transport = local_delivery
    		condition = ${lookup {$local_part@$domain} lsearch {/etc/exim/passwd} {yes} {no} }
    
    	catchall_for_domains:
    		driver = redirect
    		headers_add = X-redirected: yes
    		data = ${extract{2}{:}{${lookup{$domain}lsearch{/etc/exim/domains}}}}
    		file_transport = local_delivery
    		redirect_router = dnslookup
    
    	unknown_users:
    		driver = redirect
    		allow_fail = yes
    		data = :fail: Unknown user
    		no_more
    
    begin transports
    
    	remote_smtp:
    		driver = smtp
    		interface = ${lookup{$sender_address_domain}lsearch{/etc/exim/domainips}{$value}{myip}}
      
    	local_delivery:
    		driver = appendfile
    		maildir_format = true
    		maildir_use_size_file = true
    		create_directory = true
    		directory_mode = 700
    		directory = ${extract{4}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}/.maildir
    		delivery_date_add
    		envelope_to_add
    		return_path_add
    		mode = 0660
    		quota = ${extract{3}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}M
    		quota_warn_threshold = 75%
    		use_lockfile = no
    		no_mode_fail_narrower
    		user = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}
    		group = ${extract{2}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}
    						  
    	address_pipe:
    		driver = pipe
    		ignore_status
    		return_output
    		use_shell
    
    	dovecot_deliver_pipe:
    		driver = pipe
    		environment = "HOME=$home"
    		command = "/usr/libexec/dovecot/dovecot-lda -d $local_part@$domain  -f $sender_address"
    		return_path_add
    		delivery_date_add
    		envelope_to_add
    		check_string = "From "
    		escape_string = ">From "
    		user = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}
    		group = ${extract{2}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/passwd}}}}
    
    begin retry
    *		*		F,2h,15m; G,16h,1h,1.5; F,4d,6h
    
    begin rewrite
    
    begin authenticators
       	   auth_plain:
      	           driver = dovecot
       	           public_name = PLAIN
       	           server_socket = /var/run/dovecot/auth-client
       	           server_set_id = $auth1
    
       	   auth_login:
       	           driver = dovecot
       	           public_name = LOGIN
       	           server_socket = /var/run/dovecot/auth-client
       	           server_set_id = $auth1
    
    
       	   auth_cram_md5:
       	           driver = dovecot
       	           public_name = CRAM-MD5
       	           server_socket = /var/run/dovecot/auth-client
       	           server_set_id = $ath1

    Заранее спасибо

  9. #9
    Junior Member
    Регистрация
    12.12.2017
    Сообщений
    7

    По умолчанию

    Цитата Сообщение от tuupic Посмотреть сообщение
    У вас пересылка, случайно, на другой сервер не стоит?
    нет, исключительно отправка писем с сервера и подключение к нему почтовыми клиентами, а конкретно Thunderbird

  10. #10

    По умолчанию

    Ошибка при подключении thunderbird та, что в первом сообщении?
    routines:SSL3_GET_CLIENT_HELLO:wrong version number

Метки этой темы

Ваши права

  • Вы не можете создавать новые темы
  • Вы не можете отвечать в темах
  • Вы не можете прикреплять вложения
  • Вы не можете редактировать свои сообщения
  •