exim Versand nur an bestimmte Domains

Question

exim Versand nur an bestimmte Domains

712

Garcia 2017-12-21 в 08:34

Es gibt Centos 7, es kostet Vestacp-Standardeinstellungen für exim. Ich muss meine Mail nur von meinem Server an die Domains test.com und site.com senden. Der Rest der Mail von meinem Server sollte blockiert sein

exim config:

SPAMASSASSIN = yes SPAM_SCORE = 50 CLAMD = yes add_environment = <; PATH=/bin:/usr/bin keep_environment = disable_ipv6=true domainlist local_domains = dsearch;/etc/exim/domains/ domainlist relay_to_domains = dsearch;/etc/exim/domains/ hostlist relay_from_hosts = 127.0.0.1 hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf no_local_from_check  untrusted_set_sender = * acl_smtp_connect = acl_check_spammers acl_smtp_mail = acl_check_mail acl_smtp_rcpt = acl_check_rcpt acl_smtp_data = acl_check_data acl_smtp_mime = acl_check_mime .ifdef SPAMASSASSIN  spamd_address = 127.0.0.1 783 .endif .ifdef CLAMD av_scanner = clamd: /var/run/clamav/clamd.sock .endif tls_advertise_hosts = * tls_certificate = /usr/local/vesta/ssl/certificate.crt tls_privatekey = /usr/local/vesta/ssl/certificate.key daemon_smtp_ports = 25 : 465 : 587 : 2525 tls_on_connect_ports = 465 never_users = root host_lookup = * rfc1413_hosts = * rfc1413_query_timeout = 5s ignore_bounce_errors_after = 2d timeout_frozen_after = 7d DKIM_DOMAIN = $} DKIM_FILE = /etc/exim/domains/$}/dkim.pem DKIM_PRIVATE_KEY = $} begin acl acl_check_spammers:  accept hosts = +whitelist drop message = Your host in blacklist on this server. log_message = Host in blacklist hosts = +spammers accept acl_check_mail: deny condition = ${}} message = HELO required before MAIL drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid condition = ${\N((\d[.-]\d[.-]\d[.-]\d)|([0-9a-f])|([0-9A-F]))\N}} condition = $}\}{$sender_helo_name}} delay = 45s drop condition = $} message = Access denied - Invalid HELO name (See RFC2821 4.1.3) drop condition = ${$sender_helo_name}} message = $interface_address is _my_ address accept acl_check_rcpt: accept hosts = : deny message = Restricted characters in address domains = +local_domains local_parts = ^[.] : ^.*[@%!/|] deny message = Restricted characters in address domains = !+local_domains local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ require verify = sender accept hosts = +relay_from_hosts control = submission accept authenticated = * control = submission/domain= deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text hosts = !+whitelist dnslists = ${:}} require message = relay not permitted domains = +local_domains : +relay_to_domains deny message = smtp auth requried sender_domains = +local_domains !authenticated = * require verify = recipient .ifdef CLAMD warn set acl_m0 = no warn condition = $} set acl_m0 = yes .endif .ifdef SPAMASSASSIN  warn set acl_m1 = no warn condition = $} set acl_m1 = yes .endif accept acl_check_data: .ifdef CLAMD deny message = Message contains a virus ($malware_name) and has been rejected malware = * condition = $} .endif .ifdef SPAMASSASSIN  warn !authenticated = * hosts = !+relay_from_hosts condition = $} condition = $} spam = spamd:true/defer_ok add_header = X-Spam-Score: $spam_score_int add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Report: $spam_report set acl_m2 = $spam_score_int warn condition = ${} } condition = $ } add_header = X-Spam-Status: Yes message = SpamAssassin detected spam (from $sender_address to $recipients). .endif accept acl_check_mime: deny message = Blacklisted file extension detected condition = $}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}} accept begin authenticators  dovecot_plain: driver = dovecot public_name = PLAIN  server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 dovecot_login: driver = dovecot public_name = LOGIN  server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 begin routers dnslookup: driver = dnslookup  domains = * transport = remote_smtp no_more userforward: driver = redirect  check_local_user file = $home/.forward allow_filter no_verify no_expn check_ancestor file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply procmail: driver = accept check_local_user require_files = $:+$/.procmailrc:/usr/bin/procmail transport = procmail no_verify autoreplay: driver = accept require_files = /etc/exim/domains/$domain/autoreply.$.msg condition = $.msg}} retry_use_local_part transport = userautoreply unseen aliases: driver = redirect  headers_add = X-redirected: yes data = ${:}{$lsearch{/etc/exim/domains/$domain/aliases}}}} require_files = /etc/exim/domains/$domain/aliases redirect_router = dnslookup pipe_transport = address_pipe unseen localuser_fwd_only:  driver = accept transport = devnull  condition = ${$lsearch{/etc/exim/domains/$domain/fwd_only}}}} localuser_spam: driver = accept transport = local_spam_delivery condition = ${\N^Yes\N}}} {$lsearch{/etc/exim/domains/$domain/passwd}}}} localuser: driver = accept transport = local_delivery condition = $lsearch{/etc/exim/domains/$domain/passwd}} catchall: driver = redirect  headers_add = X-redirected: yes require_files = /etc/exim/domains/$domain/aliases data = ${:}{$lsearch{/etc/exim/domains/$domain/aliases}}}} file_transport = local_delivery redirect_router = dnslookup terminate_alias: driver = accept transport = devnull  condition = $lsearch{/etc/exim/domains/$domain/aliases}} begin transports remote_smtp: driver = smtp #helo_data = $sender_address_domain dkim_domain = DKIM_DOMAIN dkim_selector = mail dkim_private_key = DKIM_PRIVATE_KEY dkim_canon = relaxed dkim_strict = 0 procmail: driver = pipe command = "/usr/bin/procmail -d $local_part" return_path_add delivery_date_add  envelope_to_add user = $local_part  initgroups return_output local_delivery: driver = appendfile  maildir_format maildir_use_size_file user = ${:}{$lsearch{/etc/exim/domains/$domain/passwd}}}} group = mail create_directory directory_mode = 770 mode = 660 use_lockfile = no  delivery_date_add  envelope_to_add return_path_add directory = "${:}{$lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" quota = ${:}{$lsearch{/etc/exim/domains/$domain/passwd}}}}M quota_warn_threshold = 75% local_spam_delivery:  driver = appendfile  maildir_format maildir_use_size_file user = ${:}{$lsearch{/etc/exim/domains/$domain/passwd}}}} group = mail create_directory directory_mode = 770 mode = 660 use_lockfile = no  delivery_date_add  envelope_to_add return_path_add directory = "${:}{$lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" quota = ${:}{$lsearch{/etc/exim/domains/$domain/passwd}}}}M quota_directory = "${:}{$lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" quota_warn_threshold = 75% address_pipe: driver = pipe return_output address_file: driver = appendfile  delivery_date_add  envelope_to_add return_path_add address_reply: driver = autoreply  userautoreply: driver = autoreply  file = /etc/exim/domains/$domain/autoreply.$.msg from = "$@$" headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit subject = "$\"} }" to = "$" devnull: driver = appendfile  file = /dev/null begin retry * * F,2h,15m; G,16h,1h,1.5; F,4d,6h begin rewrite

Die Hauptkonfiguration /etc/exim/exim.conf wurde unmittelbar nach dem Start der Zeilenrouter hinzugefügt, dh ich habe es so gemacht

begin routers  check_outgoing_from_header: driver = redirect domains = ! +local_domains condition = ${$sender_address}} allow_fail data = :fail: You can not send mail from here with From: $header_from as sender: $sender_address  check_outgoing: driver = redirect domains = ! +local_domains senders = ! : ! *@lsearch;/etc/exim/allowed_domains : ! lsearch;/etc/exim/allowed_mails allow_fail data = :fail: You can not send mail from this mailbox from this server.

Nun, in den Dateien allow_domains und allow_mails hinzugefügte Domains, an die Sie E-Mails senden können, ist in der Datei allow_domain, auf der test.com registriert ist, die Datei allow_miles leer

überprüft durch exim -d + all -bt test@test.com

exim -d+all -bt test@test.com 11:58:30 30782 Exim version 4.89 uid=0 gid=0 pid=30782 D=fffdffff Berkeley DB: Berkeley DB 5.3.21: (May 11, 2012) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc TCPwrappers OpenSSL Content_Scanning DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm nis nis0 nisplus passwd sq lite Authenticators: cram_md5 cyrus_sasl dovecot gsasl plaintext spa tls Routers: accept dnslookup ipliteral manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0  Configure owner: 0:0  Size of off_t: 8 Compiler: GCC [4.8.5 20150623 (Red Hat 4.8.5-16)] Library version: Glibc: Compile: 2.17 Runtime: 2.17 Library version: OpenSSL: Compile: OpenSSL 1.0.2k-fips 26 Jan 2017 Runtime: OpenSSL 1.0.2k-fips 26 Jan 2017 : built on: reproducible build, date unspecified Library version: Cyrus SASL: Compile: 2.1.26 Runtime: 2.1.26 [Cyrus SASL] Library version: GNU SASL: Compile: 1.8.0 Runtime: 1.8.0 Library version: PCRE: Compile: 8.32 Runtime: 8.32 2012-11-30 11:58:30 30782 Loading lookup modules from /usr/lib64/exim/4.89-2.el7/lookups 11:58:30 30782 Loaded 0 lookup modules 11:58:30 30782 Total 18 lookups Library version: SQLite: Compile: 3.7.17 Runtime: 3.7.17 WHITELIST_D_MACROS unset TRUSTED_CONFIG_LIST: "/etc/exim/trusted-configs" 11:58:30 30782 changed uid/gid: forcing real = effective 11:58:30 30782 uid=0 gid=0 pid=30782 11:58:30 30782 auxiliary group list: <none> 11:58:30 30782 seeking password data for user "root": cache not available 11:58:30 30782 getpwnam() succeeded uid=0 gid=0 11:58:30 30783 changed uid/gid: calling tls_validate_require_cipher 11:58:30 30783 uid=93 gid=93 pid=30783 11:58:30 30783 auxiliary group list: <none> 11:58:30 30782 tls_validate_require_cipher child 30783 ended: status=0x0 11:58:30 30782 configuration file is /etc/exim/exim.conf 11:58:30 30782 log selectors = 00000ffc 06320202 11:58:30 30782 trusted user 11:58:30 30782 admin user 11:58:30 30782 DSN: check_outgoing_from_header propagating DSN 11:58:30 30782 DSN: check_outgoing propagating DSN 11:58:30 30782 DSN: dnslookup propagating DSN 11:58:30 30782 DSN: userforward propagating DSN 11:58:30 30782 DSN: procmail propagating DSN 11:58:30 30782 DSN: autoreplay propagating DSN 11:58:30 30782 DSN: aliases propagating DSN 11:58:30 30782 DSN: localuser_fwd_only propagating DSN 11:58:30 30782 DSN: localuser_spam propagating DSN 11:58:30 30782 DSN: localuser propagating DSN 11:58:30 30782 DSN: catchall propagating DSN 11:58:30 30782 DSN: terminate_alias propagating DSN 11:58:30 30782 originator: uid=0 gid=0 login=root name=root 11:58:30 30782 sender address = root@dev.test.com 11:58:30 30782 Address testing: uid=0 gid=93 euid=0 egid=93 11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 11:58:30 30782 Testing test@test.com 11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 11:58:30 30782 Considering test@test.com 11:58:30 30782 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 11:58:30 30782 routing test@test.com 11:58:30 30782 --------> check_outgoing_from_header router <-------- 11:58:30 30782 local_part=dg domain=test.com 11:58:30 30782 checking domains 11:58:30 30782 search_open: dsearch "/etc/exim/domains/" 11:58:30 30782 search_find: file="/etc/exim/domains/" 11:58:30 30782 key="test.com" partial=-1 affix=NULL starflags=0 11:58:30 30782 LRU list: 11:58:30 30782 5/etc/exim/domains/ 11:58:30 30782 End  11:58:30 30782 internal_search_find: file="/etc/exim/domains/" 11:58:30 30782 type=dsearch key="test.com" 11:58:30 30782 file lookup required for test.com 11:58:30 30782 in /etc/exim/domains/ 11:58:30 30782 lookup failed 11:58:30 30782 test.com in "dsearch;/etc/exim/domains/"? no (end of list) 11:58:30 30782 test.com in "! +local_domains"? yes (end of list) 11:58:30 30782 checking "condition" "${$sender_address}}"... 11:58:30 30782 /considering: ${$sender_address}} 11:58:30 30782 /considering: $header_from:}{$sender_address}} 11:58:30 30782 |__expanding: $header_from: 11:58:30 30782 \_____result: 11:58:30 30782 /considering: $sender_address}} 11:58:30 30782 |__expanding: $sender_address 11:58:30 30782 \_____result: root@dev.test.com 11:58:30 30782 |__condition: !match {$header_from:}{$sender_address} 11:58:30 30782 |_____result: true 11:58:30 30782 |__expanding: ${$sender_address}} 11:58:30 30782 \_____result: true 11:58:30 30782 calling check_outgoing_from_header router 11:58:30 30782 rda_interpret (string): :fail: You can not send mail from here with From: $header_from as sender: $sender_address 11:58:30 30782 /considering: :fail: You can not send mail from here with From: $header_from as sender: $sender_address 11:58:30 30782 |__expanding: :fail: You can not send mail from here with From: $header_from as sender: $sender_address 11:58:30 30782 \_____result: :fail: You can not send mail from here with From: as sender: root@dev.test.com 11:58:30 30782 expanded: :fail: You can not send mail from here with From: as sender: root@dev.test.com 11:58:30 30782 file is not a filter file 11:58:30 30782 parse_forward_list: :fail: You can not send mail from here with From: as sender: root@dev.test.com 11:58:30 30782 extract item: :fail: You can not send mail from here with From: as sender: root@dev.test.com 11:58:30 30782 check_outgoing_from_header router forced address failure test@test.com is undeliverable: You can not send mail from here with From: as sender: root@dev.test.com 11:58:30 30782 search_tidyup called 11:58:30 30782 >>>>>>>>>>>>>>>> Exim pid=30782 terminating with rc=2 >>>>>>>>>>>>>>>>

wie kann ich die regeln anfangen, die routen beginnen, oder sollte ich andere regeln schreiben, vielleicht acl?

1

worin besteht das Problem ? Ihr Absenderheader ist leer und als solcher beim Senden gesperrt, wie von Ihrer ersten Prüfung erwartet ... Tensibai vor 6 Jahren 0

Ich muss die E-Mail an die Domäne test.com senden. Andere Domains sollten gesperrt sein. Können Sie mir sagen, was ich in meiner Konfiguration reparieren muss? Garcia vor 6 Jahren 0

Nichts in Ihrer Konfig. Was Sie in diesem Fall blockiert, ist das leere 'From Field'. Dies ist die Seite des Absenders, die Sie zum Ausfüllen der Felder benötigen. Bitte [bearbeiten] Sie Ihre Frage, um klar zu sagen, worauf Sie abzielen und was fehlgeschlagen ist. Selbst mit dem Kommentar ist nicht wirklich klar, was Sie tun möchten und wie Ihre Konfiguration durchgeführt wird (wir haben keine Ahnung, was sich in Ihren erlaubt_domains-Dateien befindet zum Beispiel) von dem, was ich aus den Konfigurationsblöcken analysieren kann, ohne ein Wort zu beschreiben, was mit ihnen versucht wird. Tensibai vor 6 Jahren 0

Ich muss meine E-Mails nur von meinem Server an die Domains test.com und site.com senden. Der Rest der E-Mails von meinem Server sollte blockiert werden. Ich habe meinen Beitrag mit einer Frage behoben. Jetzt ist klar, was ich tun möchte. Garcia vor 6 Jahren 0

exim Versand nur an bestimmte Domains

0 Antworten auf die Frage

Verwandte Probleme