github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-19 21:04:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Upadted formating

Browse source
This commit is contained in:
Serghey Rodin 2014-07-29 20:46:00 +03:00
commit 6cd65c593d
7 changed files with 324 additions and 194 deletions
Download patch file Download diff file Expand all files Collapse all files

107
install/debian/exim4.conf.template
View file

@ -1,8 +1,12 @@
########################################################################## ######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes #SPAMASSASSIN = yes
SPAM_SCORE = 50 #SPAM_SCORE = 50
CLAMD = yes #CLAMD = yes
##########################################################################
domainlist local_domains = dsearch;/etc/exim4/domains/ domainlist local_domains = dsearch;/etc/exim4/domains/
domainlist relay_to_domains = dsearch;/etc/exim4/domains/ domainlist relay_to_domains = dsearch;/etc/exim4/domains/
@ -43,41 +47,38 @@ DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
##########################################################################
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl begin acl
##########################################################################
acl_check_spammers: acl_check_spammers:
accept hosts = +whitelist accept hosts = +whitelist
drop message = Your host in blacklist on this server. drop message = Your host in blacklist on this server.
log_message = Host in blacklist log_message = Host in blacklist
hosts = +spammers hosts = +spammers
accept accept
acl_check_mail: acl_check_mail:
deny deny condition = ${if eq{$sender_helo_name}{}}
condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
# drop
# condition = ${if isip{$sender_helo_name}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
# drop
# condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} drop condition = ${if isip{$sender_helo_name}}
# condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
drop
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
# drop
# condition = ${if match{$sender_helo_name}{\N\.$\N}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
# drop message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]"
# condition = ${if match{$sender_helo_name}{$primary_hostname}}
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept
@ -100,7 +101,7 @@ acl_check_rcpt:
accept authenticated = * accept authenticated = *
control = submission/domain= control = submission/domain=
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist hosts = !+whitelist
dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}}
@ -115,14 +116,18 @@ acl_check_rcpt:
.ifdef CLAMD .ifdef CLAMD
warn set acl_m0 = no warn set acl_m0 = no
warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes set acl_m0 = yes
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn set acl_m1 = no warn set acl_m1 = no
warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes set acl_m1 = yes
.endif .endif
accept accept
@ -134,8 +139,7 @@ acl_check_data:
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn warn !authenticated = *
!authenticated = *
hosts = !+relay_from_hosts hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}} condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}} condition = ${if eq{$acl_m1}{yes}{yes}{no}}
@ -144,23 +148,29 @@ acl_check_data:
add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int set acl_m2 = $spam_score_int
warn
condition = ${if !eq{$acl_m2}{} {yes}{no}} warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients). message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif .endif
accept accept
acl_check_mime: acl_check_mime:
deny message = Blacklisted file extension detected deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept accept
##########################################################################
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators begin authenticators
##########################################################################
dovecot_plain: dovecot_plain:
driver = dovecot driver = dovecot
public_name = PLAIN public_name = PLAIN
@ -173,9 +183,14 @@ dovecot_login:
server_socket = /var/run/dovecot/auth-client server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1 server_set_id = $auth1
##########################################################################
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers begin routers
##########################################################################
#smarthost: #smarthost:
# driver = manualroute # driver = manualroute
# domains = ! +local_domains # domains = ! +local_domains
@ -255,9 +270,12 @@ terminate_alias:
condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
##########################################################################
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports begin transports
##########################################################################
remote_smtp: remote_smtp:
driver = smtp driver = smtp
#helo_data = $sender_address_domain #helo_data = $sender_address_domain
@ -267,7 +285,6 @@ remote_smtp:
dkim_canon = relaxed dkim_canon = relaxed
dkim_strict = 0 dkim_strict = 0
procmail: procmail:
driver = pipe driver = pipe
command = "/usr/bin/procmail -d $local_part" command = "/usr/bin/procmail -d $local_part"
@ -308,7 +325,7 @@ local_spam_delivery:
delivery_date_add delivery_date_add
envelope_to_add envelope_to_add
return_path_add return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.spam" directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota_warn_threshold = 75% quota_warn_threshold = 75%
@ -337,8 +354,24 @@ devnull:
driver = appendfile driver = appendfile
file = /dev/null file = /dev/null
##########################################################################
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
##########################################################################
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite begin rewrite
######################################################################

102
install/rhel/exim-smarthost.conf
View file

@ -1,8 +1,12 @@
########################################################################## ######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes #SPAMASSASSIN = yes
SPAM_SCORE = 10 #SPAM_SCORE = 50
#CLAMD = yes #CLAMD = yes
##########################################################################
domainlist local_domains = dsearch;/etc/exim/domains/ domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/ domainlist relay_to_domains = dsearch;/etc/exim/domains/
@ -43,41 +47,37 @@ DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
########################################################################## ######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl begin acl
##########################################################################
acl_check_spammers: acl_check_spammers:
accept hosts = +whitelist accept hosts = +whitelist
drop message = Your host in blacklist on this server. drop message = Your host in blacklist on this server.
log_message = Host in blacklist log_message = Host in blacklist
hosts = +spammers hosts = +spammers
accept accept
acl_check_mail: acl_check_mail:
deny deny condition = ${if eq{$sender_helo_name}{}}
condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
# drop
# condition = ${if isip{$sender_helo_name}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
# drop
# condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} drop condition = ${if isip{$sender_helo_name}}
# condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
drop
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
# drop
# condition = ${if match{$sender_helo_name}{\N\.$\N}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
# drop message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]"
# condition = ${if match{$sender_helo_name}{$primary_hostname}}
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept
@ -100,7 +100,7 @@ acl_check_rcpt:
accept authenticated = * accept authenticated = *
control = submission/domain= control = submission/domain=
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist hosts = !+whitelist
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
@ -115,14 +115,18 @@ acl_check_rcpt:
.ifdef CLAMD .ifdef CLAMD
warn set acl_m0 = no warn set acl_m0 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes set acl_m0 = yes
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn set acl_m1 = no warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes set acl_m1 = yes
.endif .endif
accept accept
@ -134,8 +138,7 @@ acl_check_data:
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn warn !authenticated = *
!authenticated = *
hosts = !+relay_from_hosts hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}} condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}} condition = ${if eq{$acl_m1}{yes}{yes}{no}}
@ -144,23 +147,29 @@ acl_check_data:
add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int set acl_m2 = $spam_score_int
warn
condition = ${if !eq{$acl_m2}{} {yes}{no}} warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients). message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif .endif
accept accept
acl_check_mime: acl_check_mime:
deny message = Blacklisted file extension detected deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept accept
##########################################################################
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators begin authenticators
##########################################################################
login: login:
driver = plaintext driver = plaintext
public_name = LOGIN public_name = LOGIN
@ -180,9 +189,13 @@ dovecot_login:
server_set_id = $auth1 server_set_id = $auth1
##########################################################################
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers begin routers
##########################################################################
smarthost: smarthost:
driver = manualroute driver = manualroute
domains = ! +local_domains domains = ! +local_domains
@ -260,9 +273,12 @@ terminate_alias:
condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}}
##########################################################################
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports begin transports
##########################################################################
remote_smtp: remote_smtp:
driver = smtp driver = smtp
dkim_domain = DKIM_DOMAIN dkim_domain = DKIM_DOMAIN
@ -316,7 +332,7 @@ local_spam_delivery:
delivery_date_add delivery_date_add
envelope_to_add envelope_to_add
return_path_add return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.spam" directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota_warn_threshold = 75% quota_warn_threshold = 75%
@ -345,8 +361,24 @@ devnull:
driver = appendfile driver = appendfile
file = /dev/null file = /dev/null
##########################################################################
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
##########################################################################
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite begin rewrite
######################################################################

106
install/rhel/exim.conf
View file

@ -1,8 +1,12 @@
########################################################################## ######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes #SPAMASSASSIN = yes
SPAM_SCORE = 50 #SPAM_SCORE = 50
#CLAMD = yes #CLAMD = yes
##########################################################################
domainlist local_domains = dsearch;/etc/exim/domains/ domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/ domainlist relay_to_domains = dsearch;/etc/exim/domains/
@ -26,8 +30,8 @@ av_scanner = clamd: /var/run/clamav/clamd.sock
.endif .endif
tls_advertise_hosts = * tls_advertise_hosts = *
tls_certificate = /etc/pki/tls/certs/exim.pem tls_certificate = /usr/local/vesta/ssl/certificate.crt
tls_privatekey = /etc/pki/tls/private/exim.pem tls_privatekey = /usr/local/vesta/ssl/certificate.key
daemon_smtp_ports = 25 : 465 : 587 : 2525 daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465 tls_on_connect_ports = 465
@ -43,41 +47,38 @@ DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
##########################################################################
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl begin acl
##########################################################################
acl_check_spammers: acl_check_spammers:
accept hosts = +whitelist accept hosts = +whitelist
drop message = Your host in blacklist on this server. drop message = Your host in blacklist on this server.
log_message = Host in blacklist log_message = Host in blacklist
hosts = +spammers hosts = +spammers
accept accept
acl_check_mail: acl_check_mail:
deny deny condition = ${if eq{$sender_helo_name}{}}
condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
# drop
# condition = ${if isip{$sender_helo_name}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
# drop
# condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} drop condition = ${if isip{$sender_helo_name}}
# condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
drop
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
# drop
# condition = ${if match{$sender_helo_name}{\N\.$\N}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
# drop message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]"
# condition = ${if match{$sender_helo_name}{$primary_hostname}}
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept
@ -100,7 +101,7 @@ acl_check_rcpt:
accept authenticated = * accept authenticated = *
control = submission/domain= control = submission/domain=
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist hosts = !+whitelist
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
@ -115,14 +116,18 @@ acl_check_rcpt:
.ifdef CLAMD .ifdef CLAMD
warn set acl_m0 = no warn set acl_m0 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes set acl_m0 = yes
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn set acl_m1 = no warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes set acl_m1 = yes
.endif .endif
accept accept
@ -134,8 +139,7 @@ acl_check_data:
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn warn !authenticated = *
!authenticated = *
hosts = !+relay_from_hosts hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}} condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}} condition = ${if eq{$acl_m1}{yes}{yes}{no}}
@ -144,23 +148,29 @@ acl_check_data:
add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int set acl_m2 = $spam_score_int
warn
condition = ${if !eq{$acl_m2}{} {yes}{no}} warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients). message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif .endif
accept accept
acl_check_mime: acl_check_mime:
deny message = Blacklisted file extension detected deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept accept
##########################################################################
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators begin authenticators
##########################################################################
dovecot_plain: dovecot_plain:
driver = dovecot driver = dovecot
public_name = PLAIN public_name = PLAIN
@ -173,9 +183,14 @@ dovecot_login:
server_socket = /var/run/dovecot/auth-client server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1 server_set_id = $auth1
##########################################################################
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers begin routers
##########################################################################
#smarthost: #smarthost:
# driver = manualroute # driver = manualroute
# domains = ! +local_domains # domains = ! +local_domains
@ -255,9 +270,12 @@ terminate_alias:
condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}}
##########################################################################
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports begin transports
##########################################################################
remote_smtp: remote_smtp:
driver = smtp driver = smtp
#helo_data = $sender_address_domain #helo_data = $sender_address_domain
@ -267,7 +285,6 @@ remote_smtp:
dkim_canon = relaxed dkim_canon = relaxed
dkim_strict = 0 dkim_strict = 0
procmail: procmail:
driver = pipe driver = pipe
command = "/usr/bin/procmail -d $local_part" command = "/usr/bin/procmail -d $local_part"
@ -337,8 +354,23 @@ devnull:
driver = appendfile driver = appendfile
file = /dev/null file = /dev/null
##########################################################################
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
##########################################################################
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite begin rewrite
######################################################################

107
install/ubuntu/exim4.conf.template
View file

@ -1,8 +1,12 @@
########################################################################## ######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes #SPAMASSASSIN = yes
SPAM_SCORE = 50 #SPAM_SCORE = 50
CLAMD = yes #CLAMD = yes
##########################################################################
domainlist local_domains = dsearch;/etc/exim4/domains/ domainlist local_domains = dsearch;/etc/exim4/domains/
domainlist relay_to_domains = dsearch;/etc/exim4/domains/ domainlist relay_to_domains = dsearch;/etc/exim4/domains/
@ -43,41 +47,38 @@ DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
##########################################################################
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl begin acl
##########################################################################
acl_check_spammers: acl_check_spammers:
accept hosts = +whitelist accept hosts = +whitelist
drop message = Your host in blacklist on this server. drop message = Your host in blacklist on this server.
log_message = Host in blacklist log_message = Host in blacklist
hosts = +spammers hosts = +spammers
accept accept
acl_check_mail: acl_check_mail:
deny deny condition = ${if eq{$sender_helo_name}{}}
condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
# drop
# condition = ${if isip{$sender_helo_name}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
# drop
# condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} drop condition = ${if isip{$sender_helo_name}}
# condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
drop
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
# drop
# condition = ${if match{$sender_helo_name}{\N\.$\N}}
# message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
# drop message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]"
# condition = ${if match{$sender_helo_name}{$primary_hostname}}
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept
@ -100,7 +101,7 @@ acl_check_rcpt:
accept authenticated = * accept authenticated = *
control = submission/domain= control = submission/domain=
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist hosts = !+whitelist
dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}}
@ -115,14 +116,18 @@ acl_check_rcpt:
.ifdef CLAMD .ifdef CLAMD
warn set acl_m0 = no warn set acl_m0 = no
warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes set acl_m0 = yes
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn set acl_m1 = no warn set acl_m1 = no
warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes set acl_m1 = yes
.endif .endif
accept accept
@ -134,8 +139,7 @@ acl_check_data:
.endif .endif
.ifdef SPAMASSASSIN .ifdef SPAMASSASSIN
warn warn !authenticated = *
!authenticated = *
hosts = !+relay_from_hosts hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}} condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}} condition = ${if eq{$acl_m1}{yes}{yes}{no}}
@ -144,23 +148,29 @@ acl_check_data:
add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int set acl_m2 = $spam_score_int
warn
condition = ${if !eq{$acl_m2}{} {yes}{no}} warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients). message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif .endif
accept accept
acl_check_mime: acl_check_mime:
deny message = Blacklisted file extension detected deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept accept
##########################################################################
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators begin authenticators
##########################################################################
dovecot_plain: dovecot_plain:
driver = dovecot driver = dovecot
public_name = PLAIN public_name = PLAIN
@ -173,9 +183,14 @@ dovecot_login:
server_socket = /var/run/dovecot/auth-client server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1 server_set_id = $auth1
##########################################################################
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers begin routers
##########################################################################
#smarthost: #smarthost:
# driver = manualroute # driver = manualroute
# domains = ! +local_domains # domains = ! +local_domains
@ -255,9 +270,12 @@ terminate_alias:
condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
##########################################################################
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports begin transports
##########################################################################
remote_smtp: remote_smtp:
driver = smtp driver = smtp
#helo_data = $sender_address_domain #helo_data = $sender_address_domain
@ -267,7 +285,6 @@ remote_smtp:
dkim_canon = relaxed dkim_canon = relaxed
dkim_strict = 0 dkim_strict = 0
procmail: procmail:
driver = pipe driver = pipe
command = "/usr/bin/procmail -d $local_part" command = "/usr/bin/procmail -d $local_part"
@ -308,7 +325,7 @@ local_spam_delivery:
delivery_date_add delivery_date_add
envelope_to_add envelope_to_add
return_path_add return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.spam" directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota_warn_threshold = 75% quota_warn_threshold = 75%
@ -337,8 +354,24 @@ devnull:
driver = appendfile driver = appendfile
file = /dev/null file = /dev/null
##########################################################################
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h * * F,2h,15m; G,16h,1h,1.5; F,4d,6h
##########################################################################
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite begin rewrite
######################################################################

12
install/vst-install-debian.sh
View file

@ -233,9 +233,6 @@ if [ -z $email ]; then
if [ -z "$servername" ]; then if [ -z "$servername" ]; then
read -p "Please enter hostname [$(hostname)]: " servername read -p "Please enter hostname [$(hostname)]: " servername
fi fi
if [ -z "$servername" ]; then
servername=$(hostname)
fi
fi fi
# Validate email # Validate email
@ -464,6 +461,9 @@ if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then
fi fi
# Set server hostname # Set server hostname
if [ -z "$servername" ]; then
servername=$(hostname)
fi
/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null /usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null
# Templates # Templates
@ -627,9 +627,9 @@ fi
# Exim # Exim
wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template
if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then
sed -i "s/^SPAMASSASSIN/#SPAMASSASSIN/g" /etc/exim4/exim4.conf.template sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template
sed -i "s/^CLAMD/#CLAMD/g" /etc/exim4/exim4.conf.template sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template
fi fi
wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf
wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf

12
install/vst-install-rhel.sh
View file

@ -233,9 +233,6 @@ if [ -z $email ]; then
if [ -z "$servername" ]; then if [ -z "$servername" ]; then
read -p "Please enter hostname [$(hostname)]: " servername read -p "Please enter hostname [$(hostname)]: " servername
fi fi
if [ -z "$servername" ]; then
servername=$(hostname)
fi
fi fi
# Validate email # Validate email
@ -524,6 +521,9 @@ if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then
fi fi
# Set server hostname # Set server hostname
if [ -z "$servername" ]; then
servername=$(hostname)
fi
/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null /usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null
# Templates # Templates
@ -683,9 +683,9 @@ fi
# Exim # Exim
wget $CHOST/$VERSION/exim.conf -O /etc/exim/exim.conf wget $CHOST/$VERSION/exim.conf -O /etc/exim/exim.conf
if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then
sed -i "s/^SPAMASSASSIN/#SPAMASSASSIN/g" /etc/exim/exim.conf sed -i "s/#SPAM/SPAM/g" /etc/exim/exim.conf
sed -i "s/^CLAMD/#CLAMD/g" /etc/exim/exim.conf sed -i "s/#CLAMD/CLAMD/g" /etc/exim/exim.conf
fi fi
wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim/dnsbl.conf wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim/dnsbl.conf
wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim/spam-blocks.conf wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim/spam-blocks.conf

12
install/vst-install-ubuntu.sh
View file

@ -231,9 +231,6 @@ if [ -z $email ]; then
if [ -z "$servername" ]; then if [ -z "$servername" ]; then
read -p "Please enter hostname [$(hostname)]: " servername read -p "Please enter hostname [$(hostname)]: " servername
fi fi
if [ -z "$servername" ]; then
servername=$(hostname)
fi
fi fi
# Validate email # Validate email
@ -462,6 +459,9 @@ if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then
fi fi
# Set server hostname # Set server hostname
if [ -z "$servername" ]; then
servername=$(hostname)
fi
/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null /usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null
# Templates # Templates
@ -634,9 +634,9 @@ fi
# Exim # Exim
wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template
if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then
sed -i "s/^SPAMASSASSIN/#SPAMASSASSIN/g" /etc/exim4/exim4.conf.template sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template
sed -i "s/^CLAMD/#CLAMD/g" /etc/exim4/exim4.conf.template sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template
fi fi
wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf
wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf