Mailman with exim4 on Debian Sarge
![](https://secure.gravatar.com/avatar/556380cc075d918368e4c576eb3468a2.jpg?s=120&d=mm&r=g)
Hello, I installed and configured mailman on Debian Sarge running apache2 and exim4. I set up a list and the list adminstrator / owner can post to the list from a remote client. I am pretty sure that the mailman config is right and that there is a problem with the exim4 config. Non local subscribers cannot post to the list. The Exim4 log always says that relay is not permitted.
/var/log/exim4/mainlog: 2006-09-01 00:00:52 H=mailout01.sul.t-online.com [194.25.134.80] F=<k.oliver@t-online.de> rejected RCPT <news@server.windfinder.com>: relay not permitted
Here are parts of my exim4 config: [..] # On Debian systems, the main binary is installed as exim4 to avoid # conflicts with the exim 3 packages. exim_path = /usr/sbin/exim4
# Macro defining the main configuration directory. # We do not use absolute paths. .ifndef CONFDIR CONFDIR = /etc/exim4 .endif
# This sets a macro DC_minimaldns if dc_minimaldns=true. If # dc_minimaldns=false, this expands to an empty line. .ifndef DC_minimaldns DEBCONFminimaldnsDEBCONF .endif
# Create other macros from Debconf. Macros created here are used in # other places in exim config. .ifndef DC_visiblename DC_visiblename=DEBCONFvisiblenameDEBCONF .endif
# Create domain and host lists for relay control # '@' refers to 'the name of the local host'
.ifndef MAIN_LOCAL_DOMAINS MAIN_LOCAL_DOMAINS = DEBCONFlocal_domainsDEBCONF .endif domainlist local_domains = MAIN_LOCAL_DOMAINS
.ifndef MAIN_RELAY_TO_DOMAINS MAIN_RELAY_TO_DOMAINS = DEBCONFrelay_domainsDEBCONF .endif domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
.ifndef MAIN_RELAY_NETS MAIN_RELAY_NETS = DEBCONFrelay_netsDEBCONF .endif hostlist relay_from_hosts = 127.0.0.1 : ::::1 : MAIN_RELAY_NETS
# Specify the domain you want to be added to all unqualified addresses # here. Unqualified addresses are accepted only from local callers by # default. The recipient_unqualified_hosts option can be used to permit # unqualified addresses from remote sources. # If qualify_domain is not set, the primary_hostname value is used for # qualification. # The ifdef bracket makes sure that an empty debconf value is correctly # translated to "unset". .ifdef DC_visiblename qualify_domain = DC_visiblename .endif [..] # Home dir for your Mailman installation -- aka Mailman's prefix # directory. # By default this is set to "/usr/local/mailman" # On a Red Hat/Fedora system using the RPM use "/var/mailman" # On Debian using the deb package use "/var/lib/mailman" # This is normally the same as ~mailman MAILMAN_HOME=/var/lib/mailman # # User and group for Mailman, should match your --with-mail-gid # switch to Mailman's configure script. # Value is normally "mailman" MAILMAN_USER=list MAILMAN_GROUP=daemon # # Domains that your lists are in - colon separated list # you may wish to add these into local_domains as well domainlist MAILMAN_DOMAINS=news.server.windfinder.com # # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= # # These values are derived from the ones above and should not need # editing unless you have munged your mailman installation # # The path of the Mailman mail wrapper script MAILMAN_WRAP=MAILMAN_HOME/mail/mailman # # The path of the list config file (used as a required file when # verifying list addresses) MAILMAN_LISTCHK=MAILMAN_HOME/lists/${lc::$local_part}/config.pck [..] begin routers
mailman_router:
driver = accept
require_files = MAILMAN_HOME/lists/$local_part/config.pck
local_part_suffix_optional
local_part_suffix = -bounces : -bounces+* :
-confirm+* : -join : -leave :
-owner : -request : -admin
transport = mailman_transport
[..]
begin transports
mailman_transport:
driver = pipe
command = MAILMAN_WRAP
'${if def:local_part_suffix
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}}
{post}}'
$local_part
current_directory = MAILMAN_HOME
home_directory = MAILMAN_HOME
user = MAILMAN_USER
group = MAILMAN_GROUP
Any idea how to configure Exim4 to allow posting to mailing list for subscribers like someone@somedomain.tld?
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
Oliver König wrote:
Yes, that would be an Exim config problem.
And what about server.windfinder.com? And did you add it to local_domains?
<snip>
The above is incomplete. It is not the cause of your problem, but see <http://www.exim.org/howto/mailman21.html#roconf> for what the mailman_router: should be. In particular, the above is missing -confirm, -subscribe and -unsubscribe in local_part_suffix and is missing domains = +MAILMAN_DOMAINS to prevent mail to an address that looks like a list but in another domain from being delivered to the list.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/556380cc075d918368e4c576eb3468a2.jpg?s=120&d=mm&r=g)
Hello Marc, thanks for your feedback. I have been trying to get it working for several weeks.
On Friday 01 September 2006 01:01, you wrote:
After exim4 restart the mail delivery failed completely (even for non mailman mail):
/var/log/exim4/mainlog 2006-09-01 10:39:13 1GJ4YH-0004nB-ND <= user@server.windfinder.com U=user P=local S=11314 2006-09-01 10:39:13 1GJ4YH-0004nB-ND unknown named domain list "+MAILMAN_domains" 2006-09-01 10:39:26 socket bind() to port 25 for address (any IPv4) failed: Address already in use: waiting before trying again 2006-09-01 10:39:49 1GJ4Z3-0004pq-Mi <= oliver@windfinder.com H=p548de4f5.dip.t-dialin.net ([192.168.0.2]) [84.141.228.245] P=esmtpsa X=TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32 A=plain_courier_authdaemon:oliver S=1609 id=200609011039.15788.oliver@windfinder.com 2006-09-01 10:39:49 1GJ4Z3-0004pq-Mi unknown named domain list "+MAILMAN_domains" 2006-09-01 10:39:56 socket bind() to port 25 for address (any IPv4) failed: Address already in use: waiting before trying again 2006-09-01 10:40:01 1GJ4ZF-0004wl-Sf <= user@server.windfinder.com U=user P=local S=752 2006-09-01 10:40:01 1GJ4ZF-0004wl-Sf unknown named domain list "+MAILMAN_domains" 2006-09-01 10:40:02 1GJ4ZG-0004wv-6z <= user@server.windfinder.com U=user P=local S=737 2006-09-01 10:40:02 1GJ4ZG-0004wv-6z unknown named domain list "+MAILMAN_domains"
I changed this according tohttp://www.exim.org/howto/mailman21.html to: [..] begin routers
mailman_router:
driver = accept
domains = +MAILMAN_domains
require_files = MAILMAN_LISTCHK
local_part_suffix_optional
local_part_suffix = -admin :
-bounces : -bounces+* :
-confirm : -confirm+* :
-join : -leave :
-owner : -request :
-subscribe : -unsubscribe
transport = mailman_transport
[..]
begin transports
mailman_transport:
driver = pipe
command = MAILMAN_WRAP
'${if def:local_part_suffix
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}}
{post}}'
$local_part
current_directory = MAILMAN_HOME
home_directory = MAILMAN_HOME
user = MAILMAN_USER
group = MAILMAN_GROUP
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
Oliver König wrote:
You seem to have case issues here, i.e., MAILMAN_DOMAINS vs. MAILMAN_domains. The documentation shows this all lower case. I don't know if that is significant or not, but it may be.
Also, you don't indicate whether or not you have server.windfinder.com and news.server.windfinder.com in local_domains. If not, I think this is the cause of your relaying problem.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/556380cc075d918368e4c576eb3468a2.jpg?s=120&d=mm&r=g)
The lists are in the local domain (windfinder.com). So I just deleted the following: domainlist mailman_domains= server.windfinder.com MAILMAN_LISTCHK=MAILMAN_HOME/lists/${lc::$local_part}/config.pck .. and any additional RCPT ACL should be obsolte because the lists ARE in the local domain.
When a subscriber posts to the list /var/log/exim4/mainlog still says. 2006-09-01 23:40:08 H=mailout03.sul.t-online.com [194.25.134.81] F=<k.oliver@t-online.de> rejected RCPT <News-request@server.windfinder.com>: relay not permitted
Here is my complete Exim4 config: ######### # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # this file is generated dynamically from the files in # CONFDIR/conf.d/ or /etc/exim4/exim4.conf.template respectively and # /etc/exim4/update-exim4.conf.conf # Any changes you make here will be lost. # See /usr/share/doc/exim4-base/README.Debian.gz and update-exim4.conf(8) # for instructions of customization. # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING ######### MAIN_TLS_ENABLE = true#####################################################
exim_path = /usr/sbin/exim4
.ifndef CONFDIR CONFDIR = /etc/exim4 .endif
.ifndef DC_minimaldns
.endif
.ifndef DC_visiblename DC_visiblename=server.windfinder.com .endif
.ifndef MAIN_LOCAL_DOMAINS MAIN_LOCAL_DOMAINS = @:localhost:windfinder.com:server.windfinder.com .endif domainlist local_domains = MAIN_LOCAL_DOMAINS
.ifndef MAIN_RELAY_TO_DOMAINS MAIN_RELAY_TO_DOMAINS = .endif domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
.ifndef MAIN_RELAY_NETS MAIN_RELAY_NETS = 127.0.0.1 : ::::1 : MAIN_RELAY_NETS .endif hostlist relay_from_hosts = 127.0.0.1 : ::::1 : MAIN_RELAY_NETS
.ifdef DC_visiblename qualify_domain = DC_visiblename .endif
.ifndef DCreadhost DCreadhost = .endif
.ifndef DCsmarthost DCsmarthost = .endif
.ifdef MAIN_LOCAL_INTERFACES local_interfaces = MAIN_LOCAL_INTERFACES .else local_interfaces = 0.0.0.0 .endif
.ifndef LOCAL_DELIVERY LOCAL_DELIVERY=maildir_home .endif
gecos_pattern = ^([^,:]*) gecos_name = $1
.ifndef DCconfig_satellite .ifndef DCconfig_internet .ifndef DCconfig_local .ifndef DCconfig_smarthost DCconfig_internet = 1 .endif .endif .endif .endif
.ifndef CHECK_RCPT_LOCAL_LOCALPARTS CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|\'`#&?] .endif
.ifndef CHECK_RCPT_REMOTE_LOCALPARTS CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!\'`#&?] : ^.*/\\.\\./ .endif
av_scanner = clamd:/var/run/clamav/clamd.ctl spamd_address = /var/run/spamd.sock
MAILMAN_HOME=/var/lib/mailman MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
MAILMAN_USER=list MAILMAN_GROUP=daemon
.ifndef MAIN_ACL_CHECK_RCPT MAIN_ACL_CHECK_RCPT = acl_check_rcpt .endif acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT
.ifndef MAIN_ACL_CHECK_DATA MAIN_ACL_CHECK_DATA = acl_check_data .endif acl_smtp_data = MAIN_ACL_CHECK_DATA
.ifdef MESSAGE_SIZE_LIMIT message_size_limit = MESSAGE_SIZE_LIMIT .endif
.ifdef MAIN_ALLOW_DOMAIN_LITERALS allow_domain_literals .endif
.ifndef DC_minimaldns .ifndef MAIN_HOST_LOOKUP MAIN_HOST_LOOKUP = * .endif host_lookup = MAIN_HOST_LOOKUP .endif
.ifndef MAIN_FORCE_SENDER local_from_check = false local_sender_retain = true untrusted_set_sender = * .endif
.ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d .endif ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER
.ifndef MAIN_TIMEOUT_FROZEN_AFTER MAIN_TIMEOUT_FROZEN_AFTER = 7d .endif timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER
.ifndef MAIN_FREEZE_TELL MAIN_FREEZE_TELL = postmaster .endif freeze_tell = MAIN_FREEZE_TELL
.ifndef SPOOLDIR SPOOLDIR = /var/spool/exim4 .endif spool_directory = SPOOLDIR
.ifndef MAIN_TRUSTED_USERS MAIN_TRUSTED_USERS = uucp .endif trusted_users = MAIN_TRUSTED_USERS .ifdef MAIN_TRUSTED_GROUPS trusted_groups = MAIN_TRUSTED_GROUPS .endif
.ifdef MAIN_TLS_ENABLE .ifndef MAIN_TLS_ADVERTISE_HOSTS MAIN_TLS_ADVERTISE_HOSTS = * .endif tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
.ifndef MAIN_TLS_CERTIFICATE MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt .endif tls_certificate = MAIN_TLS_CERTIFICATE
.ifndef MAIN_TLS_PRIVATEKEY MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key .endif tls_privatekey = MAIN_TLS_PRIVATEKEY
.ifndef MAIN_TLS_VERIFY_CERTIFICATES
MAIN_TLS_VERIFY_CERTIFICATES = ${if
exists{/etc/ssl/certs/ca-certificates.crt}
{/etc/ssl/certs/ca-certificates.crt}
{/dev/null}}
.endif
tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES
.ifdef MAIN_TLS_VERIFY_HOSTS tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS .endif
.ifndef MAIN_TLS_TRY_VERIFY_HOSTS MAIN_TLS_TRY_VERIFY_HOSTS = * .endif tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS
.endif
begin acl
acl_whitelist_local_deny:
accept
hosts = ${if exists{CONFDIR/local_host_whitelist}
{CONFDIR/local_host_whitelist}
{}}
accept
senders = ${if exists{CONFDIR/local_sender_whitelist}
{CONFDIR/local_sender_whitelist}
{}}
.ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE .include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE .endif
acl_check_rcpt: accept hosts = :
warn hosts = +relay_from_hosts control = submission/sender_retain
.ifdef CHECK_RCPT_LOCAL_LOCALPARTS deny domains = +local_domains local_parts = CHECK_RCPT_LOCAL_LOCALPARTS message = restricted characters in address .endif
.ifdef CHECK_RCPT_REMOTE_LOCALPARTS deny domains = !+local_domains local_parts = CHECK_RCPT_REMOTE_LOCALPARTS message = restricted characters in address .endif
accept .ifndef CHECK_RCPT_POSTMASTER local_parts = postmaster .else local_parts = CHECK_RCPT_POSTMASTER .endif domains = +local_domains
deny
message = sender envelope address $sender_address is locally blacklisted
here. If you think this is wrong, get in touch with postmaster
!acl = acl_whitelist_local_deny
senders = ${if exists{CONFDIR/local_sender_blacklist}
{CONFDIR/local_sender_blacklist}
{}}
deny
message = sender IP address $sender_host_address is locally blacklisted
here. If you think this is wrong, get in touch with postmaster
!acl = acl_whitelist_local_deny
hosts = ${if exists{CONFDIR/local_host_blacklist}
{CONFDIR/local_host_blacklist}
{}}
.ifdef CHECK_RCPT_VERIFY_SENDER deny message = Sender verification failed !acl = acl_whitelist_local_deny !verify = sender .endif
deny
!acl = acl_whitelist_local_deny
senders = ${if exists{CONFDIR/local_sender_callout}
{CONFDIR/local_sender_callout}
{}}
!verify = sender/callout
deny
!acl = acl_whitelist_local_deny
recipients = ${if exists{CONFDIR/local_rcpt_callout}
{CONFDIR/local_rcpt_callout}
{}}
!verify = recipient/callout
.ifdef CHECK_RCPT_REVERSE_DNS
warn
message = X-Host-Lookup-Failed: Reverse DNS lookup failed for
$sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}
{yes}{no}}
.endif
.ifdef CHECK_RCPT_IP_DNSBLS warn message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) dnslists = CHECK_RCPT_IP_DNSBLS .endif
.ifdef CHECK_RCPT_DOMAIN_DNSBLS
warn
message = X-Warning: $sender_address_domain is listed at $dnslist_domain
($dnslist_value: $dnslist_text)
log_message = $sender_address_domain is listed at $dnslist_domain
($dnslist_value: $dnslist_text)
!senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}
{CONFDIR/local_domain_dnsbl_whitelist}
{}}
dnslists = CHECK_RCPT_DOMAIN_DNSBLS/$sender_address_domain
.endif
.ifdef CHECK_RCPT_LOCAL_ACL_FILE .include CHECK_RCPT_LOCAL_ACL_FILE .endif
accept domains = +local_domains endpass message = unknown user verify = recipient
accept domains = +relay_to_domains endpass .ifdef CHECK_RCPT_GIVE_UNKNOWN_USER message = ${if eq{$acl_verify_message}{Unrouteable address}{unknown user} {$acl_verify_message}} .else message = unrouteable address .endif verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
acl_check_data:
.ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX deny message = Message headers fail syntax check !acl = acl_whitelist_local_deny !verify = header_syntax .endif
.ifdef CHECK_DATA_VERIFY_HEADER_SENDER deny message = No verifiable sender address in message headers !acl = acl_whitelist_local_deny !verify = header_sender .endif
deny message = This message contains a virus: ($malware_name) please scan your system. demime = * malware = *
warn message = X-Spam-Score: $spam_score ($spam_bar) spam = nobody:true warn message = X-Spam-Report: $spam_report spam = nobody:true
warn message = Subject: *SPAM* $h_Subject: spam = nobody
deny message = This message scored $spam_score spam points. spam = nobody:true condition = ${if >{$spam_score_int}{100}{1}{0}}
.ifdef CHECK_DATA_LOCAL_ACL_FILE .include CHECK_DATA_LOCAL_ACL_FILE .endif
accept
begin routers
mailman_router:
driver = accept
require_files = MAILMAN_HOME/lists/$local_part/config.pck
local_part_suffix_optional
local_part_suffix = -bounces : -bounces+* :
-confirm+* : -join : -leave :
-owner : -request : -admin
transport = mailman_transport
.ifdef MAIN_ALLOW_DOMAIN_LITERALS domain_literal: debug_print = "R: domain_literal for $local_part@$domain" driver = ipliteral domains = ! +local_domains transport = remote_smtp .endif
hubbed_hosts:
debug_print = "R: hubbed_hosts for $domain"
driver = manualroute
domains = "${if exists{CONFDIR/hubbed_hosts}
{partial-lsearch;CONFDIR/hubbed_hosts}
fail}"
route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
transport = remote_smtp
.ifdef DCconfig_internet
dnslookup_relay_to_domains: debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain" driver = dnslookup domains = ! +local_domains : +relay_to_domains transport = remote_smtp same_domain_copy_routing = yes no_more
dnslookup:
debug_print = "R: dnslookup for $local_part@$domain"
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
same_domain_copy_routing = yes
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :
172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
no_more
.endif
.ifdef DCconfig_local nonlocal: debug_print = "R: nonlocal for $local_part@$domain" driver = redirect domains = ! +local_domains allow_fail data = :fail: Mailing to remote domains not supported no_more
.endif
.ifdef DCconfig_smarthost DCconfig_satellite
smarthost: debug_print = "R: smarthost for $local_part@$domain" driver = manualroute domains = ! +local_domains transport = remote_smtp_smarthost route_list = * DCsmarthost byname host_find_failed = defer same_domain_copy_routing = yes no_more
.endif
real_local: debug_print = "R: real_local for $local_part@$domain" driver = accept domains = +local_domains local_part_prefix = real- check_local_user transport = LOCAL_DELIVERY
system_aliases: debug_print = "R: system_aliases for $local_part@$domain" driver = redirect domains = +local_domains allow_fail allow_defer data = ${lookup{$local_part}lsearch{/etc/aliases}} .ifdef SYSTEM_ALIASES_USER user = SYSTEM_ALIASES_USER .endif .ifdef SYSTEM_ALIASES_GROUP group = SYSTEM_ALIASES_GROUP .endif .ifdef SYSTEM_ALIASES_FILE_TRANSPORT file_transport = SYSTEM_ALIASES_FILE_TRANSPORT .endif .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT .endif .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT .endif
.ifdef DCconfig_satellite hub_user: debug_print = "R: hub_user for $local_part@$domain" driver = redirect domains = +local_domains data = ${local_part}@DCreadhost check_local_user
hub_user_smarthost: debug_print = "R: hub_user_smarthost for $local_part@$domain" driver = manualroute domains = DCreadhost transport = remote_smtp_smarthost route_list = * DCsmarthost byname host_find_failed = defer same_domain_copy_routing = yes check_local_user .endif
userforward:
debug_print = "R: userforward for $local_part@$domain"
driver = redirect
domains = +local_domains
check_local_user
file = $home/.forward
no_verify
no_expn
check_ancestor
allow_filter
directory_transport = address_directory
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
skip_syntax_errors
syntax_errors_to = real-$local_part@$domain
syntax_errors_text =
This is an automatically generated message. An error has\n
been found in your .forward file. Details of the error are\n
reported below. While this error persists, you will receive\n
a copy of this message for every message that is addressed\n
to you. If your .forward file is a filter file, or if it is\n
a non-filter file containing no valid forwarding addresses,\n
a copy of each incoming message will be put in your normal\n
mailbox. If a non-filter file contains at least one valid\n
forwarding address, forwarding to the valid addresses will\n
happen, and those will be the only deliveries that occur.
procmail:
debug_print = "R: procmail for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
transport = procmail_pipe
require_files = ${local_part}:
${if exists{/etc/procmailrc}
{/etc/procmailrc}{${home}/.procmailrc}}:
+/usr/bin/procmail
no_verify
no_expn
maildrop: debug_print = "R: maildrop for $local_part@$domain" driver = accept domains = +local_domains check_local_user transport = maildrop_pipe require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop no_verify no_expn
local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains check_local_user local_parts = ! root transport = LOCAL_DELIVERY
mail4root: debug_print = "R: mail4root for $local_part@$domain" driver = redirect domains = +local_domains data = /var/mail/mail file_transport = address_file local_parts = root user = mail group = mail
begin transports
mailman_transport:
driver = pipe
command = MAILMAN_WRAP
'${if def:local_part_suffix
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}}
{post}}'
$local_part
current_directory = MAILMAN_HOME
home_directory = MAILMAN_HOME
user = MAILMAN_USER
group = MAILMAN_GROUP
address_file: debug_print = "T: address_file for $local_part@$domain" driver = appendfile delivery_date_add envelope_to_add return_path_add
address_pipe: debug_print = "T: address_pipe for $local_part@$domain" driver = pipe return_fail_output
address_reply: debug_print = "T: autoreply for $local_part@$domain" driver = autoreply
mail_spool: debug_print = "T: appendfile for $local_part@$domain" driver = appendfile file = /var/mail/$local_part delivery_date_add envelope_to_add return_path_add group = mail mode = 0660 mode_fail_narrower = false
maildir_home: debug_print = "T: maildir_home for $local_part@$domain" driver = appendfile .ifdef MAILDIR_HOME_MAILDIR_LOCATION directory = MAILDIR_HOME_MAILDIR_LOCATION .else directory = $home/Maildir .endif .ifdef MAILDIR_HOME_CREATE_DIRECTORY create_directory .endif .ifdef MAILDIR_HOME_CREATE_FILE create_file = MAILDIR_HOME_CREATE_FILE .endif delivery_date_add envelope_to_add return_path_add maildir_format .ifdef MAILDIR_HOME_DIRECTORY_MODE directory_mode = MAILDIR_HOME_DIRECTORY_MODE .else directory_mode = 0700 .endif .ifdef MAILDIR_HOME_MODE mode = MAILDIR_HOME_MODE .else mode = 0600 .endif mode_fail_narrower = false
maildrop_pipe: debug_print = "T: maildrop_pipe for $local_part@$domain" driver = pipe path = "/bin:/usr/bin:/usr/local/bin" command = "/usr/bin/maildrop" return_path_add delivery_date_add envelope_to_add
procmail_pipe: debug_print = "T: procmail_pipe for $local_part@$domain" driver = pipe path = "/bin:/usr/bin:/usr/local/bin" command = "/usr/bin/procmail" return_path_add delivery_date_add envelope_to_add
remote_smtp: debug_print = "T: remote_smtp for $local_part@$domain" driver = smtp
remote_smtp_smarthost: debug_print = "T: remote_smtp_smarthost for $local_part@$domain" driver = smtp hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}} tls_tempfail_tryclear = false
address_directory: debug_print = "T: address_directory for $local_part@$domain" driver = appendfile envelope_to_add = true return_path_add = true check_string = "" escape_string = "" maildir_format
begin retry
* F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}
{$value}fail} Ffrs
*@server.windfinder.com ${lookup{${local_part}}lsearch{/etc/email-addresses}
{$value}fail} Ffrs
begin authenticators
plain_courier_authdaemon:
driver = plaintext
public_name = PLAIN
server_condition =
${if eq {${readsocket{/var/run/courier/authdaemon/socket}
{AUTH ${strlen:exim\nlogin\n$2\n$3\n}\nexim\nlogin\n$2\n$3\n}}}
{FAIL\n}{no}{yes}}
server_set_id = $2
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
login_courier_authdaemon:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = ${if eq
{${readsocket{/var/run/courier/authdaemon/socket}
{AUTH
${strlen:exim\nlogin\n$1\n$2\n}\nexim\nlogin\n$1\n$2\n}}}{FAIL\n}{no}{yes}}
server_set_id = $1
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
cram_md5: driver = cram_md5 public_name = CRAM-MD5 client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client} {$value}fail}}} client_secret = ${extract{2}{:} {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
plain:
driver = plaintext
public_name = PLAIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
client_send = "${if !eq{$tls_cipher}{}{
^${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
^${extract{2}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
}fail}"
.else
client_send = "^${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}
{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.endif
login:
driver = plaintext
public_name = LOGIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
client_send = "${if !eq{$tls_cipher}{}{}fail}
: ${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
: ${extract{2}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.else
client_send = ": ${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} : ${extract{2}
{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.endif
Regards, Oliver
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
Oliver König wrote:
Yes, that would be an Exim config problem.
And what about server.windfinder.com? And did you add it to local_domains?
<snip>
The above is incomplete. It is not the cause of your problem, but see <http://www.exim.org/howto/mailman21.html#roconf> for what the mailman_router: should be. In particular, the above is missing -confirm, -subscribe and -unsubscribe in local_part_suffix and is missing domains = +MAILMAN_DOMAINS to prevent mail to an address that looks like a list but in another domain from being delivered to the list.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/556380cc075d918368e4c576eb3468a2.jpg?s=120&d=mm&r=g)
Hello Marc, thanks for your feedback. I have been trying to get it working for several weeks.
On Friday 01 September 2006 01:01, you wrote:
After exim4 restart the mail delivery failed completely (even for non mailman mail):
/var/log/exim4/mainlog 2006-09-01 10:39:13 1GJ4YH-0004nB-ND <= user@server.windfinder.com U=user P=local S=11314 2006-09-01 10:39:13 1GJ4YH-0004nB-ND unknown named domain list "+MAILMAN_domains" 2006-09-01 10:39:26 socket bind() to port 25 for address (any IPv4) failed: Address already in use: waiting before trying again 2006-09-01 10:39:49 1GJ4Z3-0004pq-Mi <= oliver@windfinder.com H=p548de4f5.dip.t-dialin.net ([192.168.0.2]) [84.141.228.245] P=esmtpsa X=TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32 A=plain_courier_authdaemon:oliver S=1609 id=200609011039.15788.oliver@windfinder.com 2006-09-01 10:39:49 1GJ4Z3-0004pq-Mi unknown named domain list "+MAILMAN_domains" 2006-09-01 10:39:56 socket bind() to port 25 for address (any IPv4) failed: Address already in use: waiting before trying again 2006-09-01 10:40:01 1GJ4ZF-0004wl-Sf <= user@server.windfinder.com U=user P=local S=752 2006-09-01 10:40:01 1GJ4ZF-0004wl-Sf unknown named domain list "+MAILMAN_domains" 2006-09-01 10:40:02 1GJ4ZG-0004wv-6z <= user@server.windfinder.com U=user P=local S=737 2006-09-01 10:40:02 1GJ4ZG-0004wv-6z unknown named domain list "+MAILMAN_domains"
I changed this according tohttp://www.exim.org/howto/mailman21.html to: [..] begin routers
mailman_router:
driver = accept
domains = +MAILMAN_domains
require_files = MAILMAN_LISTCHK
local_part_suffix_optional
local_part_suffix = -admin :
-bounces : -bounces+* :
-confirm : -confirm+* :
-join : -leave :
-owner : -request :
-subscribe : -unsubscribe
transport = mailman_transport
[..]
begin transports
mailman_transport:
driver = pipe
command = MAILMAN_WRAP
'${if def:local_part_suffix
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}}
{post}}'
$local_part
current_directory = MAILMAN_HOME
home_directory = MAILMAN_HOME
user = MAILMAN_USER
group = MAILMAN_GROUP
![](https://secure.gravatar.com/avatar/746f7519ba02fb0d815e59f305c53fa2.jpg?s=120&d=mm&r=g)
Oliver König wrote:
You seem to have case issues here, i.e., MAILMAN_DOMAINS vs. MAILMAN_domains. The documentation shows this all lower case. I don't know if that is significant or not, but it may be.
Also, you don't indicate whether or not you have server.windfinder.com and news.server.windfinder.com in local_domains. If not, I think this is the cause of your relaying problem.
-- Mark Sapiro <msapiro@value.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
![](https://secure.gravatar.com/avatar/556380cc075d918368e4c576eb3468a2.jpg?s=120&d=mm&r=g)
The lists are in the local domain (windfinder.com). So I just deleted the following: domainlist mailman_domains= server.windfinder.com MAILMAN_LISTCHK=MAILMAN_HOME/lists/${lc::$local_part}/config.pck .. and any additional RCPT ACL should be obsolte because the lists ARE in the local domain.
When a subscriber posts to the list /var/log/exim4/mainlog still says. 2006-09-01 23:40:08 H=mailout03.sul.t-online.com [194.25.134.81] F=<k.oliver@t-online.de> rejected RCPT <News-request@server.windfinder.com>: relay not permitted
Here is my complete Exim4 config: ######### # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # this file is generated dynamically from the files in # CONFDIR/conf.d/ or /etc/exim4/exim4.conf.template respectively and # /etc/exim4/update-exim4.conf.conf # Any changes you make here will be lost. # See /usr/share/doc/exim4-base/README.Debian.gz and update-exim4.conf(8) # for instructions of customization. # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING # WARNING WARNING WARNING ######### MAIN_TLS_ENABLE = true#####################################################
exim_path = /usr/sbin/exim4
.ifndef CONFDIR CONFDIR = /etc/exim4 .endif
.ifndef DC_minimaldns
.endif
.ifndef DC_visiblename DC_visiblename=server.windfinder.com .endif
.ifndef MAIN_LOCAL_DOMAINS MAIN_LOCAL_DOMAINS = @:localhost:windfinder.com:server.windfinder.com .endif domainlist local_domains = MAIN_LOCAL_DOMAINS
.ifndef MAIN_RELAY_TO_DOMAINS MAIN_RELAY_TO_DOMAINS = .endif domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
.ifndef MAIN_RELAY_NETS MAIN_RELAY_NETS = 127.0.0.1 : ::::1 : MAIN_RELAY_NETS .endif hostlist relay_from_hosts = 127.0.0.1 : ::::1 : MAIN_RELAY_NETS
.ifdef DC_visiblename qualify_domain = DC_visiblename .endif
.ifndef DCreadhost DCreadhost = .endif
.ifndef DCsmarthost DCsmarthost = .endif
.ifdef MAIN_LOCAL_INTERFACES local_interfaces = MAIN_LOCAL_INTERFACES .else local_interfaces = 0.0.0.0 .endif
.ifndef LOCAL_DELIVERY LOCAL_DELIVERY=maildir_home .endif
gecos_pattern = ^([^,:]*) gecos_name = $1
.ifndef DCconfig_satellite .ifndef DCconfig_internet .ifndef DCconfig_local .ifndef DCconfig_smarthost DCconfig_internet = 1 .endif .endif .endif .endif
.ifndef CHECK_RCPT_LOCAL_LOCALPARTS CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|\'`#&?] .endif
.ifndef CHECK_RCPT_REMOTE_LOCALPARTS CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!\'`#&?] : ^.*/\\.\\./ .endif
av_scanner = clamd:/var/run/clamav/clamd.ctl spamd_address = /var/run/spamd.sock
MAILMAN_HOME=/var/lib/mailman MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
MAILMAN_USER=list MAILMAN_GROUP=daemon
.ifndef MAIN_ACL_CHECK_RCPT MAIN_ACL_CHECK_RCPT = acl_check_rcpt .endif acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT
.ifndef MAIN_ACL_CHECK_DATA MAIN_ACL_CHECK_DATA = acl_check_data .endif acl_smtp_data = MAIN_ACL_CHECK_DATA
.ifdef MESSAGE_SIZE_LIMIT message_size_limit = MESSAGE_SIZE_LIMIT .endif
.ifdef MAIN_ALLOW_DOMAIN_LITERALS allow_domain_literals .endif
.ifndef DC_minimaldns .ifndef MAIN_HOST_LOOKUP MAIN_HOST_LOOKUP = * .endif host_lookup = MAIN_HOST_LOOKUP .endif
.ifndef MAIN_FORCE_SENDER local_from_check = false local_sender_retain = true untrusted_set_sender = * .endif
.ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d .endif ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER
.ifndef MAIN_TIMEOUT_FROZEN_AFTER MAIN_TIMEOUT_FROZEN_AFTER = 7d .endif timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER
.ifndef MAIN_FREEZE_TELL MAIN_FREEZE_TELL = postmaster .endif freeze_tell = MAIN_FREEZE_TELL
.ifndef SPOOLDIR SPOOLDIR = /var/spool/exim4 .endif spool_directory = SPOOLDIR
.ifndef MAIN_TRUSTED_USERS MAIN_TRUSTED_USERS = uucp .endif trusted_users = MAIN_TRUSTED_USERS .ifdef MAIN_TRUSTED_GROUPS trusted_groups = MAIN_TRUSTED_GROUPS .endif
.ifdef MAIN_TLS_ENABLE .ifndef MAIN_TLS_ADVERTISE_HOSTS MAIN_TLS_ADVERTISE_HOSTS = * .endif tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
.ifndef MAIN_TLS_CERTIFICATE MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt .endif tls_certificate = MAIN_TLS_CERTIFICATE
.ifndef MAIN_TLS_PRIVATEKEY MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key .endif tls_privatekey = MAIN_TLS_PRIVATEKEY
.ifndef MAIN_TLS_VERIFY_CERTIFICATES
MAIN_TLS_VERIFY_CERTIFICATES = ${if
exists{/etc/ssl/certs/ca-certificates.crt}
{/etc/ssl/certs/ca-certificates.crt}
{/dev/null}}
.endif
tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES
.ifdef MAIN_TLS_VERIFY_HOSTS tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS .endif
.ifndef MAIN_TLS_TRY_VERIFY_HOSTS MAIN_TLS_TRY_VERIFY_HOSTS = * .endif tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS
.endif
begin acl
acl_whitelist_local_deny:
accept
hosts = ${if exists{CONFDIR/local_host_whitelist}
{CONFDIR/local_host_whitelist}
{}}
accept
senders = ${if exists{CONFDIR/local_sender_whitelist}
{CONFDIR/local_sender_whitelist}
{}}
.ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE .include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE .endif
acl_check_rcpt: accept hosts = :
warn hosts = +relay_from_hosts control = submission/sender_retain
.ifdef CHECK_RCPT_LOCAL_LOCALPARTS deny domains = +local_domains local_parts = CHECK_RCPT_LOCAL_LOCALPARTS message = restricted characters in address .endif
.ifdef CHECK_RCPT_REMOTE_LOCALPARTS deny domains = !+local_domains local_parts = CHECK_RCPT_REMOTE_LOCALPARTS message = restricted characters in address .endif
accept .ifndef CHECK_RCPT_POSTMASTER local_parts = postmaster .else local_parts = CHECK_RCPT_POSTMASTER .endif domains = +local_domains
deny
message = sender envelope address $sender_address is locally blacklisted
here. If you think this is wrong, get in touch with postmaster
!acl = acl_whitelist_local_deny
senders = ${if exists{CONFDIR/local_sender_blacklist}
{CONFDIR/local_sender_blacklist}
{}}
deny
message = sender IP address $sender_host_address is locally blacklisted
here. If you think this is wrong, get in touch with postmaster
!acl = acl_whitelist_local_deny
hosts = ${if exists{CONFDIR/local_host_blacklist}
{CONFDIR/local_host_blacklist}
{}}
.ifdef CHECK_RCPT_VERIFY_SENDER deny message = Sender verification failed !acl = acl_whitelist_local_deny !verify = sender .endif
deny
!acl = acl_whitelist_local_deny
senders = ${if exists{CONFDIR/local_sender_callout}
{CONFDIR/local_sender_callout}
{}}
!verify = sender/callout
deny
!acl = acl_whitelist_local_deny
recipients = ${if exists{CONFDIR/local_rcpt_callout}
{CONFDIR/local_rcpt_callout}
{}}
!verify = recipient/callout
.ifdef CHECK_RCPT_REVERSE_DNS
warn
message = X-Host-Lookup-Failed: Reverse DNS lookup failed for
$sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}
{yes}{no}}
.endif
.ifdef CHECK_RCPT_IP_DNSBLS warn message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) dnslists = CHECK_RCPT_IP_DNSBLS .endif
.ifdef CHECK_RCPT_DOMAIN_DNSBLS
warn
message = X-Warning: $sender_address_domain is listed at $dnslist_domain
($dnslist_value: $dnslist_text)
log_message = $sender_address_domain is listed at $dnslist_domain
($dnslist_value: $dnslist_text)
!senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}
{CONFDIR/local_domain_dnsbl_whitelist}
{}}
dnslists = CHECK_RCPT_DOMAIN_DNSBLS/$sender_address_domain
.endif
.ifdef CHECK_RCPT_LOCAL_ACL_FILE .include CHECK_RCPT_LOCAL_ACL_FILE .endif
accept domains = +local_domains endpass message = unknown user verify = recipient
accept domains = +relay_to_domains endpass .ifdef CHECK_RCPT_GIVE_UNKNOWN_USER message = ${if eq{$acl_verify_message}{Unrouteable address}{unknown user} {$acl_verify_message}} .else message = unrouteable address .endif verify = recipient
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
acl_check_data:
.ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX deny message = Message headers fail syntax check !acl = acl_whitelist_local_deny !verify = header_syntax .endif
.ifdef CHECK_DATA_VERIFY_HEADER_SENDER deny message = No verifiable sender address in message headers !acl = acl_whitelist_local_deny !verify = header_sender .endif
deny message = This message contains a virus: ($malware_name) please scan your system. demime = * malware = *
warn message = X-Spam-Score: $spam_score ($spam_bar) spam = nobody:true warn message = X-Spam-Report: $spam_report spam = nobody:true
warn message = Subject: *SPAM* $h_Subject: spam = nobody
deny message = This message scored $spam_score spam points. spam = nobody:true condition = ${if >{$spam_score_int}{100}{1}{0}}
.ifdef CHECK_DATA_LOCAL_ACL_FILE .include CHECK_DATA_LOCAL_ACL_FILE .endif
accept
begin routers
mailman_router:
driver = accept
require_files = MAILMAN_HOME/lists/$local_part/config.pck
local_part_suffix_optional
local_part_suffix = -bounces : -bounces+* :
-confirm+* : -join : -leave :
-owner : -request : -admin
transport = mailman_transport
.ifdef MAIN_ALLOW_DOMAIN_LITERALS domain_literal: debug_print = "R: domain_literal for $local_part@$domain" driver = ipliteral domains = ! +local_domains transport = remote_smtp .endif
hubbed_hosts:
debug_print = "R: hubbed_hosts for $domain"
driver = manualroute
domains = "${if exists{CONFDIR/hubbed_hosts}
{partial-lsearch;CONFDIR/hubbed_hosts}
fail}"
route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
transport = remote_smtp
.ifdef DCconfig_internet
dnslookup_relay_to_domains: debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain" driver = dnslookup domains = ! +local_domains : +relay_to_domains transport = remote_smtp same_domain_copy_routing = yes no_more
dnslookup:
debug_print = "R: dnslookup for $local_part@$domain"
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
same_domain_copy_routing = yes
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :
172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16
no_more
.endif
.ifdef DCconfig_local nonlocal: debug_print = "R: nonlocal for $local_part@$domain" driver = redirect domains = ! +local_domains allow_fail data = :fail: Mailing to remote domains not supported no_more
.endif
.ifdef DCconfig_smarthost DCconfig_satellite
smarthost: debug_print = "R: smarthost for $local_part@$domain" driver = manualroute domains = ! +local_domains transport = remote_smtp_smarthost route_list = * DCsmarthost byname host_find_failed = defer same_domain_copy_routing = yes no_more
.endif
real_local: debug_print = "R: real_local for $local_part@$domain" driver = accept domains = +local_domains local_part_prefix = real- check_local_user transport = LOCAL_DELIVERY
system_aliases: debug_print = "R: system_aliases for $local_part@$domain" driver = redirect domains = +local_domains allow_fail allow_defer data = ${lookup{$local_part}lsearch{/etc/aliases}} .ifdef SYSTEM_ALIASES_USER user = SYSTEM_ALIASES_USER .endif .ifdef SYSTEM_ALIASES_GROUP group = SYSTEM_ALIASES_GROUP .endif .ifdef SYSTEM_ALIASES_FILE_TRANSPORT file_transport = SYSTEM_ALIASES_FILE_TRANSPORT .endif .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT .endif .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT .endif
.ifdef DCconfig_satellite hub_user: debug_print = "R: hub_user for $local_part@$domain" driver = redirect domains = +local_domains data = ${local_part}@DCreadhost check_local_user
hub_user_smarthost: debug_print = "R: hub_user_smarthost for $local_part@$domain" driver = manualroute domains = DCreadhost transport = remote_smtp_smarthost route_list = * DCsmarthost byname host_find_failed = defer same_domain_copy_routing = yes check_local_user .endif
userforward:
debug_print = "R: userforward for $local_part@$domain"
driver = redirect
domains = +local_domains
check_local_user
file = $home/.forward
no_verify
no_expn
check_ancestor
allow_filter
directory_transport = address_directory
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
skip_syntax_errors
syntax_errors_to = real-$local_part@$domain
syntax_errors_text =
This is an automatically generated message. An error has\n
been found in your .forward file. Details of the error are\n
reported below. While this error persists, you will receive\n
a copy of this message for every message that is addressed\n
to you. If your .forward file is a filter file, or if it is\n
a non-filter file containing no valid forwarding addresses,\n
a copy of each incoming message will be put in your normal\n
mailbox. If a non-filter file contains at least one valid\n
forwarding address, forwarding to the valid addresses will\n
happen, and those will be the only deliveries that occur.
procmail:
debug_print = "R: procmail for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
transport = procmail_pipe
require_files = ${local_part}:
${if exists{/etc/procmailrc}
{/etc/procmailrc}{${home}/.procmailrc}}:
+/usr/bin/procmail
no_verify
no_expn
maildrop: debug_print = "R: maildrop for $local_part@$domain" driver = accept domains = +local_domains check_local_user transport = maildrop_pipe require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop no_verify no_expn
local_user: debug_print = "R: local_user for $local_part@$domain" driver = accept domains = +local_domains check_local_user local_parts = ! root transport = LOCAL_DELIVERY
mail4root: debug_print = "R: mail4root for $local_part@$domain" driver = redirect domains = +local_domains data = /var/mail/mail file_transport = address_file local_parts = root user = mail group = mail
begin transports
mailman_transport:
driver = pipe
command = MAILMAN_WRAP
'${if def:local_part_suffix
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}}
{post}}'
$local_part
current_directory = MAILMAN_HOME
home_directory = MAILMAN_HOME
user = MAILMAN_USER
group = MAILMAN_GROUP
address_file: debug_print = "T: address_file for $local_part@$domain" driver = appendfile delivery_date_add envelope_to_add return_path_add
address_pipe: debug_print = "T: address_pipe for $local_part@$domain" driver = pipe return_fail_output
address_reply: debug_print = "T: autoreply for $local_part@$domain" driver = autoreply
mail_spool: debug_print = "T: appendfile for $local_part@$domain" driver = appendfile file = /var/mail/$local_part delivery_date_add envelope_to_add return_path_add group = mail mode = 0660 mode_fail_narrower = false
maildir_home: debug_print = "T: maildir_home for $local_part@$domain" driver = appendfile .ifdef MAILDIR_HOME_MAILDIR_LOCATION directory = MAILDIR_HOME_MAILDIR_LOCATION .else directory = $home/Maildir .endif .ifdef MAILDIR_HOME_CREATE_DIRECTORY create_directory .endif .ifdef MAILDIR_HOME_CREATE_FILE create_file = MAILDIR_HOME_CREATE_FILE .endif delivery_date_add envelope_to_add return_path_add maildir_format .ifdef MAILDIR_HOME_DIRECTORY_MODE directory_mode = MAILDIR_HOME_DIRECTORY_MODE .else directory_mode = 0700 .endif .ifdef MAILDIR_HOME_MODE mode = MAILDIR_HOME_MODE .else mode = 0600 .endif mode_fail_narrower = false
maildrop_pipe: debug_print = "T: maildrop_pipe for $local_part@$domain" driver = pipe path = "/bin:/usr/bin:/usr/local/bin" command = "/usr/bin/maildrop" return_path_add delivery_date_add envelope_to_add
procmail_pipe: debug_print = "T: procmail_pipe for $local_part@$domain" driver = pipe path = "/bin:/usr/bin:/usr/local/bin" command = "/usr/bin/procmail" return_path_add delivery_date_add envelope_to_add
remote_smtp: debug_print = "T: remote_smtp for $local_part@$domain" driver = smtp
remote_smtp_smarthost: debug_print = "T: remote_smtp_smarthost for $local_part@$domain" driver = smtp hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}} tls_tempfail_tryclear = false
address_directory: debug_print = "T: address_directory for $local_part@$domain" driver = appendfile envelope_to_add = true return_path_add = true check_string = "" escape_string = "" maildir_format
begin retry
* F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
*@+local_domains ${lookup{${local_part}}lsearch{/etc/email-addresses}
{$value}fail} Ffrs
*@server.windfinder.com ${lookup{${local_part}}lsearch{/etc/email-addresses}
{$value}fail} Ffrs
begin authenticators
plain_courier_authdaemon:
driver = plaintext
public_name = PLAIN
server_condition =
${if eq {${readsocket{/var/run/courier/authdaemon/socket}
{AUTH ${strlen:exim\nlogin\n$2\n$3\n}\nexim\nlogin\n$2\n$3\n}}}
{FAIL\n}{no}{yes}}
server_set_id = $2
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
login_courier_authdaemon:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = ${if eq
{${readsocket{/var/run/courier/authdaemon/socket}
{AUTH
${strlen:exim\nlogin\n$1\n$2\n}\nexim\nlogin\n$1\n$2\n}}}{FAIL\n}{no}{yes}}
server_set_id = $1
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
cram_md5: driver = cram_md5 public_name = CRAM-MD5 client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client} {$value}fail}}} client_secret = ${extract{2}{:} {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
plain:
driver = plaintext
public_name = PLAIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
client_send = "${if !eq{$tls_cipher}{}{
^${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
^${extract{2}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
}fail}"
.else
client_send = "^${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}
{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.endif
login:
driver = plaintext
public_name = LOGIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
client_send = "${if !eq{$tls_cipher}{}{}fail}
: ${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
: ${extract{2}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.else
client_send = ": ${extract{1}{::}
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} : ${extract{2}
{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.endif
Regards, Oliver
participants (2)
-
Mark Sapiro
-
Oliver König