Настраиваем директорию, где будут храниться сообщения
chown Debian-exim:Debian-exim /var/mail/ chmod 770 /var/mail/
Устанавливаем права на /etc/ssl/certs/mail.pem
chown Debian-exim /etc/ssl/certs/mail.pem
Настраиваем Exim
vi /etc/exim4/exim4.conf
#MAIN CONFIGURATION SETTINGS
primary_hostname = mail.domain.local
domainlist local_domains = ${lookup mysql{SELECT domain FROM domains \
WHERE domain='${quote_mysql:$domain}' AND \
(type='LOCAL' OR type='VIRTUAL')}}
domainlist relay_to_domains = ${lookup mysql{SELECT domain FROM domains \
WHERE domain='${quote_mysql:$domain}' AND type='RELAY'}}
hostlist relay_from_hosts = localhost : 127.0.0.0/8
auth_advertise_hosts = *
daemon_smtp_ports = 25 : 465
tls_on_connect_ports = 465
tls_advertise_hosts = *
tls_certificate = /etc/ssl/certs/mail.pem
tls_privatekey = /etc/ssl/certs/mail.pem
log_selector = \
+all_parents \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+smtp_confirmation \
+smtp_syntax_error \
+smtp_protocol_error \
-queue_run
acl_smtp_rcpt = acl_check_rcpt
qualify_domain = domain.local
allow_domain_literals = false
never_users = root
#host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 30m
timeout_frozen_after = 3d
freeze_tell = postmaster
message_size_limit = 50M
smtp_accept_max = 200
smtp_accept_max_per_connection = 150
smtp_accept_max_per_host = 100
split_spool_directory = true
remote_max_parallel = 15
smtp_banner = "ESMTP"
accept_8bitmime
hide mysql_servers = localhost/exim/sqlmail/SecretSuper
#ACL CONFIGURATION
begin acl
acl_check_rcpt:
accept local_parts = postmaster
domains = +local_domains
accept hosts = :
accept authenticated = *
accept hosts = +relay_from_hosts
deny message = need auth for local domain
sender_domains = +local_domains
deny message = HELO/EHLO required by SMTP RFC
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient
deny message = relay not permitted
#ROUTERS CONFIGURATION
begin routers
dnslookup:
driver = dnslookup
domains = ! +local_domains
headers_remove = Received : X-AntiVirus
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM aliases \
WHERE local_part='${quote_mysql:$local_part}' AND domain='${quote_mysql:$domain}'}}
virtual_localuser:
driver = accept
domains = ${lookup mysql{SELECT domain from domains WHERE domain='${quote_mysql:$domain}'}}
local_parts = ${lookup mysql{SELECT login from users \
WHERE login='${quote_mysql:$local_part}' AND domain='${quote_mysql:$domain}'}}
transport = local_delivery
#TRANSPORTS CONFIGURATION
begin transports
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
create_directory
delivery_date_add
directory = /var/mail/${lc:${domain_data}}/${lc:${local_part_data}}
directory_mode = 770
envelope_to_add
user = Debian-exim
group = Debian-exim
maildir_format
maildir_tag = ,S=$message_size
mode = 0660
quota = ${lookup mysql{SELECT quota FROM users \
WHERE login='${quote_mysql:$local_part}' AND domain='${quote_mysql:$domain}'}{${value}M}}
quota_size_regex = S=(\d+)$
quota_warn_threshold = 75%
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
#RETRY CONFIGURATION
begin retry
* quota
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
#REWRITE CONFIGURATION
begin rewrite
#AUTHENTICATION CONFIGURATION
begin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${lookup mysql{SELECT login FROM users \
WHERE login = '${quote_mysql:${local_part:$auth2}}' \
AND domain = '${quote_mysql:${domain:$auth2}}' \
AND password = '${quote_mysql:$auth3}' \
AND status = '1'}{yes}{no}}
server_prompts = :
server_set_id = $auth2
auth_login:
driver = plaintext
public_name = LOGIN
server_condition = ${lookup mysql{SELECT login FROM users \
WHERE login = '${quote_mysql:${local_part:$auth1}}' \
AND domain = '${quote_mysql:${domain:$auth1}}' \
AND password = '${quote_mysql:$auth2}' \
AND status = '1'}{yes}{no}}
server_prompts = Username:: : Password::
server_set_id = $auth1
auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT password FROM users \
WHERE login = '${quote_mysql:${local_part:$auth1}}' \
AND domain = '${quote_mysql:${domain:$auth1}}' \
AND status = '1'}{$value}fail}
server_set_id = $auth1