Virtualmin and Exim

DaveShariffYadallee · July 8, 2013, 3:06am

How can I get my Exim configuration to working with virtualmin?

exim configuration

primary_hostname =

local_interfaces = 0.0.0.0.25 : 0.0.0.0.465 : 0.0.0.0.587

domainlist relay_to_domains =

trusted_users = exim : majordomo

acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data

av_scanner = clamd:127.0.0.1 3310

spamd_address = 127.0.0.1 783

tls_advertise_hosts = *

tls_certificate = /usr/exim/ca.crt
tls_privatekey = /usr/exim/ca.key

daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

tls_require_ciphers = ALL : !SSLv2 : !LOW : !aNULL : !eNULL : !3DES : @STRENGTH

never_users = root

host_lookup = *

rfc1413_hosts = *
rfc1413_query_timeout = 5s

ignore_bounce_errors_after = 2h

auto_thaw = 1m

message_size_limit = 20M

spool_directory = /var/spool/exim

smtp_receive_timeout = 5m
smtp_accept_max = 25

######################################################################

ACL CONFIGURATION

Specifies access control lists for incoming SMTP mail

######################################################################

begin acl

acl_check_smtp:
accept hosts = :
accept hosts = +relay_hosts
deny hosts = +block_hosts
accept

acl_check_rcpt:
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
dnslists = sbl-xbl.spamhaus.org : zen.spamhaus.org : dev.null.dk : relays.visi.com : bl.spamcop.net : hostkarma.junkemailfilter.com=127.0.0.2
log_message = found in $dnslist_domain

accept hosts = :
control = dkim_disable_verify

deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]

accept local_parts = postmaster
domains = +local_domains

drop message = Legitimate bounces are never sent to more than one recipient.
senders = : postmaster@*
condition = ${if >{$recipients_count}{0}{true}{false}}

accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify

accept authenticated = *
control = submission/sender_retain
control = dkim_disable_verify

require message = relay not permitted
domains = +local_domains : +relay_to_domains

require verify = recipient

deny message = Rejected sender
domains = dhl.com
local_parts = adminsu*

deny message = Rejected sender
domains = .com
local_parts = postmail-

deny message = Rejected sender
domains = usa.com
local_parts = express.deli*

deny message = Rejected sender
domains = gmail.com
local_parts = emarketing2*

deny message = Rejected sender
domains = gmail.com
local_parts = emarketing2sofsol*

deny message = Rejected sender
domains = gmail.com
local_parts = umair*

deny message = Rejected sender
domains = gmail.com
local_parts = umairpbl

deny message = Rejected sender
domains = gmail.com
local_parts = edusa102

deny message = Rejected sender
domains = doctor.nl2k.ab.ca
local_parts = OWA-Erro*

deny message = Rejected recipient
domains = localhost.com
local_parts = root

deny hosts = /usr/exim/blockhosts

accept

acl_check_data:

##For Port 465

accept authenticated = *
set acl_m_authenticated = 1

accept hosts = :

deny malware = *
message = This message contains a virus ($malware_name).

drop message = This message is denied by policy : $spam_score spam points
spam = nobody:true
condition = ${if > {$spam_score_int}{409}{1}{0}}

warn spam = nobody
message = Subject: {SPAM?} $rh_subject:
add_header = X-Spam_score: $spam_score\n
X-Spam_score_int: $spam_score_int\n
X-Spam_bar: $spam_bar\n
X-Spam_report: $spam_report
#local check for hijacked accounts

deny
!hosts = +relay_from_hosts
message = This message was considered to be spam
spam = www:true
condition = ${if >{$spam_score_int}{409}{1}{0}}

deny senders = /usr/exim/deny_senders

Accept the message.

accept

######################################################################

ROUTERS CONFIGURATION

Specifies how addresses are handled

######################################################################

THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!

An address is passed to each router in turn until it is accepted.

######################################################################

begin routers

check_dnslookup:
driver = dnslookup
domains = ! +local_domains
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
verify_only

pass_router = amavis

no_more

check_system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
verify_only

pass_router = amavis

check_localuser:
driver = accept
check_local_user
verify_only

virtuals:
driver = redirect
allow_defer
allow_fail
domains = partial-lsearch;/usr/exim/vdom3
data = ${lookup{$local_part@$domain}lsearch*@{/usr/exim/virtualaliases}}
retry_use_local_part
pipe_transport = address_pipe
file_transport = address_file
no_more

dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}

user = exim

file_transport = address_file
pipe_transport = address_pipe

userforward:
driver = redirect
check_local_user
local_part_prefix = +* : -*
local_part_prefix_optional
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply

localuser:
driver = accept
check_local_user
local_part_prefix = +* : -*
local_part_prefix_optional
#local_part_suffix = +* : -*
#local_part_suffix_optional
transport = local_delivery
cannot_route_message = Unknown user

procmail:
driver = accept
check_local_user
require_files = $home/.procmailrc
transport = procmail_pipe

#Majordomo

lists:
driver = redirect
file = /usr/home/majordomo/lists/$local_part
forbid_pipe
forbid_file
errors_to = $local_part-request@nk.ca
user = majordomo
no_more

######################################################################

TRANSPORTS CONFIGURATION

######################################################################

ORDER DOES NOT MATTER

Only one appropriate transport is called for each delivery.

######################################################################

A transport is used only when referenced from a router that successfully

handles an address.

begin transports

This transport is used for delivering messages over SMTP connections.

remote_smtp:
driver = smtp
connect_timeout = 15m
data_timeout = 15m

procmail_pipe:
driver = pipe
command = /usr/bin/procmail -d $local_part
return_path_add
delivery_date_add
envelope_to_add
check_string = "From "
escape_string = ">From "
umask = 077
user = $local_part
group = mail

local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0600

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_reply:
driver = autoreply

######################################################################

RETRY CONFIGURATION

######################################################################

begin retry

Address or Domain Error Retries

----------------- ----- -------

                 *           F,1h,15m; G,10h,1h,1.5; F,7d,1h

#* data_4xx F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* mail_4xx F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* rcpt_4xx F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* lost_connection F,1h,15m; G,2h,30m,1.5; F,3h,1
0m
#* refused_MX F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* refused_A F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* refused F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* timeout_connect_MX F,1h,15m; G,2h,30m,1.5; F,3h
,10m
#* timeout_connect_A F,1h,15m; G,2h,30m,1.5; F,3h,
10m
#* timeout_connect F,1h,15m; G,2h,30m,1.5; F,3h,10
m
#* timeout_MX F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* timeout_A F,1h,15m; G,2h,30m,1.5; F,3h,10m
#* timeout F,1h,15m; G,2h,30m,1.5; F,3h,10m
127.0.0.1 * F,1h,1m; G,2h,10m,1.5; F,5h,10m
204.209.81.1 * F,1h,1m; G,2h,10m,1.5; F,3h,10m
204.209.81.3 * F,1h,1m; G,2h,10m,1.5; F,5h,10m
#* * F,1h,1m; G,2h,10m,1.5; F,5h,10m
#* * F,1h,2m; G,4h,1h,1.5; F,5h,10m
#* * F,2h,15m; G,16h,1h,1.5; F,4d,6h

######################################################################

REWRITE CONFIGURATION

######################################################################

There are no rewriting specifications in this default configuration file.

begin rewrite

######################################################################

AUTHENTICATION CONFIGURATION

######################################################################

begin authenticators

PLAIN:
driver = plaintext
public_name = PLAIN
server_set_id = $auth2
server_prompts = :
server_condition = ${if saslauthd{{$2}{$3}}{1}{0}}
server_advertise_condition = ${if def:tls_cipher }

LOGIN:
driver = plaintext
public_name = LOGIN
server_set_id = $auth1
server_prompts = <| Username: | Password:
server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
server_advertise_condition = ${if def:tls_cipher }

######################################################################

CONFIGURATION FOR local_scan()

######################################################################

If you have built Exim to include a local_scan() function that contains

tables for private options, you can define those options here. Remember to

uncomment the “begin” line. It is commented by default because it provokes

an error with Exim binaries that are not built with LOCAL_SCAN_HAS_OPTIONS

set in the Local/Makefile.

begin local_scan

End of Exim configuration file

HELP!!

Eric · July 8, 2013, 4:53am

Howdy,

Exim isn’t very well supported within Virtualmin… I’d suggest using Postfix if possible.

However, to configure Virtualmin to use Exim, you’d need to go into System Settings -> Virtualmin Config, and where it says “Mail server to configure”, set that to “Exim”.

If you’ve set it to use Exim, but you’re having some sort of errors or problem – let us know what exactly isn’t working, and what error messages you’re receiving.

-Eric