MySql Based Exim Qpopper WebAdmin : : Sample exim.conf : :

	Mysql Based Exim Qpopper WebAdmin


	Sample exim.conf
###################################################################### # Runtime configuration file for Exim # ###################################################################### # Mysql specific stuff. # Mysql server MYSQL_AUTHSERVER=localhost # Mysql server port MYSQL_AUTHPORT=3306 # Mysql database MYSQL_AUTHDB=CHANGE_ME # Mysql table used for authentication MYSQL_AUTHTABLE=mail # Username and password to connect to mysql server MYSQL_AUTHUSER=CHANGE_ME MYSQL_AUTHPASSWORD=CHANGE_ME MYSQL_USERNAMEFIELD=user MYSQL_DOMAINFIELD=domain MYSQL_ALIASFIELD=alias MYSQL_ISALIASFIELD=is_alias MYSQL_PASSWORDFIELD=password # Timeout for pop before mysql authentication for relaying # See mysql documentation for DATE_ADD for exact format RELAY_TIMEOUT=5 MINUTE # Note. I have used LIKE instead of '=' as the current exim quoting # quotes characters like '_' and '%' which is then not correctly # interpreted by mysql. If the exim quoting changes in future # the current solution will break. MYSQL_ALIAS = SELECT MYSQL_ALIASFIELD FROM MYSQL_AUTHTABLE WHERE MYSQL_DOMAINFIELD LIKE '${quote_mysql:$domain}' AND MYSQL_USERNAMEFIELD LIKE '${quote_mysql:$local_part}' AND MYSQL_ISALIASFIELD='yes' MYSQL_ALL_ALIAS = SELECT MYSQL_ALIASFIELD FROM MYSQL_AUTHTABLE WHERE MYSQL_DOMAINFIELD='${quote_mysql:$domain}' AND MYSQL_USERNAMEFIELD='@' AND MYSQL_ISALIASFIELD='yes' MYSQL_USER = SELECT DISTINCT MYSQL_DOMAINFIELD FROM MYSQL_AUTHTABLE WHERE MYSQL_DOMAINFIELD LIKE '${quote_mysql:$domain}' AND MYSQL_USERNAMEFIELD LIKE '${quote_mysql:$local_part}' AND MYSQL_ISALIASFIELD='no' MYSQL_DOMAIN = SELECT MYSQL_DOMAINFIELD FROM MYSQL_AUTHTABLE WHERE MYSQL_DOMAINFIELD='$key' LIMIT 1 # smtp auth MYSQL_AUTH_PLAIN = SELECT MYSQL_PASSWORDFIELD FROM MYSQL_AUTHTABLE WHERE MYSQL_USERNAMEFIELD = '${local_part:$2}' AND MYSQL_DOMAINFIELD = '${domain:$2}' AND MYSQL_ISALIASFIELD='no' MYSQL_AUTH_LOGIN = SELECT MYSQL_PASSWORDFIELD FROM MYSQL_AUTHTABLE WHERE MYSQL_USERNAMEFIELD = '${local_part:$1}' AND MYSQL_DOMAINFIELD ='${domain:$1}' AND MYSQL_ISALIASFIELD='no' # The following is for pop before smtp authentication for relaying # If you dont use this feature comment the following line and uncomment # the next line MYSQL_RELAY = SELECT ip FROM relay_ip WHERE ip="${sender_host_address}" AND DATE_SUB(NOW(), INTERVAL RELAY_TIMEOUT) < ts #MYSQL_RELAY = # Additional mysql servers can be added here. See exim documentation mysql_servers = "MYSQL_AUTHSERVER::MYSQL_AUTHPORT/MYSQL_AUTHDB/MYSQL_AUTHUSER/MYSQL_AUTHPASSWORD" # Domains that should be delivered locally, ie into local users mailboxes LOCAL_DOMAINS = localhost # This is a default configuration file which will operate correctly in # uncomplicated installations. Please see the manual for a complete list # of all the runtime configuration options that can be included in a # configuration file. There are many more than are mentioned here. The # manual is in the file doc/spec.txt in the Exim distribution as a plain # ASCII file. Other formats (PostScript, Texinfo, HTML, PDF) are available # from the Exim ftp sites. The manual is also online via the Exim web sites. # This file is divided into several parts, all but the last of which are # terminated by a line containing the word "end". The parts must appear # in the correct order, and all must be present (even if some of them are # in fact empty). Blank lines, and lines starting with # are ignored. ###################################################################### # MAIN CONFIGURATION SETTINGS # ###################################################################### # Specify your host's canonical name here. This should normally be the fully # qualified "official" name of your host. If this option is not set, the # uname() function is called to obtain the name. # primary_hostname = # uncomment this if hostname lookup not working #rfc1413_query_timeout = 1s # Specify the domain you want to be added to all unqualified addresses # here. An unqualified address is one that does not contain an "@" character # followed by a domain. For example, "caesar@rome.ex" is a fully qualified # address, but the string "caesar" (i.e. just a login name) is an unqualified # email address. Unqualified addresses are accepted only from local callers by # default. See the receiver_unqualified_{hosts,nets} options if you want # to permit unqualified addresses from remote sources. If this option is # not set, the primary_hostname value is used for qualification. # qualify_domain = # If you want unqualified recipient addresses to be qualified with a different # domain to unqualified sender addresses, specify the recipient domain here. # If this option is not set, the qualify_domain value is used. # qualify_recipient = # Specify your local domains as a colon-separated list here. If this option # is not set (i.e. not mentioned in the configuration file), the # qualify_recipient value is used as the only local domain. If you do not want # to do any local deliveries, uncomment the following line, but do not supply # any data for it. This sets local_domains to an empty string, which is not # the same as not mentioning it at all. An empty string specifies that there # are no local domains; not setting it at all causes the default value (the # setting of qualify_recipient) to be used. local_domains = LOCAL_DOMAINS:mysql;MYSQL_DOMAIN # If you want to accept mail addressed to your host's literal IP address, for # example, mail addressed to "user@[111.111.111.111]", then uncomment the # following line, or supply the literal domain(s) as part of "local_domains" # above. You also need to comment "forbid_domain_literals" below. This is not # recommended for today's Internet. # local_domains_include_host_literals # The following line prevents Exim from recognizing addresses of the form # "user@[111.111.111.111]" that is, with a "domain literal" (an IP address) # instead of a named domain. The RFCs still require this form, but it makes # little sense to permit mail to be sent to specific hosts by their IP address # in the modern Internet, and this ancient format has been used by those # seeking to abuse hosts by using them for unwanted relaying. If you really # do want to support domain literals, remove the following line, and see # also the "domain_literal" router below. forbid_domain_literals # No local deliveries will ever be run under the uids of these users (a colon- # separated list). An attempt to do so gets changed so that it runs under the # uid of "nobody" instead. This is a paranoic safety catch. Note the default # setting means you cannot deliver mail addressed to root as if it were a # normal user. This isn't usually a problem, as most sites have an alias for # root that redirects such mail to a human administrator. never_users = root # The use of your host as a mail relay by any host, including the local host # calling its own SMTP port, is locked out by default. If you want to permit # relaying from the local host, you should set # host_accept_relay = localhost:mysql;MYSQL_RELAY host_auth_accept_relay = * # # If you want to permit relaying through your host from certain hosts or IP # networks, you need to set the option appropriately, for example # # host_accept_relay = my.friends.host : 131.111.0.0/16 # # If you are an MX backup or gateway of some kind for some domains, you must # set relay_domains to match those domains. This will allow any host to # relay through your host to those domains. # # See the section of the manual entitled "Control of relaying" for more # information. # The setting below causes Exim to do a reverse DNS lookup on all incoming # IP calls, in order to get the true host name. If you feel this is too # expensive, you can specify the networks for which a lookup is done, or # remove the setting entirely. host_lookup = 0.0.0.0/0 # By default, Exim expects all envelope addresses to be fully qualified, that # is, they must contain both a local part and a domain. If you want to accept # unqualified addresses (just a local part) from certain hosts, you can specify # these hosts by setting one or both of # # receiver_unqualified_hosts = # sender_unqualified_hosts = # # to control sender and receiver addresses, respectively. When this is done, # unqualified addresses are qualified using the settings of qualify_domain # and/or qualify_recipient (see above). # By default, Exim does not make any checks, other than syntactic ones, on # incoming addresses during the SMTP dialogue. This reduces delays in SMTP # transactions, but it does mean that you might accept messages with unknown # recipients, and/or bad senders. # Uncomment this line if you want incoming recipient addresses to be verified # during the SMTP dialogue. Unknown recipients are then rejected at this stage, # and the generation of a failure message is the job of the sending host. # receiver_verify # Uncomment this line if you want incoming sender addresses (return-paths) to # be verified during the SMTP dialogue. Verification can normally only check # that the domain exists. # sender_verify # Exim contains support for the Realtime Blocking List (RBL) that is being # maintained as part of the DNS. See http://maps.vix.com/rbl/ for background. # Uncommenting the first line below will make Exim reject mail from any # host whose IP address is blacklisted in the RBL at maps.vix.com. Some # others have followed the RBL lead and have produced other lists: DUL is # a list of dial-up addresses, and ORBS is a list of open relay systems. The # second line below checks all three lists. # rbl_domains = rbl.maps.vix.com # rbl_domains = rbl.maps.vix.com:dul.maps.vix.com:relays.orbs.org # If you want Exim to support the "percent hack" for all your local domains, # uncomment the following line. This is the feature by which mail addressed # to x%y@z (where z is one of your local domains) is locally rerouted to # x@y and sent on. Otherwise x%y is treated as an ordinary local part. # percent_hack_domains = * end ###################################################################### # TRANSPORTS CONFIGURATION # ###################################################################### # ORDER DOES NOT MATTER # # Only one appropriate transport is called for each delivery. # ###################################################################### # A transport is used only when referenced from a director or a router that # successfully handles an address. # This transport is used for delivering messages over SMTP connections. remote_smtp: driver = smtp # This transport is used for local delivery to user mailboxes in traditional # BSD mailbox format. By default it will be run under the uid and gid of the # local user, and requires the sticky bit to be set on the /var/mail directory. # Some systems use the alternative approach of running mail deliveries under a # particular group instead of using the sticky bit. The commented options below # show how this can be done. local_delivery: driver = appendfile file = /var/spool/mail/${local_part} delivery_date_add envelope_to_add return_path_add # group = mail # mode = 0660 virtual_delivery: driver = appendfile file = /var/spool/mail/${domain}/${local_part} user = mail group = mail mode = 0660 # This transport is used for handling pipe deliveries generated by alias # or .forward files. If the pipe generates any standard output, it is returned # to the sender of the message as a delivery error. Set return_fail_output # instead of return_output if you want this to happen only when the pipe fails # to complete normally. You can set different transports for aliases and # forwards if you want to - see the references to address_pipe in the directors # section below. address_pipe: driver = pipe return_output # This transport is used for handling deliveries directly to files that are # generated by aliassing or forwarding. address_file: driver = appendfile delivery_date_add envelope_to_add return_path_add # This transport is used for handling autoreplies generated by the filtering # option of the forwardfile director. address_reply: driver = autoreply end ###################################################################### # DIRECTORS CONFIGURATION # # Specifies how local addresses are handled # ###################################################################### # ORDER DOES MATTER # # A local address is passed to each in turn until it is accepted. # ###################################################################### # Local addresses are those with a domain that matches some item in the # "local_domains" setting above, or those which are passed back from the # routers because of a "self=local" setting (not used in this configuration). # This director handles aliasing using a traditional /etc/aliases file. # If any of your aliases expand to pipes or files, you will need to set # up a user and a group for these deliveries to run under. You can do # this by uncommenting the "user" option below (changing the user name # as appropriate) and adding a "group" option if necessary. Alternatively, you # can specify "user" on the transports that are used. Note that those # listed below are the same as are used for .forward files; you might want # to set up different ones for pipe and file deliveries from aliases. system_aliases: driver = aliasfile domains = LOCAL_DOMAINS file = /etc/aliases search_type = lsearch # user = exim file_transport = address_file pipe_transport = address_pipe # This director handles forwarding using traditional .forward files. # If you want it also to allow mail filtering when a forward file # starts with the string "# Exim filter", uncomment the "filter" option. # The no_verify setting means that this director will be skipped when # verifying addresses if sender_verify or receiver_verify is set (though # they are not set by default). Similarly, no_expn means that this director # will be skipped if smtp_expn_hosts is set to allow any hosts to use the # EXPN command. # The check_ancestor option means that if the forward file generates an # address that is an ancestor of the current one, the current one gets # passed on instead. This covers the case where A is aliased to B and B # has a .forward file pointing to A. # The three transports specified at the end are those that are used when # forwarding generates a direct delivery to a file, or to a pipe, or sets # up an auto-reply, respectively. userforward: driver = forwardfile domains = LOCAL_DOMAINS file = .forward no_verify no_expn check_ancestor # filter file_transport = address_file pipe_transport = address_pipe reply_transport = address_reply # This director matches local user mailboxes. localuser: driver = localuser domains = LOCAL_DOMAINS transport = local_delivery # Check if user is a real user in mysql database virtual_local_user: domains = ${lookup mysql {MYSQL_USER}{$value}} driver = smartuser transport = virtual_delivery # Check if user is an alias in mysql database virtual_aliases: driver = aliasfile search_type = mysql query = MYSQL_ALIAS include_domain = true # Check for wild card match '@'@domain in mysql database virtual_all_alias: driver = aliasfile search_type = mysql query = MYSQL_ALL_ALIAS include_domain = true end ###################################################################### # ROUTERS CONFIGURATION # # Specifies how remote addresses are handled # ###################################################################### # ORDER DOES MATTER # # A remote address is passed to each in turn until it is accepted. # ###################################################################### # Remote addresses are those with a domain that does not match any item # in the "local_domains" setting above. # This router routes to remote hosts over SMTP using a DNS lookup with # default options. lookuphost: driver = lookuphost transport = remote_smtp # This router routes to remote hosts over SMTP by explicit IP address, # when an email address is given in "domain literal" form, for example, # <user@[192.168.35.64]>. The RFCs require this facility. However, it is # little-known these days, and has been exploited by evil people seeking # to abuse SMTP relays. Consequently it is commented out in the default # configuration. If you uncomment this router, you also need to comment out # "forbid_domain_literals" above, so that Exim can recognize the syntax of # domain literal addresses. # domain_literal: # driver = ipliteral # transport = remote_smtp end ###################################################################### # RETRY CONFIGURATION # ###################################################################### # This single retry rule applies to all domains and all errors. It specifies # retries every 15 minutes for 2 hours, then increasing retry intervals, # starting at 1 hour and increasing each time by a factor of 1.5, up to 16 # hours, then retries every 8 hours until 4 days have passed since the first # failed delivery. # Domain Error Retries # ------ ----- ------- * * F,2h,15m; G,16h,1h,1.5; F,4d,8h end ###################################################################### # REWRITE CONFIGURATION # ###################################################################### # There are no rewriting specifications in this default configuration file. end ###################################################################### # AUTHENTICATION CONFIGURATION # ###################################################################### #authenticator specifications. plain: driver = plaintext public_name = PLAIN #server_condition = "${if and {{!eq{$1}{}}{!eq{$2}{}}{crypteq{$2}{${lookup mysql {MYSQL_AUTH_PLAIN} {$value}fail}}}}{1}{0}}" server_condition = "${if and {{!eq{$2}{}}{!eq{$3}{}}{crypteq{$3}{${lookup mysql {MYSQL_AUTH_PLAIN} {$value}fail}}}}{1}{0}}" server_set_id = $2 login: driver = plaintext public_name = LOGIN server_prompts = "Username:::Password::" server_condition = "${if and {{!eq{$1}{}}{!eq{$2}{}}{crypteq{$2}{${lookup mysql {MYSQL_AUTH_LOGIN} {$value}fail}}}}{1}{0}}" server_set_id = $1 # End of Exim configuration file