Exim4 Debian Etch issues

Discussion in 'Server Operation' started by lordshadow, Apr 24, 2008.

  1. lordshadow

    lordshadow New Member

    Hi,

    I keep recieving receipts from cron-daemon for local email deliveries. Basically I setup a crontab to run fetchmail but ever since I started forwarding it with a .forward file I've been receiving receipts from cron to my inbox which are blank emails.

    I've also been told that my server is sending blank emails to anyone it receives an email from.

    How can I stop this? I have no idea what is happening and why either!

    Also I would like to integrate spamassassin and clam_av into the mail chain to scan incoming mail and any advice or links to this would be great too as I've had no luck so far apart from nearly breaking my mailing system!

    Thanks in advance.
     
  2. falko

    falko Super Moderator ISPConfig Developer

    Any errors in your mail log?
    What does the cron job look like that you set up? What's in the .forward file?
     
  3. lordshadow

    lordshadow New Member

    My mail error is-

    Mail log error:

    Code:
    OptiplexGX110:/var/log# cat mail.err
    Apr 20 07:35:19 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 21 07:35:30 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 22 07:35:08 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 23 07:35:12 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 24 07:35:11 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    
    
    OptiplexGX110:/var/log# cat mail.warn.0
    Apr 12 15:50:49 OptiplexGX110 spamd[23081]: netset: illegal network address given: '192.168.1.0/255.255.255.0'
    Apr 12 15:54:01 OptiplexGX110 spamd[23098]: netset: illegal network address given: '192.168.1.0/255.255.255.0'
    Apr 18 07:36:34 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 19 07:35:09 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    
    
    My Cron job is setup like this: crontab -e

    Code:
    # m h  dom mon dow   command
    0,30  * *       *       *       /usr/bin/fetchmail -kv
    30  3   *       *       *       /usr/sbin/logrotate -f -s -v /home/kayasaman/logrotate.status
    
    This is my .forward file:

    Code:
    # Exim filter
    
    # Save yourselves
    if error_message then finish endif
    
    if $h_X-Spam-Status: CONTAINS "Yes"
         or
      $h_X-Spam-Flag: CONTAINS "Yes"
    then
      save $home/Maildir/.Spam/
      finish
    endif
    
    # Let's make use of pipes
    # The script accepts input on STDIN and does stuff with the #mail
    #if $h_Subject: contains "uptime report"
    #then
    #       pipe "$home/bin/uptime.pl"
    #endif
    
    mail
    if $h_Subject: contains "Cron"
      then save Maildir/.Cron/
    endif
    if $h_from: contains "logcheck@"
      then save Maildir/.Logcheck/
    endif
    #if $h_Subject: contains ""
    #  then save Maildir/.Junk E-mail/
    #endif
    #if $h_from: contains "[email protected]"
    #   then save Maildir/.Junk*E-mail/
    #endif
    #if $h_Sender: contains "[email protected]"
    #   then save Maildir/.Junk*E-mail/
    #endif
    
    # Handle mailing lists
    
    #if $h_List-Id: contains "leaplist"
    #  then save Maildir/.mailinglists.leap.linux/
    #elif $h_from: contains "ebay.com"
    #  then save Maildir/.Ebay/
    #elif $h_Sender: contains "LINUX-L"
    #  then save Maildir/.mailinglists.LUG/
    #endif
    
    I based it on someone elses from a howto, hence the commented out parts!

    I have also installed amavis as I thought that it would get clam_av to work with Exim4 but it just sends me a local mail saying:

    Code:
    netset: illegal network address given: '192.168.1.0/255.255.255.0'
    
    I think setting up my mail server has to be one of the most difficult things I've ever had to do in linux, it's strange!
     
  4. falko

    falko Super Moderator ISPConfig Developer

    In what file do you have 192.168.1.0/255.255.255.0? Can you try changing it to 192.168.1.0/24 instead?

    What's in /var/log/exim4/paniclog?
     
  5. lordshadow

    lordshadow New Member

    /var/log/exim4/paniclog - displays:

    Code:
    2008-04-17 21:12:30 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated.tmp:
      main option "av_scanner" unknown
    2008-04-18 13:36:52 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated.tmp:
      main option "av_scanner" unknown
    2008-04-18 14:05:31 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated.tmp:
      main option "av_scanner" unknown
    2008-04-18 14:06:00 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated.tmp:
      main option "av_scanner" unknown
    2008-04-18 14:14:12 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated.tmp:
      main option "av_scanner" unknown
    2008-04-19 02:48:38 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated.tmp:
      main option "av_scanner" unknown
    
    I can't find any config file for amavisd-new which is what's causing the e-mails with:
    Code:
    /etc/cron.daily/amavisd-new:
    netset: illegal network address given: '192.168.1.0/255.255.255.0'
    
    I tried /etc/amavis/conf.d but it's empty. I installed amavis because I thought that it would intergrate clam-av into exim but if it isn't the case then I will remove amavis as I wouldn't have any need for it. - As stated above I would like to get spamassassin and clam-av into exim to check incoming mail but I couldn't find any howto's or other information to help me build the system in.
     
  6. falko

    falko Super Moderator ISPConfig Developer

    What's in /var/lib/exim4/config.autogenerated.tmp?
     
  7. lordshadow

    lordshadow New Member

    This is my /var/lib/exim4/config.autogenerated.tmp:

    Code:
    #########
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    # This file is generated dynamically from the files in
    # the conf.d/ directory, or from exim4.conf.template respectively.
    # Additional information is read from update-exim4.conf.conf
    # This version of the file was created from the directory /etc/exim4
    # Any changes you make here will be lost.
    # See /usr/share/doc/exim4-base/README.Debian.gz and update-exim4.conf(8)
    # for instructions of customization.
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    # WARNING WARNING WARNING
    #########
    
    exim_path = /usr/sbin/exim4
    
    .ifndef CONFDIR
    CONFDIR = /etc/exim4
    .endif
    
    .ifndef DC_minimaldns
    
    .endif
    
    .ifndef DC_visiblename
    DC_visiblename=OptiplexGX110.cisco.router
    .endif
    
    .ifndef MAIN_LOCAL_DOMAINS
    MAIN_LOCAL_DOMAINS = @:localhost:localhost
    .endif
    domainlist local_domains = MAIN_LOCAL_DOMAINS
    
    .ifndef MAIN_RELAY_TO_DOMAINS
    MAIN_RELAY_TO_DOMAINS = 
    .endif
    domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
    
    .ifndef MAIN_RELAY_NETS
    MAIN_RELAY_NETS =  : 127.0.0.1 : ::::1
    .endif
    hostlist relay_from_hosts = MAIN_RELAY_NETS
    
    .ifdef DC_visiblename
    qualify_domain = DC_visiblename
    .endif
    
    .ifndef DCreadhost
    DCreadhost = 
    .endif
    
    .ifndef DCsmarthost
    DCsmarthost = smtp.dsl.pipex.com
    .endif
    
    .ifdef MAIN_LOCAL_INTERFACES
    local_interfaces = MAIN_LOCAL_INTERFACES
    .else
    .endif
    
    .ifndef LOCAL_DELIVERY
    LOCAL_DELIVERY=maildir_home
    .endif
    
    gecos_pattern = ^([^,:]*)
    gecos_name = $1
    
    .ifndef DCconfig_satellite
    .ifndef DCconfig_internet
    .ifndef DCconfig_local
    .ifndef DCconfig_smarthost
    DCconfig_smarthost = 1
    .endif
    .endif
    .endif
    .endif
    
    .ifndef CHECK_RCPT_LOCAL_LOCALPARTS
    CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
    .endif
    
    .ifndef CHECK_RCPT_REMOTE_LOCALPARTS
    CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
    .endif
    
    .ifndef MAIN_LOG_SELECTOR
    MAIN_LOG_SELECTOR = +tls_peerdn
    .endif
    
    .ifndef MAIN_ACL_CHECK_MAIL
    MAIN_ACL_CHECK_MAIL = acl_check_mail
    .endif
    acl_smtp_mail = MAIN_ACL_CHECK_MAIL
    
    .ifndef MAIN_ACL_CHECK_RCPT
    MAIN_ACL_CHECK_RCPT = acl_check_rcpt
    .endif
    acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT
    
    .ifndef MAIN_ACL_CHECK_DATA
    MAIN_ACL_CHECK_DATA = acl_check_data
    .endif
    acl_smtp_data = MAIN_ACL_CHECK_DATA
    
    .ifdef MESSAGE_SIZE_LIMIT
    message_size_limit = MESSAGE_SIZE_LIMIT
    .endif
    
     av_scanner = clamd:/tmp/clamd
    
     spamd_address = 127.0.0.1 783
    
    .ifdef MAIN_ALLOW_DOMAIN_LITERALS
    allow_domain_literals
    .endif
    
    .ifndef DC_minimaldns
    .ifndef MAIN_HOST_LOOKUP
    MAIN_HOST_LOOKUP = *
    .endif
    host_lookup = MAIN_HOST_LOOKUP
    .endif
    
    .ifndef MAIN_FORCE_SENDER
    local_from_check = false
    local_sender_retain = true
    untrusted_set_sender = *
    .endif
    
    .ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER
    MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d
    .endif
    ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER
    
    .ifndef MAIN_TIMEOUT_FROZEN_AFTER
    MAIN_TIMEOUT_FROZEN_AFTER = 7d
    .endif
    timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER
    
    .ifndef MAIN_FREEZE_TELL
    MAIN_FREEZE_TELL = postmaster
    .endif
    freeze_tell = MAIN_FREEZE_TELL
    
    .ifndef SPOOLDIR
    SPOOLDIR = /var/spool/exim4
    .endif
    spool_directory = SPOOLDIR
    
    .ifndef MAIN_TRUSTED_USERS
    MAIN_TRUSTED_USERS = uucp
    .endif
    trusted_users = MAIN_TRUSTED_USERS
    .ifdef MAIN_TRUSTED_GROUPS
    trusted_groups = MAIN_TRUSTED_GROUPS
    .endif
    
    .ifdef MAIN_TLS_ENABLE
    .ifndef MAIN_TLS_ADVERTISE_HOSTS
    MAIN_TLS_ADVERTISE_HOSTS = *
    .endif
    tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
    
    .ifdef MAIN_TLS_CERTKEY
    tls_certificate = MAIN_TLS_CERTKEY
    .else
    .ifndef MAIN_TLS_CERTIFICATE
    MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt
    .endif
    tls_certificate = MAIN_TLS_CERTIFICATE
    
    .ifndef MAIN_TLS_PRIVATEKEY
    MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key
    .endif
    tls_privatekey = MAIN_TLS_PRIVATEKEY
    .endif
    
    .ifndef MAIN_TLS_VERIFY_CERTIFICATES
    MAIN_TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt}\
                                        {/etc/ssl/certs/ca-certificates.crt}\
    				    {/dev/null}}
    .endif
    tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES
    
    .ifdef MAIN_TLS_VERIFY_HOSTS
    tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS
    .endif
    
    .ifndef MAIN_TLS_TRY_VERIFY_HOSTS
    MAIN_TLS_TRY_VERIFY_HOSTS = *
    .endif
    tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS
    
    .endif
    
    .ifdef MAIN_LOG_SELECTOR
    log_selector = MAIN_LOG_SELECTOR
    .endif
    
    begin acl
    
    acl_whitelist_local_deny:
      accept
        hosts = ${if exists{CONFDIR/local_host_whitelist}\
                     {CONFDIR/local_host_whitelist}\
                     {}}
      accept
        senders = ${if exists{CONFDIR/local_sender_whitelist}\
                       {CONFDIR/local_sender_whitelist}\
                       {}}
    
      .ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
      .include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
      .endif
    
    acl_check_mail:
      .ifdef CHECK_MAIL_HELO_ISSUED
      deny
        message = no HELO given before MAIL command
        condition = ${if def:sender_helo_name {no}{yes}}
      .endif
    
      accept
    
    acl_check_rcpt:
    
      accept
        hosts = :
    
      .ifdef CHECK_RCPT_LOCAL_LOCALPARTS
      deny
        domains = +local_domains
        local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
        message = restricted characters in address
      .endif
    
      
    
      .ifdef CHECK_RCPT_REMOTE_LOCALPARTS
      deny
        domains = !+local_domains
        local_parts = CHECK_RCPT_REMOTE_LOCALPARTS
        message = restricted characters in address
      .endif
    
      accept
        .ifndef CHECK_RCPT_POSTMASTER
        local_parts = postmaster
        .else
        local_parts = CHECK_RCPT_POSTMASTER
        .endif
        domains = +local_domains : +relay_to_domains
    
      .ifdef CHECK_RCPT_VERIFY_SENDER
      deny
        message = Sender verification failed
        !acl = acl_whitelist_local_deny
        !verify = sender
      .endif
    
      deny
        !acl = acl_whitelist_local_deny
        senders = ${if exists{CONFDIR/local_sender_callout}\
                             {CONFDIR/local_sender_callout}\
                       {}}
        !verify = sender/callout
    
      accept
        hosts = +relay_from_hosts
        control = submission/sender_retain
    
      accept
        authenticated = *
        control = submission/sender_retain
    
      require
        message = relay not permitted
        domains = +local_domains : +relay_to_domains
    
      require
        verify = recipient
    
      deny
        !acl = acl_whitelist_local_deny
        recipients = ${if exists{CONFDIR/local_rcpt_callout}\
                                {CONFDIR/local_rcpt_callout}\
                          {}}
        !verify = recipient/callout
    
      deny
        message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
        !acl = acl_whitelist_local_deny
        senders = ${if exists{CONFDIR/local_sender_blacklist}\
                       {CONFDIR/local_sender_blacklist}\
                       {}}
    
      deny
        message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
        !acl = acl_whitelist_local_deny
        hosts = ${if exists{CONFDIR/local_host_blacklist}\
                     {CONFDIR/local_host_blacklist}\
                     {}}
    
      .ifdef CHECK_RCPT_REVERSE_DNS
      warn
        message = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
         condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
                          {yes}{no}}
      .endif
    
      .ifdef CHECK_RCPT_SPF
      deny
        message = [SPF] $sender_host_address is not allowed to send mail from ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}.  \
                  Please see http://www.openspf.org/why.html?sender=$sender_address&ip=$sender_host_address
        log_message = SPF check failed.
        condition = ${run{/usr/bin/spfquery --ip \"$sender_host_address\" --mail-from \"$sender_address\" --helo \"$sender_helo_name\"}\
                         {no}{${if eq {$runrc}{1}{yes}{no}}}}
    
      defer
        message = Temporary DNS error while checking SPF record.  Try again later.
        condition = ${if eq {$runrc}{5}{yes}{no}}
    
      warn
        message = Received-SPF: ${if eq {$runrc}{0}{pass}{${if eq {$runrc}{2}{softfail}\
                                     {${if eq {$runrc}{3}{neutral}{${if eq {$runrc}{4}{unknown}{${if eq {$runrc}{6}{none}{error}}}}}}}}}}
        condition = ${if <={$runrc}{6}{yes}{no}}
    
      warn
        log_message = Unexpected error in SPF check.
        condition = ${if >{$runrc}{6}{yes}{no}}
    
      warn
        message = X-SPF-Guess: ${run{/usr/bin/spfquery --ip \"$sender_host_address\" --mail-from \"$sender_address\" \ --helo \"$sender_helo_name\" --guess true}\
                                    {pass}{${if eq {$runrc}{2}{softfail}{${if eq {$runrc}{3}{neutral}{${if eq {$runrc}{4}{unknown}\
                                    {${if eq {$runrc}{6}{none}{error}}}}}}}}}}
        condition = ${if <={$runrc}{6}{yes}{no}}
    
      defer
        message = Temporary DNS error while checking SPF record.  Try again later.
        condition = ${if eq {$runrc}{5}{yes}{no}}
      .endif
    
      .ifdef CHECK_RCPT_IP_DNSBLS
      warn
        message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
        log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
        dnslists = CHECK_RCPT_IP_DNSBLS
      .endif
    
      .ifdef CHECK_RCPT_DOMAIN_DNSBLS
      warn
        message = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
        log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
        !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
                        {CONFDIR/local_domain_dnsbl_whitelist}\
                        {}}
        dnslists = CHECK_RCPT_DOMAIN_DNSBLS
      .endif
    
      .ifdef CHECK_RCPT_LOCAL_ACL_FILE
      .include CHECK_RCPT_LOCAL_ACL_FILE
      .endif
    
      accept
        domains = +relay_to_domains
        endpass
        verify = recipient
    
      accept
    
    acl_check_data:
    
      .ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX
      deny
        message = Message headers fail syntax check
        !acl = acl_whitelist_local_deny
        !verify = header_syntax
      .endif
    
      .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
      deny
        message = No verifiable sender address in message headers
        !acl = acl_whitelist_local_deny
        !verify = header_sender
      .endif
    
      .ifdef CHECK_DATA_LOCAL_ACL_FILE
      .include CHECK_DATA_LOCAL_ACL_FILE
      .endif
    
      accept
    
    begin routers
    
    .ifdef MAIN_ALLOW_DOMAIN_LITERALS
    domain_literal:
      debug_print = "R: domain_literal for $local_part@$domain"
      driver = ipliteral
      domains = ! +local_domains
      transport = remote_smtp
    .endif
    
    hubbed_hosts:
      debug_print = "R: hubbed_hosts for $domain"
      driver = manualroute
      domains = "${if exists{CONFDIR/hubbed_hosts}\
                       {partial-lsearch;CONFDIR/hubbed_hosts}\
                  fail}"
      same_domain_copy_routing = yes
      route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
      transport = remote_smtp
    
    .ifdef DCconfig_internet
    
    dnslookup_relay_to_domains:
      debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
      driver = dnslookup
      domains = ! +local_domains : +relay_to_domains
      transport = remote_smtp
      same_domain_copy_routing = yes
      no_more
    
    dnslookup:
      debug_print = "R: dnslookup for $local_part@$domain"
      driver = dnslookup
      domains = ! +local_domains
      transport = remote_smtp
      same_domain_copy_routing = yes
      ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
                            172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\
    			255.255.255.255
      no_more
    
    .endif
    
    .ifdef DCconfig_local
    nonlocal:
      debug_print = "R: nonlocal for $local_part@$domain"
      driver = redirect
      domains = ! +local_domains
      allow_fail
      data = :fail: Mailing to remote domains not supported
      no_more
    
    .endif
    
    .ifdef DCconfig_smarthost DCconfig_satellite
    
    smarthost:
      debug_print = "R: smarthost for $local_part@$domain"
      driver = manualroute
      domains = ! +local_domains
      transport = remote_smtp_smarthost
      route_list = * DCsmarthost byname
      host_find_failed = defer
      same_domain_copy_routing = yes
      no_more
    
    .endif
    
    real_local:
      debug_print = "R: real_local for $local_part@$domain"
      driver = accept
      domains = +local_domains
      local_part_prefix = real-
      check_local_user
      transport = LOCAL_DELIVERY
    
    system_aliases:
      debug_print = "R: system_aliases for $local_part@$domain"
      driver = redirect
      domains = +local_domains
      allow_fail
      allow_defer
      data = ${lookup{$local_part}lsearch{/etc/aliases}}
      .ifdef SYSTEM_ALIASES_USER
      user = SYSTEM_ALIASES_USER
      .endif
      .ifdef SYSTEM_ALIASES_GROUP
      group = SYSTEM_ALIASES_GROUP
      .endif
      .ifdef SYSTEM_ALIASES_FILE_TRANSPORT
      file_transport = SYSTEM_ALIASES_FILE_TRANSPORT
      .endif
      .ifdef SYSTEM_ALIASES_PIPE_TRANSPORT
      pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT
      .endif
      .ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT
      directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT
      .endif
    
    .ifdef DCconfig_satellite
    hub_user:
      debug_print = "R: hub_user for $local_part@$domain"
      driver = redirect
      domains = +local_domains
      data = [email protected]
      check_local_user
    
    hub_user_smarthost:
      debug_print = "R: hub_user_smarthost for $local_part@$domain"
      driver = manualroute
      domains = DCreadhost
      transport = remote_smtp_smarthost
      route_list = * DCsmarthost byname
      host_find_failed = defer
      same_domain_copy_routing = yes
      check_local_user
    .endif
    
    userforward:
      debug_print = "R: userforward for $local_part@$domain"
      driver = redirect
      domains = +local_domains
      check_local_user
      file = $home/.forward
      require_files = $local_part:$home/.forward
      no_verify
      no_expn
      check_ancestor
      allow_filter
      forbid_smtp_code = true
      directory_transport = address_directory
      file_transport = address_file
      pipe_transport = address_pipe
      reply_transport = address_reply
      skip_syntax_errors
      syntax_errors_to = real-$local_part@$domain
      syntax_errors_text = \
        This is an automatically generated message. An error has\n\
        been found in your .forward file. Details of the error are\n\
        reported below. While this error persists, you will receive\n\
        a copy of this message for every message that is addressed\n\
        to you. If your .forward file is a filter file, or if it is\n\
        a non-filter file containing no valid forwarding addresses,\n\
        a copy of each incoming message will be put in your normal\n\
        mailbox. If a non-filter file contains at least one valid\n\
        forwarding address, forwarding to the valid addresses will\n\
        happen, and those will be the only deliveries that occur.
    
    procmail:
      debug_print = "R: procmail for $local_part@$domain"
      driver = accept
      domains = +local_domains
      check_local_user
      transport = procmail_pipe
      require_files = ${local_part}:\
                      ${if exists{/etc/procmailrc}\
                        {/etc/procmailrc}{${home}/.procmailrc}}:\
                      +/usr/bin/procmail
      no_verify
      no_expn
    
    maildrop:
      debug_print = "R: maildrop for $local_part@$domain"
      driver = accept
      domains = +local_domains
      check_local_user
      transport = maildrop_pipe
      require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
      no_verify
      no_expn
    
    local_user:
      debug_print = "R: local_user for $local_part@$domain"
      driver = accept
      domains = +local_domains
      check_local_user
      local_parts = ! root
      transport = LOCAL_DELIVERY
      cannot_route_message = Unknown user
    
    mail4root:
      debug_print = "R: mail4root for $local_part@$domain"
      driver = redirect
      domains = +local_domains
      data = /var/mail/mail
      file_transport = address_file
      local_parts = root
      user = mail
      group = mail
    
    begin transports
    
    address_file:
      debug_print = "T: address_file for $local_part@$domain"
      driver = appendfile
      delivery_date_add
      envelope_to_add
      return_path_add
    
    address_pipe:
      debug_print = "T: address_pipe for $local_part@$domain"
      driver = pipe
      return_fail_output
    
    address_reply:
      debug_print = "T: autoreply for $local_part@$domain"
      driver = autoreply
    
    mail_spool:
      debug_print = "T: appendfile for $local_part@$domain"
      driver = appendfile
      file = /var/mail/$local_part
      delivery_date_add
      envelope_to_add
      return_path_add
      group = mail
      mode = 0660
      mode_fail_narrower = false
    
    maildir_home:
      debug_print = "T: maildir_home for $local_part@$domain"
      driver = appendfile
      .ifdef MAILDIR_HOME_MAILDIR_LOCATION
      directory = MAILDIR_HOME_MAILDIR_LOCATION
      .else
      directory = $home/Maildir
      .endif
      .ifdef MAILDIR_HOME_CREATE_DIRECTORY
      create_directory
      .endif
      .ifdef MAILDIR_HOME_CREATE_FILE
      create_file = MAILDIR_HOME_CREATE_FILE
      .endif
      delivery_date_add
      envelope_to_add
      return_path_add
      maildir_format
      .ifdef MAILDIR_HOME_DIRECTORY_MODE
      directory_mode = MAILDIR_HOME_DIRECTORY_MODE
      .else
      directory_mode = 0700
      .endif
      .ifdef MAILDIR_HOME_MODE
      mode = MAILDIR_HOME_MODE
      .else
      mode = 0600
      .endif
      mode_fail_narrower = false
    
    maildrop_pipe:
      debug_print = "T: maildrop_pipe for $local_part@$domain"
      driver = pipe
      path = "/bin:/usr/bin:/usr/local/bin"
      command = "/usr/bin/maildrop"
      return_path_add
      delivery_date_add
      envelope_to_add
    
    procmail_pipe:
      debug_print = "T: procmail_pipe for $local_part@$domain"
      driver = pipe
      path = "/bin:/usr/bin:/usr/local/bin"
      command = "/usr/bin/procmail"
      return_path_add
      delivery_date_add
      envelope_to_add
    
    remote_smtp:
      debug_print = "T: remote_smtp for $local_part@$domain"
      driver = smtp
    
    remote_smtp_smarthost:
      debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
      driver = smtp
      hosts_try_auth = ${if exists{CONFDIR/passwd.client} \
            {\
            ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
            }\
            {} \
          }
      
      
    
    address_directory:
      debug_print = "T: address_directory for $local_part@$domain"
      driver = appendfile
      delivery_date_add
      envelope_to_add
      return_path_add
      check_string = ""
      escape_string = ""
      maildir_format
    
    begin retry
    
    *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h
    
    begin rewrite
    
    *@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses}\
                       {$value}fail}" Ffrs
    [email protected] "${lookup {${local_part}} lsearch {/etc/email-addresses} {$value} fail }" Ffrs
    
    begin authenticators
    
    cram_md5:
      driver = cram_md5
      public_name = CRAM-MD5
      client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
      client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
    
    PASSWDLINE=${sg{\
                    ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
    	        }\
    	        {\\N[\\^]\\N}\
    	        {^^}\
    	    }
    
    plain:
      driver = plaintext
      public_name = PLAIN
    .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
      client_send = "<; ${if !eq{$tls_cipher}{}\
                        {^${extract{1}{:}{PASSWDLINE}}\
    		     ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}\
    		   }fail}"
    .else
      client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\
    		    ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
    .endif
    
    login:
      driver = plaintext
      public_name = LOGIN
    .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
      client_send = "<; ${if and{\
                              {!eq{$tls_cipher}{}}\
                              {!eq{PASSWDLINE}{}}\
                             }\
                          {}fail}\
                     ; ${extract{1}{::}{PASSWDLINE}}\
    		 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
    .else
      client_send = "<; ${if !eq{PASSWDLINE}{}\
                          {}fail}\
                     ; ${extract{1}{::}{PASSWDLINE}}\
    		 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
    .endif
    
     
  8. lordshadow

    lordshadow New Member

    I've just tried to change line 115 of /var/lib/exim4/config.autogenerated.tmp

    from

    Code:
    av_scanner = clamd:/tmp/clamd
    
    to

    Code:
    av_scanner = clamd:/usr/sbin/clamd
    
    as there is no clamd in /tmp directory but clamd is in /usr/sbin.

    However after saving and trying to restart exim4 the old file is rewritten again to /tmp/clamd and not transferred to /var/lib/exim4/config.autogenerated. I really don't understand this??
     
  9. topdog

    topdog Active Member HowtoForge Supporter

    av_scanner should point to a port or a socket, but it seems like your exim has no support for av scanning which debian are you using ?
     
  10. lwh.dk

    lwh.dk New Member

    clamdav

    on my ubuntu exim anti-spam server is the av_scanner defined like below...
    (a uncompleted howto about how the server is installed)

    # Specify the virus scanner to use
    av_scanner = clamd:/var/run/clamav/clamd.ctl

    In /etc/clamav/clamd.conf there should also be a ref to this socket.
     
  11. lordshadow

    lordshadow New Member

    I'm using Debian Etch!

    I don't know if this howto is compatible with my system but I will have a look and try it and see what happens.
     
  12. lwh.dk

    lwh.dk New Member

    Well the "howto" is created on at Debian Etch...
    but I don't think you need to use the howto !
    The howto if for a sbs anti-spam / anti-vira server and not for a stand alone workstation...
    Most issues I have had with clamav is permissions and the location of the socked....
     
  13. lordshadow

    lordshadow New Member

    Ok I tried the howto with no luck even the path that you gave me:

    doesn't accept and now it seems my whole mail system is down as my server no longer sends and recieves mail messages!

    I think exim4 is now offline :-(
     
  14. lordshadow

    lordshadow New Member

    This is output of mail.err:

    Apr 27 07:35:08 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 28 07:35:08 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 29 07:35:12 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 29 07:35:12 OptiplexGX110 exim4: PANIC: sending out e-mail warning has failed, exim has non-zero return code
    Apr 30 07:35:18 OptiplexGX110 exim4: ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken
    Apr 30 07:35:18 OptiplexGX110 exim4: PANIC: sending out e-mail warning has failed, exim has non-zero return code

    and still paniclog is saying:

    2008-04-30 23:13:39 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated:
    main option "av_scanner" unknown
    2008-04-30 23:30:01 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated:
    main option "av_scanner" unknown
    2008-04-30 23:43:38 Exim configuration error in line 115 of /var/lib/exim4/config.autogenerated:
    main option "av_scanner" unknown


    The line is as stated before and av_scanner:/temp/clamd

    which even when trying to change it reverts back to this.

    I don't know if I've failed to install a specific component?
     
  15. lwh.dk

    lwh.dk New Member

    Exim4 panic error

    This message will you see everytime exim4 starts and the paniclog is none-enpty on a Debian / Ubuntu system simply
    Code:
    rm /var/log/exim4/paniclog
    
    to remove the above error.

    Are you using exim4 in split conf ?
    what does netstat -a | grep clamav show ???

    did you compile exim4 your self or apt-get install exim4-daemon-heavy ?
    Have you run update-exim4.conf after chances in the /etc/exim4/conf.d dir
    the update-exim4.conf generates the /var/lib/exim4/config.autogenerated file.
     
    Last edited: Apr 30, 2008
  16. lordshadow

    lordshadow New Member

    Not split conf files just standard one config file.

    This is what I ran last:

    Code:
    OptiplexGX110:/var/log/exim4# rm paniclog
    OptiplexGX110:/var/log/exim4# /etc/init.d/exim4 restart
    Stopping MTA for restart:2008-05-01 00:27:20 Exim configuration error in line 116 of /var/lib/exim4/config.autogenerated.tmp:
      main option "av_scanner" unknown
    Invalid new configfile /var/lib/exim4/config.autogenerated.tmp
    not installing /var/lib/exim4/config.autogenerated.tmp to
    /var/lib/exim4/config.autogenerated
    
     
  17. lordshadow

    lordshadow New Member

    netstat -a | grep clamav shows:

    Code:
    OptiplexGX110:/var/log/exim4# netstat -a | grep clamav
    unix  2      [ ACC ]     STREAM     LISTENING     3005059  /var/run/clamav/clamd.ctl
    
    I installed clam_av from apt! All system is installed via apt, no self compiled or non Debian packages are in!
     
  18. lordshadow

    lordshadow New Member

    It seems that this config in: /etc/exim4/exim4.conf.template was causing all the problems!

    Code:
    # messages to be automatically scanned for viruses. You have to modify the
    # configuration in two places to set this up. The first of them is here,
    # where you define the interface to your scanner. This example is typical
    # for ClamAV; see the manual for details of what to set for other virus
    # scanners. The second modification is in the acl_check_data access
    # control list.
    
    # av_scanner = clamd:/var/run/clamav/clamd.ctl
    
    
    # For spam scanning, there is a similar option that defines the interface to
    # SpamAssassin. You do not need to set this if you are using the default, which
    # is shown in this commented example. As for virus scanning, you must also
    # modify the acl_check_data access control list to enable spam scanning.
    
    # spamd_address = 127.0.0.1 783
    Now that it is by-passed exim4 managed to restart cleanly with no problems!

    I don't think that anti spyware or virus are working however since they are quoted out.
     
  19. lwh.dk

    lwh.dk New Member

    exim4

    are you running exim4-daemon-heavy ?

    please do a
    Code:
    apt-get install exim4-daemon-heavy
    
    in /etc/group
    is clamav added to the debian-exim ?
    Code:
    cat /etc/group |grep clamav
    
    output something like this
    Debian-exim:x:102:clamav
    clamav:x:105:
     
  20. lordshadow

    lordshadow New Member

    I have install exim4-daemon-heavy and ran: cat /etc/group |grep clamav

    which outputted: clamav:x:116:

    Does the exim4 heavy daemon change my config or can I do more with it?
     

Share This Page