Доброе время суток, проблема до боли знакомая, на FreeBSD 6.4 установлен Exim 4.69, почта отправляется по SMTP как с включенной авторизацией у пользователя, так и без нее. Хочется что бы пользователь мог отправлять почту только в случае прохождения авторизации smtp.(смотрел похожие форумы, но ответа конкретного не нашел)Конфигурационный файл Exim
primary_hostname = relay.example.ru
domainlist local_domains = ${lookup mysql{select domain from domains where domain='${domain}' and (type='LOCAL' OR type='VIRTUAL')}}
domainlist relay_to_domains =${lookup mysql{select domain from domains where domain='${domain}' and type='RELAY'}}
hostlist relay_from_hosts = 127.0.0.1
auth_advertise_hosts = *
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
qualify_domain = example.ru
log_selector = \
+all_parents \
+lost_incoming_connection \
+received_sender \
+received_recipients \
+smtp_confirmation \
+smtp_syntax_error \
+smtp_protocol_error \
-queue_run
allow_domain_literals=false
never_users = root:daemon:bin
# host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 30m
timeout_frozen_after = 7d
freeze_tell=postmaster
auto_thaw=1h
message_size_limit=16M
daemon_smtp_ports=25
smtp_accept_max=50
smtp_accept_max_per_connection=50
smtp_connect_backlog=50
smtp_accept_max_per_host=25
remote_max_parallel=15
split_spool_directory = true
hide mysql_servers = localhost/mail/sqlmail/sqlmail
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_rcpt:
accept hosts = :
deny local_parts = ^.*[@%!/|]
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
######################################################################
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept hosts = +relay_from_hosts
control = submission
accept authenticated = *
control = submission
accept domains = +local_domains
endpass
verify = recipient
accept domains = +relay_to_domains
endpass
verify = recipient
deny message = HELO/EHLO required by SMTP RFC
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
deny message = Go Away! You are spammer.
condition = ${if match{$sender_host_name}{bezeqint\\.net|net\\.il|dialup|pool|peer|dhcp}{yes}{no}}
deny message = host is listed in $dnslist_domain
dnslists = sbl.spamhaus.org : relays.ordb.org : opm.blitzed.org : proxies.blackholes.easynet.nl
deny message = RELAY NOT PERMITTED
require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient
accept
acl_check_data:
deny message = Go Away! Eat Your Spam Self!
condition = ${if match{$message_body} \
{105[-_]*51[-_]*86|778[-_]*98[-_]*94} \
{yes}{no}}
accept
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################
begin routers
domain_literal:
driver = ipliteral
domains = ! +local_domains
transport = remote_smtp
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.160.0.0/24
no_more
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM aliases WHERE local_part='${local_part}' AND domain='${domain}'}}
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT recipients FROM userforward WHERE local_part='${local_part}' AND domain='${domain}'}}
check_local_user
local_part_suffix = +* : -*
local_part_suffix_optional
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
virtual_localuser:
driver = accept
domains = ${lookup mysql{SELECT domain from domains WHERE domain='${domain}'}}
local_parts = ${lookup mysql{SELECT login from users WHERE login='${local_part}' AND domain='${domain}'}}
transport = local_delivery
localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
begin transports
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
file = /var/mail/$domain/$local_part
delivery_date_add
envelope_to_add
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators
auth_plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = ${lookup mysql{SELECT login FROM users WHERE login = '${quote_mysql:${local_part:$2}}' AND passwd = '${quote_mysql:$3}'}{yes}{no}}
server_set_id = $2
auth_login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = ${lookup mysql{SELECT login FROM users WHERE login = '${quote_mysql:${local_part:$1}}' AND passwd = '${quote_mysql:$2}'}{yes}{no}}
server_set_id = $1
auth_cram_md5:
driver = cram_md5
public_name = CRAM-MD5
server_secret = ${lookup mysql{SELECT password FROM users WHERE login = '${quote_mysql:${local_part:$1}}'{$value}fail|
server_set_id = $1
# End of Exim configuration file
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
(ok) on 18-Май-09, 10:37 
