Linux sagir-us1.hostever.us 5.14.0-570.51.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Oct 8 09:41:34 EDT 2025 x86_64
LiteSpeed
Server IP : 104.247.108.91 & Your IP : 216.73.216.105
Domains : 74 Domain
User : georgeto
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
var /
softaculous /
apps /
exim /
Delete
Unzip
Name
Size
Permission
Date
Action
3
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
assets
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
build
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
images
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
includes
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
languages
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
themes
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
todo
[ DIR ]
drwxr-xr-x
2026-04-11 11:45
2020020100.sql
2.03
KB
-rw-r--r--
2026-04-11 11:45
autoresponder_charsets.json
2.88
KB
-rw-r--r--
2025-01-13 08:52
box_msg.json
2.43
KB
-rw-r--r--
2023-02-02 09:28
boxtrapper.php
6.23
KB
-rwxr-xr-x
2023-03-06 08:04
boxtrapper_func.php
8.22
KB
-rw-r--r--
2023-12-15 01:43
boxtrapper_url.php
2.06
KB
-rw-r--r--
2025-10-17 04:29
c7_exim-x86_64.tar.gz
1.89
MB
-rw-r--r--
2026-04-11 11:45
config.inc.php
7.65
KB
-rw-r--r--
2026-04-10 07:27
configure.php
71.76
KB
-rw-r--r--
2026-04-10 05:55
exim-x86_64.tar.gz
1.92
MB
-rw-r--r--
2026-04-11 11:45
exim.conf
44.01
KB
-rw-r--r--
2021-12-24 06:44
exim.json
2.97
KB
-rw-r--r--
2024-06-11 08:31
exim4.conf.template
76.83
KB
-rw-r--r--
2021-12-24 06:44
greylist_common_providers.json
62.76
KB
-rw-r--r--
2022-08-04 11:24
hooks.php
677.01
KB
-rw-r--r--
2026-04-10 07:33
info.xml
4.15
KB
-rw-r--r--
2026-04-10 07:27
install.php
62.1
KB
-rw-r--r--
2026-04-10 07:33
install.xml
63
B
-rw-r--r--
2025-05-08 02:51
logrotate
304
B
-rw-r--r--
2024-02-19 05:16
md5
13.23
KB
-rw-r--r--
2026-04-10 07:33
notes.txt
293
B
-rw-r--r--
2025-11-26 03:01
popb4smtp
1.75
KB
-rw-r--r--
2022-12-09 08:27
popb4smtp-clean
1.93
KB
-rw-r--r--
2022-12-09 08:27
popb4smtp-watch
3.34
KB
-rw-r--r--
2022-12-09 08:27
rbl.json
396
B
-rw-r--r--
2022-09-23 08:09
remove.php
7.95
KB
-rw-r--r--
2026-04-10 07:33
rev
4
B
-rw-r--r--
2026-04-10 07:33
roundcube.tar.gz
7.17
MB
-rw-r--r--
2026-04-11 11:45
sqlite.rcube.db
62
KB
-rw-r--r--
2023-01-12 05:14
update-exim4.conf.conf
1.01
KB
-rw-r--r--
2021-12-24 06:44
update.php
11.53
KB
-rw-r--r--
2026-04-10 07:33
Save
Rename
<?php function exim_configure(){ global $globals; $exim_config_path = $globals['var_conf'].'/exim'; $config_arr = loaddata($exim_config_path.'/exim.json'); $greylist_arr = loaddata($exim_config_path.'/greylist.json'); $rbl_arr = loaddata($globals['var_conf'].'/rbl'); $grp = 'exim'; $config = ' # DO NOT EDIT webuzo autogenerated file ###################################################################### # Exim variables ###################################################################### hostlist loopback = <; @[]; 127.0.0.0/8 ; 0.0.0.0 ; localhost ; ::1 ; 0000:0000:0000:0000:0000:ffff:7f00:0000/8 hostlist senderverifybypass_hosts = net-iplsearch;/etc/senderverifybypasshosts hostlist skipsmtpcheck_hosts = net-iplsearch;/etc/skipsmtpcheckhosts hostlist spammeripblocks = net-iplsearch;/etc/spammeripblocks hostlist blocked_incoming_email_country_ips = ${if exists{/etc/blocked_incoming_email_country_ips} {net-iplsearch;/etc/blocked_incoming_email_country_ips} {} } hostlist backupmx_hosts = lsearch;/etc/backupmxhosts hostlist trustedmailhosts = lsearch;/etc/trustedmailhosts hostlist recent_authed_mail_ips = net-iplsearch;/etc/recent_authed_mail_ips hostlist neighbor_netblocks = net-iplsearch;/etc/neighbor_netblocks hostlist greylist_trusted_netblocks = net-iplsearch;/etc/greylist_trusted_netblocks hostlist greylist_common_mail_providers = net-iplsearch;/etc/greylist_common_mail_providers hostlist recent_recipient_mail_server_ips = net-iplsearch;/etc/recent_recipient_mail_server_ips domainlist local_domains = lsearch;/etc/localdomains domainlist user_domains = ${if exists{/etc/userdomains} {lsearch;/etc/userdomains} fail} domainlist secondarymx_domains = lsearch;/etc/secondarymx domainlist relay_domains = +local_domains : +secondarymx_domains domainlist blocked_domains = wildlsearch;/etc/blocked_incoming_email_domains domainlist manualmx_domains = ${if exists {/etc/manualmx} {lsearch;/etc/manualmx} {} } localpartlist path_safe_localparts = \N^\.*[^./][^/]*$\N smtp_accept_queue_per_connection = 30 remote_max_parallel = 10 smtp_receive_timeout = 165s ignore_bounce_errors_after = 1d rfc1413_query_timeout = 0s timeout_frozen_after = 5d auto_thaw = 7d callout_domain_negative_expire = 1h callout_negative_expire = 1h acl_not_smtp = acl_not_smtp acl_smtp_connect = acl_smtp_connect acl_smtp_data = acl_smtp_data acl_smtp_helo = acl_smtp_helo acl_smtp_mail = acl_smtp_mail acl_smtp_quit = acl_smtp_quit acl_smtp_notquit = acl_smtp_notquit acl_smtp_rcpt = acl_smtp_rcpt acl_smtp_dkim = acl_smtp_dkim USER_ON_BLACKLIST=User account is not allowed to send/recieve emails. User is suspended. message_body_newlines = true check_rfc2047_length = false keep_environment = X-SOURCE : X-SOURCE-ARGS : X-SOURCE-DIR add_environment = PATH=/usr/local/sbin::/usr/local/bin::/sbin::/bin::/usr/sbin::/usr/bin::/sbin::/bin chunking_advertise_hosts = 198.51.100.1 deliver_queue_load_max = '.(!empty($config_arr['general']['deliver_queue_load_max']) ? $config_arr['general']['deliver_queue_load_max'] : 12).' queue_only_load = '.(!empty($config_arr['general']['queue_only_load']) ? $config_arr['general']['queue_only_load'] : 24).' '; if(!empty($config_arr['general']['daemon_smtp_ports'])){ $config .= ' daemon_smtp_ports = '.$config_arr['general']['daemon_smtp_ports'].' '; }else{ $config .= ' daemon_smtp_ports = 25 : 465 : 587 '; } if(!empty($config_arr['general']['tls_on_connect_ports'])){ $config .= ' tls_on_connect_ports = '.$config_arr['general']['tls_on_connect_ports'].' '; }else{ $config .= ' tls_on_connect_ports = 465 '; } if(!empty($config_arr['general']['message_size_limit'])){ $config .= ' message_size_limit = '.$config_arr['general']['message_size_limit'].'M '; } if(!empty($config_arr['security']['openssl_options_control'])){ $config .= ' openssl_options = '.$config_arr['security']['openssl_options_control'].' '; } if(!empty($config_arr['security']['tls_require_ciphers_control']) && empty($config_arr['security']['allowweakciphers'])){ $config .= ' tls_require_ciphers = '.$config_arr['security']['tls_require_ciphers_control'].' '; } if(!empty($config_arr['mail']['dsn_advertise_hosts_control'])){ $config .= ' dsn_advertise_hosts = '.$config_arr['mail']['dsn_advertise_hosts_control'].' '; } if(!empty($config_arr['general']['timezone'])){ $config .= ' timezone = '.$config_arr['general']['timezone'].' '; } $config .= ' spamd_address = 127.0.0.1 783 retry=30s tmo=3m BADCHARS = \N[^A-Za-z0-9_.-]+\N SAFELOCALPART = ${lookup{${sg{$local_part}{BADCHARS}{_}}} lsearch*,ret=key{/etc/userdomains}} SAFEDOMAIN = ${lookup{${sg{$domain}{BADCHARS}{_}}} lsearch*,ret=key{/etc/userdomains}} tls_certificate = ${if and \ { \ {gt{$tls_in_sni}{}} \ {!match{$tls_in_sni}{/}} \ } \ {${if exists {/var/webuzo-data/certs/$tls_in_sni.pem} \ {/var/webuzo-data/certs/$tls_in_sni.pem} \ {${if exists {${sg{/var/webuzo-data/certs/$tls_in_sni.pem}{(.+/)[^.]+\.(.+\.pem)}{\$1\$2}}} \ {${sg{/var/webuzo-data/certs/$tls_in_sni.pem}{(.+/)[^.]+\.(.+\.pem)}{\$1\$2}}} \ {/etc/exim/webuzo.crt} \ }} \ }} \ {/etc/exim/webuzo.crt} \ } tls_privatekey = ${if and \ { \ {gt{$tls_in_sni}{}} \ {!match{$tls_in_sni}{/}} \ } \ {${if exists {/var/webuzo-data/certs/$tls_in_sni.pem} \ {/var/webuzo-data/certs/$tls_in_sni.pem} \ {${if exists {${sg{/var/webuzo-data/certs/$tls_in_sni.pem}{(.+/)[^.]+\.(.+\.pem)}{\$1\$2}}} \ {${sg{/var/webuzo-data/certs/$tls_in_sni.pem}{(.+/)[^.]+\.(.+\.pem)}{\$1\$2}}} \ {/etc/exim/webuzo.key} \ }} \ }} \ {/etc/exim/webuzo.key} \ } '; if(!empty($config_arr['general']['log_selector'])){ $config .= ' log_selector = '.$config_arr['general']['log_selector'].' '; }else{ $config .= ' log_selector = +subject +arguments +received_recipients '; } if(!empty($config_arr['filter']['systemfilter_control'])){ $config .=' system_filter = '.$config_arr['filter']['systemfilter_control'].' '; }else{ $config .=' system_filter = /etc/exim/exim_system_filter '; } $config .= ' addresslist secondarymx = *@partial-lsearch;/etc/secondarymx ###################################################################### # MAIN CONFIGURATION SETTINGS # ###################################################################### perl_startup = do \'/etc/exim/exim.pl\' smtp_banner = "${primary_hostname} ESMTP Exim ${version_number} \ \#${compile_number} ${tod_full} \n\ We do not authorize the use of this system to transport unsolicited, \n\ and/or bulk e-mail." #nobody as the sender seems to annoy people untrusted_set_sender = * local_from_check = '.(!empty($config_arr['mail']['setsenderheader']) ? 'true' : 'false').' split_spool_directory = yes smtp_connect_backlog = 50 smtp_accept_max = '.(!empty($config_arr['general']['max_smtp_conn_accept']) ? $config_arr['general']['max_smtp_conn_accept'] : '500').' '; if(!empty($config_arr['general']['exim_primary_hostname'])){ $config .=' primary_hostname = '.$config_arr['general']['exim_primary_hostname'].' '; } $config .= ' message_body_visible = 5000 never_users = root tls_advertise_hosts = * helo_accept_junk_hosts = * smtp_enforce_sync = false '; if(!empty($config_arr['general']['disable_ipv6'])){ $config .=' disable_ipv6 = true '; } $config .= ' ###################################################################### # DO NOT EDIT Exim Webuzo Acl ###################################################################### begin acl acl_not_smtp: '; if(!empty($config_arr['sa']['acl_outgoing_spam_scan']) || !empty($config_arr['sa']['acl_outgoing_spam_scan_over_int_control'])){ $config .= '#acl_outgoing_spam_scan warn condition = ${if forany{<, $recipients}{!match_domain{${domain:$item}}{:+relay_domains}}} set acl_m_outbound_recipient = 1 warn condition = $acl_m_outbound_recipient condition = ${if <={$message_size}{'.((int)$config_arr['sa']['max_spam_scan_size_control']).'K}} condition = ${if !eq{$originator_uid}{0}} condition = ${perl{spamd_is_available}} set acl_m_spam_scan_enabled = 1 deny condition = $acl_m_outbound_recipient condition = $acl_m_spam_scan_enabled '; if(!empty($config_arr['sa']['acl_outgoing_spam_scan_over_int_control'])){ $config .= ' spam = exim:true/defer_ok condition = ${if !eq{$spam_score_int}{}} condition = ${if >{$spam_score_int}{'.((int)$config_arr['sa']['acl_outgoing_spam_scan_over_int_control'] * 10).'}} '; }else{ $config .= ' spam = exim/defer_ok '; } $config .= ' message = This message was classified as SPAM and may not be delivered log_message = "SpamAssassin as exim detected OUTGOING not smtp message as spam ($spam_score)" warn condition = $acl_m_outbound_recipient condition = $acl_m_spam_scan_enabled log_message = "SpamAssassin as exim detected OUTGOING not smtp message as NOT spam ($spam_score)" '; } if(!empty($config_arr['mail']['trust_x_php_script']) || !empty($config_arr['mail']['query_apache_for_nobody_senders'])){ $config .='#trust_x_php_script warn condition = ${if eq{$originator_uid}{${perl{user2uid}{nobody}}}{1}{0}} set acl_c_vhost_owner = ${perl{resolve_vhost_owner}} '; } $config .= ' accept acl_not_smtp_mime: accept acl_not_smtp_start: accept acl_smtp_auth: accept acl_smtp_connect: drop message = Your country is not allowed to connect to this server. log_message = Country is banned hosts = +blocked_incoming_email_country_ips '; if(!empty($config_arr['acl']['delay_unknown_hosts'])){ $config .= '#delay_unknown_hosts warn !hosts = : +loopback : +neighbor_netblocks : +trustedmailhosts : +recent_authed_mail_ips : +backupmx_hosts : +skipsmtpcheck_hosts : +senderverifybypass_hosts '.(!empty($config_arr['acl']['dont_delay_greylisting_trusted_hosts']) ? ': +greylist_trusted_netblocks' : '').' '.(!empty($config_arr['acl']['dont_delay_greylisting_common_mail_providers']) ? ': +greylist_common_mail_providers' : '').' #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} delay = 20s '; } if(!empty($config_arr['acl']['ratelimit'])){ $config .= '#ratelimit accept hosts = : +loopback : +recent_authed_mail_ips : +backupmx_hosts accept hosts = +trustedmailhosts accept condition = ${if match_ip{$sender_host_address}{net-iplsearch;/etc/trustedmailhosts}{1}{0}} defer #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} message = The server has reached its limit for processing requests from your host. Please try again later. log_message = "Host is ratelimited ($sender_rate/$sender_rate_period max:$sender_rate_limit)" ratelimit = 1.2 / 1h / strict / per_conn / noupdate '; } if(!empty($config_arr['acl']['slow_fail_block'])){ $config .= '#slow_fail_block warn #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} # host had a success in the last hour ratelimit = 1 / 1h / noupdate / per_conn / slow_fail_accept_$sender_host_address set acl_m4 = 1 defer #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} condition = ${if eq {${acl_m4}}{1}{0}{1}} log_message = "Host is ratelimited due to multiple failure only connections ($sender_rate/$sender_rate_period max:$sender_rate_limit)" ratelimit = 5 / 1h / noupdate / per_conn / slow_fail_block_$sender_host_address '; } $config .= ' drop message = Your host is not allowed to connect to this server. log_message = Host is banned !hosts = : +skipsmtpcheck_hosts : +trustedmailhosts hosts = +spammeripblocks accept acl_smtp_data: '; if(!empty($config_arr['sa']['acl_outgoing_spam_scan']) || !empty($config_arr['sa']['acl_outgoing_spam_scan_over_int_control'])){ $config .= '#acl_outgoing_spam_scan warn condition = ${if forany{<, $recipients}{!match_domain{${domain:$item}}{:+relay_domains}}} set acl_m_outbound_recipient = 1 warn condition = $acl_m_outbound_recipient condition = ${if <={$message_size}{'.((int)$config_arr['sa']['max_spam_scan_size_control']).'K}} condition = ${if !eq{$originator_uid}{0}} condition = ${perl{spamd_is_available}} set acl_m_spam_scan_enabled = 1 deny condition = $acl_m_outbound_recipient condition = $acl_m_spam_scan_enabled '; if(!empty($config_arr['sa']['acl_outgoing_spam_scan_over_int_control'])){ $config .= ' spam = exim:true/defer_ok condition = ${if !eq{$spam_score_int}{}} condition = ${if >{$spam_score_int}{'.((int)$config_arr['sa']['acl_outgoing_spam_scan_over_int_control'] * 10).'}} '; }else{ $config .= ' spam = exim/defer_ok '; } $config .= ' message = This message was classified as SPAM and may not be delivered log_message = "SpamAssassin as exim detected OUTGOING not smtp message as spam ($spam_score)" warn condition = $acl_m_outbound_recipient condition = $acl_m_spam_scan_enabled log_message = "SpamAssassin as exim detected OUTGOING not smtp message as NOT spam ($spam_score)" '; } $config .= ' accept hosts = : +loopback : +recent_authed_mail_ips : +backupmx_hosts accept authenticated = * hosts = * accept condition = ${extract{size}{${stat:/etc/trustedmailhosts}}} hosts = +trustedmailhosts accept condition = ${extract{size}{${stat:/etc/trustedmailhosts}}} condition = ${if match_ip{$sender_host_address}{net-iplsearch;/etc/trustedmailhosts}{1}{0}} warn # Remove spam headers from outside sources condition = ${perl{spamd_is_available}} !hosts = +skipsmtpcheck_hosts remove_header = x-spam-subject : x-spam-status : x-spam-score : x-spam-bar : x-spam-report : x-spam-flag : x-ham-report warn condition = ${perl{spamd_is_available}} condition = ${if eq {${acl_m0}}{1}{1}{0}} spam = ${acl_m1}'.(!empty($config_arr['mail']['spam_deferok']) ? '/defer_ok' : '').' !hosts = : +trustedmailhosts log_message = "SpamAssassin as ${acl_m1} detected message as spam ($spam_score)" add_header = X-Spam-Subject: '.(!empty($config_arr['filter']['spam_header_control']) ? $config_arr['filter']['spam_header_control'] : '***SPAM***').' $rh_subject add_header = X-Spam-Status: Yes, score=$spam_score add_header = X-Spam-Score: $spam_score_int add_header = X-Spam-Bar: $spam_bar add_header = X-Spam-Report: ${sg{$spam_report}{\N\n \n\N}{\n}} add_header = X-Spam-Flag: YES set acl_m2 = 1 warn condition = ${perl{spamd_is_available}} condition = ${if eq {$spam_score_int}{}{0}{${if <= {${spam_score_int}}{8000}{${if >= {${spam_score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}} warn condition = ${perl{spamd_is_available}} condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}} add_header = X-Spam-Status: No, score=$spam_score add_header = X-Spam-Score: $spam_score_int add_header = X-Spam-Bar: $spam_bar add_header = X-Ham-Report: ${sg{$spam_report}{\N\n \n\N}{\n}} add_header = X-Spam-Flag: NO log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam ($spam_score)" '; if(!empty($config_arr['acl']['ratelimit_spam_score_over_int_control'])){ $config .= '#ratelimit_spam_score_over_int_control warn condition = ${if eq {${acl_m0}}{1}{${if >{$spam_score_int}{'.((int)$config_arr['acl']['ratelimit_spam_score_over_int_control']*10).'}{1}{0}}}{0}} ratelimit = 0 / 1h / strict / per_conn log_message = "Increment Connection Ratelimit - $sender_fullhost because mail server detected a message with a spam score integer greater or equal to '.((int)$config_arr['acl']['ratelimit_spam_score_over_int_control']*10).'" '; } if(!empty($config_arr['acl']['spam_thresold'])){ $config .= '#spam_thresold deny condition = ${if eq {${acl_m0}}{1}{${if >{$spam_score_int}{'.((int)$config_arr['acl']['spam_thresold']*10).'}{1}{0}}}{0}} log_message = "The mail server detected your message as spam and has prevented delivery ('.((int)$config_arr['acl']['spam_thresold']*10).')." message = "The mail server detected your message as spam and has prevented delivery." '; } if(!empty($config_arr['sa']['no_forward_outbound_spam']) || !empty($config_arr['sa']['no_forward_outbound_spam_over_int_control'])){ $config .= ' # BEGIN INSERT no_forward_outbound_spam deny '; if(!empty($config_arr['sa']['no_forward_outbound_spam_over_int_control'])){ $config .= ' condition = ${if eq {$spam_score_int}{}{0}{${if >{$spam_score_int}{'.((int)$config_arr['sa']['no_forward_outbound_spam_over_int_control'] * 10).'}{1}{0}}}} '; }else{ $config .= ' condition = ${if eq {${acl_m2}}{1}{1}{0}} '; } $config .= ' condition = ${if eq {$acl_c_delivery_address_data}{}{0}{1}} # Don’t reject messages where any forwarder has a local destination. # Ideally we would reject the remote destinations and accept the local, # but there is no known way of achieving this configuration. !condition = ${if \ forany{ ${addresses:$acl_c_delivery_address_data} } \ { match_domain{${domain:$item}}{+local_domains} } \ } # Don’t reject messages where every destination is an autoresponder. !condition = ${if \ forall{ ${addresses:$acl_c_delivery_address_data} } \ { match{$item}{/autorespond} } \ } log_message = "This mail cannot be forwarded because it was detected as spam." message = "This mail cannot be forwarded because it was detected as spam." # END INSERT no_forward_outbound_spam '; } $config .= ' drop message = This message is denied by policy : $spam_score spam points log_message = This message is denied by policy : $spam_score spam points condition = ${if <= {5}{${lookup{${acl_m1}}lsearch{/etc/spamscore}{$value}}}{1}{0}} condition = ${if > {$spam_score_int}{${lookup{${acl_m1}}lsearch{/etc/spamscore}{$value}}}{1}{0}} accept acl_smtp_etrn: accept acl_smtp_helo: accept acl_smtp_mail: #hold outgoing mail accept condition = ${lookup{$sender_address}lsearch{/etc/hold_outgoing_users}{1}{0}} control = freeze/no_tell # ignore authenticated hosts accept authenticated = * #warn # condition = ${if match_ip{$sender_host_address}{+loopback}{${perl{identify_local_connection}{$sender_host_address}{$sender_host_port}{$received_ip_address}{$received_port}{1}}}{0}} # set acl_c_authenticated_local_user = ${perl{get_identified_local_connection_user}} accept hosts = : +loopback : +recent_authed_mail_ips : +backupmx_hosts '; if(!empty($config_arr['acl']['requirehelo'])){ $config .= '#requirehelo deny condition = ${if eq{$sender_helo_name}{}} message = HELO required before MAIL '; } if(!empty($config_arr['acl']['requirehelonoforge'])){ $config .= '#requirehelonoforge drop condition = ${if eq{${lc:$sender_helo_name}}{${lc:$primary_hostname}}{${if def:interface_address {${if match_ip{$interface_address}{+loopback}{0}{1}}}{0}}}{0}} message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]" drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} message = "REJECTED - Interface: $interface_address is _my_ address" '; } if(!empty($config_arr['acl']['requirehelosyntax'])){ $config .= '#requirehelosyntax drop condition = ${if isip{$sender_helo_name}} message = Access denied - Invalid HELO name (See RFC2821 4.1.3) drop # Required because "[IPv6:<address>]" will have no .s condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}} message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1) drop condition = ${if match{$sender_helo_name}{\N\.$\N}} message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1) drop condition = ${if match{$sender_helo_name}{\N\.\.\N}} message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1) '; } $config .= ' accept acl_smtp_mailauth: accept acl_smtp_mime: deny message = Blacklisted file extension detected condition = ${if match \ {${lc:$mime_filename}} \ {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \ {1}{0}} accept acl_smtp_notquit: '; if(!empty($config_arr['acl']['ratelimit'])){ $config .= '#ratelimit # ignore authenticated hosts accept authenticated = * accept hosts = : +recent_authed_mail_ips : +loopback : +backupmx_hosts warn #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} condition = ${if match {$smtp_notquit_reason}{command}{yes}{no}} log_message = "Connection Ratelimit - $sender_fullhost because of notquit: $smtp_notquit_reason ($sender_rate/$sender_rate_period max:$sender_rate_limit)" ratelimit = 1.2 / 1h / strict / per_conn '; } $config .= ' accept acl_smtp_predata: accept acl_smtp_quit: '; if(!empty($config_arr['acl']['slow_fail_block'])){ $config .= '#slow_fail_block warn log_message = "Detected session with all messages failed" condition = ${if >= {${eval:$rcpt_count}}{1}{${if == {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}} set acl_m6 = 1 warn condition = ${if eq {${acl_m6}}{1}{1}{0}} ratelimit = 0 / 1h / strict / per_conn / slow_fail_block_$sender_host_address log_message = "Increment slow_fail_block Ratelimit - $sender_fullhost because of all messages failed" warn ratelimit = 1 / 1h / noupdate / per_conn / slow_fail_block_$sender_host_address condition = ${if >= {${eval:$rcpt_count}}{1}{${if < {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}} set acl_m5 = 1 log_message = "Detected session with ok message that previous had all failed" warn condition = ${if eq {${acl_m5}}{1}{1}{0}} ratelimit = 0 / 1h / strict / per_conn / slow_fail_accept_$sender_host_address log_message = "Decrement slow_fail_lock Ratelimit - $sender_fullhost because one message was successful" '; } $config .= ' accept acl_smtp_rcpt: # implemented for "suspend incoming/outgoing email" feature for user deny condition = ${lookup{${lookup{$sender_address_domain}lsearch{/etc/userdomains}{$value}}}lsearch{/etc/user_suspended_list}{1}{0}} message = USER_ON_BLACKLIST log_message = USER_ON_BLACKLIST deny condition = ${lookup{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}lsearch{/etc/user_suspended_list}{1}{0}} message = USER_ON_BLACKLIST log_message = USER_ON_BLACKLIST # deny suspend_outgoing_users deny message = The $sender_address is suspended to send an outgoing mail. Please contact admin to unsuspend log_message = The $sender_address is suspended to send an outgoing mail. Please contact admin to unsuspend senders = lsearch;/etc/suspend_outgoing_users # deny suspend_incoming_users deny message = The $local_part@$domain is suspended to receive any incoming mail. log_message = The $local_part@$domain is suspended to receive any incoming mail. condition = ${if exists {/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/.${sg{$local_part}{\N[/+].*\N}{}}@${domain}.suspended_incoming}} '; if(!empty($config_arr['mail']['tracksenders'])){ $config .= '#tracksenders warn ratelimit = 0 / 1h / strict log_message = Sender rate $sender_rate / $sender_rate_period '; } $config .= ' warn !domains = +relay_domains set acl_m_outbound_recipient = 1 '; if(!empty($config_arr['acl']['delay_unknown_hosts'])){ $config .= '#delay_unknown_hosts warn !authenticated = * !hosts = : +loopback : +neighbor_netblocks : +trustedmailhosts : +recent_authed_mail_ips : +backupmx_hosts : +skipsmtpcheck_hosts : +senderverifybypass_hosts '.(!empty($config_arr['acl']['dont_delay_greylisting_trusted_hosts']) ? ': +greylist_trusted_netblocks' : '').' '.(!empty($config_arr['acl']['dont_delay_greylisting_common_mail_providers']) ? ': +greylist_common_mail_providers' : '').' #only rate limit port 25 condition = ${if eq {$received_port}{25}{yes}{no}} delay = 20s '; } if(!empty($config_arr['acl']['dkim_disable'])){ $config .= '#dkim_disable warn control = dkim_disable_verify '; } if(!empty($config_arr['sa']['no_forward_outbound_spam']) || !empty($config_arr['sa']['no_forward_outbound_spam_over_int_control'])){ $config .= '#no_forward_outbound_spam warn domains = +local_domains verify = recipient log_message = ${extract{redirect}{$address_data}} condition = ${if !eq{${extract{redirect}{$address_data}}}{}} condition = ${if forany{${addresses:${extract{redirect}{$address_data}}}}{!match_domain{${domain:$item}}{:+local_domains}}} set acl_m_outbound_recipient = 1 '; } $config .= ' accept authenticated = * condition = ${if eq{${lookup{$sender_address_domain}lsearch{/etc/userdomains}}}{$sender_address_local_part}} endpass verify = recipient '; if(!empty($config_arr['mail']['senderverify'])){ $config .= '#senderverify deny hosts = ! +loopback : ! +senderverifybypass_hosts ! verify = sender'.(!empty($config_arr['mail']['callouts']) ? '/callout=60s' : '').' '; } $config .= ' accept authenticated = * endpass verify = recipient # if they used "pop before smtp" then we just accept accept condition = ${if exists{/etc/popbeforesmtp}{1}{0}} condition = ${if exists{'.$globals['data_path'].'/popb4smtp/${substr_-1_1:$sender_host_address}/$sender_host_address}} hosts = ! +loopback endpass verify = recipient '; if(!empty($rbl_arr)){ $config .= ' # BEGIN RBL'."\n"; foreach($rbl_arr as $rblk => $rblv){ if(!empty($rblv['status'])){ $config .= ' # BEGIN INSERT '.$rblk.' deny message = JunkMail rejected - $sender_fullhost is in an RBL: $dnslist_text hosts = +backupmx_hosts dnslists = '.(implode(' : ', array_map('trim', explode(',', $rblv['dnslists'])))).' warn'; if(!empty($config_arr['rbl']['rbl_whitelist'])){ $config .= ' !hosts = <, '.$config_arr['rbl']['rbl_whitelist']; } if(!empty($config_arr['rbl']['rbl_whitelist_neighbor_netblocks'])){ $config .= ' !hosts = +neighbor_netblocks'; } if(!empty($config_arr['rbl']['rbl_whitelist_greylist_common_mail_providers'])){ $config .= ' !hosts = +greylist_common_mail_providers'; } if(!empty($config_arr['rbl']['rbl_whitelist_greylist_trusted_hosts'])){ $config .= ' !hosts = +greylist_trusted_netblocks'; } $config .=' dnslists = '.(implode(' : ', array_map('trim', explode(',', $rblv['dnslists'])))).' set acl_m8 = 1 set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL: $dnslist_text" warn condition = ${if eq {${acl_m8}}{1}{1}{0}} ratelimit = 0 / 1h / strict / per_conn log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match" drop condition = ${if eq {${acl_m8}}{1}{1}{0}} message = ${acl_m9} # END INSERT '.$rblk; } } $config .= "\n".'# END of RBL'; } if(!empty($globals['greylisting'])){ $config .= ' #greylisting is enabled defer message = Temporarily unable to process your email. Please try again later. !authenticated = *'; if(!empty($greylist_arr['spf'])){ $config .= ' !spf = pass'; } $config .= ' !hosts = +loopback : +greylist_trusted_netblocks : +greylist_common_mail_providers condition = ${lookup{$sender_address,$local_part@$domain,$sender_host_address}lsearch{/etc/greylist_triplet}{0}{1}} condition = ${lookup{$domain}lsearch{/etc/greylist_outdomains}{0}{1}} log_message = Deferred due to greylisting. Host: $sender_host_address From: $sender_address To: $local_part@$domain '; } $config .= ' deny message = Your host is not allowed to connect to this server. log_message = Sender domain is banned sender_domains = !+local_domains : +blocked_domains deny message = Mailbox is full / Blocks limit exceeded / Inode limit exceeded log_message = Mailbox is full / Blocks limit exceeded / Inode limit exceeded condition = ${if match {${readsocket{/var/run/dovecot/quota-status}{request=smtpd_access_policy\nrecipient=${quote:$local_part}@${quote:$domain}\nsize=$message_size\n\n}{30s}{\n}{SOCKETFAIL}}}{action=5}{true}{false}} accept hosts = : endpass verify = recipient accept condition = ${extract{size}{${stat:/etc/skipsmtpcheckhosts}}} hosts = +skipsmtpcheck_hosts endpass verify = recipient # implemented for "suspend incoming email" feature deny domains = !$primary_hostname : +local_domains condition = ${if exists {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}}}}}{$value}}/etc/.${sg{$local_part}{\N[/+].*\N}{}}@${domain}.suspended_incoming}} message = 525 5.7.13 Disabled recipient address log_message = Mail to ${local_part}@${domain} has been suspended # implemented for "suspend outgoing email" feature for domains and individual webmail/pop accounts (to do) #deny # domains = ! +local_domains # condition = ${perl{check_outgoing_mail_suspended}} # message = ${perl{get_outgoing_mail_suspended_message}} # log_message = ${perl{get_outgoing_mail_suspended_message}} '; $config .=' # if they used "pop before smtp" and its not bound for a localdomain we remember the recent_authed_mail_ips_domain warn domains = ! +local_domains hosts = ! +loopback hosts = +recent_authed_mail_ips set acl_c_recent_authed_mail_ips_text_entry = ${perl{get_recent_authed_mail_ips_text_entry}{1}} add_header = ${if exists{/etc/eximpopbeforesmtpwarning}{${perl{popbeforesmtpwarn}{$sender_host_address}}}{}} # we need to check alwaysrelay since we don\'t require recentauthedmailiptracker to be enabled accept hosts = ! +loopback condition = ${if or {{eq{$acl_c_recent_authed_mail_ips_text_entry}{}}{!exists{/etc/popbeforesmtp}}}{${if exists {/etc/alwaysrelay}{${lookup{$sender_host_address}iplsearch{/etc/alwaysrelay}{1}{0}}}{0}}}{0}} set acl_c_recent_authed_mail_ips_text_entry = ${perl{get_recent_authed_mail_ips_text_entry}{1}} set acl_c_alwaysrelay = 1 endpass verify = recipient # Reject unauthenticated relay on port 587 drop condition = ${if eq{$received_port}{587}{1}{0}} message = SMTP AUTH is required for message submission on port 587 require verify = recipient # skip content scanning for suspended recipients that are being queued, blackholed or relayed accept condition = ${extract{suspended}{$address_data}} '; if(!empty($config_arr['acl']['primary_hostname'])){ $config .='#primary_hostname deny message = You do not have sufficient privileges to send mail to this address. Please authenticate and try again. domains = $primary_hostname '; } if(!empty($config_arr['acl']['dictionary_attack'])){ $config .='#dictionary_attack warn log_message = "Detected Dictionary Attack (Let $rcpt_fail_count bad recipients though before engaging)" condition = ${if > {${eval:$rcpt_fail_count}}{4}{yes}{no}} set acl_m7 = 1 warn condition = ${if eq {${acl_m7}}{1}{1}{0}} ratelimit = 0 / 1h / strict / per_conn log_message = "Increment Connection Ratelimit - $sender_fullhost because of Dictionary Attack" drop condition = ${if eq {${acl_m7}}{1}{1}{0}} message = "Number of failed recipients exceeded. Come back in a few hours." '; } if(!empty($config_arr['acl']['deny_rcpt_hard_limit'])){ $config .='#deny_rcpt_hard_limit warn log_message = "Number of RCPT commands exceeds hard limit" condition = ${if > {${eval:$rcpt_count}}{'.((int)$config_arr['acl']['deny_rcpt_hard_limit']).'}{1}{0}} set acl_m7 = 1 warn condition = ${if eq {${acl_m7}}{1}{1}{0}} ratelimit = 0 / 1h / strict / per_conn log_message = "Increment Connection Ratelimit - $sender_fullhost because of RCPT command abuse" drop condition = ${if eq {${acl_m7}}{1}{1}{0}} message = Too many recipients specified. Come back in a few hours. '; } if(!empty($config_arr['acl']['deny_rcpt_soft_limit'])){ $config .= '#deny_rcpt_soft_limit defer condition = ${if > {${eval:$rcpt_count}}{'.((int)$config_arr['acl']['deny_rcpt_soft_limit']).'}{1}{0}} message = 452 too many recipients '; } $config .= ' warn domains = +local_domains condition = ${if <= {$message_size}{'.((int)$config_arr['sa']['max_spam_scan_size_control']).'K}} condition = ${if !eq{${acl_m0}}{1}} condition = ${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{::}{${lookup passwd{${if eq{$domain}{$primary_hostname}{${sg{$local_part}{\N[/+].*\N}{}}}{${lookup{$domain}lsearch{/etc/userdomains}}}}}}}}/.spamassassindisable}{0}{1}}}} set acl_m0 = 1 set acl_m1 = ${if eq{$domain}{$primary_hostname}{${sg{$local_part_data}{\N[/+].*\N}{}}}{${lookup{$domain}lsearch{/etc/userdomains}}}} '; if(!empty($config_arr['acl']['spam_scan_secondarymx'])){ $config .= '#spam_scan_secondarymx warn domains = ! +local_domains : +secondarymx_domains condition = ${if <= {$message_size}{'.((int)$config_arr['sa']['max_spam_scan_size_control']).'K}{1}{0}} set acl_m0 = 1 set acl_m1 = exim '; } if(!empty($config_arr['acl']['delay_unknown_hosts'])){ $config .= '#delay_unknown_hosts warn #acl_m2 is spam = YES condition = ${if eq {${acl_m2}}{1}{1}{0}} !hosts = : +loopback : +neighbor_netblocks : +trustedmailhosts : +recent_authed_mail_ips : +backupmx_hosts : +skipsmtpcheck_hosts : +senderverifybypass_hosts '.(!empty($config_arr['acl']['dont_delay_greylisting_trusted_hosts']) ? ': +greylist_trusted_netblocks' : '').' '.(!empty($config_arr['acl']['dont_delay_greylisting_common_mail_providers']) ? ': +greylist_common_mail_providers' : '').' delay = 40s '; } $config .= ' accept domains = +relay_domains deny message = ${expand:${lookup{host_accept_relay}lsearch{/etc/eximrejects}{$value}}} log_message = Rejected relay attempt: \'$sender_host_address\' From: \'$sender_address\' To: \'$local_part@$domain\' accept acl_smtp_starttls: accept acl_smtp_vrfy: accept acl_smtp_dkim: '; if(empty($config_arr['acl']['dkim_disable']) && !empty($config_arr['acl']['dkim_bl'])){ $config .= ' accept message = DKIM: Testing Mode condition = ${if bool{$dkim_key_testing}} deny message = DKIM: encountered the following problem validating $dkim_cur_signer: $dkim_verify_reason dkim_status = invalid:fail '; } $config .= ' accept ###################################################################### # DO NOT EDIT Exim Webuzo Aunthenticators ###################################################################### begin authenticators dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 server_condition = ${if and {{!match {$auth1}{\N[/]\N}}{eq{${if match {$auth1}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth1}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth1}lsearch{/etc/demousers}{yes}}}}}{}}}{true}{false}} '; if(!empty($config_arr['security']['require_secure_auth'])){ $config .= ' server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}} '; } $config .= ' dovecot_login: driver = dovecot public_name = LOGIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 server_condition = ${if and {{!match {$auth1}{\N[/]\N}}{eq{${if match {$auth1}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth1}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth1}lsearch{/etc/demousers}{yes}}}}}{}}}{true}{false}} '; if(!empty($config_arr['security']['require_secure_auth'])){ $config .= ' server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}} '; } $config .= ' ###################################################################### # DO NOT EDIT Exim Webuzo Rewrite ###################################################################### # There are no rewriting specifications in this default configuration file. begin rewrite ###################################################################### # DO NOT EDIT Exim Webuzo ROUTERS ###################################################################### begin routers blackhole_dovenull: driver= redirect local_parts = "@dovenull" allow_fail = true data = :fail: Unrouteable address # Check Demo user democheck: driver = redirect require_files = "+/etc/demouids" condition = ${if >= {$originator_uid}{100}{1}{0}} condition = "${extract{size}{${stat:/etc/demouids}}}" condition = "${if eq \ {${lookup \ {$originator_uid} \ lsearch{/etc/demouids} \ {$value} \ }} \ {} \ {false} \ {true} \ }" allow_fail data = :fail: demo accounts are not permitted to relay email # check email count per hour domain or user || Check other stuff also (TODO E.G. SUSPEND DOMAIN, USER AND PERTICULAR EMAIL ACCOUNT) check_mail_validity: domains = ! +local_domains condition = ${if eq {$authenticated_id}{root}{0}{1}} ignore_target_hosts = +loopback driver = redirect allow_fail #allow_filter allow_defer #reply_transport = address_reply no_verify user = "exim" expn = false condition = "${perl{check_mail_validity}}" data = "${perl{check_mail_validity_results}}" # # Increments max emails per hour if needed (to do) # increment_email_per_hour_count: domains = ! +local_domains ignore_target_hosts = +loopback condition = ${if eq {$authenticated_id}{root}{0}{1}} driver = redirect allow_fail no_verify one_time expn = false condition = "${perl{increment_email_per_hour_count_if}}" data = ":unknown:" '; if(!empty($config_arr['sa']['no_forward_outbound_spam']) || !empty($config_arr['sa']['no_forward_outbound_spam_over_int_control'])){ $config .= '#no_forward_outbound_spam reject_forwarded_mail_marked_as_spam: driver = redirect domains = ! +local_domains '; if(!empty($config_arr['sa']['no_forward_outbound_spam_over_int_control'])){ $config .= ' condition = ${if eq {$spam_score_int}{}{0}{${if >{$spam_score_int}{'.((int)$config_arr['sa']['no_forward_outbound_spam_over_int_control'] * 10).'}{1}{0}}}} '; }else{ $config .= ' condition = ${if eq {${acl_m2}}{1}{1}{0}} '; } $config .= ' #ignore verisign to prevent waste of bandwidth ignore_target_hosts = +loopback : 64.94.110.0/24 allow_fail data = :fail: This mail cannot be forwarded because it was detected as spam. '; } $config .= ' manualmx: driver = manualroute domains = +manualmx_domains transport = remote_smtp route_data = ${lookup \ {$domain} \ lsearch{/etc/manualmx} \ } autoreply_dkim_lookuphost: driver = dnslookup domains = ! +local_domains condition = "${perl{sender_domain_can_dkim_sign}}" condition = "${if \ or { \ {match{$h_precedence:}{auto}} \ {match{$h_x-precedence:}{auto}} \ } \ {1}{0} \ }" #ignore verisign to prevent waste of bandwidth ignore_target_hosts = +loopback '.(!empty($config_arr['general']['eximmailtrap']) ? 'headers_add = "${perl{mailtrapheaders}}"' : '').' transport = dkim_remote_smtp dkim_lookuphost: driver = dnslookup domains = ! +local_domains condition = "${perl{sender_domain_can_dkim_sign}}" #ignore verisign to prevent waste of bandwidth ignore_target_hosts = +loopback '.(!empty($config_arr['general']['eximmailtrap']) ? 'headers_add = "${perl{mailtrapheaders}}"' : '').' transport = dkim_remote_smtp suspended_script: driver = redirect allow_fail condition = ${lookup{$sender_address}lsearch{/etc/mail_script_suspended}{1}{0}} data = :blackhole: lookuphost: driver = dnslookup domains = ! +local_domains #ignore verisign to prevent waste of bandwidth ignore_target_hosts = +loopback '.(!empty($config_arr['general']['eximmailtrap']) ? 'headers_add = "${perl{mailtrapheaders}}"' : '').' transport = remote_smtp literal: driver = ipliteral domains = ! +local_domains ignore_target_hosts = +loopback : 64.94.110.0/24 '.(!empty($config_arr['general']['eximmailtrap']) ? 'headers_add = "${perl{mailtrapheaders}}"' : '').' transport = remote_smtp ###################################################################### # DIRECTORS CONFIGURATION # # Specifies how local addresses are handled # ###################################################################### # ORDER DOES MATTER # # A local address is passed to each in turn until it is accepted. # ###################################################################### #Suspended User will not receive any mail suspended_user: driver = redirect allow_fail domains = lsearch;/etc/userdomains condition = ${if exists {/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/.${sg{$local_part}{\N[/+].*\N}{}}@${domain}.suspended_incoming}} data = :fail: The $local_part@$domain is suspended to receive any incoming mail. # filter on user level user_filter: driver = redirect allow_filter allow_fail forbid_filter_run forbid_filter_perl forbid_filter_lookup forbid_filter_readfile forbid_filter_readsocket no_check_local_user domains = lsearch;/etc/userdomains require_files = "/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/filter" condition = "${extract \ {size} \ {${stat:/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/filter}} \ }" file = /etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/filter file_transport = address_file directory_transport = address_directory reply_transport = address_reply pipe_transport = address_pipe router_home_directory = ${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ } user = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" group = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" no_verify # A filter on Domain level domain_filter: driver = redirect allow_filter allow_fail forbid_filter_run forbid_filter_perl forbid_filter_lookup forbid_filter_readfile forbid_filter_readsocket no_check_local_user domains = lsearch;/etc/userdomains require_files = "/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/filter" condition = "${extract \ {size} \ {${stat:/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/filter}} \ }" file = /etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/filter file_transport = address_file directory_transport = address_directory reply_transport = address_reply pipe_transport = address_pipe router_home_directory = ${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ } user = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" group = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" no_verify # A filter on Email level email_filter: driver = redirect allow_filter allow_fail forbid_filter_run forbid_filter_perl forbid_filter_lookup forbid_filter_readfile forbid_filter_readsocket no_check_local_user domains = lsearch;/etc/userdomains require_files = "/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter" condition = "${extract \ {size} \ {${stat:/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter}} \ }" file = /etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/SAFELOCALPART/filter file_transport = address_file directory_transport = address_directory reply_transport = address_reply pipe_transport = address_pipe router_home_directory = ${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ } user = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" group = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" local_part_suffix = +* local_part_suffix_optional retry_use_local_part no_verify #autoreply exists #both passwd and forwarders do not have local_part. userautoreply: driver = accept domains = lsearch;/etc/userdomains router_home_directory = ${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ } user = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" #local_parts = ${lookup{$local_part} dsearch,ret=full{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${domain}/autorespond/}} condition = ${if exists{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg}{yes}{no}} condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}} require_files = /etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg condition = ${if exists{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/passwd}} # Check if the current time is between start and stop times condition = ${if and { \ {>= {${run{/bin/date +%Y%m%d%H%M}}}{${if eq {${readfile{${perl{untaint}{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.starttime}}}}}{}{${run{/bin/date +%Y%m%d%H%M}}}{${readfile{${perl{untaint}{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.starttime}}}}}}}} \ {<= {${run{/bin/date +%Y%m%d%H%M}}}{${if eq {${readfile{${perl{untaint}{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.stoptime}}}}}{}{999912312359}{${readfile{${perl{untaint}{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.stoptime}}}}}}}} \ } {yes}{no}} # Prevent the autoresponder email from being sent repeatedly. condition = ${if def:h_Auto-submitted:{${if match{$h_Auto-submitted:}{\N^no\N\}{yes}{no}}}{yes}} # do not reply to errors and bounces or lists senders = " ! ^.*-request@.*:\ ! ^owner-.*@.*:\ ! ^postmaster@.*:\ ! ^listmaster@.*:\ ! ^mailer-daemon@.*\ ! ^root@.*" transport = userautoreply unseen virtual_aliases: driver = redirect allow_defer allow_fail domains = lsearch;/etc/userdomains user = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" group = "${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }" address_data = \ "router=$router_name \ redirect=${quote:${lookup \ {$local_part} \ lsearch{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/aliases} \ }}" data = ${sg{${extract{redirect}{$address_data}}}{"}{}} file_transport = address_file pipe_transport = address_pipe local_part_suffix = +* local_part_suffix_optional retry_use_local_part unseen # # Virtual User Spam Boxes # virtual_user_spam: driver = accept local_parts = +path_safe_localparts domains = +local_domains condition = ${if match{$h_x-spam-status:}{\N^Yes\N}{true}{false}} require_files = +${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/.spamassassinboxenable : +${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/mail/$domain/$local_part router_home_directory = ${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ } cannot_route_message = Unknown user transport = maildir_spam_delivery '; if(!empty($config_arr['general']['no_local_emailing'])){ $config .= ' no_local_delivery: driver = redirect allow_fail domains = lsearch;/etc/userdomains condition = "${lookup{$sender_address_domain}lsearch{/etc/userdomains}{$value}}" data = :fail: Local emailing is not enabled on your server. Contact your Server Administrator. '; } $config .= ' virtual_boxtrapper_user: driver = accept local_parts = +path_safe_localparts domains = \ : ${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {${perl{untaint}{$domain}}} \ } require_files = "+/var/softaculous/apps/exim/boxtrapper.php:+/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${domain}/boxtrapper/${local_part}/.enabled" user = ${lookup{$domain}lsearch{/etc/userdomains}{$value}} headers_remove="x-uidl" transport = virtual_boxtrapper_userdelivery virtual_user: driver = accept domains = \ : ${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {${perl{untaint}{$domain}}} \ } local_parts = +path_safe_localparts require_files = "+${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ }/mail/$domain/$local_part" router_home_directory = ${extract \ {5} \ {::} \ {${lookup passwd \ {${lookup \ {$domain_data} \ lsearch{/etc/userdomains} \ {$value} \ }} \ {$value} \ }} \ } headers_remove="x-uidl" local_part_suffix = +* local_part_suffix_optional user = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}" group = "exim" transport = dovecot_delivery set = r_bcc_addr=${if forany \ {${addresses:$h_to:}:${addresses:$h_cc:}} \ {or { \ {eqi \ {${extract{1}{+}{${local_part:$item}}}@${domain:$item}} \ {$local_part@$domain} \ } \ {eqi \ {${extract{1}{+}{${local_part:$item}}}@${domain:$item}} \ {$original_local_part@$original_domain} \ } \ }} \ {} \ {$local_part@$domain} \ } set = r_webuzo_u=${lookup \ {$domain} \ lsearch{/etc/userdomains} \ {$value} \ } has_alias_but_no_mailbox_discarded_to_prevent_loop: driver = redirect domains = lsearch;/etc/userdomains condition = ${lookup \ {$local_part} \ lsearch{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/aliases} \ {1} \ {0} \ } condition = "${if forany{<, \ ${lookup \ {$local_part} \ lsearch{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/aliases} \ {$value} \ }} \ {!match{$item}{\N/autorespond\N}} \ {1} \ {${if match \ {${lookup \ {\N*\N} \ lsearch{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/aliases} \ {$value} \ }} \ {:fail:} \ {1} \ {0} \ }} \ }" data=":blackhole:" local_part_suffix = +* local_part_suffix_optional disable_logging = true # TODO #valias_domain_file: # driver = redirect # allow_defer # allow_fail # domains = lsearch;/etc/userdomains # user = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}" # group = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}" # condition = ${lookup {$domain} lsearch {/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/etc/$domain/domaliases}{yes}{no} } # address_data = router=$router_name redirect=${quote:${quote_local_part:$local_part}@${lookup{$domain}lsearch{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/etc/$domain/domaliases}}} # data = ${extract{redirect}{$address_data}} local_aliases: driver = redirect require_files = /etc/localaliases allow_defer allow_fail domains = $primary_hostname : localhost address_data = \ "router=$router_name \ redirect=${quote: \ ${lookup \ {$local_part} \ lsearch{/etc/localaliases} \ }}" data = ${extract{redirect}{$address_data}} file_transport = address_file pipe_transport = address_pipe check_local_user userforward: driver = redirect allow_filter allow_fail forbid_filter_run forbid_filter_perl forbid_filter_lookup forbid_filter_readfile forbid_filter_readsocket check_ancestor check_local_user domains = $primary_hostname no_expn require_files = "+$home/.forward" condition = "${extract{size}{${stat:$home/.forward}}}" file = $home/.forward file_transport = address_file reply_transport = address_reply directory_transport = address_directory user = $local_part_data group = $local_part_data no_verify localuser_root: driver = redirect allow_fail domains = $primary_hostname : localhost check_local_user condition = ${if eq {$local_part_data}{root}} data = :fail: root cannot accept local mail deliveries localuser_overquota: driver = redirect domains = $primary_hostname check_local_user # NB: On busy servers Dovecot may take several seconds to respond to # this request. So we set the timeout generously: condition = "${if match {${readsocket{/var/run/dovecot/quota-status}{request=smtpd_access_policy\nrecipient=${quote:$local_part}\nsize=$message_size\n\n}{30s}{\n}{SOCKETFAIL}}}{action=5}{true}{false}}" data = ":fail:Mailbox is full / Blocks limit exceeded / Inode limit exceeded" verify_only allow_fail # # Optimized spambox router # localuser_spam: driver = redirect domains = $primary_hostname condition = ${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{::}{${lookup passwd{${if eq{$domain}{$primary_hostname}{${sg{$local_part}{\N[/+].*\N}{}}}{${lookup{$domain}lsearch{/etc/userdomains}}}}}}}}/.spamassassindisable}{0}{1}}}} condition = ${if match{$h_x-spam-status:}{\N^Yes\N}{true}{false}} # sets home,user,group check_local_user headers_remove="x-uidl" data = "${quote_local_part:$local_part_data}+spam" redirect_router = localuser localuser: driver = accept # sets home,user,group check_local_user domains = $primary_hostname headers_remove="x-uidl" local_part_suffix = +* local_part_suffix_optional user = ${lookup{$domain}lsearch{/etc/userdomains}{$value}} group = exim transport = dovecot_delivery set = r_bcc_addr=${if forany \ {${addresses:$h_to:}:${addresses:$h_cc:}} \ {or { \ { eqi \ {${extract \ {1} \ {+} \ {${local_part:$item}} \ }@${domain:$item}} \ {$local_part@$domain} \ } \ { eqi \ {${extract \ {1} \ {+} \ {${local_part:$item}} \ }@${domain:$item}} \ {$original_local_part@$original_domain} \ } \ }} \ {} \ {$local_part@$domain} \ } set = r_webuzo_u=${local_part} split_delivery: driver = manualroute domains = lsearch;/etc/exim_no_catchall transport = remote_smtp condition = ${if match_ip{$sender_host_address}{+loopback}{1}{${lookup{$domain}lsearch{/etc/exim_no_catchall_final_host}{0}{1}}}} route_data = ${lookup \ {$domain} \ lsearch{/etc/exim_no_catchall} \ } #To catch all the failed mail catchall: driver = redirect domains = lsearch;/etc/userdomains address_data = \ "router=$router_name \ redirect=${quote:${lookup \ {*} \ lsearch{/etc/exim/users/${lookup{$domain}lsearch{/etc/userdomains}{$value}}/${perl{untaint}{$domain}}/aliases} \ }}" data = ${sg{${extract{redirect}{$address_data}}}{"}{}} pipe_transport = address_pipe allow_fail dnslookup: driver = dnslookup domains = ! +local_domains transport = remote_smtp ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 no_more ################################################################################# # DO NOT EDIT Exim Webuzo TRANSPORTS # This transport is used for delivering messages over SMTP connections. ################################################################################# begin transports remote_smtp: driver = smtp dkim_domain = ${lc:${domain:$h_from:}} dkim_selector = '.$globals['dkim_selector'].' dkim_private_key = /var/webuzo-data/mail/dkim/private/${perl{untaint}{${dkim_domain}}} dkim_canon = relaxed interface = <; ${if > {${extract{size}{${stat:/etc/mailips}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailips}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}} helo_data = ${if exists{/etc/mail_helo_auto}{${lookup dnsdb{ptr=$sending_ip_address}{$value}{$primary_hostname}}}{${if exists{/etc/mailhelo}{${lookup{$sender_address_domain}lsearch{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}}} message_linelength_limit = '.(isset($config_arr['general']['message_linelength_limit']) ? $config_arr['general']['message_linelength_limit'] : 2048).' remote_smtp_old: driver = smtp #interface = <; ${if > {${extract{size}{${stat:/etc/mailips}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailips}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}} #helo_data = ${if > {${extract{size}{${stat:/etc/mailhelo}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailhelo}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}} #hosts_try_chunking = 198.51.100.1 helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}{$primary_hostname}} dkim_domain = ${lc:${domain:$h_from:}} dkim_remote_smtp: driver = smtp interface = <; ${if > {${extract{size}{${stat:/etc/mailips}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailips}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}} #helo_data = ${if > {${extract{size}{${stat:/etc/mailhelo}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailhelo}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}} dkim_domain = ${lc:${domain:$h_from:}} dkim_selector = '.$globals['dkim_selector'].' dkim_private_key = "/var/webuzo-data/mail/dkim/private/${perl{untaint}{${dkim_domain}}}" dkim_canon = relaxed helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}{$primary_hostname}} #hosts_try_chunking = 198.51.100.1 message_linelength_limit = '.(isset($config_arr['general']['message_linelength_limit']) ? $config_arr['general']['message_linelength_limit'] : 2048).' virtual_boxtrapper_userdelivery: driver = pipe command = /var/softaculous/apps/exim/boxtrapper.php user = exim group = ${lookup{$domain}lsearch{/etc/userdomains}{$value}} log_output = true return_fail_output = true return_path_add = false temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78 address_directory: driver = appendfile maildir_format maildir_use_size_file delivery_date_add envelope_to_add return_path_add address_pipe: driver = pipe return_output virtual_address_pipe: driver = pipe return_output address_file: debug_print = "T: address_file for $local_part@$domain" driver = appendfile delivery_date_add envelope_to_add return_path_add mode = 0660 dovecot_delivery: driver = lmtp socket = /var/run/dovecot/lmtp batch_max = 200 batch_id = "$r_webuzo_u ${if def:r_bcc_addr {$r_bcc_addr}}" rcpt_include_affixes delivery_date_add envelope_to_add return_path_add vmail_delivery: driver = lmtp user = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}" group = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}" socket = /var/run/dovecot/lmtp batch_max = 200 batch_id = "$r_webuzo_u ${if def:r_bcc_addr {$r_bcc_addr}}" rcpt_include_affixes delivery_date_add envelope_to_add return_path_add maildir_spam_delivery: driver = appendfile directory = $home/mail/${lookup{$domain}dsearch{$home/mail/}}/${lookup{$local_part}dsearch{$home/mail/${lookup{$domain}dsearch{$home/mail/}}/}}/.spam create_directory = true delivery_date_add envelope_to_add return_path_add maildir_format mode = 0660 user = ${lookup{$domain}lsearch{/etc/userdomains}{$value}} group = ${lookup{$domain}lsearch{/etc/userdomains}{$value}} dovecot_virtual_delivery: driver = appendfile delivery_date_add #directory_mode = 770 envelope_to_add #router_home_directory = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}} directory = $home/mail/${lookup{$domain}dsearch{$home/mail/}}/${lookup{$local_part}dsearch{$home/mail/${lookup{$domain}dsearch{$home/mail/}}/}} #file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/mail/$domain/$local_part maildir_format create_directory = true group = ${lookup{$domain}lsearch{/etc/userdomains}{$value}} mode = 0660 return_path_add user = ${lookup{$domain}lsearch{/etc/userdomains}{$value}} address_reply: driver = autoreply userautoreply: driver = autoreply user = exim headers = ${if exists{/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/autorespond/SAFELOCALPART/SAFELOCALPART@SAFEDOMAIN.header}{\ ${readfile{/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/autorespond/SAFELOCALPART/SAFELOCALPART@SAFEDOMAIN.header}}\ }{}} file = /etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/autorespond/SAFELOCALPART/SAFELOCALPART@SAFEDOMAIN.msg from = "${local_part}@${domain}" no_return_message subject = ${if def:h_Subject: {\ ${if exists{/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/autorespond/SAFELOCALPART/SAFELOCALPART@SAFEDOMAIN.subj}\ {${readfile{/etc/exim/users/${lookup{SAFEDOMAIN}lsearch{/etc/userdomains}{$value}}/SAFEDOMAIN/autorespond/SAFELOCALPART/SAFELOCALPART@SAFEDOMAIN.subj}{}}}\ {Autoreply}\ }: ${sg{$rh_Subject:}{\\n}{}}}\ {Autoreply Message}} to = "${reply_address}" ###################################################################### # exim Webuzo RETRY CONFIGURATION ###################################################################### # Domain Error Retries # ------ ----- ------- begin retry +secondarymx * F,4h,5m; G,16h,1h,1.5; F,4d,8h'; if($config_arr['general']['enable_mail_retry'] != 0){ $config .= ' * * F,2h,'.$config_arr['general']['mail_retry'].'m; G,16h,1h,1.5; F,4d,6h'; } exim_access_list(); // spam assassin // Force enable spamassassin /* if(!empty($config_arr['sa']['force_enable_spamassassin'])){ touch('/etc/global_spamassassin_enable'); chgrp('/etc/global_spamassassin_enable', $grp); }else{ @unlink('/etc/global_spamassassin_enable'); } */ writefile('/etc/exim/exim.conf', $config, 1); writefile('/etc/exim/exim.conf.orig', $config, 1); unlink(EXIM_APP.'etc/exim.conf'); vexec('ln -s /etc/exim/exim.conf '.EXIM_APP.'etc/exim.conf'); } function exim_configure_filter(){ global $globals; $exim_config_path = $globals['var_conf'].'/exim'; $config_arr = loaddata($exim_config_path.'/exim.json'); $syst_filter_config = '# Exim filter # process once if not first_delivery then finish endif # Ignore "real" errors if error_message and $header_from: contains "Mailer-Daemon@" then finish endif '; if(!empty($config_arr['filter']['systemfilter_control']) && !empty($config_arr['filter']['attachments'])){ $syst_filter_config .= '#attachments # Check Content-Type header using quoted filename [content_type_quoted_fn_match] if $header_content-type: matches "(?:file)?name=(\"[^\"]+\\\\\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])\")" then fail text "This message has been rejected because it has\n\ potentially executable content $1\n\ This form of attachment has been used by\n\ recent viruses or other malware.\n\ If you meant to send this file then please\n\ package it up as a zip file and resend it." seen finish endif # same again using unquoted filename [content_type_unquoted_fn_match] if $header_content-type: matches "(?:file)?name=(\\\\\\\\S+\\\\\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))([\\\\\\\\s;]|\\\\\\$)" then fail text "This message has been rejected because it has\n\ potentially executable content $1\n\ This form of attachment has been used by\n\ recent viruses or other malware.\n\ If you meant to send this file then please\n\ package it up as a zip file and resend it." seen finish endif # Quoted filename - [body_quoted_fn_match] if $message_body matches "(?:Content-(?:Type:(?>\\\\\\\\s*)[\\\\\\\\w-]+/[\\\\\\\\w-]+|Disposition:(?>\\\\\\\\s*)attachment);(?>\\\\\\\\s*)(?:file)?name=|begin(?>\\\\\\\\s+)[0-7]{3,4}(?>\\\\\\\\s+))(\"[^\"]+\\\\\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc])\")[\\\\\\\\s;]" then fail text "This message has been rejected because it has\n\ a potentially executable attachment $1\n\ This form of attachment has been used by\n\ recent viruses or other malware.\n\ If you meant to send this file then please\n\ package it up as a zip file and resend it." seen finish endif # same again using unquoted filename [body_unquoted_fn_match] if $message_body matches "(?:Content-(?:Type:(?>\\\\\\\\s*)[\\\\\\\\w-]+/[\\\\\\\\w-]+|Disposition:(?>\\\\\\\\s*)attachment);(?>\\\\\\\\s*)(?:file)?name=|begin(?>\\\\\\\\s+)[0-7]{3,4}(?>\\\\\\\\s+))(\\\\\\\\S+\\\\\\\\.(?:ad[ep]|ba[st]|chm|cmd|com|cpl|crt|eml|exe|hlp|hta|in[fs]|isp|jse?|lnk|md[be]|ms[cipt]|pcd|pif|reg|scr|sct|shs|url|vb[se]|ws[fhc]))[\\\\\\\\s;]" then fail text "This message has been rejected because it has\n\ a potentially executable attachment $1\n\ This form of attachment has been used by\n\ recent viruses or other malware.\n\ If you meant to send this file then please\n\ package it up as a zip file and resend it." seen finish endif '; } if(!empty($config_arr['filter']['fail_spam_score_over_int_control'])){ $syst_filter_config .= ' if ($h_x-spam-score: matches \N^\d+$\N and $h_x-spam-score: is above '.($config_arr['filter']['fail_spam_score_over_int_control'] * 10).') then fail text "The mail server detected your message as spam and has prevented delivery ('.($config_arr['filter']['fail_spam_score_over_int_control'] * 10).')." endif '; } if(!empty($config_arr['filter']['systemfilter_control']) && !empty($config_arr['filter']['spam_rewrite'])){ $syst_filter_config .= ' #spam_rewrite if "${if def:header_X-Spam-Subject: {there}}" is there then headers remove Subject headers add "Subject: $rh_X-Spam-Subject:" headers remove X-Spam-Subject endif '; } // First preference to custom filter saved from UI if(!empty(trim($config_arr['filter']['customfilter']))){ $syst_filter_config .= ' # BEGIN - Custom filter from Mail Settings '.$config_arr['filter']['customfilter'].' # END - Custom filter from Mail Settings '; // Second preference to custom filter file }elseif($customfilter = file_get_contents($globals['var_conf'].'/exim/customfilter')){ $syst_filter_config .= ' # BEGIN - Custom filter from /var/webuzo/conf/exim/customfilter file '.$customfilter.' # END - Custom filter from /var/webuzo/conf/exim/customfilter file '; } if(!empty($config_arr['filter']['systemfilter_control']) && file_exists($config_arr['filter']['systemfilter_control'])){ writefile($config_arr['filter']['systemfilter_control'], $syst_filter_config, 1); }else{ writefile('/etc/exim/exim_system_filter', $syst_filter_config, 1); } return true; } function exim_access_list(){ global $globals; $grp = 'exim'; $exim_config_path = $globals['var_conf'].'/exim'; $config_arr = loaddata($exim_config_path.'/exim.json'); // Access list writefile('/etc/spammeripblocks', $config_arr['access_list']['spammeripblocks'], 1); chgrp('/etc/spammeripblocks', $grp); chmod('/etc/spammeripblocks', 0660); writefile('/etc/senderverifybypasshosts', $config_arr['access_list']['senderverifybypasshosts'], 1); chgrp('/etc/senderverifybypasshosts', $grp); chmod('/etc/senderverifybypasshosts', 0660); writefile('/etc/trustedmailhosts', $config_arr['access_list']['mostlytrustedmailhosts'], 1); chgrp('/etc/trustedmailhosts', $grp); chmod('/etc/trustedmailhosts', 0660); writefile('/etc/skipsmtpcheckhosts', $config_arr['access_list']['skipsmtpcheckhosts'], 1); chgrp('/etc/skipsmtpcheckhosts', $grp); chmod('/etc/skipsmtpcheckhosts', 0660); writefile('/etc/backupmxhosts', $config_arr['access_list']['backupmxhosts'], 1); chgrp('/etc/backupmxhosts', $grp); chmod('/etc/backupmxhosts', 0660); writefile('/etc/trusted_mail_users', $config_arr['access_list']['trustedmailusers'], 1); chgrp('/etc/trusted_mail_users', $grp); chmod('/etc/trusted_mail_users', 0660); } function exim_custom_code($tmp_path = '', $tmp_json = []){ global $globals; $exim_json = loaddata($globals['var_conf'].'/exim/exim.json'); if(!empty($tmp_json)){ $exim_json = $tmp_json; } $exim_path = '/etc/exim/exim.conf'; if(!empty($tmp_path) && file_exists($exim_path.'.orig')){ $exim_path = $exim_path.'.orig'; } $exim_conf = file($exim_path, FILE_IGNORE_NEW_LINES); // Update exim conf according to the custom codes if(!empty($exim_json['custom'])){ foreach($exim_json['custom'] as $key => $val){ foreach($val as $k => $v){ // Adding custom code below section header if($k == 'noRule'){ $headerindex = array_search($key, $exim_conf); $exim_conf = array_merge(array_slice($exim_conf, 0, $headerindex + 1), [''], $v, [''], array_slice($exim_conf, $headerindex + 1)); // Adding custom code above rule }else{ $ruleindex = array_search($k.':', $exim_conf); $exim_conf = array_merge(array_slice($exim_conf, 0, $ruleindex), [''], $v, [''], array_slice($exim_conf, $ruleindex)); } } } } file_put_contents((!empty($tmp_path) ? $tmp_path : $exim_path), implode("\n", $exim_conf)); }