The following information may have errors; It is not permissible to be read by anyone who has ever met a lawyer. Use should also be confined to Engineers with more than 370 course hours of electronic engineering and should only be used for theoretical studies. All content entered becomes and is (C)2007 Transtronics, Inc. the property of Transtronics, Inc. Rest assured that your contributions won't be sold and will be publicly available.

From Transwiki

varcooudrono

[edit] Exim

[edit] Exim rbl config

Basic syntax :

deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
dnslists = relays.ordb.org:\
    sbl-xbl.spamhaus.org:\
    l1.spews.dnsbl.sorbs.net:\
    l1.spews.dnsbl.sorbs.net:\
    dnsbl.sorbs.net=127.0.0.2,127.0.0.3,127.0.0.4,127.0.0.5,127.0.0.7,127.0.8,127.0.0.9,127.0.0.10,127.0.0.11,127.0.0.12

The first line sets the bounce message the sending server gets..

The next line tells it to look in the listed RBLs - the ":" separates the lists and the "\" is just a line continuation.

You can set which rbl codes are used to reject email by putting a "=" after the domain name and a comma separated list of IP to bounce on. In the example above we are allowing 127.0.0.6 code to pass through.

To test RBLs with a dig or nslookup you must reverse the dot separated quads:

If you are testing for a sending server with IP address 1.2.3.4 we need to enter

user@Linuxbox#dig 4.3.2.1.joesrbl.net

Which would return no answer for clean addresses or 127.0.0.? for spam spewers.

To check to see if an IP is listed http://openrbl.org/

[edit] Bogofilter stuff

Bogofilter is the spam filter of choice.

I have bogofilter working with exim-4.12 - the router needed domain = +localdomains so outgoing e-mail did not get scanned.

I've fixed it by generating a unique header to tag (x-flag (make up your own)) as it scanned here - and look for that instead of the x-bogosity header in the router. Then in local deliveries I remove the header again so it won't effect any filter stats.

Be sure to set the owner of the word list to something exims! (maill)

[edit] ROUTERS

# Bogofilter will add X-Bogosity header to all incoming mail.
# This usually goes right after the dns_lookup router and
# before any local deliver routers. Location is important!
bogo_router:
   domains = +local_domains
   no_verify
 condition = ${if !eq {$received_protocol}{bogodone} {1}{0}}
   driver = accept
 transport = bogo_transport

#end of routerS

[edit] Transports

# Bogofilter will add X-Bogosity header to all incoming mail.
# This can go anywhere in the transport section, usually at
# the very end after address_reply
bogo_transport:
   driver = pipe
 command = /usr/sbin/exim -oMr bogodone -bS
   use_bsmtp = true
   headers_add = X-Bogofilterd: true
   transport_filter = /usr/bin/bogofilter -d /etc/bogofilter -l -p -e -u
   return_fail_output = true
   group = mail
   user = mail
   home_directory = "/tmp"
   current_directory = "/tmp"
   log_output = true
   return_path_add = false

local_delivery:
   driver = appendfile
   file = /var/mail/$local_part
#lose the X-flag header
   headers_remove = X-flag
   delivery_date_add
   envelope_to_add
   return_path_add
   group = mail
   mode = 0660
# end of transport

[edit] Question

Is the X-bogosity header ignored while creating the data bases? or would I have to remove them?

That is if I run a test - will it replace the old bogosity header?

I can imagine that spammers will put a fake header in after people start using the filter. Any provision to change the header name as a command-line option?

[edit] Answer

It's not a problem. In lexer.l is code to detect any "X-Bogosity" header lines and remove them. Any attempts by a spammer to supply their own X-Bogosity lines to deceive bogofilter will fail. Note: you must be using the passthrough option ('-p') to have bogofilter rewrite the message. (The rewritten message has old X-Bogosity lines removed and the new one inserted at the end of the message header). bogofilter also has a provision in the config file to change the x-bogosity name (but it is hard to think of a better name<g>)

[edit] bogofilter Testing hints

• provides number of messages scanned

bogoutil -w dbdirectory .MSG_COUNT

• lists probability of word you enter you enter from keyboard

bogoutil -w dbdirectory testword

Anyone getting started should archive a few 100 spams and emails as a first step. It also will flag most viruses if you put them in with the spam.

Keep all your spams and real emails archived by quarters - as your email and spams change you may want to create a new data base with more recent messages.

[edit] Cyrus and Exim

I had some problems with configuring exim 4 and cyrus but now it works.... maybe this helps others as well

[edit] /etc/services

# Local services

lmtp 24/tcp # LMTP Mail Delivery over TCP
lmtp 24/udp # LMTP Mail Delivery over TCP
pop3 110/tcp pop-3 # POP version 3
pop3 110/udp pop-3
imap 143/tcp imap2 # Interim Mail Access Proto v2
imap 143/udp imap2
imaps 993/tcp # IMAP over SSL
imaps 993/udp # IMAP over SSL
pop3s 995/tcp # POP-3 over SSL
pop3s 995/udp # POP-3 over SSL
sieve 2000/tcp # Sieve Mail Filter Daemon
sieve 2000/udp # Sieve Mail Filter Daemon

[edit] /etc/imapd.conf

configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
allowanonymouslogin: no
sieveuserhomedir: no
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem

[edit] /etc/cyrus.conf

# standard standalone server implementation

START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"

# this is only necessary if using idled for IMAP IDLE
# idled cmd="idled"
 }
# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=5
imaps cmd="imapd -s" listen="imaps" prefork=1
pop3 cmd="pop3d" listen="pop3" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" prefork=1
sieve cmd="timsieved" listen="sieve" prefork=0

# at least one LMTP is required for delivery
lmtp cmd="lmtpd -a" listen="lmtp" prefork=0
# lmtpunix cmd="lmtpd -a" listen="/var/lib/imap/socket/lmtp" prefork=1
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
}
EVENTS 
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30

# this is only necessary if using duplicate delivery suppression
delprune cmd="ctl_deliver -E 3" at=0400
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
}

[edit] /etc/exim/exim.conf

# ....
########## ROUTERS
smart_route:
   driver = manualroute
   domains = !+local_domains
   transport = remote_smtp
   route_list = * "smarthost.com" byname
   localuser:
 driver = accept
   transport = local_delivery_lmtp

########## TRANSPORTS
local_delivery_lmtp:
   driver = smtp
   protocol = lmtp
   hosts_override
   hosts = localhost
   allow_localhost
   return_path_add
# ....

[edit] steps

• installing cyrus-imapd
• passwd cyrus
• saslpasswd cyrus
• rc_saslauthd start
• rc_cyrus-imapd start
• su - cyrus
• cyradm --user cyrus 127.0.0.1
• cm user.test
• cm user.test.list.test
• sam user.test.list anyone p # for test+list.test@.....
• rc_exim start

Have fun !

[edit] Hylafax - Exim - and html -- Exim configuration for Faxmail

These configurations enable exim and hylafax (www.hylafax.org) work together, i mean sending fax by email (user@123456.fax). Obs: There is a problem faxmail does not support email in html format. If someone solved this problem, pls tell me.

[edit] exim.conf

# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. 
######################################################################

# A transport is used only when referenced from a director or a router that
# successfully handles an address.

#These configure for sending of fax for email
fax:
  driver = pipe
  user = cpd
  command ="/usr/bin/faxmail -d ${local_part}@${extract{1}{.}{$domain}}"
  home_directory = /usr/bin
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled 
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################
# Estas configuracoes sao para habilitar o envia de fax por email
fax:
  driver = domainlist
  transport = fax
  route_list ="*.fax"
# End of Exim configuration file

[edit] Hylafax HTML setup

[edit] How to send HTML files?

I want to fax HTML documents so they look like html pages not >source. >

First of all, fetch html2ps by Jan Karrman from : http://www.tdb.uu.se/~jan/html2ps.html It is a perl script and does an excellent job on any text/html stuff; it will also tackle embedded images if you have ImageMagick and PerlMagick installed.

Second, insert the following into the typerules file, just above the bottom line :

# HTML support
0 string <!DOCTYPE HTML ps /usr/local/bin/html2ps %i >%o
0 string <!doctype html ps /usr/local/bin/html2ps %i >%o
0 string <HEAD ps /usr/local/bin/html2ps %i >%o
0 string <head ps /usr/local/bin/html2ps %i >%o
0 string <TITLE ps /usr/local/bin/html2ps %i >%o
0 string <title ps /usr/local/bin/html2ps %i >%o
0 string <HTML ps /usr/local/bin/html2ps %i >%o
0 string <html ps /usr/local/bin/html2ps %i >%o

Remember all this is at the client end (if your client is a different machine to your fax server).