The Exim FAQ

Contents   Previous   Next

98. CONFIGURATION COOKBOOK

Q9801:  How do I configure Exim as part of TPC (http://www.tpc.int)?

A9801:  Suppose you want to accept faxes destined for 1(801)539-*. These are addressed to the domain 9.3.5.1.0.8.1.tpc.int. Set up a transport to handle the delivery:

   tpc:
     driver = pipe
     command = /usr/local/tpc/tpcmailer.pl $local_part@$domain \
       $sender_address
     pipe_as_creator

/usr/local/tpc/tpcmailer.pl is the mail processing script that can be obtained from the TPC distribution. Create a router to route mail for the TPC domain to that transport. This must be placed before your other routers:

   tpc_router:
     driver = accept
     transport = tpc
     domains = *.9.3.5.1.0.8.1.tpc.int

Of course, there are other things to do as well before your system is a functioning TPC server.

Q9802:  How do I configure Exim so that it sends mail to the outside world only from a restricted list of our local users?

A9802:  You will need to have a convenient way of checking the list. If it is only a handful of users, you could just list them inline. Otherwise, you need to put them in a file or database. Let's suppose you've just got a list in a file. Put this as your first router:

   check_outgoing:
     driver = redirect
     domains = ! +local_domains
     senders = ! : ! lsearch;/etc/permitted/senders
     allow_fail
     data = :fail: you are not allowed to send outside

The senders should be listed as complete addresses, with both a local part and a domain. For a large list, use a DBM or cdb file instead, or a database. The first item in the senders list is empty, to match the empty sender. This is necessary because bounce messages have null senders.

Q9803:  A site for which I provide secondary MX is down for some time. Is there a way to run the queue for that destination separately from the main queue?

A9803:  No, because Exim does not have the concept of ``the queue for that destination''. It simply has a single pool of messages awaiting delivery (and some of them may have several destinations). The best approach to this is to arrange for all messages for the site to be saved somewhere other than the main spool, either on a separate dedicated MTA, or in BSMTP files.

Q9804:  We want to be able to temporarily lock out a user by disabling the password and moving the home directory to another place. How can we arrange to reject mail for users in this state?

A9804:  Change the home directory pointer in the passwd file to something distinctive. For example, we use /home/CANCELLED for cancelled users. Then you can pick up such users with this router, which is placed immediately after system_aliases:

   cancelled_users:
     driver = redirect
     check_local_user
     condition = ${if eq {$home}{/home/CANCELLED}{yes}{no}}
     allow_fail
     data = :fail: this account is cancelled

Q9805:  How can I configure Exim so that all mails addressed to something@username.domain.net get delivered to /var/spool/mail/username?

A9805:  Assuming that you have set up username as a normal user, with conventional routing for username@domain.net to that mailbox, all you need to do is set up a redirection, using a router like this:

   user_in_domain:
     driver = redirect
     data = ${if match{$domain}{\N^(.*)\.domain\.net$\N}\
            {$1}fail}@domain.net

If you set envelope_to in the appendfile transport, the original envelope address is preserved in the message in an Envelope-to: header line.

Q9806:  How do I get exim not to add a Sender: header to locally originated mail?

A9806:  It adds it only if the From: header doesn't correspond to the user sending the message. You can suppress this by setting no_local_from_check. If your real question is How do I submit mail from UUCP without it adding Sender:?, see Q1503.

Q9807:  Is there any way to have messages sent to a specific local address delayed by - say - 24 hours?

A9807:  Set up a router like this:

   delay:
     driver = redirect
     domains = the.domain
     local_parts = thelocalpart
     condition = ${if < {$message_age}{86400}{yes}{no}}
     allow_defer
     data = :defer: message not old enough
     no_verify

Of course, this will also have the effect of setting a retry time for the address. You may want to set a special retry rule for it. Note the use of no_verify to ensure that this router is not used when Exim is verifying addresses.

Q9808:  I have a mailing list exploder on one host, and three other hosts where I want to do the actual deliveries from. How can I get Exim to split a message into groups of recipients between the three hosts?

A9808:  Set up a router that routes all remote addresses to a specific transport, with a list of your three hosts. For example:

   send_to_three:
     driver = manualroute
     transport = to_three_smtp
     route_list = !+local_domains  hostA:hostB:hostC

The transport looks like this:

   to_three_smtp:
     driver = smtp
     hosts_randomize

By setting hosts_randomize, you request that the host list be sorted randomly each time the transport is called, in order to spread the load. The number of times the transport is called for each message depends on the setting of the global option remote_max_parallel. If it is set to 1, the transport is called only once for each message, so only one host is used, but different messages use different hosts because of the randomizing.

The max_rcpt option (default 100) controls the number of addresses sent in each copy of the message - several copies are sent over the same connection if necessary.

If you want individual messages to be split between the three hosts, you must set the global option remote_max_parallel to 3. This allows Exim to run 3 separate instances of the transport at once. It will pass one-third of all the addresses to each instance. Because the host list is randomized, not round-robinned, there is no guarantee that a single message will use all three hosts, but on average it should.

Q9809:  Can I configure Exim so that my gateway host sends a copy of each incoming message to each of two internal hosts?

A9809:  The easiest way to do this is to make use of the unseen router option, and set up two separate routers. You need to be able to identify incoming messages somehow. Typically this can be done by testing the domain of the recipient address, in which case the configuration should contain something like this:

   r1:
     driver = manualroute
     domains = ! *.your.domain.example
     route_data = * host1.your.domain.example
     transport = remote_smtp
     unseen
   r2:
     driver = manualroute
     domains = ! *.your.domain.example
     route_data = * host2.your.domain.example
     transport = remote_smtp

The unseen setting on r1 means that after it has accepted an address, the address is also passed on to r2, and so two deliveries occur.

Q9810:  How can I implement “SMTP-after-POP” with Exim?

A9810:  See Q0706.

Q9811:  I would like to “tap off” a proportion of real mail traffic from my live mail server to use in tests of a new server. I want to preserve the envelope contents, but to suppress any error notifications to the original sender.

A9811:  See C046.

Q9812:  How can I lookup data from a single file using both single IP addresses and IP address blocks as keys? I want to set smtp_accept_max_per_host by this means, and also include a default.

A9812:  You cannot do this in a single lookup, because you need separate lookups for individual addresses and address blocks. However, these lookups can be nested in a single expansion string. For example, suppose you are using an lsearch file with entries like this:

   192.168.34.35:    4
   192.168.34.0/24:  2
   *:                1

You can use this setting:

   smtp_accept_max_per_host = \
     ${lookup{$sender_host_address}lsearch{/path/to/file}\
     {$value}\
     {\
     ${lookup{${mask:$sender_host_address/24}}lsearch*{/path/to/file}}\
     }}

Note that the first lookup does not have an asterisk on the search type. If you have blocks of different sizes (/24, /26, etc) you have to configure it to do a separate lookup for each size, with just the final one using a default.



Contents   Previous   Next