The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

archive outgoing message error - failed to expand condition

Discussion in 'E-mail Discussions' started by pmc, Oct 9, 2012.

  1. pmc

    pmc Member

    Joined:
    May 13, 2012
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Is some configuration missing in this early release?

    Any pointers would be appreciated.


    1TLTWq-00080j-Ah failed to expand condition "${perl{should_archive_outgoing_message}}" for archive_outgoing_email router: Undefined subroutine &main::should_archive_outgoing_ message called.


    2012-10-08 23:44:35 1TLRCE-0004iA-7J failed to expand condition "${perl{should_archive_outgoing_m essage}}" for archive_outgoing_email router: Undefined subroutine &main::should_archive_outgoing_ message called.

    2012-10-08 23:25:05 1TLRCE-0004iA-7J failed to expand condition "${perl{should_archive_outgoing_message}}" for archive_outgoing_email router: Undefined subroutine &main::should_archive_outgoing_message called.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    648
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you provide some more details on when you started receiving this error message? Have you tried rebuilding the Exim configuration file? You can do so via:

    Code:
    # /scripts/buildeximconf
    Also, do you have any manual customizations to Exim that could be resulting in this error?

    Thank you.
     
  3. pmc

    pmc Member

    Joined:
    May 13, 2012
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    As soon as I updated cPanel to the current EDGE Version 11.33.0.25.
    When logging in to WHM/cPanel it advised of a new option to archive email I accepted and upon checking the panic log the errors were as described.

    Code:
    [U]Below is my current exim config:[/U]
    
    #!!# cPanel Exim 4 Config
    
    envelope_to_remove = true
    hosts_treat_as_local = lsearch;/etc/trustedmailho
    message_id_header_domain = Mail.${lookup{$interface_address}lsearch{/etc/domainips}{$value}{$smtp_active_hostname}}
    smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/domainips}{$value}{$smtp_active_hostname}}
    smtp_banner = $smtp_active_hostname \n ${tod_full} ESMTP Novell Groupwise Use of this Secured Network for Sending unsolicited and/or bulk e-mail is Prohibited on this system violators will be prosecuted 15 U.S.C. 7701.
    
    hostlist loopback = <; 127.0.0.0/8 ; 0.0.0.0 ; ::1 ; 0000:0000:0000:0000:0000:ffff:7f00:0000/8
    
    hostlist senderverifybypass_hosts = net-iplsearch;/etc/senderverifybypasshosts
    
    hostlist skipsmtpcheck_hosts = net-iplsearch;/etc/skipsmtpcheckhosts
    
    hostlist spammeripblocks = net-iplsearch;/etc/spammeripblocks
    
    hostlist backupmx_hosts = lsearch;/etc/backupmxhosts
    
    hostlist trustedmailhosts = lsearch;/etc/trustedmailhosts
    
    hostlist relay_hosts = net-iplsearch;/etc/relayhosts
    
    domainlist user_domains = ${if exists{/etc/userdomains} {lsearch;/etc/userdomains} fail}
    
    smtp_accept_queue_per_connection = 30
    
    remote_max_parallel = 10
    
    smtp_receive_timeout = 165s
    
    ignore_bounce_errors_after = 1d
    
    rfc1413_query_timeout = 0s
    
    timeout_frozen_after = 5d
    
    auto_thaw = 7d
    
    callout_domain_negative_expire = 1h
    
    callout_negative_expire = 1h
    
    acl_not_smtp = acl_not_smtp
    
    acl_smtp_connect = acl_smtp_connect
    
    acl_smtp_data = acl_smtp_data
    
    acl_smtp_mail = acl_smtp_mail
    
    acl_smtp_quit = acl_smtp_quit    
    
    acl_smtp_notquit = acl_smtp_notquit
    
    acl_smtp_rcpt = acl_smtp_rcpt
    
    message_body_newlines = true
    
    perl_at_start = true
    
    deliver_queue_load_max = 3
    
    queue_only_load = 6
    
    daemon_smtp_ports = 25 : 465 : 587
    
    tls_on_connect_ports = 465
    
    system_filter_user = cpaneleximfilter
    
    system_filter_group = cpaneleximfilter
    
    tls_require_ciphers = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
    
    av_scanner = clamd:/var/clamd
    
    spamd_address = 127.0.0.1 783
    
    # +incoming_port, +smtp_connection are needed for cPanel email tracking.
    # -retry_defer, +subject, +arguments, +received_recipients are suggested settings that may be disabled.
    log_selector = +incoming_port +smtp_connection -retry_defer +subject +arguments +received_recipients
    
    
    system_filter = /etc/cpanel_exim_system_filter
    
    
    
    
    #!!# These options specify the Access Control Lists (ACLs) that
    #!!# are used for incoming SMTP messages - after the RCPT and DATA
    #!!# commands, respectively.
    
    
    #!!# This setting defines a named domain list called
    #!!# local_domains, created from the old options that
    #!!# referred to local domains. It will be referenced
    #!!# later on by the syntax "+local_domains".
    #!!# Other domain and host lists may follow.
    
    domainlist local_domains = lsearch;/etc/localdomains
    
    domainlist relay_domains = lsearch;/etc/localdomains : \
        lsearch;/etc/secondarymx
    hostlist auth_relay_hosts = *
    
    ######################################################################
    #                  Runtime configuration file for Exim               #
    ######################################################################
    
    
    # This is a default configuration file which will operate correctly in
    # uncomplicated installations. Please see the manual for a complete list
    # of all the runtime configuration options that can be included in a
    # configuration file. There are many more than are mentioned here. The
    # manual is in the file doc/spec.txt in the Exim distribution as a plain
    # ASCII file. Other formats (PostScript, Texinfo, HTML) are available from
    # the Exim ftp sites. The manual is also online via the Exim web sites.
    
    
    # This file is divided into several parts, all but the last of which are
    # terminated by a line containing the word "end". The parts must appear
    # in the correct order, and all must be present (even if some of them are
    # in fact empty). Blank lines, and lines starting with # are ignored.
    
    
    
    ######################################################################
    #                    MAIN CONFIGURATION SETTINGS                     #
    ######################################################################
    
    perl_startup = do '/etc/exim.pl'
    
    #dns_retry = 1
    #dns_retrans = 1s
    
    # Specify your host's canonical name here. This should normally be the fully
    # qualified "official" name of your host. If this option is not set, the
    # uname() function is called to obtain the name.
    
    
    
    #nobody as the sender seems to annoy people
    untrusted_set_sender = *
    local_from_check = false
    
    
    
    split_spool_directory = yes
    
    smtp_connect_backlog = 50
    smtp_accept_max = 100
    
    # primary_hostname =
    
    # Specify the domain you want to be added to all unqualified addresses
    # here. An unqualified address is one that does not contain an "@" character
    # followed by a domain. For example, "caesar@rome.ex" is a fully qualified
    # address, but the string "caesar" (i.e. just a login name) is an unqualified
    # email address. Unqualified addresses are accepted only from local callers by
    # default. See the receiver_unqualified_{hosts,nets} options if you want
    # to permit unqualified addresses from remote sources. If this option is
    # not set, the primary_hostname value is used for qualification.
    
    # qualify_domain =
    
    
    # If you want unqualified recipient addresses to be qualified with a different
    # domain to unqualified sender addresses, specify the recipient domain here.
    # If this option is not set, the qualify_domain value is used.
    
    # qualify_recipient =
    
    
    # Specify your local domains as a colon-separated list here. If this option
    # is not set (i.e. not mentioned in the configuration file), the
    # qualify_recipient value is used as the only local domain. If you do not want
    # to do any local deliveries, uncomment the following line, but do not supply
    # any data for it. This sets local_domains to an empty string, which is not
    # the same as not mentioning it at all. An empty string specifies that there
    # are no local domains; not setting it at all causes the default value (the
    # setting of qualify_recipient) to be used.
    
    
    
    #!!# message_filter renamed system_filter
    message_body_visible = 5000
    
    
    
    
    
    
    # If you want to accept mail addressed to your host's literal IP address, for
    # example, mail addressed to "user@[111.111.111.111]", then uncomment the
    # following line, or supply the literal domain(s) as part of "local_domains"
    # above.
    
    # local_domains_include_host_literals
    
    
    # No local deliveries will ever be run under the uids of these users (a colon-
    # separated list). An attempt to do so gets changed so that it runs under the
    # uid of "nobody" instead. This is a paranoic safety catch. Note the default
    # setting means you cannot deliver mail addressed to root as if it were a
    # normal user. This isn't usually a problem, as most sites have an alias for
    # root that redirects such mail to a human administrator.
    
    never_users = root
    
    
    # The use of your host as a mail relay by any host, including the local host
    # calling its own SMTP port, is locked out by default. If you want to permit
    # relaying from the local host, you should set
    #
    # host_accept_relay = localhost
    #
    # If you want to permit relaying through your host from certain hosts or IP
    # networks, you need to set the option appropriately, for example
    #
    #
    #
    # If you are an MX backup or gateway of some kind for some domains, you must
    # set relay_domains to match those domains. This will allow any host to
    # relay through your host to those domains.
    #
    # See the section of the manual entitled "Control of relaying" for more
    # information.
    
    # The setting below causes Exim to do a reverse DNS lookup on all incoming
    # IP calls, in order to get the true host name. If you feel this is too
    # expensive, you can specify the networks for which a lookup is done, or
    # remove the setting entirely.
    
    #host_lookup = 0.0.0.0/0
    
    
    # By default, Exim expects all envelope addresses to be fully qualified, that
    # is, they must contain both a local part and a domain. If you want to accept
    # unqualified addresses (just a local part) from certain hosts, you can specify
    # these hosts by setting one or both of
    #
    # receiver_unqualified_hosts =
    # sender_unqualified_hosts =
    #
    # to control sender and receiver addresses, respectively. When this is done,
    # unqualified addresses are qualified using the settings of qualify_domain
    # and/or qualify_recipient (see above).
    
    
    # Exim contains support for the Realtime Blocking List (RBL) that is being
    # maintained as part of the DNS. See [url]http://maps.vix.com/rbl/[/url] for background.
    # Uncommenting the first line below will make Exim reject mail from any
    # host whose IP address is blacklisted in the RBL at maps.vix.com. Some
    # others have followed the RBL lead and have produced other lists: DUL is
    # a list of dial-up addresses, and ORBS is a list of open relay systems. The
    # second line below checks all three lists.
    
    # rbl_domains = rbl.maps.vix.com
    # rbl_domains = rbl.maps.vix.com
    
    
    # If you want Exim to support the "percent hack" for all your local domains,
    # uncomment the following line. This is the feature by which mail addressed
    # to x%y@z (where z is one of your local domains) is locally rerouted to
    # x@y and sent on. Otherwise x%y is treated as an ordinary local part.
    
    # percent_hack_domains = *
    
    #sender_host_accept = +include_unknown:*
    #sender_host_reject = +include_unknown:lsearch*;/etc/spammers
    
    
    
    
    
    tls_certificate = /etc/exim.crt
    tls_privatekey = /etc/exim.key
    tls_advertise_hosts = *
    
    helo_accept_junk_hosts = *
    
    smtp_enforce_sync = false
    
    
    #!!#######################################################!!#
    #!!# This new section of the configuration contains ACLs #!!#
    #!!# (Access Control Lists) derived from the Exim 3      #!!#
    #!!# policy control options.                             #!!#
    #!!#######################################################!!#
    
    #!!# These ACLs are crudely constructed from Exim 3 options.
    #!!# They are almost certainly not optimal. You should study
    #!!# them and rewrite as necessary.
    
    begin acl
    
    
    
    ########################################################################################
    # DO NOT ALTER THIS BLOCK
    ########################################################################################
    #
    # cPanel Default ACL Template Version: 10.20
    # Template: universal.dist
    #
    ########################################################################################
    # DO NOT ALTER THIS BLOCK
    ########################################################################################
    
    acl_not_smtp:
    
    #BEGIN ACL_OUTGOING_NOTSMTP_CHECKALL_BLOCK
    # BEGIN INSERT end_default_outgoing_notsmtp_checkall
    	accept
    
    # END INSERT end_default_outgoing_notsmtp_checkall
    
    #END ACL_OUTGOING_NOTSMTP_CHECKALL_BLOCK
    
    #BEGIN ACL_NOT_SMTP_BLOCK
    
    #END ACL_NOT_SMTP_BLOCK
    
    acl_not_smtp_mime:
    
    #BEGIN ACL_NOT_SMTP_MIME_BLOCK
    
    #END ACL_NOT_SMTP_MIME_BLOCK
    
    acl_not_smtp_start:
    
    #BEGIN ACL_NOT_SMTP_START_BLOCK
    
    #END ACL_NOT_SMTP_START_BLOCK
    
    acl_smtp_auth:
    
    #BEGIN ACL_SMTP_AUTH_BLOCK
    
    #END ACL_SMTP_AUTH_BLOCK
    
    acl_smtp_connect:
    
    #BEGIN ACL_CONNECT_BLOCK
    # BEGIN INSERT ratelimit
    
        accept
            hosts = +trustedmailhosts
    
        accept
            condition = ${if match_ip{$sender_host_address}{iplsearch;/etc/trustedmailhosts}{1}{0}}
    
    
    # ignore pop before smtp 
        accept
            hosts = +relay_hosts : +loopback
    
        accept
            hosts = +relay_hosts : +backupmx_hosts
    
    #only rate limit port 25
        accept 
            condition = ${if eq {$interface_port}{25}{no}{yes}}
    
        defer 
            message = The server has reached its limit for processing requests from your host.  Please try again later.
            log_message = "Host is ratelimited ($sender_rate/$sender_rate_period max:$sender_rate_limit)"
            ratelimit = 1.2 / 1h / strict / per_conn / noupdate
    
    
    # END INSERT ratelimit
    # BEGIN INSERT slow_fail_block
       warn
            # host had a success in the last hour 
            ratelimit = 1 / 1h / noupdate / per_conn / slow_fail_accept_$sender_host_address
            set acl_m4 = 1
    
       defer 
            condition = ${if eq {${acl_m4}}{1}{0}{1}}
            log_message = "Host is ratelimited due to multiple failure only connections ($sender_rate/$sender_rate_period max:$sender_rate_limit)"
            ratelimit = 5 / 1h / noupdate / per_conn / slow_fail_block_$sender_host_address
    
    
    # END INSERT slow_fail_block
    # BEGIN INSERT spammerlist
    
    
    drop
        message = Your host is not allowed to connect to this server.
        log_message = Host is banned
        hosts = +spammeripblocks
    
    
    # END INSERT spammerlist
    
    #END ACL_CONNECT_BLOCK
    
    #BEGIN ACL_CONNECT_POST_BLOCK
    # BEGIN INSERT default_connect_post
    
    # do not change the comment in the line below, it is required for /usr/local/cpanel/bin/check_exim_config
    #acl_smtp_notquit is required for this to work (exim 4.68)
        accept
    
    
    # END INSERT default_connect_post
    
    #END ACL_CONNECT_POST_BLOCK
    
    acl_smtp_data:
    
    # exiscan only
    
    #BEGIN ACL_EXISCANALL_BLOCK
    # BEGIN INSERT default_exiscan
    
    	deny message = This message contains a virus or other harmful content ($malware_name)
    	     malware = */defer_ok
    	     demime = *
    
        warn log_message = Message has been scanned: no virus or other harmful content was found 
    
    
    # END INSERT default_exiscan
    
    #END ACL_EXISCANALL_BLOCK
    # exiscan only
    
    #BEGIN ACL_OUTGOING_SMTP_CHECKALL_BLOCK
    
    #END ACL_OUTGOING_SMTP_CHECKALL_BLOCK
    
    #BEGIN ACL_CHECK_MESSAGE_PRE_BLOCK
    # BEGIN INSERT default_check_message_pre
    #
    #  Enabling this will make the server non-rfc compliant
    #  require verify = header_sender
    #
    
        accept  hosts = +loopback : +relay_hosts
    
        accept  hosts = *
                authenticated = *
    
        accept  hosts = +trustedmailhosts
    
        accept
                condition = ${if match_ip{$sender_host_address}{iplsearch;/etc/trustedmailhosts}{1}{0}}
    
    
    
    # END INSERT default_check_message_pre
    
    #END ACL_CHECK_MESSAGE_PRE_BLOCK
    
    #BEGIN ACL_PRE_SPAM_SCAN
    # BEGIN INSERT mailproviders
    # Research in Motion - Blackberry white list
     accept 
         condition = ${if exists {/etc/mailproviders/rim/ips}{${if match_ip{$sender_host_address}{iplsearch;/etc/mailproviders/rim/ips}{1}{0}}}{0}}
    
    # END INSERT mailproviders
    
    #END ACL_PRE_SPAM_SCAN
    
    #BEGIN ACL_SPAM_SCAN_BLOCK
    # BEGIN INSERT default_spam_scan
    
    
      warn
        condition = ${if eq {${acl_m0}}{1}{1}{0}}
        spam =  ${acl_m1}/defer_ok
        log_message = "SpamAssassin as ${acl_m1} detected message as spam ($spam_score)"
        add_header = X-Spam-Subject: ***SPAM*** $h_subject
        add_header = X-Spam-Status: Yes, score=$spam_score
        add_header = X-Spam-Score: $spam_score_int
        add_header = X-Spam-Bar: $spam_bar
        add_header = X-Spam-Report: $spam_report
        add_header = X-Spam-Flag: YES
        set acl_m2 = 1
    
      warn
          condition =  ${if eq {$spam_score_int}{}{0}{${if <= {${spam_score_int}}{8000}{${if >= {${spam_score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}}
    
      warn
      condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}}
      add_header = X-Spam-Status: No, score=$spam_score
      add_header = X-Spam-Score: $spam_score_int
      add_header = X-Spam-Bar: $spam_bar
      add_header = X-Ham-Report: $spam_report
      add_header = X-Spam-Flag: NO
      log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam ($spam_score)"
    
    
    
    # END INSERT default_spam_scan
    
    #END ACL_SPAM_SCAN_BLOCK
    
    # exiscan only
    
    # exiscan only
    
    #BEGIN ACL_RATELIMIT_SPAM_BLOCK
    # BEGIN INSERT ratelimit_spam_score_over_int
    
    warn
        condition = ${if eq {${acl_m0}}{1}{${if >{$spam_score_int}{155}{1}{0}}}{0}}
        ratelimit = 0 / 1h / strict / per_conn
        log_message = "Increment Connection Ratelimit - $sender_fullhost because mail server detected a message with a spam score integer greater or equal to 155"
    
    
    
    # END INSERT ratelimit_spam_score_over_int
    
    #END ACL_RATELIMIT_SPAM_BLOCK
    
    #BEGIN ACL_SPAM_BLOCK
    
    #END ACL_SPAM_BLOCK
    
    #BEGIN ACL_CHECK_MESSAGE_POST_BLOCK
    # BEGIN INSERT default_check_message_post
    
     accept
    
    # END INSERT default_check_message_post
    
    #END ACL_CHECK_MESSAGE_POST_BLOCK
    
    acl_smtp_etrn:
    
    #BEGIN ACL_SMTP_ETRN_BLOCK
    
    #END ACL_SMTP_ETRN_BLOCK
    
    acl_smtp_helo:
    
    #BEGIN ACL_SMTP_HELO_BLOCK
    
    #END ACL_SMTP_HELO_BLOCK
    
    acl_smtp_mail:
    
    #BEGIN ACL_MAIL_PRE_BLOCK
    # BEGIN INSERT default_mail_pre
    
        warn
            condition = ${if match_ip{$sender_host_address}{+loopback}{${perl{identify_local_connection}{$sender_host_address}{$sender_host_port}{1}}}{0}}
            set acl_c_authenticated_local_user = ${perl{get_identified_local_connection_user}}
    
        # ignore authenticated hosts
        accept
            authenticated = *
    
        # ignore pop before smtp 
        accept
            hosts = +loopback : +relay_hosts
    
    
    
    # END INSERT default_mail_pre
    
    #END ACL_MAIL_PRE_BLOCK
    
    #BEGIN ACL_MAIL_BLOCK
    # BEGIN INSERT requirehelo
    
    deny
        condition = ${if eq{$sender_helo_name}{}}
        message   = HELO required before MAIL
    
    
    # END INSERT requirehelo
    # BEGIN INSERT requirehelonoforge
    
    
    drop  
        condition = ${if match{$sender_helo_name}{^$primary_hostname\$}}
        message   = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]"
    
    
    drop 
        condition = ${if eq{[$interface_address]}{$sender_helo_name}}
        message   = "REJECTED - Interface: $interface_address is _my_ address"
    
    # END INSERT requirehelonoforge
    # BEGIN INSERT requirehelosyntax
    
    drop
        condition   = ${if isip{$sender_helo_name}}
        message     = Access denied - Invalid HELO name (See RFC2821 4.1.3)
    
    drop
        # Required because "[IPv6:<address>]" will have no .s
        condition   = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
        condition   = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
        message     = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
    
    drop
        condition   = ${if match{$sender_helo_name}{\N\.$\N}}
        message     = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
        
    drop
        condition   = ${if match{$sender_helo_name}{\N\.\.\N}}
        message     = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
    
    # END INSERT requirehelosyntax
    
    #END ACL_MAIL_BLOCK
    
    #BEGIN ACL_MAIL_POST_BLOCK
    # BEGIN INSERT default_mail_post
    
        accept
    
    
    # END INSERT default_mail_post
    
    #END ACL_MAIL_POST_BLOCK
    
    acl_smtp_mailauth:
    
    #BEGIN ACL_SMTP_MAILAUTH_BLOCK
    
    #END ACL_SMTP_MAILAUTH_BLOCK
    
    acl_smtp_mime:
    
    #BEGIN ACL_SMTP_MIME_BLOCK
    
    #END ACL_SMTP_MIME_BLOCK
    
    acl_smtp_notquit:
    
    #BEGIN ACL_NOTQUIT_BLOCK
    # BEGIN INSERT ratelimit
    
    # ignore authenticated hosts
    accept authenticated = *
    
    # ignore pop before smtp 
    accept hosts = +relay_hosts : +loopback
    
    #only rate limit port 25
    accept condition = ${if eq {$interface_port}{25}{no}{yes}}
    
    warn condition = ${if match {$smtp_notquit_reason}{command}{yes}{no}}
        log_message = "Connection Ratelimit - $sender_fullhost because of notquit: $smtp_notquit_reason ($sender_rate/$sender_rate_period max:$sender_rate_limit)"    
        ratelimit = 1.2 / 1h / strict / per_conn
    
    
    # END INSERT ratelimit
    
    #END ACL_NOTQUIT_BLOCK
    
    acl_smtp_predata:
    
    #BEGIN ACL_SMTP_PREDATA_BLOCK
    
    #END ACL_SMTP_PREDATA_BLOCK
    
    acl_smtp_quit:
    
    #BEGIN ACL_SMTP_QUIT_BLOCK
    # BEGIN INSERT slow_fail_block
    
      warn
        log_message = "Detected session with all messages failed"
        condition = ${if >= {${eval:$rcpt_count}}{1}{${if == {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}}
        set acl_m6 = 1
    
      warn
        condition = ${if eq {${acl_m6}}{1}{1}{0}}
        ratelimit = 0 / 1h / strict / per_conn / slow_fail_block_$sender_host_address 
        log_message = "Increment slow_fail_block Ratelimit - $sender_fullhost because of all messages failed"
    
      warn
        ratelimit = 1 / 1h / noupdate / per_conn / slow_fail_block_$sender_host_address 
        condition = ${if >= {${eval:$rcpt_count}}{1}{${if < {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}}
        set acl_m5 = 1
        log_message = "Detected session with ok message that previous had all failed"
    
      warn
        condition = ${if eq {${acl_m5}}{1}{1}{0}}
        ratelimit = 0 / 1h / strict / per_conn / slow_fail_accept_$sender_host_address 
        log_message = "Decrement slow_fail_lock Ratelimit - $sender_fullhost because one message was successful"
    
    
    
    # END INSERT slow_fail_block
    
    #END ACL_SMTP_QUIT_BLOCK
    
    acl_smtp_rcpt:
    
    #BEGIN ACL_RATELIMIT_BLOCK
    
    #END ACL_RATELIMIT_BLOCK
    
    #BEGIN ACL_PRE_RECIPIENT_BLOCK
    
    #END ACL_PRE_RECIPIENT_BLOCK
    
    #BEGIN ACL_RECIPIENT_BLOCK
    # BEGIN INSERT default_recipient
      accept  hosts = :
    
      accept hosts = +skipsmtpcheck_hosts
    
    
    
    # END INSERT default_recipient
    
    #END ACL_RECIPIENT_BLOCK
    #mailman only
    
    #mailman only
    
    #BEGIN ACL_IDENTIFY_SENDER_BLOCK
    # BEGIN INSERT default_identify_sender
    
    # deny must be on the same line as hosts so it will get removed by buildeximconf if turned off
       deny  hosts = ! +senderverifybypass_hosts
            ! verify = sender
    
      accept  hosts = *
              authenticated = *
    
      # if they used "pop before smtp" and its not bound for a localdomain we remember the relayhosts_domain
      warn  hosts = +relay_hosts
            domains = ! +local_domains
            set acl_c_relayhosts_text_entry = ${perl{get_relayhosts_text_entry}{1}}
            add_header = ${if exists{/etc/eximpopbeforesmtpwarning}{${perl{popbeforesmtpwarn}{$sender_host_address}}{}}
    
      # if they used "pop before smtp" then we just accept
      accept  hosts = +relay_hosts
    
      # we need to check alwaysrelay since we don't require antirelayd to be enabled
      warn
        condition = ${if exists {/etc/alwaysrelay}{${lookup{$sender_host_address}iplsearch{/etc/alwaysrelay}{1}{0}}}{0}}
        set acl_c_relayhosts_domain = ${perl{get_relayhosts_domain}{1}}
        set acl_c_alwaysrelay = 1
    
      accept
        condition = $acl_c_alwaysrelay
    
      #recipient verifications are now done after smtp auth and pop before smtp so the users get back bounces instead of 
      # a clogged outbox in outlook
    
      # drop connections to localhost that are from demo accounts (required for manual connnections)
      drop
           condition = ${if and {{match_ip{$sender_host_address}{+loopback}} \
                                 {def:acl_c_authenticated_local_user}} \
                          {${lookup{$acl_c_authenticated_local_user}lsearch{/etc/demousers}{yes}{no}}}{no}}
           message   = Demo accounts may not send mail
    
      # drop connections to localhost that fail auth (required for Horde)
      drop
           condition = ${if and {{match_ip{$sender_host_address}{+loopback}} \
                                 {def:authentication_failed}} \
                          {$authentication_failed}{no}}
           message   = Authentication failed
    
      # we learned this in the acl_smtp_mail block
      accept
        condition = ${if def:acl_c_authenticated_local_user {yes}{no}}
     
    
    
    # END INSERT default_identify_sender
    # BEGIN INSERT default_message_submission
    
    # Reject unauthenticated relay on port 587
     drop 
        condition = ${if eq{$interface_port}{587}{1}{0}}
        message = SMTP AUTH is required for message submission on port 587
    
    # END INSERT default_message_submission
    
    #END ACL_IDENTIFY_SENDER_BLOCK
    
    
    
    #BEGIN ACL_RECP_VERIFY_BLOCK
    # BEGIN INSERT default_recp_verify
       #recipient verifications are required for all messages that are not sent to the local machine    #this was done at multiple users requests
        require verify = recipient
    
    
    
    # END INSERT default_recp_verify
    
    #END ACL_RECP_VERIFY_BLOCK
    
    #BEGIN ACL_POST_RECP_VERIFY_BLOCK
    # BEGIN INSERT dictionary_attack
    
    
      warn
        log_message = "Detected Dictionary Attack (Let $rcpt_fail_count bad recipients though before engaging)"
        condition = ${if > {${eval:$rcpt_fail_count}}{4}{yes}{no}}
        set acl_m7 = 1
    
      warn
        condition = ${if eq {${acl_m7}}{1}{1}{0}}
        ratelimit = 0 / 1h / strict / per_conn
        log_message = "Increment Connection Ratelimit - $sender_fullhost because of Dictionary Attack"
    
      drop 
        condition = ${if eq {${acl_m7}}{1}{1}{0}}
        message = "Number of failed recipients exceeded.  Come back in a few hours."
    
    
    # END INSERT dictionary_attack
    
    #END ACL_POST_RECP_VERIFY_BLOCK
    
    #BEGIN ACL_TRUSTEDLIST_BLOCK
    # BEGIN INSERT trustedmailhosts
     accept
        hosts = +trustedmailhosts
     
     accept
         condition = ${if match_ip{$sender_host_address}{iplsearch;/etc/trustedmailhosts}{1}{0}}
    
    # END INSERT trustedmailhosts
    
    #END ACL_TRUSTEDLIST_BLOCK
    
    #BEGIN ACL_RBL_BLOCK
    # BEGIN INSERT Barracuda_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = b.barracudacentral.org
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = b.barracudacentral.org
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT Barracuda_rbl
    # BEGIN INSERT CBL_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = cbl.abuseat.org
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = cbl.abuseat.org
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT CBL_rbl
    # BEGIN INSERT Level1uceprotect_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = dnsbl-1.uceprotect.net
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = dnsbl-1.uceprotect.net
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT Level1uceprotect_rbl
    # BEGIN INSERT SpamandOpenRelay_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = dnsbl.sorbs.net
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = dnsbl.sorbs.net
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT SpamandOpenRelay_rbl
    # BEGIN INSERT UnsubscribeList_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = ubl.unsubscore.com
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = ubl.unsubscore.com
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT UnsubscribeList_rbl
    # BEGIN INSERT noptrspamrats_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = noptr.spamrats.com
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = noptr.spamrats.com
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT noptrspamrats_rbl
    # BEGIN INSERT spamcop_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = bl.spamcop.net
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = bl.spamcop.net
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT spamcop_rbl
    # BEGIN INSERT spamhaus_rbl
     
     deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text
         dnslists = zen.spamhaus.org
         hosts = +backupmx_hosts 
    
     warn
         
         dnslists = zen.spamhaus.org
         set acl_m8 = 1
         set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
    
     warn
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         ratelimit = 0 / 1h / strict / per_conn
         log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
    
     drop
         condition = ${if eq {${acl_m8}}{1}{1}{0}}
         message = ${acl_m9}
    
    
    # END INSERT spamhaus_rbl
    
    #END ACL_RBL_BLOCK
    
    #BEGIN ACL_MAILAUTH_BLOCK
    
    #END ACL_MAILAUTH_BLOCK
    
    #BEGIN ACL_RCPT_HARD_LIMIT_BLOCK
    
    #END ACL_RCPT_HARD_LIMIT_BLOCK
    
    #BEGIN ACL_RCPT_SOFT_LIMIT_BLOCK
    
    #END ACL_RCPT_SOFT_LIMIT_BLOCK
    
    #BEGIN ACL_SPAM_SCAN_CHECK_BLOCK
    # BEGIN INSERT default_spam_scan_check
    
        # The only problem with this setup is that if the message is for multiple users on the same server
        # and they are on different unix accounts, the settings for the first recipient which has spamassassin enabled will be used.
        # This shouldn't be a problem 99.9% of the time, however its a very small price to pay for a massive speed increase.
    
    
      warn  domains = ! ${primary_hostname} : +local_domains
             condition = ${if <= {$message_size}{200K}{${if eq {${acl_m0}}{1}{0}{${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/.spamassassinenable}{1}{0}}}}}}}{0}}
             set acl_m0    = 1
             set acl_m1    = ${lookup{$domain}lsearch*{/etc/userdomains}{$value}}
    
      warn  domains = ${primary_hostname}
              condition = ${if <= {$message_size}{200K}{${if eq {${acl_m0}}{1}{0}{${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{:}{${lookup passwd{$local_part}{$value}}}}/.spamassassinenable}{1}{0}}}}}}}{0}}
              set acl_m0    = 1
              set acl_m1    = $local_part
    
    
    
    # END INSERT default_spam_scan_check
    
    #END ACL_SPAM_SCAN_CHECK_BLOCK
    
    #BEGIN ACL_POST_SPAM_SCAN_CHECK_BLOCK
    # BEGIN INSERT mailproviders
    # Research in Motion - Blackberry white list
     warn
         condition = ${if exists {/etc/mailproviders/rim/ips}{${if match_ip{$sender_host_address}{iplsearch;/etc/mailproviders/rim/ips}{1}{0}}}{0}}
         set acl_m0 = 0
    
    # END INSERT mailproviders
    
    #END ACL_POST_SPAM_SCAN_CHECK_BLOCK
    
    #BEGIN ACL_RECIPIENT_POST_BLOCK
    # BEGIN INSERT default_recipient_post
    
    
    
      accept  domains = +relay_domains
    
      deny    message = ${expand:${lookup{host_accept_relay}lsearch{/etc/eximrejects}{$value}}}
    
    
    
    # END INSERT default_recipient_post
    
    #END ACL_RECIPIENT_POST_BLOCK
    
    acl_smtp_starttls:
    
    #BEGIN ACL_SMTP_STARTTLS_BLOCK
    
    #END ACL_SMTP_STARTTLS_BLOCK
    
    acl_smtp_vrfy:
    
    #BEGIN ACL_SMTP_SMTP_VRFY_BLOCK
    
    #END ACL_SMTP_SMTP_VRFY_BLOCK
    
    acl_smtp_dkim:
    
    #BEGIN ACL_SMTP_DKIM_BLOCK
    
    #END ACL_SMTP_DKIM_BLOCK
    
    
    
    
    
    begin authenticators
    
    
    courier_plain:
        driver = plaintext
        public_name = PLAIN
        server_prompts = :
        server_condition = ${if and{{!match {$auth2}{\N[/]\N}}{eq{${if match {$auth2}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth2}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth2}lsearch{/etc/demousers}{yes}}}}}{}}{!eq{${extract{address}{${readsocket{/var/spool/authdaemon/socket}{AUTH ${strlen:exim\{$sender_host_address\|$received_ip_address\}\nlogin\n$auth2\n$auth3\n}\nexim\{$sender_host_address\|$received_ip_address\}\nlogin\n$auth2\n$auth3\n}}}}}{}}}{true}{false}}
        server_set_id = $auth2
        server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}}
    
    
    
    courier_login:
      driver = plaintext
      public_name = LOGIN
      server_prompts = Username:: : Password::
      server_condition = ${if and{{!match {$auth1}{\N[/]\N}}{eq{${if match {$auth1}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth1}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth1}lsearch{/etc/demousers}{yes}}}}}{}}{!eq{${extract{address}{${readsocket{/var/spool/authdaemon/socket}{AUTH ${strlen:exim\{$sender_host_address\|$received_ip_address\}\nlogin\n$auth1\n$auth2\n}\nexim\{$sender_host_address\|$received_ip_address\}\nlogin\n$auth1\n$auth2\n}}}}}{}}}{true}{false}}
      server_set_id = $auth1
      server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}}
    
    
    
    
    
    
    ######################################################################
    #                      REWRITE CONFIGURATION                         #
    ######################################################################
    
    # There are no rewriting specifications in this default configuration file.
    
    begin rewrite
    
    
    
    
    #!!#######################################################!!#
    #!!# Here follow routers created from the old routers,   #!!#
    #!!# for handling non-local domains.                     #!!#
    #!!#######################################################!!#
    
    begin routers
    
    
    
    
    ######################################################################
    #                      ROUTERS CONFIGURATION                         #
    #            Specifies how remote addresses are handled              #
    ######################################################################
    #                          ORDER DOES MATTER                         #
    #  A remote address is passed to each in turn until it is accepted.  #
    ######################################################################
    
    # Remote addresses are those with a domain that does not match any item
    # in the "local_domains" setting above.
    
    
    
    
    
    # Place holder
    
    democheck:
        driver = redirect
        require_files = "+/etc/demouids"
        condition = "${if eq {${lookup {$originator_uid} lsearch {/etc/demouids} {$value}}}{}{false}{true}}"
        allow_fail
        data = :fail: demo accounts are not permitted to relay email
    
    
    archive_incoming_email_domain_method:
        driver = accept
        domains = +user_domains
        router_home_directory = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch {/etc/userdomains}{$value}}}{$value}}}}
        require_files = "$home/etc/$domain/archive/incoming"
        condition = ${perl{should_archive_incoming_domain_message}}
        headers_add = "${perl{archive_headers}{incoming_domain}}"
        unseen
        no_verify
        transport = archiver_incoming_domain_method
    
    
    
    archive_incoming_email_local_user_method:
        driver = accept
        domains = $primary_hostname
        check_local_user
        condition = ${perl{should_archive_incoming_localuser_message}}
        unseen
        no_verify
        headers_add = "${perl{archive_headers}{incoming_localuser}}"
        transport = archiver_incoming_local_user_method
    
    
    
    archive_outgoing_email:
        driver = accept
        condition = ${perl{should_archive_outgoing_message}}
        unseen
        no_verify
        headers_add = "${perl{archive_headers}{outgoing}}"
        transport = archiver_outgoing
    
       
    
    
    
    #
    # Handles identification of messages, nobody and webspam and mail trap checks 
    # in check_mail_permissions and notifies if we are defering a message
    #
    
    check_mail_permissions:
        domains = ! +local_domains
        condition = "${perl{check_mail_permissions}}"
        driver = redirect
        ignore_target_hosts = +loopback : 64.94.110.0/24
        allow_filter
        reply_transport = address_reply
        user = mailnull
        expn = false
        data = "${perl{check_mail_permissions_results}}"
    
    #
    # If check_mail_permissions needs to defer or fail a message it is done here
    #
    enforce_mail_permissions:
        domains = ! +local_domains
        condition = "${perl{enforce_mail_permissions}}"
        driver = redirect
        ignore_target_hosts = +loopback : 64.94.110.0/24
        allow_fail
        allow_defer
        expn = false
        data = "${perl{enforce_mail_permissions_results}}"
    
    #
    # Increments max emails per hour if needed
    #
    increment_max_emails_per_hour_if_needed:
        domains = ! +local_domains
        condition = "${perl{increment_max_emails_per_hour_if_needed}}"
        driver = redirect
        ignore_target_hosts = +loopback : 64.94.110.0/24
        allow_fail
        no_verify
        one_time
        expn = false
        data = ":unknown:"
    
    
    
    
    
    
    dkim_lookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = +loopback : 64.94.110.0/24
        require_files = "+/var/cpanel/domain_keys/private/${sender_address_domain}" 
        headers_add = "${perl{mailtrapheaders}}"
        transport = dkim_remote_smtp
    
    #
    # Lookup host router for remote smtp and ignores verisign site finder 'service'
    # This matches lookup exactly except we look for X-Boxtrapper: so we can determine
    # what is a boxtrapper generated message in the log.  Note: there is nothing to 
    # prevent X-Boxtrapper from being added to non-boxtrapper messages so this is for
    # logging reasons only
    #
    
    
    lookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = +loopback : 64.94.110.0/24
        headers_add = "${perl{mailtrapheaders}}"
        transport = remote_smtp
    
    
    # This router routes to remote hosts over SMTP by explicit IP address,
    # given as a "domain literal" in the form [nnn.nnn.nnn.nnn]. The RFCs
    # require this facility, which is why it is enabled by default in Exim.
    # If you want to lock it out, set forbid_domain_literals in the main
    # configuration section above.
    
    
    #
    # Literal Transports .. ignores verisigns sitefinder service
    #
    
    literal:
        driver = ipliteral
        domains = ! +local_domains
        headers_add = "${perl{mailtrapheaders}}"
        ignore_target_hosts = +loopback : 64.94.110.0/24
        transport = remote_smtp
    
    
    
    
    
    
    #!!# This new router is put here to fail all domains that
    #!!# were not in local_domains in the Exim 3 configuration.
    
    
    #
    # Trap Failures to Remote Domain
    #
    
    fail_remote_domains:
      driver = redirect
      domains = ! +local_domains : ! localhost : ! localhost.localdomain
      allow_fail
      data = ":fail: The mail server could not deliver mail to $local_part@$domain.  The account or domain may not exist, they may be blacklisted, or missing the proper dns entries."
    
    
    
    
    
    
    #!!#######################################################!!#
    #!!# Here follow routers created from the old directors, #!!#
    #!!# for handling local domains.                         #!!#
    #!!#######################################################!!#
    
    
    
    ######################################################################
    #                      DIRECTORS CONFIGURATION                       #
    #             Specifies how local addresses are handled              #
    ######################################################################
    #                          ORDER DOES MATTER                         #
    #   A local address is passed to each in turn until it is accepted.  #
    ######################################################################
    
    # Local addresses are those with a domain that matches some item in the
    # "local_domains" setting above, or those which are passed back from the
    # routers because of a "self=local" setting (not used in this configuration).
    
    
    # This director handles aliasing using a traditional /etc/aliases file.
    # If any of your aliases expand to pipes or files, you will need to set
    # up a user and a group for these deliveries to run under. You can do
    # this by uncommenting the "user" option below (changing the user name
    # as appropriate) and adding a "group" option if necessary. Alternatively, you
    # can specify "user" on the transports that are used. Note that those
    # listed below are the same as are used for .forward files; you might want
    # to set up different ones for pipe and file deliveries from aliases.
    
    #spam_filter:
    #  driver = forwardfile
    #  file = /etc/spam.filter
    #  no_check_local_user
    #  no_verify
    #  filter
    #  allow_system_actions
    
    
    
    
    
    
    
    #
    # Optimized spamassassin router (not used if acl spam management is enabled)
    #
    
    
    
    virtual_user_maildir_overquota:
      driver = redirect
      domains = +user_domains
      router_home_directory = ${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}
      require_files = $home/etc/$domain
      condition = "${if exists {$home/etc/$domain/quota}{${if > {${lookup{$local_part}lsearch{$home/etc/$domain/quota}{$value}{0}}}{0}{${if eq {${if exists {$home/mail/$domain/$local_part/maildirsize}{1}{0}}}{0}{${if > {${run {/usr/local/cpanel/bin/eximwrap GETDISKUSED $local_part $domain}}}{${lookup{$local_part}lsearch{$home/etc/$domain/quota}{$value}{0}}}{true}{false}}}{${perl{checkuserquota}{$domain}{$local_part}{$message_size}{${lookup{$local_part}lsearch{$home/etc/$domain/quota}{$value}}}{$home/mail/$domain/$local_part/maildirsize}}}}}{false}}}{false}}"
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      data = :fail:Mailbox quota exceeded
      allow_fail
    
    
    
            
    
    
    
    
    #
    # Optimized spamassasin router (not used if acl spam management is enabled)
    #
    
    
    
            
    
    
    
    
    
    
    
    
    #
    # Account level filtering for everything but the main account
    #
    
    central_filter:
        driver = redirect
        allow_filter
        no_check_local_user
        file = /etc/vfilters/${domain}
        file_transport = address_file
        directory_transport = address_directory
        domains = +user_domains
        pipe_transport = virtual_address_pipe
        reply_transport = address_reply
        router_home_directory = ${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}
        user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
        allow_fail
        no_verify
    
    
    
    #
    # Account level filtering for the main account
    #
    # checks /etc/vfilters/maindomain if its a localuser (ie main acct)
    # 
    mainacct_central_user_filter:
        driver = redirect  
        allow_filter  
        allow_fail
        check_local_user
        domains = ! +user_domains
        condition = ${if eq {${lookup{$local_part}lsearch{/etc/domainusers}{$value}}}{}{0}{${if exists {/etc/vfilters/${lookup{$local_part}lsearch{/etc/domainusers}{$value}}}{1}{0}}}}
        file = "/etc/vfilters/${lookup{$local_part}lsearch{/etc/domainusers}{$value}}"
        directory_transport = address_directory
        file_transport = address_file  
        pipe_transport = address_pipe
        reply_transport = address_reply
        retry_use_local_part  
        no_verify
    
    #
    # User Level Filtering for the main account
    #
    
    
    central_user_filter:
        driver = redirect
        allow_filter
        allow_fail
        check_local_user
        domains = ! +user_domains
        file = "${extract{5}{:}{${lookup passwd{$local_part}{$value}}}}/etc/filter"
        require_files = "+${extract{5}{::}{${lookup passwd{$local_part}{$value}}}}/etc/filter"
        router_home_directory = ${extract{5}{:}{${lookup passwd{$local_part}{$value}}}}
        directory_transport = address_directory
        file_transport = address_file
        pipe_transport = virtual_address_pipe
        reply_transport = address_reply
        retry_use_local_part
        no_verify
    
    #
    # User Level Filtering for virtual users
    #
    
    
    virtual_user_filter:
        driver = redirect
        allow_filter
        allow_fail
        no_check_local_user
        domains = +user_domains
        require_files = "+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/$local_part/filter"
        file = "${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/$local_part/filter"
        router_home_directory = ${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}
        directory_transport = address_directory
        file_transport = address_file
        pipe_transport = virtual_address_pipe
        reply_transport = address_reply
        user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
        retry_use_local_part
        no_verify
    
    
    
    
    
    
    virtual_aliases_nostar:
      driver = redirect
      allow_defer
      allow_fail
      require_files = "+/etc/valiases/$domain"
      data = ${lookup{$local_part@$domain}lsearch{/etc/valiases/$domain}}
      file_transport = address_file
      group = mail
      pipe_transport = virtual_address_pipe
      retry_use_local_part
      unseen
    
    
    
    
    
    
    #
    # Virtual User Spam Boxes
    #
    
    virtual_user_spam:
        driver = accept
        domains = +user_domains
        require_files = "+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/.spamassassinboxenable:+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd"
        condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd}}}{}{false}{${if match{$h_X-Spam-Status:}{\N^Yes\N}{true}{false}}}}
        headers_remove="x-spam-exim"
        transport = virtual_userdelivery_spam
        
    
    
    
    
    virtual_user:
      driver = accept
      headers_remove="x-spam-exim"
      domains = +user_domains
      require_files = "+${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd"
      condition = ${if eq {${lookup {$local_part} lsearch {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/passwd}}}{} {false}{true}}
      transport = virtual_userdelivery
    
    
    
    
    
    
    has_alias_but_no_mailbox_discarded_to_prevent_loop:
            driver = redirect
            require_files = "+/etc/valiases/$domain"
            domains = +user_domains
            condition = "${perl{checkvalias}{$domain}{$local_part}}"
            data="#Exim Filter\nseen finish"
            group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
            user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
            allow_filter
            disable_logging = true
    
    
    
    
    
    
    
    valias_domain_file:
      driver = redirect
      allow_defer
      allow_fail
      require_files = +/etc/vdomainaliases/$domain
      condition = ${lookup {$domain} lsearch {/etc/vdomainaliases/$domain}{yes}{no} }
      data = $local_part@${lookup {$domain} lsearch {/etc/vdomainaliases/$domain} }
    
    virtual_aliases:
        driver = redirect
        allow_defer
        allow_fail
        require_files = "+/etc/valiases/$domain"
        data = ${lookup{*}lsearch{/etc/valiases/$domain}}
        file_transport = address_file
        group = mail
        pipe_transport = virtual_address_pipe
    
    
    
    
    
    
    
    # This director handles forwarding using traditional .forward files.
    # If you want it also to allow mail filtering when a forward file
    # starts with the string "# Exim filter", uncomment the "filter" option.
    # The check_ancestor option means that if the forward file generates an
    # address that is an ancestor of the current one, the current one gets
    # passed on instead. This covers the case where A is aliased to B and B
    # has a .forward file pointing to A. The three transports specified at the
    # end are those that are used when forwarding generates a direct delivery
    # to a file, or to a pipe, or sets up an auto-reply, respectively.
    
    system_aliases:
      driver = redirect
      allow_defer
      allow_fail
      data = ${lookup{$local_part}lsearch{/etc/aliases}}
      file_transport = address_file
      pipe_transport = address_pipe
      retry_use_local_part
    # user = exim
    
                                                                                                                                                                                                                                                           
    local_aliases:
      driver = redirect
      allow_defer
      allow_fail
      data = ${lookup{$local_part}lsearch{/etc/localaliases}}
      file_transport = address_file
      pipe_transport = address_pipe
      check_local_user
                                                                                                                                                                                                                                                           
    
    
    
    
    userforward:
      driver = redirect
      allow_filter
      check_ancestor
      check_local_user
      domains = ! +user_domains
      no_expn
      file = $home/.forward
      file_transport = address_file
      pipe_transport = address_pipe
      reply_transport = address_reply
      directory_transport = address_directory
      no_verify
    
    
    
    
    
    
    #
    # Optimzied spambox router
    #
    
    localuser_spam:
        driver = accept
        headers_remove="x-spam-exim"
        domains = ! +user_domains
        require_files = "+$home/.spamassassinboxenable"
        condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{true}{false}}
        check_local_user
        transport = local_delivery_spam
    
    
    
    localuser:
        driver = accept
        headers_remove="x-spam-exim"
        check_local_user
        domains = ! +user_domains
        transport = local_delivery
    
    
    
    
    # This director matches local user mailboxes.
    
    
    
    
    
    
    
    ######################################################################
    #                      TRANSPORTS CONFIGURATION                      #
    ######################################################################
    #                       ORDER DOES NOT MATTER                        #
    #     Only one appropriate transport is called for each delivery.    #
    ######################################################################
    
    # A transport is used only when referenced from a director or a router that
    # successfully handles an address.
    
    
    # This transport is used for delivering messages over SMTP connections.
    
    begin transports
    
    
    
    
    
    
    # Place holder
    
    
    remote_smtp:
      driver = smtp
      interface = ${if exists {/etc/mailips}{${lookup{$original_domain}lsearch{/etc/mailips}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
      helo_data = ${if exists {/etc/mailhelo}{${lookup{$original_domain}lsearch{/etc/mailhelo}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
    
    
    
    dkim_remote_smtp:
      driver = smtp
      interface = ${if exists {/etc/mailips}{${lookup{$original_domain}lsearch{/etc/mailips}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
      helo_data = ${if exists {/etc/mailhelo}{${lookup{$original_domain}lsearch{/etc/mailhelo}{$value}{${lookup{$sender_address_domain}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
      dkim_domain = $sender_address_domain
      dkim_selector = default
      dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}"
      dkim_canon = relaxed
    
    
    
    # This transport is used for local delivery to user mailboxes. By default
    # it will be run under the uid and gid of the local user, and requires
    # the sticky bit to be set on the /var/mail directory. Some systems use
    # the alternative approach of running mail deliveries under a particular
    # group instead of using the sticky bit. The commented options below show
    # how this can be done.
    
    
    
    local_delivery:
        driver = appendfile
        delivery_date_add
        envelope_to_add
        directory = "${extract{5}{:}{${lookup passwd{$local_part}{$value}}}}/mail"
        maildir_use_size_file
        maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
        maildir_format
        maildir_tag = ,S=$message_size
        quota_size_regex = ,S=(\d+)
        mode = 0660
        return_path_add
        group = ${extract{3}{:}{${lookup passwd{$local_part}{$value}}}}
        user = $local_part
        shadow_condition = ${if exists {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/.cpanel/rim/bis/$local_part}{1}{0}}
        shadow_transport = rim_bis_notifier_local_user
    
    
    
    rim_bis_notifier_local_user:
        driver = pipe
        headers_only
        command = /usr/local/cpanel/bin/rim_bis_notifier "${local_part}"
        group = ${extract{3}{:}{${lookup passwd{$local_part}{$value}}}}
        user = $local_part
        log_output = true
        current_directory = "/tmp"
        return_fail_output = true
        return_path_add = false
    
    
    
    local_delivery_spam:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      directory = "${extract{5}{:}{${lookup passwd{$local_part}{$value}}}}/mail/.spam"
      maildir_use_size_file
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      quota_size_regex = ,S=(\d+)
      group = ${extract{3}{:}{${lookup passwd{$local_part}{$value}}}}
      mode = 0660
      return_path_add
      user = $local_part
    
    
    
    
            
    
    
    
    
    
    
    # This transport is used for handling pipe deliveries generated by alias
    # or .forward files. If the pipe generates any standard output, it is returned
    # to the sender of the message as a delivery error. Set return_fail_output
    # instead of return_output if you want this to happen only when the pipe fails
    # to complete normally. You can set different transports for aliases and
    # forwards if you want to - see the references to address_pipe below.
    
    
    address_directory:
        driver        = appendfile
        maildir_tag = ,S=$message_size
        quota_size_regex = ,S=(\d+)
        maildir_format
        maildir_use_size_file
        maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
        mode = 0660
        delivery_date_add
        envelope_to_add
        return_path_add
    
    address_pipe:
      driver = pipe
      return_output
    
    virtual_address_pipe:
      driver = pipe
      group = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      return_output
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
    
    # This transport is used for handling deliveries directly to files that are
    # generated by aliassing or forwarding.
    
    address_file:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      return_path_add
    
    
    # This transport is used for handling autoreplies generated by the filtering
    # option of the forwardfile director.
    
    
    
            
    
    
    
    virtual_userdelivery_spam:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      directory = "${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/mail/${domain}/${local_part}/.spam"
      maildir_use_size_file
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      quota_size_regex = ,S=(\d+)
      mode = 0660
      quota = "${if exists{${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/${domain}/quota}{$value}}} {}}"
      quota_is_inclusive = false
      quota_directory = "${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/mail/${domain}/${local_part}"
      return_path_add
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup passwd{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}{$value}}}}
    
    
    
    
    
    virtual_userdelivery:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      directory = "${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/mail/${domain}/${local_part}"
      maildir_use_size_file
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      quota_size_regex = ,S=(\d+)
      mode = 0660
      quota = "${if exists{${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/${domain}/quota} {${lookup{$local_part}lsearch*{${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/etc/${domain}/quota}{$value}}} {}}"
      quota_is_inclusive = false
      quota_directory = "${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/mail/${domain}/${local_part}"
      return_path_add
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup passwd{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}{$value}}}}
      shadow_condition = ${if exists {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}{$value}}}}/.cpanel/rim/bis/$local_part@$domain}{1}{0}}
      shadow_transport = rim_bis_notifier_virtual_user
    
    
    
    rim_bis_notifier_virtual_user:
      driver = pipe
      headers_only
      command = /usr/local/cpanel/bin/rim_bis_notifier "${local_part}@${domain}"
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup passwd{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}{$value}}}}
      log_output = true
      current_directory = "/tmp"
      return_fail_output = true
      return_path_add = false
    
    
    
    address_reply:
      driver = autoreply
    
    
    
    archiver_incoming_local_user_method:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      user = $local_part
      group = ${extract{3}{:}{${lookup passwd{$local_part}{$value}}}}
      directory = "${extract{5}{::}{${lookup passwd{$local_part}{$value}}}}/mail/archive/${perl{get_incoming_domain}}/.incoming.${perl{YYYYMMDDGMT}}"
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      maildir_use_size_file
      quota_size_regex = ,S=(\d+)
      mode = 0660
      return_path_add
    
    
    
    
    archiver_incoming_domain_method:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      user = "${lookup{$domain}lsearch* {/etc/userdomains}{$value}}"
      group = ${extract{3}{:}{${lookup passwd{${lookup{$domain}lsearch* {/etc/userdomains}{$value}}}{$value}}}}
      directory = "$home/mail/archive/$domain/.incoming.${perl{YYYYMMDDGMT}}"
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      maildir_use_size_file
      quota_size_regex = ,S=(\d+)
      mode = 0660
      return_path_add
    
    
    
    
    archiver_outgoing:
      driver = appendfile
      delivery_date_add
      envelope_to_add
      user = ${perl{get_outgoing_sender_sysuser}}
      group = ${extract{3}{:}{${lookup passwd{${perl{get_outgoing_sender_sysuser}}}{$value}}}}
      directory = "${extract{5}{::}{${lookup passwd{${perl{get_outgoing_sender_sysuser}}}{$value}}}}/mail/archive/${perl{get_outgoing_sender_domain}}/.${perl{get_outgoing_archive_directory}}.${perl{YYYYMMDDGMT}}"
      maildir_quota_directory_regex = ^(?:cur|new|\.(?!Trash$)[^\@]+)$
      maildir_format
      maildir_tag = ,S=$message_size
      maildir_use_size_file
      quota_size_regex = ,S=(\d+)
      mode = 0660
      return_path_add
    
    
    
    
    
    
    
    
    
    ######################################################################
    #                      RETRY CONFIGURATION                           #
    ######################################################################
    
    # This single retry rule applies to all domains and all errors. It specifies
    # retries every 15 minutes for 2 hours, then increasing retry intervals,
    # starting at 1 hour and increasing each time by a factor of 1.5, up to 16
    # hours, then retries every 8 hours until 4 days have passed since the first
    # failed delivery.
    
    # Domain               Error       Retries
    # ------               -----       -------
    
    
    begin retry
    
    *			quota
    
    
    
    *                      *           F,2h,15m; G,16h,1h,1.5; F,4d,8h
    
    
    
    
    # End of Exim 4 configuration
     
  4. pmc

    pmc Member

    Joined:
    May 13, 2012
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    chattr - exim.pl & then ran upcp.

    It added the new perl language needed to archive.

    Previously I added chattr + to prevent exim cpanel from overwriting config on update thanks.
     
Loading...

Share This Page