CPanel: Change Exim.conf
Aug 6, 2007change some variables in exim.conf so that they will not be modified next time cPanel will update exim.
Basically I need to modify this:
smtp_banner and rfc1413_query_timeout.
ADVERTISEMENT
Exim.conf Missing (cpanel Server)
Jan 7, 2007Broadcast message from root (Sat Jan 6 15:52:08 2007):
cPanel Layer 2 Update Commencing
Broadcast message from root (Sat Jan 6 16:01:09 2007):
cPanel Layer 2 Install Complete
I got this message while leaving my computer on over the weekend. And suddenly find that my mail server aint' working. So i tried to restart exim
root@kuching [~]# service exim restart
Shutting down exim: [FAILED]
Shutting down antirelayd: [ OK ]
Shutting down spamd: [ OK ]
Starting exim: 2007-01-07 20:47:43 non-existent configuration file(s): /etc/exim.conf
[FAILED]
Starting exim-smtps: 2007-01-07 20:47:43 non-existent configuration file(s): /etc/exim.conf
[FAILED]
Starting antirelayd: [ OK ]
Starting spamd: [ OK ]
I tried to reinstall exim by # /scripts/exim4 --force
It doesn't work again, so I tried to update again # /scripts/upcp --force
Exim - How To Remove Rbl Lists From Exim.conf
May 2, 2007I am having issues in receieving emails. For some reason, the rbl lists I had setup are causing the server to reject emails (retry - timeout). So, I need to take this rbl list completely. How can I do that? exim.conf is locked and using the advanced editor is no fun even though I tried it putting the dnslists without the rbl causing the problem.
View 3 Replies View RelatedResetting Exim Conf
Jan 17, 2007There is a simple way to reset my exim.conf to default one on a cpanel server?
View 6 Replies View RelatedAdding RBL Domains To Exim.conf
Aug 6, 2008My server runs on cPanel
Any of you guys can suggest what kind of RBL domains that is recommended to reject spam mails directly?
Change Path Of Exim Log
Dec 12, 2008How do I change the path of the Exim log directory? I am using Cpanel/WHM.
View 5 Replies View RelatedHow To Change Smtp Relay Ip For Exim
Jan 14, 2007to change ip for smtp relay. I need to use a separate ip to send all the emails from my server.
View 6 Replies View RelatedChange Exim Smtp Port To 26
May 26, 2007should i need to edit /etc/services and /etc/exim.conf?
View 3 Replies View RelatedCan't Get Return-Path, Envelope-From To Change In Exim
Sep 11, 2007I've read everything I can find in google and tried it all but I just can't get Return-Path / Envelope-From to change when using centos+cpanel+exim+php4 it insists on sending as nobody@server.VPShostname.com which several very picky email services will promptly bounce
I've tried the following:
1. inserted the "magical" fifth parameter into mail() on php making it -fuser@example.com
2. double checked php.ini to make sure php is using exim - it is:
sendmail_path/usr/sbin/sendmail -t -i
3. used cpanel's own advanced exim editor to add at the top of the exim conf
trusted_users = nobody
(which i don't like but at this point I'll accept any technique that works)
4. restarted all services, exim, php, apache
5. I even found an obscure reference to /etc/email-addresses which can contain a whitelist so I added the email address there
DNS Issues Rndc.conf & Named.conf
Apr 8, 2009It started with this error:
Bind reloading on server01 using rndc zone: [ns1.mydomain.net]
Error reloading bind on server01: rndc: connect failed: 127.0.0.1#953: connection refused
so i did the obvious checked the csf firewall to see if port 953 was enabled and it was
so i took a look at rndc.conf
Code:
root@server01 [~]# nano /etc/rndc.conf
#start of rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "KLGSBmWZrev0I4fR4Tm4GXxdcYSTFzF23b1f9is1M=";
};
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
# End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed:
#key "rndc-key" {
# algorithm hmac-md5;
# secret "KLGSBmWZrev0I4fR4Tm4GXxdcYSTFzF23b1f9is1M=";
#};
#
# controls {
# inet 127.0.0.1 port 953
# allow { 127.0.0.1; } keys { "rndc-key"; };
# };
# End of named.conf
Then i took a look at named.conf
Code:
options {
/* make named use port 53 for the source of all queries, to allow
* firewalls to block all ports except 53:
*/
//query-source port 53;
/* We no longer enable this by default as the dns posion exploit
has forced many providers to open up their firewalls a bit */
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // the default
pid-file "/var/run/named/named.pid";
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
/* memstatistics-file "data/named_mem_stats.txt"; */
};
logging {
/* If you want to enable debugging, eg. using the 'rndc trace' command,
* named will try to write the 'named.run' file in the $directory (/var/named").
* By default, SELinux policy does not allow named to modify the /var/named" directory,
* so put the default debug log file in data/ :
*/
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
// All BIND 9 zones are in a "view", which allow different zones to be served
// to different types of client addresses, and for options to be set for groups
// of zones.
//
// By default, if named.conf contains no "view" clauses, all zones are in the
// "default" view, which matches all clients.
//
// If named.conf contains any "view" clause, then all zones MUST be in a view;
// so it is recommended to start off using views to avoid having to restructure
// your configuration files in the future.
view "localhost_resolver" {
/* This view sets up named to be a localhost resolver ( caching only nameserver ).
* If all you want is a caching-only nameserver, then you need only define this view:
*/
match-clients { 127.0.0.0/24; };
match-destinations { localhost; };
recursion yes;
zone "." IN {
type hint;
file "/var/named/named.ca";
};
/* these are zones that contain definitions for all the localhost
* names and addresses, as recommended in RFC1912 - these names should
* ONLY be served to localhost clients:
*/
include "/var/named/named.rfc1912.zones";
};
Customized Named.conf In CPanel
Oct 28, 2009I'd like to add geodns to BIND, so I need to modify named.conf. All that I will put into is a include of an acl file (for different IP ranges), and add a new view for existed domain.
My VPS use cPanel. What is the best way to handle this, as named.conf can be modify by cPanel? I can modify the template in /scripts/rebuilddnsconfig, but I don't know how to add a new view.
There's only one site in my VPS. But I use a few subdomains in DNS (legacy issues). Only one db file in /var/named/
While Add Subdomain/domain(while Cpanel Edit The Httpd.conf)
Jul 22, 2007When cpanel edit the httpd.conf(to add subdomain/domain/etc) made a wrong.
In the lines
BytesLog /usr/local/apache/domlogs/domainorsubdomainname.com-bytes_log
CustomLog /usr/local/apache/domlogs/domainorsubdomainname.com combined
it breaks them as follows
--
BytesLog /usr/local/apache/domlogs/domainorsubdomainname.com
-bytes_log
CustomLog /usr/local/apache/domlogs/domainorsubdomainname.com
combined
And httpd cannot start and failed.
Exim/Cpanel SPF
Jun 26, 2008How do you get Exim to rewrite/remove
Received: from ip.isp.com ([123.123.123.123])
by mx.myhost.net with esmtpa (Exim 4.69)
I'm trying to avoid the error
Received-SPF: softfail (google.com: domain of transitioning me@myhost.net does not designate 123.123.123.123 as permitted sender) client-ip=123.123.123.123;
Basically, any email thats sent through myhost.net should look like it was sent directly.
Reliable RBL For Use In Exim On Cpanel?
Mar 28, 2009What are some good and reliable RBL for use in Exim on Cpanel? Please provide full urls.
View 5 Replies View RelatedExim/Cpanel No Such User Here
Jun 25, 2008I'm having an issue with email generated from a website contact form. The email is being sent from the website via php. The issue is that the email address that it is being sent to is a domain/website that is also on cpanel. It is trying to deliver it to a local account, but the email is acutally on a third party system outside of cpanel. Does anyone know anyway for exim to not try and deliver locally?
View 4 Replies View RelatedCPanel/WHM (Exim) SPF Records
Jun 2, 2008I seem to be experiencing some difficulty adding SPF records via "Edit DNS Zone". When adding these records and checking them with several SPF record checkers, it always reports a record such as the following:
“v=spf1
Which turns out to be invalid, and definitely not the record I had specified. The record I specified looks like the following:
"v=spf1 a mx ip4:XXX.XXX.XXX.XXX ~all"
XXX.XXX.XXX.XXX being a valid IP, of course.
Is there known issues when adding these types of records via WHM?
And to make it clear, I have added these records as TXT type, with and without the quotes.
Cpanel > Exim > Domainkeys
Feb 21, 2007Wondered if anyone out there would like to share their experience, if any, of setting up cpanel to work with domainkeys via exim.
Hopefully anyone reading this thread will know by now what domainkeys are and how it affects the delivering of email to most major email providers inboxes rather than spam/bulk folders.
antispam.yahoo.com/domainkeys
The domainkeys support for exim is now in the 'experimental' phase:
duncanthrax.net/exim-experimental/
(page allegedly updated on 30th Oct, 06)
However cpanel themselves seem to be dragging their feet a little with implementing it:
bugzilla.cpanel.net/show_bug.cgi?id=4099
This is understandable considering support for domainkeys is not yet part of the main exim core code, and thus is likely to change. From what I've been reading elsewhere, re-compiling and upgrading exim is not advisable with cpanel.
My knowledge of exim (and cpanel TBH) is limited however, and I was wondering what might be the implications of *ahem* hacking it a little in order to enable domainkeys.
SPF records alone just don't seem to cut it anymore.
Exim Filtering Options In Cpanel
Sep 11, 2008more specific filtering options in cpanel exactly:
if header from contains 'example' and also header from contains 'example2' then discard
in cpanel it just has one word or phrase i need the filter to check for 2 words in any order in the from field
Exim + Cpanel + Dspam Howto
Mar 21, 2007I found a handful of howto's for dspam, but none of them catered for exim with virtual users. After hunting around, I eventually have it working on a cPanel server, with user authentication for mail users.
My setup:
dspam version 3.6.8, using mysql driver.
exim version 4.
mysql 4.1
CentOS (2.6.9-023stab033.9-enterprise)
cPanel / WHM - latest RELEASE version.
Download the source, configure and compile:
Code:
# cd /usr/local/src
# wget http://dspam.nuclearelephant.com/sou...m-3.6.8.tar.gz
# tar -zxf dspam-3.6.8.tar.gz
# cd dspam-3.6.8
Configure, replacing user/groups with your web-server user (web / apache / nobody), and use your mysql-include / library paths (will need mysql-devel on rh based systems).
Code:
# ./configure --prefix=/opt/dspam-3.6.8 --with-local-delivery-agent=/usr/sbin/exim --with-storage-driver=mysql_drv --with-userdir=/var/spool/mail/dspam --with-userdir-owner=nobody --with-userdir-group=nobody --with-dspam-mode=none --with-dspam-owner=nobody --with-dspam-group=nobody --enable-whitelist --enable-spam-delivery --enable-alternative-bayesian --disable-dependency-tracking --enable-virtual-users --with-mysql-includes=/usr/include/mysql --with-mysql-libraries=/usr/lib/mysql/ --with-dspam-home=/opt/dspam-3.6.8/var/dspam
# make && make install
Set up mysql
Code:
# mysqladmin -p create dspamdb
# mysql -p
>grant all privileges on dspamdb.* to dspamuser@localhost identified by dspampass;
>flush privileges;
>exit;
Create tables:
Code:
mysql -p dspamdb < /usr/local/src/dspam-3.6.8/src/tools.mysql_drv/mysql_objects_speed.sql
mysql -p dspamdb < /usr/local/src/dspam-3.6.8/src/tools.mysql_drv/virtual_users.sql
Link dspam in opt for easy versioning:
Code:
ln -s dspam-3.6.8 /opt/dspam
Copy the web interface files to a web directory:
Code:
# cp webui/cgi-bin /opt/dspam -r
# cp webui/htdocs /opt/dspam/
This next step is required for pop3 authentication.
Install perl module Apache::AuthPOP3 - which does apache pop3 authorisation:
Code:
perl -MCPAN -e shell
install Apache::AuthPOP3
Next, apache will need mod_perl installed - WHM -> Apache Update will allow you to enable the perl module (I am running it alongside php with no issues).
Then in /usr/local/apache/conf/httpd.conf:
Code:
ScriptAlias /dspam/ /opt/dspam/cgi-bin/
Alias /dspam_files/ /opt/dspam/htdocs/
<Directory /opt/dspam/cgi-bin>
Options None
AllowOverride AuthConfig
Order allow,deny
Allow from all
</Directory>
Create .htaccess in /opt/dspam/cgi-bin as follows:
Code:
AuthName "Dspam"
AuthType Basic
PerlAuthenHandler Apache::AuthPOP3
PerlSetVar MailHost localhost
Require valid-user
#PerlSetVar UserMap pop3user1=>realname1,pop3user2=>realname2
#Require user pop3user1 pop3user2 pop3user3 pop3user4
there are 2 commented parameters you can set when using POP3 auth - sure its pretty self-explanatory.
Set up admin user (the admin_user must be able to authenticate as a pop user):
Code:
#echo "admin_user" >> /opt/dspam/cgi-bin/admins
Create a queuesize script for web user - so dspam can determine how many messages in the queue.
Code:
vi /usr/local/bin/eximqsize
#!/bin/sh
/usr/bin/find /var/spool/exim/input/ -type f | wc -l | cut -d" " -f1-
##EOF
# chmod 4755 /usr/local/bin/eximqsize
# chown nobody /usr/local/bin/eximqsize
Configure web ui, edit /opt/dspam/cgi-bin/configure.pl:
Code:
$CONFIG{'MAIL_QUEUE'} = "/usr/local/bin/eximqsize";
$CONFIG{'WEB_ROOT'} = "/dspam_files";
$CONFIG{'LOCAL_DOMAIN'} = "FQDN"; #your servers fully qualified domain name - e.g. host.yourdomain.com
Next, set the default preferences for the system (you need /opt/dspam/bin in your path if you copy and paste this...):
Code:
dspam_admin ch pref default trainingMode TEFT
dspam_admin ch pref default spamAction quarantine
dspam_admin ch pref default spamSubject "[SPAM]"
dspam_admin ch pref default enableWhitelist on
dspam_admin ch pref default showFactors off
Permissions:
I would suggest reading the README over dspam to get a full understanding of the permissions required for running of dspam. My permissions were:
Code:
# chown nobody:mail /opt/dspam/var/dspam -R
# chown nobody:mail /opt/dspam/etc/ -R
Edit dspam.conf (in /opt/dspam/etc/. I have only listed the parameters I changed here...):
Code:
TrustedDeliveryAgent "/usr/sbin/exim -oMr spam-scanned"
Trust: root
Trust: mail
Trust: nobody / httpd #choose 1 - what ever your webserver runs as - `ps axu | grep httpd` to find out
#Use the same details as you did for the "grant all privileges on...." statement in mysql.
MySQLServer /var/lib/mysql/mysql.sock
MySQLPort
MySQLUser dspamuser
MySQLPass dspampass
MySQLDb dspamdb
MySQLCompress true
MySQLVirtualTable dspam_virtual_uids
MySQLVirtualUIDField uid
MySQLVirtualUsernameField username
Almost there....
Confirm that mysql is configure to listen on a socket in /etc/my.cnf (or whereever your config file is):
Code:
# cat /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
Now the final step - exim configuration. This is the part that took the longest, hopefully it works for you. Just as I read in the howto's I used for this, please please please dont just copy and paste - you stand a good chance of breaking your mail server if you make changes without understanding. Be warned.
My config file is /etc/exim.conf. This should be edited using the WHM -> Exim Configuration Editor -> Advanced.
Code:
#Routers - Add these in the box before virtual_user delivery / user delivery router).
dspam_router:
no_verify
#uncomment the next line to disable dspam for virtual users.
# check_local_user
condition = "${if and {
{!def:h_X-Spam-Flag:}
{!def:h_X-FILTER-DSPAM:}
{!eq {$sender_address_domain}{$domain}}
{!eq {$received_protocol}{local}}
{!eq {$received_protocol}{spam-scanned}}
} }"
headers_add = "X-FILTER-DSPAM: by $primary_hostname on $tod_full"
driver = accept
transport = dspam_spamcheck
## The next 2 routers allow you to forward spam / non-spam to dspam for training (e.g. spam-yourmail@yourdomain.net).
# spam-username
dspam_addspam_router:
driver = accept
local_part_prefix = spam-
transport = dspam_addspam
# nospam-username
dspam_falsepositive_router:
driver = accept
local_part_prefix = notspam-
transport = dspam_falsepositive
##Transports - can be added anywhere:
#this adds the spam-scanned protocol header, so when it is passed back to exim after being processed by dspam, it doesnt get stuck in a loop.
dspam_spamcheck:
driver = pipe
command = "/usr/sbin/exim -oMr spam-scanned -bS"
transport_filter = "/opt/dspam/bin/dspam --stdout --deliver=innocent,spam --user $local_part@$domain"
use_bsmtp = true
home_directory = "/tmp"
current_directory = "/tmp"
user = nobody
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
dspam_addspam:
driver = pipe
command = "/opt/dspam/bin/dspam --user $local_part@$domain --class=spam --source=error"
home_directory = "/tmp"
current_directory = "/tmp"
user = nobody
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
dspam_falsepositive:
driver = pipe
command = "/opt/dspam/bin/dspam --user $local_part@$domain --class=innocent --source=error"
home_directory = "/tmp"
current_directory = "/tmp"
user = nobody
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
If you have set up authentication correctly as well, then you should be able to open [url] and log in - if you add your login details to the "admins" file, you can configure defaults, etc. It also allows ALL users (with 1 user being an email account) to log in, using www.yourclientsdomain.com/dspam/dspam.cgi
This will not work with suexec enabled!! This is because dspam needs specific permissions, and it is expecting user nobody to access it. If suexec is enabled, you will need to use the default host, and NOT virtual hosts (and even this may not work - testing still required).
Watch exim_mainlog after this - you should pick up what transports and routers are being used.
Dspam can really hammer a system - mysql, cpu and memory usage will go up a bit, especially on busy production servers. Monitor your servers performance.
Other settings: add /opt/dspam/man to MANPATH in /etc/man.config or move dspam man directory to an existing man directory.
[ADDED]
This dspam.cgi hack will do a lookup in the cpanel config file to find the domain for any username without a domain, and append it on match (or leave just the username part if nothing is found). This requires unsecuring your system a bit - your http user will need to be able to read /etc/trueuserdomains (either chmod 644 or chown nobody):
Code:
#add this just after $CURRENT_USER is set.
if ($CURRENT_USER !~ /@.+./) {
open(TUD, "</etc/trueuserdomains");
while(<TUD>) {
my ($domain, $user) = split(/:/,$_);
chomp($user);
$user =~ s/^s*//g;
if ($user eq $CURRENT_USER) {
$CURRENT_USER = $CURRENT_USER . "@$domain";
}
}
close(TUD);
}
That should do it
dspam will allow all messages through by default, and will require some training. With this config, users can train using email commands - all they need to do is forward any spam that hits their mailbox to spam-emailaddress@domain.com (their own email address with spam- prepended). Unfortunately this does not allow handling of false positives if you are using a "quarantine" policy instead of subject. the web interface comes in handy for this.
I am busy testing a combination of dspam with assp, which seems to be working well - I especially like the greylisting feature of assp and ProtectionBox... Will add to this howto when testing is finish.
Clean Old Accounts From Exim / CPanel
Nov 8, 2007We are having trouble with disk space on some of our shared hosting servers and we are wondering if anyone have a script to clean e-mails from exim not checked in the last 60 days ?
View 1 Replies View RelatedExim Maxing Out After V 11 Upgrade - Cpanel
Aug 28, 2007Are there others that are having a problem with exim getting slammed with the max allowed connections after updating to cpanel 11?
I have upgraded perl to 5.8.8 and upgraded cpanel. Now, all day yesterday, last night, and now.. pstree is showing exim maxed out.
Clients are complaining that they can't send email due to the "too many connections" error.
I have bumped up the max to 300 for now to hopefully get more clients able to send, but it is quickly working its way over 200 as I type this.
I have tried every setting in the exim configuration editor, on and off, I have a data center techs working on it since yesterday...
Exim Can`t Send E-mails After Cpanel Upgrade
May 2, 2009we have a freebsd/cpanel box what seems to be trouble prone combination, specially for exim.
After cpanel upgrade, exim simple has stopped. Somehow I managed receiving on this way:
# /etc/init.d/exim start
/libexec/ld-elf.so.1: Shared object "libperl.so" not found, required by "sendmail"
I checked which perl version is running: perl -v
This is perl, v5.10.0 built for i386-freebsd-64int
then applied:
unix1# ln -s /usr/local/lib/perl5/5.10.*/mach/CORE/libperl.so /usr/local/lib
unix1# /etc/init.d/exim start
exim exim antirelaydunix1#
unix1#
but this solved only half of a problem, now we can receive e-mails, but not send them, what is really frustrating.
Here is the error which cpanel sends on each 5 min:
exim failed @ Fri May 1 16:06:15 2009. A restart was attempted automatically.
Service Check Method: [tcp connect]
Failure Reason: TCP Transaction Log:
<< 220-xxxxxxxxxx.xxxx ESMTP Exim 4.69 #3 Fri, 01 May 2009 16:06:41 +0200 << <<
>> EHLO localhost
<< 250-xxxx.xxxx.xxx Hello localhost [127.0.0.1] << << << << <<
>> AUTH PLAIN
>> AF9fY3BhbmVsX19zZXJ2aWNlX19hdXRoX19leGltX19Nd2NxU1pyUng1S3R5YTl2enZaV
>> zN4R3Q1MU5WdTh1MHBZcnI4NDhqaWVtWFhSY3VraERTSGZnZU1tQkpiVXNWAFRkbzNpY3
>> ZVTUg1N1Z0R0t5c2VLYW82T1U1UFlqRDEwVThpVXlGSUpFMkZDRWVFaWxzTTNZMHVaRGd
>> UWXM1WnU=
<<
exim: ** [ != 2]
and I can not find the solution for this almost two days (!), no help for host support either. Closest what I have found on net is this topic:
[url]