Bug#360696: exim4-daemon-heavy: Failed to get write lock forretry.lockfile / exim process hangs with 100% CPU

Michel Meyers steltek at tcnnet.com
Thu Apr 20 19:18:49 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andreas Metzler wrote:
> On 2006-04-04 Michel Meyers <steltek at tcnnet.dyndns.org> wrote:
> [...]
>> (meaning that exim has to retry on my side), the respective exim process
>> gets stuck with 100% CPU usage and the only way to get rid of it is to
>> kill it with signal 9.
> [...]
>
> Hello,
> I have forwarded this upstream
> http://news.gmane.org/find-root.php?message_id=%3codr6h3%2dm06.ln1%40argenau.downhill.at.eu.org%3e
> and got the following response from Phil Hazel
> http://news.gmane.org/find-root.php?message_id=%3cPine.LNX.4.64.0604201644510.16046%40xoanon.csi.cam.ac.uk%3e
> | I found one bug when I first looked at this, but it isn't a processing
> | bug. It is just that it would always say "Failed to get write lock",
> | even when the failure was for a read lock. That was easily fixed.
> |
> | I tried to simulate this problem by patching the code to pretend it had
> | failed to get a lock when trying to update the retry database while
> | tidying up after a 451 failure. (It is, in fact, a write lock here.)

A little note there: I recently sent a message to a misconfigured domain
(their MX was pointing to an invalid hostname that didn't resolve) and
exim got into the same loop, so it doesn't only affect 451 failures but
also other messages deliveries that need to be retried.

=> | I suppose we'll have to look at the configuration that was being used.
> | The given log had this:
> |
> |> 2006-04-04 09:13:48 1FQfhL-00035E-Ay Failed to get write lock for
> |> /var/spool/exim4/db/retry.lockfile: timed out
> |> 2006-04-04 09:14:48 1FQfhL-00035E-Ay Failed to get write lock for
> |> /var/spool/exim4/db/retry.lockfile: timed out

Note that I get those for mails that are not stuck and it might be
normal as mail that comes in gets forwarded through Amavis and Spamcop
here.
The stuck message doesn't seem to appear in the log at all any more,
unless I try to remove it through eximon in which case I get:

2006-04-20 21:06:35 1FWeOO-000396-DP Spool file is locked (another
process is handling this message)

until I kill the hanging process with -9.

> | which suggests two tries for the same message, one minute apart. How
> | often was the OP starting queue runners? I have a feeling this is going
> | to be a long haul...
>
> Could you upgrade to 4.61 (it is now even in etch) and check whether
> the problem still happens?

I already upgraded (being that it entered etch I got it a few days ago)
but the problem persists.

> ould you also answer Phil's questions, i.e. show the configuration and
> how often you are starting queue runners?

Certainly, I have attached the config file template to this message
(hope it goes through OK). The mentioned alias files just have the format:
aliasname: realusername
aliasname2: realusername2

What do you mean with how often I start queue runners? I normally don't
touch exim (except for running mailq, to see whether a message got
stuck, and killing processes with -9).
My /etc/default/exim4 states:
QUEUERUNNER='combined'
QUEUEINTERVAL='30m'
COMMONOPTIONS=''
QUEUERUNNEROPTIONS=''
QFLAGS=''
SMTPLISTENEROPTIONS=''

Hope that helps, let me know if I can help debug this further with my
limited skills and thanks for the support.

        Michel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32) - GPGrelay v0.959

iD8DBQFER96h2Vs+MkscAyURAqdeAJ90zcDb04fv8Bd46/3XbCCaWWJ8FwCeJ2e6
KpFtUTQdEsMJWFpaS/Uz9KE=
=XBVf
-----END PGP SIGNATURE-----
-------------- next part --------------
#########
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# This file is generated dynamically from the files in
# the conf.d/ directory, or from exim4.conf.template respectively.
# Additional information is read from update-exim4.conf.conf
# This version of the file was created from the directory /etc/exim4
# Any changes you make here will be lost.
# See /usr/share/doc/exim4-base/README.Debian.gz and update-exim4.conf(8)
# for instructions of customization.
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
#########

exim_path = /usr/sbin/exim4

.ifndef CONFDIR
CONFDIR = /etc/exim4
.endif

MESSAGE_SIZE_LIMIT = 100M

.ifndef DC_minimaldns

.endif

.ifndef DC_visiblename
DC_visiblename=primarydomain.com
.endif

.ifndef MAIN_LOCAL_DOMAINS
MAIN_LOCAL_DOMAINS = @:localhost:hostname2:hostname3:primarydomain.com:2nddomain.com:3rddomain.com
.endif
domainlist local_domains = MAIN_LOCAL_DOMAINS

.ifndef MAIN_RELAY_TO_DOMAINS
MAIN_RELAY_TO_DOMAINS = 
.endif
domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS

.ifndef MAIN_RELAY_NETS
MAIN_RELAY_NETS = 
.endif
hostlist relay_from_hosts = 127.0.0.1 : ::::1 : MAIN_RELAY_NETS

.ifdef DC_visiblename
qualify_domain = DC_visiblename
.endif

.ifndef DCreadhost
DCreadhost = 
.endif

.ifndef DCsmarthost
DCsmarthost = 
.endif

.ifdef MAIN_LOCAL_INTERFACES
local_interfaces = MAIN_LOCAL_INTERFACES
.else
local_interfaces = 0.0.0.0.25 : 127.0.0.1.10025
.endif

.ifndef LOCAL_DELIVERY
LOCAL_DELIVERY=mail_spool
.endif

gecos_pattern = ^([^,:]*)
gecos_name = $1

.ifndef DCconfig_satellite
.ifndef DCconfig_internet
.ifndef DCconfig_local
.ifndef DCconfig_smarthost
DCconfig_internet = 1
.endif
.endif
.endif
.endif

.ifndef CHECK_RCPT_LOCAL_LOCALPARTS
CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|\'`#&?]
.endif

.ifndef CHECK_RCPT_REMOTE_LOCALPARTS
CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!\'`#&?] : ^.*/\\.\\./
.endif

.ifndef MAIN_ACL_CHECK_RCPT
MAIN_ACL_CHECK_RCPT = acl_check_rcpt
.endif
acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT

.ifndef MAIN_ACL_CHECK_DATA
MAIN_ACL_CHECK_DATA = acl_check_data
.endif
acl_smtp_data = MAIN_ACL_CHECK_DATA

.ifdef MESSAGE_SIZE_LIMIT
message_size_limit = MESSAGE_SIZE_LIMIT
.endif

.ifdef MAIN_ALLOW_DOMAIN_LITERALS
allow_domain_literals
.endif

.ifndef DC_minimaldns
.ifndef MAIN_HOST_LOOKUP
MAIN_HOST_LOOKUP = *
.endif
host_lookup = MAIN_HOST_LOOKUP
.endif

.ifndef MAIN_FORCE_SENDER
local_from_check = false
local_sender_retain = true
untrusted_set_sender = *
.endif

.ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER
MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d
.endif
ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER

.ifndef MAIN_TIMEOUT_FROZEN_AFTER
MAIN_TIMEOUT_FROZEN_AFTER = 7d
.endif
timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER

.ifndef MAIN_FREEZE_TELL
MAIN_FREEZE_TELL = postmaster
.endif
freeze_tell = MAIN_FREEZE_TELL

.ifndef SPOOLDIR
SPOOLDIR = /var/spool/exim4
.endif
spool_directory = SPOOLDIR

.ifndef MAIN_TRUSTED_USERS
MAIN_TRUSTED_USERS = uucp
.endif
trusted_users = MAIN_TRUSTED_USERS
.ifdef MAIN_TRUSTED_GROUPS
trusted_groups = MAIN_TRUSTED_GROUPS
.endif

log_selector = +tls_cipher +tls_peerdn

smtp_banner = "[TCN] ESMTP Service ready. NO UCE!"

.ifdef MAIN_TLS_ENABLE
.ifndef MAIN_TLS_ADVERTISE_HOSTS
MAIN_TLS_ADVERTISE_HOSTS = *
.endif
tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS

.ifndef MAIN_TLS_CERTIFICATE
MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt
.endif
tls_certificate = MAIN_TLS_CERTIFICATE

.ifndef MAIN_TLS_PRIVATEKEY
MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key
.endif
tls_privatekey = MAIN_TLS_PRIVATEKEY

.ifndef MAIN_TLS_VERIFY_CERTIFICATES
MAIN_TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt}\
                                    {/etc/ssl/certs/ca-certificates.crt}\
				    {/dev/null}}
.endif
tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES

.ifdef MAIN_TLS_VERIFY_HOSTS
tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS
.endif

.ifndef MAIN_TLS_TRY_VERIFY_HOSTS
MAIN_TLS_TRY_VERIFY_HOSTS = *
.endif
tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS

.endif

begin acl

acl_whitelist_local_deny:
  accept
    hosts = ${if exists{CONFDIR/local_host_whitelist}\
                 {CONFDIR/local_host_whitelist}\
                 {}}
  accept
    senders = ${if exists{CONFDIR/local_sender_whitelist}\
                   {CONFDIR/local_sender_whitelist}\
                   {}}

  .ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
  .include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
  .endif

acl_check_rcpt:
  defer
    message        = $sender_host_address is not yet authorized to deliver \
                     mail from <$sender_address> to <$local_part@$domain>. \
                     Please try later.
    log_message    = greylisted.
    !senders       = :
    !hosts         = : +relay_from_hosts : \
                     ${if exists {/etc/greylistd/whitelist-hosts}\
                                 {/etc/greylistd/whitelist-hosts}{}} : \
                     ${if exists {/var/lib/greylistd/whitelist-hosts}\
                                 {/var/lib/greylistd/whitelist-hosts}{}}
    !authenticated = *
    !acl           = acl_whitelist_local_deny
    domains        = +local_domains : +relay_to_domains
    verify         = recipient/callout=20s,use_sender,defer_ok
    condition      = ${readsocket{/var/run/greylistd/socket}\
                                 {--grey \
                                  ${mask:$sender_host_address/24} \
                                  $sender_address \
                                  $local_part@$domain}\
                                 {5s}{}{false}}

  accept
    hosts = :

  warn
    hosts = +relay_from_hosts
    control = submission/sender_retain

  .ifdef CHECK_RCPT_LOCAL_LOCALPARTS
  deny
    domains = +local_domains
    local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
    message = restricted characters in address
  .endif

  .ifdef CHECK_RCPT_REMOTE_LOCALPARTS
  deny
    domains = !+local_domains
    local_parts = CHECK_RCPT_REMOTE_LOCALPARTS
    message = restricted characters in address
  .endif

  accept
    .ifndef CHECK_RCPT_POSTMASTER
    local_parts = postmaster
    .else
    local_parts = CHECK_RCPT_POSTMASTER
    .endif
    domains = +local_domains : +relay_to_domains

  deny
    message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
    !acl = acl_whitelist_local_deny
    senders = ${if exists{CONFDIR/local_sender_blacklist}\
                   {CONFDIR/local_sender_blacklist}\
                   {}}

  deny
    message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
    !acl = acl_whitelist_local_deny
    hosts = ${if exists{CONFDIR/local_host_blacklist}\
                 {CONFDIR/local_host_blacklist}\
                 {}}

  .ifdef CHECK_RCPT_VERIFY_SENDER
  deny
    message = Sender verification failed
    !acl = acl_whitelist_local_deny
    !verify = sender
  .endif

  deny
    !acl = acl_whitelist_local_deny
    senders = ${if exists{CONFDIR/local_sender_callout}\
                         {CONFDIR/local_sender_callout}\
                   {}}
    !verify = sender/callout

  deny
    !acl = acl_whitelist_local_deny
    recipients = ${if exists{CONFDIR/local_rcpt_callout}\
                            {CONFDIR/local_rcpt_callout}\
                      {}}
    !verify = recipient/callout

  .ifdef CHECK_RCPT_REVERSE_DNS
  warn
    message = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
     condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
                      {yes}{no}}
  .endif

  .ifdef CHECK_RCPT_IP_DNSBLS
  warn
    message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    dnslists = CHECK_RCPT_IP_DNSBLS
  .endif
    dnslists = sbl-xbl.spamhaus.org

  .ifdef CHECK_RCPT_DOMAIN_DNSBLS
  warn
    message = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
                    {CONFDIR/local_domain_dnsbl_whitelist}\
                    {}}
    dnslists = CHECK_RCPT_DOMAIN_DNSBLS/$sender_address_domain
  .endif

  .ifdef CHECK_RCPT_LOCAL_ACL_FILE
  .include CHECK_RCPT_LOCAL_ACL_FILE
  .endif

  accept
    domains = +local_domains
    endpass
    message = unknown user
    verify = recipient

  accept
    domains = +relay_to_domains
    endpass
    .ifdef CHECK_RCPT_GIVE_UNKNOWN_USER
    message = ${if eq{$acl_verify_message}{Unrouteable address}{unknown user}{$acl_verify_message}}
    .else
    message = unrouteable address
    .endif
    verify = recipient

  accept
    hosts = +relay_from_hosts

  accept
    authenticated = *

  deny
    message = relay not permitted

acl_check_data:
  defer
    message        = $sender_host_address is not yet authorized to deliver \
                     mail from <$sender_address> to <$recipients>. \
                     Please try later.
    log_message    = greylisted.
    senders        = :
    !hosts         = : +relay_from_hosts : \
                     ${if exists {/etc/greylistd/whitelist-hosts}\
                                 {/etc/greylistd/whitelist-hosts}{}} : \
                     ${if exists {/var/lib/greylistd/whitelist-hosts}\
                                 {/var/lib/greylistd/whitelist-hosts}{}}
    !authenticated = *
    !acl           = acl_whitelist_local_deny
    condition      = ${readsocket{/var/run/greylistd/socket}\
                                 {--grey \
                                  ${mask:$sender_host_address/24} \
                                  $recipients}\
                                  {5s}{}{false}}

   warn condition = ${if !def:h_Message-ID: {1}}
        hosts = +relay_from_hosts
        message = Message-ID: <E$message_id@$primary_hostname>

  .ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX
  deny
    message = Message headers fail syntax check
    !acl = acl_whitelist_local_deny
    !verify = header_syntax
  .endif

  .ifdef CHECK_DATA_VERIFY_HEADER_SENDER
  deny
    message = No verifiable sender address in message headers
    !acl = acl_whitelist_local_deny
    !verify = header_sender
  .endif

  .ifdef CHECK_DATA_LOCAL_ACL_FILE
  .include CHECK_DATA_LOCAL_ACL_FILE
  .endif

  accept

begin routers

virtual_alias_2nddomain:
  driver = redirect
  allow_defer
  allow_fail
  data = ${lookup{$local_part}lsearch{/etc/exim4/aliases.virtual.2nddomain}}
  domains = 2nddomain.com
  qualify_preserve_domain
  retry_use_local_part

virtual_alias_3rddomain:
  driver = redirect
  allow_defer
  allow_fail
  data = ${lookup{$local_part}lsearch{/etc/exim4/aliases.virtual.3rddomain}}
  domains = 3rddomain.com
  qualify_preserve_domain
  retry_use_local_part

amavis:
	no_verify
  local_part_suffix= -*                                                
  local_part_suffix_optional
  check_local_user
	driver = manualroute
       condition = "${if or {{eq {$interface_port}{10025}} \
                         {eq {$received_protocol}{spam-scanned}} \
                         {eq {$sender_address}{}} \
                        }{0}{1}}"
	domains = +local_domains
	transport = amavis
	route_list = "* localhost byname"
	self = send

spamcheck_router:
  no_verify
  local_part_suffix= -*                                                   
  local_part_suffix_optional
  check_local_user
  condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}}} {1}{0}}"
  driver = accept
  transport = spamcheck

.ifdef MAIN_ALLOW_DOMAIN_LITERALS
domain_literal:
  debug_print = "R: domain_literal for $local_part@$domain"
  driver = ipliteral
  domains = ! +local_domains
  transport = remote_smtp
.endif

hubbed_hosts:
  debug_print = "R: hubbed_hosts for $domain"
  driver = manualroute
  domains = "${if exists{CONFDIR/hubbed_hosts}\
                   {partial-lsearch;CONFDIR/hubbed_hosts}\
              fail}"
  same_domain_copy_routing = yes
  route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
  transport = remote_smtp

.ifdef DCconfig_internet

dnslookup_relay_to_domains:
  debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
  driver = dnslookup
  domains = ! +local_domains : +relay_to_domains
  transport = remote_smtp
  same_domain_copy_routing = yes
  no_more

dnslookup:
  debug_print = "R: dnslookup for $local_part@$domain"
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  same_domain_copy_routing = yes
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
                        172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\
			255.255.255.255
  no_more

.endif

.ifdef DCconfig_local
nonlocal:
  debug_print = "R: nonlocal for $local_part@$domain"
  driver = redirect
  domains = ! +local_domains
  allow_fail
  data = :fail: Mailing to remote domains not supported
  no_more

.endif

.ifdef DCconfig_smarthost DCconfig_satellite

smarthost:
  debug_print = "R: smarthost for $local_part@$domain"
  driver = manualroute
  domains = ! +local_domains
  transport = remote_smtp_smarthost
  route_list = * DCsmarthost byname
  host_find_failed = defer
  same_domain_copy_routing = yes
  no_more

.endif

real_local:
  debug_print = "R: real_local for $local_part@$domain"
  driver = accept
  domains = +local_domains
  local_part_prefix = real-
  check_local_user
  transport = LOCAL_DELIVERY

system_aliases:
  debug_print = "R: system_aliases for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  allow_fail
  allow_defer
  data = ${lookup{$local_part}lsearch{/etc/aliases}}
  user = list
  file_transport = address_file
  pipe_transport = address_pipe

.ifdef DCconfig_satellite
hub_user:
  debug_print = "R: hub_user for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  data = ${local_part}@DCreadhost
  check_local_user

hub_user_smarthost:
  debug_print = "R: hub_user_smarthost for $local_part@$domain"
  driver = manualroute
  domains = DCreadhost
  transport = remote_smtp_smarthost
  route_list = * DCsmarthost byname
  host_find_failed = defer
  same_domain_copy_routing = yes
  check_local_user
.endif

userforward:
  debug_print = "R: userforward for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  check_local_user
  file = $home/.forward
  no_verify
  no_expn
  local_part_suffix= -*
  local_part_suffix_optional
  check_ancestor
  allow_filter
  directory_transport = address_directory
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply
  skip_syntax_errors
  syntax_errors_to = real-$local_part@$domain
  syntax_errors_text = \
    This is an automatically generated message. An error has\n\
    been found in your .forward file. Details of the error are\n\
    reported below. While this error persists, you will receive\n\
    a copy of this message for every message that is addressed\n\
    to you. If your .forward file is a filter file, or if it is\n\
    a non-filter file containing no valid forwarding addresses,\n\
    a copy of each incoming message will be put in your normal\n\
    mailbox. If a non-filter file contains at least one valid\n\
    forwarding address, forwarding to the valid addresses will\n\
    happen, and those will be the only deliveries that occur.

procmail:
  debug_print = "R: procmail for $local_part@$domain"
  driver = accept
  domains = +local_domains
  check_local_user
  transport = procmail_pipe
  require_files = ${local_part}:\
                  ${if exists{/etc/procmailrc}\
                    {/etc/procmailrc}{${home}/.procmailrc}}:\
                  +/usr/bin/procmail
  no_verify
  no_expn

maildrop:
  debug_print = "R: maildrop for $local_part@$domain"
  driver = accept
  domains = +local_domains
  check_local_user
  transport = maildrop_pipe
  require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
  no_verify
  no_expn

local_user:
  debug_print = "R: local_user for $local_part@$domain"
  driver = accept
  domains = +local_domains
  check_local_user
  local_parts = ! root
  transport = LOCAL_DELIVERY
  local_part_suffix = -*
  local_part_suffix_optional

mail4root:
  debug_print = "R: mail4root for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  data = /var/mail/mail
  file_transport = address_file
  local_parts = root
  user = mail
  group = mail

begin transports

amavis:
	driver = smtp
	port = 10024
	allow_localhost

spamcheck:
    driver = pipe
    command = /usr/sbin/exim4 -oMr spam-scanned -bS
    use_bsmtp = true
    transport_filter = /usr/bin/spamc
    home_directory = "/tmp"
    current_directory = "/tmp"
    user = Debian-exim
    group = Debian-exim
    log_output = true
    return_fail_output = true
    return_path_add = false
    message_prefix =
    message_suffix =

address_file:
  debug_print = "T: address_file for $local_part@$domain"
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add

address_pipe:
  debug_print = "T: address_pipe for $local_part@$domain"
  driver = pipe
  return_fail_output
  return_path_add
  environment = EXTENSION=${substr_1:$local_part_suffix}:\
                RECIPIENT=$local_part$local_part_suffix@$domain

address_reply:
  debug_print = "T: autoreply for $local_part@$domain"
  driver = autoreply

mail_spool:
  debug_print = "T: appendfile for $local_part@$domain"
  driver = appendfile
  file = /var/mail/$local_part
  delivery_date_add
  envelope_to_add
  return_path_add
  group = mail
  mode = 0660
  mode_fail_narrower = false

maildir_home:
  debug_print = "T: maildir_home for $local_part@$domain"
  driver = appendfile
  .ifdef MAILDIR_HOME_MAILDIR_LOCATION
  directory = MAILDIR_HOME_MAILDIR_LOCATION
  .else
  directory = $home/Maildir
  .endif
  .ifdef MAILDIR_HOME_CREATE_DIRECTORY
  create_directory
  .endif
  .ifdef MAILDIR_HOME_CREATE_FILE
  create_file = MAILDIR_HOME_CREATE_FILE
  .endif
  delivery_date_add
  envelope_to_add
  return_path_add
  maildir_format
  .ifdef MAILDIR_HOME_DIRECTORY_MODE
  directory_mode = MAILDIR_HOME_DIRECTORY_MODE
  .else
  directory_mode = 0700
  .endif
  .ifdef MAILDIR_HOME_MODE
  mode = MAILDIR_HOME_MODE
  .else
  mode = 0600
  .endif
  mode_fail_narrower = false

maildrop_pipe:
  debug_print = "T: maildrop_pipe for $local_part@$domain"
  driver = pipe
  path = "/bin:/usr/bin:/usr/local/bin"
  command = "/usr/bin/maildrop"
  return_path_add
  delivery_date_add
  envelope_to_add

procmail_pipe:
  debug_print = "T: procmail_pipe for $local_part@$domain"
  driver = pipe
  path = "/bin:/usr/bin:/usr/local/bin"
  command = "/usr/bin/procmail"
  return_path_add
  delivery_date_add
  envelope_to_add

remote_smtp:
  debug_print = "T: remote_smtp for $local_part@$domain"
  driver = smtp

remote_smtp_smarthost:
  debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
  driver = smtp
  hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}}
  tls_tempfail_tryclear = false
  
  

address_directory:
  debug_print = "T: address_directory for $local_part@$domain"
  driver = appendfile
  envelope_to_add = true
  return_path_add = true
  check_string = ""
  escape_string = ""
  maildir_format

begin retry

*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h

begin rewrite

*@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses}\
                   {$value}fail}" Ffrs
*@primarydomain.com "${lookup {${local_part}} lsearch {/etc/email-addresses} {$value} fail }" Ffrs

begin authenticators

cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
  client_secret = ${extract{2}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}

plain:
  driver = plaintext
  public_name = PLAIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
  client_send = "${if !eq{$tls_cipher}{}{\
                     ^${extract{1}{::}\
		       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
		     ^${extract{2}{::}\
		       {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
		   }fail}"
.else
  client_send = "^${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.endif

login:
  driver = plaintext
  public_name = LOGIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
  client_send = "${if and{\
                          {!eq{$tls_cipher}{}}\
                          {!eq\
                              {${lookup{$host}lsearch*{CONFDIR/passwd.client}\
                                 {$value}fail}}\
                              {}}\
                         }\
                      {}fail}\
                 : ${extract{1}{::}\
		        {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
		 : ${extract{2}{::}\
		     {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.else
  client_send = "${if !eq\
                          {${lookup\
                            {$host}lsearch*{CONFDIR/passwd.client}\
                            {$value}fail}}\
                          {}\
                      {}fail}\
                 : ${extract{1}{::}\
                        {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
                 : ${extract{2}{::}\
                        {${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
.endif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: config.autogenerated.asc
Type: application/octet-stream
Size: 205 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-exim4-maintainers/attachments/20060420/3a567d62/config.autogenerated-0001.obj


More information about the Pkg-exim4-maintainers mailing list