» FAQ по Exim MTA

Помогите, что-то где-то.... понять не могу:
есть транспорт:
local_delivery:
driver = appendfile
file = /var/mail/${local_part}
create_directory
delivery_date_add
envelope_to_add
return_path_add
user = ${local_part}
group = exim
mode = 0660
при отправке юзерю письма ищет домашнюю директорию... Зачем? если точно указан файл, куда складывать почту????

при этом некоторым пользователям уходят письма номрально...:
2007-07-31 17:36:01 1IFrtJ-0002Dq-5N => administrator <administrator@local> R=localuser T=local_delivery
2007-07-31 17:36:01 1IFrtJ-0002Dq-5N Completed
а вот этому никак???
2007-07-31 17:37:24 1IFpkb-00026T-L4 == robot-ia@local R=localuser T=local_delivery defer (2): No such file or directory: failed to chdir to /home/robot-ia

sergiigray
а юзер robot-ia вообще существует?

Само собой. Я уже разобрался. установил доп.параметр в транспорте... home_directory

ребят, подскажите как сделать релеинг почты приходящей на определенный домен(ы) на определенный хост ?

есть:

domainlist relay_to_domains = example.com

accept domains = +relay_to_domains
endpass
verify = recipient


а вот где сказать на какой хост все это передавать - не пойму. Заранее благодарю.

Скажу честно, топик не смотрел...
Есть Exim (OpenBSD), есть Active Directory (LDAP-каталог).
Задача - сделать динамический список рассылки (группу).
Как должно работать - при отправке письма на эту группу, Exim должен просматривать LDAP-каталог по определенному запросу (н-р все объекты класса User из OU такого-то), и выбирать из низ значение поля mail, брать его и отправлять письмо.

"Внимание, вопрос". Реализуемо ли это в Exim? Если да - то в какую сторону копать, буду неимоверно счастлив, если еще и с примером.
Если нет - может подскажите, может есть альтернатива (под BSD, GPL или GNU, т.е. не коммерческое)?

ЗЫ Если кому-то покажется это бредом - просьба оставить свое мнение при себе. В Exch такое работает на-ура.

Здравствуйте.
Использую:
FreeBSD 6.2
MySQL 51
Exim 4.67

Сделал большую часть по инструкции, но ставил из портов.
Получаю следующуу ошибку при тестах:

Код: %exim -bt admin
admin@mydomain.ru cannot be resolved at this time: condition check lookup defer

x

Цитата:

x

информативно

Хочу чтоб в mainlog не писались сообщения reject, т.к. они и так пишутся в rejectlog. В конфиге написал:

log_selector = -connection_reject

и все равно в mainlog наблюдаю:

2007-08-07 14:04:23 H=(mch-marketing.de) [200.35.41.180] F=<tgeustace@mch-marketing.de> rejected RCPT <ufpaa@bdo-balance.dp.ua>: rejected because 200.35.41.180 is in a black list at bl.spamcop.net

я что-то упустил?

подскажите пожалуйста, какая выглядит переменная экзима, которая описывает тему сообщения (думаю что должно быть типа как $sender_host_name или $sender_helo_name), чтобы потом для нее создать правило в ACL

Здравствуйте. Имеется вот такой конфиг:
http://pastey.net/71982
При отправке сообщений с этого сервера получаются странные заголовки Sender: "user@domain.tld"@domain.tld. Это local_part так определяется криво? в чём косяк?

Добавлено:
Проблема решена:

accept authenticated = *
control = submission/domain=

Уважаемые знатоки! )
Имеет ли кто опыт работы exim+drweb?
Я сначала пытался так:
av_scanner = drweb:/var/drweb/run/.daemon
и так:
av_scanner = drweb:localhost 3000
не происходит вобще ничего...
потом прикручивал фильтр drweb-exim c помощью ротора (всё 1в1 по оф.докам):
почта не ходит, [more=в лог сыпется:]
1IJPwo-000P8u-1a <= drweb@example.net U=drweb P=local S=3443
1IJPwn-000P8p-Ve => foo <foo@example.net> R=drweb_router T=drweb_transport
1IJPwn-000P8p-Ve Completed
1IJPwo-000P8z-3s <= drweb@example.net U=drweb P=local S=3627 id=E1IJPwo-000P8u-1a@example.net
1IJPwo-000P8u-1a => foo <foo@example.net> R=drweb_router T=drweb_transport
1IJPwo-000P8u-1a Completed

---skip--- (повторенно примерно 30 раз)

1IJPwq-000PBF-5t ** foo@example.net: Too many "Received" headers - suspected mail loop
1IJPwq-000PBH-7E <= <> R=1IJPwq-000PBF-5t U=mailnull P=local S=9550
1IJPwq-000PBF-5t Completed
1IJPwq-000PBM-A0 <= <> U=drweb P=local S=9736 id=E1IJPwq-000PBH-7E@example.net
1IJPwq-000PBH-7E => drweb <drweb@example.net> R=drweb_router T=drweb_transport
1IJPwq-000PBH-7E Completed
1IJPwq-000PBR-Ci <= <> U=drweb P=local S=9878 id=E1IJPwq-000PBH-7E@example.net
1IJPwq-000PBM-A0 => drweb <drweb@example.net> R=drweb_router T=drweb_transport
1IJPwq-000PBM-A0 Completed

---skip--- (так же примерно 30 раз повторяется)

1IJPws-000PDh-Pi <= <> U=drweb P=local S=13854 id=E1IJPwq-000PBH-7E@example.net
1IJPws-000PDh-Pi ** drweb@example.net: Too many "Received" headers - suspected mail loop
1IJPws-000PDh-Pi Frozen (message created with -f <>)
1IJPws-000PDc-N2 => drweb <drweb@example.net> R=drweb_router T=drweb_transport
1IJPws-000PDc-N2 Completed
[/more]
Вот дрвебовские [more=ротор и транспорт:]
#Enable Anti-Virus support with DrWeb.
drweb_router:
driver = accept
condition = "${if eq {$received_protocol}{drweb-scanned}{0}{1}}"
transport = drweb_transport
retry_use_local_part
no_verify

#drweb_transport:
driver = pipe
check_string =
command = /usr/local/drweb/drweb-exim --conf=/usr/local/etc/drweb/drweb_exim.conf -f ${sender_address} -- ${pipe_addresses}
# If you want use SpamAssassin together with drweb uncomment next line
# transport_filter = /usr/bin/spamc -u drweb -s 500000
current_directory = "/var/drweb/spool"
escape_string =
group = mail
# headers_add = "X-Virus-Scanned: DrWEB for Exim"
message_prefix =
message_suffix =
path = "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/sbin:/usr/local/drweb"
no_return_output
no_return_path_add
user = drweb
[/more]

В /var/drweb/spool нашел несколько пустых файлов

root:~>lf /var/drweb/spool
drweb.tmp.3HpA4a drweb.tmp.UzfKxQ drweb.tmp.ZzXB3O drweb.tmp.b1e3FO
drweb.tmp.QOH6cO drweb.tmp.XwvxGb drweb.tmp.aIWLDp drweb.tmp.tL8KO4

Вот [more=фрагмент лога дрвеба:]
[6535] /var/drweb/spool/drweb.tmp.YyrOtW/[text:plain] - Ok
[6536] /var/drweb/spool/drweb.tmp.6Lon1e - archive MAIL
[6536] /var/drweb/spool/drweb.tmp.6Lon1e/[text:plain] - Ok
[6538] /var/drweb/spool/drweb.tmp.9QB8zx - archive MAIL
[6538] /var/drweb/spool/drweb.tmp.9QB8zx/[text:plain] - Ok
[6529] /var/drweb/spool/drweb.tmp.VqhFfB - archive MAIL
[6529] /var/drweb/spool/drweb.tmp.VqhFfB/[text:plain] - Ok
[/more]
А [more=вот так собран эксим:]
WITH_CONTENT_SCAN= yes
# WITHOUT_OLD_DEMIME= yes
#WITH_EXIMON= yes
#WITH_SA_EXIM= yes
#WITH_FIXED_NEVER_USERS= root:daemon:bin
#WITH_TCP_WRAPPERS= yes
WITH_MYSQL= yes
#WITH_MYSQL_VER= 40
#WITH_PGSQL= yes
#WITH_SQLITE= yes
WITH_SASLAUTHD= yes
#WITH_PWCHECK= yes
WITHOUT_IPV6= yes
WITH_OPENLDAP= yes
WITH_OPENLDAP_VER= 23
WITH_BDB_VER?=1
WITH_DEFAULT_CHARSET?= koi8-r
#WITHOUT_TLS= yes
#WITHOUT_TLS= yes
#WITHOUT_PERL= yes
#WITHOUT_PAM= yes
#WITHOUT_AUTH_CRAM_MD5= yes
#WITHOUT_AUTH_PLAINTEXT= yes
#WITHOUT_AUTH_DOVECOT= yes
#WITHOUT_AUTH_SPA= yes
WITH_AUTH_SASL= yes
#WITH_AUTH_RADIUS= yes
#WITH_RADIUS_TYPE= RADLIB
#WITHOUT_MAILDIR= yes
#WITHOUT_MAILSTORE= yes
#WITHOUT_MBX= yes
#WITHOUT_CDB= yes
#WITHOUT_DNSDB= yes
#WITHOUT_DSEARCH= yes
#WITHOUT_LSEARCH= yes
#WITHOUT_NIS= yes
#WITHOUT_PASSWD= yes
#WITHOUT_LMTP= yes
#WITHOUT_ALT_CONFIG_PREFIX= yes
#WITH_WISHLIST= yes
#WITH_SPF= yes
#WITH_DOMAINKEYS= yes
#WITH_SRS= yes
#WITH_SRS_ALT= yes
#WITH_READLINE= yes
#WITHOUT_SUID= yes
#WITHOUT_DAEMON= yes
[/more]
Демон дрвеба запущен и работает,получает все обновления.
До этого работал с сендмэйлом без проблем.
Все пути и права проверял несколько раз.
Что можете глядя на всё это посоветовать?
Пасиба.

pervyjnah
Опыт имеется. Желательно подключать через сокет.
av_scanner = drweb:/var/run/drweb

Чтобы понять, почему и отчего у вас не работает это прекрасный антивирус, подключающийся "с полпинка", давайте сюда ваш конфиг. И

Код: uname -rsnm

Спасибо за быстрый ответ.
[more=конфиг екзима]
##################################################################
####        Mailman Configuration            ##########
##################################################################
# Home dir for your Mailman installation
MM_HOME=/usr/local/mailman

# User and group for Mailman, should match your --with-mail-gid
MM_UID=mailman
MM_GID=mail

# The path of the Mailman mail wrapper script
MM_WRAP=MM_HOME/mail/mailman

# The path of the list config file (used as a required file when
# verifying list addresses)
MM_LISTCHK=MM_HOME/lists/${lc::$local_part}/config.pck

######################################################################
#######        LDAP CONFIGURATION SETTINGS            ######
######################################################################

ldap_default_servers = mydomain.net::389
LDAP_AUTH = user="foo@mydomain.net" pass="secret"

######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################

primary_hostname = mydomain.net

domainlist mm_domains = mydomain.net
domainlist local_domains = \
${lookup mysql{select domain from domain where domain='${domain}' \
and (type='local' or type='virtual')}}
#domainlist local_domains = @
domainlist relay_to_domains =
hostlist relay_from_hosts = localhost:127.0.0.1/8:10.0.0.0/24: \
            ${lookup mysql{SELECT domain FROM domain \
            WHERE (domain='${host_address}' OR domain='${host}') AND type='RELAY' AND active='1'}}
hide mysql_servers = localhost/exim/sqlmail/secret

acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data


# Allow any client to use TLS.

tls_advertise_hosts = *
tls_certificate = /etc/ssl/certs/exim.crt
tls_privatekey = /etc/ssl/certs/exim.key

# daemon_smtp_ports = 25
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

# qualify_domain =

# qualify_recipient =

# allow_domain_literals

exim_user = mailnull
exim_group = mail
# never_users = root

host_lookup = *

rfc1413_hosts = *
rfc1413_query_timeout = 0s


# By default, Exim expects all envelope addresses to be fully qualified, that
# is, they must contain both a local part and a domain. If you want to accept
# unqualified addresses (just a local part) from certain hosts, you can specify
# these hosts by setting one or both of
#
# sender_unqualified_hosts =
# recipient_unqualified_hosts =
#
# to control sender and recipient addresses, respectively. When this is done,
# unqualified addresses are qualified using the settings of qualify_domain
# and/or qualify_recipient (see above).


# percent_hack_domains =

ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d

# system_filter = /var/spool/exim/vacation/.autoreply.msg
# system_filter_user = mailnull
# system_filter_group = mail
# system_filter_reply_transport = address_reply

# log_selector = +all
TRUSTED_USERS = drweb
# av_scanner = drweb:/var/drweb/run/.daemon
av_scanner = drweb:/var/drweb/run/.daemon

######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################

begin acl

acl_check_rcpt:

accept hosts = :
accept hosts = localhost:mydomain.net:

deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]

deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

accept local_parts = postmaster
domains = +local_domains


#      require verify = sender

accept authenticated = *
     endpass
control = submission

deny message         = HELO/EHLO required by SMTP RFC
condition        = ${if eq{$sender_helo_name}{}{yes}{no}}
    
deny message         = Go Away! You are spammer.
condition         = ${if match{$sender_host_name} \
             {bezeqint\\.net|net\\.il|dialup|dsl|pool|peer|dhcp}{yes}{no}}

accept hosts            = +relay_from_hosts    

accept domains         = +local_domains:+relay_to_domains
         endpass
         message        = Recipient unknown...
         verify            = recipient

# require message = relay not permitted
# domains = +local_domains : +relay_to_domains

deny message     = Access deny - there is NOT an open relay!
delay             = 30s


acl_check_data:

accept



######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
# THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT! #
# An address is passed to each router in turn until it is accepted. #
######################################################################

begin routers

# domain_literal:
# driver = ipliteral
# domains = ! +local_domains
# transport = remote_smtp

# Enable Anti-Virus support with DrWeb.
# drweb_router:
#     driver = accept
#     condition = "${if eq {$received_protocol}{drweb-scanned}{0}{1}}"
#     retry_use_local_part
#     transport = drweb_transport
#     no_verify

mailman_router:
driver = accept
domains = +mm_domains
require_files = MM_LISTCHK
    condition = first_delivery
local_part_suffix_optional
    local_part_suffix = -bounces : -bounces+* : \
-confirm+* : -join : -leave : \
-owner : -request : -admin
transport = mailman_transport


dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

majordomo_aliases:
    driver = redirect
    allow_defer
    allow_fail
    data = ${lookup mysql{SELECT goto FROM alias \
    WHERE (address='${local_part}@${domain}' OR address='${local_part}') AND domain='${domain}'}}
#          domains = example.com
    file_transport = address_file
    pipe_transport = majordomo_pipe
    retry_use_local_part
    no_rewrite
    user = majordom

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup mysql{SELECT goto FROM alias \
    WHERE (address='${local_part}@${domain}' OR address='${local_part}')}}
    # AND domain='${domain}'}}
    pipe_transport = address_pipe

userforward:
driver = redirect
allow_fail
allow_defer
reply_transport = address_reply
data = ${lookup mysql{SELECT recipients FROM userforward \
    WHERE local_part='${local_part}' AND domain='${domain}'}}


##Vacation Router##
# uservacation:
# driver = redirect
# allow_filter
# hide_child_in_errmsg
# ignore_eacces
# ignore_enotdir
# reply_transport = address_reply
# no_verify
# require_files = /var/spool/exim/vacation/.autoreply.msg
# file = /var/spool/exim/vacation/.autoreply.msg
# user = mailnull
# group = mail
# unseen
vacation_director:
    driver = accept
    domains = ${lookup mysql{SELECT domain FROM vacation WHERE \
                domain='${quote_mysql:$domain}' AND \
                email='${quote_mysql:$local_part}' OR email='${quote_mysql:$local_part@$domain}' AND \
                active='1'}{$value}}
                transport = vacation_autoreply
    unseen

virtual_localuser:
driver = accept
domains = ${lookup mysql{SELECT domain from domain WHERE domain='${domain}'}}
local_parts = ${lookup mysql{SELECT username from mailbox \
WHERE username ='${local_part}@${domain}' OR username='${local_part}' AND domain='${domain}'}}
transport = local_delivery

localuser:
driver = accept
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
transport = local_delivery
cannot_route_message = Unknown user

ldapuser:
    driver = accept
#     condition = ${if eq{}{${lookup ldapdn{LDAP_AD_MAIL_RCPT} \
#                 {${local_part}}{no}{yes}}}}
    condition = ${if eq{}{${lookup ldapdn{LDAP_AUTH \
    ldap:///dc=my,dc=domain,dc=net??sub?(&(| \
        (objectClass=user) \
        (objectClass=organizationalPerson) \
        (objectClass=person)) \
    (sAMAccountName=${quote_ldap:$local_part}))}}}{no}{yes}}
#     condition = first_delivery
    transport = local_delivery


######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################

begin transports

remote_smtp:
driver = smtp

local_delivery:
driver = pipe
command = /usr/local/cyrus/bin/deliver ${local_part}
return_path_add
return_output
message_prefix = ""
user = cyrus

mailman_transport:
driver = pipe
command = MM_WRAP \
'${if def:local_part_suffix \
{${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \
{post}}' \
$local_part
current_directory = MM_HOME
home_directory = MM_HOME
user = MM_UID
group = MM_GID

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

# address_reply:
# driver = autoreply
# subject = Re: $h_subject:
# headers_remove = Content-Type: text/plain; charset=windows-1251
vacation_autoreply:
    driver = autoreply
    once = /var/spool/exim/vacation/once/$local_part
    once_repeat = 6h
    user = mailnull
    group = mail
    to = ${sender_address}
    from = "${local_part}@${domain}"
    log = /var/log/exim/vacation.log
    subject = "Auto Reply from ${local_part}@${domain}"
    text = ${lookup mysql {SELECT body FROM vacation \
            WHERE domain='${quote_mysql:$domain}' AND \
            email='${quote_mysql:$local_part}' OR email='${quote_mysql:$local_part@$domain}'}{$value}}

majordomo_pipe:
    driver = pipe
    group = daemon
    return_fail_output
    user = majordom

# This transport is used for checking messages for viruses
# drweb_transport:
#     driver = pipe
#     check_string =
#     command = /usr/local/drweb/drweb-exim --conf=/usr/local/etc/drweb/drweb_exim.conf -f ${sender_address} -- ${pipe_addresses}
#     # If you want use SpamAssassin together with drweb uncomment next line
#     # transport_filter = /usr/bin/spamc -u drweb -s 500000
#     current_directory = "/var/drweb/spool"
#     escape_string =
#     group = mail
#     # headers_add = "X-Virus-Scanned: DrWEB for Exim"
#     message_prefix =
#     message_suffix =
#     path = "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/sbin:/usr/local/drweb"
#     no_return_output
#     no_return_path_add
#     user = drweb

######################################################################
# RETRY CONFIGURATION #
######################################################################

begin retry

# Address or Domain Error Retries
# ----------------- ----- -------

* * F,2h,15m; G,16h,1h,1.5; F,4d,6h



######################################################################
# REWRITE CONFIGURATION #
######################################################################

# There are no rewriting specifications in this default configuration file.

begin rewrite




######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################

begin authenticators

PLAIN:

driver            = plaintext
public_name        = PLAIN
server_condition    = ${if ldapauth \
                 {user="${quote_ldap_dn:$auth2}@mydomain.net" \
                 pass=${quote:$auth3} \
                 ldap://domain.mydomain.net/}{yes}{no}}
server_prompts         = :
server_set_id        = $2

LOGIN:

river                 = plaintext
public_name         = LOGIN
server_prompts     = Username:: : Password::
server_condition     = ${if ldapauth \
                 {user="${quote_ldap_dn:$auth1}@mydomain.net" \
                 pass=${quote:$auth2} \
                 ldap://domain.mydomain.net/}{yes}{no}}

auth_cram_md5:
    driver = cram_md5
    public_name = CRAM-MD5
#     server_secret = ${if ldapauth \
#                  {user="${quote_ldap_dn:$1}@mydomain.net" \
#                  pass=${quote} \
#                  ldap://domain.mydomain.net/}{yes}{no}}
    server_secret = ${lookup mysql{SELECT decrypt FROM users \
                    WHERE login = '${quote_mysql:${local_part:$1}}' \
                    AND domain = '${quote_mysql:${domain:$1}}' \
                    AND status = '1'}{$value}fail}
    server_set_id = $1
[/more]

[more=конфиг дрвеба]
;
; Dr.Web (R) Configuration file
; $Revision: 1.30 $
;

;---------------------------------------------------------------
[Daemon]

; =======================
; = Engine settings =
; =======================

;EnginePath = { path to the file, usual extension is dll }
; Location of drweb32.dll module (search module). This parameter is
; also used by the updating module to update the search module. You
; may specify relational path, but it is strongly recommended to make
; it absolute.
EnginePath = "/usr/local/drweb/lib/drweb32.dll"

;VirusBase = { list of the paths (masks) to the files, usual extension is vdb }
; Masks for the loaded virus bases. This parameter is also used by
; the updating module to update antivirus' bases. A few masks can be
; enumerated.
VirusBase = "/var/drweb/bases/*.vdb", "/var/drweb/bases/*.VDB"

;UpdatePath = { path }
; This parameter is used by update script. This is a place for files
; (except drweb32.dll and bases) has been downloaded by update script.
UpdatePath = "/var/drweb/updates"

;TempPath = { path }
; This path is used by antivirus engine for creating temporary files.
; /tmp would been used if TempPath is not defined.
; Normally, the daemon attempts to avoid using of TempPath.
TempPath = "/var/drweb/spool"

;LngFileName = { path to the language resource file, usual extension - dwl }
; Localization file location.
;LngFileName = "/usr/local/drweb/lib/ru_daemon.dwl"

;Key = {path to the file, usual extension is key }
; Location of the file with the registration key. You may specify
; relational path, but it is strongly recommended to make it
; absolute.
Key = "/usr/local/drweb/drweb32.key"

;MailAddressesList = {path to the file}
; This file is used only if you have bought e-mail license for
; 15 and 30 addresses.
; Location of file with list of licensed email addresses.
; Format of file: one address per line. Address can be in local
; or local@fqdn form. See default email.ini for examples.
MailAddressesList = "/usr/local/etc/drweb/email.ini"

; ========================
; = Running settings =
; ========================

;OutputMode = { Terminal | Quiet }
; Mode of output startup information on the console, Quiet cancels
; output.
OutputMode = Terminal

;RunForeground = { Yes | No }
; Disable(Yes)/Enable(No) daemon mode (chdir to / and fork).
RunForeground = No

;User = { user name }
; The user whose rights the daemon is run under. It is recommended to
; create in the system a special drweb user which will be used by the
; daemon and some filters in future. It is undesirable to use DrWeb
; Daemon with root rights although it requires much less setting
; (particularly in the case of Samba servers).
; WARNING: User value can not be changed during SIGHUP
; handling (reload configuration on the fly).
User = drweb

;UserID = { numeric ID }
;GroupID = { numeric ID }
; Group and user ID. Daemon will work with their rights. The
; parameters get ignored if the User parameter is set.
;     WARNING: These values can not be changed during SIGHUP
; handling (reload configuration on the fly).
; Default value: absent

;PidFile = { path to file }
; File name where information on its PID and Unix socket (if
; SocketMode is Unix) or port number (if SocketMode is TCP) will be
; written when the daemon gets started.
; Default value:
; "/var/drweb/run/drwebd.pid"
PidFile = "/var/drweb/run/drwebd.pid"

;BusyFile = { path to file }
; Daemon's busy file name: it is created by the scanning "copy" of
; the daemon if having been commanded and gets removed after
; transmitting the result of its execution. File name created by
; every "copy" of the daemon gets expanded with a point and ASCIIZ
; representation of PID (e.g., /var/run/drwebd.bsy.123456).
; Default value: absent (file does not get created)
BusyFile = "/var/drweb/run/drwebd.bsy"

;MaxChildren = "value"
; Sets maximum amount of simultaneously working child (scanning)
; processes. If Prefork parameter is set to "No" (see below),
; then new scan process is created for each query. If Prefork is
; set to "Yes" then daemon will start number of scan processes,
; equal to MaxChildren at startup. Recommended value - from 3 upto
; 16 processes per CPU.
MaxChildren = 32

;PreFork = { Yes | No }
; Sets mode of child (scan) processes creation procedure.
; PreFork mode more fast but consumes more memory because
; scanning processes are present in memory always.
; If you change this parameter, you must unload and load
; Dr.Web daemon again.
; WARNING: PreFork value can not be changed during SIGHUP
; handling (reload configuration on the fly).
PreFork = Yes

;MailCommand = { command }
; This command will be used for admins notification by
; daemon and updater.
MailCommand = "/usr/sbin/sendmail -i -bm -f drweb -- root"

; =========================
; = Scanning settings =
; =========================

;FileTimeout = { value, seconds }
; Maximum checking time of an object in single session.
FileTimeout = 30

;StopOnFirstInfected = { Yes | No }
; Cancel or not message checking after first virus detection.
; Setting to {Yes} value can minimize mail-server load and
; message check time.
StopOnFirstInfected = No

;ScanPriority = { value }
; Priority of the scanning process. This value should be in the range
; -20 (highest) to 20 (lowest).
;ScanPriority = 0

;FilesTypes = { extension list }
; Types of files that will get checked if by type scanning is
; performed, i.e. ScanFiles parameters has ByType value. "*" and "?"
; characters admissible.
;FilesTypes = EXE,COM,SYS,OV?,BAT,BIN,DRV,PRG,BOO,SCR,CMD,VXD,386,DLL,FON,DO?
;FilesTypes = XL?,WIZ,RTF,CL*,HT*,VB*,JS*,INF,AR?,ZIP,R??,PP?,OBJ,LIB,HLP,MD?
;FilesTypes = INI,MBR,IMG,CSC,CPL,MBP,SHS,SHB,PIF,SO,CHM,REG,XML,PRC,ASP,LSP
;FilesTypes = MSO,OBD,THE*,NWS,SWF,BMP,MPP,OCX,DVB,CPY,MSG,EML

;ScanFiles = { All | ByType | ByFormat }
; The files that will get checked after having been extracted from
; the archive. If ByType is set the so called file extensions are
; taken into account (file extension is the last suffix after "." in
; the file name; if there is no ".", file has no extension). The file
; extension values are set either by default, or in the parameter(s)
; FilesTypes. If ByFormat is set, only the files included into the
; checkable set get checked. The aim of the check is to find out
; whether they can be virus carriers, i.e. executable files (file
; name and extension are not taken into account). And only then only
; presumably executable files will be scanned for viruses. Important
; note: the All mode is always enabled in the mail files. ByType and
; ByFormat values can be applied only in "local" scanning mode.
ScanFiles = All

;CheckPackedFiles = { Yes | No }
; Should unpacking of the executable files packed by DIET, PKLITE
; etc. utilities be performed.
CheckPackedFiles = Yes

;CheckArchives = { Yes | No }
; Should unpacking of the archives of ZIP (WinZip, InfoZIP...), RAR,
; ARJ, TAR, GZIP and CAB formats be performed.
CheckArchives = Yes

;CheckEMailFiles = { Yes | No }
; Should files in e-mail formats get scanned.
CheckEMailFiles = Yes

;ExcludePaths = { list of the paths (mask) to the files }
; Masks for the files should not been checked by daemon.
ExcludePaths =

;FollowLinks = { Yes | No }
; Should the symbolic links be followed when scanning.
FollowLinks = No

;RenameFilesTo = { mask }
; Special mask for renaming files using file extension.
; If file has not have extension then mask would been
; added to file. Symbol "?" in mask is replaced by original
; symbol of file extension in same position.
; This feature is used only by Dr.Web VFS for Samba.
; Examples:
; Let RenameFilesTo = #??
; 1) Infected files original name was: eicar.com
; then renamed filename would: eicar.#om
; 2) Infected files original name was: this_a_virus
; then renamed filename would: this_a_virus.#
RenameFilesTo = #??

;MoveFilesTo = { path }
; Path to quarantine directory.
; This feature is used only by Dr.Web VFS for Samba.
MoveFilesTo = "/var/drweb/infected"

;BackupFilesTo = { path }
; Path to directory is used for backup infected files
; if curing has been requested. No backup copies will
; be created if parameter was not been defined.
;BackupFilesTo = "/var/drweb/infected"


; ====================
; = Log settings =
; ====================

;LogFileName = { file name }
; Log file name. You may specify "syslog" as name, the report will be
; logged by means of syslogd system service. Using syslog, pay
; attention to SyslogFacility and SyslogPriority options. Since
; syslog has a few files to log different events and different degrees
; of their importance, you can find out where the daemon's report will
; be written to, basing on these two parameters and the contents of
; the configuration file syslog (usually /etc/syslogd.conf).
;LogFileName = "syslog"
;SyslogFacility = "Daemon"
;SyslogPriority = "Info"
LogFileName = "/var/drweb/log/drwebd.log"

;LimitLog = { Yes | No }
; Enable/Disable limit for log file size. Parameter
; is used only if LogFileName is not "syslog"
; See alse MaxLogSize for limit.
LimitLog = No

;MaxLogSize = { filesize in Kb }
; This parameter defines maximum size of logfile and is
; used only if LimitLog = Yes.
MaxLogSize = 512

;LogScanned = { Yes | No }
; Should the information on all the checked objects independently
; infected or not get logged in the log file.
LogScanned = Yes

;LogInfected = { Yes | No }
; Should the information on infected objects get logged in the log file.
LogInfected = Yes

;LogPacked = { Yes | No }
; Should the additional information on the files packed by the DIET,
; PKLITE etc. utilities get logged in the log file.
LogPacked = Yes

;LogArchived = { Yes | No }
; Should the additional information on the archiving programs (like
; RAR, ZIP, TAR etc) get logged in the log file.
LogArchived = Yes

;LogTime = { Yes | No }
; Should the time of every record get logged.
LogTime = Yes

;LogProcessInfo = { Yes | No }
; Should prepend each every logged record with scanning process pid
; and client address (hostname or IP).
LogProcessInfo = Yes

;RecodeNonprintable = { Yes | No }
; Mode of output of unvisible for this terminal symbols into the logfile.
RecodeNonprintable = Yes

;RecodeMode = { Replace | QuotedPrintable }
; Method of recoding of unvisible symbols, if RecodeNonprintable equal to
; "Yes". Unvisible symbols would been replaced by RecodeChar (see below),
; if this option has "Replace" value.
RecodeMode = QuotedPrintable

;RecodeChar = { "?" | "_" | ... }
; Defines a symbol that would been placed instead of unvisible symbols,
; if RecodeMode option has "Replace" value.
RecodeChar = "?"

; ==============================
; = Communication settings =
; ==============================

;Socket = port [Interfaces]
;Socket = file [Access]
; Description of socket, used for communication with daemon.
; The first form describes TCP-socket, parameter {port} - decimal
; port number, {interfaces} - list of listening interface names or
; IP-addresses.
; Example:
; Socket 3000 127.0.0.1
; The second form describes unix-socket, {file} - socket name,
; {access} - octal value of access rights.
; Example:
; Socket /var/drweb/run/.daemon
; Number of socket keys is not limited, daemon will work with all
; correctly described sockets.
; Example:
; drweb32.ini:
; Socket 3000 localhost, 10.0.0.1
; Socket /var/drweb/run/.daemon
; {filter}.conf:
; Address = local:/var/drweb/run/.daemon, inet:3000@localhost, inet:3000@10.0.0.1
Socket = /var/drweb/run/.daemon
Socket = 3000 127.0.0.1

;SocketTimeout = { value, seconds }
; Time of reception/transmission of all the data via the socket
; (without considering file scanning time).
SocketTimeout = 10

;ListeningQueue = "value"
; Defines sockets queue maximum size. Value may vary from 0 to
; SOMAXCONN (depends on the OS).
ListeningQueue = 128

; =================================
; = Archive scanning settings =
; = Protection from DoS attacks =
; =================================

;MaxCompressionRatio = { value }
; Maximum compression ratio, i.e. ratio of the unpacked file length
; to the length of the packed file in the archive. If the ratio
; exceeds the value, the file will not be extracted and therefore
; will not be checked. Note: a message with such a file will be
; treated as "mail bomb"
; NOTE: See also ArchiveRestriction action in filters configurations.
MaxCompressionRatio = 500

;CompressionCheckThreshold = { value in Kb }
; Maximum file size inside archive, beginning from which the
; maximum compression ratio will be checked (if enabled by
; MaxCompressionRatio switch).
CompressionCheckThreshold = 1024

;MaxFileSizeToExtract = { value in Kb }
; The maximum size of the file extracted from an archive. If the file
; in the archive exceeds the value it will be skipped. A message with
; such a file will be treated as "mail bomb".
; NOTE: See also ArchiveRestriction action in filters configurations.
MaxFileSizeToExtract = 40960

;MaxArchiveLevel = { value }
; The maximum archive recursion (archive in archive in archive etc).
; A message with such a file will be treated as "mail bomb".
; NOTE: See also ArchiveRestriction action in filters configurations.
MaxArchiveLevel = 8

; ============================================
; = Rule-based filter for E-mail headers =
; ============================================

; Dr.Web Daemon has embedded capacities of e-mail
; filtering based on the system of e-mail messages header analysis. The
; regulations of filtration are also set in drweb32.ini, they get checked
; when being set, i.e. the first set rule will be checked first. The fact of
; setting filter regulations does not mean they will be automatically
; applied. To enable header analysis you should set the corresponding options
; in the delivered filters or specify special flags if making home decisions
; on the base of Dr.Web Daemon. Regulation correspondence is searched until
; the first suitable regulation is found and the action set by the regulation
; is taken.

;ScanEncodedHeaders { Yes | No }
; Process or not message headers before decoding. For example,
; value Yes and rule <RejectCondition Subject = "iso-8859-5"> allows
; to filter all messages with Subject field in iso-8859-5 encoding.
; Note: The headers would been processed twice (before decoding
; and after) if value Yes.
;ScanEncodedHeaders = No

;RejectCondition { Set of rules }, AcceptCondition { Set of rules }
; Description of filter rules on message headers. Rules consist of
; header name and regular expression, describing meaning of this field.
; More then one rule can be merged with () and OR and AND operations.
; Special filtering rules include conditions 'No "Header"' (means absence
; of this field, e.g. according to the rule 'RejectCondition No "From"'
; all messages without field From will be filtered), 'Header="8bit"'
; (field contains 8-bit symbols). Regexp values and header names
; should be put in quotes.
;RejectCondition Subject = "money" OR ( Content-Type = "text/html" AND Subject = "8bit" )
;AcceptCondition Subject != "money"

;MissingHeader { field list }
; Describes list of header fields, absence of which in the message
; will filter this message.
;MissingHeader "To", "From"

;FilterParts = { Yes | No }
; Allows using RejectPartCondition and AcceptPartCondition, when
; set to "Yes".
;FilterParts = No

;RejectPartCondition { ruleset }, AcceptPartCondition { ruleset }
; Parameters that work similarly to RejectCondition and
; AcceptCondition, but for use with particular message parts.
; Ruleset can be defined as FileName = "mask", where "mask" is
; POSIX 1003.2 compatible regular expression. This parameter works
; only if FilterParts is set to "Yes".
;RejectPartCondition FileName = "exe$"


;---------------------------------------------------------------
[Scanner]

; =======================
; = Engine settings =
; =======================

;EnginePath = { path to the file, usual extension is dll }
; Location of drweb32.dll module (search module). This parameter is
; also used by the updating module to update the search module. You
; may specify relational path, but it is strongly recommended to make
; it absolute.
EnginePath = "/usr/local/drweb/lib/drweb32.dll"

;VirusBase = { list of the paths (masks) to the files, usual extension is vdb }
; Masks for the loaded virus bases. This parameter is also used by
; the updating module to update antivirus bases. A few masks can be
; enumerated.
VirusBase = "/var/drweb/bases/*.vdb", "/var/drweb/bases/*.VDB"

;UpdatePath = { path }
; This parameter is used by update script. This is a place for files
; (except drweb32.dll and bases) has been downloaded by update script.
UpdatePath = "/var/drweb/updates"

;TempPath = { path }
; This path is used by antivirus engine for creating temporary files.
; /tmp would been used if TempPath is not defined.
; Normally, the scanner attempts to avoid using of TempPath.
TempPath = "/tmp"

;LngFileName = { path to the language resource file, usual extension - dwl }
; Localization file location.
;LngFileName = "/usr/local/drweb/lib/ru_scanner.dwl"

;Key = {path to the file, usual extension is key }
; Location of the file with the registration key. You may specify
; relational path, but it is strongly recommended to make it
; absolute.
Key = "/usr/local/drweb/drweb32.key"

; ========================
; = Running settings =
; ========================

;OutputMode = { Terminal | Quiet }
; Mode of output startup information on the console, Quiet cancels
; output.
OutputMode = Terminal

; =========================
; = Scanning settings =
; =========================

;HeuristicAnalysis = { Yes | No }
; Permits DrWeb to use heuristic analysis, with the
; help of which the unknown viruses can be detected judging by the
; comprehension of the structure of virus code. The distinctive
; feature of this type of scanning for viruses is the approximate,
; probabilistic detecting of the infected objects therefore called
; suspected, not infected. The parameter disabled, only the known viruses
; from the virus data base are searched. There exists an entire class
; of programs which may cause false alarms of the heuristics
; analyzer because they use the code similar to that used by viruses.
; Besides, enabling this type of checking may increase the total
; scanning time (although insignificantly). These are arguments for
; disabling heuristic analysis. But on the whole, this type of
; analysis noticeably increases the safety of antivirus protection.
HeuristicAnalysis = Yes

;ScanPriority = { value }
; Priority of the scanning process. This value should be in the range
; -20 (highest) to 20 (lowest).
;ScanPriority = 0

;FilesTypes = { extension list }
; Types of files that will get checked if by type scanning is
; performed, i.e. ScanFiles parameters has ByType value. "*" and "?"
; characters admissible.
FilesTypes = EXE,COM,SYS,OV?,BAT,BIN,DRV,PRG,BOO,SCR,CMD,VXD,386,DLL,FON,DO?
FilesTypes = XL?,WIZ,RTF,CL*,HT*,VB*,JS*,INF,AR?,ZIP,R??,PP?,OBJ,LIB,HLP,MD?
FilesTypes = INI,MBR,IMG,CSC,CPL,MBP,SHS,SHB,PIF,SO,CHM,REG,XML,PRC,ASP,LSP
FilesTypes = MSO,OBD,THE*,NWS,SWF,BMP,MPP,OCX,DVB,CPY,MSG,EML

;ScanFiles = { All | ByType | ByFormat }
; The files that will get checked after having been extracted from
; the archive. If ByType is set the so called file extensions are
; taken into account (file extension is the last suffix after "." in
; the file name; if there is no ".", file has no extension). The file
; extension values are set either by default, or in the parameter(s)
; FilesTypes. If ByFormat is set, only the files included into the
; checkable set get checked. The aim of the check is to find out
; whether they can be virus carriers, i.e. executable files (file
; name and extension are not taken into account). And only then only
; presumably executable files will be scanned for viruses. Important
; note: the All mode is always enabled in the mail files. ByType and
; ByFormat values can be applied only in "local" scanning mode.
ScanFiles = All

;ScanSubDirectories = { Yes | No }
; Should scanning the contents of directories recursively be done.
ScanSubDirectories = Yes

;CheckPackedFiles = { Yes | No }
; Should unpacking of the executable files packed by DIET, PKLITE
; etc. utilities be performed.
CheckPackedFiles = Yes

;CheckArchives = { Yes | No }
; Should unpacking of the archives of ZIP (WinZip, InfoZIP...), RAR,
; ARJ, TAR, GZIP and CAB formats be performed.
CheckArchives = Yes

;CheckEMailFiles = { Yes | No }
; Should files in e-mail formats get scanned.
CheckEMailFiles = Yes

;ExcludePaths = { list of the paths (mask) to the files }
; Masks for the files should not been checked by scanner.
ExcludePaths =

;FollowLinks = { Yes | No }
; Should the symbolic links be followed when scanning.
FollowLinks = No

;RenameFilesTo = { mask }
; Special mask for renaming files using file extension.
; If file has not have extension then mask would been
; added to file. Symbol "?" in mask is replaced by original
; symbol of file extension in same position.
; Examples:
; Let RenameFilesTo = #??
; 1. Infected files original name was: eicar.com
; then renamed filename would: eicar.#om
; 2. Infected files original name was: this_a_virus
; then renamed filename would: this_a_virus.#
RenameFilesTo = #??

;MoveFilesTo = { path }
; Path to quarantine directory.
MoveFilesTo = "/var/drweb/infected"

;EnableDeleteArchiveAction = { Yes | No }
; Allow to scanner delete containers (archives, html, mailboxs etc)
; if it contains infected objects. The container file entirely will
; be removed, so all messages in mailbox would been lost if mailbox
; contains even only one infected message.
; WARNING: Be carefull !
EnableDeleteArchiveAction = No

; By default, the scanner only logs information about infected object,
; but you can specify another action for different cases:
; InfectedFiles - file infected by known virus
; SuspiciousFiles - file possible infected by unknown virus
; IncurableFiles - file infected and can not be cured
; (only if InfectedFiles = Cure)
; ActionInfectedMail - message or mailbox contains infected object
; ActionInfectedArchive - archive (ZIP, TAR, RAR etc)
; contains an infected object
; ActionInfectedContainer - container (OLE, HTML, PowerPoint etc)
; contains an infected object
; ActionAdware - file contains an advertising software
; ActionDialers - file contains dialer program
; ActionJokes - file contains joke(hoax) program
; ActionRiskware - file contains potentially dangerous software
; ActionHacktools - file contains an intrusion tool
; Possible action of each case are the following:
; Report - only log information (default)
; Cure - atempt cure object (only for InfectedFiles)
; Delete - delete object
; Move - quarantine object to MoveFilesTo directory
; Rename - rename object using RenameFilesTo mask
; Ignore - ignoring this type of objects. This actions is
; similar to the Report action but en exit code does
; not contains an information about such objects.
; This action also is usefull for the GUI version.
InfectedFiles = Report
SuspiciousFiles = Report
IncurableFiles = Report
ActionAdware = Report
ActionDialers = Report
ActionJokes = Report
ActionRiskware = Report
ActionHacktools = Report
ActionInfectedArchive = Report
ActionInfectedMail = Report
ActionInfectedContainer = Report

; ====================
; = Log settings =
; ====================

;LogFileName = { file name }
; Log file name. You may specify "syslog" as name, the report will be
; logged by means of syslogd system service. Using syslog, pay
; attention to SyslogFacility and SyslogPriority options. Since
; syslog has a few files to log different events and different degrees
; of their importance, you can find out where the scanner's report will
; be written to, basing on these two parameters and the contents of
; the configuration file syslog (usually /etc/syslogd.conf).
;LogFileName = "syslog"
;SyslogFacility = "Daemon"
;SyslogPriority = "Info"
LogFileName = "/var/drweb/log/drweb.log"

;LimitLog = { Yes | No }
; Enable/Disable limit for log file size. Parameter
; is used only if LogFileName is not "syslog"
; See alse MaxLogSize for limit.
LimitLog = No

;MaxLogSize = { filesize in Kb }
; This parameter defines maximum size of logfile and is
; used only if LimitLog = Yes.
MaxLogSize = 512

;LogScanned = { Yes | No }
; Should the information on all the checked objects independently
; infected or not get logged in the log file.
LogScanned = Yes

;LogPacked = { Yes | No }
; Should the additional information on the files packed by the DIET,
; PKLITE etc. utilities get logged in the log file.
LogPacked = Yes

;LogArchived = { Yes | No }
; Should the additional information on the archiving programs (like
; RAR, ZIP, TAR etc) get logged in the log file.
LogArchived = Yes

;LogTime = { Yes | No }
; Should the time of every record get logged.
LogTime = Yes

;LogStatistics = { Yes | No }
; Should the summary statistic get printed after end of scanning.
LogStatistics = Yes

;RecodeNonprintable = { Yes | No }
; Mode of output of unvisible for this terminal symbols into the logfile.
RecodeNonprintable = Yes

;RecodeMode = { Replace | QuotedPrintable }
; Method of recoding of unvisible symbols, if RecodeNonprintable equal to
; "Yes". Unvisible symbols would been replaced by RecodeChar (see below),
; if this option has "Replace" value.
RecodeMode = QuotedPrintable

;RecodeChar = { "?" | "_" | ... }
; Defines a symbol that would been placed instead of unvisible symbols,
; if RecodeMode option has "Replace" value.
RecodeChar = "?"

; =================================
; = Archive scanning settings =
; =================================

;MaxCompressionRatio = { value }
; Maximum compression ratio, i.e. ratio of the unpacked file length
; to the length of the packed file in the archive. If the ratio
; exceeds the value, the file will not be extracted and therefore
; will not be checked. Note: a message with such a file will be
; treated as "mail bomb"
; NOTE: See also ArchiveRestriction action in filters configurations.
;MaxCompressionRatio = 5000

;CompressionCheckThreshold = { value in Kb }
; Maximum file size inside archive, beginning from which the
; maximum compression ratio will be checked (if enabled by
; MaxCompressionRatio switch).
;CompressionCheckThreshold = 1024

;MaxFileSizeToExtract = { value in Kb }
; The maximum size of the file extracted from an archive. If the file
; in the archive exceeds the value it will be skipped. A message with
; such a file will be treated as "mail bomb".
; NOTE: See also ArchiveRestriction action in filters configurations.
MaxFileSizeToExtract = 500000

;MaxArchiveLevel = { value }
; The maximum archive recursion (archive in archive in archive etc).
; A message with such a file will be treated as "mail bomb".
; NOTE: See also ArchiveRestriction action in filters configurations.
MaxArchiveLevel = 8

;---------------------------------------------------------------
[Updater]

; ====================
; = General settings =
; ====================

;Section = { Daemon | Scanner }
; Says to the Dr.Web Updater that component should been kept up to date.
; This option could be overwritten by the --what= command line switch.
Section = Daemon

;ProgramPath = { path to file }
; The path to daemon\scanner. It is used by Dr.Web Update System for getting
; product version and API information of installed binaries.
ProgramPath = /usr/local/drweb/drwebd

;SignedReader = { path to file }
; This program is used by Dr.Web Update System for reading signed files.
SignedReader = /usr/local/drweb/read_signed

;LockFile = { path to file }
; This file is used by Dr.Web Updater to prevent executing of multiply instances.
LockFile = /var/drweb/run/update.lock

;CronSummary = { Yes | No }
; The Dr.Web Updater prints out a result of update session to stdout if
; this option is set to "yes". This feature can be used for an adminstrator
; notification by e-mail if the updater is executed by cron.
CronSummary = Yes

;DrlFile = { path to file }
; This file is used by Dr.Web Update System and contains a list of currenlty
; available updates servers. The updater randomly selects a server from this
; list for each update session. This file is signed by Dr.Web Ltd, cannot
; be changed and is updated automatically by Dr.Web Updater.
DrlFile = "/var/drweb/bases/update.drl"

; ====================================
; = Download utility (wget) settings =
; ====================================

;Timeout = { value, in seconds }
; This option defines the --timeout option for wget utility.
; The timeout is defined for a signle downloading session not for
; whole update session. Leave option is commented out or empty if
; want using infinite timeouts.
Timeout = 30

;ProxyLogin = { name }
; This option defines the --proxy-user option for wget utility.
; Leave option is commented out or empty if haven't proxy.
ProxyLogin =

;ProxyPassword = { password }
; This option defines the --proxy-passwd option for wget utility.
; Leave option is commented out or empty if haven't proxy.
ProxyPassword =

;WgetOptions = { string }
; This option defines additional options for wget utility.
; You should use following options: -q -O --tries --timeout
; --user-agent --proxy-user --proxy-password.
; WARNING: Incorrect usage of this parameter may makes Dr.Web
; Updater inoperable
;WgetOptions = ""

; ====================
; = Log settings =
; ====================

;LogFileName = { file name }
; Log file name.
LogFileName = "/var/drweb/log/updater.log"

;LogLevel = { Debug | Verbose | Info | Warning | Error | Quiet }
; This option defines a level of logged details.
LogLevel = Verbose
[/more]

root:~>uname -rsm
FreeBSD 6.2-RELEASE-p5 i386

Добавлено:
заставил его работать через ротор. Проблема была в этой строчке:

trusted_users = drweb : mailnull
trusted_groups = mail :drweb

а у меня почему-то (сам удивился...) было

TRUSTED_USERS = drweb:mailnull
TRUSTED_GROUPS = mail:drweb

Но через сокет по прежнему не работает... (
А желательно: ведь так он делает проверку не закрывая смтп-сессии, и отлупы не шлёт на левые адреса...
Вобщем, вопрос пока остаётся открытым...

Добрый день
Вопрос касается МТА exim, кириллицы и автоответов.
Как добиться, что бы кириллица в теле письма, сгенерённого эксимом при автоответе, отображалась всеми МУА в правильной кодировке?
Мне кажется, что само правильным было бы добавлять заголовок, вроде
Content-Type: text/plain; charset=koi8-r
но,если правильно понимаю,к сгенерённому сообщению нельзя добавлять заголовоки (((
хотя к копии входящего письма почему-то можно... (зачем???)
Так как же быть?
Спасибо

Здравствуйте!

Я столкнулся со следующей проблемой: у меня работает EXIM + SpamAssassin. Пользователи авторизуются через базу данных. Доставка почты в ящики осуществляется следующим кодом:


Код: mysqluser:
driver = accept
condition = ${if eq{} {${lookup mysql{SELECT home FROM users \
WHERE id='${quote_mysql:$local_part@$domain}' OR \
id='${quote_mysql:@$domain}'}}}{no}{yes}}
transport = mysql_delivery

tinde
Так понятнее?

Код: condition = ${if and { \
{match{$h_X-Spam-Status:}{yes}} \
{!eq{} {${lookup mysql {SELECT home FROM users WHERE \
id='${quote_mysql:$local_part@$domain}' OR id='${quote_mysql:@$domain}' }}}} \
} \
{yes}{no}}

DarkHost
Охренеть, вроде бы заработало - эксим не ругается. Прийдет спам - отпишусь об окончательных результатах. В любом случае - огромное спасибо, с меня пиво.

Кстати, не могли бы вы объяснить свой код построчно?
Особенно меня интересует !eq - для меня, как программера, восклицательный знак - это отрицание логического условия. Эксим считает иначе?
Плюс как мне кажется, хорошее объяснение будет полезно ОЧЕНЬ многим

tinde
Сравните результат операции:

Код: if !eq{} {${lookup mysql {SELECT home FROM users WHERE \
id='${quote_mysql:$local_part@$domain}' OR id='${quote_mysql:@$domain}' }}}{yes}{no}

DarkHost
А вы не могли бы просто сказать? Не хочется лишний раз эксим рестартить
Или есть возможность сделать это без обновления конфигов и перезапуска эксима?

tinde
Так вы же программер, в уме сравните.

Не может быть, чтобы это было не отрицание условия Ну щас проверю на сервере....

Добавлено:
В общем, это все-таки отрицание. Как и следовало ожидать

Добавлено:
Мда. Условие-то синтаксически правильное, но на спам оно не реагирует...
Видимо, я ошибаюсь в том, что {match{$h_X-Spam-Status:}{yes}} ищет подстроку yes в заголовке X-Spam-Status?

tinde
Не ошибаетесь. Другое дело, что ваша задумка в корне неверная.

А не могли бы вы подсказать, как ее переделать в верную?

tinde
Забить на заголовок и использовать переменную $spam_score_int

Код: condition = ${if and { \
{> {$spam_score_int}{5}} \
{eq{} {${lookup mysql {SELECT home FROM users WHERE \
id='${quote_mysql:$local_part@$domain}' OR id='${quote_mysql:@$domain}' }}}} \
} \
{yes}{no}}

tinde
Советую фильтровать по порогу не меньше 50. Кроме того, больше 90 рубить еще на этапе ACL, а все что больше 50, но меньше 90 - класть в соответствующую папку.

Добавлено:
Кстати, у меня не зря там стояло отрицание. И не зря я просил подумать, а не слепо проверять работоспособность условия практическим путем.

DarkHost
На мне столько задач висит, что и так покатит. Не хочу тратить еще кучу времени на обдумывание правильного конфига.

Кстати, а вы, случаем, не препод в каком-нибудь универе? Очень стиль похож Вместо готового решения - идею. За это вам огромное спасибо, но когда находишься в условиях жесткого цейтнота - желания глубоко вдумываться в нестандартный неимперативный язык программирования абсолютно нет

P.S. Никогда не думал, что автору когда-то сверхпопулярного SMTP сервера для винды придется так мучиться с никсовым MTA...

tinde
Нет, я не преподаю. Но выдавать готовое решение - это денег стоит.

DarkHost
Честное слово, писать код - тоже денег стоит. А я пишу опенсорс. И не прошу за него денег.
И у меня не одна тысяча пользователей была до того, как я ушел на линукс.