У меня есть следующая конфигурация для exim. Теперь, если я попытаюсь отправить электронное письмо от user@mydomain.com на xxxx@gmail.com, оно будет отклонено. Если я изменю domains = ! +local_domains на domains = * в smarthost, он будет работать нормально, и все электронные письма будут передаваться через мой smarthost, включая локальные.
Я не совсем понимаю, как работает ! +local_domains. Означает ли это какой-либо домен, кроме local_domains? И почему это не сработало в моем случае?
ROUTER_SMARTHOST=mx.mydomain.com
primary_hostname = mail.mydomain.com
domainlist local_domains = @ : mydomain.com : reviews.mydomain.com : mail.mydomain.com
domainlist relay_to_domains = mydomain.com
hostlist relay_from_hosts = localhost : x.x.x.0/24: 10.29.63.0/24: 10.29.67.0/24
acl_smtp_rcpt = acl_check_rcpt
.ifdef _HAVE_PRDR
acl_smtp_data_prdr = acl_check_prdr
.endif
acl_smtp_data = acl_check_data
daemon_smtp_ports = 26 : 466 : 588
exim_user = mailnull
exim_group = mail
never_users = root
host_lookup = *
dns_dnssec_ok = 1
.ifdef _HAVE_PRDR
prdr_enable = true
.endif
log_selector = +smtp_protocol_error +smtp_syntax_error \
+tls_certificate_verified
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
begin acl
acl_check_rcpt:
accept hosts = :
control = dkim_disable_verify
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify
accept authenticated = *
control = submission
control = dkim_disable_verify
require message = nice hosts say HELO first
condition = ${if def:sender_helo_name}
require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient
accept
.ifdef _HAVE_PRDR
acl_check_prdr:
warn set acl_m_did_prdr = y
.endif
accept
acl_check_data:
deny message = maximum allowed line length is 998 octets, \
got $max_received_linelength
condition = ${if > {$max_received_linelength}{998}}
deny !verify = header_syntax
message = header syntax
log_message = header syntax ($acl_verify_message)
accept
begin routers
.ifdef ROUTER_SMARTHOST
smarthost:
driver = manualroute
domains = ! +local_domains
transport = smarthost_smtp
route_data = ROUTER_SMARTHOST
ignore_target_hosts = <; 0.0.0.0 ; 127.0.0.0/8 ; ::1
no_more
.else
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
dnssec_request_domains = *
no_more
.endif
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
user = mailnull
group = mail
file_transport = address_file
pipe_transport = address_pipe
userforward:
driver = redirect
check_local_user
file = $home/.forward
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
condition = ${if exists{$home/.forward} {yes} {no} }
localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
begin transports
remote_smtp:
driver = smtp
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
.ifdef _HAVE_DANE
dnssec_request_domains = *
hosts_try_dane = *
.endif
.ifdef _HAVE_PRDR
hosts_try_prdr = *
.endif
smarthost_smtp:
driver = smtp
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
multi_domain
.ifdef _HAVE_TLS
hosts_require_tls = *
tls_verify_hosts = *
tls_try_verify_hosts = *
tls_sni = ROUTER_SMARTHOST
.ifdef _HAVE_OPENSSL
tls_require_ciphers = HIGH:!aNULL:@STRENGTH
.endif
.ifdef _HAVE_GNUTLS
tls_require_ciphers = SECURE192:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1
.endif
.endif
.ifdef _HAVE_PRDR
hosts_try_prdr = *
.endif
local_delivery:
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
user = $local_part
mode = 0660
no_mode_fail_narrower
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
begin authenticators