mrballcb

This is on a machine named ivlog52, and it is a central logging server for several exim machines

$ cat /etc/rsyslog.d/exim_logging.conf

local1.*                                                /disk1/log/imapd.log

if $fromhost == 'ivlog52' and $syslogfacility-text == 'mail' then /var/log/maillog

# Should possibly look for 'not info and not notice and not alert'
if $fromhost != 'ivlog52' and $syslogfacility-text == 'mail' and $syslogseverity-text == 'info' then /disk1/log/exim/main.log

mrballcb

diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c
index f121bce..8c11587 100644
--- a/src/src/lookups/ldap.c
+++ b/src/src/lookups/ldap.c
@@ -416,6 +416,29 @@ if (lcp == NULL)
   if (!ldapi)
     {
     int tls_option;
+    #ifdef LDAP_OPT_X_TLS_REQUIRE_CERT
+    if (eldap_require_cert != NULL)

mrballcb

cookbooks/common/attributes/dns_server.rb:

# List of required packages for a DNS server, CentOS5
node.default[:iv][:packages][:dns]["5"] = %w{bind97 bind97-chroot bind97-libs}
# List of required packages for a DNS server, CentOS6
node.default[:iv][:packages][:dns]["6"] = %w{bind bind-chroot bind-libs}



cookbooks/common/recipes/dns_server.rb:

mrballcb

1) Table definition on the slave where the data is to be inserted:

localhost (ivenue)> show create table website_bv \G
*************************** 1. row ***************************
       Table: website_bv
Create Table: CREATE TABLE `website_bv` (
  `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
  `website_id` int(10) unsigned NOT NULL DEFAULT '0',
  `placement` decimal(9,0) unsigned zerofill NOT NULL DEFAULT '000000000',
  `ext` decimal(3,0) unsigned zerofill NOT NULL DEFAULT '001',

mrballcb

if (defined $ENV{'PERL_UNICODE'})
  {
  delete $ENV{'PERL_UNICODE'};
  exec ($0, @ARGV);
  }

mrballcb

acl_check_dkim:
  # Skip this whole acl if header.d contains an @ sign because exim is
  # breaking down the header.i part (which usually is an email address)
  # bit by bit, working towards just the domain name.
  accept  condition      = ${if match{$dkim_cur_signer}{\N@\N}}

  accept  dkim_status    = none
          sender_domains = KNOWN_DKIM_SIGNERS
          dkim_signers   = KNOWN_DKIM_SIGNERS
          condition      = ${if eqi{$sender_address_domain}{$dkim_cur_signer} {yes}{no}}

mrballcb

# A manual SELECT needs to return data in order specified bellow:
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#

MYSQL_SELECT_CLAUSE     SELECT CONCAT(email.name, '@', domain.name), \
                        user.password,                          \
                        '',                                     \
                        503,                                    \
                        500,                                    \
                        TRIM(TRAILING '/Maildir/' FROM CASE     \

mrballcb

1) Exim config
a. Global settings:
dmarc_history_file = /var/spool/exim/dmarc_history.txt
dmarc_tld_file = /etc/exim/opendmarc.tlds

b. Get the tld file (list of valid TLD's) from http://publicsuffix.org/list/

c. Somewhere early in the RCPT ACL I have:
.include_if_exists /etc/exim/dmarc_acl_control.conf

mrballcb

# Adjust headers to indicate which machine in the bank it came through
add_header spam Flag _YESNOCAPS_
add_header all Status _YESNO_, hits=_HITS_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_
add_header all Report _REPORT_

# Adjust report for borderline spams to be vendor neutral
# Modified template. Keep it under 78 columns (inside the the dots below).
#      ........................................................................
clear_report_template
report Content analysis details:   (_HITS_ points, _REQD_ required)

mrballcb

${if and
  {
    {!eq{$1}{}}
    {!eq{$2}{}}
    {crypteq
      {$2}
      {${extract
          {2}
          {:}
          {${lookup{$1}nis{passwd.byname}{$value}{*:*}}}