Hendrik Voelker | 15 Oct 15:29 2014
Picon

[Bug 1535] New: Option for SSL/TLS Protocol configuration missing/required

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1535
           Summary: Option for SSL/TLS Protocol configuration
                    missing/required
           Product: Exim
           Version: 4.84
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: security
          Priority: high
         Component: TLS
        AssignedTo: pdp <at> exim.org
        ReportedBy: hvoelker <at> nutrimatic.de
                CC: exim-dev <at> exim.org, hvoelker <at> nutrimatic.de

With the now published POODLE attack on SSLv3 (see
https://www.openssl.org/~bodo/ssl-poodle.pdf and
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566) it is time to
switch off this protocol. Unfortunately exim is missing a configuration option
for that.

For example Apache's mod_ssl provides 'SSLProtocol' - which would also be a
good example on how to implement it.

--

-- 
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

(Continue reading)

Todd Lyons | 14 Oct 15:38 2014

Bug 238

There is an old bug where someone asked for string_cat() to be
exported to the local_scan function.  Adding one line to the
local_scan.h causes the function to become available.  Is there any
reason one can come up with to not do this?

I'm not wanting to do this for any reason other than it closes out an old bug.

...Todd
--

-- 
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine

Jasen Betts | 8 Oct 11:58 2014
X-Face
Picon

Re: Exim own log format

On 2014-10-07, Jeremy Harris <jgh <at> wizmail.org> wrote:
> On 06/10/14 13:05, Alexey Kuznetsov wrote:
>> I need msgid of message log to be in exim_INTERFACE_main_%D log. Is it
>> possible? I've tried to check the docs but found nothing. Also I've
>> tried to use log_selector of standard config directive but it didn't
>> help. To be more specific lets say we have a message with account "test":
>
> You already asked this in exim-user, and were answered.

IIRC one of the answers said to ask here.

the ability to add arbitrary content to log lines could be useful, 

--

-- 
umop apisdn

Jeremy Harris | 5 Oct 22:19 2014

[Bug 1533] New: headers_remove items size-limited

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1533
           Summary: headers_remove items size-limited
           Product: Exim
           Version: 4.83
          Platform: All
        OS/Version: All
            Status: ASSIGNED
          Severity: bug
          Priority: medium
         Component: Transports
        AssignedTo: jgh146exb <at> wizmail.org
        ReportedBy: jgh146exb <at> wizmail.org
                CC: exim-dev <at> exim.org

There is a fixed-size buffer (128 chars) used during headers_remove processing
which truncates items after extraction from the headers_remove list but before
expansion.  This results in an expansion error, commonly "missing }", on
anything complex.

--

-- 
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

Matthias Liertzer | 30 Sep 15:33 2014
Picon

[Bug 1532] New: Correctly determine the FQDN primary_hostname

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1532
           Summary: Correctly determine the FQDN primary_hostname
           Product: Exim
           Version: 4.84
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Networking
        AssignedTo: nigel <at> exim.org
        ReportedBy: matthias <at> liertzer.at
                CC: exim-dev <at> exim.org

Created an attachment (id=757)
 --> (http://bugs.exim.org/attachment.cgi?id=757)
Patch to correctly determine primary_hostname

If configured with ipv6 support, exim always tries to determine the fqdn
hostname for primary_hostname by first trying the AF_INET6 address type and
only if this doesn't work the AF_INET address type. This is in contrast to
other tools such as `hostname -f`, which, as expected, take the first entry
found in /etc/hosts to find the canonical hostname.

For example, a machine having the uname "test" and the following /etc/hosts
file

(Continue reading)

Eugene Istomin | 29 Sep 19:49 2014
Picon

segfault at 0 ip 00007f994cc2187b

Hello,

we have segfaults since updated to 4.84

[284489.979612] exim[14230]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[284615.367116] exim[14317]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[284691.934836] exim[14368]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[284748.724839] exim[14394]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285052.404851] exim[14645]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285096.022605] exim[14666]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285217.188663] exim[14818]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285295.051148] exim[14865]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285656.077191] exim[15109]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285819.591000] exim[15258]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285898.579198] exim[15311]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[285973.438380] exim[15361]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[286321.014021] exim[15649]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[286421.528300] exim[15728]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[286880.144134] exim[16008]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[286926.188445] exim[16030]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[287023.093253] exim[16136]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]
[287122.779696] exim[16188]: segfault at 0 ip 00007f994cc2187b sp 00007fff10a79bc0 error 6 in exim[7f994cb7e000+110000]

can you help us to resolve this issue?

Thanks!

---
Best regards,
Eugene Istomin
(Continue reading)

Jeremy Harris | 25 Sep 23:45 2014

Logging

I started looking into bug 1529, and quickly found the useful item
address->host_used - commented as

	"host that took delivery or failed hard

... and then fairly rapidly found a case where that didn't hold. So
I segued into fixing that... and spotted places where log lines
could more consistently use "H=name [addr]"... and then found
that host_used might just as well mean "last host tried" even for
temporary errors... and the whole thing snowballed.

The results are in a branch "host_used_1529" at

	http://git.exim.org/users/jgh/exim.git

complete with testsuite output changes.

I think the changes are in general worthwhile, but the
downside is the impact on utilities that parse logs.

Opinions?  Shall I just push it and be damned?
--

-- 
Cheers,
  Jeremy

Todd Lyons | 17 Sep 19:50 2014

[Bug 1531] New: mysql module build incorrectly on Amazon AMI 2014.3

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1531
           Summary: mysql module build incorrectly on Amazon AMI 2014.3
           Product: Exim
           Version: 4.84
          Platform: x86-64
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Lookups
        AssignedTo: tlyons <at> ivenue.com
        ReportedBy: tlyons <at> ivenue.com
                CC: exim-dev <at> exim.org

I normally build Exim with mysql configured as a dynamically loaded lookup
module.  I build it this way on CentOS 5.x and CentOS 6.x systems with no
problem.  When I am building on Amazon's AMI 2014.3, the resulting mysql.so
cannot see the "mysql_servers" globally defined variable.  It's basically a
CentOS 6 system that they upgraded almost everything:

$ uname -a
Linux localhost.localdomain 3.10.37-47.135.amzn1.x86_64 #1 SMP Fri Apr 18
03:28:26 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

$ gcc -v
Using built-in specs.
COLLECT_GCC=/usr/bin/gcc
(Continue reading)

Jeremy Harris | 14 Sep 21:59 2014

[Bug 1529] New: $host is empty for TPDA delivery event from cutthrouigh delivery

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1529
           Summary: $host is empty for TPDA delivery event from cutthrouigh
                    delivery
           Product: Exim
           Version: 4.84
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Transports
        AssignedTo: nigel <at> exim.org
        ReportedBy: jgh146exb <at> wizmail.org
                CC: exim-dev <at> exim.org

cf. bug 1476.

TPDA attempting logging using
  logwrite = $host: DNSSEC - {expansion}
got the obscure error logged:
  unknown log name in ": DNSSEC - unknown" in "logwrite" in unknown ACL

This is probably because $host was empty.

--

-- 
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email

(Continue reading)

Jeremy Harris | 10 Sep 19:47 2014

[Bug 1528] New: cutthrough has troubles with msglog files

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1528
           Summary: cutthrough has troubles with msglog files
           Product: Exim
           Version: 4.82
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Delivery in general
        AssignedTo: jgh146exb <at> wizmail.org
        ReportedBy: jgh146exb <at> wizmail.org
                CC: exim-dev <at> exim.org

since upgrading to exim 4.82 and enabling cutthrough delivery for some
customers our paniclog shows now and then entries like this:

...
2014-09-04 03:23:11 1XPLlL-0001GW-6S failed to unlink
/var/spool/exim4/msglog/L/1XPLlL-0001GW-6S: No such file or directory
2014-09-04 10:51:30 1XPSkx-0000dv-Af failed to unlink
/var/spool/exim4/msglog/x/1XPSkx-0000dv-Af: No such file or directory
2014-09-04 13:53:17 1XPVbB-0000tE-9C failed to unlink
/var/spool/exim4/msglog/B/1XPVbB-0000tE-9C: No such file or directory
...

The files *-J stuck in the spool dir, *-H and *-D are removed.
(Continue reading)

Postmaster | 8 Sep 16:00 2014
Picon

[Bug 1526] New: Solaris 11: error compiling since exim 4.83 - Undefined symbol timegm first referenced in file tls.o

------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1526
           Summary: Solaris 11: error compiling since exim 4.83 - Undefined
                    symbol timegm first referenced in file tls.o
           Product: Exim
           Version: 4.84
          Platform: x86-64
        OS/Version: Solaris
            Status: NEW
          Severity: bug
          Priority: high
         Component: TLS
        AssignedTo: pdp <at> exim.org
        ReportedBy: postmaster <at> fernuni-hagen.de
                CC: exim-dev <at> exim.org

Since version 4.83 and above I wasn't able to compile exim successfully on a
solaris 11 system (intel).

The main changes in the Makefile are the using of the newest versions of perl
and openssl we installed instead of the default (old) solaris versions. If I
try building exim 4.82 from source, everything works fine...

The gmake stops with the following message:

Undefined symbol timegm first referenced in file tls.o

The exact error message is:
(Continue reading)


Gmane