Alex | 2 Sep 01:51 2014
Picon

logging question - regex

Hi There,

Just wondering is there is a way to trim down what gets logged when 
there is an ACL match under acl_check_data. I have a regex acl that is 
helping drop mail from a long time spamming pest. The acl seems to work 
a treat however it logs part of the envelope to the reject log. I don't 
want this information in the logs as it makes them long and hard to 
read.

So, I have the following ACL:

acl_check_data:

drop message = Would you like some green eggs with that spam?
      regex = 
[a-zA-Z0-9]{1,}-[a-z0-9A-Z]{1,}-[a-zA-Z]{1,4}=mydomain.net <at> [a-zA-z0-9]{1,}\.
      log_message   = Manual Ban via ACL (dumbass spammer).

What I would like to see in the reject log is only this:

2014-09-02 06:10:53 1XOXwC-000Jjd-Rz H=(vps.nitsnats.com) [173.0.63.208] 
F=<costco-slave-XXXXXX=mydomain.net <at> blogspot.com> rejected after DATA: 
Manual Ban via ACL (dumbass spammer).

However I get the above but also the stuff below:
-------------------------------------------------

Envelope-from: <costco-slave-XXXXXX=mydomain.net <at> blogspot.com>
Envelope-to: <me <at> mydomain.net>
P Received: from [173.0.63.208] (helo=vps.nitsnats.com)
(Continue reading)

Ross Boylan | 30 Aug 23:45 2014
Picon

SMTP connect fails after network changes

There was some fiddling with the network around our exim 4.63 (old)
mailserver, and now I am unable to connect to send mail from
outside. I can connect from inside.  The connection uses TLS to port
25 and authentication.

Evolution says "Failed to connect to SMTP server biostat.ucsf.edu in
secure mode: STARTTLS not supported".  Thunderbird, from a different
location, has a similar problem.  In contrast, this message was
sent via the same server from an inside client (a different exim
running on my machine inside the firewall).

Connection to the imap server on the same machine has continued
uninterrupted for all locations.

I can telnet (using telnet-ssh) to port 25 and get a response from
exim.  So the problem is not that port 25 has simply been blocked.

Can anyone suggest what might be going on, or what we might do to
diagnose this further?

Thanks.
Ross Boylan

P.S. The network fiddling was done by a different group; I don't know
any of the details.  They are likely to be more responsive if we can
point to a particular thing they can tweak.

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
(Continue reading)

James Nightly | 29 Aug 06:00 2014
Picon

Help with rejected RCPT relay not permitted...

I'm trying to setup mailman list for our daycare.  I'm getting "relay not
permitted" in /exim4/mainlog. This is a public server that our parents can
use to reach teachers or other parents (via mailman lists).

##########
This is the error:
2014-08-28 20:18:33 H=localhost (list.mydomain.org) [::1] F=<
mailman-bounces <at> list.mydomain.org> rejected RCPT <my_email <at> domain.org>:
relay not permitted

or

014-08-28 20:44:22 H=localhost (lists.mydomain.org) [::1] F=<
test-list-bounces <at> lists.mydomain.org> rejected RCPT <teacher1 <at> mydomain.org>:
relay not permitted

##########
netstat -atnlp | grep :25
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN
     15779/exim4
tcp6       0      0 :::25                   :::*                    LISTEN
     15779/exim4

##########
telnet lists.mylists.org 25
Trying ip.ip.ip.ip...
Connected to lists.mylists.org.
Escape character is '^]'.
220 lists.mylists.org ESMTP Exim 4.80 Thu, 28 Aug 2014 20:50:31 -0700
mail from: mailing-list <at> lists.mylists.org
(Continue reading)

Klaus Ethgen | 29 Aug 13:01 2014
Picon

New error with gnutls and current exim


Hi,

since some days, when debian (unstable) updated to the most recent
version of exim and updated gnutls (exim v4.84, gnutls v3.3.6) I get the
following errors in paniclog:
   2014-08-29 09:58:49 Exim configuration error:
     tls_require_ciphers invalid: gnutls_global_init() failed: Failed to acquire random data.

There are multiple entries but not for every mail. Also all mails seems
to get sent out.

The node itself is configured to send everything to a smarthost and
tls_require_ciphers is not set (well, I had it set before to
"NORMAL:-VERS-TLS1.2" due to problems with my cacert certificate but it
is not needed anymore).

I know that debian does some modifications but before I open a debian
bug I just want to ask if someone has some clue what could trigger that
error in paniclog? If it is a problem in upstream too there is no need
to have debian as a flow heater in beween. :-)

Regards
   Klaus
--

-- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus <at> Ethgen.de>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C
Lena | 28 Aug 13:56 2014
Picon

Re: Exim 4.72: preventing backscatter

> From: "Konstantin Boyandin" <konstantin <at> boyandin.info> 

> currently I have 500 to 1000 of backscatter mail sitting in mail
> queue, since it can't be delivered to forged sender of spam sent to
> non-existing local addresses.

Make sure that in acl_check_rcpt you have before any "accept":

  require verify = recipient

and that a router detects non-existing local addresses, for example:

unknown_users:
  driver = redirect
  condition = ${lookup {$local_part <at> $domain} lsearch {/usr/local/etc/exim/passwd} {no} {yes} }
  allow_fail = yes
  data = :fail: Unknown user
  no_more

localuser:
  driver = accept
  transport = local_delivery

If that doesn't help then post an unedited header of an example of
backscatter you are talking about, with explanation about all
email addresses and mailboxes mentioned in it.

Можно по-русски лично мне или в конференцию mailground.net.

--

-- 
(Continue reading)

John Horne | 28 Aug 11:48 2014
Picon

Exim 4.84 - segfault

Hello,

We have just updated our mail servers to Exim 4.84, and we are now
seeing segfault errors on two (of three) servers:

==================
Aug 28 10:26:03 pat kernel: exim[28906]: segfault at 0000000000000000
rip 00002abc8ad2cf8a rsp 00007fffe60bc7f0 error 6
==================

I suspect this may just be a heads-up as I suspect the developers will
probably want me to try and locate which routine is causing the
problem? :-)

John.

-- 
John Horne                   Tel: +44 (0)1752 587287
Plymouth University, UK

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Konstantin Boyandin | 27 Aug 17:11 2014

Exim 4.72: preventing backscatter

Hello,

Could someone suggest better way to prevent Exim backscatter? Exim 4.72
is in use. There are two solutions considered:

1. Set up proper ACL to prevent backscatter (verifying the sender before
doing so)
2. Create 'catchall' router, intercepting all unrouteable addresses (I
think this is better solution).

I couldn't find solutions (configuration snippets) within reasonable
timeframe. Could someone direct me to some?

If I need to provide Exim configuration file, please let me know what
parts I may omit/mangle prior to sending here.

Thank you.

Sincerely,
Konstantin

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Oliver Howe | 27 Aug 16:23 2014
Picon

using an ACL to check for a Content-type header

I have this set in my config file -

acl_smtp_data = acl_check_data

and then in the ACL section I check each message to see if it has a
Content-type header present by doing this -

accept condition = ${if def:header_Content-Type:}
         set acl_c_ctnm = yes
accept

Then a specific router will fire if the message has a Content-type header.
If not then the message will pass through to the next router.

This seems to have been working fine so far, in that if the message has a
Content-type header then the acl_c_ctnm value will show up when I do exim
-Mvh message_id, or when I look at the file directly in the spool directory
-

-aclc _ctnm 3
yes

But I have recently found a message where acl_c_ctnm is showing up as yes
but there is definitely no Content-type header when I view the message
header.

Does anyone know why this might happen? Could it happen if a batch of
messages were received and one of them had the content-type header set
which then caused it to be written to all messages in the same batch?

(Continue reading)

Heiko Schlittermann | 27 Aug 12:47 2014
Picon

missing comma in ldap replies

Hello,

the spec says that commas/double commas are used as delimiter...

But given the following LDAP entry
,------------------------
|# heiko, schlittermann.de
|dn: uid=heiko,dc=schlittermann,dc=de
|..
|x-MailPrimaryAddress: hs <at> schlittermann.de
|x-MailAlternateAddress: heiko <at> schlittermann.de
|x-MailAlternateAddress: heiko <at> m.schlittermann.de
|description: a
|description: b
|...
`---------------------

As expected I get the multiple values separated by commas:
$ exim -be '${lookup ldapm{ldap:///dc=schlittermann,dc=de?description?sub?uid=heiko}}'
,-----
|a,b
`----

But I did not expect the following:
$ exim -be '${lookup ldapm{ldap:///dc=schlittermann,dc=de?mail?sub?uid=heiko}}'
,------
|hs <at> schlittermann.deheiko <at> m.schlittermann.de,heiko <at> schlittermann.de
`-----             ^^                       ^

x-MailPrimaryAddress and x-MailAlternateAddress are both defined
(Continue reading)

Matt | 27 Aug 00:17 2014
Picon

hostlist ipv6

I have this in exim.conf

hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts :
/etc/virtual/trusted_ips : 127.0.0.1

Can I add : ::1 to the end to allow IPv6 localhost connections?

hostlist relay_hosts = net-lsearch;/etc/virtual/pophosts :
/etc/virtual/trusted_ips : 127.0.0.1 : ::1

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

leonwei | 26 Aug 14:43 2014

Is there any free documents about debian+exim4+dovecot+mysql ?

Hi,everyone:

How do you do. I am a new user of exim4, I had a mail system with
debian+postfix+dovecot+mysql. Now, I want to try exim4, but i don't know
how to configure exim4.

Is there any free documents about debian+exim4+dovecot+mysql ?

Thanks a lot.

Leon Wei

E-mail: leonwei <at> mail.kingdest.com

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


Gmane