Gary Stainburn | 2 Sep 12:31 2015
Picon

multiple pgsql servers for different purposes

My current setup ported from my old server uses a pgsql connection to our 
internal web server for multiple purposes including email to helpdesk and 
other facilities.

I now want to add another pgsql database on my mail server specifically for 
improving EXIM's handling of emails.

Looking at the docs it looks like I can't do this as multiple servers can only 
be specified for backup purposes.

Am I wrong? Is there any way I can direct lookups to a specific pgsql server?

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Archil Imnadze | 1 Sep 20:42 2015
Picon

Block mail of reverse DNS fails

Hello,

I hope this is the right place ask and I hope finally I can get a
correct answer. I searched the web, tried several examples but nothing
did the way I expected. Alright let's go to the business:

I have an Exim instance running on Debian Jessie. For each mail that is
received by Exim I would like to check if the reverse DNS for the sender
domain matches the connecting IP and if not reject the mail.

Consider the following scenarios.
* A spammer sends an email from the IP 94.123.123.123 with
info <at> spammerwebsite.com in the "From" field but the domain
spammerwebsite.com doesn't resolve to 94.123.123.123. I want this to be
blocked.
* A spammer sends an email from the IP 94.123.123.123 with
info <at> example.com in the "From" field. In this case example.com is my own
domain and it cannot be located at 94.123.123.123. I want this to be
blocked too.

Please, tell me how to achieve that.

P.S.
* Where can I find the correct documentation?
* How do I debug a configuration file?
* Why can't the configuration start from an empty file?
These are the questions that always pops into my mind while trying to
configure Exim.

--

-- 
(Continue reading)

Autret Ghislain | 1 Sep 15:22 2015

login authenticator yielded 13 error

Hi dears, I am very new to this thread.

I do have a problem with exim4 and authentication over a connection to a 
smarthost postfix server on port 587.

In fact I have several clients running on Raspbian that are working 
well, and some clients running on Ubuntu 12.04 Server that can not send 
any mail. T
They connect, they perform the tls transaction but when they come to 
authentication, they directly send the mail without authenticating. Both 
Raspbian and ubuntu are using exactly the same configuration. but 
Raspbian can send mails.

if I use swaks it is working fine on both machines:
-code-
swaks --to ghislain <at> zzz.eu -s smtp.server.re:587  -tls -a LOGIN
-code-

If I use the debugging command to send a mail:
-code-
      sendmail -d+auth+expand  ghislain <at> zzz.eu
-code-

Here are a selected part of the logs from the successfull raspbian:
---------------------------------------------------------------------------------------------
server <at> gaudy-WifiController ~ $ sudo sendmail -d+auth+expand ghislain <at> zzz.eu
Exim version 4.80 uid=0 gid=0 pid=9720 D=fbb95dfd
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm 
dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
(Continue reading)

Gary Stainburn | 1 Sep 14:09 2015
Picon

acl_check_notquit and value of deny message =

As part of my work to try to fix my TLS problems last week I added the below 
ACL

I want to keep it to help in future issues. However, it's filling my log files 
with duplicate entries.  For example the deny rule below is taken from my 
exim.conf and prevents anyone from outside my network from posting to 
internal distribution lists.  It does a deny and sets the appropriate error 
message.

In this instance, I don't want the notquit ACL to add a log entry. Is there a 
way within acl_check_notquit to accept if "message =" has already been used?

acl_check_notquit:

  # accept here means don't log it - i.e. already logged elsewhere

  # message was dropped
  accept condition = ${if eq{$smtp_notquit_reason}{acl-drop}{1}}
  # message was SPAM / Virus
  accept condition = ${if eq{$acl_c_SPAM}{1}{1}}
  warn log_message = notquit: $sender_host_address failed with \ 
				$smtp_notquit_reason

# example deny rule
  deny	message = external address sending to internal list
	  domains =  +local_domains
#	  sender_domains = !+local_domains
 	  hosts = !+relay_from_hosts
	  condition = ${lookup{$local_part}lsearch{/etc/aliases.d/internal}{yes}{no}}

(Continue reading)

John Mc Murray | 1 Sep 12:29 2015
Picon

Spam bypassing spamassassin et al

Hello,

I have an issue that I can't explain. I've been received a fair amount 
of the spam below. What's unusual is that it seems to bypass my acls, 
spamassassin, etc. I would expect to see the SpamAssassin scores in the 
headers but this just seems to be doing something to bypass that.

The only thing I note is that its sent my smtp (as oppossed to esmtp). 
Would that make a difference?

I've appended the mail and the log lines below

Thanks a mil!

PS, I originally attached the entire spam email (only a few lines), but 
the exim list then rejected my mail as spam!

John

Complete Mail:
======================================================

Return-path: <>
Envelope-to: my <at> inbox.co.za
Delivery-date: Tue, 01 Sep 2015 12:10:05 +0200
Received: from a113.sub165.net78.udm.net ([78.85.165.113]:51034 
helo=78.85.165.113)
         by myserver.co.za with smtp (Exim 4.80.1)
         id 1ZWiVw-0007MT-3m
         for my <at> inbox.co.za; Tue, 01 Sep 2015 12:10:04 +0200
(Continue reading)

John Mc Murray | 1 Sep 12:23 2015
Picon

Spam mails bypassing spamassassin

Hello,

I have an issue that I can't explain. I've been received a fair amount 
of the spam below. What's unusual is that it seems to bypass my acls, 
spamassassin, etc. I would expect to see the SpamAssassin scores in the 
headers but this just seems to be doing something to bypass that.

The only thing I note is that its sent my smtp (as oppossed to esmtp). 
Would that make a difference?

I've appended the mail and the log lines below

Thanks a mil!

John

Complete Mail:
======================================================

Return-path: <>
Envelope-to: my <at> inbox.co.za
Delivery-date: Tue, 01 Sep 2015 12:10:05 +0200
Received: from a113.sub165.net78.udm.net ([78.85.165.113]:51034 
helo=78.85.165.113)
         by myserver.co.za with smtp (Exim 4.80.1)
         id 1ZWiVw-0007MT-3m
         for my <at> inbox.co.za; Tue, 01 Sep 2015 12:10:04 +0200
Received: from unknown (HELO localhost) 
(nitc.co.ir <at> intervitis-interfructa.co.za <at> 207.80.158.108)
         by 78.85.165.113 with ESMTPA; Tue, 1 Sep 2015 14:12:34 +0400
(Continue reading)

Terrance Devor | 30 Aug 01:57 2015
Picon

Encrypted for Some, Plain for the Rest

Hello Everyone

I am trying to accomplish a few things with Exim.

1) All authentication (ie, passing of username and password) should be done
over SSL/TLS port 465. Attempts to pass username and password over port
25 will result in deny, error message returned to the MTA, and log

2) When relaying

Assume our local domain is example.com

(i) user1 <at> example.com    ----> (465)  Exim  (465) ------> user2 <at> example.com
(ii) user1 <at> example.com    ----> (465)  Exim  (25) ------>
ter.devor <at> gmail.com etc...
(iii) ter.devor <at> gmail.com ------> (25)    Exim  (465) ------>
user1 <at> gmail.com

Any attempt to relay email from within the local domain (ie, i and ii) on
port 25 should result in
deny, error message returned to the MTA, and log.

I did find something similar here
http://www.gossamer-threads.com/lists/exim/users/102588
where I included this block of code:

accept
authenticated = *
encrypted = *
deny
(Continue reading)

Anon | 28 Aug 22:08 2015
Picon

Exim4 and Gmail on RPi - Frozen email

Hi,

I think I have the typical frozen error when sending my emails via
Gmail. But I don't know how to fix that :(

This is what /var/log/exim4/mainlog :

2015-08-28 21:52:33 1ZVPhQ-00086z-4E ** MYEMAIL <at> gmail.com R=smarthost
T=remote_smtp_smarthost: SMTP error from remote mail server after MAIL
FROM:<MYEMAIL <at> gmail.com> SIZE=1542: host gmail-smtp-msa.l.google.com
[64.233.184.108]: 530-5.5.1 Authentication Required. Learn more at\n530
5.5.1  https://support.google.com/mail/answer/14257 bq7sm9459906wjc.31 -
gsmtp
2015-08-28 21:52:33 1ZVPhR-000874-9Z <= <> R=1ZVPhQ-00086z-4E
U=Debian-exim P=local S=1617
2015-08-28 21:52:33 1ZVPhQ-00086z-4E Completed

2015-08-28 21:52:34 1ZVPhR-000874-9Z plain authenticator failed
H=gmail-smtp-msa.l.google.com [64.233.184.108] 534-5.7.14
<https://accounts.google.com/ContinueSignIn?sarp=1&scc=1&plt=AKgnsbvQ3
534-5.7.14
...
534-5.7.14 B8K7FEc_G-IW0Ea0XpYnNxMdAbqc> Please log in via your web
browser and
534-5.7.14 then try again.
534-5.7.14  Learn more at
534 5.7.14  https://support.google.com/mail/answer/78754
c7sm9484123wjb.19 - gsmtp

It says "log in via your web browser and then try again".
(Continue reading)

Gary Stainburn | 27 Aug 15:49 2015
Picon

TLS error on connection

I've just put live a brand new shiney Centos 7 server to replace my aging 
Fedora system.  One of the reasons for doing the upgrade was to try to get 
rid of the errors that prevented some sites from sending emails to us.

Unfortunately, I'm still experiencing the same errors on my new server.

I'm getting log entries like:

2015-08-27 14:00:04 H=mx-relay33-dus.antispameurope.com [94.100.134.233] 
Warning: notquit: 94.100.134.233 failed with command-timeout

2015-08-27 14:00:09 TLS error on connection from 
mx-relay33-dus.antispameurope.com [94.100.134.233] (SSL_accept): timed out

2015-08-27 14:02:03 SMTP command timeout on connection from 
mx-relay42-dus.antispameurope.com [94.100.134.242]

2015-08-27 14:02:03 H=mx-relay42-dus.antispameurope.com [94.100.134.242] 
Warning: notquit: 94.100.134.242 failed with command-timeout

2015-08-27 14:05:03 SMTP command timeout on connection from 
mx-relay35-dus.antispameurope.com [94.100.134.235]

2015-08-27 14:05:03 H=mx-relay35-dus.antispameurope.com [94.100.134.235] 
Warning: notquit: 94.100.134.235 failed with command-timeout

2015-08-27 14:05:13 SMTP command timeout on connection from 
mx-relay31-dus.antispameurope.com [94.100.134.231]

2015-08-27 14:05:13 H=mx-relay31-dus.antispameurope.com [94.100.134.231] 
(Continue reading)

Randy Bush | 27 Aug 04:23 2015

wanna turn off ipv6 when sending to gmail

so the gmail ipv6 anti-spam nazis are discused endlessly.  i want to
turn off ipv6 when sending to gmail/google.  but how?

randy

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Adam Funk | 23 Aug 22:46 2015

Altering Subject header in a user filter?

Hi,

I have looked through the documentation & I suspect that the following
is not possible, but I'd be grateful for confirmation that that's the
case or advice on how to do it.

I'm trying to set up a "cheapo" small-scale mailing list on a
shell/hosting account that uses Exim & where I can set up user filters
("~/.forward-NAME").  Is it possible to prefix the incoming Subject
header with "[list name]" before running a few "deliver" commands?

Thanks,
Adam

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Gmane