Julian Bradfield | 17 Jul 15:19 2014
Picon
Picon

errors-to

Is there a reason why the "errors-to" parameter to the "deliver"
filter command is restricted to the system filter, even for trusted
users?

It would be useful to be able to use it in router-specific filters,
because some of my users want their mail delivered to gmail, and gmail
(a) honours SPF etc, (b) has sensitive spam triggers, so if I deliver
mail to gmail with the original sender address, it may well get
bounced. At present I have to have their personal procmails resend it,
but I'd much rather do everything in the router filter. (I have only
three users, and they don't want to touch our mail system:-)

I'm not sure what the security advantage is, as on most systems it's
trivial to manually reinject the mail with an arbitrary envelope
sender.

-- 
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Lena | 17 Jul 13:15 2014
Picon

Re: Decide what router to use according to the from field

> From: Red Blue

> What I am trying to accomplish is to use the send_via_ses router only if the envelope from field belongs to a
local?domain. 
> 
> For some reason, the router is being ignored even when the from field belongs to a local domain.
> 
> I have tried to use that acl condition to acl_smtp_rcpt and acl_smtp_data as well but I got the same behavior.
> 
> Any ideas on what's wrong?
> 
> router:
> 
> send_via_ses:
> driver = manualroute
> domains = ! +local_domains

The exclamation sign means "not".

> transport = ses_smtp
> route_list = * email-smtp.us-west-2.amazonaws.com;
> condition = ${if eq{$acl_m_use_ses}{1} {yes}{no}}
> 
> 
> ACL:
> 
> acl_smtp_mail:
> ??? warn
> ?????? condition = ${if or{\
> ??????? {match_domain{${domain:$h_From:}}{+local_domains}}\
(Continue reading)

Raymond Jette | 16 Jul 19:19 2014

Trouble understanding routers / bogofilter

Good morning,
I currently have the following routers:

begin routers

exchangeRoute:
                driver = manualroute
                transport = remote_smtp
                route_data = ${lookup{$domain}dbm{/etc/exim4/db/route_data.db}}

dnslookup:
                driver = dnslookup
                domains = ! +local_domains
                transport = remote_smtp
                ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
                no_more

begin transports

remote_smtp:
                driver = smtp

This configuration has been working correctly for years.  I would like to add bogofilter.  I found the
following router and transport online that I would like to use:

bogo_router:
                domains = +local_domains
                no_verify
                condition = ${if !eq {$received_protocol}{bogodone} {1}{0}
                driver = accept
(Continue reading)

Phil Pennock | 13 Jul 01:49 2014

Re: Getting the latest version for Debian Wheezy

On 2014-07-12 at 01:05 +0100, Michael Grant wrote:
> Out of curiosity, what version of unix/linux is exim developed on anyway?

There's a team of people who do most of the work; Todd Lyons and Jeremy
Harris are driving most of the recent work, you'd have to ask them.

I drove several releases, and I primarily use FreeBSD for personal
stuff, so a number of features were written there and ported later.

The original author, Philip Hazel, mostly used Sun systems, but did
switch to Linux at some point.

An important point is that thanks to Todd, we now have a buildfarm of
agents building Exim on various platforms and submitting responses back
to a tracker, so we can tell when builds and the test suite fail on a
particular OS.  So if we read "developed on" as "we know quickly when
things break, so that we don't find out during or after a release that
we broke a particular OS" then the answer is "any OS which has an agent
in the build farm".

  http://eximbuild.mrball.net/cgi-bin/show_status.pl

At present, that's "varieties of Linux", "FreeBSD" and "OpenIndiana".
For every other OS, we only find out about problems if users of that OS
are actually testing the Release Candidates of Exim, or in a worst-case
scenario (which does happen) when the first time someone using a
particular OS tries to build the final release of Exim and reports back
problems.  For more details, see the EximReleasePolicy wiki page, linked
to below.

(Continue reading)

Andreas Metzler | 12 Jul 20:39 2014
X-Face
Picon

Re: Getting the latest version for Debian Wheezy

Michael Grant <mgrant <at> grant.org> wrote:
[...]
> So how can I know that any particular distribution is patched up to the
> current bug fix level of the current level of a piece of software? 
[...]

Hello,

if you have got CVE numbers of the respective issues you can look at
<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-YYYY-NNN> Usually
the respective distributions also document this in the package's
changelog.

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

toby-exim | 12 Jul 16:39 2014

Re: mime_filename and &# encoding

On 28/06/2014 10:01:06, "Jasen Betts" <jasen <at> xnet.co.nz> wrote:

>On 2014-06-27, Sean Donelan <sean <at> donelan.com> wrote:
>
>>  It appears the RFC2047 decode in Exim can be tricked, and the 
>>spammers
>>  have figured out how to exploit it.
>>
>>  For example, this is a recent MIME part (I added "_")
>>
>>      Content-Type: application/x-zip-compressed;
>>           name="&_#_1057_;opy_of_Document_ID7851.zip"
>>      Content-Transfer-Encoding: base64
>>      Content-Disposition: attachment;
>>           filename="&_#_1057_;opy_of_Document_ID7851.zip"
>>
>>  When Exim expands the variable $mime_filename the result
>>  is only "&_#_1057" and nothing else (again _'s added)
>  Still, it looks like a bug in exim. I'm fairly sure the RFCs say that
>semicolons are not significant inside quoted words.
I've got some anti-zipfile protection in my config and some zipfiles are 
making
it through because the filename is like that. This has started happening
recently, so it's not just you Sean.

My mail client also cuts the filename at the semi-colon, for what it's 
worth.

--
Toby
(Continue reading)

Michael Grant | 12 Jul 02:05 2014

Getting the latest version for Debian Wheezy

I'm using Debian Wheezy at the moment.  The latest version for exim
seems to be 4.80 for wheezy.  4.82.1 is available for Jessie (the next
future version of Debian).  However, sucking that into wheezy looks
problematic because it also means sucking in a lot of other dependencies
from Jessie.

Does anyone on this list know what the state of getting 4.82.1 (or
whatever is latest) into the backports repository for Debian is?  It
seems like this is quite urgent as there are some serious sounding
security fixes since 4.80!

Or is there some other source out there that has the latest exim for
wheezy that I could add to my sources.list file?

Out of curiosity, what version of unix/linux is exim developed on anyway?

Michael Grant

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Red Blue | 10 Jul 22:54 2014
Picon

Decide what router to use according to the from field

I opened a thread on ServerFault regarding an issue with Amazon SES and cPanel. In short, when I have an email
forwarder set up on cPanel, and the server receives an email going to that email forwarder, exim tries to
use Amazon SES as the router but Amazon ultimately refuses to deliver that mail due to the From field being
from an unverified email address.

The thread is located here:
http://serverfault.com/questions/604993/how-to-setup-exim-to-check-the-from-field/605276

I'm still having issues with my configuration so I decided to post my issue here.
How can I configure exim to use a different router if the From field doesn't belong to one of the local domains?

Thank you
--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Irfan Ul Haq | 9 Jul 06:55 2014

Deployment of Multiple Exim Servers for Scalability

Hi All,

Is it possible to deploy multiple Exim servers for scalability. Is there any
tutorial available on this topic? It would be great if someone may share
his/her deployment experience.

I have searched around but could not find a concrete answer. There is a
single discussion in Exim mailing list but I am looking for more detailed
tutorial/answer like discussion on deployment architecture etc.

thanks,

irfan

--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Todd Lyons | 10 Jul 14:12 2014

Re: DKIM key configuration for multiple domains

If it's working and you understand it, you're good.

...Todd

On Thu, Jul 10, 2014 at 12:14 AM, Smarthost 432 <smarthost432 <at> gmail.com> wrote:
> Hi Todd Lyons,
>
> Thanks for your response.
>
> Its working now. I have configured EXIM4 in un-split configuration and added
> DKIM entries in /etc/exim4/exim.conf.template file.
>
> Earlier, exim was on split configuration. I modified the required changes as
> per the instruction given in this site on routers and transport, while
> adding DKIM entries and restarting exim, it was showing duplicate transport
> found.
>
> My goal was to setup DKIM for single domain, and same key should be validate
> to other domains.
>
> Now, in unsplit configuration, its working. I do not know if this is right
> way..I welcome your suggestion and advise on this matter.
>
>
>
>
>
> On Tue, Jul 8, 2014 at 5:37 PM, Todd Lyons <tlyons <at> ivenue.com> wrote:
>>
>> On Mon, Jul 7, 2014 at 5:56 AM, Smarthost 432 <smarthost432 <at> gmail.com>
(Continue reading)

Brian Spraker | 9 Jul 19:16 2014
Picon

Match $h_To

Attempting to do a match for $h_To for the vacation / out of office reply item that was sent to the group a while ago.

Here is my line:

${if { match {$h_To:} {(?i).*emailaccount <at> domain.com.* } } {no} {yes} }

In essence, it is checking the "To" in the headers - which should be the original e-mail address before it is
changed over to the forwarding e-mail addresses.

It checks using case insensitive manner (?i) and I have a ".*" before and after the e-mail address.  It
still is sending out an out of office reply though.

Brian S.
--

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


Gmane