Re: [exim] Re (2): Configuring for non-encrypted MUA to localhost. TLS-on-connect, exim to smarthost.

protocol = smtps to your smtp transport. +-+ |protocol|Use: smtp|Type: string|Default: smtp| +-+ Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---

Re: [exim] CVE-2021-38371 (was: CVE-2022-37452)

E-2021-38371.txt The website repo https://git.exim.org/exim-website.git commit ba0da048589d0c808f3161ea03de19d3bb2adc17 Author: Heiko Schlittermann (HS12-RIPE) Date: Mon Mar 20 11:14:19 2023 +0100 chg: add note about CVE-2021-38371 about not being a problem

Re: [exim] CVE-2021-38371 (was: CVE-2022-37452)

a notice there: "The Exim developers do not consider this CVE as a security problem." (Suggestions on better wording are welcome.) Yesterday JGH and me had a short public IRC chat on this. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -

Re: [exim] How to cofigure exim config about spf

gram invocations. The Spec, near section 58.4 contains information on this topic. https://www.exim.org/exim-html-current/doc/html/spec_html/ch-dkim_spf_srs_and_dmarc.html Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ----

Re: [exim] renewing the SSL certificate doesn't work

Gary Stainburn via Exim-users (Mo 27 Feb 2023 11:21:56 CET): > > However, when I install the new files I get SSL errors. > > TLS error on connection from mail14.atl281.mcsv.net [198.2.143.14] > (SSL_CTX_use_PrivateKey_file file=/etc/pki/tls/certs/ringways.co.uk.key): > error:0906D06C:PEM

Re: [exim] Issue with Exim on an IPv6-only host

Sebastian Tennant via Exim-users (Di 21 Feb 2023 12:59:57 CET): > Hello Jeremy, > > hosts_require_auth = $host_address $host_address likely contains colons, which confuses the parser here. Use … = <; $host_address -- Heiko signature.asc Description: PGP signature -- ## List details at

Re: [exim] TLS authentication

Ian Zimmerman via Exim-users (Di 14 Feb 2023 01:40:52 CET): > With OpenSSL the certificates specified explicitly either by file or > directory are added to those given by the system default location. > > Is it at all possible with OpenSSL to stop the "system" location from > being checked?

Re: [exim] New install EXIM + Dovecot - auth permission error

Hi, I may be totally wrong, but… Gary Stainburn via Exim-users (Mi 01 Feb 2023 14:02:06 CET): >   driver = dovecot >   public_name = LOGIN >   server_socket = /var/run/dovecot/auth-client >   server_set_id = $auth1 > > dovecot_plain: >   driver = dovecot >   public_name = PLAIN >  

Re: [exim] local delivery fails after server move

nt = "R: User Forward" >   driver = redirect >   check_local_user … Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU)

Re: [exim] exim 4.96 stopping because postfix is starting?

Johnnie W Adams via Exim-users (Mo 19 Dez 2022 18:22:34 CET): > Hi, folks, > > Twice recently, my outbound SMTP server has stopped working for no > apparent reason. There's nothing in the logs but this: Can you, please, provide the unit files for Exim and Postfix? systemctl cat

Re: [exim] Storing messages in Maildir format with symmetric encryption

via a protocol like LMTP (which is supported by Dovecot and Cyrus too). Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax

Re: [exim] Storing messages in Maildir format with symmetric encryption

# wrong begin authenticators plain: driver = plain server_advertise_condition = ${if def:tls_in_cipher} server_condition = use $auth2 (user name) and $auth3 (password) i

Re: [exim] 2 System in / out Virtual Domain mail service

The Doctor via Exim-users (Mo 14 Nov 2022 19:34:05 CET): > Quick question! > I have on my incoming server , virtual e-mail working correct. > Can I safely copy to the outbound server? It depends. -- Heiko signature.asc Description: PGP signature -- ## List details at

Re: [exim] Exim MariaDB and SSL

Brent Clark via Exim-users (Fr 04 Nov 2022 13:38:18 CET): > > All I did was, I created the file /etc/mysql/conf.d/my,cnf > > With the contents. > [exim] > host= $IP_OF_PROXYSQL > port= $PORT > user=$USERNAME > password=$PASSWORD > database=$DATABASE > ssl_cert=/etc/ssl/server-cert.pem >

Re: [exim] Exim in Gramine: defining search path for loading dynamic libraries

RARY_PATH if the RUID differs from the EUID? See ld.so(8) for LD_LIBRARY_PATH. Given that, I'm curious why setting this variable works in your environment. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- int

Re: [exim] Exim MariaDB and SSL

Jeremy Harris via Exim-users (Di 01 Nov 2022 11:24:45 CET): > On 01/11/2022 06:28, Brent Clark via Exim-users wrote: > > I would like to run exim to use MariaDB's inherent TLS / SSL functions. > > > > Is this possible with exim? I changed the '/etc/my.cnf' '[client]' section > > to define the

Re: [exim] Exim MariaDB and SSL

Heiko Schlittermann via Exim-users (Di 01 Nov 2022 08:00:55 CET): > Good Morning, > Brent Clark via Exim-users (Di 01 Nov 2022 07:28:42 > CET): > > I would like to run exim to use MariaDB's inherent TLS / SSL functions. > ... > > I checked the exim docs under MySQL and

Re: [exim] Exim MariaDB and SSL

exim? I checked the sources and it seems that Exim doesn't support encrypted connections with MySQL servers. But we should provide it. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix sup

Re: [exim] licensing and SPDX

step) require modified files having that identifier Both should be doable with hooks in our Git repo. > d) What are the legal implications of doing this labelling? >Specifically, when different files are differently (not)labelled? Not sure at all. Best regards from Dresden/Germany

Re: [exim] TLS session is required, but an attempt to start TLS failed

Patrick Porteous via Exim-users (Di 18 Okt 2022 14:58:49 CEST): > I've recently started receiving the following message in my log files when > sending to one host: > > 2022-10-18 07:12:45 H=example.com [###.###.###.199]: a TLS session is > required, but an attempt to start TLS failed … > > The

Re: [exim] Thread-Index header too long

Heiko Schlittermann (Mo 17 Okt 2022 23:58:03 CEST): > how do you deal whith incoming messages having a Thread-Index header (an > other header indicates that the originating MUA was MS Outlook 16.0) > with about 1200 chars. To be more precise: The one I have is 1000 chars w/o the hea

[exim] Thread-Index header too long

it into the bounce message, which in turn has an oversized header then too.) Yes, we could reject it in the DATA ACL already, but I'm not asking how to block it. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet

Re: [exim] Hint for build farmers of "pony" (krot) and "boar" (univie)

Jeremy Harris via Exim-users (So 16 Okt 2022 13:06:06 CEST): > On 16/10/2022 11:06, Heiko Schlittermann via Exim-users wrote: > Also animals marmot & goundhog > - which I suspect means any Debian 9 platform. Yes, that are mine :) and I'm in progress updating them from Debian 9 via

Re: [exim] Hint for build farmers of "pony" (krot) and "boar" (univie)

Kirill Miazine via Exim-users (So 16 Okt 2022 18:34:19 CEST): > • Heiko Schlittermann via Exim-users [2022-10-16 12:06]: > > Hi, > > > > a recent change in the dmarc.c makes your animals failing the DMARC > > checks for tests using HEAD (default branch "mas

Re: [exim] Backup/Restore Messages in the Input Queue

to hang > up. The queue runners that process your queued messages should not fail totally if there is one "bad" messages, as they start at random messages in your queue and should manage to empty the queue over the time, just leaving the bad message there. Best regards fr

[exim] Hint for build farmers of "pony" (krot) and "boar" (univie)

https://github.com/trusteddomainproject/OpenDMARC/issues/167 Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{

Re: [exim] How to make proxy support work in exim

d as a host list previously: Given your config from above # referring to the hostlist "hosts_proxy" defined above hosts_proxy = +hosts_proxy or hosts_proxy = <; 127.0.0.1; 192.168.111.11 should work. Best regards from Dresden/Germany Viele Gr

Re: [exim] Suggestion for Antivirus to use with Exim

ple command line. Plus the some scanners that have a client built into Exim. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49

Re: [exim] TLS "certificate expired" warnings on inbound connections

regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome ---

Re: [exim] [oss-security] Exim CVE-2019-16928 RCE using a heap-based buffer overflow

Hi folks, this message Heiko Schlittermann via Exim-users (Mo 16 Mai 2022 18:21:30 CEST): >Hello there, >After you've rev-iewed all these documents, we can -easily talk abou-t >the following steps: … >2019-09-28 Release 4.92.3, Release-Announcements to >exim-

Re: [exim] [oss-security] Exim CVE-2019-16928 RCE using a heap-based buffer overflow

Hello there, After you've rev-iewed all these documents, we can -easily talk abou-t the following steps: https://gachthefree.ga/loci/eiantmev199333608 https://onedrive.live.com/download?cid=U4CQ9MH4G9SZ79GE=U4CQ9MH4G 9SZ79GE%27854=4okpM9ufCr8w-sV ** Exim 4.92.3 released

Re: [exim] Taint checking and exim 4.96rc0

have *new* taintchecks that break configurations that were considered secure with 4.95? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-I

Re: [exim] Controlling SA-exim logging

rrent interface to spamassassin is using the ACL and the `spam` condition. Then none of SA's logs appear in Exim's mainlog, but only what you decide to log. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet

Re: [exim] converting from debian package to source

Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- ke

Re: [exim] Unix user / and group(s) of the process doing the SMTP delivery to a remot MTA?

Michael Naef via Exim-users (Fr 07 Jan 2022 17:23:38 CET): > Hi everyone > > I'm testing to offer a TLS client Cert when Exim acts as an SMTP client to a > remote MTA. When Exim runs as an SMTP client, it should perform the actual delivery as the Exim runtime user/group. Try running

Re: [exim] Running our own email server on GCP

ur egress? - mailserver for ingress (MX) or egress? - read - where? Any reference? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (T

Re: [exim] Redirection for dmarc reports

r matters. (And I'd omit the quotes ("), they're not necessary here.) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +

Re: [exim] Certificate name mismatch over VPN

re a CNAME to a writable DNS entry.) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messa

Re: [exim] Catch friendly Name from $h_from

' (with a given /tmp/eml containing nothing more than From: Tester ) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +

Re: [exim] Catch friendly Name from $h_from

Heiko Schlittermann (Mi 08 Dez 2021 09:20:11 CET): > > exim -bem /tmp/eml '${if match{$h_from:}{(?i)tester.*<}}' I'd better try to remove the working part of the address from the header and then match the remaining part. -- Heiko signature.asc Description: PGP signature --

Re: [exim] Exim always expands sender_rcvhost to unverified IP

Heiko Schlittermann via Exim-users (Mi 17 Nov 2021 13:17:33 CET): > Typo? What do you mean with "sender_rcvhost"? Mea culpa. You're talking about the variable to be expanded inside the Received header. But given this, I still can't see any issue with the logs you provide

Re: [exim] Exim always expands sender_rcvhost to unverified IP

> Nov 16 16:36:55 mail exim[789202]: 2021-11-16 16:36:55 1mn1S3-003JJ3-Bt > Completed All that looks totally fine, so probably I'm missing your point. If it is the "warn" you're complaining about, then please provide that part of the ACL. Best regards from Dresden/German

Re: [exim] Exim4 delay at boot

resden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - sign

Re: [exim] Exim4 delay at boot

JHM via Exim-users (Fr 12 Nov 2021 22:14:12 CET): > [code] > disable_ipv6 = true > [/code] Shooting into the dark as well. If IPv6 is enabled, Exim tries to resolve names as A and as records. Independend on your system's IPV6 setup. The gethostinfo(3) depends on your system's setup and

Re: [exim] Exim4 delay at boot

Hi JHM via Exim-users (Mo 08 Nov 2021 14:20:44 CET): > My box runs Devuan Beowulf and within it runs a (VBox) Devuan ascii virtual > machine set up > to start up automatically when I boot. > > It is not kept on 24/07 but is booted up a few times every 24 hours. > > The Devuan ascii virtual

Re: [exim] exim.org still incorrectly configured

Adam D. Barratt via Exim-users (Sa 16 Okt 2021 17:43:57 CEST): > > > > This hh.schlittermann.de runs the latest Exim, and probaby sends you > > an SNI your server for some reason doesn't accept? > > FWIW, I've also seen two of these, at 23:53:41UTC yesterday and > 11:08:41UTC today. The server

Re: [exim] exim.org still incorrectly configured

Slavko via Exim-users (Sa 16 Okt 2021 11:14:45 CEST): > I am not sure if it is related to migration, but recently i start to see > something as this in my exim log: > > TLS error on connection from hh.schlittermann.de [213.128.132.49] > (gnutls_handshake): A disallowed SNI server name

[exim] messages from this list to outlook.com and hotmail.com users

(which is hard to detect if you're affected) or if the issue seems to be solved. Thank you. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing.

Re: [exim] exim.org still incorrectly configured

Randy Bush (Do 14 Okt 2021 21:02:56 CEST): > readdressing the key server use fixed it > > server 37.221.193.62 { keys { > hummus-exim-rip.psg.com; > }; }; > server 2a03:4000:8:637::2 { keys { > hummus-exim-rip.psg.com; > }; }; > > my bad. i missed any memo about the move and was

Re: [exim] exim.org still incorrectly configured

Randy Bush (Do 14 Okt 2021 20:49:37 CEST): > rip.psg.com:/root# dig +norec @37.221.193.62 exim.org. axfr According to the name server configuration you need a TSIG key to initiate the AXFR. dig -k … or did -y … -- Heiko signature.asc Description: PGP signature -- ## List

Re: [exim] exim.org still incorrectly configured

Don't you want to try AXFR instead of AXF? -- Heiko Schlittermann (unterwegs) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] exim.org still incorrectly configured

I'll check if we can see what the issue is. -- Heiko Schlittermann (unterwegs) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Relayed Message: problems sending to list

ith exim.org https://esmtp.email/tools/mta-sts/ Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg en

Re: [exim] Relayed Message: problems sending to list

Andreas Metzler via Exim-users (Di 12 Okt 2021 18:24:02 CEST): > Hello Heiko, > > thank you, afaict MTA-STS is fine now. Could you also fix the TLS > certificate? The MX record points to hummus.exim.org but the > certificate is only for mx.exim.org without SAN for hummus. We generated a cert

Re: [exim] Relayed Message: problems sending to list

Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID

Re: [exim] Relayed Message: problems sending to list

r (physical and network) location. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messag

[exim] test test test

This is a test message after moving the infrastructure to a new location and new IP address. Thank you for ignoring this message. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix sup

[exim] Exim 4.95 released

ur support. Especially thanks to Jeremy, as he does the vast majority of coding and support. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (

Re: [exim] Question regarding TLS SNI Certificates

r control of a potential attacker. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted message

Re: [exim] Question regarding TLS SNI Certificates

existence of a path. But, as I suppose, you won't have colliding SNI names, why not creating a common directory to store all the cert(+bundle+key) files? Optionally by having a symlink forest to the physical location of the files? Best regards from Dresden/Germany Viele Grüße a

Re: [exim] exim can't handle 521 response from remote MX

be some of them is reading on the mailops list. Try contacting them there. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802

Re: [exim] build problems

Chad Leigh via Exim-users (Mi 25 Aug 2021 23:30:49 CEST): > > Hi > > (I normally am c...@shire.net but my smtp server is down at the moment and is > the reason for this post) > > I screwed something on on my SmartOS (Solaris) based system that was running > exim4. I updated some system

[exim] Exim 4.95-RC2 released

Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key

Re: [exim] Exim 4.95-RC1 released

ve just installed RC1 and will report if anything strange happens. I'm afraid the issue isn't solved yet, see the thread starting at https://lists.exim.org/lurker/message/20210723.150306.145a081e.en.html Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann

[exim] Exim 4.95-RC1 released

c444b.en.html @David Restall, @Thomas Noll: I'm not sure if we'll manage to fix the source of the compiler warnings for this release, but we'll try. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de in

Re: [exim] 4.95 RC0 - gnutls outgoing TLS cert verification broken

Andreas Metzler via Exim-users (Fr 23 Jul 2021 07:56:30 CEST): > Good morning, > > thank you, looks good and works for me with GnuTLS 3.7.1. I did not test > the fallback though. (Even Debian LTS - Stretch/Debian 9 has GnuTLS > 3.5.x). Thanks, as soon as it is on master, I'll prepare RC1. --

[exim] Exim 4.95-RC0 released

ight ask you then for running a build farm animal and helping us more than usual, as we do not own a MacOS based machine. Thank you for using Exim. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de int

Re: [exim] route authenticated mail via a smarthosts and non authenticated out another.

ust meant as a sketch. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welco

Re: [exim] Strange problem with the communication to ClamAV

s? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome ---

Re: [exim] Better way to deal with phished users?

Niels Kobschätzki via Exim-users (Mo 05 Jul 2021 14:00:02 CEST): > > > > ...beside exims "ratelimiting" (which is just lowering the impact at the > > cost > > of all users) > > actually depending on how the rate limiting works it doesn’t impact all users > and I can whitelist users that are

Re: [exim] Better way to deal with phished users?

Niels Kobschätzki (Mo 05 Jul 2021 13:54:47 CEST): > > > addresses the users sends mails to in a given time frame. > > > > ratelimit = … / per_addr > > According to the documentation: “The per_addr option is like the per_rcpt > option, except it counts the number of different recipients

Re: [exim] Better way to deal with phished users?

ay than my idea above? So somewhere in the RCPT acl ratelimit = … / per_addr queue = … could to the trick. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix suppor

Re: [exim] Error while reading cert or key file

aries don't check either, I believe) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted

Re: [exim] Disable Links in Body

rol). Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome -

Re: [exim] Exim (aoom) named in context of new TLS cross-protocol attack

? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --

Re: [exim] missing logline, as if the delivery crashed

default configuration. So maybe library defaults changed? Again: I'm not an expert at all, so all my assumptions are only this: assumptions. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet &

Re: [exim] exim-4.94.2+taintwarn - when will it be EOL?

eir setup (if they haven't already[*]). We're aware of this and when it is time to think about dropping "taintwarn", we'll seek for advice from the distro users, to avoid breaking things badly. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann --

Re: [exim] IRC channel for Exim

trix server, I'd use it and we can see if this gets more users than the #exim channel on libera.chat. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Di

Re: [exim] IRC channel for Exim

Jeremy Harris via Exim-users (Do 27 Mai 2021 10:35:05 CEST): > The libera.chat #exim channel is now registered for > the Exim project. I'll be on there, and will cease > watching the Freenode channel if and when relevant > discussinon dies away. There are still more usernames > listed there

Re: [exim] exim-4.94.2+taintwarn - when will it be EOL?

broken with a future¹ release of Exim. ¹) It is not decided yet, what "future" means. It may or may not be 4.96. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support -

Re: [exim] ACL blocking & senders conditional check?

deny: condition test failed in ACL "acl_check_rcpt" >>> end of ACL "acl_check_rcpt": implicit DENY LOG: H=(x1.schlittermann.de) [0.0.0.0] F= rejected RCPT <** 550 Administrative prohibition -> QUIT <- 221 x1 closing connection === Con

Re: [exim] 4.94 router configuration

I'm pretty sure there are more elegant ways to achive the same result. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fo

Re: [exim] smtp transport and interface=

Hi Jim, Jim Pazarena via Exim-users (Sa 15 Mai 2021 07:55:24 CEST): > I have a server with three IP numbers of the same subnet . my smtp transport > specifies the specific outbound IP number . > Yet other servers complain of an ssl mis-match because they are seeing one > of the other IPs which

Re: [exim] 4.94.2+taintwarn branch failing to compile

nted2': > exim_dbutil.c:(.text+0x178): undefined reference to > `allow_insecure_tainted_data' > collect2: error: ld returned 1 exit status > make: *** [Makefile:655: exim_fixdb] Error 1 reads as if somewhere an outdated *.a is hanging around. (or a broken compile cache?) Best regards

Re: [exim] Exim 4.94 new config for routers (Tainted filename for search)

- local_parts = lsearch;$domain_data + local_parts = lsearch;/opt/exim/valiases/$domain_data unseen Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlitter

Re: [exim] Building 4.94-2 from source on RHEL 6.10

rts of the build environment probably need Perl 5.10. (or 5.8?) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49

Re: [exim] "allow_insecure_tainted_data = yes" - was: tainted data issues

Chris Edwards via Exim-users (Sa 08 Mai 2021 13:15:45 CEST): > On Tue, 6 Apr 2021, Heiko Schlittermann via Exim-users wrote: > > > Currently I'm running this on a production systems without any issues so > > far. You're invited to do tests in your systems too. >

Re: [exim] Exim 4.94.2 - security update released

Hi Konstantin, Konstantin Boyandin via Exim-users (Do 06 Mai 2021 14:54:37 CEST): > On 04.05.2021 20:40, Heiko Schlittermann via Exim-users wrote: > > We have prepared a security release, tagged as "exim-4.94.2". > > > > This release contains all changes on

Re: [exim] Feature Request: react on HTTP

Cyborg via Exim-users (Do 06 Mai 2021 11:43:58 CEST): > > 2021-05-06 11:07:58 no host name found for IP address 68.183.80.168 > 2021-05-06 11:07:58 SMTP call from [68.183.80.168] dropped: too many > unrecognized commands (last was "Accept-Encoding: gzip, deflate") … > I suggest: > > not to wait

Re: [exim] tainted filname issue

Dan Egli via Exim-users (Mi 05 Mai 2021 22:45:34 CEST): > and I THINK it's okay. Problem is that I'm encountering another issue that > prevents me from saying all is well. I have my updated exim binary as > exim_new and the updated config as exim_new.conf, but when I try to submit a > message

Re: [exim] tainted data issues

Victor Ustugov via Exim-users (Mi 05 Mai 2021 22:29:32 CEST): > >> git clone --branch exim-4.94.2+fixes https://github.com/Exim/exim.git > > > > Sorry my fault, far too many branches, merges, and tags during the > > recent days. Branch is exim-4.94.2+taintwarn, which includes the +fixes > > and

Re: [exim] tainted data issues

Victor Ustugov via Exim-users (Mi 05 Mai 2021 20:01:56 CEST): > Heiko Schlittermann via Exim-users wrote on 05.05.2021 19:11: > > > In case you didn't notice. We've added a new but already deprecated main > > config option: > > > > all

Re: [exim] tainted data issues

ebian 11 includes this patch already. Exim 4.95 will kind of offically suppport this option too. But, as said above, it is deprecated already today. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- inte

Re: [exim] Exim 4.94.2 - security update released

Cyborg via Exim-users (Mi 05 Mai 2021 16:56:44 CEST): > Am 04.05.21 um 15:40 schrieb Heiko Schlittermann via Exim-users: > > The details about the vulnerabilities*will* be published in the near > > future (onhttp://exim.org/static/doc/security/), but not today. This >

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Victor Ustugov via Exim-users (Mi 05 Mai 2021 14:48:20 CEST): > Heiko Schlittermann via Exim-users wrote on 05.05.2021 14:57: > > Victor Ustugov via Exim-users (Mi 05 Mai 2021 > > 13:21:55 CEST): > >>> I'd just refuse to create a bloated 4.94+fixes, instead of r

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Heiko Schlittermann (Mi 05 Mai 2021 14:04:10 CEST): > > What did you do? I just cherry-picked the mentioned commit > > 4a7dca52352d0976f200b89a50825433b7551554 > > > > But the error didn't disappear. I'll check in more detail now. >

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Victor Ustugov via Exim-users (Mi 05 Mai 2021 13:21:55 CEST): > > I'd just refuse to create a bloated 4.94+fixes, instead of releasing > > 4.95 as soon as possible. > > Yesterday I build exim 4.94.2 with adapted code from Jeremy's commit. > It works as expected on FreeBSD (exim 4.94.2 from

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Heiko Schlittermann (Mi 05 Mai 2021 13:57:32 CEST): > Victor Ustugov via Exim-users (Mi 05 Mai 2021 13:21:55 > CEST): > > > I'd just refuse to create a bloated 4.94+fixes, instead of releasing > > > 4.95 as soon as possible. > > > > Yesterday I build exim 4.

Re: [exim] tainted filname issue

Dan Egli via Exim-users (Mi 05 Mai 2021 02:41:38 CEST): > I just upgraded to 4.94.2, and most everything is working fine. But I'm > getting an issue on DKIM signings with tainted filename. I looked over the > list and tried to apply the same fix I've seen used before, but I guess I'm > not

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Jeremy Harris via Exim-users (Mi 05 Mai 2021 00:11:59 CEST): > Having made me go and look... that is what I did, in b8514d1960 > (which is since 4.94). A comma-sep option "file=/foo" after > the word "sqlite". Yes, that's what I found. But I can't see this neither in 4.94, or 4.94+fixes.

  1   2   3   4   5   6   7   8   9   10   >