mark david mcCreary wrote:
On 11/3/11 9:31 PM, W B Hacker wrote:
[email protected] wrote:
I'm up to Exim 4.71 with Ubuntu Lucid.
I've got some procmail jobs that send out email using Exim, as a named
system user.
:0
|/usr/sbin/exim4 -f [email protected] $SUBSCRIBER
In this example, the user is liaison
liaison:x:1007:1007:liaison,,,:/home/liaison:/bin/bash
The body of the email being sent out contains headers like this
From Debian-exim Thu Nov 3 02:27:45 2011
Date: Wed, 02 Nov 2011 22:27:26 EDT
MIME-Version: 1.0
Message-ID:<[email protected]>
Subject:
From: [email protected]
To: [email protected]
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
That did not use to happen.
? WHAT 'did not use to happen' ... or what was it that happened BEFORE?
Bill
Thanks for asking.
Before, in the good old days, the original headers were not placed into
the body of the message, preceeding the real message.
Now, I have this extra set of headers, in the body of the email, as Exim
is trying to it's show it's suspicious.
The Exim Configuration file contains
trusted_users = "Debian-exim:liaison:listmast"
Is this a new security feature introduced recently ?
'trusted_users' is VERY old.
I'm very old too, but I'm still working :-)
Let me go dig around and see what looks new in this area.
But what would you suggest to get rid of those extra headers in the
emails my on system users are generating.
4.71 is stale, but not as old.
I'm working on rolling out Ubuntu Oneiric as we speak.
There HAVE been several rolling security improvements.
Some MAY affect who can utilize the binary or re-load a config.
Ok, I can compile Exim if I have to.
Or not.
Something that I
have to enable when compiling Exim ?
Got any troubleshooting tips for me ?
Thanks
mark
Not YET.... not sure what is being asked..
I want to eliminate the extra set of headers in the body of messages
being sent by "trusted" users on my server.
What do you suggest ?
Thanks
mark
'ON the server' may be the key.
There are TWO places you can manage headers easily, acl's and
router/transports, though the actual 'meat' takes place in the latter.
But WHEN there is no 'session', eg direct invocation of the binary, IF
you want to use the superb flexibility of an acl, (see re-writing) THEN
it has to be an acl_not_smtp acl - not ordinarily present by default-
and not divided into 'session phases' as over-the-wire smtp is. All-in-one.
Easiest, however, as it can ALSO smack sense into truant MLM's, is to do
it directly in the branching/delivery function of router/transports with
"headers_remove = "(and one : several : or a : whole : long : list..).
Plenty of examples in docs and archives.
Note, for example, that my posts here do not reveal which of many
'desks' or local uplinks I am sitting in front of - the trail begins
with the server jump-off.
That said, 'headers-remove' is an easy, but BFBI approach. There is
PROBABLY a way to have Exim not add those headers in the first place.
I leave that to the 'real experts', as I am still running a 4.69 with
too many source-code mods to one-click upgrade.
Lazy, Iyam.
HTH,
Bill
--
韓家標
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
