Re: [exim] bounce message with hosts_require_tls

[Brent Jones]

I had a set of custom patches to Exim to do something like this for a
product. I no longer have or maintain them, but it wasn't -too- difficult
to whack up the hosts_require_tls error handling to generate a custom DSN.
I'll see if I can dig back through memory lane with something more helpful,
but it was never quality enough to want to push upstream back into Exim  ;)

On Thu, Jan 11, 2018 at 4:38 PM, Daniel Jost  wrote:

> Hi!
>
> I created a route and a transport in my exim configuration to allow
> certain sender domains to enforce encrypted transfer (mandantory tls). The
> idea is that if an authenticated user sends an email, the server looks up
> if the domain has mandantory tls enabled and routes the message through the
> transport that only succeeds if the remote mail server supports tls.
>
> That was the easy part. :-) Another part of the idea is that the sender
> receives a bouncer if remote server doesn't support tls. Unfortunately exim
> seems to handle a failed hosts_require_tls condition as an temporary error,
> puts the mail to the queue and tries again and again to deliver the mail.
> If the retry timeout is exceeded, the error message in the bouncer mail is:
>
> "retry timeout exceeded"
>
> instead of something like
>
> "remote server doesn't support tls delivery"
>
> Any idea how to change that behavior so that the sender gets a bouncer
> with a meaningful return message?
>
> My config parts are:
>
> # router/150_exim4-config_mandantorytls_route
> #
> # route for mandantory tls
> mandantorytls_route:
>   debug_print = "R: mandantorytls_route for $domain"
>   driver = dnslookup
>   domains = +mandantorytls_domains
>   transport = remote_smtp_mandantorytls
>
> ### transport/30_exim4-config_remote_smtp_mandantorytls
> ###
> # enforce tls
> remote_smtp_mandantorytls:
>   debug_print = "T: remote_smtp_mandantorytls for $local_part@$domain"
>   driver = smtp
>   hosts_require_tls = *
>   tls_tempfail_tryclear = false
>
> Thanks a lot!
>
> Daniel
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Best OS to run EXIM

[Brent Jones]

Redhat stopped shipping Exim - so we build our own RPMs and run Exim many
places.
We run mostly CentOS 7 and 6. Very good success for better part of a decade.

On Tue, Oct 18, 2016 at 7:01 PM, 3YSTech Services <3ystechservi...@gmail.com
> wrote:

> Hi,
>
> I currently run exim 4.81 on rhel6 , looking to run latest EXIM 4.87 on
> RHEL7, couldn't find compiled RPMs for RHEL7 (no fedora).I don't want to
> compile and prefer to get ready compiled RPMs.
>
> Which OS will have RPMs compiled in OS repository (like rhn on rhel)?
>
> Is there appliance that have all EXIM dependency and RPMs installed ?.
>
> Thanks
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/




-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] safe handling of $tls_sni

[Brent Jones]

I'd like that - and if we were at it, I'd want a safe $sender_host_address
so we can use RHS expansion without modifying the Makefile :)


On Mon, Oct 17, 2016 at 2:53 PM, Mike Tubby <m...@tubby.org> wrote:

>
> Couldn't we have - per perhaps shouldn't we have - a "safe domain name"
> function in Exim that could be used for this and elsewhere where an
> untrusted domain name enters - it would:
>
> * remove white space (tab, space, etc)
> * remove non-printing chars
> * remove 'quoting' and 'escaping'
> * make it lower case
> * only allow valid characters for a FQDN
>
> call it something like "safe_fqdn" and then you could do:
>
> ${if exists{/etc/mail/ssl/${safe_fqdn:tls_sni}.pem}{/etc/mail/ssl
> /${safe_fqdn:tls_sni}.pem}{/etc/mail/default-cert.pem}
>
> aren't computers are supposed to be doing the work for us...?
>
>
> Mike
>
>
>
>
> On 10/17/2016 10:09 PM, Phil Pennock wrote:
>
>> On 2016-10-12 at 14:50 +0200, Arkadiusz Miśkiewicz wrote:
>>
>>> Docs say that $tls_sni has raw data from client:
>>>
>>> "Great care should be taken to deal with matters of case, various
>>> injection
>>> attacks in the string (../ or SQL), and ensuring that a valid filename
>>> can
>>> always be referenced; it is important to remember that $tls_sni is
>>> arbitrary
>>> unverified data provided prior to authentication."
>>>
>> Someone read the text I wrote!  Woohoo!
>>
>> (It only took a few years ...)
>>
>> What is safest approach to handle $tls_sni when trying
>>> to expand it to file on filesystem?
>>>
>> Use a cryptographic hash for the filename.  Or base64-encode it.
>> Use symlinks for human-convenience names and any aliases.
>>
>> Your trade-offs are:
>> * a cryptographically-skilled attacker might find a collision and ...
>>get you to issue, to _them_ (and only them) a certificate for a known
>>system, while on their side they should be looking to validate against
>>something else.  Woo, they just attacked themselves: on your side, you
>>don't need to care.
>> * A very long SNI with base64 might look up a very long filename on
>>disk.  Shouldn't be an issue, unless you're mass-hosting on an OS
>>which only maintains dir hashing for filenames up to a certain length
>>and need to accept customer-controlled SNI names.
>>Of course, the systems like that, if memory serves, broke at 32
>>characters long and a SHA1 hex digest is 40 characters long, so you'd
>>also want to use ${substr...} to take the first N characters.
>> * If you have a lot of similar names, sha1 will give you more
>>readily-distinct values which you can tell apart at a glance.
>>
>>> ${sha1:${lc:mx.spodhuis.org}}
>>F0DF49E8B2ACF84D5D290E89F9B673EF44B60E74
>>> ${str2b64:${lc:mx.spodhuis.org}}
>>bXguc3BvZGh1aXMub3Jn
>>
>> So, eg, `/etc/mail/ssl/bXguc3BvZGh1aXMub3Jn.pem` should exist for this
>> approach, to issue a cert for the name `mx.spodhuis.org`.
>>
>> Rule like:
>>> ${if exists{/etc/mail/ssl/${tls_sni}.pem}{/etc/mail/ssl/${tls_sni
>>> }.pem}{/etc/mail/default-cert.pem}
>>>
>> ${if exists{/etc/mail/ssl/${str2b64:${lc:tls_sni}}.pem}{/etc/
>> mail/ssl/${str2b64:${lc:tls_sni}}.pem}{/etc/mail/default-cert.pem}
>>OR
>> ${if exists{/etc/mail/ssl/${sha1:${lc:tls_sni}}.pem}{/etc/mail/ss
>> l/${sha1:${lc:tls_sni}}.pem}{/etc/mail/default-cert.pem}
>>
>> -Phil
>>
>>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>



-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] EXIM 'Completed' hook'

[Brent Jones]

Was the experimental_events slated to be called 'stable', I thought I
recalled something to that effect   :)

On Fri, Oct 30, 2015 at 10:39 AM, Jeremy Harris <j...@wizmail.org> wrote:

> On 30/10/15 17:29, Gary Stainburn wrote:
> > I am using Postgresql with EXIM and I'm storing various details about
> emails.
> > I can hook into various stages of the emails using the various ACL's but
> I
> > can't work out how to detect a "Completed" message.
> >
> > Is this possible?
>
> Yes, if you use the EXPERIMENTAL_EVENTS facility.  You'll probably
> need to compile your own for that.
> --
> Cheers,
>   Jeremy
>
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>



-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] POODLE...

[Brent Jones]

Why not just disable the impacted ciphers?
This seems reasonable to me:

tls_require_ciphers =
-ALL:+HIGH:-SSLv2:!aNULL:!eNULL:!EXPORT:!DSS:!DES:RC4-MD5:AES256-SHA:AES128-SHA



On Fri, Oct 17, 2014 at 6:44 AM, Viktor Dukhovni exim-us...@dukhovni.org
wrote:

 On Fri, Oct 17, 2014 at 02:44:16AM -0400, Chris Siebenmann wrote:

  (This is not to say that you should leave SSLv3 on. I'd turn it off
  for various reasons, including that it's ancient.)

 My advice is to leave it on.  I understand that turning it off
 feels good, and may even appease some auditors, but the net effect
 of turning it off for SMTP is very slightly negative.  A tiny, but
 perhaps sensitive, fraction of systems (some older anti-spam/anti-virus
 appliances) will now only be able to send you email in the clear.

 If you want to gain some security, consider disabling RC4 on port
 587, where TLS should be mandatory, and if any of the submission
 clients are bots or other MTAs that use PLAIN auth, RC4 might
 leak their credentials after some millions of messages.

 All this said, most sites that choose to disable SSLv3, will likely
 not notice any difference either way.  The fraction of SMTP traffic
 that is SSLv3 is tiny for most domains.

 --
 Viktor.

 --
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/




-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Experimental Redis lookup

[Brent Jones]

I haven't use it yet, but would like to.
Would you mind sharing snippets of how you are using it?


On Tue, Apr 22, 2014 at 3:33 AM, Warren Baker war...@decoy.co.za wrote:

 HI all,

 I just wanted to ask whether anyone is making use of Redis as a lookup?
 I have been using it for a number of months now without any issue but
 need to find out whether others are or have attempted using it and if
 it is working or didn't work for them.

 Thanks

 --
 .warren

 --
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/




-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] test database conn to prevent rejecting messages

[Brent Jones]

Peeked at the source code, but it is outside my abilities to modify.
Wonder if it could be a feature request  :)


On Tue, Oct 15, 2013 at 12:53 PM, Brent Jones br...@brentrjones.com wrote:

 What about extending the defer_ok function to ACLs other than callouts
 and virus scanning?
 That way, if you have an ACL that does a DB lookup, you can add the
 /defer_ok switch to the condition, and allow that ACL to accept itself if
 there is a problem?

 If you do this on blacklist or whitelist style ACLs, and not actual user
 lookups or routers, you can safely pass them, error on the side of caution
 if you wanted to just accept the message.
 I'll look at the source, to see what that defer_ok looks like


 On Sat, Oct 5, 2013 at 8:31 AM, Graeme Fowler gra...@graemef.net wrote:

 On Fri, 2013-10-04 at 18:16 -0400, josh trier wrote:
  I am writing an ACL that a few of my relay servers will use. All is fine
  with code. However if the central database server can not be connected
 to I
  want to disable the ACL to prevent messages from being rejected.
 
  Right now this is what happens if DB conn fails (example of stopping
 mysqld
  service)
 
  SMTP 451 Temporary local problem - please try later451 Temporary
  local problem - please try later
  LOG: MAIN REJECT
H=localhost [127.0.0.1] F=r...@relay8.hrnoc.net temporarily
  rejected after DATA: MYSQL connection failed: Can't connect to
  local MySQL server through socket '/var/lib/mysql/mysql.sock'(2)

 Although that is indeed a rejection, it's a temporary one. Well-behaved
 remote servers receiving that will simply re-queue the mail and try
 again later.

 Jasen's readsocket approach might have legs, but I think I'd create a
 shell or perl script that can give you a DB is available or DB is
 dead response and call that from a warn statement using $run.

 That way you could set a variable and check for its value in later ACLs,
 at the cost of making one extra DB connection per message.

 How to do that will be left as an exercise :)

 Graeme


 --
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/




 --
 Brent Jones
 br...@brentrjones.com




-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] test database conn to prevent rejecting messages

[Brent Jones]

What about extending the defer_ok function to ACLs other than callouts
and virus scanning?
That way, if you have an ACL that does a DB lookup, you can add the
/defer_ok switch to the condition, and allow that ACL to accept itself if
there is a problem?

If you do this on blacklist or whitelist style ACLs, and not actual user
lookups or routers, you can safely pass them, error on the side of caution
if you wanted to just accept the message.
I'll look at the source, to see what that defer_ok looks like


On Sat, Oct 5, 2013 at 8:31 AM, Graeme Fowler gra...@graemef.net wrote:

 On Fri, 2013-10-04 at 18:16 -0400, josh trier wrote:
  I am writing an ACL that a few of my relay servers will use. All is fine
  with code. However if the central database server can not be connected
 to I
  want to disable the ACL to prevent messages from being rejected.
 
  Right now this is what happens if DB conn fails (example of stopping
 mysqld
  service)
 
  SMTP 451 Temporary local problem - please try later451 Temporary
  local problem - please try later
  LOG: MAIN REJECT
H=localhost [127.0.0.1] F=r...@relay8.hrnoc.net temporarily
  rejected after DATA: MYSQL connection failed: Can't connect to
  local MySQL server through socket '/var/lib/mysql/mysql.sock'(2)

 Although that is indeed a rejection, it's a temporary one. Well-behaved
 remote servers receiving that will simply re-queue the mail and try
 again later.

 Jasen's readsocket approach might have legs, but I think I'd create a
 shell or perl script that can give you a DB is available or DB is
 dead response and call that from a warn statement using $run.

 That way you could set a variable and check for its value in later ACLs,
 at the cost of making one extra DB connection per message.

 How to do that will be left as an exercise :)

 Graeme


 --
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/




-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Goodbye all

[Brent Jones]

On Tue, Jun 25, 2013 at 1:42 AM, Alun a...@aber.ac.uk wrote:

 Dear all,

 I've been a lurker and sometime-contributer for many years, but I think
 today's the day to unsubscribe. For  15 years we've run exim as our
 primary
 mail service here at Aber. And it's done a sterling, almost faultless job.

 But management has decreed that we shall be an entirely Exchange site and
 outsource the student e-mail service to Office 365. While we'll still have
 exim here in some small way (to paper over the manifest cracks in the
 facilities provided by Exchange and O365) it's not going to be doing
 anything interesting or exciting any more.

 Thanks for all your interesting messages over the years, and best wishes to
 you all for the future.

 Cheers,
 Alun.

 --
 Alun Jones,a...@aber.ac.uk,01970 622494
 Gwasanaethau Gwybodaeth / Information Services
 Prifysgol Aberystwyth / Aberystwyth University

 --
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/



If it counts, my employer handles millions of messages a day through Exim,
coming from primarily Exchange systems with limited to no support for
advanced routing or services  :)
Suffice to say, Exchange has its place, but its certainly not at the core
of e-mail routing! I'm sure your management will realize that in short order

-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Using readsocket for ratelimiting?

[Brent Jones]

Has anyone considered, or already made a rate limiting ACL using readsocket?

Besides writing a simple daemon, I don't see any reason not to try this out.
I envision sending various data to the daemon, like sender IP, recipients,
sender address, then getting a pass/fail from the socket depending.
On that pass fail, I guess you could wrap it in a defer or reject ACL,
however you want.

This way, the rate limit database doesn't need to reside on a single box,
the socket daemon could use memcache or a proper DB.

Any thoughts?

-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim and SQL Database performance

[Brent Jones]

On Fri, Jul 13, 2012 at 12:47 PM, Jeremy Harris j...@wizmail.org wrote:

 On 2012-07-13 17:18, Robert Blayzor wrote:

 When using Exim to pull domainlists, say:

 domainlist db_localdoms   = pgsql;


 Run it with suitable debug, and you'll see results being reused from cache.
 It even knows that some SQL ought not to be cached.
 --
 Jeremy



 --
 ## List details at 
 https://lists.exim.org/**mailman/listinfo/exim-usershttps://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


The lookup caching is only for that specific Exim process, on each new
message, it must perform the lookups again.
Such lookups are pretty trivial though, unless later down in your config
you perform joins and such.

-- 
Brent Jones
br...@brentrjones.com
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] ratelimiting outgoing mail

[Brent Jones]

On Mon, Oct 17, 2011 at 5:46 AM, Mikhail Lischuk mlisc...@itx.com.ua wrote:


 Greetings!

 I am searching for some easy way to ratelimit my
 outgoing emails.

 My provider requires me to send no more than 30
 messages per 10 minutes. I've tried to search for some solution at
 Google and was not successfull.

 What I was planning to do is setting
 Exim run qeue say once per minute, and setting connection_max_messages =
 3

 However, I fear that it would ruin performance and some emails will
 be delivered with a significant delay.

 Is there anything to be advised
 in such situation?

 --
 With Best Regards
 Mikhail Lischuk [1]




 Links:
 --
 [1] mailto:mlisc...@itx.com.ua
 --
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


Exim documentation has a fully detailed section on its built in rate
limiting facility.

Boiling down a quick example:


  warn
hosts   = *
ratelimit   = 60 / 1h / strict / per_rcpt /
{$sender_host_address}_sender_rcptlimit
log_message = Rate limit in effect ( $sender_host_address )
exceeds $sender_rate in $sender_rate_period

Put that into an ACL where it makes sense (do they restrict number of
deliveries, recipients, commands?)

-- 
Brent Jones
br...@servuhome.net

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Calling Cisco PIX Exim users

[Brent Jones]

On Sun, Jan 16, 2011 at 11:19 PM, Phil Pennock exim-us...@spodhuis.org wrote:
 A while back there were some people with issues using a Cisco PIX and
 wanting to be able to work around their outbound connections passing
 through such a device being broken by bugs in the PIX.

 Postfix has smtp_pix_workaround_delay_time and I've written a patch for
 Exim to add smtp_dotcrlf_delay as an SMTP Transport option, for much the
 same thing: to delay sending the final dot at the end of sending the
 body of the email.  The patch is attached to:
   http://bugs.exim.org/show_bug.cgi?id=1069

 However, while the code is correct by inspection and delayed a test
 outbound connection when I tried it, I haven't got a PIX to test against
 to be *sure* that it actually does what's needed.  I do not intend to
 push this patch into the main repo unless and until we get confirmation
 that it actually works.

 So, any PIX users want to confirm it works?

 Thanks,
 -Phil

 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/



I'll have an ASA available soonish to test. Not a PIX, but has
similar, if not the same SMTP inspection garbage.


-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Anybody else getting temporarily rejected RCPT from gmail.com ?

[Brent Jones]

On Fri, Dec 31, 2010 at 3:51 PM, mark david mcCreary
m...@internet-tools.com wrote:
 H... nothing has changed here in a while, and I'm now getting

 2010-12-31 22:08:55 H=mail-ww0-f48.google.com [74.125.82.48]:42929 
 F=edspho...@gmail.com temporarily rejected RCPT 
 aachat-cont...@cirrus.mail-list.com
 2010-12-31 22:08:55 H=mail-ww0-f48.google.com [74.125.82.48]:42929 incomplete 
 transaction (QUIT) from edspho...@gmail.com

 Which does not tell me much.  I'm thinking it's DNS related, and it's 
 interesting that it's none of my custom ACL messages.

 On Gmail's end, they are saying

 Technical details of temporary failure:
 Google tried to deliver your message, but it was rejected by the recipient 
 domain. We recommend contacting the other email provider for further 
 information about the cause of this error. The error that the other server 
 returned was: 451 451 Temporary local problem - please try later (state 14).


 Reverse DNS looks ok for Google.

 74.125.82.48 resolves to mail-ww0-f48.google.com

 Almost, if not all of my ACL defers have a custom message written to my log.

 So I think this must be some low level Exim error.

 Can anybody shed some light on how to track this down ?

 Thanks

 mark

 p.s.  Also getting this on some Google Apps domains.
 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


I'm not new to issues with Google SMTP services.
Just a month or so ago, they completely broke TLS or several weeks:

http://www.brentrjones.com/?p=65

Throughout this time, I've seen some wildly random behavior with Google's SMTP.

Good luck  :)


-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Unseen routers and catch-all

[Brent Jones]

On Wed, Nov 10, 2010 at 2:11 AM, Alan Pinder a...@fastvision.com wrote:
 Hi,

 First-time poster to this list, please be gentle :)

 Currently we have 3 main routers: alias (for forwarders), mailbox and
 catch_all (for all other ones - this performs different actions
 depending on the domain configuration).

 We recently had some customers asking us whether they could have the
 same e-mail address for both mailboxes and forwarders - so the message
 gets delivered to a mailbox as well as being forwarded to seperate
 destinations. Looking through the Exim documentation, I noticed the
 `unseen` directive - and added this to tbe bottom of the alias router.

 The worked well in that messages were delivered to both the mailbox and
 the forwarders, however this has the unfortunate side-effect of also
 running the catch-all router for the e-mail (causing a bounce message to
 be sent back in certain cases!).

 I temporarily resolved this by copying the alias router and placing this
 just above the catch-all router:

 alias_blackhole_router:
        driver = redirect
        condition = condition
        data = :blackhole:

 Our router system now goes: alias - mailbox - alias_blackhole - catchall

 This technique seems like a such a `hack` however - running the same
 router twice, just to blackhole a message?

 Can anybody in the Exim community recommend a better way of doing this?
 For example, is there a way to retrieve a flag saying whether delivery
 has actually been attempted for this mail (even from an `unseen` router).

 Kind regards,

 Alan Pinder


 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


You can use address_data

http://www.exim.org/exim-html-current/doc/html/spec_html/ch15.html


-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] CIDR mask matching behavior

[Brent Jones]

Eximers,
I noticed some unexpected behavior in Exim when doing send IP address
checks in the SMTP ACL, and later on in the system filter.
In ACL's, you can specify CIDR masks on a non-network address.

IE you can have 10.10.10.15/24, which is valid as 10.10.10.15 would
fit inside a /24 under 10.10.10.0
However, in a system filter doing something like this:

${mask:$sender_host_address/24} is 10.10.10.15/24

Will not evaluate true, but it will work in the following:

${mask:$sender_host_address/24} is 10.10.10.0/24


I tried finding in the source code where the system filter does
netmask checking, but could only find the section where ACLs evaluate
netmasks.
Has anyone encountered this before, or is this working as intended in
the system filter?



-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] CIDR mask matching behavior

[Brent Jones]

On Tue, Sep 14, 2010 at 8:03 PM, Phil Pennock exim-us...@spodhuis.org wrote:
 On 2010-09-14 at 19:42 -0700, Brent Jones wrote:
 I noticed some unexpected behavior in Exim when doing send IP address
 checks in the SMTP ACL, and later on in the system filter.
 In ACL's, you can specify CIDR masks on a non-network address.

 IE you can have 10.10.10.15/24, which is valid as 10.10.10.15 would

 This is the specification of a netblock which uses a masklen; the lower
 bits don't matter and can be ignored.

 fit inside a /24 under 10.10.10.0
 However, in a system filter doing something like this:

 ${mask:$sender_host_address/24} is 10.10.10.15/24

 The ${mask:...} expansion operator is explicitly defined to mask out the
 address so that you can do a literal comparison and ignore the lower
 bits.

 ${mask:$sender_host_address/24} is ${mask:10.10.10.15/24}

 Has anyone encountered this before, or is this working as intended in
 the system filter?

 As intended.
 -Phil


As usual, I was using a function incorrectly  :)

Thank you for the clarification!

-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Ports

[Brent Jones]

On Mon, Aug 16, 2010 at 3:45 PM, David Woodhouse dw...@infradead.org wrote:
 On Mon, 2010-08-16 at 23:24 +0100, Stephen Gran wrote:
 On Mon, Aug 16, 2010 at 10:37:19PM +0100, Martin A. Brooks said:
  On Mon, August 16, 2010 21:55, Grant Peel wrote:
   Hi all,
  
   What are all the ports that exim might use for the control channell
   and data transfers?
  
   I have a hole punched in my switche's firewall, (port 25 and 587).
   but somehow  I am still getting operation timeouts when it talking
   with other servers.
 
  What has your research into the SMTP protocol suggested to you so far?

 I suspect that the twin bugbears of ident and name service are going to
 prove fruitful areas of research.

 And ICMP, of course. Blocking that could lead to timeouts as soon as you
 actually start trying to transfer data.

 --
 dwmw2


 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


Shouldnt need any ICMP ports open inbound for SMTP, its all TCP.
I would suggest that if you are NATing, that you have the correct
configuration to keep state for your connections.
Your firewall should also allow all the common SMTP ports outbound (25, 465).

-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] allow RCPT unconditionally when target domain is local?

[Brent Jones]

On Mon, Aug 16, 2010 at 6:53 PM, Morgan Gangwere 0.fracta...@gmail.com wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1


 I'm trying to set up Exim4 still, and this time I've figured out half my
 problem: the split configuration wasn't set up right. Duh.

 Now onto my /new/ problem: Getting mail. I can send mail no problem, and
 routing tests out fine.

 My machine has 2 domains tied to it: indrora.homelinux.org and
 kabuki-duke.ath.cx. Both are marked to have the MX domain as
 indrora.homelinux.org.

 If I send mail from my gmail address to my indrora.homelinux.org email
 address I get:

 2010-08-16 18:11:11 H=mail-yw0-f51.google.com [209.85.213.51]
 F=0.fracta...@gmail.com rejected RCPT m...@indrora.homelinux.org:
 relay not permitted

 how can I unconditionally allow messages in from the outside world as
 long as they are in the aliases file?


 - --

 Morgan Gangwere


It seems to be you don't have those domains in your local domains
list, regardless of entries in your alias file.


-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim retry bypasses system filter

[Brent Jones]

JR,
Upon looking more at the debug output, another entry in the system
filter evaluated true, and had a significant action itself and was not
going to the later bits of the system filter.
I wasn't using the filter debug flag correctly earlier, which led me
to believe it wasn't even reaching the system filter, but in fact it
is, but hitting another rule.
The rule behaved similar to the first_delivery, I add headers to the
message, and if they exist, I exit the filter for normal delivery.
Once the message passed through successfully the first time, those
headers were present in the retry, and triggered the filter to setup
normal delivery.

So this was all my fault  ;)

Thank you all for looking into the issue though. I learn something new
with Exim every day, quite a flexible mailer, this is.

On Tue, Jun 8, 2010 at 1:38 AM, J.R.Haynes j.hay...@cranfield.ac.uk wrote:
 On Tue, 8 Jun 2010 at 04:06 +0100, Brent Jones wrote

 The behavior as I understand it written on:
 http://www.exim.org/exim-html-current/doc/html/spec_html/ch43.html
 The system filter is run at the start of a delivery attempt, before
 any routing is done. If a message fails to be completely delivered at
 the first attempt, the system filter is run again at the start of
 every retry.


 The sentence after that says 'If you want your filter to do something only
 once per message, you can make use of the first_delivery condition in an if
 command in the filter to prevent it happening on retries.'

 Have you perhaps got an if (first_delivery) around the whole filter or part
 of it?




 --
 --

                             J. R. Haynes
                        Senior Network Specialist

     IT Department,                  e-mail: j.hay...@cranfield.ac.uk
     Bld 63,
     Cranfield University,           Tel: Bedford (01234) 754205
     Wharley End,                         Bedford (01234) 750111 Extn 4205
     Cranfield,                      Fax: Bedford (01234) 751814
     Beds.,
     MK43 0AL.




-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Exim retry bypasses system filter

[Brent Jones]

Hello Exim users,
We have some Exim servers that uses the system filter to save certain
messages to an NFS backing store. While this works a majority of the
time, we would like a graceful way to handle when the NFS server may
be down for maintenance.
The OS handles it find using soft mounts, if the server is unavailable
it will notify Exim for example that a timeout occured.
Exim will properly defer the message at that point and keep it
spooled/retry queue. However, when the message is tried next, it will
not go through the system filter as I would like it to, it will
instead use the first router than can handle the message.
The behavior as I understand it written on:
http://www.exim.org/exim-html-current/doc/html/spec_html/ch43.html
The system filter is run at the start of a delivery attempt, before
any routing is done. If a message fails to be completely delivered at
the first attempt, the system filter is run again at the start of
every retry.

That to me means for retry deliveries, it should re-process the system
filter, instead of jumping to the routers immediately. However, my
system filter does take into account sender host address, and sender
address domain. Do retry attempts not include this information with it
comes up for delivery again? If not, how would I re-process these
messages and categorize them correctly?

An example system filter rule:

if ${mask:$sender_host_address/24} is 10.0.0.0 and  (
$sender_address_domain is spammer.com )
then
  save /some/nfs/share/
endif

Any thoughts would be greatly appreciated

-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Retry hint left over after successful delivery

[Brent Jones]

On Tue, May 25, 2010 at 6:37 PM, Simon Johnstone
si...@abominable.org.uk wrote:
 Hi all,

 Encountered a strange issue I was hoping someone might be able to explain. 
 Exim 4.69/Debian (although a 4.71 source build seems to do the same).

 An email was sent on the 19th to a domain with two MXes:

  * first MX responded to 'RCPT TO' with a 4xx code (greylisting, AFAICT)
  * second MX accepted the message

 However, a retry entry was still created:

  R:j...@somedomain.co.uk:si...@mydomain.co.uk -44 13133 SMTP error from 
 remote mail server after RCPT TO:j...@somedomain.co.uk: host 
 mx2.SOMEDOMAIN.co.uk [xx.xx.xx.xxx]: 451 Deferred: Temporary error, please
 19-May-2010 00:27:48  25-May-2010 22:58:40  26-May-2010 04:58:40 *

 Fast-forward to today - the retry time (4 days) has expired, which seems to 
 be causing subsequent messages sent with the same retry key 
 (recipient:sender) to bounce *immediately* if both MXes return a 4xx code 
 (which they do, again due to the other end's greylisting).

 Is this expected behaviour and/or am I missing something obvious? I imagined 
 a successful delivery would *always* remove the retry hint (in this case, 
 perhaps not even bothering to create one in the first place, since I suspect 
 the delivery process adding the entry was the same to deliver the message 
 moments later, when it tried the second MX).

 Thanks,

 Simon.
 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


I see that behavior as well, especially with Postini's greylisting
(they will accept one recipient, but 400 defer another recipient to
the same domain). Exim will abort the entire message, enter an entry
into the retry database, and not retry any recipient to that domain
until the entry expires.
Sometimes, I wish you could disable Exim's retry database and run it
as a dumb server almost, but the benefits outweigh disabling it in
most cases still.
But I'm still struggling to find a proper way to handle these cases.


-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] System filter file size too big

[Brent Jones]

Hello Exim users,
We have a relatively large system filter, it just crossed the 1MB
barrier. We are now getting this in the logs, and deliveries are
appearing to be problematic now:

2010-03-26 14:30:37 1NvEIn-000MUt-SL Error in system filter:
/etc/exim/prereview_filters is too big (max 1048576)

I haven't found any variables to increase the maximum allowable file
size, is it a tuneable in the Makefile somewhere?



-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] System filter file size too big

[Brent Jones]

On Fri, Mar 26, 2010 at 3:14 PM, B. Johannessen b...@db.org wrote:
 On 26/03/10 19:33, Brent Jones wrote:
 I haven't found any variables to increase the maximum allowable file
 size, is it a tuneable in the Makefile somewhere?

 Set MAX_FILTER_SIZE in Local/Makefile and rebuild.


        Bob

 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


Bob,
Your suggestion worked great, thank you

Regards,

-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] 451 deferral for one recipient causes Exim to put entire domain in retry db

[Brent Jones]

Hello,
We are running into a strange issue with Postini.
We have a message that is submitted to multiple users on the same
domain, however, Postini responds with 451 recipients not all at same
mail host -psmtp for just one or two recipients.
Exim interprets this as a deferral for entire recipients domain, and
will not complete the message even to the recipients that were OK.
This puts the entire domain in the retry database, even though only 1
recipient had a temporary failure.

However, you can telnet to Postini, manually add the recipients, some
will give the 451 deferral, but you can continue to submit the message
and Postini will accept it, minus the recipients who were deferred.
Postini's behavior is strange admittedly, and I've read reports of
some other mail servers struggling with this, but I believe Exim could
work around this.

Is there a way to have Exim continue past a single deferral for
recipients on the same domain, and deliver to the recipients that were
accepted?

My Config:
FreeBSD 8.0, Exim 4.68, pretty standard relay configuration

-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] google postini services and exim

[Brent Jones]

On Wed, Dec 16, 2009 at 2:18 PM, Francesco Pasqualini fra...@gmail.com wrote:
 Hi all,
 I'm an happy exim user.
 I'm considering to use the google postini services as antispam solution
 for the exim server I administer for a customer...

 Is exim  supported ?

 http://www.google.com/support/appsecurity/bin/answer.py?answer=91332

 *Supported Mail Servers*: The service supports all common mail servers,
 including Microsoft Exchange Server, Lotus Domino, Postfix, Sendmail,
 Macintosh OS X Server, and Novell Groupwise. 

 Is there somebody that already  tried the google antispam solution with
 exim4?

 thanks
 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


I've used Postini services in the past with a wide variety of mail servers.
While Postini won't even know what an Exim is, it will certainly
work just perfect.

While you're at it, I'd suggest locking down your Exim to only accept
mail from Postini's IP ranges, and a small subset of trusted hosts on
your network. Will cut down on the amount of traffic wasted by you
having to accept connections from hosts not using MX records.

-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] System filter length

[Brent Jones]

Hello,
I was wondering how long a system filter could get, in terms of lines,
statements, and actions.
We have an application which write a new system filter based on new
rules on where to save mail to, add/remove headers, delivery rules,
etc.
Our needs have made the filter get very long, up to 1,000 lines right
now, with about 100 statement blocks.

Has anyone hit any 'limits' on the size of the system filter, or
severe performance degradation?
The servers still have pretty low load, even with processing 100,000+
messages daily.

Any experience or thoughts would be appreciated


-- 
Brent Jones
br...@servuhome.net

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Queue_run_max question

[Brent Jones]

I have a small load server (70k deliveries a day) and thought I'd try
using queue_only, with queue_run_max = 15 to see if it makes things a
bit more efficient.
I've discovered it will only spawn about 5 queue runners, and messages
will queue up for up to 15 minutes before a runner finally gets to it.
I have split_spool_directory enabled, load on the server is 0.05, disk
IO is negligible, I don't see why Exim spawns so few queue runners and
why they take so long to process messages.
It performs flawlessly when it is not in queue_only, queue time and
delivery time is ~1 second, and the only messages in the queue are
frozen or in retry state (about 100 messages on average).

Here is so relevant lines from my config, Exim 4.68, FreeBSD 6.2, Quad
Cores with 4GB RAM and 15k SAS disks.

split_spool_directory
queue_only
queue_run_max = 20

remote_max_parallel = 10
ignore_bounce_errors_after = 4d

timeout_frozen_after = 4d

delay_warning = 2h:8h:24h

smtp_accept_max = 1000
smtp_accept_max_per_connection = 4000
smtp_accept_queue_per_connection = 4000
smtp_accept_max_per_host = 200
smtp_accept_reserve = 40
smtp_reserve_hosts = obscan_hosts
message_size_limit = 50M

Any thoughts?

-- 
Brent Jones
[EMAIL PROTECTED]

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Queue_run_max question

[Brent Jones]

On Thu, Nov 20, 2008 at 1:34 PM, Dean Brooks [EMAIL PROTECTED] wrote:
 On Thu, Nov 20, 2008 at 10:34:55AM -0800, Brent Jones wrote:
 I have a small load server (70k deliveries a day) and thought I'd try
 using queue_only, with queue_run_max = 15 to see if it makes things a
 bit more efficient.

 Couple of things:

 1.  Exim only starts a queue runner every nn minutes, where nn is
 specified on the -q flag on the startup command line of Exim daemon
 itself.  This is commonly set to -q15m, but you can certainly lower
 it to something lower, such as -q1m.  Just watch the system load
 carefully.  This is typically set in your /etc/rc2.d startup directory
 where Exim daemon is first started.


I have it set to -q1m

 2.  When the -q time limit above is reached, it only spawns a single
 extra queue runner.  Therefore, if you set your daemon to -q1m,
 it could take 15 minutes from restart before all 15 queue runners
 are running (per your queue_run_max=15 setting).


That I didn't know, I thought it would spawn 15 runners, and each
would process the queue and be off.


 3.  Remember that queued messages will be skipped if they are pending
 a retry due to a previous temporary failure.  As a result, sometimes a
 queue runner will start and skip over a large number of messages.
 That is normal if those messages haven't reached their retry time yet.


Yah, anything that ends up in the retry queue will eventually get
frozen and timeout. Lots of messages get skipped.

 4.  After a day or so running, you'll likely not see all 15 queue
 runners running at same time unless you have a lot of undeliverables
 on your queue.  The reason is that most messages will not have hit
 their retry time yet, and the queue runner will fly through all the
 messages and then end.  Once a queue runner has run through all the
 messages, it quietly ends.

 5.  Setting queue_only may not help performance much if your box
 is already sitting idle most of the time.  The most it will do is
 delay processing of your message.  If your machine isn't heavily loaded
 and you don't fear spikes of heavy use, its safe to revert back
 to immediate processing of incoming messages.  Setting queue_only
 does keep the load a bit more consistent though.

 Hope this helps some.


Helps a lot, thank you for explaining those options.
I was hoping to make sure the load was steady even if we got a big
spike, but it like wont be an issue for a while.
It was just odd seeing deliveries not be captured by the queue runners
and delivered the way I thought it would work, seeing some normal
deliveries sit in the queue even with multiple queue runners, passing
up those messages even if they hadn't been tried yet.

I'll revert from queue_only, and just let things operate as they were
which worked perfectly.

Thanks

 --
 Dean Brooks
 [EMAIL PROTECTED]

 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/




-- 
Brent Jones
[EMAIL PROTECTED]

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] clamd not scanning?

[Brent Jones]

On Sun, Nov 16, 2008 at 12:16 PM, lee [EMAIL PROTECTED] wrote:
 Hi,

 it seems that clamd is not scanning mails. I have:


 av_scanner = clamd:/var/run/clamav/clamd.ctl

 acl_check_data:

  # Deny if the message contains a virus. Before enabling this check,
  you
  # must install a virus scanner and set the av_scanner option above.
  #
  denymessage= This message contains a virus ($malware_name).
  demime = *
  malware= */defer_ok


 Clamd is running, exim doesn't complain about it not being
 available. I don't see any indication in any of the logfiles that
 clamd is getting any mail to scan, and I can send eicar test files
 without them being detected, not even when the test string is plain in
 the body of the testmail. Scanning the file with clamscan detects the
 eicar test correctly.

 What am I missing? How can I see if exim actually feeds mail through
 clamd? Shouldn't there something about scanning activity show up in
 the logfiles?

 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


Make sure you use freshclam to update definitions. Also make sure that
path is correct.
Turn on Log Clean Messages in Clamd so you can see if it thinks the
messages are clean.

-- 
Brent Jones
[EMAIL PROTECTED]

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Exim include file for routers

[Brent Jones]

Exim users,
Is there a way to include a separate file from within the routers section?
I would like to put the include file before other routers take place,
but am unsure the order that Exim will process it if inside another
file.
Is this possible, and which order will Exim process the routers?

Thanks!

-- 
Brent Jones
[EMAIL PROTECTED]

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim include file for routers

[Brent Jones]

On Fri, Nov 14, 2008 at 5:05 PM, Ted Cooper [EMAIL PROTECTED] wrote:
 Brent Jones wrote:
 Exim users,
 Is there a way to include a separate file from within the routers section?
 I would like to put the include file before other routers take place,
 but am unsure the order that Exim will process it if inside another
 file.
 Is this possible, and which order will Exim process the routers?

 The routers are always processed in order.

 See
 6.3. File inclusions in the configuration file
 http://docs.exim.org/current/spec_html/ch06.html#SECID41

 You also need to read
 3. How Exim receives and delivers mail
 http://docs.exim.org/current/spec_html/ch03.html


 --
 The Exim Manual
 http://www.exim.org/docs.html
 http://docs.exim.org/current/
 Something else entirely. http://spudlugs.com

 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


Thank you, I have the Exim4 book, but couldn't find the .include info
in it, but I did find it later.
The book wasn't exactly clear in which order it would process the
includes, but it looks like it will see the .include, read the file,
then come back to the rest of the routers if the .include did not
match anything.

-- 
Brent Jones
[EMAIL PROTECTED]

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] DNS blacklists downloads?

[Brent Jones]

On Tue, Nov 11, 2008 at 6:35 AM, Peter Kirk [EMAIL PROTECTED] wrote:
 Hi All

 I have noticed about 3 times today my exim server has used a lot on DNS,
 about 2GB a time.  Below are the logs from my bandwidth monitoring

 x.x.x.x b.dns.br2135.61 MB
 x.x.x.x 200.160.0.102135.47 MB
 x.x.x.x jim1.us.archive.org 2135.32 MB
 x.x.x.x ns20.ja.net 223MB
 x.x.x.x ns8.spamhaus.org199.27MB

 I have checked the ip addresses and it has to do with the dns
 blacklisting in exim.  Any ideas why it would use so much bandwidth.

 I looked more into the logs for 200.160.0.10 on our Cisco ASA and got
 the following

 Nov 11 15:16:57 %ASA-6-302015: Built outbound UDP connection 17443293
 for outside:200.160.0.10/53 (200.160.0.10/53) to hsn:x.x.x.x/55074
 (x.x.x.x/55074)
 Nov 11 15:16:57 %ASA-6-302015: Built outbound UDP connection 17443293
 for outside:200.160.0.10/53 (200.160.0.10/53) to hsn:x.x.x.x /55074
 (x.x.x.x /55074)
 Nov 11 15:16:57 %ASA-6-302015: Built outbound UDP connection 17443293
 for outside:200.160.0.10/53 (200.160.0.10/53) to hsn:x.x.x.x /55074
 (x.x.x.x /55074)
 Nov 11 15:19:01 %ASA-6-302016: Teardown UDP connection 17443293 for
 outside:200.160.0.10/53 to hsn:x.x.x.x /55074 duration 0:02:03 bytes 176
 Nov 11 15:19:01 %ASA-6-302016: Teardown UDP connection 17443293 for
 outside:200.160.0.10/53 to hsn:x.x.x.x /55074 duration 0:02:03 bytes 176
 Nov 11 15:19:01 %ASA-6-302016: Teardown UDP connection 17443293 for
 outside:200.160.0.10/53 to hsn:x.x.x.x /55074 duration 0:02:03 bytes 176

 Nov 11 16:05:33 %ASA-6-302015: Built outbound UDP connection 17614488
 for outside:200.160.0.10/53 (200.160.0.10/53) to hsn:x.x.x.x /55074
 (x.x.x.x /55074)
 Nov 11 16:05:33 %ASA-6-302015: Built outbound UDP connection 17614488
 for outside:200.160.0.10/53 (200.160.0.10/53) to hsn:x.x.x.x /55074
 (x.x.x.x /55074)
 Nov 11 16:05:33 %ASA-6-302015: Built outbound UDP connection 17614488
 for outside:200.160.0.10/53 (200.160.0.10/53) to hsn:x.x.x.x /55074
 (x.x.x.x /55074)
 Nov 11 16:07:37 %ASA-6-302016: Teardown UDP connection 17614488 for
 outside:200.160.0.10/53 to hsn:x.x.x.x /55074 duration 0:02:03 bytes
 2239204366
 Nov 11 16:07:37 %ASA-6-302016: Teardown UDP connection 17614488 for
 outside:200.160.0.10/53 to hsn:x.x.x.x /55074 duration 0:02:03 bytes
 2239204366
 Nov 11 16:07:37 %ASA-6-302016: Teardown UDP connection 17614488 for
 outside:200.160.0.10/53 to hsn:x.x.x.x /55074 duration 0:02:03 bytes
 2239204366

 As you can see, it downloaded about 1GB at a time :-(

 Thanks for help in advance
 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


What does the mail volume on this server look like?
Do you use any caching resolver locally?
Does the ASA perform any DNS inspection? (enabled by default)

-- 
Brent Jones
[EMAIL PROTECTED]

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] SMTP-AUTH problem

[Brent Jones]

Ian Roberts wrote:
 Hello,
 
 I have a slight problem, my users are in Ldap, and smtp auth is  
 working correctly. BUT, we have some code running on remote systems  
 that we have no access to, trying to supply the username as the full  
 email address of the account instead of just the givename.
 
 How can I edit my authenticator in exim4 to allow both user and [EMAIL 
 PROTECTED] 
  as the supplied username?
 
 Here are my current authenticators:
 
 pam_plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${if pam{$2:$3}{1}{0}}
  server_set_id = $2
  server_prompts = :
 pam_login:
  driver = plaintext
  public_name = LOGIN
  server_prompts = Username:: : Password::
  #server_prompts = :
  server_condition = ${if pam{$1:$2}{1}{0}}
 #   server_condition = ${if or [EMAIL PROTECTED]:$2}{1}{0}}}  
 {pam{$1:$2}{1}{0}}}
  server_set_id = $1
 
 Thanks so much,
 Ian
 

Exim can do text substitution with 'sg'
Heres the chapter from Google Books (not sure how much you're allowed to 
read at once):

http://books.google.com/books?id=foCRVaMeRMgCpg=RA1-PA388lpg=RA1-PA388dq=exim+text+substitutionsource=webots=wpogDhTpTVsig=l7tMlrenKp682OHpFxupZK6QRX0hl=ensa=Xoi=book_resultresnum=3ct=result

Could find and replace the @domain.com field, and just pass the username 
to the authenticator.

Brent Jones

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Maildir file names

[Brent Jones]

Exim users,
I have a few Exim servers all running latest Exim.
However, one server in particular is writing Maildir filenames different
than the rest.
For example, I'm used to seeing something like this:
1213327320.M661768P70844V005BI00764960_0.server.domain.com,S=2076:2,

This server is only writing these filenames:
1215326800.H536521P26074.:2,S

I doubt I'll ever get a file with the same name in either case (one in ...
too high to count chances)
But I was wondering what decides this behavior? And is something configured
wrong for the incredible difference?

Regards,

-- 
Brent Jones
[EMAIL PROTECTED]
-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Maildir file names

[Brent Jones]

On Sun, Jul 6, 2008 at 2:57 AM, Phil Pennock [EMAIL PROTECTED]
wrote:

 On 2008-07-06 at 01:54 -0700, Brent Jones wrote:
  I have a few Exim servers all running latest Exim.
  However, one server in particular is writing Maildir filenames different
  than the rest.
  For example, I'm used to seeing something like this:
  1213327320.M661768P70844V005BI00764960_0.server.domain.com,S=2076:2,

 Are you sure that this later version isn't a rename by the software
 which reads the email?  (POP3 server, whatever)  Exim documents the
 filename construction in The Exim Specification, 26.5 Maildir delivery
 (and 26.6 for maildir_tag).  The V..._0 part there is anomalous.

 Rephrasing, it should be:
  time.seconds.Mtime.microsecondsPpid.primary_hostnametag
 where tag typically starts with a comma ','.



It could be an IMAP client renaming these files, but not likely, the
application simply does a copy/purge on messages (in-house application)





  This server is only writing these filenames:
  1215326800.H536521P26074.:2,S

 That suggests that primary_hostname is unset, which is weird, since it
 should be derived from uname if not explicitly set.  Do you have
 anything in your config explicitly setting 'primary_hostname = ' ?

 What does:
 shell$ exim -bP primary_hostname
 show?



Shows the fully qualified hostname of the server.
One thing to note, I am using SA-Exim on the server that is naming the
Maildir files odd, maybe that has something to do with it?
I'll take it out of the configuration and see what happens.


-- 
Brent Jones
[EMAIL PROTECTED]
-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Maildir file names

[Brent Jones]

Phil Pennock wrote:
 On 2008-07-06 at 15:12 -0700, Brent Jones wrote:
   
 It could be an IMAP client renaming these files, but not likely, the
 application simply does a copy/purge on messages (in-house application)
 

 So when the IMAP server sees the files and shows them to the user,
 doesn't it move them from the new/ sub-directory to the cur/
 sub-directory?  This being intrinsic to Maildir, rather than IMAP-level
 copy/purge.

 -Phil
   
It does, but we have an in-house application that comes in via IMAP, 
does some message processing, and moves them out of the Inbox into 
processed folders.
But it shouldnt be changing the name at all, since when it moves them, 
it simply does a copy to another folder, mark the old message for 
deletion, then purges.

Brent Jones

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Spool file is locked leading to long retry time

[Brent Jones]

Quoting Doug [EMAIL PROTECTED]:

 Hi all,

 I have a problem with some mail on my system. Whenever a queue runner
 comes across a message with a locked spool file, it will not attempt
 to deliver the message for another 4 hours or so.

 We see the following, and the next thing we see in the logs for this
 message would be the delivery some 4 hours later.

 DATE ID Spool file is locked (another process is handling this message)

 Has anyone seen similar symptoms and does anyone know of a retry rule
 tweak to capture these messages?

 Thanks in advance,

 D.A.

 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/


I'm seeing this more often lately, and it seems to be only mail going  
to hosts which
implement a level of graylisting or tar trap.
The host graylists, but doesn't send a temporary error, just keeps the  
connection alive
for an obscenely long time, long enough that the next time a queue  
runner comes by, the
previous runner is still holding the file and then it will get  
deferred for as long as
the retry time is.

This is particularly bad with Barracuda spam filters, which seem to  
get dead SMTP
connections quite often, where the SMTP process never finished, just  
hangs during DATA or
some such and Exim will diligently try to finish it until it finally  
times out. E-mails
to Barracuda about the issue were unanswered (we run a couple of them  
and the issue has
been verified with other outside mail server sources).

I haven't found a way to resolve it, except to just accept the fact  
that many mail
servers and gateways on the internet are broken.


Brent Jones
[EMAIL PROTECTED]


This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Duplicates using unseen deliver

[Brent Jones]

Exim users,
I'm attempting to troubleshoot an issue for a client, they are using  
Exim 4.68 that came bundled with cPanel.
They are trying to archive all messages to/from a certain domain to  
another e-mail address. A problem arises when there are multiple  
recipients for the local domain. If someone outside sends to  
[EMAIL PROTECTED], and CC:'s others at localdomain.com, the unseen  
delivery creates a copy for each user, with a new message ID for the  
unseen delivery each recipient.

Here is the system filter in use:

if $recipients contains localdomain.com
 or $sender_address_domain contains localdomain.com
 then
 unseen deliver [EMAIL PROTECTED]
 else
 finish
endif


I have a few thoughts on what could be duplicating, such as a program  
called BoxTrapper, which according to cPanel does anti spam and anti  
virus. It seems it may be accepting the messages, scanning, then  
resubmitting to Exim thus triggering multiple system filters for each  
recipient.
I have limited access to the server unfortunately.
Is there a way from within the system filter to tell if it is a  
resubmitted message, such as the method it was submitted (local  
delivery?)



Brent Jones
brent [at] servuhome [dot] net






This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Should MX offer TLS ?

[Brent Jones]

Quoting Chris Edwards [EMAIL PROTECTED]:

 Hi,

 Many sites now have an elegant setup where submission happens on port
 465/587, where both TLS and AUTH are mandatory.  Port 25 is used for
 MTA-MTA traffic, hence no need for AUTH on port 25.

 However I'm noticing many such sites with the above setup who don't offer
 TLS on port 25 of the MX servers.  Is there a particular reason for this ?

 OK, for MTA-MTA traffic, there's normally no check of a certificate, so
 no defence against man-in-the-middle attacks.  But at least you get
 opportunistic encryption of incoming mail, whereby the traffic is
 scrambled over the wire, defending against a passive eavesdropper.

 Any obvious pitfalls in supporting TLS on port 25 of the MX servers ?
 Are folk just turning it off to save CPU ?

 Thanks for any clue.

 Chris

 --
 Chris Edwards, Glasgow University Computing Service

 --
 ## List details at http://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/



TLS can add a bit of overhead, true. But there is also the fact that  
many MTA's don't advertise/use TLS by default on port 25 (Exchange  
comes to mind).
It could be argued that there aren't expectations of privacy or  
security with e-mail, that why would you send sensitive data when  
there are more suitable protocols for secure data transmission.
There is nothing inherently wrong with advertising TLS on port 25  
though, should the other server negotiate with you to use it.

Regards,

Brent Jones
brent [at] servuhome [dot] net




This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim system filter lookup search

[Brent Jones]

Quoting Odhiambo Washington [EMAIL PROTECTED]:

 On 10/23/07, Brent Jones [EMAIL PROTECTED] wrote:
 Exim users,
 I'm trying to write a system filter that saves all e-mail that comes
 from certain domains. The list of domains is rather large, and I want
 to do a lookup to a file from within the system filter file.
 However, when I look up the file, it never matches a record, and does
 not save a copy to another destination.

 Example:

 if $sender_address_domain contains
 ${lookup{$sender_address_domain}lsearch*{/etc/exim/domains}}
 then
   save  /usr/exim/mail/
 endif

 The /etc/exim/domains file contains various domain in a list. I know
 lsearch is not supposed to be used as a list, but rather a key lookup.
 But I am at a loss to read in a list any other method.

 Does anyone have any thoughts on that system filter rule?

 if (${lookup {$sender_address_domain}
 [EMAIL PROTECTED]/etc/exim/domains} {1}} is 1) then
 

 --
 Best regards,
 Odhiambo WASHINGTON,
 Nairobi,KE
 +254733744121/+254722743223
 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _  _ _
 Oh My God! They killed init! You Bastards!
 --from a /. post



That worked perfectly, I hadn't read about the partial-lsearch  
function, and it seems to be doing the job perfectly.
Thanks!

Regards


Brent Jones
brent [at] servuhome [dot] net


This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Exim system filter lookup search

[Brent Jones]

Exim users,
I'm trying to write a system filter that saves all e-mail that comes  
from certain domains. The list of domains is rather large, and I want  
to do a lookup to a file from within the system filter file.
However, when I look up the file, it never matches a record, and does  
not save a copy to another destination.

Example:

if $sender_address_domain contains  
${lookup{$sender_address_domain}lsearch*{/etc/exim/domains}}
then
  save  /usr/exim/mail/
endif

The /etc/exim/domains file contains various domain in a list. I know  
lsearch is not supposed to be used as a list, but rather a key lookup.  
But I am at a loss to read in a list any other method.

Does anyone have any thoughts on that system filter rule?

Brent Jones
brent [at] servuhome [dot] net






This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] OT - Webmail options

[Brent Jones]

Quoting WJCarpenter [EMAIL PROTECTED]:

 check roundcube. it was awesome.

 Agree at full ...

 What is it that people find so awesome about RoundCube?  I'm not   
 trying to start an argument :-).

 We have it installed here side by side with SquirrelMail.  There is   
 no doubt that RC is much, much better looking than SM, and
 it has some very nice stuff, like drag-and-drop.  But it also seems   
 to be very basic in features compared to SM (some of the SM
 stuff comes from plugins, and the RC plugin mechanism isn't   
 available yet).  That's all fine since it's early days for RC, but
 it's more like something that *will be* awesome than something that   
 *is* awesome.

 Am I missing something about RC?  Is it actually awesome already and  
  I'm just not paying attention?  :-)



Lets start an argument, and I believe you're all wrong  ;)
I manage Horde / IMP on several systems including my personal server.  
Its feature set, navigation, and looks are all very professional.
If you have a extensible authentication backend, you can do some  
impressive stuff such as quotas, automatic vacation messages, etc.
http://www.horde.org

Enjoy


Brent Jones




This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Transport directory based on sender address

[Brent Jones]

Quoting Jakob Hirsch [EMAIL PROTECTED]:

 Brent Jones wrote:

directory = ${lookup{$sender_host_address}lsearch{/etc/storetable}}
 And here is what the /etc/storetable contains
 10.0.0.1: /var/mail/catch/main/

 appendfile: file or directory name  is not absolute

 I'd say it should, but it seems that the lookup returns nothing, so the
 resulting string is .
 Run a debug session with exim -d+expand -bh 10.0.0.1 (or use the swaks
 tool) to see what's going wrong.

 Oh, and what do you expect to happen when the sender's host address has
 no match in /etc/storetable?


I found that lsearch wasn't returning any results, but came across  
another function, iplsearch. The lookup now works correctly.
If it doesn't match something, I don't know what I'll do yet, maybe  
I'll do some checking in an ACL to reject hosts that don't fall into  
known IP ranges before it even gets to the transport.

Regards





This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Transport directory based on sender address

[Brent Jones]

Exim users,
I'm trying to set a rule that will set the Maildir storage directory  
partly based on the sending server's IP address using lsearch.
I'm getting errors that  is not a absolute path to the maildir  
directory, but the lsearch should be returning the proper string.

Here is the rule:

obstore:
   driver = appendfile
   directory = ${lookup{$sender_host_address}lsearch{/etc/storetable}}
   delivery_date_add
   envelope_to_add
   return_path_add
   maildir_format = true
   create_directory = true

And here is what the /etc/storetable contains

10.0.0.1: /var/mail/catch/main/

Here is what the error_log shows:

appendfile: file or directory name  is not absolute

Pardon my ignorance, but shouldn't that lsearch line return  
/var/mail/catch/main/ as the directory path?

Any hits on to where I am off would be appreciated!



Brent Jones
brent [at] servuhome [dot] net






This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Exim as a filtering appliance

[Brent Jones]

Exim users,
I'm embarking on a project to use Exim as part of an outbound scanning  
host for clients. I'm hung up on whether or not Exim is well suited  
for this task, or if we should look at another mail server.
The goal of this project is to have clients use us as their outbound  
relay/smarthost. Mail coming into our system from their IP  
range/domain name will have to stay on our system, delivering to local  
mailbox files and/or maildir folders.
A program will then come by later on, scan said mail for text  
qualities (not necessarily spam), and if the mail is good, will then  
complete the next stage of delivery to the recipient.
In essence, I want Exim to be a caching relay. Take in all mail for  
specified hosts, hold onto it for processing, and deliver when the  
processing is finished.
We likely won't be doing processing as messages come through, but  
rather using scheduled jobs to check mail via IMAP or equivalent, and  
then send off the e-mail.
I've used Exim for other unorthodox tasks, but this one presents  
larger challenges in my opinion, and just not sure if Exim is right  
for this specific task.
Has anyone used Exim in this fashion, or have any thoughts on this?

Thanks!


Brent Jones
[EMAIL PROTECTED]





This message was sent using IMP, the Internet Messaging Program.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] hosts_randomize not working as expected

[Brent Jones]

Marc Silver wrote:
 Hi folks,
 
 I apologise for reposting this, but I'm desperate for some insight
 here... any feedback would be very much appreciated...
 
 On Tue, Apr 24, 2007 at 08:13:27AM +0200, Marc Silver wrote:
 Hey guys,

 I am currently responsible for the administration of four exim servers
 (running 4.66) which we utilize as our inbound MX servers.  Mail for our
 domain is then manually routed via the exim machines back to our main
 offices using the manualroute option over a compressed ssh tunnel.  I'm
 using the randomize option to give me crude load balancing, but it
 doesn't appear to be working very well.  What I'm seeing is that one or
 two of the servers at our main office seem to be getting much more load
 than the other two.

 I am using the following router:

   forcepath:
 debug_print = R: forcepath for [EMAIL PROTECTED]
 driver = manualroute
 domains = !+local_domains:partial0-lsearch;CONFDIR/forcepath.list
 route_data = ${lookup{$domain}partial0-lsearch{CONFDIR/forcepath.list}}
 transport = remote_smtp
 host_find_failed = defer
 same_domain_copy_routing = yes
 self = send
 no_more

 And the following transport:

   remote_smtp:
 driver = smtp

 Here are the contents of forcepath.list:
   domain.co.za: 
 127.0.0.1::10025:127.0.0.1::10026:127.0.0.1::10027:127.0.0.1::10028 
 randomize byname

 Can anyone help me to get these machines to balance more equally?  What
 am I missing?
 

Marc,
I hate to say it, but I experienced the same behavior.
We put a simple Exim mail gateway that only did RBL and anti-virus 
checking, then forwarded it on to internal mail servers that did mail 
delivery for the users.
We specified two internal mail servers, using the randomize function.
Turned out, it would almost 'prefer' a host for a short while, then use 
the next for a brief moment, then switch back to the other one.
It wasn't very random, and the load split was more like 70/30.
Never did figure it out, we eventually settled on a load balancing switch.
But the randomization does need some work, or else its pretty useless.

Regards;
Brent Jones
brent [at] servuhome [dot] net

-- 
## List details at http://www.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/

Re: [exim] Archiving Email

[Brent Jones]

Joseph wrote:
 Sander Smeenk wrote:
 Quoting Joseph ([EMAIL PROTECTED]):

 With flat files, your friend would be grep. With maildir you would need
 a mail client, which might be ok, unless we are talking hundreds of
 thousands of messages.
 Thing is, to get a specific message i have to know the exact maildir
 filename or i have to untar the complete archive and go from there...
 Which isn't all that bad if you are talking about your private mailsetup
 with a couple of mailinglists, but company wide this can be a real pain.

 With mbox format you can usually just zless or zgrep through the gzipped
 mbox. Even cooler, mutt is able to read gzipped mboxes!. Mbox can easily
 be searched through with numerous tools from the cli too...

 So i'd say... Go for mbox format :-)

 
 Thanks for all the comments.
 
 The format I am using is neither maildir or mbox, but just plain files.
 Which means I have to use grep to do anything with them.
 
 One thing that bothers me, is how I would get to the attachments, if
 need be. A person would need a perl mime tool or something to break them
 out.
 
 I like the idea of tar'ing them up every day or week and saving the disk
 space.
 
 I always have been leery of mbox, because if it gets corrupted, than you
 are in trouble although that should not really happen with todays file
 systems.
 
 regards, Joseph
 
 


A little off-topic from the original, but what methods are people using 
to even begin archiving e-mails?
I've read into the Exim specification on unseen deliveries, but I don't 
know if it will archive local deliveries (ones that are user to user on 
the same system).
It also seemed a bit cumbersome to build maps of user's to archive, but 
maybe theres a way to specify lists of entire domains to archive 
(to/from a certain domain maybe)
Any hints on that aspect of archiving?

Regards;

Brent Jones

-- 
## List details at http://www.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/