[exim] Router testing with "source port"
Hi list! I have in my exim configuration many routers depending from the port used to send the E-Mail. Now I need to test them and I really don't know how... :( To test a router I usually use exim -bt b...@blah.de, but so exim use ignore the source port. Is there any option for "exim -bt" to specify the source port of the E-Mail? Otherwise I really don't know how to test the routers... Thanks a lot for your help! Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Router testing with "source port"
On 12/03/18 08:14, Luca Bertoncello via Exim-users wrote: > To test a router I usually use exim -bt b...@blah.de, but so exim use > ignore the source port. > Is there any option for "exim -bt" to specify the source port of the > E-Mail? No, because you're not actually sending a message. Use "-bh" instead, and look at the manual for how to indicate a source. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Router testing with "source port"
Hi, Luca - Take a look at the *The Exim command line* section in the *Exim Specification*. In there you'll find many options beginning with "-oM" that can be used to set all sorts of things. For example, you might find the -oMa option useful. You can use these with -bt, or you can do other types of testing such as running a fake Exim session using the -bh option (or -bhc if your configuration uses callouts to verify addresses and you want these performed as well). If you've not already done so it's well worth sitting down and reading all the way through *Specification* as it gives a lot of insights into things. (I'm about due to read it through yet again at our next upgrade as things do evolve as new features are introduced over the years.) Cheers, Mike B-) On 12 March 2018 at 08:14, Luca Bertoncello via Exim-users < exim-users@exim.org> wrote: > Hi list! > > I have in my exim configuration many routers depending from the port used > to send the E-Mail. > Now I need to test them and I really don't know how... :( > > To test a router I usually use exim -bt b...@blah.de, but so exim use > ignore the source port. > Is there any option for "exim -bt" to specify the source port of the > E-Mail? > Otherwise I really don't know how to test the routers... > > Thanks a lot for your help! > Luca Bertoncello > (lucab...@lucabert.de) > > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- Systems Administrator & Change Manager IT Services, University of York, Heslington, York YO10 5DD, UK Tel: +44-(0)1904-323811 Web: www.york.ac.uk/it-services Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Router testing with "source port"
Zitat von Mike Brudenell via Exim-users : Hi Mike! Take a look at the *The Exim command line* section in the *Exim Specification*. In there you'll find many options beginning with "-oM" that can be used to set all sorts of things. For example, you might find the -oMa option useful. You can use these with -bt, or you can do other types of testing such as running a fake Exim session using the -bh option (or -bhc if your configuration uses callouts to verify addresses and you want these performed as well). If you've not already done so it's well worth sitting down and reading all the way through *Specification* as it gives a lot of insights into things. (I'm about due to read it through yet again at our next upgrade as things do evolve as new features are introduced over the years.) I got it: exim -oMi [127.0.0.1]:10026 -f b...@blub.de b...@bblah.de Regards Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Any way to implement an incoming SMTP time limit?
Hi I've set smtp_receive_timeout in an attempt to limit the time an incoming connection can stay active - this works as designed - however this timer is reset whenever any new data comes in - I'd like to set a maximum connection time - so that when an incoming connection is established it has a finite amount of time to get the job done - otherwise it gets disconnected - is there a known way to do this? Regards Julian -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Any way to implement an incoming SMTP time limit?
On 10/03/18 14:21, Julian Rhind via Exim-users wrote: > I've set smtp_receive_timeout in an attempt to limit the time an incoming > connection can stay active - this works as designed - however this timer is > reset whenever any new data comes in - I'd like to set a maximum connection > time - so that when an incoming connection is established it has a finite > amount of time to get the job done - otherwise it gets disconnected - is > there a known way to do this? Nope. You could place limits on SMTP command _numbers_ by counting them in ACLs; combined with the per-command timeout that gets you most of the way there. Or you could explicitly check the times, also in ACLs. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Any way to implement an incoming SMTP time limit?
> On Mar 12, 2018, at 7:38 AM, Jeremy Harris via Exim-users > wrote: > >> I've set smtp_receive_timeout in an attempt to limit the time an incoming >> connection can stay active - this works as designed - however this timer is >> reset whenever any new data comes in - I'd like to set a maximum connection >> time - so that when an incoming connection is established it has a finite >> amount of time to get the job done - otherwise it gets disconnected - is >> there a known way to do this? > > Nope. You could place limits on SMTP command _numbers_ by counting them > in ACLs; combined with the per-command timeout that gets you most > of the way there. Or you could explicitly check the times, also > in ACLs. The OP should also keep in mind that connection reuse (to send multiple messages) is also common, and quite legitimate, and a global connection timeout (rather than a per-command timeout) could interrupt an extended connection that delivers multiple messages. -- Viktor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Why "blackhole"?
Hi list, I recently discovered this very curiously message in the mainlog: 2018-02-28 00:56:11 1eqp6G-0004wp-IR DKIM: d=email.microsoftemail.com s=102420140131 c=relaxed/relaxed a=rsa-sha1 b=1024 [verification succeeded] 2018-02-28 00:56:12 1eqp6G-0004wp-IR LMS check accept: 250 OK 2018-02-28 00:56:12 1eqp6G-0004wp-IR <= bounce-866153_html-528534629-5439879-228974-...@bounce.e-mail.microsoft.com H=(mta28.email.microsoftemail.com) [66.231.92.214] P=esmtps X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 S=69286 id=df627243-be0d-4776-9939-7408baf52...@xtinmta177.xt.local 2018-02-28 00:56:12 1eqp6G-0004wp-IR => blackhole (local_scan discarded recipients) 2018-02-28 00:56:12 1eqp6G-0004wp-IR Completed I really can't understand why the E-Mail will be discarded. Can someone help me? Thanks Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Why "blackhole"?
Have you added a local_scan function to your configuration? https://www.exim.org/exim-html-current/doc/html/spec_html/ch-adding_a_local_scan_function_to_exim.html If so, then it sounds like it has decided to discard all the recipients for that incoming message. If you read the *Specification* it says (emphasis mine): The list of accepted recipients, held in a vector of length recipients_count. The recipient_item structure is discussed below. You can add additional recipients by calling receive_add_recipient() (see below). *You can delete recipients by removing them from the vector and adjusting the value in recipients_count. In particular, by setting recipients_count to zero you remove all recipients. If you then return the value LOCAL_SCAN_ACCEPT, the message is accepted, but immediately blackholed.* To replace the recipients, you can set recipients_count to zero and then call receive_add_recipient() as often as needed. If local_scan says to accept the message but it has no recipients left it is blackholed. Cheers, Mike B-) On 12 March 2018 at 15:30, Luca Bertoncello via Exim-users < exim-users@exim.org> wrote: > Hi list, > > I recently discovered this very curiously message in the mainlog: > > 2018-02-28 00:56:11 1eqp6G-0004wp-IR DKIM: d=email.microsoftemail.com > s=102420140131 c=relaxed/relaxed a=rsa-sha1 b=1024 [verification succeeded] > 2018-02-28 00:56:12 1eqp6G-0004wp-IR LMS check accept: 250 OK > 2018-02-28 00:56:12 1eqp6G-0004wp-IR <= bounce-866153_HTML-528534629-5 > 439879-228974-...@bounce.e-mail.microsoft.com H=( > mta28.email.microsoftemail.com) [66.231.92.214] P=esmtps > X=TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256 S=69286 > id=df627243-be0d-4776-9939-7408baf52...@xtinmta177.xt.local > 2018-02-28 00:56:12 1eqp6G-0004wp-IR => blackhole (local_scan discarded > recipients) > 2018-02-28 00:56:12 1eqp6G-0004wp-IR Completed > > I really can't understand why the E-Mail will be discarded. > Can someone help me? > > Thanks > Luca Bertoncello > (lucab...@lucabert.de) > > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- Systems Administrator & Change Manager IT Services, University of York, Heslington, York YO10 5DD, UK Tel: +44-(0)1904-323811 Web: www.york.ac.uk/it-services Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Why "blackhole"?
Zitat von Mike Brudenell via Exim-users : Hi Mike Have you added a local_scan function to your configuration? Yes! Kaspersky. And I must say, that I already had some suspect on that... https://www.exim.org/exim-html-current/doc/html/spec_html/ch-adding_a_local_scan_function_to_exim.html If so, then it sounds like it has decided to discard all the recipients for that incoming message. If you read the *Specification* it says (emphasis mine): The list of accepted recipients, held in a vector of length recipients_count. The recipient_item structure is discussed below. You can add additional recipients by calling receive_add_recipient() (see below). *You can delete recipients by removing them from the vector and adjusting the value in recipients_count. In particular, by setting recipients_count to zero you remove all recipients. If you then return the value LOCAL_SCAN_ACCEPT, the message is accepted, but immediately blackholed.* To replace the recipients, you can set recipients_count to zero and then call receive_add_recipient() as often as needed. If local_scan says to accept the message but it has no recipients left it is blackholed. OK, thanks. But I really can't find any place in my configuration to delete the recipients... warn set acl_m_klms_headers = set acl_m_klms_result = set acl_m_klms_answer = ${dlfunc{/opt/kaspersky/klms/lib64/libklms-exim.so}{scan}{${spool_directory}/input}} condition = ${if def:h_X-Ciphermail {false}{true}} defer condition = ${if def:h_X-Ciphermail {false}{true}} condition = ${if eq {$acl_m_klms_answer}{}{yes}{no}} log_message = 451 PVC01 - LMS check failed (empty answer) $acl_m_klms_answer $acl_m_klms_result $acl_m_klms_tempfile message = 451 PVC01 - Temporary local problem - please try later. ASSISTENCE_MESSAGE (PVC01) defer condition = ${if def:h_X-Ciphermail {false}{true}} condition = ${if match {$acl_m_klms_answer}{\N^451\N}{yes}{no}} log_message = 451 PVC02 - LMS check defer $acl_m_klms_answer $acl_m_klms_result $acl_m_klms_tempfile message = 451 PVC02 - Temporary local problem - please try later. ASSISTENCE_MESSAGE (PVC02) defer condition = ${if def:h_X-Ciphermail {false}{true}} condition = ${if match {$acl_m_klms_answer}{\N^452\N}{yes}{no}} log_message = 451 PVC03 - LMS check defer $acl_m_klms_answer $acl_m_klms_result $acl_m_klms_tempfile message = 451 PVC03 - Temporary local problem - please try later. ASSISTENCE_MESSAGE (PVC03) deny condition = ${if def:h_X-Ciphermail {false}{true}} condition = ${if match {$acl_m_klms_answer}{\N^550\N}{yes}{no}} log_message = 552 PVC04 - LMS check reject $acl_m_klms_answer $acl_m_klms_result $acl_m_klms_tempfile message = 552 PVC04 - E-Mail contains Virus. ASSISTENCE_MESSAGE (PVC04) deny condition = ${if def:h_X-Ciphermail {false}{true}} condition = ${if match {$acl_m_klms_answer}{\N^554\N}{yes}{no}} log_message = 552 PDV01 - LMS check reject $acl_m_klms_answer $acl_m_klms_result $acl_m_klms_tempfile message = 552 PDV01 - E-Mail contains Virus. ASSISTENCE_MESSAGE (PDV01) warn condition = ${if def:h_X-Ciphermail {false}{true}} condition = ${if match {$acl_m_klms_answer}{\N^250\N}{yes}{no}} logwrite= LMS check accept: $acl_m_klms_answer $acl_m_klms_result $acl_m_klms_tempfile set acl_m_klms_answer = Did I forgot something? Thanks Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Why "blackhole"?
On 12 March 2018 at 15:59, Luca Bertoncello via Exim-users < exim-users@exim.org> wrote: > > Yes! Kaspersky. And I must say, that I already had some suspect on that... > > If local_scan says to accept the message but it has no recipients left it >> is blackholed. >> > > OK, thanks. > But I really can't find any place in my configuration to delete the > recipients... > The sample configuration you posted is just a set of ACLs entries. The *Specification* seems to be saying that when Exim calls the function specified by *local_scan* then that function itself can delete recipients from the list. If so and *that* is removing all the recipients but then tells Exim to accept the message it ends up getting blackholed. However I've never used local_scan so might be entirely wrong. Can someone who knows more about it confirm? Cheers, Mike B-) -- Systems Administrator & Change Manager IT Services, University of York, Heslington, York YO10 5DD, UK Tel: +44-(0)1904-323811 Web: www.york.ac.uk/it-services Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Choosing the outbound IP address according to a Database query.
Exim version 4.89 #1 built 05-Oct-2017 13:48:15 (Linux Gentoo) Problem: I have users either with weak passwords or whom give away their passwords... Result: Spammers have their "information" so can use my relay mail server to send spam on my clients behalf to many other people. If it bounces - then the client has a full mail box quite quickly. Worse - the IP address of the machine gets blacklisted. This then affects many other clients. The machine is for Mail Submission - so it can have a common "inbound" interface for my clients - and just needs a specific outbound IP address. I have a fair number of IP addresses. I'd like to have a pool of interfaces - each with their own IP address. My users details are all stored in a database table so I could also add an IP address there, the one that this particular client should use when my EXIM sends out their e-mail. If that IP address becomes blacklisted - it would then affect a much smaller percentage of my users. I could then have one IP address per group of customers! In exim.conf - I've used: # Interfaces That Exim Listens on local_interfaces = <; 127.0.0.1 ; ::1 ; \ 192.111.222.1 ; 2001:1234:abcd:5678::1 ; \ 192.111.222.2 ; 2001:1234:abcd:5678::2 ; \ 192.111.222.3 ; 2001:1234:abcd:5678::3 (fake numbers) I assume one could assign a particular IP address for outbound? I already look the user up - e.g. on a different machine that receives inbound e-mails:- # quota = 30M quota = ${lookup mysql {select mail_quota from user_table where user='${local_part}@${domain}'}}M ...so guess I could fetch an IP address - or easier would be the last part of an IP address... In Transports - I have something like:- begin transports # This transport is used for delivering messages over SMTP connections. remote_smtp: driver = smtp dnssec_request_domains = * hosts_try_dane = * return_path = ${address:$reply_address} interface = <; 192.111.222.1 ; 2001:1234:abcd:5678::1 So could the "interface =" part be changed to receive the result of a MySQL query? Can I pop a value into a variable - and use that? - otherwise I'll be doing two lookups, one for IPv4 and one for IPv6... interface = <; 192.111.222.${lookup mysql {select mail_ip from user_table where user='${local_part}@${domain}'}} ; 2001:1234:abcd:5678::${lookup mysql {select mail_ip from user_table where user='${local_part}@${domain}'}} Anyone done this before? -- Mark James ELKINS - Posix Systems - (South) Africa m...@posix.co.za Tel: +27.128070590 Cell: +27.826010496 For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Why "blackhole"?
Mike Brudenell via Exim-users schrieb: Hi Mike > The sample configuration you posted is just a set of ACLs entries. The This was NOT a sample configuration, but the real configuration we use to scan the E-Mail with Kaspersky... > *Specification* seems to be saying that when Exim calls the function > specified by *local_scan* then that function itself can delete recipients > from the list. If so and *that* is removing all the recipients but then > tells Exim to accept the message it ends up getting blackholed. It'd be very nice to check if that is the problem... Any idea? Regards Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Choosing the outbound IP address according to a Database query.
On Mon, 12 Mar 2018, Mark Elkins via Exim-users wrote: The machine is for Mail Submission - so it can have a common "inbound" interface for my clients - and just needs a specific outbound IP address. I have a fair number of IP addresses. I'd like to have a pool of interfaces - each with their own IP address. My users details are all stored in a database table so I could also add an IP address there, the one that this particular client should use when my EXIM sends out their e-mail. If that IP address becomes blacklisted - it would then affect a much smaller percentage of my users. I could then have one IP address per group of customers! In exim.conf - I've used: # Interfaces That Exim Listens on local_interfaces = <; 127.0.0.1 ; ::1 ; \ 192.111.222.1 ; 2001:1234:abcd:5678::1 ; \ 192.111.222.2 ; 2001:1234:abcd:5678::2 ; \ 192.111.222.3 ; 2001:1234:abcd:5678::3 (fake numbers) I assume one could assign a particular IP address for outbound? I don't know the current position, but in 2011 Spamhaus was blacklisting IPv6 addresses in /64 blocks https://www.spamhaus.org/organization/statement/012/spamhaus-ipv6-blocklists-strategy-statement so I don't know whether your pool of addresses will protect your clients as well as you hope. -- Andrew C. Aitchison Cambridge, UK and...@aitchison.me.uk -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/