Re: [exim-dev] [PATCH] DMARC: fix use-after-free in dmarc_dns_lookup

Hi Lorenz, Lorenz Brun via Exim-dev (Fr 14 Okt 2022 21:02:51 CEST): > This fixes a use-after-free in dmarc_dns_lookup where the result > of dns_lookup in dnsa is freed before the required data is copied out. > > Fixes: 9258363 ("DNS: explicit alloc/free of workspace") … Thanks for the fix, it

Re: [exim-dev] Exim 4.96-RC0 released

Andreas Metzler via Exim-dev (Sa 30 Apr 2022 10:34:23 CEST): > > People upgrading directly from < 4.93 to 4.96 would still have to deal > with hard breakage on upgrades, but requirig a two step upgrade might be > considered a fair compromise. Yes, that's something I'm thinking about too. 4.95:

Re: [exim-dev] [Bug 2855] $sender_host_address doesn't work well with hybrid (v4mapped) IPv4 representation

https://bugs.exim.org/show_bug.cgi?id=2855#c4 --- a/src/src/spool_out.c +++ b/src/src/spool_out.c @@ -185,7 +185,7 @@ if (sender_helo_name) spool_var_write(fp, US"helo_name", sender_helo_name); if (sender_host_address) { if (is_tainted(sender_host_address)) putc('-', fp); - fprintf(fp,

[exim-dev] messages from this list to outlook.com and hotmail.com users

Hi *@{outlook,hotmail}.com, unfortunately the IP, our new infrastructure server is sending the list mails from, seems to be on a MS blacklist. Some (if not all) of our subscribers using hotmail.com or outlook.com addresses where unsubscribed automatically, as the messages bounced. While Graeme

Re: [exim-dev] Patch on exim-4.94+fixes applied after EOL

Heiko Schlittermann via Exim-dev (Do 13 Mai 2021 10:13:31 CEST): > I merged 4.94+fixes into 4.94.2+fixes (again). Not pushed yet, it's running the testsuite locally. -- Heiko signature.asc Description: PGP signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev E

Re: [exim-dev] Patch on exim-4.94+fixes applied after EOL

Good morning, Andreas Metzler via Exim-dev (Mi 12 Mai 2021 20:08:52 CEST): > Thanks, seems to have happened again with > c1faf04b865465894c7ca41ab4585fb69d4a5936. How about closing this branch > e.g. with a commit deleting all files? How to "close" a branch in Git? There seem to be many ways.

Re: [exim-dev] Patch on exim-4.94+fixes applied after EOL

Andreas Metzler via Exim-dev (Mi 12 Mai 2021 20:08:52 CEST): > On 2021-05-09 Heiko Schlittermann via Exim-dev wrote: > > Thanks, seems to have happened again with > c1faf04b865465894c7ca41ab4585fb69d4a5936. How about closing this branch > e.g. with a commit deleting all files?

Re: [exim-dev] Patch on exim-4.94+fixes applied after EOL

Andreas Metzler via Exim-dev (So 09 Mai 2021 08:06:11 CEST): > Hello, > > there is a patch on exim-4.94+fixes which was applied after 4.94.2, it > is therefore missing on exim-4.94.2+fixes. > > ed64b5c2f0f44db27ae48128fc97d5ad8406a28e Fix ${ipv6norm:} Thank you, it is merged now into

Re: [exim-dev] [Bug 2594] CNAME handling can break TLS certificate verification

Viktor Dukhovni via Exim-dev (So 14 Mär 2021 14:33:21 CET): > For the record, the expectation is: > > - Absent DANE TLSA records, the literal MX hostname, which is >of course insecurely obtained from MX records, so validation >is mostly an exercise in futility. It would only mean

[exim-dev] Postponed release of Exim 4.94+

Hello, more than 6 months passed since the release of Exim 4.94. We (mostly Jeremy) put a lot of effort and work in improving the functionality, stability and security of Exim. Before publishing the next release of Exim we'd like to sort out some things first, most notably: - how to proceed

Re: [exim-dev] typo in doc for Ratelimit options for what is being measured

u34--- via Exim-dev (Do 10 Sep 2020 18:25:06 CEST): > http://exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html#ratoptmea > has the following duplication: … > The dupliaction is that acl_smtp_rcpt is mentioned twice. Thanks. Fixed. Committed. Pushed. -- Heiko

[exim-dev] compatible with c99?

Hello, I'm referring to https://bugs.exim.org/show_bug.cgi?id=2585 The -std=c99 flag causes the build to fail. Is this expected behaviour? Or should we build cleanly using this flag too? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann --

Re: [exim-dev] [Bug 2545] New: Allow disabling autogenerated selfsigned cert warning

admin--- via Exim-dev (Do 26 Mär 2020 18:30:27 CET): > So there should be a way to disable the warning or perhaps it should not be > shown at all, or at least only once a day. I can imagine an at-startup warning if tls_advertise_hosts is non-empty and no tls_certificate/tls_privatekey is

Re: [exim-dev] SPF not working properly

David Saez Padros via Exim-dev (Fr 20 Dez 2019 08:46:10 CET): > Hi > > i'm a bit confused, exim is using libspf2 like spfquery.libspf2 > does and both return different results, not sure why exim is doing > dns queries itself to interpret spf, the libspf2 documentation gives > a very simple

Re: [exim-dev] Fork in readconf.c

Nick, at the following GIT URL you'll find a branch heiko/x/cpanel/pre-flight git://git.exim.org/~heiko/exim.git Please be prepared that I'may change the history of this repo without notice. This is no official repository, though it is publicly available. The branch

Re: [exim-dev] Hard to understand doc enhancement 52af44332434a2a34ae30f3d0ac3b549d512e4cc

Andreas Metzler via Exim-dev (Mo 11 Mär 2019 19:34:50 CET): > Hello, > > Thanks, the description of what to do is great, but the imho the > rationale (what breaks?) should stay. a23acfd5c4366f1c4d97e87ac61ee841f39b819a -- Heiko signature.asc Description: PGP signature -- ## List details at

Re: [exim-dev] Hard to understand doc enhancement 52af44332434a2a34ae30f3d0ac3b549d512e4cc

Andreas Metzler via Exim-dev (Sa 09 Mär 2019 17:49:28 CET): > Hello, > > 52af44332434a2a34ae30f3d0ac3b549d512e4cc and the latest commit on 4.92 > fixes adds this change to spec: > > +&*Warning 3*&: Do not use an IPv4-mapped IPv6 address for a key; use the > +IPv4. Such addresses being searched

Re: [exim-dev] Missing Colon on I= for outbound mail?

Larry, do you agree with this commit? Especially with the commit message, as it mentions your name and address. Author: Heiko Schlittermann (HS12-RIPE) Date: Fri Mar 8 18:29:20 2019 +0100 Add missing colon when logging outgoing I= Credits to Larry Rosenman for

Re: [exim-dev] Missing Colon on I= for outbound mail?

Larry Rosenman via Exim-dev (Fr 08 Mär 2019 17:51:03 CET): > I just noticed that Exim 4.92 is missing the colon between the port and the > address for the I= log line: > > Mar 8 10:28:40 thebighonker exim[98334]: 1h2IMP-000Pa0-Qe => > R=dnslookup T=remote_smtp S=2196

Re: [exim-dev] [Bug 2376] New: log_message doesn't log if connection is interrupted (which is quite unexpected) while other rules in the same acl are applied

admin--- via Exim-dev (Mo 18 Feb 2019 07:30:24 CET): > For example: > > acl_notquit: > accept authenticated = * > > warn condition = ${if match {$smtp_notquit_reason}{command}{yes}{no}} > log_message = "Connection Ratelimit - $sender_fullhost because > of notquit:

[exim-dev] New release candidate 4.92-RC3

Hi, we need you. I've just packaged a new release candidate exim-4.92-RC3. Please download, build, and test. The only change to RC2 is in the example configuration. So this change may affect packagers that auto-generated theire initial configurations from the example config. The original

Re: [exim-dev] [exim] Exim 4.92-RC1

Paul Hecker via Exim-dev (So 16 Dez 2018 19:52:45 CET): > Hi, > for sure, thanks! exim 4.92-RC2 should work for you, doesn't it? -- Heiko signature.asc Description: PGP signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

[exim-dev] New release candidate 4.92-RC2

Hello, a new release candidate has been released: 4.92-RC2 It contains the following fixes since RC1 fa287dc3 Re-create test/configure script aaf3e414 Update Changelog for Bug 2351 569a8b23 Log failures to extract envelope addresses from message headers. Bug 2351 22d6c944 doc:

Re: [exim-dev] [exim] Exim 4.92-RC1

Please do not cross-post to lists and private addresses. Paul Hecker (Fr 14 Dez 2018 16:24:43 CET): > can no longer compile this version with my current Makefile as there is > WITH_CONTENT_SCAN=yes > enabled and all other scanner interfaces disabled (as DISABLE_MAL_CLAM=yes, >

[exim-dev] Exim 4.92-RC1

I've built and uploaded Exim 4.92-RC1 to https://ftp.exim.org/pub/exim/exim4/test The current ChangeLog (since 4.91) and NewStuff files are attached to this message. The tree is still open for commits. Please check if you've any pending bugfixes or additions. We need you: Please download,

[exim-dev] New Release

Hi, after a short chat with Jeremy we agreed, that I'll start the release process. More than 6 months since the last release are over and there is a bunch of additions, improvements, bug fixes. If any of you has some committs not pushed yet, please integrate them into the master branch until

Re: [exim-dev] buildfarm client proposal: tests configure support

Phil Pennock via Exim-dev (Sa 22 Sep 2018 07:06:21 CEST): > > I can't reach the box right now :\ Did you do anything like reboot it? > Otherwise, it's support ticket time if it doesn't come back. No, I just pulled the changes I pushed to the branch you created. And I started the run-whatever

Re: [exim-dev] buildfarm client proposal: tests configure support

Heiko Schlittermann via Exim-dev (Mi 19 Sep 2018 11:46:52 CEST): > I'll do so this evening (roughly UTC). Almost …. I made the changes, pushed it and pulled it into macstadiums /opt/buildfarm/home/code and started ./invoke.buildfarm But I do not see how you use test_configure_

Re: [exim-dev] buildfarm client proposal: tests configure support

Phil Pennock via Exim-dev (Di 18 Sep 2018 20:31:41 CEST): > On 2018-09-16 at 12:49 +0100, Jeremy Harris via Exim-dev wrote: > > The code addition looks reasonable on the surface. Go head and > > push it to master. > > I'm going to let Heiko make his suggested improvements. I'll do so this

Re: [exim-dev] buildfarm client proposal: tests configure support

Phil Pennock via Exim-dev (Sa 15 Sep 2018 03:34:35 CEST): > I've made the buildfarm repos visible† on git.exim.org since there's > nothing secret in them and we point folks to them on public wiki pages, > and all the repos can be cloned without authentication. > > I've pushed to

Re: [exim-dev] UTF-8 and Exim string operations

Heiko Schlittermann (Sa 18 Aug 2018 09:29:50 CEST): > > This. > > > > Add new operators, or options on current ones; don't > > change how they currently work (barring bugs). > > +1 After a little bit more thinking ${astrlen:Ötzi} yields 5 ${ustrlen:Ötzi} yields 4 ${strlen:…} is

Re: [exim-dev] UTF-8 and Exim string operations

Jeremy Harris via Exim-dev (Fr 17 Aug 2018 13:03:33 CEST): > On 08/17/2018 05:03 AM, Phil Pennock via Exim-dev wrote: > > Anyone have strong feelings on how Exim should handle UTF-8 with > > operators such as ${length_1:STR} ? > > > > Document that the current operators work on bytes > > This. >

Re: [exim-dev] branch exim-4_91+fixes created

Renaud Allard via Exim-dev (Di 24 Apr 2018 00:05:08 CEST): > > Do you release a downloadable tar.gz archive of that branch? This would be > interesting for maintainers which are using a "ports" system like the BSDs. Currently not. But I'm thinking about it. But please, do not

Re: [exim-dev] [Bug 2250] Peculiarity with SMTP delivery in Exim 4.90.1

admin--- via Exim-dev (Do 08 Mär 2018 14:24:47 CET): > https://bugs.exim.org/show_bug.cgi?id=2250 > > --- Comment #10 from David Carter --- > I guess I will need to try bisection with the 4xy suggestion to minimise > fallout. > > Any obvious points between

Re: [exim-dev] [Bug 2235] New: CVE-2018-6789

Phil Pennock (Di 13 Feb 2018 00:08:50 CET): > On 2018-02-09 at 15:32 +, Vsevolod Stakhov via Exim-dev wrote: > > It seems that FreeBSD is no longer considered in CVE early disclosure, > > isn't it? > > There has been no change from Exim's side in how this was communicated. >

Re: [exim-dev] committers

Andreas Metzler (Sa 03 Feb 2018 18:57:19 CET): … > I googled in vain and experimented a bit. Using cherry-pick instead of > merge seemed to work for me to change the committer. > > instead of git merge --ff > use git cherry-pick .. Yeah, probably I did exactly

Re: [exim-dev] committers

Jeremy Harris (Sa 03 Feb 2018 18:03:18 CET): … > Previouly for commits done using content supplied by other people > we have set the Author and left the Committer saying who did > the commit. I'd like that to continue. Yes, that was my intention too, but I didn't check if the

Re: [exim-dev] committers

On 030caf2a9 it worked another way, there I'm the committer, as I'd have expected. I'm not sure anymore how I did it with 030caf2a9. -- Heiko signature.asc Description: PGP signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at

Re: [exim-dev] committers

Jeremy Harris (Sa 03 Feb 2018 17:41:07 CET): > Who is "Vladimir Panteleev " > and how did he acquire commit rights? I merged his pull request from github. And I suppsed that I'll be the committer then. Doesn't seem to have worked that way. What did I

Re: [exim-dev] [Bug 2206] error messages Berkeley DB error: BDB1565 DB->pget: method not permitted

Hi, sorry, if my questions weren't precise enough ad...@bugs.exim.org (Mo 04 Dez 2017 07:21:39 CET): > https://bugs.exim.org/show_bug.cgi?id=2206 > > --- Comment #2 from Axel Reinhold --- > > Did you compile it from the sources? > yes - compiled from

Re: [exim-dev] [Bug 2206] New: error messages Berkeley DB error: BDB1565 DB->pget: method not permitted

ad...@bugs.exim.org (So 03 Dez 2017 09:28:01 CET): … > after update from 4.89 to 4.89.1 i get lots of errors in mailmainlog: > > 2017-12-03 09:07:11 1eLPIr-0006T7-29 Berkeley DB error: BDB1565 DB->pget: > method not permitted before handle's open method > 2017-12-03 09:07:11

[exim-dev] Exim 4.89.1 released

Exim developers, We have released a security release today. The latest Exim release is now 4.89.1 This release contains all fixes we did on the exim-4_89+fixes branch since the exim-4_89 release. This includes the fixes for CVE-2017-16943 and CVE-2017-16944. Tarballs are in the usual places

[exim-dev] CVE-2017-16943, CVE-2017-16944

Both issues are fixed now. CVE-2017-16943 (RCE) Exim Bug 2199 master: 4e6ae6235c68de243b1c2419027472d7659aa2b4 exim-4_89+fixes:4090d62a4b25782129cc1643596dc2f6e8f63bde Fix done by Jeremy Harris CVE-2017-16944 (DoS) Exim Bug 2201

Re: [exim-dev] [patch] Typo fix "psuedo"

Andreas Metzler (Sa 28 Okt 2017 13:22:31 CEST): > Hello, > > find atached a trivial patch to fix a typo in exipick's documentation. Thankyou (5dda37a2ea959801a0836097dc1e4ba43d78170b) -- Heiko signature.asc Description: PGP signature -- ## List details at

Re: [exim-dev] feature request for exim: query DNSBL providers' DNS servers directly

Hi, Rob McEwen (Sa 09 Sep 2017 20:59:01 CEST): > What I want to accomplish is this: provide subscribers to the invaluement > anti-spam blacklist... who use exim... the ability to have their DNS queries > to DNSBLs... come directly from Exim, skipping the normal DNS

Re: [exim-dev] [Bug 2144] log failed (4xx) delivery attempts

Andrew C Aitchison (Mi 05 Jul 2017 16:54:30 CEST): > On Wed, 5 Jul 2017, ad...@bugs.exim.org wrote: I reformatted the entry to match the original long lines: > 2017-07-05 14:47:13 [19866] 1dSji4-0005AQ-GR <= h...@schlittermann.de > H=(blade.schlittermann.de)

Re: [exim-dev] [SOLVED] readv/writev

Hi James, James C. McPherson (Mo 03 Jul 2017 23:34:48 CEST): … > Both readv and writev are POSIX-standard functions, so they > should be available on all UNIX and UNIX-like systems. > > http://pubs.opengroup.org/onlinepubs/9699919799/functions/readv.html >

[exim-dev] 4.89+fixes

Hi, I get the feeling that with distribution of 4.89 the pressure to release some small fixes raises. I've prepared already a exim-4_89+fixes branch on git://git.exim.org/~heiko/exim.git It should include the following fixes as recommended by Jeremy 65e061b76867fix log line corruption

[exim-dev] [SOLVED] readv/writev

Heiko Schlittermann via Exim-dev <exim-dev@exim.org> (Mi 28 Jun 2017 00:16:11 CEST): > Hi, > > I'm sitting with bug 2130 and I'm wondering if anybody knows how > portable readv(2) and writev(2) are, on the platforms we'd like to > support. pwcheck.c uses writev(2) as does m

[exim-dev] readv/writev

Hi, I'm sitting with bug 2130 and I'm wondering if anybody knows how portable readv(2) and writev(2) are, on the platforms we'd like to support. Any hints? -- Heiko signature.asc Description: PGP signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details

[exim-dev] [h...@schlittermann.de: Re: CVE-2017-1000369 | Exim 4.89+fixes]

Hello Exim Users and Exim Developers, some of you may have noticed already CVE-2017-1000369. It is related to a stack/heap clash. For more information see https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash As it is possible to abuse Exim as a tool to exploit this vulnerability in

Re: [exim-dev] [Bug 2118] sendmail -be and ${run} macro security problem

Viktor Dukhovni (Sa 06 Mai 2017 01:33:17 CEST): > > One workaround would be to only process "-be" when invoked as "exim", ... > and not when the last path component argv[0] is "sendmail". I'm working on a "sendmail" to be shipped with Exim, replacing the current