Re: [exim-dev] Default received_headers_max should be increased dramatically

First up: looks like we had a moderation backlog, and new subscribers are moderated by default, so your message was stuck in moderation for far longer than normal. Sorry about that. Your moderation bit has been cleared. On 2020-11-27 at 15:13 +, Ian Jackson via Exim-dev wrote: >

Re: [exim-dev] DKIM Signing and renewing DKIM certificates

On 2020-10-31 at 18:34 +0200, Mark Elkins via Exim-dev wrote: >[quoting:] > Of course, when you change your DKIM key pair, the public key in the DKIM > record needs to be changed as well. That is very poorly phrased. One selector corresponds to one DNS record. There is no way to safely change

Re: [exim-dev] GDB step by step exim

On 2020-07-16 at 00:07 -0400, Dennis Roellke via Exim-dev wrote: > I’d like to understand better how exim processes EHLO messages. Ideally, I > could use gdb to set a breakpoint and step through from wherever I want. > Unfortunately, exim just ignores any breakpoints... it hits them for sure, bc

Re: [exim-dev] DANE support in Exim with OpenSSL

On 2020-07-06 at 01:07 -0400, Viktor Dukhovni via Exim-dev wrote: > I would like recommend that when convenient, Exim should probably do the > same. The documentation for the OpenSSL DANE API is at: LibreSSL. -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim

Re: [exim-dev] dnsdb lookup question

On 2019-10-14 at 12:28 +0100, Graeme Fowler via Exim-dev wrote: > Am I (missing something) or am I about to head deep into the codebase > to work out how to extend the dnsdb code? If someone is volunteering :D then ripping out all of the system resolver usage and replacing it with a libgetdns

Re: [exim-dev] Mailop list: exim and google fighting over DKIM

On 2019-04-28 at 16:42 +0100, Andrew C Aitchison via Exim-dev wrote: > Do the DKIM exim experts subscribe to the mailop list ? I do, but I just started a new job and am behind on public mailing-lists. > There is an ongoing discussion on the mai...@mailop.org > about a snafu with DKIM which

Re: [exim-dev] tls_sni = $host in default configuration file

On 2018-12-20 at 20:50 +, Jeremy Harris via Exim-dev wrote: > The wording "should be" could be relaxed slightly, maybe, since it isn't > required by Exim's parsing. "It is simplest to", perhaps? Didn't we used to require it? I forget. Feel free to update it. > I see you quietly removed

Re: [exim-dev] tls_sni = $host in default configuration file

On 2018-12-17 at 18:44 -, Jasen Betts via Exim-dev wrote: > What does DANE say we shoud ask for? I remember it being non-obvious but > easily explained. However I don't however remember the detail. RFC 7672 section 2.2.2. If DNSSEC is available for every step along the way, for all CNAMEs in

Re: [exim-dev] tls_sni = $host in default configuration file

On 2018-12-16 at 10:42 +, Jeremy Harris via Exim-dev wrote: > On 16/12/2018 10:20, Andreas Metzler via Exim-dev wrote: > > 4.92rc1 adds this to the smarthost_smtp transport: > > > > tls_sni = $host > > > > I do not think that always works as expected. Depending on the DNS setup > > (CNAME,

Re: [exim-dev] buildfarm client proposal: tests configure support

On 2018-09-21 at 00:15 +0200, Heiko Schlittermann via Exim-dev wrote: > Heiko Schlittermann via Exim-dev (Mi 19 Sep 2018 11:46:52 > CEST): > > I'll do so this evening (roughly UTC). > Almost …. > > I made the changes, pushed it and pulled it into macstadiums > /opt/buildfarm/home/code and

Re: [exim-dev] buildfarm client proposal: tests configure support

On 2018-09-16 at 12:49 +0100, Jeremy Harris via Exim-dev wrote: > The code addition looks reasonable on the surface. Go head and > push it to master. I'm going to let Heiko make his suggested improvements. > I'm not going to spend time trying to duplicate your work... > once you're up and

[exim-dev] buildfarm client proposal: tests configure support

I've made the buildfarm repos visible† on git.exim.org since there's nothing secret in them and we point folks to them on public wiki pages, and all the repos can be cloned without authentication. I've pushed to buildfarm-client.git a new branch `test_configure_tuning` with one additional commit:

[exim-dev] Exim website: logos for testers

Folks, I'm setting up macOS buildfarm stuff for Exim using hosting provided for free by MacStadium. They ask that their logo be on our web landing-page, which seems eminently fair and "normal practice" to me. But at present, there are no such logos. The fix is to say: if you are providing a

Re: [exim-dev] "25 lost" is giving me useful clues

On 2018-08-30 at 12:27 +0200, Mark Elkins via Exim-dev wrote: > What this is telling me is someone at 157.0.116.189 is making > connections to my mail server - presumable to see if they can detect the > accounts of users on my machine? This really belongs on exim-users, not exim-dev (bcc'd)

[exim-dev] build-farm / macOS

For awareness, I've applied on behalf of Exim to to get a free VM to be used as a build animal. If we're approved, we'll get rote paperwork every six months to confirm that we're actually still using it. I'd like to get macOS/Darwin builds back on the

Re: [exim-dev] UTF-8 and Exim string operations

On 2018-08-17 at 10:36 -, Jasen Betts via Exim-dev wrote: > > and add ulength_1 for being UTF-8 aware? > > Would also need utf8-aware also substr and strlen. Yes, I was using length as an exemplar, not as an exhaustive list. :) I favored ulength too, but didn't want to just add a slew of

[exim-dev] UTF-8 and Exim string operations

Anyone have strong feelings on how Exim should handle UTF-8 with operators such as ${length_1:STR} ? Document that the current operators work on bytes and add ulength_1 for being UTF-8 aware? Look at the top-bit being set and assume UTF-8, or will that break too much with all the places which

[exim-dev] GnuTLS 3.6.3 / TLS 1.3

FWIW, if anyone is working on the GnuTLS integration these days: } From: Nikos Mavrogiannopoulos } Subject: gnutls 3.6.3 } } Hello, } I've just released gnutls 3.6.3. This is the first release which adds } full support of TLS1.3 (draft28), and several other features on the } 3.6.x branch. } } *

[exim-dev] OpenSSL revamp work (WIP, nowhere near ready)

Nowhere near complete yet, but: https://git.exim.org/users/pdp/exim.git/shortlog/refs/heads/openssl_revamp git://git.exim.org/users/pdp/exim.git branch openssl_revamp What's there so far is a WIP commit showing how I think things should look from a parsing PoV and how the settings are

Re: [exim-dev] DNSSEC / log spam

On 2018-06-30 at 00:01 -0400, Viktor Dukhovni via Exim-dev wrote: > So there is a potential solution, if you're > willing to change how manage _res.options. No. Messing with _res was always dangerous and since NetBSD went and made incompatible changes, life became hell.

Re: [exim-dev] DNSSEC / log spam

On 2018-06-29 at 20:16 -0500, Larry Rosenman via Exim-dev wrote: > Greetings, > I have my DNS Zone DNSSEC enabled, but some of my dynamic > sub-domains are NOT DNSSEC due to HE.net not supporting DNSSEC yet. > can we suppress/change exim to not spam the logs with: > > Jun 29 20:12:53

Re: [exim-dev] [Bug 2266] TLS SNI should default set

On 2018-04-20 at 20:09 -0400, Viktor Dukhovni via Exim-dev wrote: > Question about this "$host". Are smarthost settings ever subject to > MX lookups, so that the actual remote SMTP server is one of the MX > hosts of the smarthost domain? Not with the format specified in the example

Re: [exim-dev] [Bug 2266] TLS SNI should default set

On 2018-04-20 at 19:16 -0400, Viktor Dukhovni via Exim-dev wrote: > In Postfix we have a notion that is the "next-hop" domain, > which is normally the envelope recipient domain, but when > a smarthost (or domain whose MX records are used for routing) > is specified, then the next-hop domain is the

Re: [exim-dev] Preliminary dane_require_tls_ciphers support

On 2018-03-29 at 10:33 +0100, Jeremy Harris via Exim-dev wrote: > I'm unsure about the philosophy of the interface; having one option > override another. You mentioned "complex expansions" before in the > discussion but without detail. I assume that's the same consideration > as "lots of

Re: [exim-dev] Exim 4.91 RC1

On 2018-03-18 at 00:47 -0400, Viktor Dukhovni via Exim-dev wrote: > You may find the notes for the below commits to OpenSSL 1.1.0 and upcoming > 1.1.1 useful for building alternate versions of OpenSSL "on the side": > >

Re: [exim-dev] Exim 4.91 RC1

On 2018-03-17 at 15:00 +, Jeremy Harris via Exim-dev wrote: > > Enabling DMARC without enabling > >SPF led to a build failure almost at the very end. > > Compile-time or link-time failure? Do you think we need > a specific check early in the build? I think it was compile-time, but am

Re: [exim-dev] Exim 4.91 RC1

On 2018-03-15 at 21:31 +, Jeremy Harris via Exim-dev wrote: > I have built and uploaded Exim 4.91 RC1 to: > > https://ftp.exim.org/pub/exim/exim4/test/ Building for `next-exim` on the exim.org box, the port-26 listener: * `EXPERIMENTAL_ARC` is not given with `=yes` in `src/EDITME`,

[exim-dev] Bugzilla maintenance (security upgrade); old mail sent

Bugzilla had a security release today; I have upgraded bugs.exim.org to 4.4.13. Part of the pre-flight checklist involved running a sanity check, which found two bugs with unsent mail. I sent those mails out. This sent out messages dated 2017-03-07 for bugs 1294 and 1998. Sorry; if I'd known

Re: [exim-dev] [Bug 2235] New: CVE-2018-6789

On 2018-02-09 at 15:32 +, Vsevolod Stakhov via Exim-dev wrote: > It seems that FreeBSD is no longer considered in CVE early disclosure, > isn't it? There has been no change from Exim's side in how this was communicated. We have an exim-maintainers mailing-list which has vetted people from any

[exim-dev] Buganizer mails lost after Exim 4.90 upgrade

Folks, We experienced a regression in Exim with the 4.90 upgrade, which affected exim.org mail. As a result, all mail generated by the exim.org box which was sent out from a domain other than exim.org itself was not sent. Instead, the mail was queued as having a temporary problem, and then

Re: [exim-dev] [Bug 2092] Should support dual-key configuration with lists of keys/certs

On 2017-11-02 at 18:00 +, Viktor Dukhovni wrote: > IIRC, the last chain file loaded was used to provide the issuer > certificates for all the public key types. The work-around is to > make sure that all the issuer certificates needed by *any* leaf > cert are present in *each* chain file.

Re: [exim-dev] [patch] exim 4.90_RC1 SOURCE_DATE_EPOCH build error / missing parts

On 2017-10-28 at 13:08 +0200, Andreas Metzler wrote: > Thanks for introducing SOURCE_DATE_EPOCH support to exim. Due to a typo > 4.90_RC1 FTBFS with non-BSD date if SOURCE_DATE_EPOCH is set. Also the > change applied to exim needs to be copied over to exim_monitor. You're welcome, and sorry. I

Re: [exim-dev] feature request for exim: query DNSBL providers' DNS servers directly

On 2017-09-12 at 09:45 +0100, Jeremy Harris wrote: > On 11/09/17 23:35, Phil Pennock wrote: > > So there's some value in having an optional, EXPERIMENTAL_FOO feature, > > for more advanced DNS handling. > > As an alternate implementation, a standard (but custom-configured

[exim-dev] rspamd APIs and Exim

Vsevolod, You wrote: } However, the current integration between Rspamd and Exim is not very } good so far (legacy proto which I have to support in Rspamd just for } Exim, absence of interaction on before-data stages and so on). Perhaps, } it is a topic of some separate discussion at some point...

Re: [exim-dev] feature request for exim: query DNSBL providers' DNS servers directly

On 2017-09-11 at 20:58 +0200, Heiko Schlittermann via Exim-dev wrote: > I'm not sure if I got it. You want to re-invent a caching name service > inside Exim? No, just a resolver which can be custom-configured. There's a lot of value for spam-fighting in being able to do custom DNS queries,

Re: [exim-dev] feature request for exim: query DNSBL providers' DNS servers directly

On 2017-09-11 at 12:25 -0400, Rob McEwen wrote: > (1) I noticed the following (patch? or fork?): > "DNS for exim.org" by Nigel Metheringham > ...could that be related or similar to anything I'm trying to accomplish? Entirely different repository. That's for configuring the zonefile for exim.org

Re: [exim-dev] feature request for exim: query DNSBL providers' DNS servers directly

On 2017-09-11 at 10:45 -0400, Rob McEwen wrote: > (5) It doesn't sound like this is possible in Exim. THEREFORE - What would I > need to do to build this as a fork (or addon?) to Exim - If I try to provide > a custom build of Exim - would I need to maintain multiple versions for > different OS's?

Re: [exim-dev] feature request for exim: query DNSBL providers' DNS servers directly

On 2017-09-09 at 14:59 -0400, Rob McEwen wrote: > I have a feature request for Exim. Or, since Exim is clearly one of the > world's most flexible/configurable MTAs, is... what I'm about to describe... > already be possible with existing features? Not quite possible, but could be a fairly small

Re: [exim-dev] [Bug 2104] TLS wrong version number on connection reuse

On 2017-04-23 at 00:55 -0400, Viktor Dukhovni wrote: > I find that rather perplexing. Over a single TCP connection it is not valid > to issue a second STARTTLS. I am misreading the above? If you tear down TLS, the standards are silent about what happens next. Exim's current model, which Jeremy

Re: [exim-dev] [exim] Exim 4.89 RC7

On 2017-02-28 at 22:48 -0500, Phil Pennock wrote: > I have uploaded Exim 4.89 RC7 to: > > https://ftp.exim.org/pub/exim/exim4/test/ No replies. I don't know whether to be ecstatic or very very afraid. Unless I hear of issues, I intend to cut Exim 4.89 on Tuesday 7th March,

[exim-dev] Exim 4.89 RC7

m-4_89_RC6:/doc/doc-txt/ChangeLog https://git.exim.org/exim.git/blob/exim-4_89_RC6:/doc/doc-txt/NewStuff https://git.exim.org/exim.git/blob/exim-4_89_RC6:/doc/doc-txt/openssl.txt The files are signed with the PGP key 0x4D1E900E14C1CC04, which has a uid "Phil Pennock <p...@exim.org>&q

Re: [exim-dev] [exim] Exim 4.89 RC6 uploaded: one remaining known issue

On 2017-02-23 at 18:44 +0100, Andreas Metzler wrote: > BTW, there is a new rather ugly warning in RC6: > | receive.c: In function 'read_message_bdat_smtp': > | receive.c:947:9: warning: implicit declaration of function 'bdat_ungetc' > [-Wimplicit-function-declaration] > |

[exim-dev] Exim 4.89 RC6 uploaded: one remaining known issue

which has a uid "Phil Pennock <p...@exim.org>". Please use your own discretion in assessing what trust paths you might have to this uid. Note that I have two signing sub-keys and have signed with both; if you have an ancient GnuPG release, you should get unimplemented warnings for one

Re: [exim-dev] [exim] Exim 4.89 RC6 tomorrow (Wednesday)

On 2017-02-15 at 03:40 +, Phil Pennock wrote: > We have one outstanding report of message segfaults, on one system. I > don't believe these have been reproduced by anyone else, but I'm waiting > for more feedback from the reporter: if there is a bug in Exim here, There's something

[exim-dev] Exim 4.89 RC6 tomorrow (Wednesday)

We have fixes for SMTP CHUNKING handling messages sent without a final newline, to be part of 4.89. We fix the messages as received, and have a Perl script to fix up broken messages stuck in your queue. We have one outstanding report of message segfaults, on one system. I don't believe these

[exim-dev] [exim] Exim 4.89 RC5 uploaded: Fast & Furious Weekend

/exim.git/blob/exim-4_89_RC5:/doc/doc-txt/NewStuff https://git.exim.org/exim.git/blob/exim-4_89_RC5:/doc/doc-txt/openssl.txt The files are signed with the PGP key 0x4D1E900E14C1CC04, which has a uid "Phil Pennock <p...@exim.org>". Please use your own discretion in assessing what trust

Re: [exim-dev] Popping '.' from @INC

On 2017-02-12 at 11:30 +0100, Heiko Schlittermann wrote: > I saw, that '.' now gets pop()ed from @INC in various Perl scripts. > > Is there a special reason doing so? If we'd deal with security in mind, > we should use Perl's taint mode to make the scripts more secure. Root invokes these

[exim-dev] Exim 4.89 RC4 uploaded

penssl.txt The files are signed with the PGP key 0x4D1E900E14C1CC04, which has a uid "Phil Pennock <p...@exim.org>". Please use your own discretion in assessing what trust paths you might have to this uid. Checksums below. Detached PGP signatures in .asc files are available along

Re: [exim-dev] [Bug 1864] New: CVE-2016-1238: Important unsafe module load path flaw

On 2017-02-10 at 12:57 +, Andrew C Aitchison wrote: > This is about a perl security issue that was not accepted directly into exim > in July/August 2016. Hrm. This isn't about Perl embedded inside Exim and thus setuid, but instead scripts bundled, which run without elevated privilege, on the

[exim-dev] Exim 4.89 RC3 uploaded

3:/doc/doc-txt/ChangeLog https://git.exim.org/exim.git/blob/exim-4_89_RC3:/doc/doc-txt/NewStuff https://git.exim.org/exim.git/blob/exim-4_89_RC3:/doc/doc-txt/openssl.txt The files are signed with the PGP key 0x4D1E900E14C1CC04, which has a uid "Phil Pennock <p...@exim.org>&q

[exim-dev] Re-cutting 4.89 release branch

Enough good fixes have gone into master, with nothing disruptive, that I'm going to re-cut the release branch from current master. signature.asc Description: Digital signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

Re: [exim-dev] Administrivia: this should be munged

On 2017-02-05 at 14:43 +, Phil Pennock wrote: > Mailman on @exim.org should now be DMARC-munging, including for p=none > domains where failure to munge is a privacy breach. You know, that would have been a better test if I hadn't used my @exim.org address for the send. Hopefully th

[exim-dev] Administrivia: this should be munged

Mailman on @exim.org should now be DMARC-munging, including for p=none domains where failure to munge is a privacy breach. See: https://bridge.grumpy-troll.org/2012/02/how-private-is-your-mailing-list-subscriber-list/

Re: [exim-dev] FYI: hummus SMTP going down

On 2017-02-05 at 13:40 +, Phil Pennock wrote: > Switching mailman installs, I've scripted the next steps enough that > things shouldn't be too bad. Back soon! If you can see this message, things are back. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim d

[exim-dev] FYI: hummus SMTP going down

Switching mailman installs, I've scripted the next steps enough that things shouldn't be too bad. Back soon! -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

[exim-dev] Exim 4.89 RC2 uploaded (openssl-only)

_89_RC2:/doc/doc-txt/ChangeLog https://git.exim.org/exim.git/blob/exim-4_89_RC2:/doc/doc-txt/NewStuff https://git.exim.org/exim.git/blob/exim-4_89_RC2:/doc/doc-txt/openssl.txt The files are signed with the PGP key 0x4D1E900E14C1CC04, which has a uid "Phil Pennock <p...@exim.org>&qu

Re: [exim-dev] [exim] Exim 4.89 RC1 uploaded

On 2017-01-31 at 22:27 -0500, Phil Pennock wrote: > RC2 will be cut either on Wednesday or Thursday of this week. Jeremy is working on some GnuTLS problems which should be fixed for 4.89; there's not much point deliberately cutting a Release Candidate which isn't really a candidate. So

Re: [exim-dev] [exim] Exim 4.89 RC1 uploaded

On 2017-01-30 at 22:54 -0500, Phil Pennock wrote: > Tentatively thinking of an RC2 on Thursday, unless something less > cosmetic comes up in the mean-time. Known regression: Proxy Protocol v2 broken in RC1. Fixed in master, will be cherry-picked into RC2. In unbreaking TLS-on-c

Re: [exim-dev] [exim] Exim 4.89 RC1 uploaded

On 2017-01-30 at 21:51 -0500, Phil Pennock wrote: > I have uploaded Exim 4.89 RC1 to: > > https://ftp.exim.org/pub/exim/exim4/test/ > > This is a stabilization release containing a number of bug-fixes; the RC > process for 4.89 will be accepting bug-fixes only, with a relea

[exim-dev] Exim 4.89 RC1 uploaded

doc/doc-txt/NewStuff https://git.exim.org/exim.git/blob/exim-4_89_RC1:/doc/doc-txt/openssl.txt The files are signed with the PGP key 0x4D1E900E14C1CC04, which has a uid "Phil Pennock <p...@exim.org>". Please use your own discretion in assessing what trust paths you might hav

[exim-dev] testdns.exim.org zone

I just realized, belatedly, that with exim.org fully under our control, and DNSSEC-signed, I could include the DS glue for testdns.exim.org, making it much more useful. I'll aim to move the zone to be authoritative on the exim.org server, at the same time that DNS moves over, but in the meantime:

[exim-dev] Exim 4.89 release process starts Jan 30

Folks, I'm going to pick up the Release Engineer hat for the next Exim release. The last few releases have been fairly big and ambitious and a few of us think that a stabilization release is called for. Jeremy and Heiko have a fix for the DKIM/chunking issues in soak-testing now, it'll go in

Re: [exim-dev] [Bug 2018] proxy protocol is not supported on smtps (direct SSL/TLS) connections

On 2017-01-18 at 16:06 +, Jeremy Harris wrote: > To expand: Exim's implementation of Proxy Protocol > is currently hooked in after the TLS start done for > tls-on-connect. > > It turns out that the protocol spec document is ambiguous > and the other way about (proxy-protocol handling done >

[exim-dev] test, ignore

Ignore please. Exim admin host reboot for updates, double-checking list mail is flowing. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

[exim-dev] https://git.exim.org -- mandate?

Since Monday morning, we've had https://git.exim.org available. http://git.exim.org is still available. Does anyone have strong opinions over whether or not http://git should force-redirect to https://git ? For FTP site contents, it doesn't make much sense, since ftp:// remains available and all

Re: [exim-dev] Administriva: Bugzilla spam

On 2016-11-24 at 22:33 +, Nigel Metheringham wrote: > We have had a few cases of someone deciding to spam bugzilla with spammy > content bug reports. Bugzilla is not very good at defending against > these, and unfortunately Bugzilla feeds into the exim-dev list. > > I have put some

[exim-dev] base64url (& base32hex) operators; build fixes

I've pushed to master a build fix for handling the hash split spreading the dependencies upon OpenSSL headers; I handled the pkg-config cases, it's possible that `src/EDITME` should be updated to note that CFLAGS will need updating, not just TLS_INCLUDE. I also updated for GnuTLS but that's

Re: [exim-dev] Exim4 spool directory symlink local root escalation - does this apply to 4.87?

On 2016-09-11 at 22:41 +0100, Jeremy Harris wrote: > There's a minor complication in that the -J file is opened in two > places (as it happens, in a single routine: deliver_messsage()). Why is the journal ever being opened as root, instead of as the Exim run-time user? That seems like a flaw,

Re: [exim-dev] [Bug 1837] small subgroup attack

On 2016-05-29 at 02:10 -0400, Viktor Dukhovni wrote: > But, (broken record), do yourself a favour and just drop these groups... We can change the default. We can add new groups. We won't remove documented values, exposed to configuration, short of a release where we are accepting

[exim-dev] Test message, ignore please

(post-maintenance probe that mail is flowing through list manager) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##

[exim-dev] Exim git repo maintenance

I've ensured that all the Exim repos on Hummus directly in /srv/git have: sharedRepository = 0002 A couple of newer repos were missing it. I've also done a chgrp/chmod so that their content is all in group `eximdev` and has group-write permission. I've run the periodic maintenance task:

[exim-dev] Debian CI testing of Exim

The tests run appear to be very limited right now, but it might be worth figuring out if Exim can make it easier to use more of the current test suite: https://ci.debian.net/packages/e/exim4/unstable/amd64/ -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim

Re: [exim-dev] El Capitan devs wanted

On 2015-12-02 at 14:43 +, Jeremy Harris wrote: > Do we have anybody out there doing development work on MacOS? > (Come to that, do we have any users?) Me, though not MacOS-specific. Golang work with Mac as my local system. I've occasionally built Exim for laptops, but usually log into other

Re: [exim-dev] exim .editorconfig -- any objections?

On 2015-08-28 at 23:01 +0200, Heiko Schlittermann wrote: > Phil Pennock <p...@exim.org> (Fr 28 Aug 2015 20:59:16 CEST): > > I'm not inclined to rush to bulk-edit every file for a New World Order. > > I'd rather see people get comfortable with this approach and then, if >

Re: [exim-dev] exim .editorconfig -- any objections?

On 2015-08-28 at 15:40 +0200, Heiko Schlittermann wrote: Jeremy Harris j...@wizmail.org (Fr 28 Aug 2015 15:12:22 CEST): I _think_ that it reflects what's as close to common practice as we come. If it works with whatever vi-de-jour I happen to be using, I guess it's ok. I see vim is

[exim-dev] 4.86-rc4 issues / notes

In 4.86-RC4 setting the DISABLE_PRDR compile-time option results in inability to compile. There are also a number of complaints from my compiler which might be of interest. At this point in the RC process, given that I'm not driving things, I'm keeping myself to _just_ fixing the two compilation

Re: [exim-dev] Exim 4.86 RC2 uploaded

On 2015-06-17 at 20:09 +0200, Andreas Metzler wrote: On 2015-06-15 Jeremy Harris j...@wizmail.org wrote: [rc2] Please report issues here in exim-dev, or in the exim-user mailinglist, or by raising bugs on http://bugs.exim/org Hello, I have just uploade to rc2 to Debian/experimental.

[exim-dev] git.exim.org SSH fingerprints public statement

, both 1024 bits. There is no DSA key on the new box. The IP addresses can be seen in https://github.com/Exim/exim-dns/blob/master/exim.org.lua and note that commit `67657780` by me (in 2013) set the IP addresses. - -Phil Pennock, p...@exim.org -BEGIN PGP SIGNATURE- iQIcBAEBAgAGBQJVR

[exim-dev] [Bug 1623] macro expansion in -be '...'

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1623 Phil Pennock p...@exim.org changed: What|Removed |Added

[exim-dev] [Bug 1623] macro expansion in -be '...'

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1623 --- Comment #2 from Phil Pennock p...@exim.org 2015-04-28 23:16:31 --- Supporting context for that assertion: this require admin user priv is the trade-off I

[exim-dev] Fwd: Fix mobile usability issues found on http://www.exim.org/

This seems to be a new set of analysis tools, got warnings like this for my own site too. I don't recall off-hand who has access to the account for the Google Webmaster stuff for managing www.exim.org; if there's anyone who wants to handle website stuff who doesn't have that access, but think you

[exim-dev] [Bug 1598] The 'inlist' expansion condition does not expand a named list

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1598 Phil Pennock p...@exim.org changed: What|Removed |Added

[exim-dev] [Bug 1590] outbound SOCKS proxy support

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1590 --- Comment #1 from Phil Pennock p...@exim.org 2015-02-23 01:01:35 --- Authentication is going to be necessary for any of the real-world scenarios where I'd have

Re: [exim-dev] EXPERIMENTAL_PROXY clarification

On 2015-02-10 at 14:58 +, matthew.schlos...@thomsonreuters.com wrote: The why without? question is answered with a long litany of security regulations, privacy laws and way too much privileged detail to make public. We currently use Sendmail, but as you may know, it doesn't scale well

[exim-dev] [Bug 1580] 【remote exec vulnerability】

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1580 --- Comment #2 from Phil Pennock p...@exim.org 2015-01-28 18:54:16 --- In particular, for the record so that folks know why this is being dismissed so readily

[exim-dev] [Bug 1578] Solaris 8 build with TLS failed due to undefined setenv/unsetenv

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1578 Phil Pennock p...@exim.org changed: What|Removed |Added

Re: [exim-dev] XCLIENT patch to Exim; Cambridge

On 2015-01-16 at 00:52 +, Jeremy Harris wrote: We need, I think: - project sponsor If Tony, at Cam, can handle it, that would be ideal; otherwise, I seem to have already done more work than we usually do for any feature being merged from a submitted patch. ;) (Of course, we also need more

[exim-dev] XCLIENT patch to Exim; Cambridge

FreeBSD is carrying a local patch to Exim, adding XCLIENT support. The ticket requesting its addition is at: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=133891 and there's no indication given there about why this was aimed directly at one OS's packaging, rather than at upstream. The

Re: [exim-dev] cmdline scanner checks pclose() output, this breaks existing deployments

On 2014-12-01 at 02:39 +, Viktor Dukhovni wrote: On Mon, Dec 01, 2014 at 12:48:47AM +0100, Heiko Schlittermann wrote: the above line needs to be: av_scanner = cmdline:{ /bin/scan %s || true; }:trigger:re which is quite ugly. At least it should find it's way into the spec

[exim-dev] [Bug 1141] remote_smtp reuse when should not be

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1141 --- Comment #8 from Phil Pennock p...@exim.org 2014-11-14 12:21:16 --- I disappeared into a day job where the closest I come to running mail systems is having

[exim-dev] [Bug 1536] GPL does not cover modifications that aren't distributed

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1536 --- Comment #10 from Phil Pennock p...@exim.org 2014-11-04 21:12:12 --- The content of attachment 759 has been deleted by Phil Pennock p...@exim.org who

[exim-dev] [Bug 1536] GPL does not cover modifications that aren't distributed

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1536 --- Comment #6 from Phil Pennock p...@exim.org 2014-11-04 00:21:39 --- Two clarifications following some discussion between the maintainers: (1) Exim provides

[exim-dev] [Bug 1536] GPL does not cover modifications that aren't distributed

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1536 Phil Pennock p...@exim.org changed: What|Removed |Added

[exim-dev] [Bug 1536] GPL does not cover modifications that aren't distributed

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1536 Phil Pennock p...@exim.org changed: What|Removed |Added

[exim-dev] [Bug 1535] Option for SSL/TLS Protocol configuration missing/required

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1535 --- Comment #1 from Phil Pennock p...@exim.org 2014-10-16 00:44:00 --- Which OS, with which TLS library? With OpenSSL, you set: openssl_options = +no_sslv2

[exim-dev] [Bug 1535] Option for SSL/TLS Protocol configuration missing/required

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1535 --- Comment #2 from Phil Pennock p...@exim.org 2014-10-16 00:49:32 --- Looks like the GnuTLS Priority String to use is: NORMAL:%LATEST_RECORD_VERSION:-VERS

[exim-dev] [Bug 1526] Solaris 11: error compiling since exim 4.83 - Undefined symbol timegm first referenced in file tls.o

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1526 Phil Pennock p...@exim.org changed: What|Removed |Added

[exim-dev] [Bug 1523] DANE support under GnuTLS

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1523 --- Comment #2 from Phil Pennock p...@exim.org 2014-09-03 01:13:51 --- The exbot42 build farm agent is using unbound as its local resolver. Todd, shout if you

[exim-dev] DANE work

My jaw dropped when I returned to my list index view and saw just how many patches came in from work this weekend by Todd and Jeremy to implement DANE in Exim. Seriously good work which makes me very happy and feeling that I owe drinks to you both. Thank you for picking up where I totally

[exim-dev] [Bug 1518] router condition silently ignored if too many back braces

--- You are receiving this mail because: --- You are on the CC list for the bug. http://bugs.exim.org/show_bug.cgi?id=1518 --- Comment #8 from Phil Pennock p...@exim.org 2014-08-28 20:41:45 --- For clarity: it's a mis-feature, and when PH wrote the ACL system, he used a much more

  1   2   3   4   5   6   7   8   >