Re: [exim-dev] [Bug 2816] Repeated deliveries to yahoo.co.jp

2021-10-22 Thread Simon Arlott via Exim-dev 
It is likely that pipelining the QUIT results in the connection being
closed with outgoing data discarded. It's entirely possible that a
stateful firewall decides not to allow the half-closed connection to
transfer the remaining data.

A packet capture of this issue would be useful.

-- 
Simon Arlott

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] [exim-announce] Exim 4.95-RC2 released

2021-08-24 Thread Simon Arlott via Exim-dev 

On 2021-08-24 16:12, Heiko Schlittermann via Exim-announce wrote:

We expect this RC being the last one before the final release.


There are still two unresolved bugs in the changes made for
https://bugs.exim.org/show_bug.cgi?id=2631

My patches to fix those bugs and add a "dnslist_valid_addresses"
configuration option to this have been unreviewed for over 5 months now.

--
Simon Arlott

--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] [Bug 2801] Best sites to download free antivirus

2021-08-19 Thread Simon Arlott via Exim-dev 

On 2021-08-19 10:22, Richard James Salts via Exim-dev wrote:
On Thursday, 19 August 2021 6:45:49 PM AEST admin--- via Exim-dev 
wrote:

https://bugs.exim.org/show_bug.cgi?id=2801

Jeremy Harris  changed:

   What|Removed |Added

Resolution|--- |SPAM
 Status|NEW |RESOLVED
  Group||exim-security


Any idea why spammers are targetting exim bugzilla all of a sudden?


Perhaps because it has no rel="follow" on the links so search engines 
can index them?


--
Simon Arlott

--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] Exim 4.95-RC1 released

2021-08-17 Thread Simon Arlott via Exim-dev 
On 28/07/2021 08:35, Heiko Schlittermann via Exim-announce wrote:
> The Exim 4.95-RC1 is available

There are still two unresolved bugs in the changes made for
https://bugs.exim.org/show_bug.cgi?id=2631

My patches to fix those bugs and add a "dnslist_valid_addresses"
configuration option to this have been unreviewed for over 5 months now.

-- 
Simon Arlott

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] Documentation build

2020-06-03 Thread Simon Arlott via Exim-dev 

On 2020-06-02 23:20, Jeremy Harris via Exim-dev wrote:

Thanks.  Is this a stable interface to the library,
and usable across a range of platforms some of which
will have earlier versions?


I think it has been there for a while and the default has only changed
recently. I think it also takes in a hash so it'll accept anything?

--
Simon Arlott

--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] Documentation build

2020-06-02 Thread Simon Arlott via Exim-dev 
On 02/06/2020 21:47, Jeremy Harris via Exim-dev wrote:
> /tmp/exim-packaging-vswB/tmp/spec.xml:789: parser error : Entity 'ndash'
> not defined
> messages in its queue  that is, those that it is in the process of
> 
> - for several different, but basic-looking, entity types.
> ndash, copy and nbsp.  According to wikipedia these are known things;
> just single glyphs.

They're only known in HTML; they're not part of XML by default.


Fedora 31 uses perl-XML-LibXML v2.0201
Fedora 32 uses perl-XML-LibXML v2.0205
The changes are here: 
https://github.com/shlomif/perl-XML-LibXML/compare/XML-LibXML-2.0201...XML-LibXML-2.0205

Version 2.0202 stops loading HTML entities by default.
Fix here: 
https://github.com/Exim/exim-website/compare/master...nomis:perl-xml-libxml-2.0202-fix


There are also currently syntax errors in master on GitHub:
https://github.com/Exim/exim/compare/master...nomis:doc-fix

-- 
Simon Arlott

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] callout message patches, bug #423

2020-05-01 Thread Simon Arlott via Exim-dev 

On 2020-05-01 10:03, Andrew C Aitchison via Exim-dev wrote:

On Fri, 1 May 2020, Simon Arlott via Exim-dev wrote:

I'm still waiting for my patches for callout messages,
https://bugs.exim.org/show_bug.cgi?id=423 to be looked at.


Assuming that the "gateway" smtp server has raised access to the
call-forward host, what sort of internal information could be leaked
or probed with this new feature ? Does this risk need to be documented 
?


That is not the new feature. Exim already does that by default and it
can be configured to hide the detail.

The problem I have is that the information is not logged and is not
available in a variable so I can't include it with other messages.

I also can't handle the "defer" outcome in an ACL without losing the
automatic SMTP-level responses that Exim does have.

--
Simon Arlott

--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] Next release starting; will be 4.94; RC 0 published

2020-05-01 Thread Simon Arlott via Exim-dev 

On 2020-04-30 14:31, Jeremy Harris via Exim-dev wrote:

As usual for our run-up to release, new features are still being
accepted at this early stage.


I'm still waiting for my patches for callout messages,
https://bugs.exim.org/show_bug.cgi?id=423 to be looked at.

--
Simon Arlott

--
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] [Bug 423] callout verify failure message as a variable

2020-02-29 Thread Simon Arlott via Exim-dev 
On 16/02/2020 12:26, admin--- via Exim-dev wrote:
> I've updated the patch series to apply to the latest master branch.
> 
> The tests had to be renumbered from 0584-0586 to 0630-0632 to avoid 
> conflicting
> with other new tests.
> 
> The "control = no_warn_skipped" feature is now added first, otherwise all of
> the tests get warning log lines that then get removed in a later patch.
> 
> I have added a more comprehensive set of tests that handle command timeouts 
> and
> dropped connections.
> 
> Some attributions of error messages for "fullpostmaster" have been corrected,
> and the test for this fixed to avoid trying to send another "RCPT TO" if the
> previous commands failed to receive a response.

Could someone review these patches? I'd like to get them into Exim so I
don't have to try and maintain them as patches against later versions.

-- 
Simon Arlott

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] Mailop list: exim and google fighting over DKIM

2019-04-29 Thread Simon Arlott via Exim-dev 
On 29/04/2019 20:06, Graeme Fowler via Exim-dev wrote:
> The gist of the discussion (I’m a mailop subscriber) is manyfold:
> 4. Signed messages inbound to mailop.org (and other lists!) from 
> Debian-derived and other setups using the default macro defined in pdkim.h 
> can have headers added which have been declared signed when they’re not 
> present*
> * this is the bit I’m confused by; I have a large historical pile of messages 
> to lists from me and I can’t see a signature with those headers included 
> despite me using the defaults for a long period.

The list of headers has not changed but the behaviour has. I'm using
Exim 4.86.2 and it doesn't do this. The documented behaviour of the
latest version is that it will sign them if they're absent.

I use a custom pairing of IPv4-only followed by IPv4+IPv6 routers for
all hosts to avoid Google's actively hostile behaviour towards IPv6.

-- 
Simon Arlott

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] [Bug 2341] delay_warning failing to send messages

2018-12-06 Thread Simon Arlott via Exim-dev 
On 06/12/2018 00:02, Jasen Betts via Exim-dev wrote:
> NDRs go to the envelope sender, so they will bounce back to a single
> address (per message), but there can be several "delayed" messages and
> a single bounce (retry timeout exceeded) for each input, so that
> provides small-scale amplification, until the timeout is reached,
> after that no amplification.
> 
> where available SPF is one mitigation for this. It prevents the attacker 
> from forging the sender address.

Alternatively, set delay_warning_condition to only send warnings if the
email was sent by one of your own users.

-- 
Simon Arlott

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Re: [exim-dev] committers

2018-02-03 Thread Simon Arlott via Exim-dev 
On 03/02/18 17:03, Jeremy Harris wrote:
> On 03/02/18 16:55, Andreas Metzler wrote:
>> On 2018-02-03 Jeremy Harris  wrote:
>>> Who is "Vladimir Panteleev "
>>> and how did he acquire commit rights?
>> 
>> I do not think he has commit rights, this was a github pull request.
>> 
>> https://github.com/Exim/exim/pull/61
> 
> Thing is, the commits have him listed as committer
> (as well as Author, which I'm not concerned about.  Nor the
> actual content changes.)
> 
> 
> Previouly for commits done using content supplied by other people
> we have set the Author and left the Committer saying who did
> the commit.  I'd like that to continue.

It's a header property of the commit and doesn't mean that they have
access to the repository on GitHub. There's nothing to be concerned
about and no reason not to merge commits unmodified in this way.

-- 
Simon Arlott

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##