On Wed, Jul 24, 2019 at 11:29:21AM +0100, Jeremy Harris via Exim-users wrote:
> On 19/07/2019 08:12, Viktor Dukhovni via Exim-users wrote:
> > On Fri, Jul 19, 2019 at 09:15:26AM +0300, Evgeniy Berdnikov via Exim-users
> > wrote:
> >>> Might there be a dnssec-related difference?
> >>
> >>
On 7/23/2019 9:58 AM, Calum Mackay via Exim-users wrote:
hi Phillip,
If your Linux system was successfully hacked, you may see changes to:
/etc/cron.d/root
/etc/crontab
/root/.ssh/authorized_keys
/root/.ssh/known_hosts
(or the Centos equivalent, above was from a Debian system)
Hi Calum,
On 19/07/2019 08:12, Viktor Dukhovni via Exim-users wrote:
> On Fri, Jul 19, 2019 at 09:15:26AM +0300, Evgeniy Berdnikov via Exim-users
> wrote:
>>> Might there be a dnssec-related difference?
>>
>> Definitely NO, because this difference is in client's initial packets.
>
> Actually, the
Thanks for your help. I've been away for a few days and not able to test
things. Here's the results of what you ask:
On Fri, Jul 19, 2019 at 01:08:28AM +0300, Evgeniy Berdnikov via Exim-users
wrote:
[SNIP]
> Quite puzzling... The only difference I see here is the presence of one
> authority
On 2019-07-23, Gary Stainburn via Exim-users wrote:
> In my user filter I have a number of entries similar to
>
> if ($h_from: matches "user@domain") or
> ($h_to: matches "user@domain") or
> ($h_cc: matches "user@domain") then
> deliver mobileph...@mydomain.com
> seen
> finish
> endif