Hey everyone, quick question, more an idle thought. When exim looks up a
mail to be delivered via remote_smtp, it seems to always prefer to use
IPv4 even when a v6 address is available. For example, in my log I see a
message delivered to a gmail address. But both Source and Destination
IPs are
I just upgraded to 4.94.2, and most everything is working fine. But I'm
getting an issue on DKIM signings with tainted filename. I looked over
the list and tried to apply the same fix I've seen used before, but I
guess I'm not understanding it. Here's my dkim_private_key statement:
Jeremy Harris via Exim-users (Mi 05 Mai 2021 00:11:59
CEST):
> Having made me go and look... that is what I did, in b8514d1960
> (which is since 4.94). A comma-sep option "file=/foo" after
> the word "sqlite".
Yes, that's what I found. But I can't see this neither in 4.94, or
4.94+fixes.
On 04/05/2021 22:33, Evgeniy Berdnikov via Exim-users wrote:
On Tue, May 04, 2021 at 08:39:43PM +0100, Jeremy Harris via Exim-users wrote:
On 04/05/2021 20:10, Victor Ustugov via Exim-users wrote:
Why? Many years it was possible to execute queries to different SQLite
databases. Why do you want
On Tue, May 04, 2021 at 08:39:43PM +0100, Jeremy Harris via Exim-users wrote:
> On 04/05/2021 20:10, Victor Ustugov via Exim-users wrote:
> > Why? Many years it was possible to execute queries to different SQLite
> > databases. Why do you want to drop this feathure?
>
> The syntax doesn't fit
On 04/05/2021 20:10, Victor Ustugov via Exim-users wrote:
Why? Many years it was possible to execute queries to different SQLite
databases. Why do you want to drop this feathure?
The syntax doesn't fit being able to check for tainted data being used.
We need to invent some new syntax in order
Heiko Schlittermann via Exim-users wrote on 04.05.2021 20:34:
>>> I cannot find any reference to the syntax you're using.
>>> Maybe I'm stupid.
>>
>> https://lists.exim.org/lurker/message/20200606.183617.325a7016.en.html
>>
>>
Hi Victor,
Victor "Ustugov" via Exim-users (Di 04 Mai 2021 18:54:09
CEST):
> > I cannot find any reference to the syntax you're using.
> > Maybe I'm stupid.
>
> https://lists.exim.org/lurker/message/20200606.183617.325a7016.en.html
>
>
Heiko Schlittermann via Exim-users wrote on 04.05.2021 19:29:
> Heiko Schlittermann via Exim-users (Di 04 Mai 2021
> 17:44:23 CEST):
>> Odhiambo Washington via Exim-users (Di 04 Mai 2021
>> 17:00:36 CEST):
>>> On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users <
>>> temporarily
Heiko Schlittermann via Exim-users (Di 04 Mai 2021
17:44:23 CEST):
> Odhiambo Washington via Exim-users (Di 04 Mai 2021
> 17:00:36 CEST):
> > On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users <
> > temporarily rejected after DATA: failed to expand ACL string "${lookup
> >
The DANE fix:
- ob->tls_sni = sx->first_addr->domain; /* force SNI */
+ ob->tls_sni = sx->conn_args.host->name; /* force SNI */
replaces the recipient domain with the MX hostname.
When the MX host is a CNAME, is that necessarily the same as
the
Kai Bojens via Exim-users (Di 04 Mai 2021 17:28:41 CEST):
> Am 04.05.21 um 15:40 schrieb Heiko Schlittermann via Exim-users:
> „These vulnerabilities were reported by Qualys via secur...@exim.org back in
> October 2020.”
>
> Please don't take this the wrong way - but I have to ask: is the Exim
Odhiambo Washington via Exim-users (Di 04 Mai 2021
17:00:36 CEST):
> On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users <
> temporarily rejected after DATA: failed to expand ACL string "${lookup
> sqlite,file=/var/spool/exim/db/greylist.db {SELECT host from resenders
> WHERE
Am 04.05.21 um 15:40 schrieb Heiko Schlittermann via Exim-users:
Local vulnerabilities
- CVE-2020-28007: Link attack in Exim's log directory
- CVE-2020-28008: Assorted attacks in Exim's spool directory
- CVE-2020-28014: Arbitrary PID file creation
- CVE-2020-28011: Heap
On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users <
exim-users@exim.org> wrote:
> Dear Exim-Users
>
> Abstract
>
>
> Several exploitable vulnerabilities in Exim were reported to us and are
> fixed.
>
> We have prepared a security release, tagged as "exim-4.94.2".
>
> This
Dear Exim-Users
Abstract
Several exploitable vulnerabilities in Exim were reported to us and are
fixed.
We have prepared a security release, tagged as "exim-4.94.2".
This release contains all changes on the exim-4.94+fixes branch plus
security fixes.
You should update your Exim
16 matches
Mail list logo