date:20210504

[exim] prefer IPv6 over v4?

2021-05-04 Thread Dan Egli via Exim-users

Hey everyone, quick question, more an idle thought. When exim looks up a mail to be delivered via remote_smtp, it seems to always prefer to use IPv4 even when a v6 address is available. For example, in my log I see a message delivered to a gmail address. But both Source and Destination IPs are

[exim] tainted filname issue

2021-05-04 Thread Dan Egli via Exim-users

I just upgraded to 4.94.2, and most everything is working fine. But I'm getting an issue on DKIM signings with tainted filename. I looked over the list and tried to apply the same fix I've seen used before, but I guess I'm not understanding it. Here's my dkim_private_key statement:

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Heiko Schlittermann via Exim-users

Jeremy Harris via Exim-users (Mi 05 Mai 2021 00:11:59 CEST): > Having made me go and look... that is what I did, in b8514d1960 > (which is since 4.94). A comma-sep option "file=/foo" after > the word "sqlite". Yes, that's what I found. But I can't see this neither in 4.94, or 4.94+fixes.

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Jeremy Harris via Exim-users

On 04/05/2021 22:33, Evgeniy Berdnikov via Exim-users wrote: On Tue, May 04, 2021 at 08:39:43PM +0100, Jeremy Harris via Exim-users wrote: On 04/05/2021 20:10, Victor Ustugov via Exim-users wrote: Why? Many years it was possible to execute queries to different SQLite databases. Why do you want

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Evgeniy Berdnikov via Exim-users

On Tue, May 04, 2021 at 08:39:43PM +0100, Jeremy Harris via Exim-users wrote: > On 04/05/2021 20:10, Victor Ustugov via Exim-users wrote: > > Why? Many years it was possible to execute queries to different SQLite > > databases. Why do you want to drop this feathure? > > The syntax doesn't fit

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Jeremy Harris via Exim-users

On 04/05/2021 20:10, Victor Ustugov via Exim-users wrote: Why? Many years it was possible to execute queries to different SQLite databases. Why do you want to drop this feathure? The syntax doesn't fit being able to check for tainted data being used. We need to invent some new syntax in order

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Victor Ustugov via Exim-users

Heiko Schlittermann via Exim-users wrote on 04.05.2021 20:34: >>> I cannot find any reference to the syntax you're using. >>> Maybe I'm stupid. >> >> https://lists.exim.org/lurker/message/20200606.183617.325a7016.en.html >> >>

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Heiko Schlittermann via Exim-users

Hi Victor, Victor "Ustugov" via Exim-users (Di 04 Mai 2021 18:54:09 CEST): > > I cannot find any reference to the syntax you're using. > > Maybe I'm stupid. > > https://lists.exim.org/lurker/message/20200606.183617.325a7016.en.html > >

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Victor "Ustugov" via Exim-users

Heiko Schlittermann via Exim-users wrote on 04.05.2021 19:29: > Heiko Schlittermann via Exim-users (Di 04 Mai 2021 > 17:44:23 CEST): >> Odhiambo Washington via Exim-users (Di 04 Mai 2021 >> 17:00:36 CEST): >>> On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users < >>> temporarily

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Heiko Schlittermann via Exim-users

Heiko Schlittermann via Exim-users (Di 04 Mai 2021 17:44:23 CEST): > Odhiambo Washington via Exim-users (Di 04 Mai 2021 > 17:00:36 CEST): > > On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users < > > temporarily rejected after DATA: failed to expand ACL string "${lookup > >

Re: [exim] Exim 4.94.2 - security update released (DANE fix)

2021-05-04 Thread Viktor Dukhovni via Exim-users

The DANE fix: - ob->tls_sni = sx->first_addr->domain; /* force SNI */ + ob->tls_sni = sx->conn_args.host->name; /* force SNI */ replaces the recipient domain with the MX hostname. When the MX host is a CNAME, is that necessarily the same as the

Re: [exim] Exim 4.94.2 - security update released

2021-05-04 Thread Heiko Schlittermann via Exim-users

Kai Bojens via Exim-users (Di 04 Mai 2021 17:28:41 CEST): > Am 04.05.21 um 15:40 schrieb Heiko Schlittermann via Exim-users: > „These vulnerabilities were reported by Qualys via secur...@exim.org back in > October 2020.” > > Please don't take this the wrong way - but I have to ask: is the Exim

[exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

2021-05-04 Thread Heiko Schlittermann via Exim-users

Odhiambo Washington via Exim-users (Di 04 Mai 2021 17:00:36 CEST): > On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users < > temporarily rejected after DATA: failed to expand ACL string "${lookup > sqlite,file=/var/spool/exim/db/greylist.db {SELECT host from resenders > WHERE

Re: [exim] Exim 4.94.2 - security update released

2021-05-04 Thread Kai Bojens via Exim-users

Am 04.05.21 um 15:40 schrieb Heiko Schlittermann via Exim-users: Local vulnerabilities - CVE-2020-28007: Link attack in Exim's log directory - CVE-2020-28008: Assorted attacks in Exim's spool directory - CVE-2020-28014: Arbitrary PID file creation - CVE-2020-28011: Heap

Re: [exim] Exim 4.94.2 - security update released

2021-05-04 Thread Odhiambo Washington via Exim-users

On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users < exim-users@exim.org> wrote: > Dear Exim-Users > > Abstract > > > Several exploitable vulnerabilities in Exim were reported to us and are > fixed. > > We have prepared a security release, tagged as "exim-4.94.2". > > This

[exim] Exim 4.94.2 - security update released

2021-05-04 Thread Heiko Schlittermann via Exim-users

Dear Exim-Users Abstract Several exploitable vulnerabilities in Exim were reported to us and are fixed. We have prepared a security release, tagged as "exim-4.94.2". This release contains all changes on the exim-4.94+fixes branch plus security fixes. You should update your Exim

[exim] prefer IPv6 over v4?

[exim] tainted filname issue

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Exim 4.94.2 - security update released (DANE fix)

Re: [exim] Exim 4.94.2 - security update released

[exim] Sqlite Lookup absolute filename (was Exim 4.94.2 - security update released)

Re: [exim] Exim 4.94.2 - security update released

Re: [exim] Exim 4.94.2 - security update released

[exim] Exim 4.94.2 - security update released

16 matches

Site Navigation

Mail list logo

Footer information