Re: [exim] Enable TLS with basic Exim4 config

Hi, John Smith (Mi 14 Jun 2017 07:41:03 CEST): >Hello Heiko, > >When I used exim-gencert, I set the FQDN name of the Exim server in the >field "Server name (eg. ssl.domain.tld; required!!!) [])". So here I >think it's good. I do not known exim-gencert, but

Re: [exim] Enable TLS with basic Exim4 config

be uncomfortable with your self signed certificate. Mail clients typically want to see a certificate with a matching CN or SAN (matching the host's name they connect to). You can debug it using tcpdump, to see if TB at least tries to use TLS Best regards from Dresden/Germany Viele Grüße aus Dresd

Re: [exim] Start working with exim config files

cal transports. This new instance reads the configuration file again, which in turn may create confusing results. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl

Re: [exim] Logfile format corruption

Heiko Schlittermann via Exim-users <exim-users@exim.org> (Mi 07 Jun 2017 21:47:28 CEST): > Hi Klaus, I found it and will prepare a patch later. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de

Re: [exim] Logfile format corruption

Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked s

Re: [exim] Calling a PERL script

oo powerful! Uhm… The return code? You return the number of days as return code? What if the domain is registered for >254 days? I'd send the days to stdout, using the return code only to indicate some error! Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlitter

Re: [exim] Logfile format corruption

Klaus Ethgen (Do 01 Jun 2017 07:37:16 CEST): > > But sometimes, it looks like the following (note the line break in the > middle): >|2017-05-30 11:22:38 1dFdMM-0001w2-Jo DKIM: d=powermtapro.com > s=1494427074.powermtapro c=relaxed/relaxed a=rsa-sha1 b=1024

Re: [exim] Retry Rules

it. PS: Please do not sent me a Cc of your messages, I'm reading the lists. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.

Re: [exim] Retry Rules

Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID

Re: [exim] Uncaught lseek error

hould be a bit more clear, though. Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- k

Re: [exim] wrong result of dnsdb lookup

t using a separator. ${lookup dnsdb{>\n,: txt=a.b.example}} ${lookup dnsdb{>\n; txt=a.b.example}} ${lookup dnsdb{spf=example.org}} It is permitted to specify a space as the separator character. Further white space is ignored. Best regards from Dresden/Ger

Re: [exim] wrong result of dnsdb lookup

Heiko Schlittermann <h...@schlittermann.de> (Mo 08 Mai 2017 22:36:50 CEST): > Victor Ustugov <vic...@corvax.kiev.ua> (Mo 08 Mai 2017 18:37:56 CEST): > … > > Other examples: > > > > # exim -be '${lookup dnsdb{defer_never,txt=d201702._domainkey.e

Re: [exim] wrong result of dnsdb lookup

Victor Ustugov (Mo 08 Mai 2017 18:37:56 CEST): … > Other examples: > > # exim -be '${lookup dnsdb{defer_never,txt=d201702._domainkey.exim.org}}' > v=DKIM1; k=rsa; >

Re: [exim] error in ACL: unknown ACL condition/modifier in "demime = *"

versions of Exim the demime ACL condition isn't supported anymore (since and including Exim 4.88). You need to use MIME ACL (acl_smtp_mime). Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & un

Re: [exim] Auto Responder / Vacation issue

ing vital information. (An empty envelope isn't a strong indication for spam.) So, unconditional blocking empty envelope senders isn't a good idea. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet &

Re: [exim] Exim as transparent Rewrite Gateway

write meeting requests > and other types of mails coming from and to an exchange server This reads like content modification. In theory it's possible via transport filters (or even in the DATA ACL (while this isn't officially supported, as the ACL are designed for *evaluating*, not for m

Re: [exim] BCC Filter not working

e good, that there is no BCC: header field. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted

Re: [exim] Execute command as part of a Look-up

your case. And read carefully about spaces near the description of ${run{…}} Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}:

Re: [exim] Add custom headers for DKIM, SPF, DMARC check status

ast you could set an ACL variable in the DKIM ACL, and in the DATA ACL you can check for this variable, as the DKIM ACL is run *before* the DATA ACL, isn't it? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ----

Re: [exim] Removing all headers with the same prefix

_remove headers_add = $acl_m_headers_add But, please note, this solution has not been reviewed for a long time, but it is in use currently and seems to work. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -

Re: [exim] Exim Filter To block Outgoing Email

data = monitor...@domainone.com Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted

Re: [exim] require verify = sender description

s from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - !

Re: [exim] exim -bt not working

Alvaro Lacerda (Mi 05 Apr 2017 18:16:55 CEST): > Hi Heiko, > > Thanks for the info and help. I installed exim from the yum command from a > Centos 7.3.1611 machine. > > I talked to one of my coworkers and figured out that I was missing the sql > plugin for exim, so that's

Re: [exim] NDR

Tech Gurus via Exim-users (Di 04 Apr 2017 16:15:29 CEST): > What is the best way to handle it at the door? . If sender is sending to > list of recipients and one of them is not valid email . You should check the recipient at SMTP time in your ACL (hint: verify = recipient in

Re: [exim] exim -bt not working

check for passwords or similiar stuff*. [deleted 28 lines disclaimer] Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}:

Re: [exim] Problems with chunking in 4.89 too

Jeremy, Jeremy Harris (So 02 Apr 2017 13:01:32 CEST): … > >>> will write message using CHUNKING > >>> SMTP>> BDAT 10858271 LAST > >>> LOG: MAIN > >>> SSL_write: (from mout.kundenserver.de [212.227.17.24]:58868) syscall: > >>> Broken pipe > >>> SMTP(close)>> > >> > >> Does

Re: [exim] SSL3_GET_CLIENT_HELLO No shared cipher - when SSLv3 disabled?

Viktor Dukhovni (Do 30 Mär 2017 16:52:38 CEST): … > I don't know whether Exim needs to be restarted to change > certificates, or picks up new certs automatically as clients > connect. I suspect the latter, with the TLS context > created and destroyed per connection.

Re: [exim] Problems with chunking in 4.89 too

it delivers to my server (provided that you con't carry sensitive information in your message) Can you force the delivery of the specific message using `exim -d+transport -M ` and provide the last parts of the log? Best regards from Dresden/Germany Viele Grüße aus Dresden

Re: [exim] Problems with chunking in 4.89 too

s to my server (provided that you con't carry sensitive information in your message) Can you force the delivery of the specific message using `exim -d+transport -M ` and provide the last parts of the log? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlitterma

Re: [exim] host IP whitelist

|Routers/Transports -+--- add_header |headers_add remove_header|headers_remove Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - H

Re: [exim] host IP whitelist

plsearch is probably what you want, it seems to be simpler than your condition. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}:

Re: [exim] Exim 4.88: LMTP over TCP timeouts

Hi, Peter Rindfuss (Di 07 Mär 2017 10:28:59 CET): > We are using Exim 4.88 on Debian with a non-Debian config. We deliver to > our mailboxes on a separate Dovecot IMAP machine using LMTP over TCP > (SMTP transport). A few times a day we see "Connection timed out" on the >

Re: [exim] Exim installation problem

Hi, hamza elajimi via Exim-users (Di 07 Mär 2017 13:11:02 CET): > Hi everyone, > > I already known about EXIM, and started to install it on solaris 10 SPARC, > but when I launch the install I alaways get this error : > > mkdir -p /opt/csw > sed -e \ >

Re: [exim] Ongoing email issues

Hi Daryl, Daryl Richards via Exim-users (Mo 27 Feb 2017 22:16:17 CET): > Hello, > > I don't know if this is related to any of the other crash issues reported > lately, so I'll start a new message in case it isn't. > > Two different servers, both on FreeBSD 10.3, both with

Re: [exim] Exim 4.88(9): failed to read pipe from transport

Mikhail Golub (Do 23 Feb 2017 09:53:42 CET): > Hello. > > Please help solve a problem with send mail to many users via smtp transport > with TLS (Exim 4.88 or 4.89 RC5). > == user@domain R=exchange_router_user T=exchange_transport > defer (0) H=10.0.1.1

[exim] [SOLVED partially] Problems with inbound connections from outlook.com

Heiko Schlittermann <h...@schlittermann.de> (Do 23 Feb 2017 10:03:36 CET): > Hi, > > we're operating a legacy system with Exim 4.80 (the Debian build). It > uses GnuTLS 2.12.20. We do *not* use the Debian configuration scheme but > an own one. If I build an Exim 4.88

[exim] Problems with inbound connections from outlook.com

_tidyup called 00:35:19 24960 child 24998 ended: status=0x100 00:35:19 24960 normal exit, 1 00:35:19 24960 0 SMTP accept processes now running 00:35:19 24960 Listening... Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---

Re: [exim] comments in host lists?

Marc Haber (Mi 22 Feb 2017 20:58:47 CET): > Hi, > > I have in an ACL: > > | deny > |message = sender IP address $sender_host_address is locally blacklisted > here. If you think this is wrong, get in touch with postmaster > |!acl = acl_local_deny_exceptions

Re: [exim] $sender_host_address is localhost - it is wrong

sages? Do you have examples wher Exim doesn't set the $sender_host_address to 127.0.0.1? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fo

Re: [exim] how to distribute outbound mail over multiple hosts?

very attempt. And, as a next step, you can insert a new router for forwarding your messages to the new outbound server. new_outbound: driver = manualroute condition = Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN

Re: [exim] Exim 4.89 RC2 uploaded (openssl-only)

Hi, Torsten Tributh via Exim-users (Di 07 Feb 2017 06:01:45 CET): > > > I assume that an email address constructed like: >mail+u...@example.org > is legit. Yes. To my knowlegde, it's legit. > I have a very short DATA ACL > > deny > message = No verifiable

Re: [exim] ''multidomain'' DKIM: sender or from?

ontains more than one address, the Sender: field *must* be present. So, I believe, you should check From: *and* Sender: Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Sch

Re: [exim] [Pkg-exim4-users] rspamd spam scanning fails after upgrade to 4.88 bpo on jessie

Jeremy Harris (Do 26 Jan 2017 20:21:13 CET): > On 26/01/17 18:45, Thomas Hager wrote: > > While binding its listen ports, Exim tries to set TCP_FASTOPEN via > > setsockopt() on the sockets the daemon created. All of these calls fail > > with ENOPROTOOPT. > > Aha, right. You're

Re: [exim] [Pkg-exim4-users] rspamd spam scanning fails after upgrade to 4.88 bpo on jessie

Hi Thomas, Thomas Hager (Mi 25 Jan 2017 22:09:33 CET): > On Wed, 2017-01-25 at 08:19 +0100, Andreas Metzler wrote: > > Thomas Hager wrote: > > > I updated Exim on my jessie box to 4.88-4~bpo8+1 a few days ago and > > > discovered about now that the update broke

Re: [exim] SMTP VRFY (was: gotcha: chunking and predata)

st". Does anybody have more information on that? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1

[exim] poor man's cpanel/ispconfig/whatever. vexim?

not need (and should not) deal with DNS and Webhosting. Just mail. I'm lacking experience… VExim - is it still maintained? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - H

[exim] SMTP VRFY (was: gotcha: chunking and predata)

Jeremy Harris <j...@wizmail.org> (Do 19 Jan 2017 01:03:37 CET): > On 18/01/17 21:50, Heiko Schlittermann wrote: > > Side note: we should have: > > > > --> MAIL FROM:<> > > <-- 250 OK > > --> VRFY f...@example.co

Re: [exim] gotcha: chunking and predata

> Sounds funny, yes, but can be implemented in Exim as conditional "drop" > in acl_smtp_bdat (to be executed on first BDAT command). Both can probably be combined, send the illegal 4xx response after the first BDAT chunk AND drop the connection *if* the client continues sendin

Re: [exim] gotcha: chunking and predata

l...@lena.kiev.ua <l...@lena.kiev.ua> (Mi 18 Jan 2017 15:07:01 CET): > > From: Heiko Schlittermann > > > Just of curiosity: What use case do you have for your pre-data ACL? > Greylisting of all messages to postmaster and abuse. Why can't you do this in RCPT on a

Re: [exim] gotcha: chunking and predata

Jasen Betts (Mi 18 Jan 2017 05:06:38 CET): .. > # run predata acl if haven't already. (eg: bdat) > require > acl = ${if!bool{$acl_m_need_predata_acl}{accept}{my_predata_acl}} > # "!bool" above because spaces break it > > thus all my pre-data variables

Re: [exim] chunking

sent according to the DELIVER_OUT_BUFFER_SIZE, defined in config.h.defaults: #define DELIVER_OUT_BUFFER_SIZE 8192 So, 8k per chunk. But as always, I may be wrong. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de

Re: [exim] gotcha: chunking and predata

d by default, > for example Gmail issues BDAT commands. Hm. What do you do in your pre-data ACL. Would one expect that the pre-data ACL should run right before the first BDAT command? Or would one expect a pre-first-bdat command? Best regards from Dresden/Germany Viele Grüße

Re: [exim] SMTP Data termination in test mode

<<<<<<<<<<<<<< >>> using ACL "acl_check_data" >>> processing "accept" >>> accept: condition test succeeded in ACL "acl_check_data" LOG: [28856] 1cT32p-0007VQ-8q <= <> H=google-public

Re: [exim] VRFY and EXPN: need I really them?

Hi, Luca Bertoncello <lucab...@lucabert.de> (So 15 Jan 2017 19:16:58 CET): > Heiko Schlittermann <h...@schlittermann.de> schrieb: > > > > http://exim.org/exim-html-current/doc/html/spec_html/ch-smtp_processing.html#SECID237 > > > First, maybe you can write s

Re: [exim] VRFY and EXPN: need I really them?

le configuration. All other security issues are due to configuration errors. (Thus you *can* run commands on VRFY or EXPN via acl expansions. This *can* create security issues.) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---

Re: [exim] Bug in string expansion of exim configuration?

Heiko Schlittermann <h...@schlittermann.de> (Do 22 Dez 2016 13:41:42 CET): … > > temporarily rejected after DATA: failed to expand ACL string > > "${if >{$spam_score_int}{${eval:10*{${lookup mysql{ SELECT DISTINCT > > spam_threshold FROM user WHERE > &g

Re: [exim] [exim-announce] Exim 4.87.1 released

Heiko Schlittermann <h...@schlittermann.de> (So 25 Dez 2016 11:41:15 CET): > I've uploaded Exim 4.87.1 to: > > ftp://ftp.exim.org/pub/exim/exim4/old/ > git://git.exim.org/exim.git (tag exim-4_87_1) For easy checking the integrity of the package files I provi

[exim] Exim 4.87.1 released

N messages (and be sent offsite). For details about the CVE please see https://exim.org/static/doc/CVE-2016-9963.txt The release files for 4.87.1 are signed with the PGP key 0xF69376CE, which has a uid "Heiko Schlittermann (HS12-RIPE) <h...@schlittermann.de>". Please use your own di

[exim] [h...@schlittermann.de: [oss-security] CVE-2016-9963 (Was: CVE Request - Exim 4.69-4.87 - disclosure of private information)]

Hello, in case you missed this on one of the other channels: Heiko Schlittermann <h...@schlittermann.de> (Fr 16 Dez 2016 00:36:45 CET): … > Product:Exim > Versions: 4.69 -> 4.87 > Impact: Possible leak of private information to a remote attacker > Reference:

Re: [exim] HowTo integrate Spamassassin working?

Hi, Forum <fo...@decotrain.de> (Do 22 Dez 2016 17:29:35 CET): > Am 22.12.2016 um 16:59 schrieb Heiko Schlittermann: > > > >> Here is all i can find for this: > >> http://www.exim.org/exim-html-current/doc/html/spec_html/ch-content_scanning_at_acl_time.html >

Re: [exim] HowTo integrate Spamassassin working?

body else will need the same help and therefore would be happy to read the answer *here*, not in private mail. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlitte

Re: [exim] Delivery logs when using alternative conf file

-bdf -q30m -C /etc/exim4/exim-user1.conf Ohm. Exim is delivering, but not logging. Not nice. Bug? > the logs related to the delivery operations are printed to the console > instead of the mainlog. Hm. Best regards from Dresden/Germany Viele Grüße aus Dresden

Re: [exim] Bug in string expansion of exim configuration?

not supporting PRDR you can single out every recipient after the first, using $recipients_count and defer. After this you're sure, that your DATA ACL needs to care about a single recipient only. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITT

Re: [exim] HowTo integrate Spamassassin working?

> Here you can see the complete result from an actual spam mail. > My Thunderbird only shows the original subject without the "***SPAM" remark. OTOH I wouldn't change/replace existing headers. You may break thinks, e.g. DKIM. Best regards from Dresden/Germany Viele Grüß

Re: [exim] only RSET accepted now

es were sent. This has been fixed, thanks for the > assessment. Thank you for your feedback. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (T

Re: [exim] only RSET accepted now

Heiko Schlittermann <h...@schlittermann.de> (Mi 21 Dez 2016 00:25:42 CET): > Twilek <twi...@gmx.de> (Mi 21 Dez 2016 00:12:54 CET): > … > > I have to admit that your answers are a bit beyond the horizon of my > > knowledge of the SMTP protocol (or other mail protocols

[exim] [SOLVED] GnuTLS New Cert vs old(?) Libs

Heiko Schlittermann <h...@schlittermann.de> (Mi 21 Dez 2016 10:45:24 CET): > Hello, > > some SSL experts around? I got a "legacy" Exim (4.80), linked with GNUTLS > libgnutls.so.26 => /usr/lib/i386-linux-gnu/libgnutls.so.26, and installed new > certificat

[exim] GnuTLS New Cert vs old(?) Libs

e aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are r

Re: [exim] only RSET accepted now

Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - ! key id 7CBF764A and 972EAC

Re: [exim] only RSET accepted now

Hi Twileg, how do you manage to break the thread always? Anyway… Twilek (Di 20 Dez 2016 21:04:52 CET): > I sent a Test message with your logging parameters and the output was > (sanitized for peronal data): … > 17155 Process 17155 is handling incoming connection from [127.0.0.1]

Re: [exim] only RSET accepted now

k you for a pcap dump of the unencrypted connection between your SMTP client (horde) and the MTA. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU)

Re: [exim] certain recipients only accept from certain hosts

d. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome ---

Re: [exim] Exim 4.88 RC6 uploaded

88. Currently after expansion there has to be *one* curve specifier, or "auto". Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko -- SCHLITTERMANN.de -------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.3

Re: [exim] logging custom headers on send out

tgoing, as I stated above. BUT, there is one exception: the event interface. And I believe, you can call a custom ACL through the event interface. Maybe the configured it in Cpanel. Or they did some other addtion to Exim I'm not aware of. Best regards from Dresden/Germany Viele Grüße aus Dre

Re: [exim] Queue very slow

Jasen Betts (Do 08 Dez 2016 21:40:55 CET): … > > What are "hdr.xx" files?How can I check if queue is corrupted?Anyway, > > exim -bpc returns 88 messages in queueThank you very much > Assuming you've already checked drive health. > it could be directory bloat. if you've had

Re: [exim] tls_eccurve = auto (Was: Exim 4.88 RC5 uploaded)

Heiko Schlittermann <h...@schlittermann.de> (Fr 02 Dez 2016 14:40:34 CET): … > now tls_eccurve = auto is the default and should work in any OpenSSL > version. For OpenSSL < 1.0.2 it falls back to prime256v1. For more > recent OpenSSL versions it uses the librar

[exim] tls_eccurve = auto (Was: Exim 4.88 RC5 uploaded)

est regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F

Re: [exim] Recipient Verification Bypassed

a private option for the lmtp transport that told Exim to > follow through with callouts? Something like force_callouts. I'm lost. I'm not sure, how to understand it. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---

Re: [exim] Recipient Verification Bypassed

Hi, > On 11/28/2016 11:51 PM, Heiko Schlittermann wrote: ... > > lmtp_transport: > > driver = smtp > > protocol = lmtp > > socket = /run/dovecot/lmtp # or whatever > > … Sorry for the confusion, I checked my config not goo

Re: [exim] Recipient Verification Bypassed

there is some trick lmtp_transport: driver = smtp protocol = lmtp socket = /run/dovecot/lmtp # or whatever … BTW … > > # Get the local part minus any suffixes > > warn set acl_m9 = ${sg{${lc:$local_part}}{[+-].+\$}{}} We have named acl variables

Re: [exim] Question about header syntax

yy> > syntactically correct header? In case you trust Exim: Compare exim -be '${address:x...@zzz.de <a...@xyz.de>}' exim -be '${address:"x...@zzz.de" <a...@xyz.de>}' Best regards from Dresden/Germany Viele Grüße au

Re: [exim] Smarthost(s): 1st: 4xx, 2nd 5xx and Exim gives up?

Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - ! key id 7CBF

[exim] [SOLVED] Smarthost(s): 1st: 4xx, 2nd 5xx and Exim gives up?

Heiko Schlittermann <h...@schlittermann.de> (Fr 25 Nov 2016 00:21:01 CET): > > The first smarthost mailhub1 refused right after the TCP connect with > 4xx. The second refused right after the TCP connect with 5xx. > > Now Exim gave up and sent a bounce (actually didn't sen

[exim] Smarthost(s): 1st: 4xx, 2nd 5xx and Exim gives up?

on a server right after TCP connect handled the same way as TCP reset, considered as a host problem, that is recoverable. Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - H

Re: [exim] What (= in log means?

Hi Marcin, Marcin Mirosław (Do 24 Nov 2016 15:26:40 CET): > Hi! > I just found in exim log something strange for me. > This is snippet from log: > 2016-11-24 15:17:11 [32497] 1c9upo-0008S9-2c H=([37.255.216.195]) > [37.255.216.195] I=[81.4.122.249]:25 Warning: testing rspamd:

Re: [exim] Date format

Yves <exi...@yalis.fr> (Fr 18 Nov 2016 16:39:06 CET): > On Fri, 18 Nov 2016, Heiko Schlittermann wrote: > >Current log format: > >2016-11-18 16:30:28 [32758] SMTP connection from mta22.cp20.com > >[216.24.225.22]:22582 I=[84.19.194.2]:25 closed by QUIT > > >

Re: [exim] Date format

ele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- key ID: F69376CE - ! key id 7CBF764A and

Re: [exim] Exim 4.88 RC and configuring qualify_domain

ld? What for? Yes, you got $h_to: and $h_replay-to: Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1

Re: [exim] Exim autoreply (MAIL FROM:<>)

Nmz (So 23 Okt 2016 00:42:53 CEST): > > I`m spending some time to figure out why sometimes exim "drops" MAIL FROM > field after helo server. > > Communication example: > > SMTP<< 220 SERVER_in ESMTP Exim 4.87 Sat, 22 Oct 2016 22:00:55 + > SMTP>> EHLO SERVER_out > SMTP<<

Re: [exim] decode exim srs From

Arkadiusz Miśkiewicz (Mo 17 Okt 2016 22:43:10 CEST): > Host A is using exim internal SRS capability to rewrite From and then forward > email to other host B. > > Now on host B I would like to rewrite From back to original form and then > make > exim all message processing

Re: [exim] retry with a different router if delivery failed

condition = ${if first_delivery} … fallback: driver = … … (Probably a fallback_transport would be good, but currently it doesn't exist.) Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -

Re: [exim] different server same domain

Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --- k

Re: [exim] [r...@doctor.nl2k.ab.ca: Cron <root@doctor> /usr/local/sbin/exim -v -q]

Jeremy Harris (Mo 26 Sep 2016 14:39:51 CEST): > On 26/09/16 01:17, The Doctor wrote: > > Was trying out Exim 4.88 RC 1 . … > The problem here looks like the database interface used by Exim depends > on environment variable(s), and for security reasons - exactly this sort > of

Re: [exim] 4.87+fixes

Tony Meyer (Mo 26 Sep 2016 09:53:31 CEST): > I was wondering whether you were intending to create & maintain a 4.87+fixes > branch as you did with 4.86? > I thought it was a very useful resource & would love to see a 4.87 version - > but if it’s not useful for you any more

Re: [exim] The appendfile transport: UID and GID of the delivery message file

pabilities (CAP_CHOWN), as a work around. And I do not see any reason, why -1 shouldn't work. According to the comments in appendfile.c the transport w/o setuid is (or was) expected. Probably needs further investigation. Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de -

Re: [exim] The appendfile transport: UID and GID of the delivery message file

Ednardo Lobo <edna...@lobo.eti.br> (Di 30 Aug 2016 19:51:07 CEST): > On 30-08-2016 11:39, Heiko Schlittermann wrote: > >Did you try it? Setting the transport option group= to the > >value, the file has right after creation, inherited from the directory. > > Do you

Re: [exim] The appendfile transport: UID and GID of the delivery message file

Ednardo Lobo (Di 30 Aug 2016 03:43:07 CEST): … > >Maybe the generic transport option group = nogroup (or whatever > >group name 65536 relates to) helps. It doesn't avoid the chown, but it > >should chown the group to the group the file already has. The group > >option is

Re: [exim] The appendfile transport: UID and GID of the delivery message file

Ednardo Lobo (Fr 26 Aug 2016 01:33:21 CEST): > >So the exim user has write access …, the directories are sgid . > >So, any file created in this directory should be owned by the creator > >and the group . > > Correct, just as I imagined. In other words, the file uid must be

Re: [exim] The appendfile transport: UID and GID of the delivery message file

Hi, Ednardo Lobo (Do 25 Aug 2016 16:18:33 CEST): … > Exim is running with a non-root user (UID: exim) and group (GID: exim) and > the exim binary is without setuid permission: -rwxr-xr-x. > > The transport configuration is: > > maildir: > driver = appendfile >

Re: [exim] tls_certificate weirdness

Phillip Carroll <domainmana...@enablingsimplicity.com> (Mo 22 Aug 2016 18:50:32 CEST): > On 8/22/2016 3:57 AM, Heiko Schlittermann wrote: > >Directories 0777? Sounds dangerous. I think, Exim doesn't do extensive > >checks to ensure system security, but I'd remove the the

<    1   2   3   4   5   6   7   8   9   10   >