On 28/09/2022 10:59, Victor Sudakov via Exim-users wrote:
Maybe I'd be better off setting hosts_try_fastopen to ":" in Exim only, just in
case?
No, because other services on your system would still suffer
from the kernel bug.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/m
On 28/09/2022 08:40, Victor Sudakov via Exim-users wrote:
I wonder what I will lose if I leave net.ipv4.tcp_fastopen=0 on the
mail server (not very loaded)?
Not much unless your system also runs a high rate of TCP connections for
other services (eg. web). The bug (it's in the Linux firewall) m
On 27/09/2022 09:09, Sławomir Dworaczek via Exim-users wrote:
nowhere else is it like creating a file
Third paragraph of that reference:
"not permitted (including acessing a file using a tainted name)."
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-us
On 26/09/2022 19:44, Sławomir Dworaczek via Exim-users wrote:
option ONCE_FILE = /var/spool/exim/db/autoreply_${local_part}_${domain}.db In
my logs I have the message defer (13) permission denied Tainted
/var/spool/exim/db/autoreply_username_mydomian.eu.db
http://exim.org/exim-html-current/do
On 23 September 2022 06:50:29 BST, Jasen Betts via Exim-users
wrote:
>upgrading from 4.94 to 4.96 seems to have dramatically reduced the TLS
>connectivity (as a server).
>
>I'm using libgnutls3.7.1 on debian 11 and the Exim package from
>backports
Did the GnuTLS version change?
If so it could
On 22/09/2022 13:48, Jeremy Harris via Exim-users wrote:
We could code to stack $value during each evaluation of the condition
for the reduce. That feels better. I'll have a go.
Turn out that's not sufficient. The issue is not that
the inlisti-output $value mucks up reduce, b
On 21/09/2022 06:21, Jasen Betts via Exim-users wrote:
I was using the follwing form to see how many elements of list 1 occur in list2
${reduce{ a:p:p:l:e }{0}{${if inlisti{$item}{ p:e:z
}{${eval:$value+1}}{$value
but this has stopped working in 4.96
To be fair, it wouldn't have worked
On 22/09/2022 10:24, Kai Bojens via Exim-users wrote:
Hello there,
I have a new server which now has SMTPUTF8 enabled. I'm not sure why but since
then at least one Outlook client decided to stop using the IDN form
(xn--dmin-moa0i.example) and now tries to authenticate with the UTF-8 domain.
Re
On 19/09/2022 13:14, Lasse Törngren via Exim-users wrote:
OK, I understand. Sad from my point of view, as this means that I will never be
able to upgrade Exim from now on?
(Unless I pinpoint the bug myself.)
Or convince someone else who has the expertise to work on it.
--
Cheers,
Jeremy
-
On 18/09/2022 20:36, Lasse Törngren via Exim-users wrote:
I have tried to upgrade to Exim 4.95 on this machine, and to Exim 4.96 on a new
server that I am setting up with MacOS Big Sur. On both servers I get Exim
Panic with “setgroups: Invalid argument” at local (virtual) delivery. The users
a
On 12/09/2022 19:53, Andrew C Aitchison via Exim-users wrote:
Unfortunately your build logs seem to hide the link line arguments,
so I cannot see how it is trying to include the pcre2 library.
make FULLECHO=''
should show the full compile & link lines (from memory).
--
Cheers,
Jeremy
--
On 10/09/2022 12:59, Cyborg via Exim-users wrote:
Verify return code: 21 (unable to verify the first certificate)
b) fails
^^
These words return plenty of hits from my usual search engine.
Exactly what trust-anchors and intermedi
On 04/09/2022 22:09, Ján Lalinský via Exim-users wrote:
==r...@xyz.com R=xxx (-36): host lookup for did not
complete (DNS timeout?)
There is no problem with DNS resolution of the relevant domains on those
MX servers whatsover, judging by using dig and host command in shell.
But judging by th
On 06/09/2022 12:37, Kai Bojens via Exim-users wrote:
Am 06.09.22 um 12:53 schrieb Jeremy Harris via Exim-users:
The "interface" option says "use the interface that has this IP.
It does not say "use this IP".
Ah, I see – I didn't know that. Thanks.
But, t
On 06/09/2022 11:28, Kai Bojens via Exim-users wrote:
Host A: Has a transport with an explicit "interface = 1.2.3.4" IPv4
The "interface" option says "use the interface that has this IP.
It does not say "use this IP".
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/li
On 23/08/2022 17:18, Nick via Exim-users wrote:
On 22/8/2022 Jeremy replied:
Which means I can't use a simple list lookup, nor a wildcard lookup, as
these don't support capture
In the current release of Exim, they do and you could.
Note: It is not possible to capture substrings in a reg
On 01/09/2022 04:02, 吴栋淦 via Exim-users wrote:
I want to build a exim4 server with VRFY command supported
You need to define a verify ACL in your configuration.
See
http://exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html
--
Cheers,
Jeremy
--
## List details at htt
On 24/08/2022 16:45, Ken Olum via Exim-users wrote:
How serious is CVE-2022-37452: buffer overflow for the alias list in
host_name_lookup?
The associated bug, 2747, reported it as a segfault in the receive
process.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listi
On 22/08/2022 17:30, Nick wrote:
Regarding Andrew's reply, "so I doubt that [quote_sqlite] is intended to
detaint": I think it would help to be clear in the documentation whether or not it
detaints
The rule is: if if doesn't say it detaints, it does not detaint.
specifically here:
This mea
On 19 August 2022 17:04:22 BST, Nick via Exim-users wrote:
>Hello Exim users,
>
>I've a problem with Sqlite lookups and tainting.
>> My suspicion therefore is that it's actually the presence of
>> |$local_part| in the query which is the problem, and not the
>filename
>Is anyone here able to hel
On 15/08/2022 14:31, Viktor Dukhovni via Exim-users wrote:
I strongly suspect this is a known issue with interactions between
Exim and TFO causing machines to ignore packets, which was reported
in this thread:
https://lore.kernel.org/lkml/E1nZMdl-0006nG-0J@plastiekpoot/
On 11/08/2022 22:23, Graeme Coates via Exim-users wrote:
No problem - here's a link to the pcap file filtered down by port 44884.
https://www.chromosphere.co.uk/wp-content/blogs.dir/1/files/2022/08/tfo.zip
Attached is the time-sequence plot for that. I agree with Viktor:
this is a problem in
On 12/08/2022 08:31, Graeme Coates via Exim-users wrote:
generic-segmentation-offload: on
This might still be enabling transmit using >MTU from the kernel to the NIC.
Get a pcap to check; any >1500 byte packets being sent?
I agree with Viktor though - it's a
On 11/08/2022 14:03, Patrick Boutilier via Exim-users wrote:
Otherwise you just get the help message. This by design?
Yes. See https://bugs.exim.org/show_bug.cgi?id=2821
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.
On 10 August 2022 17:12:55 BST, Marc MERLIN via Exim-users
wrote:
>> hosts_try_fastopen = !*.l.google.com
>>
>> into /etc/exim4/conf.d/transports/30_exim4-config_remote_smtp (or
>whichever
>> config the remote transport is in depending on how you have installed
>Exim
>> on Debian).
>
>Thank you
Tricky to guess at. Turn off more features, I guess.
You already tried chunking. Next would be fastopen, then pipelining.
However, given it was right after all the data (even in non-chunking)
one has to wonder if it's a content-check of theirs going wrong.
Does a given failing message get throu
Does anyone out there use the above? Build with it?
My initial attempts to build (having not found an obvious
fedora library package for heimdall, yet) are tripping over
a possibly incompatible /usr/include/krb5.h
There's also no testsuite coverage.
Finding out if there are actually any users
On 02/08/2022 16:15, Mark Elkins via Exim-users wrote:
Any clues as to where to look?
Always start with the mainlog. Find a delivery try for
the message-id. If you can't find one - are you
actually doing regular queue runs?
If that doesn't give a clue then fire a try manually,
with debug en
On 14/07/2022 18:59, Sam via Exim-users wrote:
I wish to use a "condition =" for my router section which should evaluate to
true if either of $sender_address_domain or $original_domain exist in the file
/etc/mydomains.
If the domains are one-per-line in that file:
${if or { \
{bool {${look
On 26/07/2022 19:30, Mark H. Wood via Exim-users wrote:
I need to relay to an Exchange server that's about to be configured to
require "modern authentication," that is, OAUTH2. Is there some way
to configure Exim to authenticate *as a client* using OAUTH2?
I built an OAUTH2 plugin for Cyrus SAS
On 26/07/2022 19:30, Mark H. Wood via Exim-users wrote:
it appears
that Exim's Cyrus SASL driver doesn't have a client side at all?
Correct.
If you'd like to develop one, including testsuite support...
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-use
On 23/07/2022 07:21, ozzloy via Exim-users wrote:
is there a good tutorial for the exim configuration file language?
http://exim.org/exim-html-current/doc/html/spec_html/
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www
On 17/07/2022 12:16, Jeremy Harris via Exim-users wrote:
On 16 July 2022 18:09:40 BST, Slavko via Exim-users
IMO that is perfect job vor event system, to emit auth:failed event.
But whole event systems
seems to be only about outgoing mails/connections.
Beside the auth failed event, i miss acl
On 20/07/2022 15:26, Jeremy Harris via Exim-users wrote:
On 20/07/2022 15:09, Thomas Krichel via Exim-users wrote:
https://www.exim.org/howto/mailman21.html
Thanks for pointing this document out. I can't locate the source
right off;
Now found (a .xsl file!)
Not too hard to edit and
On 21/07/2022 07:27, Thomas Krichel via Exim-users wrote:
2022-07-21 06:19:30 1oEPWy-002t7O-0x == nep-t...@lists.repec.org
R=mailman_router
T=mailman_transport defer (0): Expansion of
"${sg{sg{$/var/lib/mailman/lists/${lc::$local_part}/config.pck}{\/config.pck$}{}}{.*\/}{}}"
from command "/var/l
On 20/07/2022 15:37, Kirill Miazine via Exim-users wrote:
IIRC Mailman has some facility to generate aliases file, which Exim
could be using. Mailman is able to generate those automatically, and
that should make the taint checking happy, as there won't be any unsafe
variables left.
Getting a fi
On 20/07/2022 15:09, Thomas Krichel via Exim-users wrote:
https://www.exim.org/howto/mailman21.html
Thanks for pointing this document out. I can't locate the source
right off; it's certainly not been on my radar and won't have
been revised to match the last five years worth of tightening
secu
On 16 July 2022 18:09:40 BST, Slavko via Exim-users
>>I'm doing plain and login.
>
>IMO that is perfect job vor event system, to emit auth:failed event.
>But whole event systems
>seems to be only about outgoing mails/connections.
>
>Beside the auth failed event, i miss acl and error related event
On 15/07/2022 20:19, Julian Bradfield via Exim-users wrote:
How do you do this? Abusing server_condition doesn't work, as it's
only expanded if the base authentication succeeds.
(My authentication method is cram-md5.)
I'm doing plain and login.
--
Cheers,
Jeremy
--
## List details at https:/
On 15/07/2022 17:11, Julian Bradfield via Exim-users wrote:
Not my experience. A large number of hosts try every hour or two -
My practice, and I think it would help with this sort of
attacker, is to delay the auth response for a fail.
By 15 or 20 seconds. Most drop off by about ten, so
a) you
On 15/07/2022 14:17, Jeremy Harris via Exim-users wrote:
This will crash that exim process, hence dropping the connection.
No, I'm mistaken.
Could you set up your fail2ban to be less aggressive?
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-
On 15/07/2022 13:54, Julian Bradfield via Exim-users wrote:
However, I can't see a way to do this. Am I missing something in the
docs?
Sneaky: use an expansion in the server_condition, which when failing
deliberately goes on to try to expand *the content of* a known-tainted
variable ($sender_he
On 07/07/2022 18:19, Sabahattin Gucukoglu via Exim-users wrote:
your best option being immediately queueing such messages and then running them
from a queue with some limited number of (dynamically or pre-spawned) queue
runners at some fixed low interval. (See main options remote_max_parallel a
On 07/07/2022 18:19, Sabahattin Gucukoglu via Exim-users wrote:
You have another problem, though. Sympa controls parallelism of submissions by
using the -odi option.
Exim thinks it should be controlling that, being an MTA :)
and also doesn’t allow an SMTP listener daemon to use the -odi opt
On 06/07/2022 11:25, Olaf Hopp (SCC) via Exim-users wrote:
On 7/6/22 11:29, Odhiambo Washington wrote:
Out of curiosity, why do you need DSN for a mailing list?
One of the list owners asked for it.
One does wonder what value they see beyond traditional bounces.
We don't have a way of reque
On 04/07/2022 09:42, Olaf Hopp (SCC) via Exim-users wrote:
When the mails comes out of the sympa list manager it
calls directly /usr/sbin/sendmail which is a symlink to the exim binary
and I have only the usual logging, no -d+all
Can you give me a hint how to enable debugging in this case ?
You
On 28/06/2022 12:22, Markus Reschke via Exim-users wrote:
IIRC, the 'recommended' way to solve issues with tainted variables is to
perform a database lookup.
Actually, that is better phrased as "The requirement is to not use values
provided
by potential attackers in sensitive situations" - an
On 27/06/2022 09:47, Christoph Schug via Exim-users wrote:
drtables.c:739:54: error: ‘NUL’ undeclared (first use in this function); did
you mean ‘NULL’?
if (regex_match(regex_islookupmod, US name, len, NUL))
^~~
Already fixed in git.
DKIM breaks mailinglists.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
On 27/06/2022 05:42, Jim Pazarena via Exim-users wrote:
4.94.2 logs: Operation timed out H=mca2.emailh.ca [23.235.65.102]: SMTP timeout
after initial connection
and the 4.96 logs: no MAIL in SMTP connection from emailh.ca [23.235.65.100]
D=5m
Run the server in debug mode.
--
Cheers,
Jeremy
On 26/06/2022 08:19, Andrew C Aitchison via Exim-users wrote:
[ I should document CVE-2021-38371:
before exim 4.95 exim probably was exposed to a man-in-the
middle attack on STARTTLS when *sending* email, though it
it is not clear how it could have been exploited.
Indeed, nobody that I am
Dear Exim users and maintaers,
We are pleased to announce the availability of release 4.96 of Exim.
Thanks to everybody who tested release-candidates. There were no
comments on the RC2 and so the final release has only a very minor
documentation change from that.
New stuff we've added since 4.
On 24/06/2022 21:45, Sebastian Nielsen via Exim-users wrote:
Best way here is to add your users primary country to the auth_advertise_hosts
list. Could be quite a IP list
There exists a DNSBL which converts IPs to countries.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mai
On 23/06/2022 14:52, Marco Gaiarin via Exim-users wrote:
Could be. Can i setup a 'negative' router, eg a router that reject if a
query (does not) return a value?
You could. But you might just as well do it in ACL, eg a "require"
verb with a condition doing the ldap lookup looking for an active
On 22/06/2022 16:19, Robert Steinmetz via Exim-users wrote:
That's what I think I'm doing. I do not have any IPv6 records so no IPv6
address should be included.
The error from G gave the IPv6 address they think you're talking from.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.
On 17/06/2022 17:42, Marco Gaiarin via Exim-users wrote:
I need to bounce
It's generally better to reject.
(also in verify, indeed) some user/mailbox; there's a 1:1
relation between mailboxes and users, and simply some 'alias' are queried
via LDAP and 'normalized' to users/logins:
I can re
On 15/06/2022 19:37, Johnnie W Adams via Exim-users wrote:
I need to route traffic from one sending address from one IP address
to a different next hop than other traffic. Can this be done? If so, where
would I begin?
With the docs. A router, conditioned on this source IP.
Probably a "ma
On 15/06/2022 11:10, tt-admin via Exim-users wrote:
is there a way to add the original subject to a bounce e-mail instead of
just "Mail delivery.."?
There's a docs chapter on customizing bounce messages.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-use
On 10/06/2022 22:19, Elliot Finley via Exim-users wrote:
I've been trying to get exim4 up and running on Ubuntu 20.04.
There is the standard:
# Macro defining the main configuration directory.
# We do not use absolute paths.
.ifndef CONFDIR
CONFDIR = /etc/exim4
.endif
which is a little confusi
The next Release Candidate for 4.96, RC2, is now available from
- as tarball:https://ftp.exim.org/pub/exim/exim4/test
- directly from Git: https://git.exim.org
tag exim-4.96-RC2
The signatures on the release tarballs (and this mail) should be
mine, key ID 0xBCE58C8CE
On 06/06/2022 23:18, The Doctor via Exim-users wrote:
Just going over my spam and I find this IP 195.133.39.99
sending a lot of junk. How can you block such a class C?
Multiple possible ways.
One would be a
deny hosts= 195.133.39.0/24
acl verb (assuming you really want the class-C).
You
On 06/06/2022 19:46, Kamil Jońca via Exim-users wrote:
Failed to create child process
This would be the response from the OS to a request
to fork a process. Are you running in a constrained
environment?
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-us
On 03/06/2022 15:43, Laura Williamson via Exim-users wrote:
hope this is better
Thanks.
So:
- the return-path was indeed empty
- so the "real fix" I mentioned elsewhere, to have srs_encode return
an empty result for that, would be active for your case
- there was a separate deficiency in
On 03/06/2022 17:08, Laura Williamson via Exim-users wrote:
thank you very much for this patch (I assume it'll be permanent in future
releases).
It will be, as will the actual fix for empty-sender encoding
avoidance (c2ef5d7e9f).
SRS can't do anything (and should not have to) with an empty se
On 03/06/2022 16:13, Laura Williamson via Exim-users wrote:
No sure what you mean?
On 03/06/2022 16:03, Jeremy Harris via Exim-users wrote:
3aa5fb00be might help here.
https://git.exim.org/exim.git/commit/3aa5fb00be821a198f42c69924ae02b393ac2b4b
--
Cheers,
Jeremy
--
## List details at
3aa5fb00be might help here.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
On 03/06/2022 15:08, Laura Williamson via Exim-users wrote:
hope this helps
16:01:16 25709 âcanning: HIDDENPWD} {$return_path} {$original_domain
16:01:16 25709 text: HIDDENPWD
16:01:16 25709 scanning: } {$return_path} {$original_domain
No; you trimmed the start of it.
--
Cheer
On 03/06/2022 10:56, Laura Williamson via Exim-users wrote:
T=remote_forwarded_smtp defer (-1): Failed to expand return path "${if
def:return_path {${srs_encode {whateverpassword} {$return_path}
{$original_domain": empty address
I'll need to see debug output for that expansion.
--
Cheer
I don't see that your config actually uses
CHECK_RCPT_REMOTE_LOCALPARTS, having defined it.
Perhaps the Debian documentation might have notes
on its use?
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please
On 02/06/2022 15:06, Kamil Jońca via Exim-users wrote:
But ... why such default walue?
I have no idea. It goes back to Exim version 4.00, in 2002.
Presumably the common usage of a pipe transport wanted that
in the most common case.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.
On 01/06/2022 16:28, Alessandro via Exim-users wrote:
I installed exim4 4.94.2 on a debian 11.3 machine. I configured it using exim4-config as
straight smtp mta. I have just declared a few macros on the exim4.conf.localmacros, so
basically I'm using the default configuration created by exim4-co
Doh. I am so stupid.
I finally looked at the docs for the pipe transport, and there is the
answer staring at me.
===
message_suffix Use: pipe Type: string† Default: see below
The string specified here is expanded and output at the end of every message.
The de
On 01/06/2022 16:46, Evgeniy Berdnikov via Exim-users wrote:
Strace of Debian bsd-mailx (my version is 8.1.2-0.20180807cvs-2)
shows that it does not append newline writing to MTA child process,
it only converts "\n" to "\r\n".
Is bsd-mailx talking SMTP-on-TCP to exim, or stdin?
If the lat
On 01/06/2022 12:05, Rory Campbell-Lange via Exim-users wrote:
Exim version 4.94.2 #2 built 13-Jul-2021 16:04:57
The error seems unique to sending to google; we are sending around 12.5k
messages/day to a wide variety of recipients.
The error is along the following lines:
2022-06-01
On 01/06/2022 09:14, Laura Williamson via Exim-users wrote:
remote_forwarded_smtp defer (-1): Failed to expand return path "${srs_encode
{thepassword} {$return_path} {$original_domain}}": empty address
Is it possible you are forwarding a message with an empty return_path
(a bounce) ?
If that'
On 01/06/2022 04:42, Kamil Jońca via Exim-users wrote:
- "mail" command is the same in both cases.
Obviously since one case runs exim and the other postfix, they cannot be.
But given this:
But there is another thing:
Normally, when message is delivered I use pipe transport:
--8<
On 31/05/2022 22:06, Randy Bush via Exim-users wrote:
2022-05-31 21:02:45 Exim configuration error in line 67 of
/usr/local/etc/exim/configure:
main option "message_linelength_limit" unknown
message_linelength_limit is an option for the smtp transport.
--
Cheers,
Jeremy
--
## Li
On 31/05/2022 15:39, Kamil Jońca via Exim-users wrote:
Andrew C Aitchison via Exim-users writes:
Is this a blank line after every real line or just the last one ?
Last one.
As I wrote elsewhere postfix did not add this.
Just tested, and I don't see any extra line. Are you certain
your "ma
On 31/05/2022 14:28, Kamil Jońca via Exim-users wrote:
I have some instances, which generates mail from stdin
(ie something like "echo bla|mail root")
and recently I found that there exists additional empty line in such
emails, ie instead of
--8<---cut here---start
On 24/05/2022 10:02, Laura Williamson via Exim-users wrote:
in the central_filter, removing those delivers the message correctly, appears
that there is an array that is not emptied after each message_body compare and
therefore goobles up memory and fails when reaching 2gb?
I'm thinking more i
On 24/05/2022 06:25, Laura Williamson via Exim-users wrote:
willing to do some source code mods to try to solve this, are stuck with 4.94.2
now as 4.95 does the same.
Please apply this patch, so we can tell which of
the two possible places is detecting the odd alloc size:
--
Cheers,
JeremyFr
On 28/05/2022 19:24, Randy Bush via Exim-users wrote:
rancid is an automaton sweeping hardware devices and sending emails of
any diffs.
ra...@psg.com
(generated from rancid-psg...@work0.psg.com)
message has lines too long for transport
uh, how do i whack it?
Fix the message sourc
On 24/05/2022 16:58, Axel Rau via Exim-users wrote:
Am 24.05.2022 um 00:37 schrieb Jeremy Harris via Exim-users
:
On 23/05/2022 20:38, Axel Rau via Exim-users wrote:
After turning on setuid bit on exim binary, it could no longer access
the DB (error=‚valid client cert required‘)
It looks
On 24/05/2022 10:23, 朱超 via Exim-users wrote:
The receive email show two Authentication-Results, What should i do?
Nothing different, with respect to these headers.
eg:
Authentication-Results: tomtoworld.xyz; dkim=pass header.d=163.com; arc=none
(Message is not ARC signed); dmarc=pass (Used
On 24/05/2022 13:42, 朱超 via Exim-users wrote:
Hi, When i use exim4 and mailman3, There happen body hash did not verify in
dkim , what should i do ?
detail msg:
dkim=neutral (body hash did not verify) header.i=@163.com header.s=s110527
header.b=XzEAxlSN
It is common for a mailing-list-manage
On 23/05/2022 20:38, Axel Rau via Exim-users wrote:
After turning on setuid bit on exim binary, it could no longer access
the DB (error=‚valid client cert required‘)
setuid to what (I assume root, but...)?
Access during what phase of operation?
--
Cheers,
Jeremy
--
## List details at https:/
On 23/05/2022 16:04, Laura Williamson via Exim-users wrote:
Have another one (in queue, undelivered) that I can test with.
# exim -d+all -M 2>&1 | tee my_debug_log_file
should get us debug for an attempt to deliver a message
that is queued. With luck that will help locate where
it's doing th
On 23/05/2022 15:10, Laura Williamson via Exim-users wrote:
bad memory allocation requested (2147483632 bytes) at string_catn 1167
Hmm. That's 0x7fff fff0.
There's two possible places for that log line to be generated.
It'd help a lot to know which; I feel a little tweak coming on.
Are you l
On 23/05/2022 14:02, Sebastian Arcus via Exim-users wrote:
[internet] <-> [relay Exim] <-> [inhouse Exim]
Can the smtp router or transport on the relay Exim be configured to keep the
connection open for inbound email until the inhouse Exim accepts or rejects the
email?
Yes. Look for "cutthr
On 22/05/2022 15:57, Bill Cole via Exim-users wrote:
I'm unclear on why the option even exists. It seems crippling.
See also
http://exim.org/exim-html-current/doc/html/spec_html/ch-security_considerations.html#SECTrunexiwitpri
and (separately) think about what might be feasible if inetd or sy
On 22/05/2022 10:30, Axel Rau via Exim-users wrote:
So it is a standard FreeBSD ports installation and therefor not setuid root.
If that is standard for FreeBSD then you need to ask them why it's
nonfunctional.
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/
On 21/05/2022 19:25, Bill Cole via Exim-users wrote:
Do you have AppArmor or SELinux enabled? What user and group is Exim running as?
Also, is this a "vanilla" Exim installation, with the Exim binary
setuid root (Exim usually needs that so it can deliver to local
user mailbox files. But it run
On 21/05/2022 10:53, Odhiambo Washington via Exim-users wrote:
On Sat, May 21, 2022 at 11:26 AM Axel Rau via Exim-users <
exim-users@exim.org> wrote:
Recently my mailman 3 servers began spamming with tons of such log
messages:
cannot accept message: failed to stat log directory /var/spool/exim
On 17/05/2022 08:04, Laura Williamson via Exim-users wrote:
I have trouble compiling this with SRS support and I can see that the src/srs.h
and .c are missing. I do have SUPPORT_SRS=yes in the makefile and also have the
latest libsrs2 libs installed, am I missing something?
The old EXPERIMEN
On 16/05/2022 07:50, David Restall via Exim-users wrote:
The next Release Candidate for 4.96, RC1, is not available from
Where is it available from then ? :-)
Yeah, yeah. Spotted ten minutes too late...
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-us
On 15/05/2022 18:03, Martin McCormick via Exim-users wrote:
Andreas Metzler via Exim-users writes:
Where is the key?
/etc./exim4/exim.key
^
That doesn't look quite right...
What is the output of "exim4 -bP tls_certificate tls_privatekey" ?
--
Cheers,
Jeremy
--
## List details at
The next Release Candidate for 4.96, RC1, is not available from
- as tarball:https://ftp.exim.org/pub/exim/exim4/test
- directly from Git: https://git.exim.org
tag exim-4.96-RC1
The signatures on the release tarballs (and this mail) should be
mine, key ID 0xBCE58C8CE
On 14/05/2022 21:53, Martin McCormick via Exim-users wrote:
Then I did dpkg-reconfigure exim4-config
What ended up in your actual running config after this stage?
Us non-Deb users don't know what Deb does for you at this stage.
Also, does it tell the daemon to reload the config just changed?
--
On 12/05/2022 18:45, Ian Kelling wrote:
* We are running an older exim: 4.90.1-1ubuntu1.8+9.0trisquel4
Well, at least it's not something I broke this year, then...
With 4.96 you can set up speculative debug, using ACL.
Anybody want to try getting a capture?
--
Cheers,
Jeremy
--
## List deta
On 11/05/2022 14:34, Martin McCormick via Exim-users wrote:
#Banner once again but the script marches on
Actually, it should have been different, no longer
advertising STARTTLS once you are using TLS. Mind, they
advertised cleartext AUTH methods *on a cleartext connection*
so they are obviousl
201 - 300 of 1001 matches
Mail list logo