Hello,
Setup: Exim (updated to the latest version) accepts mail for several
domains; for some of them it redirects messages to other (secondary)
Exim-driven mail servers, via manualroute.
Looks like not all these secondary Exim installations are up-to-date.
Question: are these secondary mail
On 06.05.2021 21:36, Tim Jackson via Exim-users wrote:
> On 06/05/2021 14:54, Konstantin Boyandin via Exim-users wrote:
>
>> The last known EPEL Exim version is 4.94 #2, built on March 25, 2021. It
>> wasn't difficult to build Exim from sources and replace insecure EPEL
&g
On 04.05.2021 20:40, Heiko Schlittermann via Exim-users wrote:
> We have prepared a security release, tagged as "exim-4.94.2".
>
> This release contains all changes on the exim-4.94+fixes branch plus
> security fixes.
I wonder whether current Exim maintainer at EPEL reads this list.
The last
Hello,
The majority of spam these days comes from IPs without PTR records
(NXDOMAIN or SERVFAIL trying to resolve). I tried to insert a header
indicating whether IP is "clean" with a PTR, but looks I misunderstand
how it should work.
In ACL:
begin acl
acl_clean_helo:
accept
verify
Hello,
I am willing to block messages containing certain patterns in
From:/Reply-To: containing certain pattern.
I tried first blocking by senders: test configuration contains (right
below "begin acl"):
--- configuration snippet below
acl_check_sender:
denysenders =
Hello Jan,
"delay" means tarpitting, in this context?
I wonder how efficient that is.
Sincerely,
Konstantin
On 09.09.2019 21:16, Jan Ingvoldstad via Exim-users wrote:
> I've had another variant for years:
>
> acl_check_mail:
> deny
> message = no HELO given before MAIL command
>
Hello Jeremy,
On 05.09.2019 17:14, Jeremy Harris via Exim-users wrote:
> On 05/09/2019 10:37, Konstantin Boyandin via Exim-users wrote:
>> Just curious, whether Exim is regularly tested for vulnerabilities as
>> it's developed?
>
> Please feel free to volunteer your tim
Hello,
Just curious, whether Exim is regularly tested for vulnerabilities as
it's developed?
The critical security updates are being announced way too often last
year.
(not meaning to raise a flame, I just dislike doing emergency updates on
many systems)
Sincerely,
Konstantin
--
##
Alain D D Williams via Exim-users писал 2019-06-12 15:44:
On Wed, Jun 12, 2019 at 10:21:03AM +0200, Exim Users wrote:
Am 12.06.19 um 09:50 schrieb Heiko Schlittermann via Exim-users:
> I'll not give more details, as I think, it's not worth having arguments
> about good and bad distros. At least
12.06.2019 18:01, Gary Stainburn via Exim-users writes:
> On Wednesday 12 June 2019 06:56:34 Konstantin Boyandin via Exim-users
wrote:
>> I maintain several CentOS 6-based servers. They will finally be replaced
>> by CentOS 7-based, but it's out of my control to upgrade the
>&g
Hell Niels,
12.06.2019 0:58, Niels Dettenbach writes:
> Am Dienstag, 11. Juni 2019, 18:57:41 CEST schrieb Konstantin Boyandin via
> Exim-users:
>> If I am not mistaken, CentOS 6.10 EPEL didn't apply any patches,
>> original Exim 4.91 is still their last version.
>
> The
> Am 11. Juni 2019 17:10:09 MESZ schrieb Cyborg via Exim-users
:
>> Hi Guys,
>>
>> at the end of this article, is a shodan graph of exim servers in the
>> wild :
>>
>> https://www.helpnetsecurity.com/2019/06/07/exim-cve-2019-10149/
>>
>> Guess which versions are 90% of all exims out there?
>
>
Hi Calum,
Similarly, one of my honeypot VMs running exposed Exim 4.91 has been
attacked yesterday by similar means. The attacker, in my case, tried to
download and execute one of the below (I excluded scheme prefix from links):
an7kmd2wp4xo7hpr dot tor2web dot su/src/ldm
an7kmd2wp4xo7hpr dot
On 14.08.2018 21:44, Nigel Metheringham via Exim-users wrote:
> As its been pointed out that there has been no mail on exim-users for 14
> days, and although the volume is way lower than in its heyday that does
> seem a bit of an excessive gap...
>
> However a quick browse through logs is not
On 28.03.2018 15:36, Cyborg via Exim-users wrote:
> Am 28.03.2018 um 09:10 schrieb Konstantin Boyandin via Exim-users:
>> After having scanned 4.90.1 installation with OpenVAS, the below was
>> reported:
>>
>> 'Weak' cipher suites accepted by this service via the
>>
Hello,
After having scanned 4.90.1 installation with OpenVAS, the below was
reported:
'Weak' cipher suites accepted by this service via the
TLSv1.0/TLSv1.1/TLSv1.2 protocols: TLS_RSA_WITH_SEED_CBC_SHA
Default settings (no explicit "tls_require_ciphers", "openssl_options")
are in use.
On 20.03.2018 20:03, Graeme Fowler via Exim-users wrote:
> On 20 Mar 2018, at 12:03, Konstantin Boyandin via Exim-users
<exim-users@exim.org> wrote:
>> However, the cases I mention do not print anything like above to
>> main.log (and MX records are normally resolved
egards,
Konstantin
On 19.03.2018 22:03, Graeme Fowler via Exim-users wrote:
> On 19 Mar 2018, at 14:39, Konstantin Boyandin via Exim-users
<exim-users@exim.org> wrote:
>> I would appreciate pieces of advice on how to handle this. Thank you.
>
> It would appear that you can reprod
Hello,
Having a grave problem with recently compiled Exim 4.90.1 (running on
Ubuntu 16.04 64bit).
Primary domain: example.com
In /etc/aliases:
user: us...@example.net,us...@example.net
When I run command like
exim -bt u...@example.com
Exim prints correct MX records for every particular
19 matches
Mail list logo