Re: [exim] block a domain *.top

[Dennis Isaías Cervantes]

Any idea which ACL can I use?

-Mensaje original-
De: Exim-users 
[mailto:exim-users-bounces+dennis.cervantes=tboxplanet@exim.org] En nombre 
de Jeremy Harris
Enviado el: miércoles, 12 de octubre de 2016 7:45 a. m.
Para: exim-users@exim.org
Asunto: Re: [exim] block a domain *.top

On 12/10/16 14:39, Dennis Isaías Cervantes wrote:
> how it could do to prevent a particular domain to write me, but in 
> total for example * .TOP

At some suitable point in your ACLs, probably the recipient ACL,

deny domains = *.top


Docs at: http://exim.org/exim-html-current/doc/html/spec_html/
--
Cheers,
  Jeremy


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.88 RC2 uploaded

[Frank Elsner]

On Sun, 9 Oct 2016 13:36:32 +0100 Jeremy Harris wrote:

Hi,

> I have built and uploaded to
> 
>  ftp://ftp.exim.org/pub/exim/exim4/test/
> 
> the RC2 release candidate build of Exim 4.88
> Built and signed by myself.

I've installed this version with the same Local/* files as Exim 4.88 RC1
which works perfect and I encountered this error with RC2.

[frank@siffux src]$ echo test |/usr/exim/bin/exim frank
2016-10-12 22:30:31 Failed to create spool file 
/var/spool/exim//input//1buQAZ-0001Ec-9j-D: Permission denied

I've no idea what's going on.


Kind regards, Frank

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] block a domain *.top

[kuncho pencho]

Hi,

See this config, you'll find a lot useful things:

http://lena.kiev.ua/Lena-eximconf-run.txt











 > Оригинално писмо 

 >От: Dennis Isaías Cervantes dennis.cervan...@tboxplanet.com

 >Относно: Re: [exim] block a domain *.top

 >До: "'Jeremy Harris'"  ,
 

 >Изпратено на: 12.10.2016 21:48




Any idea which ACL can I use?



-Mensaje original-

De: Exim-users 
[mailto:exim-users-bounces+dennis.cervantes=tboxplanet@exim.org] En nombre 
de Jeremy Harris

Enviado el: miércoles, 12 de octubre de 2016 7:45 a. m.

Para:  exim-users@exim.org 

Asunto: Re: [exim] block a domain *.top



On 12/10/16 14:39, Dennis Isaías Cervantes wrote:

> how it could do to prevent a particular domain to write me, but in 

> total for example * .TOP



At some suitable point in your ACLs, probably the recipient ACL,



deny domains = *.top





Docs at:  http://exim.org/exim-html-current/doc/html/spec_html/ 

--

Cheers,

  Jeremy





-- 

## List details at  https://lists.exim.org/mailman/listinfo/exim-users 

## Exim details at  http://www.exim.org/ 

## Please use the Wiki with this list -  http://wiki.exim.org/ 





-- 

## List details at  https://lists.exim.org/mailman/listinfo/exim-users 

## Exim details at  http://www.exim.org/ 

## Please use the Wiki with this list -  http://wiki.exim.org/ 
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.88 RC2 uploaded

[Jeremy Harris]

On 12/10/16 21:34, Frank Elsner wrote:
>> the RC2 release candidate build of Exim 4.88
>> Built and signed by myself.
> 
> I've installed this version with the same Local/* files as Exim 4.88 RC1
> which works perfect and I encountered this error with RC2.
> 
> [frank@siffux src]$ echo test |/usr/exim/bin/exim frank
> 2016-10-12 22:30:31 Failed to create spool file 
> /var/spool/exim//input//1buQAZ-0001Ec-9j-D: Permission denied

Thanks for testing.  There appear to be some permissions problems with
RC2.  A fix has been committed and will be in RC3.
-- 
Cheers,
  Jeremy



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] iOS 10 cert problems

[Marius]

Hi all,

as i switched form an old comodo cert to a new one, also comodo, we
encountered problems with iOS 10 devices.

They can use exim, but fail to use dovecot, with the same cert and they
worked all before the cert exchange.

As Lets Encrypt was used temporarily as a substitution, the use of exim
failed also for nearly all iOS devices.
With comodo only pop3/imap failes, which is very strange in itself, as
it smtp and pop are both on the same server, with the same openssl
backing it up.

Some facts:

ssl-tools.net checked it: no problems
openssl : no problems
Comodotester: no problems

Comodo support checked it by hand, also no problems detected.
Android,Linux,MacOs (desktop) and Windows do not have problems using it.


Q: can someone spread some light on the situation with LE and modern
Comodo certs ?

best regards,
Marius


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Exim ML: 550 Sender verify failed

[Marius]

Hi,

the sender verification does not use TLS encrypted connections to verify
senders:

550-Verification failed for 
550-Called:   83.246.80.130
550-Sent: RCPT TO:
550-Response: 550 Receiver does not accept unencrypted connections
550 Sender verify failed


Solution: switch to TLS encrypted connections.

Marius

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] block a domain *.top

[Dennis Isaías Cervantes]

Hello everyone

 

how it could do to prevent a particular domain to write me, but in total for
example * .TOP

 

excuse my English, I use a translator

 

I would appreciate help

 

regards

 

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] block a domain *.top

[Jeremy Harris]

On 12/10/16 14:39, Dennis Isaías Cervantes wrote:
> how it could do to prevent a particular domain to write me, but in total for
> example * .TOP

At some suitable point in your ACLs, probably the recipient ACL,

deny domains = *.top


Docs at: http://exim.org/exim-html-current/doc/html/spec_html/
-- 
Cheers,
  Jeremy


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] 2nd Stage DNS blocking

[Marcin Mirosław]

W dniu 11.10.2016 o 17:18, Hardy pisze:
> Thanks for all your input. But some of you missed my point. I admit, the
> subject is OT, and I was too lengthy in explanation.
> 
> Shorter
> We DO accept mail from a trusted host, not under our control. THAT hosts
> was tricked to accept spam. To identify this, we have no other choice
> than to look at data, and I was especially thinking about "Received
> from" headers.
> Okay, I think this thread is exhausted, unless you still have some
> exceptional idea now.
> 
> Sorry for the initial confusion, thanks for your feedback.

Hi!
Why don't you use Spamassin for identify a spam? In SA configuration you
should add addresses of "trusted host not under your control" in
"trusted_networks" options. It makes SA to ignore last Received line
beacuse this is trusted host.
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] safe handling of $tls_sni

[Arkadiusz Miśkiewicz]

Hi.

Docs say that $tls_sni has raw data from client:

"Great care should be taken to deal with matters of case, various injection
attacks in the string (../ or SQL), and ensuring that a valid filename can
always be referenced; it is important to remember that $tls_sni is arbitrary
unverified data provided prior to authentication."


What is safest approach to handle $tls_sni when trying
to expand it to file on filesystem?

Rule like:
${if 
exists{/etc/mail/ssl/${tls_sni}.pem}{/etc/mail/ssl/${tls_sni}.pem}{/etc/mail/default-cert.pem}
 

-- 
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] block a domain *.top

[kuncho pencho]

Hi, 

In acl_check_rcpt put something like this:

deny
 senders = /etc/exim/deny_senders

Create file deny_senders and block what you want , like:

*.top
*.br 
*.in









 > Оригинално писмо 

 >От: Dennis Isaías Cervantes dennis.cervan...@tboxplanet.com

 >Относно: Re: [exim] block a domain *.top

 >До: "'Jeremy Harris'"  ,
 

 >Изпратено на: 12.10.2016 21:48




Any idea which ACL can I use?



-Mensaje original-

De: Exim-users 
[mailto:exim-users-bounces+dennis.cervantes=tboxplanet@exim.org] En nombre 
de Jeremy Harris

Enviado el: miércoles, 12 de octubre de 2016 7:45 a. m.

Para:  exim-users@exim.org 

Asunto: Re: [exim] block a domain *.top



On 12/10/16 14:39, Dennis Isaías Cervantes wrote:

> how it could do to prevent a particular domain to write me, but in 

> total for example * .TOP



At some suitable point in your ACLs, probably the recipient ACL,



deny domains = *.top





Docs at:  http://exim.org/exim-html-current/doc/html/spec_html/ 

--

Cheers,

  Jeremy





-- 

## List details at  https://lists.exim.org/mailman/listinfo/exim-users 

## Exim details at  http://www.exim.org/ 

## Please use the Wiki with this list -  http://wiki.exim.org/ 





-- 

## List details at  https://lists.exim.org/mailman/listinfo/exim-users 

## Exim details at  http://www.exim.org/ 

## Please use the Wiki with this list -  http://wiki.exim.org/ 
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/