[exim] Exim header check and mailsploit?

Hi Following the recently published "mailsploit" [1] issue, I wonder why exim with enabled headers syntax check doesn't reject those message that use illegal characters in their from address. The mailsploit attack relies on special chars like newline or the nul character encoded in base64 or

Re: [exim] List of DNSBL's anywhere?

On Tue, 5 Dec 2017 21:21:41 + Sebastian Arcus wrote: > Is there anywhere a (semi)authoritative list of DNSBL's which can be > used with Exim? I see various examples including some DNSBL's - but I > was wondering if there is a complete(ish) -and preferably up-to-date

Re: [exim] List of DNSBL's anywhere?

Exim is probably flexible enough to work with most DNSBLs. One way of finding out ones that exist is to use a lookup tool such as https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3aexample.com You can also find a list of DNSBLs (with onward links to more information about them) at

Re: [exim] Exim header check and mailsploit?

On 06/12/17 16:12, Adrian Zaugg wrote: > The mailsploit attack relies on special chars like newline or the nul > character encoded in base64 or quoted-printable. In my opinion encoded > strings in mail headers should get decoded for validity checking, e.g > when setting in an ACL: require verify =

Re: [exim] Exim header check and mailsploit?

> On Dec 6, 2017, at 11:12 AM, Adrian Zaugg wrote: > > The mailsploit attack relies on special chars like newline or the nul > character encoded in base64 or quoted-printable. In my opinion encoded > strings in mail headers should get decoded for validity checking,

Re: [exim] List of DNSBL's anywhere?

Hello! Actually, any DNSBL can be used in Exim. You can look at this page to facilitate your choice https://www.intra2net.com/en/support/antispam/index.php_sort=accuracy_order=desc.html Sebastian Arcus via Exim-users писал 2017-12-05 23:21: Is there anywhere a (semi)authoritative list of

Re: [exim] Sender verify for inbound emails when using smart relay for sending

On 6 Dec 2017, at 11:56, Sebastian Arcus via Exim-users wrote: >domains = +local_domains Are you sure? I would have thought you were verifying non-local domains at this point… Try ‘domains = !+local_domains’ (or '!domains = +local_domains') Graeme -- ## List details

Re: [exim] Sender verify for inbound emails when using smart relay for sending

On 06/12/17 12:09, Graeme Fowler via Exim-users wrote: On 6 Dec 2017, at 11:56, Sebastian Arcus via Exim-users wrote: domains = +local_domains Are you sure? I would have thought you were verifying non-local domains at this point… Try ‘domains = !+local_domains’

[exim] Sender verify for inbound emails when using smart relay for sending

I am trying to setup a special router which will verify sender's domain (simple verification) for inbound emails (we receive direct, but send through smart host). acl_check_rcpt: deny message = Sender cannot be verified log_message = "Reject: sender cannot be verified"

Re: [exim] Sender verify for inbound emails when using smart relay for sending

On 06/12/17 12:26, Sebastian Arcus via Exim-users wrote: On 06/12/17 12:09, Graeme Fowler via Exim-users wrote: On 6 Dec 2017, at 11:56, Sebastian Arcus via Exim-users wrote:     domains = +local_domains Are you sure? I would have thought you were verifying non-local

Re: [exim] List of DNSBL's anywhere?

On 06/12/17 09:32, Mike Brudenell via Exim-users wrote: Exim is probably flexible enough to work with most DNSBLs. One way of finding out ones that exist is to use a lookup tool such as https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3aexample.com You can also find a list of DNSBLs