[exim] A couple questions about strings expansion using ${addresses} from header

[Marcin Mirosław via Exim-users]

Hi,
Firstly I wish all the best in 2021 year!

I have a couple of cases which makes me scratching the head.

1. Difference in behaviour when I use "-be" vs "-bem":

# cat /tmp/test2
From: =?utf-8?B?YWFhYS1hYWFhLCBiYmJiYg==?=
# exim -bem /tmp/test2 '${addresses:$h_from:}'
-:bb...@jowisz.mejor.pl

# exim -be '${addresses:$h_from:From: 
=?utf-8?B?YWFhYS1hYWFhLCBiYmJiYg==?= }'

=?utf-8?B?YWFhYS1hYWFhLCBiYmJiYg==?=

Why exim -bem adds hostname to parsed header? I expect exim should not 
add anything. Why exim doesn't add hostname in invocation with "-be"? 
Shouldn't behave in the same way?


2. comma in addresses:

# cat /tmp/test2
From: =?utf-8?B?YWFhYS1hYWFhLCBiYmJiYg==?= 
# exim -bem /tmp/test2 '${addresses:$h_from:}'
-:a@a.a

Why exim sees two addresses? There is no literally coma, comma is 
encoded with base64. There is in doc "It does not see the comma because 
it’s still encoded as "=2C" ", so meseems it still shouldn't interpret 
comma also for base64



3. "-be" vs "-bem". The same header as above.
# cat /tmp/test2
From: =?utf-8?B?YWFhYS1hYWFhLCBiYmJiYg==?= 
# exim -bem /tmp/test2 '${addresses:$h_from:}'
-:a@a.a

vs
# exim -be '${addresses:$h_from:From: 
=?utf-8?B?YWFhYS1hYWFhLCBiYmJiYg==?= }'

a@a.a

Shouldn't be result of expansion the same in both cases?

4. All above was because I wanted to reject messages when header From is 
more than once in email:) I did:

${if >{${listcount:${addresses:$h_from:}}}{1}{yes}{no}}

which triggered a couple of problems described earlier.

Marcin





--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Question about header syntax

[Marcin Mirosław]

W dniu 28.11.2016 o 16:27, Heiko Schlittermann pisze:
> Marcin Mirosław <mar...@mejor.pl> (Mo 28 Nov 2016 14:31:23 CET):
>> Hi!
>> Because my understanding of english language isn't enough to correctly
>> read RFC5322 I'd like to ask you about syntax of address-list used in
>> header.
>> Is header:
>> To: x...@zz.yy <x...@zz.yy>
>> syntactically correct header?
> 
> In case you trust Exim:

I wanted to check if exim does it correctly:)


> Compare
> 
> exim -be '${address:x...@zzz.de <a...@xyz.de>}'
> exim -be '${address:"x...@zzz.de" <a...@xyz.de>}'

Thank you for all answers!
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Question about header syntax

[Marcin Mirosław]

Hi!
Because my understanding of english language isn't enough to correctly
read RFC5322 I'd like to ask you about syntax of address-list used in
header.
Is header:
To: x...@zz.yy 
syntactically correct header?
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] What (= in log means?

[Marcin Mirosław]

W dniu 24.11.2016 o 16:04, Heiko Schlittermann pisze:
> Hi Marcin,
> 
> Marcin Mirosław <mar...@mejor.pl> (Do 24 Nov 2016 15:26:40 CET):
>> Hi!
>> I just found in exim log something strange for me.
>> This is snippet from log:
>> 2016-11-24 15:17:11 [32497] 1c9upo-0008S9-2c H=([37.255.216.195])
>> [37.255.216.195] I=[81.4.122.249]:25 Warning: testing rspamd: rspamd::
>> X-Rspamd_score_int: 396 X-rspamd_action: reject ; spamassassin:: X-Spa
>> m_score_int: 331 X-Spam_action: reject
>> 2016-11-24 15:17:11 [32497] 1c9upo-0008S9-2c (= at...@occbs.com
> …
> 
> is it possible to send it w/o linebreaks?
> What log options do you use? Some of the new ones (syslog_pid,
> syslog_timestamp)?


I just found it. It was exim-4.88-rc2, so I looked into doc inside
repository:
JH/17 Fakereject: previously logged as a norml message arrival "<="; now


  distinguished as "(=".

Thanks!:)




-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] What (= in log means?

[Marcin Mirosław]

Hi!
I just found in exim log something strange for me.
This is snippet from log:
2016-11-24 15:17:11 [32497] 1c9upo-0008S9-2c H=([37.255.216.195])
[37.255.216.195] I=[81.4.122.249]:25 Warning: testing rspamd: rspamd::
X-Rspamd_score_int: 396 X-rspamd_action: reject ; spamassassin:: X-Spa
m_score_int: 331 X-Spam_action: reject
2016-11-24 15:17:11 [32497] 1c9upo-0008S9-2c (= at...@occbs.com
H=([37.255.216.195]) [37.255.216.195] I=[81.4.122.249]:25 P=esmtp S=5569
M8S=0 id=41BA8E3D2F75099C6753E0F2A8D441BA@D3471I2WA for marcin@mejor.p
l
2016-11-24 15:17:14 [32668] 1c9upo-0008S9-2c => marcin 
R=spam_fakereject_kopia T=spam_transport_kopia ST=spam_transport_sc QT=6s
2016-11-24 15:17:14 [32668] 1c9upo-0008S9-2c Completed


I don't know what "(= at...@occbs.com" means. I quickly looked at
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-log_files.html
but I can't find the answer.

 exim -bV
Exim version 4.88 #1 built 10-Oct-2016 13:51:40
Copyright (c) University of Cambridge, 1995 - 2016
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007
- 2016
Berkeley DB: Berkeley DB 4.8.30: (2014-12-18)
Support for: crypteq iconv() IPv6 Expand_dlfunc OpenSSL Content_Scanning
DKIM DNSSEC Event OCSP PRDR Experimental_SRS
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm
dbmjz dbmnz dnsdb dsearch passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /etc/exim/exim.conf

Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] 2nd Stage DNS blocking

[Marcin Mirosław]

W dniu 11.10.2016 o 17:18, Hardy pisze:
> Thanks for all your input. But some of you missed my point. I admit, the
> subject is OT, and I was too lengthy in explanation.
> 
> Shorter
> We DO accept mail from a trusted host, not under our control. THAT hosts
> was tricked to accept spam. To identify this, we have no other choice
> than to look at data, and I was especially thinking about "Received
> from" headers.
> Okay, I think this thread is exhausted, unless you still have some
> exceptional idea now.
> 
> Sorry for the initial confusion, thanks for your feedback.

Hi!
Why don't you use Spamassin for identify a spam? In SA configuration you
should add addresses of "trusted host not under your control" in
"trusted_networks" options. It makes SA to ignore last Received line
beacuse this is trusted host.
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] 2nd Stage DNS blocking

[Marcin Mirosław]

W dniu 07.10.2016 o 12:59, Hardy pisze:
> Hi folks,
> 
> 2nd Stage DNS blocking
> I could imagine I am not the first with this idea, and there is already
> a proper name for it. Let me describe:
> We receive spam via the usual MTA chain. Sometimes we receive mail from
> (free) mail providers like gmail and yahoo. Sometimes we fetchmail these
> latter ones to feed them to our MX.
> We only check the connecting server, and in some of the examples above
> it might even be trusted. But that one was tricked to take spam before.
> Random samples show me: We would not have taken most of the spam from
> the intermediate or even originating MTA or sender. I would like to run
> these "Received from" addresses against dnslists and/or blacklists in
> files.
> You obviously cannot do this before the acl data. I am not a regex wiz,
> and I think one needs an external script anyway to extract IPs. Hints?
> Ideas?
> Has anyone done before?

Hi!
User proper tool for proper thing. Use tuned spamassassin or rspamd to
do it. E.g. use SA instance with only rbl rules for lightweit check.
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] av_scanner doesn't accept options like pri=, weight=

[Marcin Mirosław]

W dniu 05.09.2016 o 16:40, Jeremy Harris pisze:
Hi!
> On 05/09/16 15:07, Marcin Mirosław wrote:
>> I noticed that I can't use additional options (available for
>> spamd_address) in av_scanner. Especially I'm missing "pri= "
>> modifier.
> 
> Add yourself to bug 1585.
> 
>> I'd like to bring attention to mail:
>> https://lists.exim.org/lurker/message/20160819.071333.37230507.en.html
>> It would be nice to here "yes" in answer but if it's not possible it
>> would be enough to hear any answer;)
> 
> It'll happen when the devs get together enough energy and enthusiasm.
> See  https://github.com/Exim/exim/wiki/EximReleasePolicy

Hmm, what do you think, could something like http://beer2buds.com/ bring
some positive fluids to devs?

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] av_scanner doesn't accept options like pri=, weight=

[Marcin Mirosław]

Hi!
I noticed that I can't use additional options (available for
spamd_address) in av_scanner. Especially I'm missing "pri= "
modifier.

I'd like to bring attention to mail:
https://lists.exim.org/lurker/message/20160819.071333.37230507.en.html
It would be nice to here "yes" in answer but if it's not possible it
would be enough to hear any answer;)

Thank you,
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim + grsecurity + ssl = dos

[Marcin Mirosław]

W dniu 01.06.2016 o 15:05, Renaud Allard pisze:
> 
> 
> On 06/01/2016 12:32 PM, Samuel wrote:
>>
>> Le 01/06/2016 à 11:24, Jeremy Harris a écrit :
>>> On 31/05/16 18:44, Samuel wrote:
 2016-05-31 05:55:44 TLS error on connection from
 researchscan258.eecs..edu (eecs..edu) [1XX.212.XXX.3]
 (gnutls_handshake): Could not negotiate a supported cipher suite.
 2016-05-31 05:55:44 H=researchscan258.eecs..edu (eecs..edu)
 [1XX.212.XXX.3] Warning: erreur : tls-failed
>>> OK, cipher-suite mismatch...
>>>
 /var/log/syslog :

 May 31 05:55:44 anemone-mailin-01 kernel: [4547900.677897] traps:
 exim4[23055] general protection ip:6664ddc0bad6 sp:7483826d3710 error:0
 in libc-2.19.so[6664ddba2000+1a2000]
>>> Oops!
>>>
 So if I understand well, A special craft ssl request can cause DOS on
 Exim on Grsecurity kernel ?
>>> Not all that crafted; just a choice of ciphers.
>>
>> Is this a problem from my side ? Do I have to do someting ?
>>
> 
> Given the name of the host researchscanXXX, may I assume you have used a
> server to test the crypto? So if it has indeed attempted some kind of
> brute force, maybe grsec was right.
> 
> Some grsec features should be used with great precautions. This is not a
> magical recipe.


Hi!
I don't know if it help. I also have conenction from researchscan but
without any segfault.:
# bzgrep 13810 /var/log/exim/exim_main.log-20160531*
2016-05-30 12:51:28 [13810] TLS error on connection from
researchscan258.eecs.umich.edu (eecs.umich.edu) [141.212.122.3]
I=[81.4.122.249]:25 (SSL_accept): error:140760FC:SSL
routines:SSL23_GET_CLIENT_HELLO:unknown protocol
2016-05-30 12:51:28 [13810] TLS client disconnected cleanly (rejected
our certificate?)

# exim -d --version
Exim version 4.87 #1 built 08-Apr-2016 14:04:45
Copyright (c) University of Cambridge, 1995 - 2016
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007
- 2016
Berkeley DB: Berkeley DB 4.8.30: (2014-12-18)
Support for: crypteq iconv() IPv6 Expand_dlfunc OpenSSL Content_Scanning
Old_Demime DKIM DNSSEC Event OCSP PRDR Experimental_SRS
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm
dbmjz dbmnz dnsdb dsearch passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.9.3]
Library version: OpenSSL: Compile: OpenSSL 1.0.2g  1 Mar 2016
  Runtime: OpenSSL 1.0.2h  3 May 2016
 : built on: reproducible build, date
unspecified
Library version: PCRE: Compile: 8.38
   Runtime: 8.38 2015-11-23
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
Exim version 4.87 uid=0 gid=0 pid=5705 D=fbb95cfd
changed uid/gid: forcing real = effective
  uid=0 gid=0 pid=5705
  auxiliary group list: 
changed uid/gid: calling tls_validate_require_cipher
  uid=8 gid=12 pid=5706
  auxiliary group list: 
tls_require_ciphers expands to "HIGH:!aNULL:!MD5!DES:!3DES"
tls_validate_require_cipher child 5706 ended: status=0x0
openssl option, adding from 110: 100 (no_sslv2 +no_sslv3)
openssl option, adding from 110: 200 (no_sslv3)
configuration file is /etc/exim/exim.conf
log selectors = 84fe 1621
cwd=/root 3 args: exim -d --version
trusted user
admin user
changed uid/gid: privilege not needed
  uid=8 gid=12 pid=5705
  auxiliary group list: 12
DSN: dnslookup_batv propagating DSN
DSN: batv_redirect propagating DSN
DSN: spam_fakereject_kopia propagating DSN
DSN: uservacation propagating DSN
DSN: virtual_user propagating DSN
DSN: aliasy propagating DSN
DSN: catchall propagating DSN
DSN: dnslookup propagating DSN
seeking password data for user "mail": cache not available
getpwnam() succeeded uid=8 gid=12
originator: uid=0 gid=0 login=root name=root
sender address = SNIP@CIACH
Configuration file is /etc/exim/exim.conf

# uname -a
Linux jowisz 4.5.4-hardened-r2 #1 SMP Tue May 17 16:54:00 CEST 2016
x86_64 Intel(R) Xeon(R) CPU E5-2630 v2 @ 2.60GHz GenuineIntel GNU/Linux


And I'm sure that grsec option in kernel I've got different than Samuel.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Hints in retry database has wrong MX - how to refresh MX records?

[Marcin Mirosław]

Hi!

I've got such situation, when user sends email resolver find wrong MX
records for domain (wrong or MX was changed in meantime). The email
can't be delivered to MX due to connection timeout error. Now I can see
that destination domain has different MX that those in retry database.
How I can tell exim to refresh MXes for mails in queue?

Have a nice day!
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Hints in retry database has wrong MX - how to refresh MX records?

[Marcin Mirosław]

W dniu 11.02.2016 o 12:45, Andrew C Aitchison pisze:
> On Thu, 11 Feb 2016, Marcin Mirosław wrote:
> 
>> Hi!
>>
>> I've got such situation, when user sends email resolver find wrong MX
>> records for domain (wrong or MX was changed in meantime). The email
>> can't be delivered to MX due to connection timeout error. Now I can see
>> that destination domain has different MX that those in retry database.
>> How I can tell exim to refresh MXes for mails in queue?
> 
> exim_dumpdb exim_tidydb and exim_fixdb
> 
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch-exim_utilities.html#SECThindatmai
> 
> 
> If you don't run exim_tidydb from cron
> you might wish to consider doing so.
> 
> In this case you may wish to use exim_fixdb for this particular case.


Hi!
Thanks, I used exim_tidydb -t 1m to clean database. And I discovered
that problem is called PEBKAC:/ . I made a little typo when I checked MX
records for domains.
Thanks!
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [EXIM] GeoIP it's posible?

[Marcin Mirosław]

W dniu 31.07.2015 o 17:46, Fabián M Sales pisze:
 
 Hello List.
 
 Exim exists the possibility of using GeoIP to countries that need can
 not be connected?

Hello,
you can also use:
* mail-filter/exim-geoip
 Available versions:  (~)0.1
 Homepage:http://dist.epipe.com/exim/
 Description: This is an IPv4 and IPv6 capable GeoIP dlfunc
library for Exim


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] event_action: one wish and one question

[Marcin Mirosław]

Hi!
Thank you for tool more universal than TPDA.

I wrongly configured event_action, I used too levels of brackets:
event_action = ${if eq {msg:delivery}{$event_name}  { {${lookup
pgsql{SQL_POCZTA_WYCH}}} } }

I added those line in transport. And then in main log I got:
2015-06-14 23:47:32 1Z4FfI-00048y-FX == aaa...@example.com
R=dnslookup_batv T=external_smtp_batv defer (2): No such file or directory

I spent a couple of minutes to find out what was the reason of this.
Could it be possible to add some more information to logged information
that this error comes from event_action?


I'd like to use more than one action in event_action (I'd like to insert
tuple into database and add line to log, probably using
perl{Exim::log_write}). What is correct syntax to have multiple actions
in event_action?

Thanks,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] event_action: one wish and one question

[Marcin Mirosław]

W dniu 2015-06-15 o 17:57, Jeremy Harris pisze:
 On 15/06/15 13:31, Jeremy Harris wrote:
 On 15/06/15 11:46, Marcin Mirosław wrote:
 I wrongly configured event_action, I used too levels of brackets:
 event_action = ${if eq {msg:delivery}{$event_name}  { {${lookup
 pgsql{SQL_POCZTA_WYCH}}} } }

 I added those line in transport. And then in main log I got:
 2015-06-14 23:47:32 1Z4FfI-00048y-FX == aaa...@example.com
 R=dnslookup_batv T=external_smtp_batv defer (2): No such file or directory

 I spent a couple of minutes to find out what was the reason of this.
 Could it be possible to add some more information to logged information
 that this error comes from event_action?

 I'll have a think on that.
 
 The trouble here is that it was (probably) syntactically valid; the
 result of the expansion was not what you expected, but for this
 event it is ignored anyway - so there should not have been a
 semantic failure either.
 
 I'd like to see a debug run showing that it was actually the
 event that caused the defer.


Hi!
Thank you for both answers. I reproduced this situation on diffrent box,
using such event_action:
event_action = ${if eq {msg:delivery}{$event_name}  { {${lookup
pgsql{select 1}}} } }

(I hope I didn't strip too much)

# exim -d+all -M 1Z4Zop-00089J-CO
 21:16:55  1086 Exim version 4.85 uid=0 gid=0 pid=1086 D=fffd
 Berkeley DB: Berkeley DB 4.8.30: (2014-12-18)
 Support for: crypteq iconv() IPv6 Expand_dlfunc OpenSSL Content_Scanning DKIM 
 Old_Demime PRDR OCSP Experimental_SRS Experimental_Event Experimental_DSN
 Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz 
 dbmnz dnsdb dsearch passwd pgsql
 Authenticators: cram_md5 plaintext spa
 Routers: accept dnslookup ipliteral manualroute queryprogram redirect
 Transports: appendfile/mailstore autoreply lmtp pipe smtp
 Fixed never_users: 0
 Size of off_t: 8
 Compiler: GCC [4.8.4]
 Library version: OpenSSL: Compile: OpenSSL 1.0.1o 12 Jun 2015
   Runtime: OpenSSL 1.0.1o 12 Jun 2015
  : built on: Sat Jun 13 19:59:56 2015
 Library version: PCRE: Compile: 8.36
Runtime: 8.36 2014-09-26
 21:16:55  1086 Total 12 lookups
 WHITELIST_D_MACROS unset
 TRUSTED_CONFIG_LIST unset
 21:16:55  1086 changed uid/gid: forcing real = effective
 21:16:55  1086   uid=0 gid=0 pid=1086
 21:16:55  1086   auxiliary group list: none
 21:16:55  1087 changed uid/gid: calling tls_validate_require_cipher
 21:16:55  1087   uid=8 gid=12 pid=1087
 21:16:55  1087   auxiliary group list: none
 21:16:55  1086 tls_validate_require_cipher child 1087 ended: status=0x0
 21:16:55  1086 configuration file is /etc/exim/exim.conf
 21:16:55  1086 log selectors = 04fe 00232321
 21:16:55  1086 cwd=/etc/exim 4 args: exim -d+all -M 1Z4Zop-00089J-CO
 21:16:55  1086 trusted user
 21:16:55  1086 admin user
[...]

 21:16:55  1086  Remote deliveries 
   
 [175/4733]
 21:16:55  1086  t...@example.com 
 21:16:55  1086 expanding: $return_path
 21:16:55  1086result: mar...@mejor.pl
 21:16:55  1086 expanding: niktnicniewieole
 21:16:55  1086result: niktnicniewieole
 21:16:55  1086 prvs: hash source is '0608mar...@mejor.pl'
 21:16:55  1086 expanding: ${prvs {$return_path}{niktnicniewieole}}
 21:16:55  1086result: prvs=06088217e3=mar...@mejor.pl
 21:16:55  1086 search_tidyup called
 21:16:55  1086 set_process_info:  1086 delivering 1Z4Zop-00089J-CO: waiting 
 for a remote delivery subprocess to finish
 21:16:55  1086 selecting on subprocess pipes
 21:16:55  1089 changed uid/gid: remote delivery to t...@example.com with 
 transport=external_smtp_batv
 21:16:55  1089   uid=8 gid=12 pid=1089
 21:16:55  1089   auxiliary group list: none
 21:16:55  1089 set_process_info:  1089 delivering 1Z4Zop-00089J-CO using 
 external_smtp_batv
 21:16:55  1089 external_smtp_batv transport entered
 21:16:55  1089   t...@example.com
 21:16:55  1089 checking status of example.com
 21:16:55  1089 locking /var/spool/exim/db/retry.lockfile
 21:16:55  1089 locked /var/spool/exim/db/retry.lockfile
 21:16:55  1089 EXIM_DBOPEN(/var/spool/exim/db/retry)
 21:16:55  1089 returned from EXIM_DBOPEN
 21:16:55  1089 opened hints database /var/spool/exim/db/retry: flags=O_RDONLY
 21:16:55  1089 dbfn_read: key=T:example.com:2606:2800:220:1:248:1893:25c8:1946
 21:16:55  1089 dbfn_read: 
 key=T:example.com:2606:2800:220:1:248:1893:25c8:1946:1Z4Zop-00089J-CO
 21:16:55  1089 no message retry record
 21:16:55  1089 example.com [2606:2800:220:1:248:1893:25c8:1946] status = 
 usable
 21:16:55  1089 2606:2800:220:1:248:1893:25c8:1946 in serialize_hosts? no 
 (option unset)
 21:16:55  1089 delivering 1Z4Zop-00089J-CO to example.com 
 [2606:2800:220:1:248:1893:25c8:1946] (t...@example.com)
 21:16:55  1089 set_process_info:  1089 delivering 1Z4Zop-00089J-CO to 
 example.com [2606:2800:220:1:248:1893:25c8:1946] (t...@example.com)
 21:16:55

Re: [exim] event_action: one wish and one question

[Marcin Mirosław]

W dniu 2015-06-15 o 22:59, Marcin Mirosław pisze:
 W dniu 2015-06-15 o 22:41, Jeremy Harris pisze:
 On 15/06/15 16:57, Jeremy Harris wrote:
 On 15/06/15 13:31, Jeremy Harris wrote:
 On 15/06/15 11:46, Marcin Mirosław wrote:
 I wrongly configured event_action, I used too levels of brackets:
 event_action = ${if eq {msg:delivery}{$event_name}  { {${lookup
 pgsql{SQL_POCZTA_WYCH}}} } }

 I added those line in transport. And then in main log I got:
 2015-06-14 23:47:32 1Z4FfI-00048y-FX == aaa...@example.com
 R=dnslookup_batv T=external_smtp_batv defer (2): No such file or directory

 I spent a couple of minutes to find out what was the reason of this.
 Could it be possible to add some more information to logged information
 that this error comes from event_action?

 I'll have a think on that.

 The trouble here is that it was (probably) syntactically valid; the
 result of the expansion was not what you expected, but for this
 event it is ignored anyway - so there should not have been a
 semantic failure either.

 I'd like to see a debug run showing that it was actually the
 event that caused the defer.

 Ah, I forgot with ignored anyway that other events are involved.
 It was processed for a tcp:connect event, where the result does
 matter; anything but blank resulting in the connection not being
 made (the event is raised before the connection is made, to give
 a fine-control capability).
 
 Hmm, when I use 'select null' then message is still defered:
  == t...@example.com R=dnslookup_batv T=external_smtp_batv defer (2): No
 such file or directory


Sorry, I forgot about additional {} .


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] event_action: one wish and one question

[Marcin Mirosław]

W dniu 2015-06-15 o 22:41, Jeremy Harris pisze:
 On 15/06/15 16:57, Jeremy Harris wrote:
 On 15/06/15 13:31, Jeremy Harris wrote:
 On 15/06/15 11:46, Marcin Mirosław wrote:
 I wrongly configured event_action, I used too levels of brackets:
 event_action = ${if eq {msg:delivery}{$event_name}  { {${lookup
 pgsql{SQL_POCZTA_WYCH}}} } }

 I added those line in transport. And then in main log I got:
 2015-06-14 23:47:32 1Z4FfI-00048y-FX == aaa...@example.com
 R=dnslookup_batv T=external_smtp_batv defer (2): No such file or directory

 I spent a couple of minutes to find out what was the reason of this.
 Could it be possible to add some more information to logged information
 that this error comes from event_action?

 I'll have a think on that.

 The trouble here is that it was (probably) syntactically valid; the
 result of the expansion was not what you expected, but for this
 event it is ignored anyway - so there should not have been a
 semantic failure either.

 I'd like to see a debug run showing that it was actually the
 event that caused the defer.
 
 Ah, I forgot with ignored anyway that other events are involved.
 It was processed for a tcp:connect event, where the result does
 matter; anything but blank resulting in the connection not being
 made (the event is raised before the connection is made, to give
 a fine-control capability).

Hmm, when I use 'select null' then message is still defered:
 == t...@example.com R=dnslookup_batv T=external_smtp_batv defer (2): No
such file or directory




-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] gnutls tester wanted

[Marcin Mirosław]

W dniu 19.09.2014 o 17:11, Jeremy Harris pisze:

Hi!

 Anyone out there:
 
 - Running GnuTLS 3.3.6 or later
 - Prepared to build from source


I've got compilation error with 3.3.8 (with 3.3.6 and 3.3.7 builds fine)


ccache gcc -o exim
ccache gcc -o exim  acl.o child.o crypt16.o daemon.o dbfn.o debug.o
deliver.o directory.o dns.o drtables.o enq.o exim.o expand.o filter.o
filtertest.o globals.o dkim.o header.o host.o ip.o log.o lss.o match.o
moan.o os.o parse.o queue.o rda.o readconf.o receive.o retry.o rewrite.o
rfc2047.o route.o search.o sieve.o smtp_in.o smtp_out.o spool_in.o
spool_out.o std-crypto.o store.o string.o tls.o tod.o transport.o tree.o
verify.o lookups/lf_quote.o lookups/lf_check_file.o
lookups/lf_sqlperform.o local_scan.o perl.o malware.o mime.o regex.o
spam.o spool_mbox.o demime.o bmi_spam.o spf.o srs.o dcc.o dmarc.o dane.o
version.o \
  routers/routers.a transports/transports.a lookups/lookups.a \
  auths/auths.a pdkim/pdkim.a \
  -lresolv -lnsl -lcrypt -lm\
   -ldb -lmysqlclient -lpq -lldap -llber -lspf2 -lsrs_alt -lopendmarc
-lhiredis -lwrap -lpam -ldl  \
  -Wl,-E -Wl,-O1 -Wl,--as-needed
-L/usr/lib64/perl5/5.18.2/x86_64-linux/CORE -lperl -lnsl -ldl -lm
-lcrypt -lutil -lc -lgnutls  -L/usr/lib64 -lpcre
tls.o: In function `tls_init':
tls.c:(.text+0x1766): undefined reference to `gnutls_pkcs11_init'
tls.o: In function `tls_validate_require_cipher':
tls.c:(.text+0x3950): undefined reference to `gnutls_pkcs11_init'
collect2: error: ld returned 1 exit status
Makefile:451: recipe for target 'exim' failed
make[1]: *** [exim] Error 1
make[1]: Leaving directory
'/home/farm/buildfarm/HEAD/exim.49927/src/build-Linux-x86_64'
Makefile:29: recipe for target 'all' failed
make: *** [all] Error 2

gcc version 4.8.3 (Gentoo Hardened 4.8.3 p1.1, pie-0.5.9)
# ld -v
GNU ld (GNU Binutils) 2.24

exim version: HEAD

Regards,
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] gnutls tester wanted

[Marcin Mirosław]

W dniu 22.09.2014 o 15:47, Jeremy Harris pisze:
 On 22/09/14 13:57, Marcin Mirosław wrote:
 - Running GnuTLS 3.3.6 or later
 - Prepared to build from source


 I've got compilation error with 3.3.8 (with 3.3.6 and 3.3.7 builds fine)
 
 Tant's useful to know - thanks.
 
 Could you ask on gnutls-h...@lists.gnutls.org for
 the preferred fix for 3.3.8+  ?


I don't have any C skills, I'm not sure I'm proper person to ask about
such low level things...
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] gnutls tester wanted

[Marcin Mirosław]

W dniu 2014-09-22 o 19:32, Andreas Metzler pisze:
 Marcin Mirosław mar...@mejor.pl wrote:
 [...]
 I've got compilation error with 3.3.8 (with 3.3.6 and 3.3.7 builds fine)
 [...]
 tls.c:(.text+0x3950): undefined reference to `gnutls_pkcs11_init'
 collect2: error: ld returned 1 exit status
 Makefile:451: recipe for target 'exim' failed
 make[1]: *** [exim] Error 1
 make[1]: Leaving directory
 '/home/farm/buildfarm/HEAD/exim.49927/src/build-Linux-x86_64'
 Makefile:29: recipe for target 'all' failed
 make: *** [all] Error 2
 [...]
 
 Hello,
 
 Looks like you built GnuTLS without PKCS #11 support. - Probably
 because your p11-kit version is too old. For GnuTLS 3.3.8 you need
 p11-kit 0.20.7 (stable branch) or 0.21.3 (unstable branch).

Yup, I've got p11-kit-0.20.4, so it's gentoo dependency bug.
Thanks,
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Misleading message clamd: failed to connect to 127.0.0.1: couldn't connect to any host: Connection refused ?

[Marcin Mirosław]

W dniu 02.07.2014 03:43, Phil Pennock pisze:

Hi Phil, hi all!

 On 2014-06-30 at 16:31 +0200, Marcin Mirosław wrote:
 I have defined connection to av_scanner as below:
 av_scanner  = clamd:127.0.0.1 3310 : 192.168.254.10 3310
 
 2014-06-30 16:18:01 1X1cPB-0001CM-E1 malware acl condition: clamd:
 failed to connect to 127.0.0.1: couldn't connect to any host: Connection
 refused
 
 So message couldn't connect to any host: is a little misleading, exim
 can connect to any host (but not to localhost).
 
 Sorry, that's misleading, yes.  What it means is for the hostname or IP
 address given, couldn't connect to any host matching that hostname.  If
 you had specified localhost 3310 on an IPv6 system, then it would have
 tried 127.0.0.1 and ::1 both before reporting that error.
 
 So when Exim is working through the list of possible targets, in random
 order now, each item is tried in turn; when they're IP addresses instead
 of hostnames, then the message is misleading.

Should I fill bug for this?


 Have you got any idea why clamd uses word local even when connection
 is from remote host?
 
 Bug?
 
 Their code:
 8 cut here 8--
 if (stream) {
 struct sockaddr_in sa;
 socklen_t salen = sizeof(sa);
 if(getpeername(conn-sd, (struct sockaddr *)sa, salen) || salen 
  sizeof(sa) || sa.sin_family != AF_INET)
 strncpy(fdstr, instream(local), sizeof(fdstr));
 else
 snprintf(fdstr, sizeof(fdstr), instream(%s@%u), 
 inet_ntoa(sa.sin_addr), ntohs(sa.sin_port));
 reply_fdstr = stream;
 } else {
 snprintf(fdstr, sizeof(fdstr), fd[%d], fd);
 reply_fdstr = fdstr;
 }
 8 cut here 8--
 
 So will fail on IPv6; your config is IPv4-only though?  So something
 non-obvious probably happening in the path to get here and I'm
 disinclined to spend more than 5 minutes looking at this or getting
 familiar with the ClamAV code base to answer.  :)  So, ask on the ClamAV
 mailing lists?
 
 Or are you using IPv6-mapped IPv4 stuff, to get connections which look
 like ::192.0.2.1 -- in which case, lack of IPv6 support in that bit
 of the ClamAV codebase.

With clamav compiled with ipv6 support nothing changed.
Thank you, you spend far more time than I expected. I was expecting
answer like it's known bug or I've never seen such behavior.
Sorry for late anwer.

Marcin




-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Misleading message clamd: failed to connect to 127.0.0.1: couldn't connect to any host: Connection refused ?

[Marcin Mirosław]

Hi!
I have defined connection to av_scanner as below:
av_scanner  = clamd:127.0.0.1 3310 : 192.168.254.10 3310

On localhost clamav is turned off. When I senr eixar test I got in
exim_main.log:

# exigrep 1X1cPB-0001CM-E1 /var/log/exim/exim_main.log
+++ 1X1cPB-0001CM-E1 has not completed +++
2014-06-30 16:18:01 1X1cPB-0001CM-E1 DKIM: d=cibet.pl s=120625
c=relaxed/relaxed a=rsa-sha256 [verification succeeded]
2014-06-30 16:18:01 1X1cPB-0001CM-E1 malware acl condition: clamd:
failed to connect to 127.0.0.1: couldn't connect to any host: Connection
refused
2014-06-30 16:19:01 1X1cPB-0001CM-E1 H=poczta3.cibet.pl
(poczta.cibet.pl) [77.252.119.98] I=[88.198.102.195]:25
X=TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256
F=prvs=025879ac1c=...@cibet.pl rejected after DATA: Virus found /
znaleziono wirusa :Eicar-Test-Signature

In clamd.log on remote host I've got:
Mon Jun 30 16:18:01 2014 - instream(local):
Eicar-Test-Signature(3cc1cc089e6737293a05a391d62a2a56:1676) FOUND

So message couldn't connect to any host: is a little misleading, exim
can connect to any host (but not to localhost).
Have you got any idea why clamd uses word local even when connection
is from remote host?
Regards,
Marcin


Exim version 4.83_RC2 #2 built 20-Jun-2014 13:15:47
Copyright (c) University of Cambridge, 1995 - 2014
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007
- 2014
Berkeley DB: Berkeley DB 4.8.30: (2013-10-04)
Support for: crypteq iconv() IPv6 OpenSSL Content_Scanning DKIM
Old_Demime OCSP Experimental_SRS Experimental_DSN
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm dbmjz
dbmnz dsearch passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /etc/exim/exim.conf


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.83 RC1 uploaded

[Marcin Mirosław]

W dniu 04.06.2014 11:02, Mike Cardwell pisze:
 * on the Tue, Jun 03, 2014 at 09:16:02PM +0100, Jeremy Harris wrote:
 
 I have uploaded Exim 4.83 RC1

 Has anybody tried it?   We're about to put out RC2.
 Any comments on RC1 would be most welcome.
 
 I'm running it on two boxes. I haven't tested all of the new stuff
 it includes, but I do have dns_dnssec_ok set, and have enabled the
 new tls_try_verify_hosts SMTP transport option, both of which
 seem to work. I haven't seen any issues other than the dnssec
 strict/defer lookup stuff I mentioned on exim-dev. It hasn't
 crashed, I've scanned my logs and haven't seen any unexpected
 errors or deliverability issues.
 
 They're not high-usage boxes though. They've probably only handled
 a few thousand emails between them since I installed it last
 Thursday.

Hi!
I can say almost the same, just works in rather simple configuration
(pgsql+lmtp+maildir+dovecot auth+dlfunc) but I just want to add info
about warning I got while compiling exim:

x86_64-pc-linux-gnu-gcc -c -O2 -pipe -march=core2 -mtune=native
-frecord-gcc-switches -fno-unwind-tables
-fno-asynchronous-unwind-tables -fpeel-loops
-ftracer -ggdb -I.deliver.c
deliver.c: In function ‘deliver_message’:
deliver.c:6500:5: warning: format ‘%d’ expects argument of type ‘int’,
but argument 4 has type ‘time_t’ [-Wformat]
deliver.c:6500:5: warning: format ‘%d’ expects argument of type ‘int’,
but argument 4 has type ‘time_t’ [-Wformat]
deliver.c:6758:7: warning: format ‘%d’ expects argument of type ‘int’,
but argument 4 has type ‘time_t’ [-Wformat]
deliver.c:6758:7: warning: format ‘%d’ expects argument of type ‘int’,
but argument 4 has type ‘time_t’ [-Wformat]
deliver.c:7389:9: warning: format ‘%d’ expects argument of type ‘int’,
but argument 4 has type ‘time_t’ [-Wformat]
deliver.c:7389:9: warning: format ‘%d’ expects argument of type ‘int’,
but argument 4 has type ‘time_t’ [-Wformat]

Thanks for all your work.


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Multiline and multi ACL smtp_banner

[Marcin Mirosław]

W dniu 30.04.2014 15:04, Wolfgang Breyha pisze:

Hi!

 Marcin Mirosław wrote, on 30/04/14 14:34:
 Hi!
 I'm trying to implement some of the features from postscreen. First of
 them is sending multitiline smtp banner with delay between lines [1].
 
 Simply add a delay in your connect ACL. 1 Second is usually enough to fool
 broken clients.
 
 So my too fast ehlo makes that after rcpt to mail will be rejected.
 I suspect it will be completely impossible to do it. But maybe such poor
 PREGREET test would be possible without many effort in exim code?:

 acl_smtp_connect= acl_check_connect

 acl_check_connect:
  warn
  message = 220-mail.xxx. ESMTP
  warn
  delay = 5s
  warn
  message = 220 mail.xxx. ESMTP go on dude

 And if protocol error appears let Exim rejects email at this moment.
 
 Exim will already do that automatically if you didn't set
 smtp_enforce_sync = false (main option)
 or
 control = no_enforce_sync (ACL control)

I didn't change enforce settings. What you said is true beside I can't
use acl shown above. As far as I can see there is no possible to add
delay when sending smtp banner. control = no_delay_flush doesn't help
me in this case.

 What about adding feature allowing temporary ignoring
 protocol/sychronization errors (e.g. ignore_protocols_error=1) and
 
 See above. Adding
 control = no_pipelining
 makes live even harder for some clients. Disabling STARTTLS might as well, but
 at (too) high costs.

some clients you mean spam hosts?
Meseems disabling STARTTLS doesn't help in early detection of connection
from bot or I didn't catch properly your thought.

 Read
 http://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html
 http://www.exim.org/exim-html-current/doc/html/spec_html/ch-main_configuration.html
 for details.
 
 putting information about such incident into expansion item?
 
 Currently there is no variable to check for previous sync errors.

As you suggest I'm going to add little delay to acl_connect and see results.

Thanks,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Multiline and multi ACL smtp_banner

[Marcin Mirosław]

Hi!
I'm trying to implement some of the features from postscreen. First of
them is sending multitiline smtp banner with delay between lines [1].
It looks as below:
Connected to xyz..
Escape character is '^]'.
220-mail.xyz.net ESMTP
ehlo mejor.pl
250-mail.xyz.net
250-SIZE 5120
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:s...@kolekcja.mejor.pl
250 2.1.0 Ok
rcpt to:x...@example.com
550 5.5.1 Protocol error

So my too fast ehlo makes that after rcpt to mail will be rejected.
I suspect it will be completely impossible to do it. But maybe such poor
PREGREET test would be possible without many effort in exim code?:

acl_smtp_connect= acl_check_connect

acl_check_connect:
warn
message = 220-mail.xxx. ESMTP
warn
delay = 5s
warn
message = 220 mail.xxx. ESMTP go on dude

And if protocol error appears let Exim rejects email at this moment.

What about adding feature allowing temporary ignoring
protocol/sychronization errors (e.g. ignore_protocols_error=1) and
putting information about such incident into expansion item?

Regards
Marcin

[1] - http://www.postfix.org/POSTSCREEN_README.html#before_220

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Experimental Redis lookup

[Marcin Mirosław]

W dniu 2014-04-22 12:33, Warren Baker pisze:
 HI all,

Hi!

 I just wanted to ask whether anyone is making use of Redis as a lookup?
 I have been using it for a number of months now without any issue but
 need to find out whether others are or have attempted using it and if
 it is working or didn't work for them.

I tried to use Redis lookup and it works without problem for me. But it
wasn't production enviroment.
Thanks

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim can't resolve hostname of database when second email is sended in one TCP connection

[Marcin Mirosław]

W dniu 13.11.2013 19:51, Phil Pennock pisze:
 On 2013-11-13 at 16:43 +0100, Marcin Mirosław wrote:
 or I add pgsql to /etc/hosts then problem disappears.
 It looks like search option isn't applied when exim tries translate
 hostname to address.
 
 I just noticed that similar problem appears if I use ${lookup pgsql{}}
 in transport. In such situation I have problem with resolving hostname
 of database if I don't use FQDN in definition of pgsql server. Again,
 search option from resolv.conf seems to be ignored.
 
 Correct; Exim is very careful to disable search by default, so that
 hosts supplied in routing rules don't unexpectedly go to some place
 else.  The only exceptions (which come to mind) are dns_search_parents
 on an SMTP transport and search_parents on a dnslookup router.
 
 Sorry, you need to specify remote services used by Exim in a way which
 doesn't involve probing DNS repeatedly; this normally isn't an issue,
 since each DNS request adds latency; remember that Exim forks and execs
 a lot, so there's going to be a fresh request to resolve each time.
 
 If you can use a local socket for pgsql, with peer auth, then that will
 be fastest and cleanest.  If you need to specify a remote hostname,
 specify the fully-qualified name so that the lookups can complete
 quickly.
 
 If there's a compelling reason to support short names, please let us
 know.
 
 This appears to be under-documented in The Exim Specification; can you
 let us know where you would expect to see warnings, so we can add some?

Hi!
Thank you Phil for anwser for my emails.

I don't have strong arguments to argue for add support short names. It's
rather matter of habit, usually most soft supports it.
BI'd like to ask to make Exim's behavior more coherent in this matter.
In most places where I'm using ${lookup pgsql{}} short names in
definition of database connection just works. I know about to cases when
it doesn't work:
- transports
- whem I send second email in one tcp connection (one pass:
-- ehlo,mail from, rcpt to, data - it works
in second pass it stops to works.
(Also in definition of spamd connection even short names can't be used.
Documentation doesn't mention if hostnames can be used but in examples
there are only numerical addresses. In definition of clamd connection
hostnames can be used.).
If something works in many places and doesn't work in a few I'm thinking
that not works state is incorrect:)

I'll try to create my proposition of changes in doc.
Thanks,
Marcin



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim can't resolve hostname of database when second email is sended in one TCP connection

[Marcin Mirosław]

W dniu 08.10.2013 11:58, Marcin Mirosław pisze:
 Hello!
 I'm testing new configuration using exim -bh x.y.z -d. I've noticed
 strange behavior when I send HELO/EHLO after first mail was received.
 
 I'm sending:

 ehlo toja
 mail from: a...@pl.inv
 rcpt to: uzytkow...@test2.x.com.pl.inv
 data
 
 
 asdadasd
 
 .
 
 helo test
 quit
 
 
 When second HELO appears I'm getting in debug session:
 SMTP ehlo test
 sender_fullhost = google-public-dns-a.google.com (test) [8.8.8.8]
 sender_rcvhost = google-public-dns-a.google.com ([8.8.8.8] helo=test)
 set_process_info:  8450 handling incoming connection from
 google-public-dns-a.google.com (test) [8.8.8.8]
 using ACL acl_check_helo
 processing drop
 search_open: pgsql NULL
 search_find: file=NULL
   key=SELECT domain FROM postfixadmin_domain WHERE domain = 'test' AND
 active = '1' AND backupmx = '0' UNION select '@' partial=-1 affix=NULL
 starflags=0
 LRU list:
 internal_search_find: file=NULL
   type=pgsql key=SELECT domain FROM postfixadmin_domain WHERE domain =
 'test' AND active = '1' AND backupmx = '0' UNION select '@'
 database lookup required for SELECT domain FROM postfixadmin_domain
 WHERE domain = 'test' AND active = '1' AND backupmx = '0' UNION select '@'
 PostgreSQL query: SELECT domain FROM postfixadmin_domain WHERE domain =
 'test' AND active = '1' AND backupmx = '0' UNION select '@'
 PGSQL new connection: host=pgsql port=5432 database=xx_poczta_test_db
 user=xx_poczta_test
 PGSQL connection failed: could not translate host name pgsql to
 address: Name or service not known
 
 lookup deferred: PGSQL connection failed: could not translate host name
 pgsql to address: Name or service not known
 
 LOG: MAIN PANIC
   failed to expand \n ${lookup pgsql{
 
 
 Definition of pgsql_servers is:
 hide pgsql_servers   = pgsql::5432/xx_poczta_test_db/xx_poczta_test/yy
 
 Full hostname of database server is: pgsql.in.xx.com.pl
 $ cat /etc/resolv.conf
 search in.xx.com.pl
 nameserver 192.168.1.35
 
 
 $ host pgsql
 pgsql.in.cadera.com.pl has address 192.168.1.220
 
 When Iconfigure connection as:
 hide pgsql_servers   =
 pgsql.in.cadera.com.pl::5432/xx_poczta_test_db/xx_poczta_test/yy
 
 or I add pgsql to /etc/hosts then problem disappears.
 It looks like search option isn't applied when exim tries translate
 hostname to address.
 
 Ok, I run exim under strace, here is relevant part
 when first time exim tries to resolve pgsql:
 connect(3, {sa_family=AF_INET, sin_port=htons(53),
 sin_addr=inet_addr(192.168.1.35)}, 16) = 0
 gettimeofday({1381226200, 288600}, NULL) = 0
 poll([{fd=3, events=POLLOUT}], 1, 0)= 1 ([{fd=3, revents=POLLOUT}])
 sendto(3,
 \224\242\1\0\0\1\0\0\0\0\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\1\0\1,
 40, MSG_NOSIGNAL, NULL, 0) = 40
 poll([{fd=3, events=POLLIN|POLLOUT}], 1, 5000) = 1 ([{fd=3,
 revents=POLLOUT}])
 sendto(3,
 \214o\1\0\0\1\0\0\0\0\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\34\0\1, 40,
 MSG_NOSIGNAL, NULL, 0) = 40
 gettimeofday({1381226200, 289009}, NULL) = 0
 poll([{fd=3, events=POLLIN}], 1, 4999)  = 1 ([{fd=3, revents=POLLIN}])
 ioctl(3, FIONREAD, [94])= 0
 recvfrom(3,
 \224\242\205\200\0\1\0\1\0\2\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\1\0\1\300\f\0\1\0\1\0\0*0\0\4\300\250\1\334\300\22\0\2\0\1\0\0*0\0\7\4dns1\300\22\300\22\0\2\0\1\0\0*0\0\7\4dns2\300\22,
 2048, 0, {sa_family=AF_INET, sin_port=htons(53),
 sin_addr=inet_addr(192.168.1.35)}, [16]) = 94
 gettimeofday({1381226200, 293071}, NULL) = 0
 poll([{fd=3, events=POLLIN}], 1, 4995)  = 1 ([{fd=3, revents=POLLIN}])
 ioctl(3, FIONREAD, [87])= 0
 recvfrom(3,
 \214o\205\200\0\1\0\0\0\1\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\34\0\1\300\22\0\6\0\1\0\0*0\0#\4dns1\300\22\5admin\300\25w\3752`\0\0*0\0\0\34
 \0\t:\200\0\0*0, 1954, 0, {sa_family=AF_INET, sin_port=htons(53),
 sin_addr=inet_addr(192.168.1.35)}, [16]) = 87
 close(3)
 
 When second HELO is sended:
 connect(3, {sa_family=AF_INET, sin_port=htons(53),
 sin_addr=inet_addr(192.168.1.35)}, 16) = 0
 gettimeofday({1381226202, 831438}, NULL) = 0
 poll([{fd=3, events=POLLOUT}], 1, 0)= 1 ([{fd=3, revents=POLLOUT}])
 sendto(3, \36V\1\0\0\1\0\0\0\0\0\0\5pgsql\0\0\1\0\1, 23, MSG_NOSIGNAL,
 NULL, 0) = 23
 poll([{fd=3, events=POLLIN|POLLOUT}], 1, 5000) = 1 ([{fd=3,
 revents=POLLOUT}])
 sendto(3, \256J\1\0\0\1\0\0\0\0\0\0\5pgsql\0\0\34\0\1, 23,
 MSG_NOSIGNAL, NULL, 0) = 23
 gettimeofday({1381226202, 831628}, NULL) = 0
 poll([{fd=3, events=POLLIN}], 1, 4999)  = 1 ([{fd=3, revents=POLLIN}])
 ioctl(3, FIONREAD, [98])= 0
 recvfrom(3,
 \36V\201\203\0\1\0\0\0\1\0\0\5pgsql\0\0\1\0\1\0\0\6\0\1\0\0#\360\0@\1a\froot-servers\3net\0\5nstld\fverisign-grs\3com\0w\375{\0\0\0\7\10\0\0\3\204\0\t:\2
 00\0\1Q\200, 2048, 0, {sa_family=AF_INET, sin_port=htons(53),
 sin_addr=inet_addr(192.168.1.35)}, [16]) = 98
 gettimeofday({1381226202, 834145}, NULL) = 0
 poll([{fd=3, events=POLLIN}], 1, 4997)  = 1 ([{fd=3, revents=POLLIN}])
 ioctl(3, FIONREAD, [98])= 0
 recvfrom(3,
 \256J\201\203\0\1\0\0\0\1\0\0\5pgsql\0\0\34\0\1

Re: [exim] Exim4 vs Gmail - DKIM algorithms incompatibility

[Marcin Mirosław]

W dniu 01.11.2013 17:23, Wolfgang Breyha pisze:
 On 2013-10-31 14:58, Tomasz Kusy wrote:
 Hello,
 Tested on Exim version 4.72 with DKIM.
 
 Try a recent exim release.

Hi!
I,m (I was) using exim 4.80.1 and I started to use DMARC. I received
report from google, in xml I found:
auth_results
  dkim
domainmejor.pl/domain
resultfail/result
  /dkim
  spf
domainmejor.pl/domain
resultpass/result
  /spf
/auth_results

Other servers (exim or other MTAs with amavis/sa) pass validation. I
have option dkim_canon unset.

Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim4 vs Gmail - DKIM algorithms incompatibility

[Marcin Mirosław]

W dniu 2013-11-04 19:33, Phil Pennock pisze:
 On 2013-11-04 at 12:19 +0100, Marcin Mirosław wrote:
 I,m (I was) using exim 4.80.1 and I started to use DMARC. I received
 report from google, in xml I found:
 auth_results
   dkim
 domainmejor.pl/domain
 resultfail/result
   /dkim
 
 -- 
 ## List details at https://lists.exim.org/mailman/listinfo/exim-users
 ## Exim details at http://www.exim.org/
 ## Please use the Wiki with this list - http://wiki.exim.org/
 
 Those bits there ^^^ are mailing-list footers, added to your mail by
 Mailman.  They are common on public mailing-lists.  They also break DKIM
 signatures.
 
 So the act of posting your mail to exim-users will bump the count of
 auth_results which fail.  You include only part of the XML schema; that
 auth_results/ should belong to a record/ which also includes a
 row/ containing a source_ip/.
 
 What you're actually able to get is set of counts of how many
 subscribers to each mailing-list you're on use Google services to handle
 the mail which they receive from those mailing-lists.

Again I've attached too little. You can find complete xml report
attached to email.
This one email wasn't sent to maling list, it was sent to gmail user.
Regards,
Marcin
?xml version=1.0 encoding=UTF-8 ?
feedback
  report_metadata
org_namegoogle.com/org_name
emailnoreply-dmarc-supp...@google.com/email
extra_contact_infohttp://support.google.com/a/bin/answer.py?answer=2466580/extra_contact_info
report_id8813207516108810573/report_id
date_range
  begin1383091200/begin
  end1383177599/end
/date_range
  /report_metadata
  policy_published
domainmejor.pl/domain
adkimr/adkim
aspfr/aspf
pnone/p
spnone/sp
pct100/pct
  /policy_published
  record
row
  source_ip2001:470:1f15:1b61::2/source_ip
  count1/count
  policy_evaluated
dispositionnone/disposition
dkimfail/dkim
spfpass/spf
  /policy_evaluated
/row
identifiers
  header_frommejor.pl/header_from
/identifiers
auth_results
  dkim
domainmejor.pl/domain
resultfail/result
  /dkim
  spf
domainmejor.pl/domain
resultpass/result
  /spf
/auth_results
  /record
/feedback
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to Remove new line or space (or how to escape dkim selector)

[Marcin Mirosław]

W dniu 17.10.2013 18:09, Mike Cardwell pisze:
 * on the Thu, Oct 17, 2013 at 05:37:33PM +0200, Marcin Miros??aw wrote:
 
 Thanks! I saw word Perl in description of ${sg} and I wrongly assumed
 it launch perl engine.
 I'd like to ask for help in one more thing. I've got problem with nested
 braces:
 $ exim  -be '${sg{
 {${readfile{/etc/exim/dkim/test2.test.com.pl.selector}} } {\n|\ }{} }}'
 {131017}

 But I'm expecting to get only digits.
 When I remove braces arround ${readfile I'm getting:
 $ exim  -be '${sg{
 ${readfile{/etc/exim/dkim/test2.cadera.com.pl.selector}}  {\n|\ }{} }}'
 Failed: missing or misplaced { or }
 
 I first wrote out the ${sg} part:
 
 ${sg{}{}{}}
 
 I then added some newlines for readability:
 
 ${sg{
 }{
 }{
 }}
 
 I then added the arguments which we want to pass to ${sg}:
 
 ${sg{
 ${readfile{/etc/exim/dkim/test2.cadera.com.pl.selector}}
 }{
 \n|\ 
 }{
 
 }}
 
 I then compressed it down to a single line:
 
 ${sg{${readfile{/etc/exim/dkim/test2.cadera.com.pl.selector}}}{\n|\ }{}}
 
 It's almost the same as your second version apart from a semi-colon
 being out of place.
Hello!
Thank you Mike!
I've tried in similar way - added new line etc. But I did it wrong.
Thanks for describe good way to build such nested arguments.
Regards,
Marcin



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] How to Remove new line or space (or how to escape dkim selector)

[Marcin Mirosław]

Hi!
I'd like to setup configuration which supports keeping DKIM keyselector
in files. In one file I'd like to keep selector. Content of the file can
be string or string\n or ... \nstring\n\n. No one pay attention if
there is new line on the end of last line.
If I use selector which contains new line then Exim add new line to
headers. Then all headers are messed up.
As I can see I can't use ${tr} to remove a sign, which function could be
usefull in this case?
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to Remove new line or space (or how to escape dkim selector)

[Marcin Mirosław]

W dniu 17.10.2013 16:58, Mike Cardwell pisze:
 * on the Thu, Oct 17, 2013 at 04:42:39PM +0200, Marcin Miros??aw wrote:
 
 I'd like to setup configuration which supports keeping DKIM keyselector
 in files. In one file I'd like to keep selector. Content of the file can
 be string or string\n or ... \nstring\n\n. No one pay attention if
 there is new line on the end of last line.
 If I use selector which contains new line then Exim add new line to
 headers. Then all headers are messed up.
 As I can see I can't use ${tr} to remove a sign, which function could be
 usefull in this case?
 
 root@glue:~# exim4 -be '${sg{Foo\nBar\nWibble}{}{}}'
 Foo
 Bar
 Wibble
 root@glue:~# exim4 -be '${sg{Foo\nBar\nWibble}{\n}{}}'
 FooBarWibble
 root@glue:~# 

Thanks! I saw word Perl in description of ${sg} and I wrongly assumed
it launch perl engine.
I'd like to ask for help in one more thing. I've got problem with nested
braces:
$ exim  -be '${sg{
{${readfile{/etc/exim/dkim/test2.test.com.pl.selector}} } {\n|\ }{} }}'
{131017}

But I'm expecting to get only digits.
When I remove braces arround ${readfile I'm getting:
$ exim  -be '${sg{
${readfile{/etc/exim/dkim/test2.cadera.com.pl.selector}}  {\n|\ }{} }}'
Failed: missing or misplaced { or }

Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Exim can't resolve hostname of database when second email is sended in one TCP connection

[Marcin Mirosław]

Hello!
I'm testing new configuration using exim -bh x.y.z -d. I've noticed
strange behavior when I send HELO/EHLO after first mail was received.

I'm sending:

ehlo toja
mail from: a...@pl.inv
rcpt to: uzytkow...@test2.x.com.pl.inv
data


asdadasd

.

helo test
quit


When second HELO appears I'm getting in debug session:
SMTP ehlo test
sender_fullhost = google-public-dns-a.google.com (test) [8.8.8.8]
sender_rcvhost = google-public-dns-a.google.com ([8.8.8.8] helo=test)
set_process_info:  8450 handling incoming connection from
google-public-dns-a.google.com (test) [8.8.8.8]
using ACL acl_check_helo
processing drop
search_open: pgsql NULL
search_find: file=NULL
  key=SELECT domain FROM postfixadmin_domain WHERE domain = 'test' AND
active = '1' AND backupmx = '0' UNION select '@' partial=-1 affix=NULL
starflags=0
LRU list:
internal_search_find: file=NULL
  type=pgsql key=SELECT domain FROM postfixadmin_domain WHERE domain =
'test' AND active = '1' AND backupmx = '0' UNION select '@'
database lookup required for SELECT domain FROM postfixadmin_domain
WHERE domain = 'test' AND active = '1' AND backupmx = '0' UNION select '@'
PostgreSQL query: SELECT domain FROM postfixadmin_domain WHERE domain =
'test' AND active = '1' AND backupmx = '0' UNION select '@'
PGSQL new connection: host=pgsql port=5432 database=xx_poczta_test_db
user=xx_poczta_test
PGSQL connection failed: could not translate host name pgsql to
address: Name or service not known

lookup deferred: PGSQL connection failed: could not translate host name
pgsql to address: Name or service not known

LOG: MAIN PANIC
  failed to expand \n ${lookup pgsql{


Definition of pgsql_servers is:
hide pgsql_servers   = pgsql::5432/xx_poczta_test_db/xx_poczta_test/yy

Full hostname of database server is: pgsql.in.xx.com.pl
$ cat /etc/resolv.conf
search in.xx.com.pl
nameserver 192.168.1.35


$ host pgsql
pgsql.in.cadera.com.pl has address 192.168.1.220

When Iconfigure connection as:
hide pgsql_servers   =
pgsql.in.cadera.com.pl::5432/xx_poczta_test_db/xx_poczta_test/yy

or I add pgsql to /etc/hosts then problem disappears.
It looks like search option isn't applied when exim tries translate
hostname to address.

Ok, I run exim under strace, here is relevant part
when first time exim tries to resolve pgsql:
connect(3, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr(192.168.1.35)}, 16) = 0
gettimeofday({1381226200, 288600}, NULL) = 0
poll([{fd=3, events=POLLOUT}], 1, 0)= 1 ([{fd=3, revents=POLLOUT}])
sendto(3,
\224\242\1\0\0\1\0\0\0\0\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\1\0\1,
40, MSG_NOSIGNAL, NULL, 0) = 40
poll([{fd=3, events=POLLIN|POLLOUT}], 1, 5000) = 1 ([{fd=3,
revents=POLLOUT}])
sendto(3,
\214o\1\0\0\1\0\0\0\0\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\34\0\1, 40,
MSG_NOSIGNAL, NULL, 0) = 40
gettimeofday({1381226200, 289009}, NULL) = 0
poll([{fd=3, events=POLLIN}], 1, 4999)  = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [94])= 0
recvfrom(3,
\224\242\205\200\0\1\0\1\0\2\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\1\0\1\300\f\0\1\0\1\0\0*0\0\4\300\250\1\334\300\22\0\2\0\1\0\0*0\0\7\4dns1\300\22\300\22\0\2\0\1\0\0*0\0\7\4dns2\300\22,
2048, 0, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr(192.168.1.35)}, [16]) = 94
gettimeofday({1381226200, 293071}, NULL) = 0
poll([{fd=3, events=POLLIN}], 1, 4995)  = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [87])= 0
recvfrom(3,
\214o\205\200\0\1\0\0\0\1\0\0\5pgsql\2in\6cadera\3com\2pl\0\0\34\0\1\300\22\0\6\0\1\0\0*0\0#\4dns1\300\22\5admin\300\25w\3752`\0\0*0\0\0\34
\0\t:\200\0\0*0, 1954, 0, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr(192.168.1.35)}, [16]) = 87
close(3)

When second HELO is sended:
connect(3, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr(192.168.1.35)}, 16) = 0
gettimeofday({1381226202, 831438}, NULL) = 0
poll([{fd=3, events=POLLOUT}], 1, 0)= 1 ([{fd=3, revents=POLLOUT}])
sendto(3, \36V\1\0\0\1\0\0\0\0\0\0\5pgsql\0\0\1\0\1, 23, MSG_NOSIGNAL,
NULL, 0) = 23
poll([{fd=3, events=POLLIN|POLLOUT}], 1, 5000) = 1 ([{fd=3,
revents=POLLOUT}])
sendto(3, \256J\1\0\0\1\0\0\0\0\0\0\5pgsql\0\0\34\0\1, 23,
MSG_NOSIGNAL, NULL, 0) = 23
gettimeofday({1381226202, 831628}, NULL) = 0
poll([{fd=3, events=POLLIN}], 1, 4999)  = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [98])= 0
recvfrom(3,
\36V\201\203\0\1\0\0\0\1\0\0\5pgsql\0\0\1\0\1\0\0\6\0\1\0\0#\360\0@\1a\froot-servers\3net\0\5nstld\fverisign-grs\3com\0w\375{\0\0\0\7\10\0\0\3\204\0\t:\2
00\0\1Q\200, 2048, 0, {sa_family=AF_INET, sin_port=htons(53),
sin_addr=inet_addr(192.168.1.35)}, [16]) = 98
gettimeofday({1381226202, 834145}, NULL) = 0
poll([{fd=3, events=POLLIN}], 1, 4997)  = 1 ([{fd=3, revents=POLLIN}])
ioctl(3, FIONREAD, [98])= 0
recvfrom(3,
\256J\201\203\0\1\0\0\0\1\0\0\5pgsql\0\0\34\0\1\0\0\6\0\1\0\0#\360\0@\1a\froot-servers\3net\0\5nstld\fverisign-grs\3com\0w\375{\0\0\0\7\10\0\0\3\204\0\t:
\200\0\1Q\200, 1950, 0, {sa_family=AF_INET, sin_port=htons(53),

Re: [exim] [exim-dev] Exim 4.82 RC1 uploaded

[Marcin Mirosław]

W dniu 27.09.2013 04:11, Todd Lyons pisze:
 On Thu, Sep 26, 2013 at 6:46 AM, Todd Lyons tly...@exim.org wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 I have uploaded Exim 4.82 RC1 to
   ftp://ftp.exim.org/pub/exim/exim4/test/

Hi!
I can't compile with vanilla Makefile (simply copied file EDITME), I'm
getting:
$ LC_ALL=en_US.utf-8 make
/bin/sh scripts/source_checks
sort: -:5: disorder: accept_8bitmime
make: *** [checks] Error 1

$ LC_ALL=en_US.utf-8 sort --version
sort (GNU coreutils) 8.21
Packaged by Gentoo (8.21 (p1.0))
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
http://gnu.org/licenses/gpl.html.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Mike Haertel and Paul Eggert.

Regards,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [exim-dev] Exim 4.82 RC1 uploaded

[Marcin Mirosław]

W dniu 27.09.2013 14:15, Todd Lyons pisze:
 On Fri, Sep 27, 2013 at 2:49 AM, Marcin Mirosław mar...@mejor.pl wrote:
 Hi!
 I can't compile with vanilla Makefile (simply copied file EDITME), I'm
 getting:
 $ LC_ALL=en_US.utf-8 make
 /bin/sh scripts/source_checks
 sort: -:5: disorder: accept_8bitmime
 make: *** [checks] Error 1
 
 Is there a reason that you are specifying the language in that manner?
  It works if you do:
 
 LC_ALL=C make

Originally I've used:
LC_CTYPE=pl_PL.utf8
LC_NUMERIC=pl_PL.utf8
LC_TIME=pl_PL.utf8
LC_COLLATE=pl_PL.utf8
LC_MONETARY=pl_PL.utf8
LC_MESSAGES=C
LC_PAPER=pl_PL.utf8
LC_NAME=pl_PL.utf8
LC_ADDRESS=pl_PL.utf8
LC_TELEPHONE=pl_PL.utf8
LC_MEASUREMENT=pl_PL.utf8
LC_IDENTIFICATION=pl_PL.utf8
With attached patch problem with sort didn't appear.
Thanks!
Marcin
P.S. I've made analysis using clang:
http://mejor.pl/clang-analysis/exim-4.82-rc1/ , maybe you find something
interested in it.


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] TLS problems of late

[Marcin Mirosław]

W dniu 22.02.2013 14:29, Warren Baker pisze:
 HI All,
 
 Has anyone noticed a problem with exim-4.80.01+OpenSSL 1.0.1e
 (installed from FreeBSD ports) and it delivering to remote hosts using
 TLS?

Hi!
I've got simillar problem with openssl-1.0.1c. Exim couldn't deliver
email usint TLS to Exchange. I didn't had time to debug it, I've
switched from openssl to gnutls. (I'm using gentoo).
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to interpret pasted snip of log?

[Marcin Mirosław]

W dniu 04.01.2013 14:45, Adam D. Barratt pisze:
Hi!
 On 04.01.2013 10:24, Sander Smeenk wrote:
 Quoting Marcin Mirosław (mar...@mejor.pl):

 I'm wondering why I've got in main_log
 H=(mnch-4d044ae7.pool.mediaWays.net) in first line, and
 H=mnch-4d044ae7.pool.mediaways.net in second line in the same delivery?

 As far as i know, the first H= enclosed in brackets is what the remote
 host put behind EHLO/HELO. The H= line without brackets is what Exim got
 after DNS resolving.

 Can't find where this is written in the docs either but is seem to
 recall having read about this.
 
 http://www.exim.org/exim-html-current/doc/html/spec_html/ch-log_files.html#SECID251
Thanks for answers and help.
At first moment your explanation was good for me. It could looks it is
delay in dns resolving of HELO/EHLO name. But there was still something
which puzzles me.
So I did some tests. I added warn log_message=testX in a few places
and sent a few mails using swaks. EHLO always was the same so it should
be in local cache of resolver.
After some debugging I found why format of H= is changed. This wasn't
delay in dns resolving. The reason is I used warn with
verify=reverse_host_lookup beetwen lines with log_message.

Next I noticed I had host_lookup=: so I changed this to
host_lookup=*. Solved:)

Thanks again,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] logs

[Marcin Mirosław]

W dniu 04.01.2013 10:13, eximmail pisze:
Hi!
 I am getting this in my log files a lot and am wondering why?
 
 
 no IP address found for host phpbbspprt840.gmail.com (during SMTP
 connection from unlocktheinbox.com (mail.unlocktheinbox.com)
 [168.144.32.45])
 
 no IP address found for host phpbbspprt840.gmail.com (during SMTP
 connection from mout.gmx.net [74.208.4.200])
 
 no IP address found for host phpbbspprt840.gmail.com (during SMTP
 connection from strong-eds-02.klga1.s.vonagenetworks.net [216.115.18.24])
 
 If you notice every time an email comes in from wherever it always has
 phpbbspprt840.gmail.com attached to it.
 
 The normal email does come in and the headers from the mail does not
 show this, only the logs.
 
 Can someone help me figure this out please.

Please show content of /etc/resolv.conf , /etc/hosts
and what `hostname` says.
And I think this isn't problem with exim but with configuration of your OS.
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] logs

[Marcin Mirosław]

W dniu 04.01.2013 10:53, Jan Ingvoldstad pisze:
 On Fri, Jan 4, 2013 at 10:24 AM, Marcin Mirosław mar...@mejor.pl wrote:
 Please show content of /etc/resolv.conf , /etc/hosts
 and what `hostname` says.
 And I think this isn't problem with exim but with configuration of your OS.

 
 No, that is a red herring. The hostname phpbbspprt840.gmail.com does not
 exist in DNS:

I was wrong, thanks.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] How to interpret pasted snip of log?

[Marcin Mirosław]

Hi!
I'm looking at
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-log_files.html
and I can't find answer. I'm wondering why I've got in main_log
H=(mnch-4d044ae7.pool.mediaWays.net) in first line, and
H=mnch-4d044ae7.pool.mediaways.net in second line in the same delivery?

Second line is more correct for me because 77.4.74.231 has FCRDNS.
Below is snippet from log:
2013-01-03 16:24:55 1Tqmf8-0001lO-JU
H=(mnch-4d044ae7.pool.mediaWays.net) [77.4.74.231] I=[77.252.119.98]:25
Warning: Punkty SA:255
2013-01-03 16:24:55 1Tqmf8-0001lO-JU H=mnch-4d044ae7.pool.mediaways.net
[77.4.74.231] I=[77.252.119.98]:25 Warning: to jest spam

And here is snippet frm exim.conf:
acl_smtp_data = acl_check_data
[...]
acl_check_data:
[...]
warn
message = X-Spam-Score:$spam_score_int
spam= nobody:true
log_message = Punkty SA:$spam_score_int
[...]
warn
message = This message scored $spam_score spam
points. / Ta wiadomosc to spam.
# set acl_m1= ham
spam= nobody:true
condition   = ${if {$spam_score_int}{55}{1}{0}}
set acl_m1  = spam
control = fakereject/Rejected.This message
scored $spam_score spam points.SC. / Ta wiadomosc to spam. Zostala
odrzucona.
log_message = to jest spam
#delay  = 1s

Could it be result of delaying in dns resolving?
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Non ascii characters in recipient address creates frozen bounce

[Marcin Mirosław]

W dniu 29.11.2012 22:54, Phil Pennock pisze:
 On 2012-11-29 at 17:51 +0100, Marcin Mirosław wrote:
 W dniu 29.11.2012 16:15, Marcin Mirosław pisze:
 Configuration of virtual_delivery transport is defined as below:
 virtual_user:
 driver  = accept
 domains = +local_domains
 condition   = ${lookup pgsql{SQL_CZY_ISTNIEJE_UZYTK}}
 transport   = virtual_delivery
 dsn_process

 SQL_CZY_ISTNIEJE_UZYTK = SELECT 1 FROM exim_users \
 WHERE login=lower(E'${quote_pgsql:$local_part}')
 AND aktywny = true AND tylko_wysylanie = false


 I've wrote and sent email too fast:/
 Transport configuration is:
 virtual_delivery:
 driver  = pipe
 command = /usr/libexec/dovecot/deliver -d
 $local_part
 delivery_date_add
 envelope_to_add
 return_path_add
 user= mail
 log_output
 temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
 shadow_condition=${if {$spam_score_int}{0}}
 shadow_transport=ham_transport_kopia
 
 Bear with me as I pick apart what's going on.  I might have made a
 mistake and perhaps one of the other developers can point it out.
 
 So, when Exim creates a bounce message, it creates a child Exim process
 and generates the bounce message to feed to it on stdin.  Process
 failed (1) when writing error message is saying that Exim process
 exited non-zero.
 
 Assuming that you have not set the bounce_sender_authentication main
 option, then the child Exim is invoked:
   exim -t -oem -oi -f  -E$original_message_id
 
 This seems strange, the use of -oem with -f , because the point of
 -oem is that errors will be sent to the sender as a new message, which
 can't happen, and it seems that the actual cause of the complaint will
 then never get logged.  Plus, -oem supposedly results in Exim always
 exiting non-zero, which means we'd always see that error message!
 Apparently, the documentation isn't write and it means that Exim always
 exits non-zero, unless the message was successfully received and parsed,
 in which case it always exits success.
 
 The receiving Exim forks again for the delivery, after receiving the
 message, and the return value from the delivery affects the exit code of
 that delivery process, but Exim doesn't care about that exit code, it's
 not looked at ever.  (The delivery Exim process will have forked a third
 time, because you're using a pipe to run an external command, and _that_
 exit code will be looked at).
 
 A full flow to completion:
 
   Process 1: Exim which generates the bounce message
   Process 2: Exim which receives the bounce message
   Process 3: Exim which delivers the bounce message, much like any delivery
   Process 4: Pipe transport command used for the delivery
 
 Exit code of P4 is reported/recorded; exit code of P3 is ignored; Exit
 code of P2 is the one which causes P1 to generate the log message.
 
 Per docs, P2 should always exit non-zero, because of -oem, although the
 local_scan API docs note that child_open_exim() should normally return
 0, despite documenting that it uses -oem.  (And not documenting the -E
 for passing the original message id).
 
 The delivery status of P3 doesn't matter, and by that point, I think
 that P2 is destined to exit 0, thus we can assert that Exim is not
 getting as far as trying to deliver the bounce message, so P2 is failing
 during message reception.
 
 I wonder if this is the X-Failed-Recipients: header causing issues for
 containing unescaped non-ASCII?  I'm not seeing what would cause that.
 
 I think I must have missed something here.

Hi!
On the begin I'd like to wish you all the best in 2013 year!

I've tried to follow you but I'm afraid this description is too low
level for my understanding of exim. Should I assume this is potential
bug in exim or bug in my configuration? Or maybe I can provide some
other information about it?
Thanks,
Marcin.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Non ascii characters in recipient address creates frozen bounce

[Marcin Mirosław]

W dniu 29.11.2012 02:17, Phil Pennock pisze:

Hi Phil, hi Jeremy, hi all!
Jeremy, I thought that MUA received 550 in session. I was wrong, my
fault, MUA session was completed without error. So it's completly ok for
me that exim generated bounce. Now I'm concentrating on error code 1.

 On 2012-11-28 at 16:08 +0100, Marcin Mirosław wrote:
 2012-11-28 15:40:45 1Tdiof-0007d2-JV ** zzzńz...@.pl: Unknown user /
 Nie ma takiego uzytkownika
 2012-11-28 15:40:46 1Tdiof-0007d2-JV Process failed (1) when writing
 error message to yyy...@.pl (frozen)

 Hex values for character ń in exim_main.log are: C5 84

 I don't understand what happend after rejecting message, at a line with
 time 15:40:46. Why exim wanted create bounce message and why process
 failed with error code 1?



 Just tried that to a friend's system, it bounced just fine.
 
 2012-11-29 01:10:59 [71195] 1TdseY-000IWI-Kl ** zzzńz...@firedrake.org
   F=phil.penn...@spodhuis.org P=prvs=0680ff0160=phil.penn...@spodhuis.org
   R=outbound_signed T=remote_dksign:
   SMTP error from remote mail server after RCPT 
 TO:zzz\305\204...@firedrake.org:
   host mx0.firedrake.org [193.201.200.77]: 550 Unrouteable address
 2012-11-29 01:10:59 [71198] 1TdseZ-000IWM-Eo =  R=1TdseY-000IWI-Kl
   U=exim P=local S=806 for phil.penn...@spodhuis.org
 2012-11-29 01:10:59 [71195] 1TdseY-000IWI-Kl Completed QT=1s
 2012-11-29 01:10:59 [71200] 1TdseZ-000IWM-Eo = phil 
 phil.penn...@spodhuis.org
   F= P= R=imap_user T=imap_inject QT=0s DT=0s
 2012-11-29 01:10:59 [71200] 1TdseZ-000IWM-Eo Completed QT=0s


 It seems likely that the error depends upon the transport used for
 delivering the bounce message.  If you use 'exim -bt yyy...@.pl' to
 determine that, and grab the configuration for the Transport used, then
 could you please paste that configuration into a reply here?

I've looked into spool directory, I found another one message with
similar state. In second case the email was sended by authorized user to
external domain.
Snippet form log (again, sorry for obfuscation, it's not my email address):
# cat /var/spool/exim/msglog/1TdLJC-cu-26
2012-11-27 14:34:42 Received from c...@mydomain.pl H=(m) [192.168.2.134]
I=[192.168.2.1]:587 P=esmtpa A=fixed_login: S=1299332
id=B501EF8474E84AA7B23039BB
F62B18E3@m
2012-11-27 14:34:42 routing failed for d@pl.pepperl-fuchs:
Unrouteable address
Process failed (1) when writing error message to c...@mydomain.pl (frozen)


As we can see destination domain is wrong, it is a mistake made by user.
Exim -bt shows (in both cases):
  router = virtual_user, transport = virtual_delivery

Configuration of virtual_delivery transport is defined as below:
virtual_user:
driver  = accept
domains = +local_domains
condition   = ${lookup pgsql{SQL_CZY_ISTNIEJE_UZYTK}}
transport   = virtual_delivery
dsn_process

SQL_CZY_ISTNIEJE_UZYTK = SELECT 1 FROM exim_users \
WHERE login=lower(E'${quote_pgsql:$local_part}')
AND aktywny = true AND tylko_wysylanie = false

Meseems incorrect recipient address shouldn't be used in any place in
transport but there is high probability I'm wrong:)
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Non ascii characters in recipient address creates frozen bounce

[Marcin Mirosław]

W dniu 29.11.2012 16:15, Marcin Mirosław pisze:
 Configuration of virtual_delivery transport is defined as below:
 virtual_user:
 driver  = accept
 domains = +local_domains
 condition   = ${lookup pgsql{SQL_CZY_ISTNIEJE_UZYTK}}
 transport   = virtual_delivery
 dsn_process
 
 SQL_CZY_ISTNIEJE_UZYTK = SELECT 1 FROM exim_users \
 WHERE login=lower(E'${quote_pgsql:$local_part}')
 AND aktywny = true AND tylko_wysylanie = false


I've wrote and sent email too fast:/
Transport configuration is:
virtual_delivery:
driver  = pipe
command = /usr/libexec/dovecot/deliver -d
$local_part
delivery_date_add
envelope_to_add
return_path_add
user= mail
log_output
temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
shadow_condition=${if {$spam_score_int}{0}}
shadow_transport=ham_transport_kopia

Sorry.
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Non ascii characters in recipient address creates bounce

[Marcin Mirosław]

Hi!
Authorized sender made mistake, used non ascii character in recipient
address. Please look at log (and please forgive me little obfuscation):
2012-11-28 15:40:45 1Tdiof-0007d2-JV = yyy...@.pl
H=([192.168.2.143]) [192.168.2.143] I=[192.168.2.1]:587 P=esmtpa
A=fixed_plain:yy S=76559 id=50b62270.1060...@.pl
2012-11-28 15:40:45 1Tdiof-0007d2-JV ** zzzńz...@.pl: Unknown user /
Nie ma takiego uzytkownika
2012-11-28 15:40:46 1Tdiof-0007d2-JV Process failed (1) when writing
error message to yyy...@.pl (frozen)

Hex values for character ń in exim_main.log are: C5 84

I don't understand what happend after rejecting message, at a line with
time 15:40:46. Why exim wanted create bounce message and why process
failed with error code 1?
Thanks, Marcin.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Storing Data in MySQL

[Marcin Mirosław]

W dniu 2012-11-27 23:08, Always Learning pisze:
 Exim documentation chapter 9 refers to 'lookup' which doesn't mean
 look-up but 'collect' information.  (One has to collect, or try to
 collect, the data before one can verify its existence or its
 compatibility.)
 
 Does Exim permit the storage of information into MySQL ?  For example,
 insert into    If so, what replaces the Exim 'lookup' verb ?

Hi!
You don't have to use output of lookup to anything so it means, yes, you
can do insert into  in lookup query. E.g.:

[...somewhere in acl_check_data ...]
warn
condition   = ${lookup pgsql {PGSQL_Q_DODAJ_PUNKTY}}
[...]

# final accept
accept


Where PGSQL_Q_DODAJ_PUNKTY is defined as:
INSERT INTO exim_ipki_scoring (ip,punkty,domena) VALUES
(E'${quote_pgsql:$sender_host_address}' , \
 E'${quote_pgsql:$spam_score_int}' , \
E'${quote_pgsql:$sender_address_domain}' )

But please notice if client disconnect after you insert tuple to
database and before client receive final 2xx  then exim throw away
email but you will have tuple in database.
I hope I write it clear enough, I don't speak english well.
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] exim_tidydb doesn't make databases smaller

[Marcin Mirosław]

W dniu 23.11.2012 13:32, Arkadiusz Miśkiewicz pisze:
 Hi.
 
 Shouldn't exim_tidydb make databases physically smaller?
 
 # ls -al /var/spool/exim/db/callout
 -rw-r- 1 exim exim 677601280 11-23 13:25 /var/spool/exim/db/callout
 
 # exim_tidydb -t 2d /var/spool/exim/ callout  /dev/null
 # ls -al /var/spool/exim/db/callout
 -rw-r- 1 exim exim 677601280 11-23 13:25 /var/spool/exim/db/callout
 
 # exim_tidydb -t 1d /var/spool/exim/ callout  /dev/null
 # ls -al /var/spool/exim/db/callout
 -rw-r- 1 exim exim 677601280 11-23 13:26 /var/spool/exim/db/callout
 
 # exim_tidydb -t 0d /var/spool/exim/ callout  /dev/null
 # ls -al /var/spool/exim/db/callout
 -rw-r- 1 exim exim 677593088 11-23 13:27 /var/spool/exim/db/callout
 
 and no, no errors, after few calls it made db empty:
 # exim_tidydb -t 0d /var/spool/exim/ callout 
 Tidying Exim hints database /var/spool/exim//db/callout
 Tidying complete
 
 but still
 
 -rw-r- 1 exim exim 677593088 11-23 13:28 /var/spool/exim/db/callout
 
 The problem is that it grows and grows filling my /var. How to make it shrink 
 db?

Hi Arek!
 # exim_tidydb -t 0d /var/spool/exim/ callout
 Tidying Exim hints database /var/spool/exim//db/callout
 Tidying complete

This shows that exim_tidydb didn't remove any record so database can't
be shrinked. exim_tidydb prints every removed records so you shold be
flooded with messages:
deleted 123a...@xxx.pl (too old)
deleted 0e906b...@xxx.pl (too old)
deleted 08e3...@xxx.pl (too old)
deleted 0836a...@xxx.pl (too old

What exim_dumpdb says about callout database?
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] db based IP blacklist

[Marcin Mirosław]

W dniu 2012-10-27 21:51, Alexander Nagel napisał(a):

Hi,

I have a simple IP list in my PostGreSQL with inet as type in the 
table.

Currently i have this snippet in my exim4.conf file in the
acl_smtp_connect part.

drop
condition = ${if eq{$sender_host_address}{${lookup 
pgsql{PG_Q_BLACKLIST

message = REJECTED - You are blacklisted
log_message = REJECTED - $sender_host_address is blacklisted.

This works with a single IP address. But I want to add whole ranges 
of

IP addresses like 192.1.0.0/24
How do I have to change the condition?


Hi Alex,
so you would like to block all /24 net if any ip address within this 
network is in your database?
Meseems you should use = operator in your sql query(which you didn't 
provide - I'm guessing how it can looks like) and condition create as 
below:
condition = ${if eq{${mask:$sender_host_address/24}{${lookup 
pgsql{PG_Q_BLACKLIST


Regards,
Marcin

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Possible bug in Exim

[Marcin Mirosław]

W dniu 18.10.2012 15:55, Marc Perkel pisze:
 I'll do bugzilla if I'm not crazy but thought I'd post it here first to
 see if I'm nuts.
 
 
 In the transports this works:
 
 helo_data = SERVER_NAME.junkemailfilter.com
 
 However this does not work:
 
 helo_data = $acl_c_helo_data
 
 The helo becomes an empty string. And I'm sure the variable is set
 properly. It's as if acl variables don't work in the transport?

Hi!
I've tried with exim-4.80 and i couldn't reproduce such situation. I've
set acl_c_helo_data in acl_check_rcpt and it works, I've tried
acl_check_data also and still it works.
Regards,
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] How to do callout to specific address?

[Marcin Mirosław]

Hello!
I'd like to use exim to callout senders mta and check if given users
exists[1]. In doc I can see callout is only doing for checking if sender
or postmaster exists. So I assume it needs some more configuration that
adding one word to verify=sender/callout line.
I'd like to ask for some advice.

Second quuestion is can I modify behavior of verify=reverse_host_lookup?
I'd like to set acl_m_xxx depending on success or failure of
verification. Problem appers when dns server doesn't respond (e.g. PTR
record for 117.18.231.4). Acl:
warn verify=reverse_host_lookup
throws warning (no problem) but exim responds 4xx to the client (this is
not ok in this case). Is it possible to catch such cases, set acl_m_xxx
to proper value (e.g. unknown) and pass to next acl?

I'm using exim-4.80.

Marcin


[1] - I'd like to only check if abuse@ and postmaster@ exists.
(rfc-ignorant is going down...)

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to do callout to specific address?

[Marcin Mirosław]

W dniu 2012-10-01 20:26, Jeremy Harris pisze:

Hello Jeremy,
 On 10/01/2012 02:55 PM, Marcin Mirosław wrote:
 I'd like to use exim to callout senders mta and check if given users
 exists[1]. In doc I can see callout is only doing for checking if sender
 or postmaster exists. So I assume it needs some more configuration that
 adding one word to verify=sender/callout line.
 I'd like to ask for some advice.
 
 There's no particularly convenient way of doing what you want
 (verifying if abuse@$sender_address_domain exists).  You could
 raise a wishlist item at http://bugs.exim.org/enter_bug.cgi?product=Exim

I'll try. In meanwhile I've found idea I can run swaks ( --quit-after
RCPT) from exim with simple sh wrapper.

 Second quuestion is can I modify behavior of verify=reverse_host_lookup?
 I'd like to set acl_m_xxx depending on success or failure of
 verification. Problem appers when dns server doesn't respond (e.g. PTR
 record for 117.18.231.4). Acl:
 warn verify=reverse_host_lookup
 throws warning (no problem) but exim responds 4xx to the client (this is
 not ok in this case). Is it possible to catch such cases, set acl_m_xxx
 to proper value (e.g. unknown) and pass to next acl?
 
 Does the method mentioned in http://bugs.exim.org/show_bug.cgi?id=251
 work for you, modified for your case?

Yes, thanks! It works as I wish.
Thanks for tips!
Marcin


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to do callout to specific address?

[Marcin Mirosław]

W dniu 2012-10-01 22:57, Marcin Mirosław pisze:
 W dniu 2012-10-01 20:26, Jeremy Harris pisze:
 
 Hello Jeremy,
 On 10/01/2012 02:55 PM, Marcin Mirosław wrote:
[...]
 Does the method mentioned in http://bugs.exim.org/show_bug.cgi?id=251
 work for you, modified for your case?
 
 Yes, thanks! It works as I wish.

Finally I wrote this in this way:
 warn
set acl_m_fcrdns= NULL
warn
verify  = reverse_host_lookup
set acl_m_fcrdns= 1
warn
!verify = reverse_host_lookup
set acl_m_fcrdns= 0

This has advantage that all pieces of checking reverse_host are in one
place;)
Marcin



-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim remote smtp response code

[Marcin Mirosław]

W dniu 01.07.2012 06:23, Nguyen Quan pisze:
 Hello Exim,
 
 I'm using Exim right now, and I have some issues to solve.
 How can I config in exim.conf to return every of remote smtp response code,
 include 2xx, 4xx and 5xx, when Exim connect to another mail server such as
 Yahoo or Google?

Hi!
Does smtp_* options in log_selector[1] do want you need?
Regards

[1]-
http://www.exim.org/exim-html-current/doc/html/spec_html/ch51.html#SECTlogselector

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] using name of host in spamd_address

[Marcin Mirosław]

W dniu 01.06.2012 00:25, Jeremy Harris pisze:
 On 2012-05-31 15:54, Marcin Mirosław wrote:
 I'd like to use hostname instead numeric ip in spamd_address variable.
 
 I've found bugs about it[1][2]. They are marked as fixed in 4.77 but it
 looks for me they aren't fixed. I still can't use hostname in
 spamd_address. Could it be those bugs are fixed partially (i mean was
 added expansion of spamd_address only)
 
 That's how I read the current state of play.  I suggest opening a new
 feature request bug specifically for name support.  In the meantime,
 can you use a dnsdb lookup?

I've filled bug 1259. I'm calling $spam_score about 5 times, docs says:
The spam condition caches its results unless expansion in spamd_address
was used. I'd like to spare some cpu cycles.
Thanks,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] DKIM debugging

[Marcin Mirosław]

W dniu 2012-04-22 12:26, Wolfgang Breyha pisze:
 Hi!
 
 I have found a bunch of emails from groupon.de which DKIM Sig didn't verify
 successfully in exim, but in Mail::DKIM it does even if I remove the
 DomainKeys Sig.
 
 Is there an easy way to feed the .eml file into exim only to debug DKIM?

Hello!
Could it be similar problem to mine?
http://www.exim.org/lurker/message/20120119.154235.ab4ab522.pl.html
Regards,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] using name of host in spamd_address

[Marcin Mirosław]

Hello!
I'd like to use hostname instead numeric ip in spamd_address variable.
I've added host to /etc/hosts file:
$ grep sa /etc/hosts
127.0.0.1   sa
$ ping sa
PING sa (127.0.0.1) 56(84) bytes of data.
64 bytes from meteor.mejor.pl (127.0.0.1): icmp_req=1 ttl=60 time=0.000 ms
64 bytes from meteor.mejor.pl (127.0.0.1): icmp_req=2 ttl=60 time=0.000 ms
^C

In exim.conf, in main section i've got:
spamd_address = sa 783
With such configuration exim-4,77 throws to log:
2012-04-04 16:20:59 1SFR4t-0003rv-M8 spam acl condition: warning - spamd
connection to sa, port 783 failed: Network is unreachable

I didn't have such problem with configuring connection to sql server,
hostname works.
Is it possible to use hostname in spamd_address or i'm doing it in wrong
way?

Thanks,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Checking header against RFC2822

[Marcin Mirosław]

W dniu 28.02.2012 16:23, Pavel Gulchouck pisze:
 Hello,
 
 if a message contains header field
 To: user@domain user@domain
 then verify = header_syntax returns error, in my case
 
 Feb 28 14:59:02 gopher exim[74934]: 2012-02-28 14:59:02 1S2Mdm-000JUc-Ch 
 H=happy.kiev.ua (happy) [213.133.161.33] F=g...@gul.kiev.ua rejected after 
 DATA: message header fail syntax check: malformed address: 
 q...@happy.kiev.ua\n may not follow q...@happy.kiev.ua : failing address in 
 To: header is: q...@happy.kiev.ua q...@happy.kiev.ua
 
 But why?

Hello,
there is explanation: http://wiki.exim.org/FAQ/General_Debugging/Q0087
Regards,
Marcin.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] DKIM problems

[Marcin Mirosław]

W dniu 19.01.2012 22:34, Marcin Mirosław pisze:
 W dniu 2012-01-19 21:49, Phil Pennock napisał(a):
 If you have a copy of such an email which you're willing to share, then
 could you please forward it, WITH ALL HEADERS INTACT, to me and I'll
 try to find time to take a look.
 
 I sended such mail to you offlist.
 Thank you.
 

Hello!
Did you have some time to look into problematic email?
Regards,
Marcin

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] DKIM problems

[Marcin Mirosław]

W dniu 11.01.2012 20:12, David Saez Padros pisze:
 Hi
 
 I'm having problems with domains for which i get the error
 verification failed - signature did not verify while cheking
 dkim signature (gravatar.com, sophos.com, paypal-promo.es,
 akismet.com ..) but for example gmail.com does not have this
 problem, is somebody else seing this too ?

Hi,
i have similar problem, message is diffrent than yours so i'm not sure
it's the same problem. Emails from domain interia.pl triggers message:
DKIM: d=interia.pl s=biztos c=relaxed/relaxed a=rsa-sha256 t=1326986132
[verification failed - signature did not verify (headers
probably modified in transit)]

but when i run ./dkimverify.pl test.eml i get verify result: pass.
I'm not sure who is right, exim or Mail-DKIM.
Regards.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] DKIM problems

[Marcin Mirosław]

W dniu 2012-01-19 21:49, Phil Pennock napisał(a):
If you have a copy of such an email which you're willing to share, 
then

could you please forward it, WITH ALL HEADERS INTACT, to me and I'll
try to find time to take a look.


I sended such mail to you offlist.
Thank you.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Mysql support - no errors but checking compiled in

[Marcin Mirosław]

Hello!
try fake debug session: exim -bh 1.2.3.4 -d+acl , it can help you to 
find out what is going on.

Is posible sql query returns more than one tuple?
Regards,
Marcin

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Mysql support - no errors but checking compiled in

[Marcin Mirosław]

W dniu 29.09.2011 08:17, Ron White pisze:

One more thing,

domainlist hosted_domains = ${lookup mysql{MYSQL_HOSTEDDOMAINLIST}}


here you use variable hosted_domains


relevant ACL clause
check_rcpt:
accept  domains = local_domains : *.local_domains
denymessage = relay not permitted


But in ACL you don't. :hosted_domains is missing?
Regards,
Marcin

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Still thinking about acls

[Marcin Mirosław]

Hi again!
I've prepared simple, test configuration:
domainlist local_domains = @ : : test2.com
#    there is whitespace

begin acl
acl_check_rcpt

deny
 sender_domains = +local_domains
  message = test reject
[...]

Fake session shows that this conditions is always met:
14:03:32 28800 SMTP 250-localhost Hello test [1.1.1.1]
14:03:32 28800 250-SIZE 52428800
14:03:32 28800 250-PIPELINING
14:03:32 28800 250 HELP
14:03:32 28800 SMTP mail from:
14:03:32 28800 SMTP 250 OK
250 OK
14:03:32 28800 SMTP rcpt to:a...@.com
14:03:32 28800 using ACL acl_check_rcpt
14:03:32 28800 processing deny
14:03:32 28800 check sender_domains = +local_domains
14:03:32 28800  in @ : test1.com : : test2.com? yes (matched )
14:03:32 28800  in +local_domains? yes (matched +local_domains)
14:03:32 28800 deny: condition test succeeded
14:03:32 28800 SMTP 550 test reject
550 test reject

According to:
http://www.exim.org/exim-html-current/doc/html/spec_html/ch10.html#SECTdomainlist

meseems that this is case described as point If none of the above cases
apply, a caseless textual comparison is made between the pattern and the
domain. But it looks that empty char ( matched  in log ) works the
same as * (asterisk). Did i (again...) miss some piece of documentation?

Thanks for reply.
Regards,
Marcin.

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [solved] Still thinking about acls

[Marcin Mirosław]

Empty sender (bounce message: ) is equal to empty field in
local_domains. Doc is fine ;)

Regards:)

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] PGSQL: no data found - when dns lookup fail

[Marcin Mirosław]

Hello!
I've found in reject log messages with reject error PGSQL: no data
found. For example:
2011-04-09 07:12:06 H=(180.245.254.157) [180.245.254.157]
I=[193.238.12.139]:25 F=e...@9spwx.ru temporarily rejected RCPT
o...@vipmaster.ru: PGSQL: no data found

domain vipmaster.ru isn't local domain, bot tried to relay via my mx.

I've made little investigation. Please look at those two lines:
2011-04-15 12:44:47 H=(localhost) [x.x.x.x] I=[193.238.12.139]:25
F=a...@ww.pl temporarily rejected RCPT s...@xxxkolekcja.mejor.pl:
PGSQL: no data found
2011-04-15 12:44:57 H=correct.revdns.of.ip (localhost) [x.x.x.x]
I=[193.238.12.139]:25 F=a...@ww.pl rejected RCPT
s...@xxxkolekcja.mejor.pl: relay not permitted (brak autoryzacji)

In booth cases, domain XXXkolekcja.mejor.pl isn't in local domain.
First line was created while named was down, exim couldn't verify
reverse_host_lookup (exim reponsed 451 Temporary local problem - please
try later to client ). The second one was logged while named was up,
exim could verify reverse ip (exim responsed 550 relay not permitted
to client).

I'm wondering why exim throws PGSQL: no data found to reject log,
shouldn't log somthing like host lookup failed?

In exim.conf there are a couple places when i'm making psql lookup. All
sql queries has domena='${quote_pgsql:$domain}' in WHERE clausule so all
of them return zero records.

Example query:
domainlist local_domains = localhost : @ : \
${lookup pgsql {SELECT domena FROM exim_users where \
domena='${quote_pgsql:$domain}' limit 1 }}: \
${lookup pgsql {select regexp_replace(alias, '.*@','') \
from exim_aliasy where alias like '%@${quote_pgsql:$domain}' }}

# exim -bV
Exim version 4.75 #1 built 15-Apr-2011 11:52:38
Copyright (c) University of Cambridge, 1995 - 2007
Berkeley DB: Berkeley DB 4.8.30: (2010-08-28)
Support for: crypteq iconv() IPv6 OpenSSL Content_Scanning DKIM
Old_Demime Experimental_SRS
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm
dbmnz dnsdb dsearch passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply pipe smtp CW_DSN_1.3
Fixed never_users: 0
Size of off_t: 4
OpenSSL compile-time version: OpenSSL 1.0.0d 8 Feb 2011
OpenSSL runtime version: OpenSSL 1.0.0d 8 Feb 2011
Configuration file is /etc/exim/exim.conf

Postgresql-9.0

If more information, content of acl_check_rcpt will be needed, please
let me know.
Thanks for suggestions.
Marcin


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] PGSQL: no data found - when dns lookup fail

[Marcin Mirosław]

I've got another one quesion.
In conf file i've got:

domainlist local_domains = localhost : @ : \
${lookup pgsql {SELECT domena FROM exim_users where \
domena='${quote_pgsql:$domain}' limit 1 }}: \
${lookup pgsql {select regexp_replace(alias, '.*@','') \
from exim_aliasy where alias like '%@${quote_pgsql:$domain}' }}

acl_check_rcpt:
[...]
deny
  !hosts  = : +relay_from_hosts
  sender_domains  = +local_domains
  message = You are not authenticated


fake debug session:

processing deny
check domains = +local_domains
search_open: pgsql NULL
search_find: file=NULL
  key=SELECT domena FROM exim_users where domena='xxxkolekcja.mejor.pl'
limit 1  partial=-1 affix=NULL starflags=0
LRU list:
internal_search_find: file=NULL
  type=pgsql key=SELECT domena FROM exim_users where
domena='xxxkolekcja.mejor.pl' limit 1 
database lookup required for SELECT domena FROM exim_users where
domena='xxxkolekcja.mejor.pl' limit 1
PostgreSQL query: SELECT domena FROM exim_users where
domena='xxxkolekcja.mejor.pl' limit 1
PGSQL new connection: host=127.0.0.1 port= database=exim user=eximuser
PGSQL: no data found
lookup failed
search_open: pgsql NULL
  cached open
search_find: file=NULL
  key=select regexp_replace(alias, '.*@','') from exim_aliasy where
alias like '%@xxxkolekcja.mejor.pl'  partial=-1 affix=NULL starflags=0
LRU list:
internal_search_find: file=NULL
  type=pgsql key=select regexp_replace(alias, '.*@','') from
exim_aliasy where alias like '%@xxxkolekcja.mejor.pl' 
database lookup required for select regexp_replace(alias, '.*@','') from
exim_aliasy where alias like '%@xxxkolekcja.mejor.pl'
PostgreSQL query: select regexp_replace(alias, '.*@','') from
exim_aliasy where alias like '%@xxxkolekcja.mejor.pl'
PGSQL using cached connection for 127.0.0.1/exim/eximuser
PGSQL: no data found
lookup failed
xxxkolekcja.mejor.pl in localhost : @ :  : ? no (end of list)
xxxkolekcja.mejor.pl in +local_domains? no (end of list)
deny: condition test failed


Meseems that all condition is failed because pgsql lookup is failed. I
don't know how to change config to have exim treating empty result from
sql query as valid lookup. Is it possible?
Regards,
Marcin




-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] False postitve diagnosis Heuristics.Structured.CreditCardNumber

[Marcin Mirosław]

W dniu 2011-03-15 18:57, The Doctor pisze:
 
 Question:
 
 How I tell exim someone using port 465 is mostly likely 
 not sending out anything harmful?

Maybe try to use:
accept
  authenticated = *

in acl_check_data, in section before clamav test email.

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [exim-dev] Logging address ip of outgoing mail

[Marcin Mirosław]

W dniu 04.02.2011 00:05, Jeremy Harris pisze:
 I'm not aware of a log_selector that does what you want.

I'm not programmer, i don't know if exim is able to know outgoing
address when interface = isn't used. If it's possible could i make
feature request?

 What I've done to help logging in routing/transport is an
 embedded-perl function Exim::log_write called as a dummy
 lookup.  Typically I use this in a router as:
 
 data =  ${if eq {}{\
   ${perl{Exim::log_write}{router_name: bad  
 $local_part@$domain}}}\
{}{}}
 
 I assume you're using an smtp transport with a lookup for
 interface =
 and you could do something similar there.

You've guessed perfectly:) I didn't mention it, my fault.
There is great option log_message for acl, i'm missing it.
I can't use data= in dnslookup router so i tried to change it to
condition=, and condition is always true.
I've read i sholud use perl_startup, but there is no external perl
script needed. So i created empty, fake file, and provided it to
startup_perl. Is it correct way?
Finally, i have this line in router:
condition = ${if eq {}{${perl{Exim::log_write}{adres_wych:
${lookup{$domain}wildlsearch{/etc/exim/domeny_interfejs.txt}{$value}{}}
}}}{1}{1}}

which do what i want.
Thank you for hint!

P.S.1 This solution has small disadvantage, if destination domain is
ipv6 capable, in log appears address ipv4. This is not real problem,
because i've got only one ipv6 interface, so if destination is like
[2000::], i know, that those line isn't correct.
P.S.2 I sent email to exim-dev accidentally but there is no option to
cancel email

Regards,
Marcin


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Logging address ip of outgoing mail

[Marcin Mirosław]

Hello!
I'd like to have in log addres IP used to send mail. Something like
outgoing_interface instead incoming_interface. Is it possible to do it
in straight way or i need to add log function to transport?
Thanks.

-- 
www: http://blog.mejor.pl/

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] hold_domains works almost always

[Marcin Mirosław]

Hello.
When I uses both options in exim:
hold_domains=sample domain here
queue_smtp_domains=*

and i send, for example, 5-10 mails to domain mention in hold_domains,
exim sends a few mails to destinations server. But not all of them. 2-4
mails are sended, rest of them is keeped locally, and main log mark this
mail as domain is held (and this is correct).
Is it something that i missed reading documentation?
Regards,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] hold_domains works almost always

[Marcin Mirosław]

I can't reproduce this situation with other (test) domain.
BTW, i'm sending email using sendEmail script, mails has got BCC filed.
How can i debug it? Fake session, probably, can't be usefulll, in this case.

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] static code analyze for exim-4.72

[Marcin Mirosław]

Hi!
I've run static code analyzer from clang suite. Results are available
here: http://mejor.pl/exim-472/ . If it could be usefull for exim
developing that's great. I haven't enough C skills to apprize is this
analyze worth something or not, this is way i'm posting here.
Regards.

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] static code analyze for exim-4.72

[Marcin Mirosław]

W dniu 19.11.2010 15:18, Ted Cooper pisze:
 The instances I looked at were all failures of the analysis tool to
 understand the code or where the supposed error was impossible. I
 stopped looking after an example or two of each of the types of failure.
 
 There were a few things picked up that were obviously added to make
 understanding the code easier which certainly don't need to be fixed.
 The rest seem to be unimportant or just plain nit picking.
 
 Was there a specific bug this was looking to find?

No, i wasn't looking for specific bug. I was worried numbers of warnings
and warnings classified as security and Logic error. But as i can
see, there is nothing to worry about. Thanks for your time and answers!
Regards

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Cannot fix open relay

[Marcin Mirosław]

W dniu 08.11.2010 09:41, Paolo Crosato pisze:
 relay_from_hosts = 127.0.0.1 : 1 : 10.1.0.0/16 : 80.206.221.208/28 : 
 87.28.92.152/0 : 82.90.193.0/8 : 80.86.144.0/22
  ? mask is too wide?

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] virtual domains, incorrect envelope-from

[Marcin Mirosław]

W dniu 2010-11-04 20:08, Seth Dillingham pisze:
 Exim is happily handling mail for a number of virtual domains with
 non-login accounts, both incoming and outgoing.
 
 However, all mail sent by our users through our server ends up with a
 bad Envelope-From address.
 
 Here's an example from a message I just sent:
 
 Received: from xxx.ri.ri.cox.net ([y.y.y.y] helo=Sprung-Sprocket.local)
   by zzz.macrobyte.net with esmtpsa (TLSv1:AES128-SHA:128)
   (Exim 4.72)
   (envelope-from s...@macrobyte.net@macrobyte.net)
   id LB7Q4I-000MMQ-4X
   for seth.dilling...@gmail.com; Mon, 01 Nov 2010 11:38:42 -0400
 
 The correct address, of course, is just s...@macrobyte.net.
 
 I've seen some mail rejections, though it's not clear if they're being
 caused by these strange Envelope addresses.
 
 All relaying requires smtp authentication via either PLAIN, LOGIN, or 
 CRAM-MD5.
 
 In the MUA, the users set their smtp user id as u...@domain.com (so
 in my case, it's s...@macrobyte.net).

Hi!
Try to set:
accept
authenticated   = *
control = submission/sender_retain
This is examle, we don't know Your config.
Regards

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim filtering spam with dnslists

[Marcin Mirosław]

W dniu 24.08.2010 22:35, z...@inbox.lv pisze:
 need all email in a dnslists redirect to a folder. Spam
 Now email from the dnslists are blocked as follows:
 
 denymessage   = DNSBL listed at $dnslist_domain\n$dnslist_text
 hosts = ! +relay_from_hosts
 dnslists  = 
 zen.spamhaus.org:bl.spamcop.net:xbl.spamhaus.org:bb.barracudacentral.org:list.bbfh.org:l3.bbfh.ext.sorbs.net
 
 
 need  all email from dnslists send them to routers ditch_spam:
 (Now all email with spam_score  100 redirect to a folder. Spam)
 The problem is that the condition will not be received to indicate the 
 condition:
 dnslists = zen.spamhaus.org: bl.spamcop.net: xbl.spamhaus.org: 
 bb.barracudacentral.org: list.bbfh.org: l3.bbfh.ext.sorbs.net
 How to write such condition??  can one do?

Hi!
I'm not sure did i understand you correct. Do you want to receive _all_
mails, if sender's ip is in blacklist, you want to use router ditch_spam
to take mail ?
e.g:
warn
hosts   = ! +relay_from_hosts
dnslists= zen.spamhaus.org:bl.spamcop.net:.
set acl_m1  = spam

 begin routers
 
 ditch_spam:
[...]
condition = ${if or{ {$spam_score_int}{100}} {eq{$acl_m1}{spam}} } }

Regards

-- 
xmpp (jabber): marcin  [at]  mejor.pl


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] router condition, problem with and

[Marcin Mirosław]

W dniu 19.08.2010 11:27, Jonas Forsberg pisze:

 I just can't understand why

I've manually rewrite condition to:
condition = ${if and{   {match {$h_subject:}{\N^kallekalas$\N}} \
{eq {1}{1}} }}

And it works for me. Your example doesn't work for me, too. I suppose
there is problem with... don't know, strange char inside?
Regards

-- 
xmpp (jabber): marcin  [at]  mejor.pl

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] router condition, problem with and

[Marcin Mirosław]

W dniu 19.08.2010 09:06, Jonas Forsberg pisze:
 
 
 Hello.
 I am fairly new to exim4, so please be patient with me.
 
 I'm
 trying to get a condition for a router to work as I expect, but I
 clearly have issues understanding the syntax.
 
 The condition consists of
 two parts:
 
 1st a check in the Subject field after a string, that I have
 got to work.
 
 condition = ${lookup mysql{ 
  SELECT email FROM users 
 
 WHERE email='${quote_mysql:$local_pa...@${quote_mysql:$domain}'} 
 
 {true}{false}}
 
 2nd a check in a MySQL table, which I have been
 working.
 
 condition = ${if match
 {$h_subject:}{N^KalleKalas$N}{yes}{no}}
 
 but to combine those two into a
 and rule makes my head spin. What ever I do exim4 logs that it can not
 expand the condition.

Hello!
If you want to join this two condition with logical and, it would be
looks in this way:

condition = ${if and{
{lookup mysql{SELECT 1 FROM users WHERE
email='${quote_mysql:$local_pa...@${quote_mysql:$domain}'}}
{if match {$h_subject:}{N^KalleKalas$N}{yes}{no}}}
}

I can't test it, i'm not sure about sql query (mayby it shoud be write
in such way: {eq {1}{SELECT 1 FROM users WHERE
email='${quote_mysql:$local_pa...@${quote_mysql:$domain}'}
)

Regards,
Marcin

-- 
xmpp (jabber): marcin  [at]  mejor.pl

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] How to set timeout for command invoked in acl_data

[Marcin Mirosław]

Hi!
In acl_check_data are lines:
warn
 message =  ${run{/usr/local/bin/dspam-wrapper.sh
${spool_directory}/scan/${message_id}/${message_id}.eml }{$value}{$value}}

For a mails containing huge number of words, dspam needs above one, two
minutes to check mail. It seems that exim has timeout for run expansion
equal to one minute. In logs i'm getting:
failed to expand ACL message ${run{/usr/local/bin/dspam-wrapper.sh
${spool_directory}/scan/${message_id}/${message_id}.eml
}{$value}{$value}}: command timed out

Setting local_scan_timeout=10m doesn't change behavior (and probably
this is right:) ).
Is possible to change timeout for expansion variable in acl ?

Regards,
Marcin

-- 
xmpp (jabber): marcin  [at]  mejor.pl


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Integrating exim, dspam, and spamassasin

[Marcin Mirosław]

W dniu 28.07.2010 13:21, Marcin Mirosław pisze:
 W dniu 28.07.2010 12:55, Marcin Mirosław pisze:
 I've got one more question. If i add new header to message does they
 apper when exim is sending mail to spamd?
 (configuration is in earlier email)
 
 While i'm testing using fake session (exim -bh /tmp/test.comm ) headers
 added by acldspam are sended to spamd (i was watching at output of
 tcpdump), but when real connection is made to exim, this headers wasn't
 send to spamd.
 Is this situation correct?

Hello,
Does anybody have any idea how to resolve this problem?
Any help appreciated.
Regards,
Marcin

-- 
xmpp (jabber): marcin  [at]  mejor.pl
www: http://blog.mejor.pl/

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] only relay mail for our domain in relay_from_hosts..

[Marcin Mirosław]

W dniu 2010-08-05 17:37, B. Cook pisze:
 We had 2 accounts get compromised in the latest 'please reply with your 
 password (   ) ' scam..
 
 so what I am looking to do to prevent this from impacting us in the 
 future is..
 
 I would like exim to *only* send mail if it is from our domain..

Hi!
Maybe this acl would be usefull for you:
acl_check_data:

deny
authenticated   = *
condition = ${if or {{!eqi{$authenticated_id}{$sender_address}}\
{!eqi{$authenticated_id} {${address:$header_From:}} }}}
message = You must send as the ID you authenticate with.


Regards,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] only relay mail for our domain in relay_from_hosts..

[Marcin Mirosław]

W dniu 2010-08-05 18:32, B. Cook pisze:
 Yes if people were authenticating that would be great..

Why they aren't? People uses login and password to login into webmail.

 I found this to 'force' that..
 
 accept authenticated = *
control= submission/domain=
 
 back to my problem..
 
 People sign into squirrelmail as username which can append @domain.org 
 silently..
 imap and other smtp auth things.. need n...@domain.org..

It needs what you configured, imap/pop3/smtp can use login in form
login or lo...@domain, all is in your hands.

 I'm trying to help myself from squirrelmail abuse :/

Squirrelmail can send auth to smtp server using login and pass used
while user logged to webmail.
I'm not sure how it is configured, where are used login = login and
where login=u...@domain .

Regards,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Integrating exim, dspam, and spamassasin

[Marcin Mirosław]

W dniu 27.07.2010 15:09, Marcin Mirosław pisze:

I'm going to do it in this way:

# here i'd like to remove some headers

# check mail with dpsam
warn
 message =  ${run{/usr/local/bin/dspam-wrapper.sh
 ${spool_directory}/scan/${message_id}/${message_id}.eml }{$value}{$value}}

# and i want to reuse headers generated by dspam in SA
warn
 message = X-Spam-Report:$spam_report
 spam= nobody:true

cat wrapper:
#!/bin/sh

/usr/bin/dspamc --client --mode=teft --user mail --stdout
--deliver=spam,innocent $1 | formail -X x-dspam

I don't know how to remove headers at acl_data time (i'd like to remove
foreign dspam headers). System filter works at deliver time,
headers_remove is used in routers and transport, it's too late.
Regards,
Marcin

-- 
xmpp (jabber): mar...@mejor.pl

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Integrating exim, dspam, and spamassasin

[Marcin Mirosław]

I've got one more question. If i add new header to message does they
apper when exim is sending mail to spamd?
(configuration is in earlier email)
Thanks

-- 
xmpp (jabber): mar...@mejor.pl

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Integrating exim, dspam, and spamassasin

[Marcin Mirosław]

W dniu 28.07.2010 12:55, Marcin Mirosław pisze:
 I've got one more question. If i add new header to message does they
 apper when exim is sending mail to spamd?
 (configuration is in earlier email)

While i'm testing using fake session (exim -bh /tmp/test.comm ) headers
added by acldspam are sended to spamd (i was watching at output of
tcpdump), but when real connection is made to exim, this headers wasn't
send to spamd.
Is this situation correct?
Regards,
Marcin

-- 
xmpp (jabber): mar...@mejor.pl

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Integrating exim, dspam, and spamassasin

[Marcin Mirosław]

Hello!
I'd like to turn off bayes in SA and use dspam instead of them. I spend
some time for searching and i didn't found many solutions.
The main goal is: use dspam as plugin for SA.
I've found plugin which translate scores from dspam to scores:
http://eric.lubow.org/projects/dspam-spamassassin-plugin/
No doc found for it, it looks like message should have X-DSPAM...
headers. Ok, now i'm looking how to put X-DSPAM headers into message.
First attempt:
warn
 message =  ${run{/usr/local/bin/dspam-wrapper.sh
${spool_directory}/scan/${message_id}/${message_id}.eml }{$value}{$value}}

cat wrapper:
/usr/bin/dspamc --client --mode=teft --user mail --stdout
--deliver=summary $1

I'm getting: X-DSPAM-Result: mail; result=Spam; class=Spam;
probability=1.; confidence=0.94; signature=4c4ed445259482569042550

The plugin mentioned above dosn't like it, it needs this format:
X-DSPAM-Result: Spam
X-DSPAM-Processed: Tue Jul 27 14:47:02 2010
X-DSPAM-Confidence: 0.9938
X-DSPAM-Improbability: 1 in 16108 chance of being ham
X-DSPAM-Probability: 1.
X-DSPAM-Signature: 4c4ed546259481302212047
X-DSPAM-Factors: 15,

I'm continuuing searching... I found patch (
http://mta.org.ua/exim-patches/exim-4.67-dspam/ ) which uses
local_scan() to connect to dspam daemon. No doc found :( I can't found
who wrote patch, i don't know if patch is still mainained.
Maybe someone has idea how to do it?
Thanks,
regards!





-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Disable Bounce Messages

[Marcin Mirosław]

W dniu 2010-07-13 21:31, Jeremy Davila pisze:
 I have the following router . If a user is not known at our domain it's 
 rejected . But then in the exim queue there are a bunch of frozen bounce 
 messages from mailer-dae...@ourdomain.com. 
 How can I disable that ? Thank you all in advance. 

Imho, you should put in acl_check_rcpt something like this:
deny
  message  = No such user
 !verify   = recipient

It rejects mail in session, without generating bounce.
Regards,
Marcin

/repost to mailing list/

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] option interface in smtp transport and ipv6

[Marcin Mirosław]

W dniu 02.07.2010 11:50, J.R.Haynes pisze:

Hi!

 My understanding is that if a domain has both v4 and v6 addresses Exim
 first uses the operating system to decide whether to use v6 or v4 (and
 Phil has explained how to change this globally). Then it looks at the
 interface option for the first address of that type. If it doesn't find
 one then interface is ignored and the default OS interface for that type
 is used. 

And this knowledge i was mising.

 So in your case having seen an  record for the relevant
 domain Exim has already decided to use v6, so an interface entry with
 only a v4 address gets ignored.

I was sure, that setting interace=address v4 will force exim to use
only v4 for given domain (even if domain has record ). My mistake
was that i thought about v4 and v6 as they are in common space.

Thank all of you for help!
Regards,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] option interface in smtp transport and ipv6

[Marcin Mirosław]

W dniu 02.07.2010 12:51, Nigel Metheringham pisze:
 On 2 Jul 2010, at 11:30, Marcin Mirosław wrote:
 
 I was sure, that setting interace=address v4 will force exim to use
 only v4 for given domain (even if domain has record ). My mistake
 was that i thought about v4 and v6 as they are in common space.
 
 Are you able to suggest a change/addition in documentation that would
 have helped prevent your confusion?

Sorry, i don't feel able to do it. My skill in english language is to
low. But if You have own proposition i'll gladly read it.

Regards,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] option interface in smtp transport and ipv6

[Marcin Mirosław]

Hello!
I've set up smtp transport in this way:
external_smtp_batv:
driver  = smtp
return_path = ${prvs {$return_path}{BATVKEY}}
dkim_domain = +local_domains
dkim_selector   = 100623
dkim_private_key= /etc/ssl/poczta.cibet.pl.key
dkim_canon  = relaxed
interface   =
${lookup{$domain}lsearch{/etc/exim/domeny_interfejs.txt}{$value}{}}

If recipient domain is found in appropriate file and destination mx
doesn't have  records everything works correctly. Problem appears
when dest. mx has , then option interface is ignored and mail is
sending using ipv6 proto.
It looks there is bug in smtp tranposrt or option interface should
named interface_ipv4.
Regards,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] option interface in smtp transport and ipv6

[Marcin Mirosław]

W dniu 2010-07-01 19:33, Phil Pennock pisze:
 IPv6 addresses contain a colon.  Exim's default list separator character
 is a colon.  interface takes an expanded string list.
 
 Try ; at the start of the value of interface, to change the list
 separator character, if you know that you're going to include : as data
 from the lookup.


Hi,
Thank you for reply.
Sadly it doesn't change behavior of exim. (In file domeny_interfejs.txt
i only have ipv4 addresses). I tried this:
interface = 1.2.3.4
and :
interface = ; 1.2.3.4
and even:
interface = ; 1.2.3.4;
And it stills doesn't work when recipient mx has record . Then exim
sends mail over ipv6.
Regards,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] option interface in smtp transport and ipv6

[Marcin Mirosław]

W dniu 2010-07-01 21:23, Phil Pennock pisze:
 Oh, it appeared from the report that an IPv6 address in the interface
 was not working.
 
 Right, per the documentation for interface:
 8 cut here 8--
 The first interface of the correct type (IPv4 or IPv6) is used for the 
 outgoing
 connection. If none of them are the correct type, the option is ignored.
 8 cut here 8--

Yes, i read it. But i don't speak well english and maybe i can't catch
nuance.

 Use something like (untested):
ignore_target_hosts = ; ::
 on the Router to refuse to use IPv6 addresses.  Or there's
 dns_ipv4_lookup as a global option, per 13.6 Disabling IPv6.

But i don't want to disable ipv6!:)
I.E. My domain: host hermes.mejor.pl
hermes.mejor.pl has address 193.238.12.139
hermes.mejor.pl has IPv6 address 2001:470:1f0b:84c::2

From other host (on which i setup transport using interafce=1.2.3.4) i'm
trying to send mail to domain mejor.pl. I'd like to send mail via ipv4
(not via ipv6), because there are two links, and link with ipv4 only is
faster than link with ipv6. So i put domain mejor.pl to file
domeny_interfejs.txt and i'm expecting that exim will use address
(ipv4) taken from file, and sends via ipv4, although ipv6 can be used
for this domain.
For other domain, not mention in file, i'd like exim to use ipv6 if
domain is capable.
Thanks for help,
Marcin

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] smtp count confirmation

[Marcin Mirosław]

W dniu 15.06.2010 15:48, Graeme Fowler pisze:
 acl_check_connect:
   warn message = DEBUG: connection from $sender_host_address
   ...

Or sth like this, if you want to have smaller logs ;):
warn
condition = ${lookup pgsql{insert into xx (ip) values
('$sender_host_address')}}

And what about connections from users sending mails, should it be counted?

Regards

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to compare FROM header against SMTP account authenticated?

[Marcin Mirosław]

W dniu 2010-04-11 22:29, Sergio pisze:
 Hi all,
 first of all, sorry if this question has been asked before and hope you can
 guide on where to get this
 
 In my server SMTP has to be authenticated in order deliver emails. But I
 want to deny any SMTP deliver if the FROM is not the same as the account
 that has authenticated the deliver, is it possible?

(resended to maillist)
Hi,
I'm using acl like this:
acl_check_data:
[...]
deny
 authenticated   = *
 condition = ${if or {{ !eqi{$authenticated_id} {$sender_address} }\
   { !eqi{$authenticated_id} {${address:$header_From:}} }\
 }\
 }
 message = Blad: nadawca jest inny niz uzytkownik. / You must
send as the ID you authenticate with.

Regards,

-- 
http://en.wikipedia.org/wiki/Katyn_massacre
http://edition.cnn.com/2010/WORLD/europe/04/10/poland.president.plane.crash.analysis/index.html?hpt=C1


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to compare FROM header against SMTP account authenticated?

[Marcin Mirosław]

W dniu 2010-04-11 23:16, Sergio pisze:
 I am using EXIM 4 in WHM. Does your commands have to be written on the
 box called BEGIN ACL ?

I have no idea how WHM looks :) Probably (99%) the answer is yes, but
if you have box acl_check_data, choose it. Those acl must be in
acl_check_data.
Regards.


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Why there is no headers from SA in relayed mails?

[Marcin Mirosław]

W dniu 2010-04-09 23:55, Ted Cooper pisze:
 If you want it to call SA but always return true (and thus add the
 headers) you'll have to add the :true to the end like you have for the
 second warn statement/chunk.

Indeed. I have no idea why i lost :true while copying config.
Thank you for help.
Regards.



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Why there is no headers from SA in relayed mails?

[Marcin Mirosław]

Hi,
I'm wondering why i have no headers from SA in email relayed through
router relay? Emails, marked as spam and delivered to local dir, have
headers X-Spam_ . Does driver smtp make changes in headers?

My exim conf looks like this:
acl_check_data:
[...]
warn
spam=nobody
add_header = X-Spam_score:$spam_score\n\
X-Spam_score_int:$spam_score_int\n\
X-Spam_bar:$spam_bar\n\
X-Spam_report: $spam_report

warn
set acl_m9=ham
spam=nobody:true
condition   = ${if {$spam_score_int}{55}{1}{0}}
set acl_m9  = spam
control = fakereject/rejected after DATA: This is spam, it will be reported

accept

begin routers
spam_fakereject_sc:
 driver  = accept
 condition   = ${if  {$spam_score_int}{85}{1}{0}}
 transport   = spam_transport_sc
 unseen

spam_fakereject_kopia:
 driver  = accept
 condition   = ${if eq {$acl_m9}{spam}{true}{false}}
 transport   = spam_transport_kopia

relay:
 driver = manualroute
 domains = ! +local_domains : +relay_to_domains
 transport = remote_smtp
 route_data = 192.168.137.7
 ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
 no_more

begin transports
remote_smtp:
 driver = smtp

spam_transport_sc:
 driver  = pipe
 command = /usr/bin/spamc -C report
 delivery_date_add
 envelope_to_add

spam_transport_kopia:
 driver  = appendfile
 directory   = /data/spam/$tod_logfile/${domain}/
 envelope_to_add

Regards.

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Find version

[Marcin Mirosław]

W dniu 07.04.2010 16:17, exim...@riotm.co.uk pisze:
 Lord am I thick!
 
 You would think spending an hour googling the various 'exim display
 version', 'exim show version' and 'exim --version' may have given me a
 hint how to find the version of exim on the system - but no, it teases
 me but won't tell me.
 
 I've tried exim --version but it complains:
 
 /usr/exim/bin/exim --version
 exim abandoned: unknown, malformed, or incomplete option --version
 
 Would someone put me out of my misery (by telling me how, rather than a
 shot in the arm :-))

Try exim -bV
Regards.


-- 
xmpp (jabber): mar...@mejor.pl

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Find version

[Marcin Mirosław]

W dniu 07.04.2010 16:25, Mark Thornton pisze:
 telnet to port 25 (or whatever you have it serving on).
 It will respond with a line including the version!

It can be use when we doesn't have unix account at smtp server,
but it isn't reliable method (please tell my, what is version of my exim
;) )
Regards.

-- 
xmpp (jabber): mar...@mejor.pl

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Find version

[Marcin Mirosław]

W dniu 2010-04-07 17:27, Frank Heydlauf pisze:
 On Wed, Apr 07, 2010 at 04:34:06PM +0200, Marcin Miros??aw wrote:
 ...
 (please tell my, what is version of my exim
 ;) )
 
 Exim 4.71

We were talking about telnet ;]


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/