from:"Larry Rosenman via Exim\-users"

[exim] Why do we seem(!) to have a FD leak in the daemon?

2022-03-27 Thread Larry Rosenman via Exim-users

All of a sudden, I'm seeing Exim keep my home directory open a NUMBER of 
times.

It caused me a Too Many Files open and a DOS.

This is on FreeBSD:
FreeBSD thebighonker.lerctr.org 13.1-STABLE FreeBSD 13.1-STABLE #23 
ler/freebsd13-updates-n250051-600d7e8210c: Sat Mar 19 19:19:06 CDT 2022  
   
r...@thebighonker.lerctr.org:/usr/obj/usr/src/amd64.amd64/sys/LER-MINIMAL 
amd64


Built from ports.


❯ sudo fstat -p 38848
USER CMD  PID   FD MOUNT  INUM MODE SZ|DV R/W
mailnull exim   38848 text /usr/local 2072834 -rwsr-xr-x  1439616  r
mailnull exim   38848   wd / 35921 drwxr-x---   6  r
mailnull exim   38848 root / 4 drwxr-xr-x  33  r
mailnull exim   388480
mailnull exim   388481 /dev 34 crw-rw-rw-null rw
mailnull exim   388482 /dev 34 crw-rw-rw-null rw
mailnull exim   388483* internet stream tcp fe023b40aca8
mailnull exim   388484* internet stream tcp fe023a089000
mailnull exim   388485* internet stream tcp fe023a08a060
mailnull exim   388486* internet stream tcp fe0213f5b4d8
mailnull exim   388487* internet stream tcp fe0230bc5c48
mailnull exim   388488* internet stream tcp fe0211429830
mailnull exim   388489* internet6 stream tcp fe02dece0890
mailnull exim   38848   10* internet6 stream tcp fe0211ba2ca8
mailnull exim   38848   11* internet6 stream tcp fe0210572ca8
mailnull exim   38848   12* internet6 stream tcp fe0210572478
mailnull exim   38848   13* internet6 stream tcp fe0230b9f000
mailnull exim   38848   14* internet6 stream tcp fe0215ce0830
mailnull exim   38848   15 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   16 /home/ler  87981 -rw-r--r--5755  r
mailnull exim   38848   17 /dev132 crw-rw-rw-  crypto rw
mailnull exim   38848   18 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   19 /home/ler  87980 -rw-r--r--1675  r
mailnull exim   38848   20 / 14550 drwxr-xr-x   8  r
mailnull exim   38848   21 /usr/local 165653 drwxr-xr-x   7  r
mailnull exim   38848   22 /usr/local 2370056 -rw-r--r--  710164  r
mailnull exim   38848   23 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   24 /home/ler  87981 -rw-r--r--5755  r
mailnull exim   38848   25 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   26 /home/ler  87980 -rw-r--r--1675  r
mailnull exim   38848   27 / 14550 drwxr-xr-x   8  r
mailnull exim   38848   28 /usr/local 165653 drwxr-xr-x   7  r
mailnull exim   38848   29 /usr/local 2370056 -rw-r--r--  710164  r
mailnull exim   38848   30 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   31 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   32 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   33 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   34 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   35 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   36 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   37 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   38 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   39 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   40 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   41 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   42 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   43 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   44 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   45 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   46 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   47 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   48 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   49 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   50 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   51 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   52 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   53 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   54 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   55 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   56 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   57 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   58 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   59 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   60 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   61 /home/ler  87976 drwxr-xr-x   9  r

Re: [exim] Why do we seem(!) to have a FD leak in the daemon?

2022-03-27 Thread Larry Rosenman via Exim-users


On 03/26/2022 8:37 am, Larry Rosenman wrote:
All of a sudden, I'm seeing Exim keep my home directory open a NUMBER 
of times.

It caused me a Too Many Files open and a DOS.

This is on FreeBSD:
FreeBSD thebighonker.lerctr.org 13.1-STABLE FreeBSD 13.1-STABLE #23
ler/freebsd13-updates-n250051-600d7e8210c: Sat Mar 19 19:19:06 CDT
2022
r...@thebighonker.lerctr.org:/usr/obj/usr/src/amd64.amd64/sys/LER-MINIMAL
amd64

Built from ports.


❯ sudo fstat -p 38848
USER CMD  PID   FD MOUNT  INUM MODE SZ|DV R/W
mailnull exim   38848 text /usr/local 2072834 -rwsr-xr-x  1439616  
r

mailnull exim   38848   wd / 35921 drwxr-x---   6  r
mailnull exim   38848 root / 4 drwxr-xr-x  33  r
mailnull exim   388480
mailnull exim   388481 /dev 34 crw-rw-rw-null rw
mailnull exim   388482 /dev 34 crw-rw-rw-null rw
mailnull exim   388483* internet stream tcp fe023b40aca8
mailnull exim   388484* internet stream tcp fe023a089000
mailnull exim   388485* internet stream tcp fe023a08a060
mailnull exim   388486* internet stream tcp fe0213f5b4d8
mailnull exim   388487* internet stream tcp fe0230bc5c48
mailnull exim   388488* internet stream tcp fe0211429830
mailnull exim   388489* internet6 stream tcp fe02dece0890
mailnull exim   38848   10* internet6 stream tcp fe0211ba2ca8
mailnull exim   38848   11* internet6 stream tcp fe0210572ca8
mailnull exim   38848   12* internet6 stream tcp fe0210572478
mailnull exim   38848   13* internet6 stream tcp fe0230b9f000
mailnull exim   38848   14* internet6 stream tcp fe0215ce0830
mailnull exim   38848   15 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   16 /home/ler  87981 -rw-r--r--5755  r
mailnull exim   38848   17 /dev132 crw-rw-rw-  crypto rw
mailnull exim   38848   18 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   19 /home/ler  87980 -rw-r--r--1675  r
mailnull exim   38848   20 / 14550 drwxr-xr-x   8  r
mailnull exim   38848   21 /usr/local 165653 drwxr-xr-x   7  r
mailnull exim   38848   22 /usr/local 2370056 -rw-r--r--  710164  r
mailnull exim   38848   23 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   24 /home/ler  87981 -rw-r--r--5755  r
mailnull exim   38848   25 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   26 /home/ler  87980 -rw-r--r--1675  r
mailnull exim   38848   27 / 14550 drwxr-xr-x   8  r
mailnull exim   38848   28 /usr/local 165653 drwxr-xr-x   7  r
mailnull exim   38848   29 /usr/local 2370056 -rw-r--r--  710164  r
mailnull exim   38848   30 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   31 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   32 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   33 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   34 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   35 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   36 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   37 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   38 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   39 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   40 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   41 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   42 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   43 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   44 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   45 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   46 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   47 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   48 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   49 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   50 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   51 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   52 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   53 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   54 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   55 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   56 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   57 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   58 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   59 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   60 /home/ler  87976 drwxr-xr-x   9  r
mailnull exim   38848   61

Re: [exim] How to setup a specific route for a specific SENDER address.

2022-03-23 Thread Larry Rosenman via Exim-users


On 03/23/2022 12:57 am, Evgeniy Berdnikov via Exim-users wrote:
On Tue, Mar 22, 2022 at 10:18:11PM -0500, Larry Rosenman via Exim-users 
wrote:

this failed with:
<21>1 2022-03-22T22:10:43.422806-05:00 thebighonker.lerctr.org exim 
72957 -

- H=mail-oa1-f43.google.com [209.85.160.43]:33104 I=[192.147.25.65]:25
sender v
erify defer for : failed 
to

expand "${lookup ${lc:${sender_address}} lsearch
{/usr/local/etc/exim/freebsd_send
}}": missing lookup type

Ideas?


 Lookup key must be in braces. Try {${lc:$sender_address}} and
 use "exim -be ..." to verify.

 For lsearch put the ":" delimiter bitween key and value in map file.
--
 Eugene Berdnikov



Thank You.  This is what I wound up with:
Router (at the top of the list):
freebsd_send:
   driver = manualroute
   domains = !+local_domains
   transport = freebsd_smtp
   route_data = ${lookup {${lc:$sender_address}} lsearch 
{/usr/local/etc/exim/freebsd_send}}


Transport:
freebsd_smtp:
driver = smtp
  tls_certificate=/home/ler/letsencrypt-home/*.lerctr.org/fullchain.cer
  
tls_privatekey=/home/ler/letsencrypt-home/*.lerctr.org/*.lerctr.org.key
  tls_require_ciphers = 
EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:E

ECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+AESGCM:EECDH:EDH+AESGCM:EDH+aRSA:HIGH:!MEDIUM:!LOW:!aNULL:!
eNULL:!LOW:!RC4:!MD5:!EXP:!PSK:!SRP:!DSS
  dkim_domain = lerctr.org
  dkim_selector = ler2019
  dkim_private_key= /usr/local/etc/exim/dk/ler2019.rsa.private
  dnssec_request_domains = *
  arc_sign = lerctr.org : ler2019 : 
/usr/local/etc/exim/dk/ler2019.rsa.private : timestamps

  hosts_try_dane = *
  hosts_require_auth = smtp.freebsd.org

Authenticators:
fixed_plain:
  driver = plaintext
  public_name = PLAIN
  client_send = ^ler/mail^

freebsd_send file:
❯ cat freebsd_send
l...@freebsd.org:smtp.freebsd.org::587

Works great!

--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] How to setup a specific route for a specific SENDER address.

2022-03-22 Thread Larry Rosenman via Exim-users

I'm trying to set up Exim to use the FreeBSD smtp server for any mail 
that I send that comes in with the sender

of my FreeBSD address .
Doc: https://docs.freebsd.org/en/articles/committers-guide/#smtp-setup

What I tried:
Router:
freebsd_send:
  driver = manualroute
  transport = freebsd_smtp
  route_data = ${lookup ${lc:${sender_address}} lsearch 
{/usr/local/etc/exim/freebsd_send}}


Where freebsd_send contains:
l...@freebsd.org smtp.freebsd.org:587

and the freebsd_smtp transport:
freebsd_smtp:
driver = smtp
  tls_certificate=/home/ler/letsencrypt-home/*.lerctr.org/fullchain.cer
  
tls_privatekey=/home/ler/letsencrypt-home/*.lerctr.org/*.lerctr.org.key
  tls_require_ciphers = 
EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+AESGCM:EECDH:EDH+AESGCM:EDH+aRSA:HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:!LOW:!RC4:!MD5:!EXP:!PSK:!SRP:!DSS

  dkim_domain = lerctr.org
  dkim_selector = ler2019
  dkim_private_key= /usr/local/etc/exim/dk/ler2019.rsa.private
  dnssec_request_domains = *
  arc_sign = lerctr.org : ler2019 : 
/usr/local/etc/exim/dk/ler2019.rsa.private : timestamps

  hosts_try_dane = *
  hosts_require_auth = smtp.freebsd.org

And in authenticators:
fixed_plain:
  driver = plaintext
  public_name = PLAIN
  client_send = ^ler/mail^


this failed with:
<21>1 2022-03-22T22:10:43.422806-05:00 thebighonker.lerctr.org exim 
72957 - - H=mail-oa1-f43.google.com [209.85.160.43]:33104 
I=[192.147.25.65]:25 sender v
erify defer for : failed to 
expand "${lookup ${lc:${sender_address}} lsearch 
{/usr/local/etc/exim/freebsd_send

}}": missing lookup type

Ideas?


--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] tainted string in 4.93

2020-02-26 Thread Larry Rosenman via Exim-users


On 02/26/2020 5:10 am, Max Kostikov via Exim-users wrote:

Some debug on this issue (FreeBSD 12.1)

12:58:46 22061   exim 4.93.0.4 daemon started: pid=22061, -q15m,
listening for SMTP on [1.2.3.4]:{25,465,587}
[2001:2:3:4::1]:{25,465,587} [127.0.0.1]:{25,465,587} [::1]:25 ... ...
12:58:46 22061 set_process_info: 22061 daemon(4.93.0.4): -q15m,
listening for SMTP on [1.2.3.4]:{25,465,587}
[2001:2:3:4::1]:{25,465,587} [127.0.0.1]:{25,465,587} [::1]:25 ... ...
12:58:46 22061 SPF_dns_exim_new
spf_compile.c:523Debug: Parsing macro starting at
Please%_see%_http://www.openspf.org/Why?id=%{S}=%{C}=%{R}
spf_compile.c:1210   Debug: Compiling record v=spf1
spf_compile.c:523Debug: Parsing macro starting at
Please%_see%_http://www.open-spf.org/Why?id=%{S}=%{C}=%{R}
12:58:46 22061 daemon running with uid=26 gid=6 euid=26 egid=6
12:58:46 22061 SIGALRM received
12:58:46 22061 1 queue-runner process running
12:58:46 22061 Listening...
12:58:46 32950 Starting queue-runner: pid 32950
12:58:46 32950 exec /usr/local/sbin/exim -qG
2020-02-26 12:58:46 1j6uLP-0008su-Lw attempt to expand tainted string
'$local_part@$domain'
2020-02-26 12:58:46 1j6uLP-0008su-Lw == f...@example.com
R=spamassassin_router T=spamassassin_local defer (-1): Expansion of
"$local_part@$domain" from command "/usr/local/bin/spamc -s 2097152 -u
$local_part@$domain" in transport filter failed: attempt to expand
tainted string '$local_part@$domain'
12:58:46 22061 child 32950 ended: status=0x0
12:58:46 22061   normal exit, 0




Please try the latest FreeBSD port of mail/exim.  Dima Panov 
(flu...@freebsd.org)
picked up all the patches in 4.93+fixes, and it fixed all MY taint 
issues.


4.93.0.4_3 is the version.



--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106



signature.asc
Description: OpenPGP digital signature
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] anti-spam pointers please

2019-04-03 Thread Larry Rosenman via Exim-users


On 04/03/2019 3:33 am, Rory Campbell-Lange wrote:

On 02/04/19, Larry Rosenman via Exim-users (exim-users@exim.org) wrote:

On 04/02/2019 2:20 am, Rory Campbell-Lange via Exim-users wrote:
> On 01/04/19, Larry Rosenman (l...@lerctr.org) wrote:
> > On 04/01/2019 2:01 pm, Rory Campbell-Lange via Exim-users wrote:
> > > It's some years since I've spent time tweaking my exim setup to receive
> > > spam. I've forgotten any skills I might once have had in this area.
> > >
> > > I've gotten sick of getting 30+ spam emails a day and need to do
> > > something about it! I'd be grateful for some pointers to the
> > > state-of-the-art setup.
>
> Glancing at the docs under chapter 35, I guess my local users are
> "authenticated" due to our use of cram_md5. I'm giving your rules a go!
>
> I wonder also if my /etc/spamassasin/local.cf is right
>
> required_score 3.0
> score RP_MATCHES_RCVD -0.01
> bayes_auto_learn 0
> ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
> endif # Mail::SpamAssassin::Plugin::Shortcircuit
>
> Required score seems quite a bit lower than 70 in Exim.
>
> Thanks again
> Rory



Please do *NOT* use the X-LERCTR header (that's my domain)


Sorry about that Larry -- that was a test using your rules.

Thanks!



Also, to get a nice compact report, I have smmsp's user_prefs set to:
⌂68% [r...@thebighonker.lerctr.org:~] # cat user_prefs
clear_report_template
report SpamScore (_SCORE_/_REQD_) _TESTSSCORES(,)_
⌂68% [r...@thebighonker.lerctr.org:~] #

(smmsp is the user exim calls spamd as).

note also that $spam_score_int is the score * 10.


Thank you. My scores are improving

However I'm still getting all BAYES_OO scores as -1.9. I assume this is
because I've not yet trained sa-learn with enough spam. (I've trained 
it

with several thousand spam messages).
BAYES_00 means it's HAM, you want to see if you are getting any BAYES_9* 
hits for SPAM.



--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] anti-spam pointers please

2019-04-02 Thread Larry Rosenman via Exim-users


On 04/02/2019 2:20 am, Rory Campbell-Lange via Exim-users wrote:

On 01/04/19, Larry Rosenman (l...@lerctr.org) wrote:

On 04/01/2019 2:01 pm, Rory Campbell-Lange via Exim-users wrote:
> It's some years since I've spent time tweaking my exim setup to receive
> spam. I've forgotten any skills I might once have had in this area.
>
> I've gotten sick of getting 30+ spam emails a day and need to do
> something about it! I'd be grateful for some pointers to the
> state-of-the-art setup.

...

> Pointers much appreciated.

I use the following in my content check ACL:

  warn  message = X-Spam-Score: $spam_score ($spam_bar)
! authenticated = *
spam = smmsp:true
  warn  message = X-LERCTR-Spam-Score: $spam_score ($spam_bar)
! authenticated = *
spam = smmsp:true
  warn  message = X-Spam-Report: $spam_report
! authenticated = *
spam = smmsp:true
  warn  message = X-LERCTR-Spam-Report: $spam_report
! authenticated = *
spam = smmsp:true
  # Add X-Spam-Flag if spam is over system-wide threshold
  warn message = X-Spam-Flag: YES
! authenticated = *
spam = smmsp:true
condition = ${if >={$spam_score_int}{50}{1}{0}}
  warn message = X-LERCTR-Spam-Flag: YES
! authenticated = *
spam = smmsp:true
condition = ${if >={$spam_score_int}{50}{1}{0}}

  #warn  message = DomainKey-Status: $dkim_status
#   !condition = ${if eq{$dkim_status}{}{1}{0}}
  # Reject spam messages with score over 7, using an extra condition.
  deny  message = This message scored $spam_score points. 
Congratulations!

! authenticated = *
spam = smmsp:true
condition = ${if >{$spam_score_int}{70}{1}{0}}

With having spamd_address set to 127.0.0.1 783 in the first section.


Hi Larry

Thanks very much for the suggestions.

Glancing at the docs under chapter 35, I guess my local users are
"authenticated" due to our use of cram_md5. I'm giving your rules a go!

I wonder also if my /etc/spamassasin/local.cf is right

required_score 3.0
score RP_MATCHES_RCVD -0.01
bayes_auto_learn 0
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
endif # Mail::SpamAssassin::Plugin::Shortcircuit

Required score seems quite a bit lower than 70 in Exim.

Thanks again
Rory

Please do *NOT* use the X-LERCTR header (that's my domain)

Also, to get a nice compact report, I have smmsp's user_prefs set to:
⌂68% [r...@thebighonker.lerctr.org:~] # cat user_prefs
clear_report_template
report SpamScore (_SCORE_/_REQD_) _TESTSSCORES(,)_
⌂68% [r...@thebighonker.lerctr.org:~] #

(smmsp is the user exim calls spamd as).

note also that $spam_score_int is the score * 10.


--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] anti-spam pointers please

2019-04-01 Thread Larry Rosenman via Exim-users


On 04/01/2019 2:01 pm, Rory Campbell-Lange via Exim-users wrote:

Hi

It's some years since I've spent time tweaking my exim setup to receive
spam. I've forgotten any skills I might once have had in this area.

I've gotten sick of getting 30+ spam emails a day and need to do 
something
about it! I'd be grateful for some pointers to the state-of-the-art 
setup.


right now relay blocks, cram_md5 rejects and spamhaus blocks account 
for about
500-1000 rejections a day (no wonder everyone has gone to Google 
mail!).


I'm running Exim 4.89-2+deb9u3 under Debian, with spamassassin/spamc 
3.4.2.1


Spamd is reporting along the following lines.

spamd: result: . 0 - BAYES_00,
DKIMWL_WL_HIGH,
DKIM_SIGNED,
DKIM_VALID,
DKIM_VALID_EF,
FORGED_MUA_MOZILLA,
HEADER_FROM_DIFFERENT_DOMAINS,
MAILING_LIST_MULTI,
SPF_PASS,
URIBL_BLOCKED scantime=0.5,
size=5448,
user=mail,
uid=8,
required_score=3.0,
rhost=127.0.0.1,
raddr=127.0.0.1,
rport=59670,
mid=,
bayes=0.00,
autolearn=disabled

Pointers much appreciated.

Rory


I use the following in my content check ACL:

  warn  message = X-Spam-Score: $spam_score ($spam_bar)
! authenticated = *
spam = smmsp:true
  warn  message = X-LERCTR-Spam-Score: $spam_score ($spam_bar)
! authenticated = *
spam = smmsp:true
  warn  message = X-Spam-Report: $spam_report
! authenticated = *
spam = smmsp:true
  warn  message = X-LERCTR-Spam-Report: $spam_report
! authenticated = *
spam = smmsp:true
  # Add X-Spam-Flag if spam is over system-wide threshold
  warn message = X-Spam-Flag: YES
! authenticated = *
spam = smmsp:true
condition = ${if >={$spam_score_int}{50}{1}{0}}
  warn message = X-LERCTR-Spam-Flag: YES
! authenticated = *
spam = smmsp:true
condition = ${if >={$spam_score_int}{50}{1}{0}}

  #warn  message = DomainKey-Status: $dkim_status
#   !condition = ${if eq{$dkim_status}{}{1}{0}}
  # Reject spam messages with score over 7, using an extra condition.
  deny  message = This message scored $spam_score points. 
Congratulations!

! authenticated = *
spam = smmsp:true
condition = ${if >{$spam_score_int}{70}{1}{0}}

With having spamd_address set to 127.0.0.1 783 in the first section.

--
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] compiling 4.91 under FreeBSD

2018-04-16 Thread Larry Rosenman via Exim-users

http://home.lerctr.org:/data/live-host-ports/2018-04-16_11h54m01s/logs/errors/exim-4.91.log

similar.

-- 
Larry Rosenman http://www.lerctr.org/~ler
Phone: +1 214-642-9640 E-Mail: l...@lerctr.org
US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106

On 4/16/18, 12:09 PM, "Exim-users on behalf of Lena--- via Exim-users" 
 
wrote:

Had someone this error?  Using port:

cc tls.c
In file included from tls.c:122:
tls-openssl.c: In function `tls_refill':
tls-openssl.c:2499: error: structure has no member named `verify_stack'
tls-openssl.c:2502: error: structure has no member named `verify_stack'
tls-openssl.c: In function `tls_close':
tls-openssl.c:2778: error: structure has no member named `verify_stack'
tls-openssl.c:2779: error: structure has no member named `verify_stack'
*** Error code 1
Stop in /usr/ports/mail/exim/work/exim-4.91/build-FreeBSD-i386.

# /usr/local/bin/openssl version
OpenSSL 1.0.2o  27 Mar 2018


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/




-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Why do we seem(!) to have a FD leak in the daemon?

Re: [exim] Why do we seem(!) to have a FD leak in the daemon?

Re: [exim] How to setup a specific route for a specific SENDER address.

[exim] How to setup a specific route for a specific SENDER address.

Re: [exim] tainted string in 4.93

Re: [exim] anti-spam pointers please

Re: [exim] anti-spam pointers please

Re: [exim] anti-spam pointers please

Re: [exim] compiling 4.91 under FreeBSD

9 matches

Site Navigation

Mail list logo

Footer information