Re: [exim] rewrite sender based on recipient

2014-03-08 Thread Ian Zimmerman
On Wed, 5 Mar 2014 23:15:00 + Matthew Newton wrote: Andy> Sorry I'm struggling with some basics here, Im using Exim on Andy> Debian with the split out config. Matthew> You're probably on your own with this one... you'll need to Matthew> find the right places to put stuff (or run a normal con

Re: [exim] Routing question

2014-03-08 Thread Ian Zimmerman
On Thu, 6 Mar 2014 09:43:17 -0800 Ken Simpson wrote: > dc_eximconfig_configtype='smarthost' > dc_other_hostnames='' > dc_local_interfaces='127.0.0.1' > dc_readhost='your.server.name.example.net' > dc_relay_domains='' > dc_minimaldns='false' > dc_relay_nets='' > dc_smarthost='smarthost.example.com

[exim] Delaying first delivery from queue

2014-05-27 Thread Ian Zimmerman
Hello, I am looking for a way to delay the _first_ delivery of queued messages. Exim has a complex configuration meachanism to specify how long to delay _retries_, but this seems to only apply once a message has had a (temporarily) failed delivery. I have never used that part of Exim before so it

Re: [exim] Delaying first delivery from queue

2014-05-27 Thread Ian Zimmerman
Jeremy> There is an expansion condition "first_delivery" - does this Jeremy> help? Dennis> Also see (Chapter 11) the $message_age expansion variable. You Dennis> could possibly arrange things so delivery isn't attempted until Dennis> the message is old enough. Thanks for the replies, it is quite

Re: [exim] Delaying first delivery from queue

2014-05-27 Thread Ian Zimmerman
On Tue, 27 May 2014 22:28:03 +0100 (BST) Dennis Davis wrote: Dennis> Also see (Chapter 11) the $message_age expansion variable. You Dennis> could possibly arrange things so delivery isn't attempted until Dennis> the message is old enough. Ok, so I tried this (in the routers chapter of config, j

Re: [exim] Delaying first delivery from queue

2014-05-27 Thread Ian Zimmerman
On Tue, 27 May 2014 17:46:39 -0700 Ian Zimmerman wrote: > Ok, so I tried this (in the routers chapter of config, just before > other local routers): > > # this router delays delivery until message is 15 minutes old. > delay_local: > debug_print = "R: real_local

Re: [exim] Delaying first delivery from queue

2014-05-27 Thread Ian Zimmerman
On Tue, 27 May 2014 21:35:45 -0400 (EDT) Dave Lugo wrote: > delay: >driver = redirect >senders = dl...@etherboy.com >condition = ${if < {$message_age}{60}{yes}{no}} >allow_defer >data = :defer: message not old enough >no_verify Thanks, clearly allow_defer was the key. I

Re: [exim] Delaying first delivery from queue

2014-06-05 Thread Ian Zimmerman
On 28 May 2014 13:39:04 GMT Jasen Betts wrote: > Dave Lugo wrote: Dave> delay: Dave> driver = redirect Dave> senders = dl...@etherboy.com Dave> condition = ${if < {$message_age}{60}{yes}{no}} Dave> allow_defer Dave> data = :defer: message not old enough Dave> no_verify Ian> Thanks, clearly all

Re: [exim] file permission in maildir new

2014-07-09 Thread Ian Zimmerman
On Tue, 8 Jul 2014 14:28:43 +0100 Klaus Ethgen wrote: basti> I have done more than once a "dpkg-reconfigure exim4-config" Klaus> If you change the configuration by hand, you should used Klaus> update-exim.conf and restart exim afterwards as it is documented Klaus> in the doc directory. Klaus> B

Re: [exim] aliases router

2015-01-23 Thread Ian Zimmerman
On Sun, 11 Jan 2015 15:07:36 +, Jeremy Harris wrote: Jeremy> Exim takes the routers in the order you define them, modulo use Jeremy> of file-include directives in the config. I believe that Deb Jeremy> makes heavy use of the latter facility. No so, at least not in Debian stable (wheezy). I

Re: [exim] 550 error when sending email

2015-01-23 Thread Ian Zimmerman
On Thu, 15 Jan 2015 11:50:55 +0100, Heiko Schlittermann wrote: Heiko> Huh, I understood, that his (outbound) server can't send mail to Heiko> some specific domain, because the other side rejects it. May be Heiko> I'm wrong. Right. I have a suspicion (helped by the OP's domain name) that the oth

Re: [exim] redirect email on local network

2015-02-04 Thread Ian Zimmerman
On Wed, 4 Feb 2015 23:00:25 +0100, Frédéric Marécaille wrote: Frédéric> So, I've a personal server wich receive local email by exim Frédéric> (notification's scripts, notification's crontab...) and a Frédéric> laptop, with exim installed too and receive some notifications Frédéric> and email from

[exim] LMTP support effects

2015-03-10 Thread Ian Zimmerman
The spec says (chapter 28 in my copy): Because LMTP is expected to be of minority interest, the default build-time configure in src/EDITME has it commented out. You need to ensure that TRANSPORT_LMTP=yes is present in your Local/Makefile in order to have the lmtp transport included in the

Re: [exim] exim command to dump config after macro expansion

2015-07-03 Thread Ian Zimmerman
On 2015-07-03 14:04 +0100, Tim Watts wrote: > Thank you - it is good to have a recommended "golden" config. Note that the infamous Debian "split config" scheme is _not_ mandatory. At installation time, or at any later time when running dpkg-reconfigure, you can answer "no" to "split configuration

[exim] log_output on pipe transports

2015-07-28 Thread Ian Zimmerman
Hi, the manual for my version (4.80) says: log_output Use: pipe Type: boolean Default: false If this option is set and the command returns any output, the first line of output is written to the main log, whatever the return code. It is not clear from this if "any output" includes

Re: [exim] log_output on pipe transports

2015-07-28 Thread Ian Zimmerman
On 2015-07-28 12:45 -0700, Ian Zimmerman wrote: > Hi, the manual for my version (4.80) says: > > log_output Use: pipe Type: boolean Default: false > > If this option is set and the command returns any output, the first > line of output is written to the main

Re: [exim] log_output on pipe transports

2015-07-29 Thread Ian Zimmerman
On 2015-07-28 22:23 -0700, Ian Zimmerman wrote: > It is not clear from this if "any output" includes stderr. > FWIW, the wording is the same in the latest (4.86) manual, so the old > version is no reason to not clarify :-) Thanks a lot Heiko for your investigation

Re: [exim] spaces and quotes

2015-08-13 Thread Ian Zimmerman
On 2015-08-13 09:21 +0200, Heiko Schlittermann wrote: > How is the normal procedure than? If the Debian maintainer thinks, it's > important, than it's his job to cherry-pick a single commit and patch > this into the Debian source? File a Debian bug, otherwise the Debian maintainer need not know a

Re: [exim] spaces and quotes

2015-08-14 Thread Ian Zimmerman
On 2015-08-14 09:48 +0200, Heiko Schlittermann wrote: > It applies cleanly. (Or is there some other clean way to backport a > patch? I'm not a git expert ...) That would be git rebase, but I think in this situation cherry-pick is in fact more appropriate because it's Jasen who will backport. --

Re: [exim] Altering Subject header in a user filter?

2015-08-23 Thread Ian Zimmerman
On 2015-08-23 21:46 +0100, Adam Funk wrote: > I'm trying to set up a "cheapo" small-scale mailing list on a > shell/hosting account that uses Exim & where I can set up user filters > ("~/.forward-NAME"). Is it possible to prefix the incoming Subject > header with "[list name]" before running a fe

Re: [exim] Exim4 and Gmail on RPi - Frozen email

2015-08-30 Thread Ian Zimmerman
On 2015-08-28 22:08 +0200, Anon wrote: > I think I have the typical frozen error when sending my emails via > Gmail. But I don't know how to fix that :( Have you followed the link to support.google.com? You should. You may need to set the Gmail option "allow insecure clients". Not the Exim is i

[exim] Pipe transports, environment, and transport_filter

2015-09-07 Thread Ian Zimmerman
For a pipe transport where the "transport_filter" option is specified, are the environment items listed in section 29.4 of the spec, plus the additional items given with the "environment" private option, also in place for the transport_filter program? If not, is there some other way to pass inform

Re: [exim] Pipe transports, environment, and transport_filter

2015-09-07 Thread Ian Zimmerman
On 2015-09-07 16:40 +0100, Jeremy Harris wrote: > The environment isn't particularly secret; see "ps ae" I believe you can only see your own processes' environment this way, at least on GNU/Linux (my platform). A quick test seems to confirm. -- Please *no* private copies of mailing list or ne

Re: [exim] Pipe transports, environment, and transport_filter

2015-09-07 Thread Ian Zimmerman
On 2015-09-07 17:53 +0200, Heiko Schlittermann wrote: > After some experiments: It (transport_filter) doesn't seem to be set up > the same way as the pipe command. The environment is that what Exim got > from the caller. I solved it by making the necessary computation/decision in exim expansions,

[exim] host expansion variable and its friends

2015-09-16 Thread Ian Zimmerman
Does the $host expansion include the port, if present? For instance, if I have # ROUTERS smarthost: driver = manualroute route_list = * mail.example.com::587 domains = ! +local_domains transport = remote_smtp # TRANSPORTS remote_smtp: headers_add = "X-Show-Host: $host" driver = smt

[exim] Remote host foo closed connection in response to initial connection

2015-09-16 Thread Ian Zimmerman
I see this logged quite often (up to half of the time) when I connect to my smarthost, trying to push outgoing mail. Then next time (when I run the queue) it's just fine. What could be going on? This has me running in circles :( P.S. my smarthost is NOT gmail; in fact I have shell access on the

Re: [exim] Remote host foo closed connection in response to initial connection

2015-09-17 Thread Ian Zimmerman
On 2015-09-17 11:46 +0100, Jeremy Harris wrote: > No, just the subject of his original mail Thanks to all who replied or even tried. I have given up on this for now, the maintenance cost of this hack has gone too high. Trying direct to MX for a while, we'll see how that works out, starting with

Re: [exim] Doc Query : listextract

2015-09-17 Thread Ian Zimmerman
On 2015-09-17 18:09 +0100, Always Learning wrote: > (2) If so, then the resulting combined string will be: > x,42,99,Mailer,,/bin/bash > with 6 items including item 5 a null entry. I think this is where your assumptions break down. Rather, the result is 4 items, with the last one containing an

Re: [exim] exim performance delivery

2015-09-21 Thread Ian Zimmerman
On 2015-09-21 20:25 +0200, Alexandre wrote: > Someone would have a solution ? I can only help with the easier part of the solution. Once you know how to limit a _particular transport_ to N connections, write a separate router R and separate transport T (limited as desired) for each domain you ne

Re: [exim] Outbound e-mail

2015-09-21 Thread Ian Zimmerman
On 2015-09-21 16:47 -0600, The Doctor wrote: > Many a customer is complaining their their outbound e-mail is changing > to > > from : user@name-of-oubound-server > > instead of > > from / Reply-to : user @assigneddomain . > > I use authentication on the outbound e-mail. > > How can this be r

Re: [exim] DCC

2015-09-22 Thread Ian Zimmerman
On 2015-09-22 12:00 +0100, Jeremy Harris wrote: > Anyone using DCC? Operational or moribund? > The "official site" links off the Wikipedia article seem dead to me. Lots of folks use it, including as a SpamAssassin plugin. I don't know anyone who uses the Exim support, though. The official site

Re: [exim] Next Exim release

2015-12-04 Thread Ian Zimmerman
On 2015-12-04 12:55 +, Jeremy Harris wrote: > On 30/11/15 22:34, Jeremy Harris wrote: > A quick poll on currently Experimental features: > > Who is using any of > > Events > Redis > Proxy protocol > Socks > Dane > International > DSN-extra Not using redis now, but I will if it goes

Re: [exim] exim4, gmail and 550-5.7.1

2015-12-12 Thread Ian Zimmerman
On 2015-12-12 21:34 -0600, Robert Steinmetz wrote: > How would one implement your suggestion in an Ubuntu/Debian server? > > The git hub link I provided in my original post also seems a valid approach, > but > Again, I'm not sure how to implement it in a Debian/Ubuntu environment. > > Please be

Re: [exim] exim4, gmail and 550-5.7.1

2015-12-13 Thread Ian Zimmerman
On 2015-12-13 09:42 +0100, Marc Haber wrote: >> Maybe, as a first step, you could move from the Debian configuration >> infrastructure for exim to a hand edited configuration file. > Why would one want to do that? In this particular situation, because most and perhaps all answers the OP will get

Re: [exim] exim4, gmail and 550-5.7.1

2015-12-13 Thread Ian Zimmerman
On 2015-12-13 20:58 +, Jasen Betts wrote: > it's not that hard to work within the debian confug tree you just > need to read the debian specific documentation first. As I noted in the other subthread, I am quite familiar with the Debian way. > The reason behind this config splitting is so th

Re: [exim] Preventing outbound reply to address rewrite

2016-01-06 Thread Ian Zimmerman
On 2016-01-06 17:07 +, Ian Eiloart wrote: > Oh, wait. That depends who’s doing the rewriting. I understood The > Doctor to be asking for help with a local configuration. All rewriting > is done in the "rewrite" section Not true stricly speaking, there is return_path on transports. -- Please

Re: [exim] checking for missing PTR custom condition

2017-05-04 Thread Ian Zimmerman
On 2017-05-04 18:04, Andy Smith via Exim-users wrote: > # warn > # condition = ${if !lookup dnsdb{ptr=$sender_address_domain}} condition = ${lookup dnsdb{ptr=$sender_address}{false}{true}} -- Please *no* private Cc: on mailing lists and newsgroups Personal signed mail: please _encrypt_ and sign

Re: [exim] checking for missing PTR custom condition

2017-05-04 Thread Ian Zimmerman
On 2017-05-04 09:39, Ian Zimmerman wrote: > On 2017-05-04 18:04, Andy Smith via Exim-users wrote: > > > # warn > > # condition = ${if !lookup dnsdb{ptr=$sender_address_domain}} > > condition = ${lookup dnsdb{ptr=$sender_address}{false}{true}} That should be sender_host

Re: [exim] Router Conditional Lookup Fails

2017-06-15 Thread Ian Zimmerman
On 2017-06-14 16:01, Patrick Porteous wrote: > I am trying to build a router that filters messages with certain words > in the subject into a spam transport using a words contained in an > external lookup file. I don't want to drop the message but instead > filter it into a specific folder bas

Re: [exim] Segfaults with tidydb

2017-06-15 Thread Ian Zimmerman
On 2017-06-15 09:20, Thomas Reifferscheid wrote: > I'm on Debian jessie with exim 4.84.2 and anything db related is > segfaulting. You could try upgrading (4.89 is in backports). Other than that, is /var/spool/exim4 on a normal local filesystem? -- Please *no* private Cc: on mailing lists and

[exim] Suspect Berkeley DB behavior, does exim have a problem?

2017-06-20 Thread Ian Zimmerman
This was posted to oss-security a few days ago: http://www.openwall.com/lists/oss-security/2017/06/10/1 Exim can use gdbm, cdb etc for most purposes, but the retry hints files seem to be always Berkeley DB. Maybe that should change? -- Please *no* private Cc: on mailing lists and newsgroups Pe

[exim] Yahoo again: now receiving with Exim 4.89 and gnutls

2017-06-22 Thread Ian Zimmerman
I had some major changes to my setup due to the stack whale. Now, receiving from a yahoo user (from a mobile device, I think) results always in this: 2017-06-21 22:23:56 SMTP connection from [66.163.186.85]:34461 (TCP/IP connection count = 1) 2017-06-21 22:23:59 TLS error on connection from soni

Re: [exim] Yahoo again: now receiving with Exim 4.89 and gnutls

2017-06-22 Thread Ian Zimmerman
On 2017-06-22 23:46, Jeremy Harris wrote: > > I had some major changes to my setup due to the stack whale. > > The what? Do I really have to use the (TM) name ? :-) Anyway, had to upgrade from jessie to stretch, and accept more SMTP calls directly instead of through a gateway whose bugs I was a

[exim] DKIM refuses to be turned off

2017-06-25 Thread Ian Zimmerman
I added this to my exim.conf: dkim_verify_signers = I thought it would effectively disable all inbound DKIM processing, but I'm still getting log messages about verification failures. What is it I'm misunderstanding? -- Please *no* private Cc: on mailing lists and newsgroups Personal signed ma

Re: [exim] DKIM refuses to be turned off

2017-06-26 Thread Ian Zimmerman
On 2017-06-26 08:44, Heiko Schlittermann via Exim-users wrote: > According to chapter 57 (Support for DKIM …) the DKIM processing takes > place always, for logging purpose. You may switch it off by > > control = dkim_disable_verify > > in your ACL (preferrably in the RCPT ACL). Why is the R

Re: [exim] Configure EXIM for incoming mail while restricting relay

2017-07-25 Thread Ian Zimmerman
On 2017-07-25 21:55, Tech Gurus via Exim-users wrote: > I have EXIM server "Server1.domainA.com" running as relay, I restrict > relay to hosts defined on *relay_from_hosts* . My company owns 2 old > domains (DomainB.com and DomainC.com) that we need to configure the > EXIM server to receive emails

Re: [exim] Retiring old build targets

2017-08-06 Thread Ian Zimmerman
On 2017-08-06 14:39, Jeremy Harris wrote: > I'd like to start using designated-initialisers, which is a C99 > feature. We've avoided such things up until now, to keep backward > compatability. Does anyone want to take a stance, pro or con? I am like, totally pro :-) > Any other compiler featur

Re: [exim] more dlopen'd facilities

2017-08-06 Thread Ian Zimmerman
On 2017-08-06 18:51, Jeremy Harris wrote: > Actually, most (allegedly) lookups can be built for dynaminc linkage > already. Here's text from the Makefile: > > # If set to "2" instead of "yes" then the corresponding lookup will be > # built as a module and must be installed into LOOKUP_MODULE_DIR

[exim] Code contribution process

2017-08-26 Thread Ian Zimmerman
What is the way to contribute code patches to exim? I see some pull requests on github but they haven't been acted on for a while. I haven't checked git.exim.org but I assume it is read only :) -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the li

[exim] ACL question

2017-08-29 Thread Ian Zimmerman
When a sub-ACL is "called" from another one by means of the "acl =" modifier, are acl_m_* variables settings by the inner ACL visible downstream for checking and expansion? I see some results that make me suspect the contrary. -- Please don't Cc: me privately on mailing lists and Usenet, if you

Re: [exim] ACL question

2017-08-30 Thread Ian Zimmerman
On 2017-08-30 10:14, Jeremy Harris wrote: > You've not been bitten by the documented lifetime of _m_ variables? Very likely, in fact. Thanks for making me re-read the doc ;-) -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. D

Re: [exim] Exim4 skips SpamAssassin if attachments are too big

2017-09-01 Thread Ian Zimmerman
On 2017-09-01 21:49, Paul Lenz wrote: > It seems to me, that using SpamAssassin is like shooting with guns > against flies. I wrote my own SpamAssassin plugin which detects a big > lot of spam, but actually I would be glad if I would not need > SpamAssassin to run my plugin. I would say, 80% of al

Re: [exim] Exim4 skips SpamAssassin if attachments are too big

2017-09-02 Thread Ian Zimmerman
On 2017-09-02 15:02, Paul Lenz wrote: > #!!# ACL that is used after the DATA command > check_message: >deny senders = /etc/exim4/blockeddoms I don't think you can give a straight filename here. You need a lookup: deny senders = lsearch;/etc/exim4/blockeddoms spec reference: section 10.19

[exim] acl_c variables

2017-09-08 Thread Ian Zimmerman
Can I set an acl_c variable in a non-smtp ACL? I want to set a variable for the sole purpose of passing it down to a delivery agent (as an environment string). The information only makes sense for a SMTP received message (and pertains to the connection, so it should be acl_c and not acl_m), but I

Re: [exim] final domains

2017-10-30 Thread Ian Zimmerman
On 2017-10-30 22:12, Angelo Chen via Exim-users wrote: > update-exim4.conf.conf > > where should I place a local domain in the above file? Thanks, debian specific, hence off-topic here. OB-content: In the real exim configuration file, this ends up as the right hand side in the definition doma

Re: [exim] Subject / Topic (T=) encoding in exim mainlog

2017-11-17 Thread Ian Zimmerman
On 15/11/17 14:51, Gryzli Bugbear via Exim-users wrote: > > I'm trying to find what is the encoding that exim uses, when logging > > Topic(T=)/Subject to exim mainlog. > > > > Currently cyrillic subjects are logged to something like this : > > > > \321\201\321\200\320\276\320\272\320\276\320\262

Re: [exim] Again nested LDAP queries...

2017-12-01 Thread Ian Zimmerman
On 2017-12-01 10:11, Jeremy Harris wrote: > > ${listextract{'odd'}{<, > > CN=sir,,OU=Users,,OU=FVG,,DC=ad,,DC=fvg,,DC=lnf,,DC=it}{$value}} > > > > but there's no 'odd' in listextract number field, only a integer... > > What are you trying to achieve? What is this "odd" thing? Sounds like he's

Re: [exim] Some mails are queued, other are sent immediately

2017-12-18 Thread Ian Zimmerman
On 2017-12-18 15:02, Yvan Masson wrote: > Anyway, during tests I noticed that some emails are sent immediately > (what I prefer), while other are queued (introducing useless delay): > - Why this difference ? > - What could I do to avoid the queue ? In the voluminous spec, Chapter 14, look at the

Re: [exim] Configuring unauthorised sender responses

2018-01-11 Thread Ian Zimmerman
On 2018-01-11 14:47, Merlin Hartley wrote: > Honestly I never really looked at ACLs I just use the defaults and > write new routers This seems to be a repeating pattern, maybe due to early Exim adopters (when ACLs didn't exist). Maybe there ought to be a Big Fat warning near the top of the docum

Re: [exim] TLS error in incoming emails from *.outlook.com

2018-02-07 Thread Ian Zimmerman
> 2017-11-27 13:22:55 > TLS error on connection from > mail-oln040092070016.outbound.protection.outlook.com > (EUR03-AM5-obe.outbound.protection.outlook.com) [40.92.70.16] (send): The > specified session has been invalidated for some reason. > 2017-11-27 13:23:46 > 1eJILV-0001Gg-K3 TLS error o

Re: [exim] Spam Filtering / dnslists

2018-02-08 Thread Ian Zimmerman
On 2018-02-08 10:02, Niels Dettenbach via Exim-users wrote: > We do not have any "Spam folder" in users mailboxes as this doenst > saves time for the users. Speaking for myself as a user, this is not the whole story. It's not the total amount of time spent reading (including time wasted on readi

Re: [exim] Change PAM service name

2020-09-17 Thread Ian Zimmerman via Exim-users
On 2020-09-17 07:55, Yves Goergen wrote: > That link would work for PAM, but my custom PAM module sends the > request to a local backend server that does the actual work. And to > distinguish services (it also handles FTP users which come from > another table), it uses the service name. > > OK, s

[exim] GMX is %*^@ [Was: remote MX does not support STARTTLS]

2020-09-23 Thread Ian Zimmerman via Exim-users
On 2020-09-22 18:10, Christian Eyrich wrote: > BTW: Yes, mails from other systems arrive without problems. So that > looks like a general GMX error to me. But GMX is a quite large > provider here in Germany and the problem persists since begin of > September now—shouldn’t somebody have noticed tha

[exim] msg:fail:internal

2020-09-29 Thread Ian Zimmerman via Exim-users
Where can I find a list of possible $event_data values for this event? I realize that the list may not be fixed or guaranteed stable. Just give me a starting point. -- Ian -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please

Re: [exim] msg:fail:internal

2020-09-30 Thread Ian Zimmerman via Exim-users
On 2020-09-30 09:23, Jeremy Harris wrote: > > Where can I find a list of possible $event_data values for this > > event? > > > > I realize that the list may not be fixed or guaranteed stable. Just > > give me a starting point. > > There's no formal list. It's a string intended to give a hint to

Re: [exim] Sieve filter not working properly anymore, how to debug?

2020-10-07 Thread Ian Zimmerman via Exim-users
On 2020-10-07 15:14, Yves Goergen wrote: > I'm setting up a new mail server with Exim and try to get the Sieve > filter working as it does on another server. But it doesn't. And I > don't know why. > > Here's a sieve script for demo@test.local: > > if header :contains ["Subject"] "Newsletter" {

Re: [exim] Help to logical OR two conditions

2020-10-07 Thread Ian Zimmerman via Exim-users
On 2020-10-07 10:33, Victor Sudakov wrote: > > However, look & feel of Exim's API leaves much to be desired... I > > would prefer C/Perl style (without numerous {}), which does not > > require syntax-highlighting editor to be managed even for simple > > expressions. Say, || instead of > >

Re: [exim] Compiling Exim 4.94 with SPF on Ubuntu

2020-10-09 Thread Ian Zimmerman via Exim-users
Have you tried LDFLAGS += -lspf2 This is what the sample Makefile recommends. -- Ian -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] tainted data issues

2020-11-11 Thread Ian Zimmerman via Exim-users
On 2020-11-11 13:16, Jeremy Harris wrote: > > Semi-radical: provide an ACL, router, and transport modifier that > > checks some variable or content for dangerous contents > We have that. All data provided by an untrusted source, described > as "tainted" for a shorthand. I will not argue with th

Re: [exim] tainted data issues

2020-11-12 Thread Ian Zimmerman via Exim-users
On 2020-11-11 18:14, Jeremy Harris wrote: > > I will not argue with the rest of your post, but it is not a _modifier_ > > if it is always on. > > Ah. Would an expansion condition be sufficient? So you could write > > ${if tainted{my_suspect_expansion} {expand_this} {expand_that}} > > That

Re: [exim] dkim permissions

2020-11-23 Thread Ian Zimmerman via Exim-users
On 2020-11-18 10:25, James Strother wrote: > I'm getting errors when I try to send outgoing emails that I don't > have permission to access the dkim private key. If I set the key to be > world-readable, then everything works perfectly. Setting the file to > be world-readable is okay temporarily (t

[exim] TLS authentication

2023-02-15 Thread Ian Zimmerman via Exim-users
The Spec discusses this in chapter 42. However, it depends on general certificate verification, which is discussed in 43.7, and so on the tls_verify_certificates main configuration item. Reading the documentaion for that, The value of this option is expanded, and must then be either the word

Re: [exim] TLS authentication

2023-02-16 Thread Ian Zimmerman via Exim-users
On Thu, Feb 16, 2023 at 09:29:20AM -0500, Viktor Dukhovni via Exim-users wrote: > On the other hand, much better to simply maintain an explicit table of > trusted client public keys and match these (by SHA256 fingerprint > perhaps). Use a lookup table to check whether the client is authorised > or

Re: [exim] TLS error in incoming emails from *.outlook.com

2018-02-12 Thread Ian Zimmerman via Exim-users
On 2018-02-13 02:21, Andreas Bauer via Exim-users wrote: > First, thanks to everyone contributing and sorry I did not have time > to more deeply troubleshoot the SSL issue. > My previous assesment was wrong: even when exim was compiled with > OpenSSL instead of GnuTLS the error did occur, albeit

[exim] [META/OT] DKIM sender rewriting [Was: TLS error in incoming emails from *.outlook.com]

2018-02-12 Thread Ian Zimmerman via Exim-users
I note with horror that now I am also a 'via Exim-users' despite intentionally NOT using DKIM for list messages, including this one. Why? Is the rewriting now done regardless? -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To

Re: [exim] TLS error in incoming emails from *.outlook.com

2018-02-12 Thread Ian Zimmerman via Exim-users
On 2018-02-12 22:50, Viktor Dukhovni via Exim-users wrote: > > My server runs in a KVM. Doesn't that rule out hardware TCP > > offloading as the culprit? > > No, it rather makes the problem more likely. Virtual machines are > often behind NAT, which can be incompatible with TCP offload, and > t

Re: [exim] TLS error in incoming emails from *.outlook.com

2018-02-16 Thread Ian Zimmerman via Exim-users
On 2018-02-12 20:57, Ian Zimmerman via Exim-users wrote: > Ok, it was on, I disabled it. We'll see soon enough if your > hypothesis is right :-) No change :-( But in my case, all the messages actually make it through. Also, I checked my old logfiles, and this was the case even

Re: [exim] Local / Non SMTP Connections Bypassing ACLs

2018-03-01 Thread Ian Zimmerman via Exim-users
On 2018-03-01 17:23, Brian Spraker wrote: > I realize I may need to provide my ACLs for this question - but I have > seen where emails are being sent from the server (from websites) and > they are not going through any of the checks. acl_not_smtp -- Please don't Cc: me privately on mailing list

Re: [exim] Local / Non SMTP Connections Bypassing ACLs

2018-03-01 Thread Ian Zimmerman via Exim-users
On 2018-03-01 19:51, Brian Spraker wrote: >> acl_not_smtp > I can use the typical SpamAssassin checks in here without needing exiscan? The spec says: (Section 43.3) The acl_not_smtp ACL is run just before the local_scan() function. I take that to mean that you can do anything there that you c

Re: [exim] Local / Non SMTP Connections Bypassing ACLs

2018-03-01 Thread Ian Zimmerman via Exim-users
On 2018-03-01 21:55, Brian Spraker wrote: > Went through and had to do quite a bit of removal of some ACLs for > that to work. the acl_not_smtp cannot check for authentication > (duh..), cannot check receipients (which is odd?), and can't check for > invalid local_parts (which is odd?). How did y

[exim] Temporary reject when random sender verification should succeed

2018-05-30 Thread Ian Zimmerman via Exim-users
I just turned on callout sender verify with the random option. Strangely, the first (and only the first) connect from many domains after that is temporarily rejected, although the callout seems to succeed with a 250 status code. The log lines look like this: 2018-05-29 12:25:26 acl_check_connect:

Re: [exim] Temporary reject when random sender verification should succeed

2018-06-07 Thread Ian Zimmerman via Exim-users
On 2018-05-30 09:16, Ian Zimmerman wrote: > 2018-05-29 12:25:40 H=haskell.org [23.253.242.70]:51176 sender verify > defer for : Could not complete > sender verify callout: mail.haskell.org [23.253.242.70] : > response to "RCPT TO:" was: 250 > 2.1.5 Ok > 2018-

Re: [exim] Temporary reject when random sender verification should succeed

2018-06-07 Thread Ian Zimmerman via Exim-users
On 2018-06-07 16:44, Jeremy Harris wrote: > >> 2018-05-29 12:25:40 H=haskell.org [23.253.242.70]:51176 sender verify > >> defer for : Could not complete > >> sender verify callout: mail.haskell.org [23.253.242.70] : > >> response to "RCPT TO:" was: 250 > >> 2.1.5 Ok > >> 2018-05-29 12:25:40 H=ha

[exim] No debug info but stay in foreground, how?

2018-06-07 Thread Ian Zimmerman via Exim-users
It seems the only way to make exim with the -bd option _not_ become a daemon, and _not_ disconnect from the controlling terminal, is to also give it a -d option. I need the foreground behavior to run exim under the supervisor daemon, but I don't care for the verbose debugging output. How can I li

Re: [exim] No debug info but stay in foreground, how?

2018-06-07 Thread Ian Zimmerman via Exim-users
On 2018-06-08 08:02, Heiko Schlittermann wrote: > exim -bdf Thanks, I knew there was a specific option for that! I just forgot what it was. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Use

Re: [exim] Temporary reject when random sender verification should succeed

2018-06-08 Thread Ian Zimmerman via Exim-users
On 2018-06-08 18:34, Heiko Schlittermann wrote: > > > >> 2018-05-29 12:25:40 H=haskell.org [23.253.242.70]:51176 sender verify > > > >> defer for : Could not complete > > > >> sender verify callout: mail.haskell.org [23.253.242.70] : > > > >> response to "RCPT TO:" was: > > > >> 250 2.1.5 Ok > >

[exim] odd DKIM verify failure

2018-07-14 Thread Ian Zimmerman via Exim-users
A rare piece of spam was able to get through my exim based defenses. It was DKIM signed, and the log entry when it was received looks like this: 2018-07-13 15:46:16 1fe6pM-0007WY-7X PDKIM: d=wallstreetinsider.org s=mail [failed key import] 2018-07-13 15:46:16 1fe6pM-0007WY-7X <= i...@wallstreeti

Re: [exim] odd DKIM verify failure

2018-07-15 Thread Ian Zimmerman via Exim-users
On 2018-07-15 09:30, Jeremy Harris wrote: > You don't say what Exim version, and it may matter. Sorry about that, it's 4.91 > Look for $dkim_verify_status in the docs; it should be available in > the data ACL. The doc paragraph mentioning this variable and its friends starts: "Inside the acl

Re: [exim] exim mail outage

2018-07-19 Thread Ian Zimmerman via Exim-users
On 2018-07-19 13:27, Phil Pennock wrote: > I seriously messed up and didn't test enough scenarios when making a > change to Exim configs for exim.org on Tuesday. I then spent > yesterday heads-down on work and didn't see Jeremy's report to me. > > I broke things such that sender verification fai

[exim] Build fails with Events disabled

2018-07-20 Thread Ian Zimmerman via Exim-users
After reading the chapter on events in the Spec, I thought it was too hairy even for my baroque taste, so I tried to compile without it. I got this: smtp.c:1626:34: error: ‘transport_instance {aka struct transport_instance}’ has no member named ‘event_action’ (void) event_raise(sx->tblo

[exim] acl expansion

2018-07-20 Thread Ian Zimmerman via Exim-users
In the ${acl {FOO}} construction, does (the expansion of) FOO have to be strictly an ACL name, or is an algorithm like the one in acl_smtp_rcpt = FOO followed? In particular can FOO expand to "/etc/exim/foo.acl" ? If it's not possible now, would a feature request (or a patch) be accepted? -- Pl

Re: [exim] DKIM signing options - specially list of headers

2018-08-17 Thread Ian Zimmerman via Exim-users
On 2018-07-31 09:47, Sebastian Arcus wrote: > I post messages from time to time to Spamassassin mailing list, and > several members have been complaining about my DKIM setup - they say > they can't receive my emails because of it. Specifically, the > complaint is that my Exim signs the List-* head

Re: [exim] exim4 only queues mails sent by systemd service

2018-10-16 Thread Ian Zimmerman via Exim-users
On 2018-10-16 15:40, Graeme Fowler via Exim-users wrote: > > I agreed that systemd should allow exim to work on current rules. But I > > don know how can I argue to Lennart Poettering to change his mind. > > You can't :) > > What you've shown us is (in my opinion) an incredibly niche case which

Re: [exim] Vacation mail does not work if mail is forwarded to mailbox

2018-10-27 Thread Ian Zimmerman via Exim-users
On 2018-10-26 15:37, Mauritz Swanepoel via Exim-users wrote: > # LOGS FROM EXIM WHERE THE MAIL WAS FORWARDED TO THE VACATION MAILBOX (BUT > FROM SAME ACCOUNT) > > 2018-10-26 15:27:41 1gG29N-0007ZG-1F DKIM: d=*** s=default c=relaxed/relaxed > a=rsa-sha256 b=2048 [verification succeeded] > > 2018-

[exim] MIME madness

2018-10-28 Thread Ian Zimmerman via Exim-users
Does Exim ever change messages with respect to the MIME encoding of parts, if the MIME ACL is not used? That is, can it take an encoded message, take it apart, and re-encode it (possibly changing the message's bit representation)? The context is the link below and down the thread from there. I h

Re: [exim] MIME madness

2018-10-28 Thread Ian Zimmerman via Exim-users
On 2018-10-28 17:48, Jeremy Harris wrote: > > Does Exim ever change messages with respect to the MIME encoding of > > parts, if the MIME ACL is not used? That is, can it take an encoded > > message, take it apart, and re-encode it (possibly changing the > > message's bit representation)? > > I d

[exim] running an external program on messages data

2018-11-11 Thread Ian Zimmerman via Exim-users
I am very much afraid that this is a FAQ, and in fact I may have asked it myself once. Please forgive me, my memory definitely isn't what it used to be. What is the recommended/canonical way to run an arbitrary external process on a mail that is being processed and capture the output of the proce

Re: [exim] running an external program on messages data

2018-11-11 Thread Ian Zimmerman via Exim-users
On 2018-11-11 17:49, Jeremy Harris wrote: > > What is the recommended/canonical way to run an arbitrary external > > process on a mail that is being processed and capture the output of > > the process so it can be used for expansion? > > The malware ACL condition, with your choice of scanner type

Re: [exim] running an external program on messages data

2018-11-11 Thread Ian Zimmerman via Exim-users
On 2018-11-11 19:22, Jeremy Harris wrote: > >> The malware ACL condition, with your choice of scanner type "sock" > >> or "cmdline". > > > > Yea, I thought about that too. Feels like the cleanest solution, > > but ... it is too early. I need to delay the program until delivery > > time. > > Th

[exim] Time values in config file

2018-11-16 Thread Ian Zimmerman via Exim-users
Apparently they are not expanded. Is there a good reason? I just had a case where it would have been convenient, although I quickly found a work around. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only

  1   2   >