RE: 3 Message with wrong 2036 date
Hello Edwin, can you show me the headers for these emails? In Tim's case it turned out there were some bogus Date: headers, and we managed to fix it with a manual sphinx update. Janos On 2016-02-18 17:17, Nichols, Edwin (BeneFACT) wrote: Strangely, I have the same issue with 8 emails. The emails themselves show a date of 2010, but the Piler interface shows them as being from 2036. There may be a bug? EDWIN NICHOLS | _Director – IT & Operations_ ' 416-360-SRED (7733) ext.161 ' Vancouver: 604-628-9870 ' Calgary: 403-775-7565 ' Toll Free: 1-855-TAX-BACK (829-2225) , 647-689-3127 * edwin.nich...@benefact.ca 8 WWW.BENEFACT.CA [1] P PLEASE CONSIDER THE ENVIRONMENT BEFORE PRINTING THIS EMAIL - Privacy Disclaimer - Français à suivre This e-mail message (including attachments, if any) is intended for the use of the individual or entity to which it is addressed and may contain information that is privileged, proprietary, confidential. If you are not the intended recipient, you are notified that any dissemination, distribution, or copy of this communication is strictly prohibited. If you have received this communication in error, please notify the sender and erase this e-mail message immediately. Déclaration de confidentialité Le présent courrier électronique (y compris les pièces qui y sont annexées, le cas échéant) s'adresse au destinataire indiqué et peut contenir des renseignements de caractère privé ou confidentiel. Si vous n'êtes pas le destinataire de ce document, nous vous signalons qu'il est strictement interdit de le diffuser, de le distribuer ou de le reproduire. Si ce message vous a été transmis par erreur, veuillez en informer l'expéditeur et le supprimer immédiatement. FROM: Tim Stumbo [mailto:timstu...@gmail.com] SENT: Thursday, February 18, 2016 9:45 AM TO: piler-user@list.acts.hu SUBJECT: 3 Message with wrong 2036 date I have 3 messages that always appear at the top of the search field due to them having an incorrect date. The year on the messages is 2036. I would like to either delete these 3 e-mails or fix the index for them with the corrected date. Could someone help me with this issue? Thanks Links: -- [1] http://www.benefact.ca/
Re: Too Many Duplicate Messages With " message-id: null "
On 2016-02-29 12:06, Mahmoud Ramadan wrote: Hi dears I'm getting too many duplicated messages on Piler and by checking my logs i found that the messages are received by Piler without message ID (null) so Piler discards them. Is there is any way to force Piler to accept duplicated messages and skip message ID checking ?! Thanks in advance. set archive_emails_not_having_message_id=1 in piler.conf, then reload piler. Janos
Re: Some Piler Messages are displayed with " Message Failed Verification ".
On 2016-02-29 13:37, Mahmoud Ramadan wrote: Update: I noticed something weird ! When i changed the Piler contact settings in Exchange to enable " Use MAPI rich text format" then all please don't, as it forces exchange to transform the email, and this practice may contradict with some regulations. the messages received in rich text format are label as " Message is Verified " BUT off course can NOT be displayed well as Piler does NOT support archiving E-Mail in rich text format. actually, piler can process rtf attachments by using unrtf. And when i switch the setting again to disable " Use MAPI rich text format" , the archived messages can be displayed fine BUT with " Message Failed Verification ". I'd like to get a complete non sensitive email. Select a message, click on the download link, and let me see it. Also please confirm that you have upgraded the gui as well. Janos
SECURITY ALERT: the drown attack
Dear piler-users, you probably have heard about the drown attack against (see https://drownattack.com/ for more) tls/ssl. In a nutshell it targets services (http, smtp, imap, pop3, etc) allowing ssl v2 connections as well. Piler 1.1.1 uses TLSv1_client_method() and TLSv1_server_method() respectively. According to the openssl manual they force piler to understand only the TLSv1 protocol, so piler 1.1.1 should be safe. However piler 1.1.0 (and older versions) uses SSLv3_client_method() and SSLv23_server_method(). It means that pilerimport is safe from the drown attack, since it doesn't understand SSL v2. However the piler daemon (which understands SSL v2 as well) is vulnerable to the drown attack. Solution: upgrade to 1.1.1 Workaround: none. You may mitigate the issue if you have <= 1.1.0 if you allow connections only from trusted smtp clients. Janos
