Re: Re: exim or postfix
Op ma, 03-01-2005 te 17:28 -0300, schreef Ing. Jorge Escudero: > What POP or IMAP or Web mail Server use to exim on Debian? I'm not entirely sure I understand your question correctly. Do you mean "What POP or IMAP daemon can I use with exim on Debian?" or rather, "Is there a Web mail client I can use with a POP or IMAP server and exim on Debian?" If the first is what you're asking: Personally, I prefer IMAP; if you do as well, then have a look at dovecot or courier-imapd. I'm not too familiar with POP, so can't help you there. If the second is what you're asking, then you have quite a number of options. Most webmail thingies support IMAP and /any/ MTA, including exim; in fact, I have yet to see the first one that does not. In that area, my preference goes out to IMP, but of course you must make your own choices. Regards, -- EARTH smog | bricks AIR -- mud -- FIRE soda water | tequila WATER -- with thanks to fortune -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Re: exim or postfix
What POP or IMAP or Web mail Server use to exim on Debian? thanks you -- Ing. Jorge Escudero Seguridad Informática Unidad de Información Financiera Ministerio de Justicia Cerrito 264, 3er. piso 1010 - Capital Federal TE 4384-5981 int. 327 http://www.uif.gov.ar/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On Fri, Nov 12, 2004 at 05:47:17PM +1100, Craig Sanders wrote: > On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: > i like the way it works. makes it easy to model the flow of mail from > component to component. On the other hand, it introduces complexity into the system. It's a lot easier for me to write a plug-in for an Exiscan-acl filter (I could just accept a message on stdin and indicate my desires by an exit code, or my output, or whatever) than to write one for Postfix. For Postfix, I have to be a daemon, and one that speaks SMTP as both a client and a server at that. > btw, if setting up a chain of filters, you don't need to loop it through > postfix > each time. True. > > The only featureful free software filtering system for Postfix that I've > > seen in Amavis. And it sucks too. Slow, unreliable, a huge memory hog, > > leaves files all over on the disk, etc, etc, etc. > > again, i like it (amavisd-new, that is). it is a bit of a memory hog (SA is > *much* worse), but it's not unreliable and it doesn't leave files all over the > place, it uses /var/lib/amavis and cleans up after itself. speedwise, it's > not I've had a lot of trouble with Amavis. And BTW, when I say Amavis, I am speaking about amavis, amavis-new, or amavis-ng collectively. I had to write a little cron job for my server that goes and cleans up the files it leaves behind from virus scanning. If the Internet is down, the whole thing freaks out. Amavis will sit there waiting for spamassassin to do its thing. Postfix will time out, and keep trying to call Amavis later. Meanwhile, Amavis will finally deliver the message (or not). Lots of duplication. I've also had a lot of trouble on upgrades to Amavis related to Perl versions and the like. It's had some serious "silently drops all mail" type bugs before. I will grant that once it starts up and is working OK, it doesn't crash. > too shabby - insignificant time overhead compared to the time taken by SA or > even clamav. > > > That said, exiscan-acl is a lot faster than postfix+amavis on my system. > > Maybe it's because it uses about 500k of memory with a C program instead > > of 40MB of memory wiht a Perl program, or because it doesn't have to > > incorporate a full SMTP server, dunnno. > > if you use SA with it, though, it still ends up using that 40MB per process. root 262 0.0 2.0 25604 3900 ?Ss 06:22 0:03 /usr/sbin/spamd -c -m 10 -d --pidfile=/var/run/spamd.pid 3.9MB here :-) > the nice thing about amavis is that you tell it to pre-fork as many processes > as you think you'll need (adjust according to empirical observation) and you > avoid > the overhead of starting up perl and compiling SA for every message. > > dunno if exiscan-acl does something like that - i'd guess that it does because > it is an obvious optimisation. either way, whether pre-forked or not, each SA > process uses that much memory, and takes the same amount of time to run all > it's checks. Exiscan prefers to operate by communicating with spamd and clamd daemons. That way, you get all those benefits, but exiscan itself doesn't have to embed a large Perl program in its process. > i could probably get away with having SA checks during the SMTP stage. but I > agree with Wietse's attitude that a system that only works some of the time is > fundamentally broken. by doing content-filtering later and DISCARDing > messages > with scores over 13.0, i get pretty close to the same benefit without any of > the risk. Yeah, I could see that. OTOH, observation has shown that, under even high load, I can spam and virus check every message in about 2 seconds. Plus, I have Exim configured to queue only once my load exceeds 2.5 (meaning that incoming messages are scanned, then queued for the next queue run, rather than being delivered immediately), which means that load never gets much above that. (Mail is really the only thing on my server that generates load) [ snip ] > > >4779 User unknown > > > > I am stunned at how many attempts I get to send mail to non-existant > > accounts, too. > > spammers sell their lists based on the number of addresses. they don't care > if > the addresses they are selling actually exist. One theory I had for my situation is that I just turned off my backup MX. If they really were always targeting it, it would have accepted every message, so they would have thought every address was a real one. However, you seem to have blown that theory. :-) -- John -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On Fri, Nov 12, 2004 at 10:09:36AM +0100, Adrian 'Dagurashibanipal' von Bidder wrote: > On Friday 12 November 2004 07.47, Craig Sanders wrote: > > On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: > > > > > 4 ETRN > > > > > > Weird, people are just sending ETRN commands to you? > > me too. One is a mail server of a respected company that is apparently > misconfigured, and has been for a few years. I've written the postmaster, > I've written the IP block owners etc. - they just don't care. > > I probably should flood them with bogus email when they call in next time, > perhaps that would make them pay attention... :-] i just ignore it, same as i ignore all the probe attempts on various ports. they're annoying, and i wish they wouldn't happen, and i have to take steps to protect my systems against them, but they happen far too often to get too upset about them. block it, log it, and move on. > > > > 26 RBL Dynablock.njabl.org > > > > > > My own static DSL IP is on this one. Lots of people have legit reasons >^^ > > > for not using their ISP's sucky, crappy mail servers. > > > viruses that come from dynamic IPs. > ^^^ > > Craig, you seen that? sorry, i didn't notice that first time around. thanks for pointing it out. > Dynablock seems to include some static IPs. IIRC, dynablock notes that this can happen on their web site. they say it's typically because the ISP concerned does something like: 1. allocates static IPs from the same pool as dynamic IPs 2. has reverse DNS entries that imply dynamic IP 3. maybe some other similar reasons, i forget... unfortunately, there's nothing the end-user can do to resolve this. the only people they will listen to for requests to remove such possibly-bogus dynamic listings are the owner(s) of the netblock (i.e. the ISP). presumably that is because spammers are not above lying if it suits them and have no qualms about claiming that they are a legit mail operator on a really, truly, honest-i-tell-you static IP. possibly also because it's a way to encourage slack-arse ISPs to adopt better practices. personally, i'm inclined to still use dynamic blocks even with these errors, and add whitelist entries to my rbl_override map if and when i need to. > (I guess John is at one of those ISPs who mix static IPs and dynamic IPs in > the same IP range, or at least use the same xxx.dsl... reverse DNS.) possibly. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On Friday 12 November 2004 07.47, Craig Sanders wrote: > On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: > > > 4 ETRN > > > > Weird, people are just sending ETRN commands to you? me too. One is a mail server of a respected company that is apparently misconfigured, and has been for a few years. I've written the postmaster, I've written the IP block owners etc. - they just don't care. I probably should flood them with bogus email when they call in next time, perhaps that would make them pay attention... :-] > > > 26 RBL Dynablock.njabl.org > > > > My own static DSL IP is on this one. Lots of people have legit reasons ^^ > > for not using their ISP's sucky, crappy mail servers. > viruses that come from dynamic IPs. ^^^ Craig, you seen that? Dynablock seems to include some static IPs. (I guess John is at one of those ISPs who mix static IPs and dynamic IPs in the same IP range, or at least use the same xxx.dsl... reverse DNS.) > > >4779 User unknown > > > > I am stunned at how many attempts I get to send mail to non-existant > > accounts, too. 40% former usenet accounts, 40% message-Ids, 20% things like [EMAIL PROTECTED] or so; I guess mostly it's from web harvesters that extract email addresses from mailing list archives etc. but are buggy (or try to guess antispam-protected mailadresses.) greetings -- vbi -- Oops -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
also sprach John Goerzen <[EMAIL PROTECTED]> [2004.11.12.0612 +0100]: > And I get many legitimate e-mails with a bad HELO. In fact, > I would argue that your rule here is wrong. If I send you an > e-mail from my laptop, it is not going to send you an address of > a server that can receive mail (or has a DNS entry) in HELO, but > everything else will be valid, and I argue that this is OK. If you send me mail from your laptop without going via a proper relay, I will reject it too. Use your ISP mail relays! If the suck, switch ISPs. If that's not possible, pool with others and run a proper MTA. Or convince me (or others here) that you need a proper relay, and we'll give you SASL access. Or get a gmx.net account. Mail was not supposed to be sent from leaf nodes. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Re: exim or postfix
On Fri, Nov 12, 2004 at 05:12:34AM +, John Goerzen wrote: > > 2. postfix does support filtering during the SMTP transaction. the > > difference > > is that the postfix author tells you up front that it is inherently > > problematic > > (for *ANY* MTA, not just postfix) because of the potential for SMTP > > timeouts if > > Yes, it does now (I realized that one last week), but its whole > filtering support sucks. (Having to set up a SMTP server and client for > every filter is just nasty.) i like the way it works. makes it easy to model the flow of mail from component to component. btw, if setting up a chain of filters, you don't need to loop it through postfix each time. i.e. don't do this: postfix -> filter1 -> postfix -> filter2 -> postfix -> filter3 -> postfix do this instead: postfix -> filter1 -> filter2 -> filter3 -> postfix. > The only featureful free software filtering system for Postfix that I've > seen in Amavis. And it sucks too. Slow, unreliable, a huge memory hog, > leaves files all over on the disk, etc, etc, etc. again, i like it (amavisd-new, that is). it is a bit of a memory hog (SA is *much* worse), but it's not unreliable and it doesn't leave files all over the place, it uses /var/lib/amavis and cleans up after itself. speedwise, it's not too shabby - insignificant time overhead compared to the time taken by SA or even clamav. > That said, exiscan-acl is a lot faster than postfix+amavis on my system. > Maybe it's because it uses about 500k of memory with a C program instead > of 40MB of memory wiht a Perl program, or because it doesn't have to > incorporate a full SMTP server, dunnno. if you use SA with it, though, it still ends up using that 40MB per process. (mine uses about 55MB, but i have thousands of local rules, scoring spam domains and spam phrases etcgenerated from the same text files i use to generate my junk map, body checks, header checks, etc. my anti-spam system has evolved over the years - as new anti-spam technologies come along, i check them out and incorporate the useful ones into my system) the nice thing about amavis is that you tell it to pre-fork as many processes as you think you'll need (adjust according to empirical observation) and you avoid the overhead of starting up perl and compiling SA for every message. dunno if exiscan-acl does something like that - i'd guess that it does because it is an obvious optimisation. either way, whether pre-forked or not, each SA process uses that much memory, and takes the same amount of time to run all it's checks. i could probably get away with having SA checks during the SMTP stage. but I agree with Wietse's attitude that a system that only works some of the time is fundamentally broken. by doing content-filtering later and DISCARDing messages with scores over 13.0, i get pretty close to the same benefit without any of the risk. (it used to be 15.0 until recently, but i started getting quite a few nigerian type spams in my tagged SPAM folder, at least one per day, with scores of 13.1 and 14.6 and so on, so i lowered the discard score to 13) > > e.g. my spam-stats.pl report for last week (this is for a little home mail > > server with about half a dozen users): > > That is very interesting. However, you apparently have the luxury of a > great number of false positives. That is very nice, but it is not a > luxury I have. no, i have very few false-positives. whenever i've grepped for "reject:" in the logs and examined them in detail, i've rarely (never that i can recall, but i'm probably forgetting some) ever found any false positives. the rejects really are all spam. > > ganesh:/etc/postfix# spam-stats.pl /var/log/mail.log.0 > > 2 RBL bogusmx.rfc-ignorant.org > > 4 Unwanted Virus Notification > > 4 ETRN > > Weird, people are just sending ETRN commands to you? yep. happens a few times every week. i have no idea whymaybe they're probing me for some vulnerability in some ancient version of sendmail or something. > > 15 RBL taiwan.blackholes.us > > I assume you are blocking an en *entire country* here? yep. i don't know anyone in taiwan, and if anyone there *really* needs to communicate with me they can use yahoo or hotmail or something. if it matters to them, they'll find a waynot my problem, i don't care. of course, this is my HOME mail server. i don't use any of the blackholes.us RBLs at work. there, i have to be a lot more conservative about spam blocking. > > 26 RBL Dynablock.njabl.org > > My own static DSL IP is on this one. Lots of people have legit reasons > for not using their ISP's sucky, crappy mail servers. fair enough, they may have legit reasons, but i don't need the potential for receiving mail from them more than i need to block the spam and viruses that come from dynamic IPs. it's not difficult or expensive (it can even be free if you have the right contacts) to arrange to relay your
Re: exim or postfix
On Thu, Nov 11, 2004 at 05:12:10PM -0500, Mark Bucciarelli wrote: > On Thursday 11 November 2004 17:04, Craig Sanders wrote: > > > 22256 Bad HELO > > wow. most of them being spammers trying to use my IP address or a bogus domain name in the HELO/EHLO string. and most of them from Korea. most of them were also to non-existent recipients (it's just that the HELO check rules were triggered first) - i expect i pissed off a few spammers over the last 10 years or so that i've had my domain, and they've retaliated by adding many thousands of bogus @taz.net.au addresses to their spam lists, which get swapped with or sold to other spammers. once an address gets on a spam list, it never gets off, it just gets added to more and more spam lists. regardless of whether it exists, or even whether it ever existed. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On 2004-11-11, Craig Sanders <[EMAIL PROTECTED]> wrote: > On Thu, Nov 11, 2004 at 09:25:52PM +, John Goerzen wrote: > a few comments, though: > > 1. "synchronization detection" - postfix has done this for years, except that > it's called "reject_unauth_pipelining". you enable it as one of the > smtpd_*_restrictions. Thanks. I was not aware of that. > 2. postfix does support filtering during the SMTP transaction. the difference > is that the postfix author tells you up front that it is inherently > problematic > (for *ANY* MTA, not just postfix) because of the potential for SMTP timeouts > if Yes, it does now (I realized that one last week), but its whole filtering support sucks. (Having to set up a SMTP server and client for every filter is just nasty.) The only featureful free software filtering system for Postfix that I've seen in Amavis. And it sucks too. Slow, unreliable, a huge memory hog, leaves files all over on the disk, etc, etc, etc. > the filter takes too long to run (SpamAssassin, for example, could take ages > to > complete regardless of whether it's run from exim or postfix...especially if > it's doing DNSRBL and other remote lookups), and he recommends that you don't > do it. > > other MTAs blithely ignore the potential problem and tell you to go ahead and > do it. No, you're quite right, and I have seen all those warnings. That said, exiscan-acl is a lot faster than postfix+amavis on my system. Maybe it's because it uses about 500k of memory with a C program instead of 40MB of memory wiht a Perl program, or because it doesn't have to incorporate a full SMTP server, dunnno. > e.g. my spam-stats.pl report for last week (this is for a little home mail > server with about half a dozen users): That is very interesting. However, you apparently have the luxury of a great number of false positives. That is very nice, but it is not a luxury I have. > ganesh:/etc/postfix# spam-stats.pl /var/log/mail.log.0 > 2 RBL bogusmx.rfc-ignorant.org > 4 Unwanted Virus Notification > 4 ETRN Weird, people are just sending ETRN commands to you? > 6 body checks (VIRUS) > 12 header checks (VIRUS) > 15 RBL taiwan.blackholes.us I assume you are blocking an en *entire country* here? > 26 RBL Dynablock.njabl.org My own static DSL IP is on this one. Lots of people have legit reasons for not using their ISP's sucky, crappy mail servers. > 28 RBL hongkong.blackholes.us > 39 RBL brazil.blackholes.us I have to talk to people in this country, too. > 76 Local access rule: Helo command rejected > 114 Relay access denied > 145 SpamAssassin score far too high > 148 body checks (Spam) > 163 Local address forgery > 200 strict 7-bit headers > 202 RBL dul.dnsbl.sorbs.net Ditto on this one. > 212 RBL sbl-xbl.spamhaus.org I catch a LOT of spammers with that one, and very little, if any, collateral damage. > 253 header checks (Spam) > 288 Need FQDN address > 297 Recipient Domain Not Found > 429 RBL list.dsbl.org > 517 Local access rule: Client host rejected > 687 Greylisted delivery attempt > 717 Dynamic IP Trespass >1361 RBL cn-kr.blackholes.us Have to talk to Chinese people too... >1463 Sender Domain Not Found >4779 User unknown I am stunned at how many attempts I get to send mail to non-existant accounts, too. >6422 Recipient address rejected >6970 Local access rule: Sender address rejected > 22256 Bad HELO And I get many legitimate e-mails with a bad HELO. In fact, I would argue that your rule here is wrong. If I send you an e-mail from my laptop, it is not going to send you an address of a server that can receive mail (or has a DNS entry) in HELO, but everything else will be valid, and I argue that this is OK. Anyway, thanks for the info. It's always interesting to see what other people are doing. And now I know where not to mail you from. :-) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
Hi Craig, > 2. postfix does support filtering during the SMTP transaction. the difference > is that the postfix author tells you up front that it is inherently > problematic > (for *ANY* MTA, not just postfix) because of the potential for SMTP timeouts > if > the filter takes too long to run (SpamAssassin, for example, could take ages > to > complete regardless of whether it's run from exim or postfix...especially if > it's doing DNSRBL and other remote lookups), and he recommends that you don't > do it. > > other MTAs blithely ignore the potential problem and tell you to go ahead and > do it. well, sa-exim does have timeouts for that and will just hard terminate the process if that's hit. So the point isn't fully valid as is. -(snip)- > i manage to avoid the problem by having good anti-spam/anti-virus rules (and a > huge junk map and set of body_checks & header_checks rules) that it rejects > about 99% of all spam during the SMTP session. very little makes it through > them to be scanned with amavsid-new/spamasssassin/clamav. still, i sometimes > think it would be nice to run SA at the SMTP stage. -(snip)- would it be possible to get the config sniplets of your server config as it seems to be pretty efficient...? Just as a reference like the exim4 config posted back in the other thread or this one. Thanks! -- Best regards, Kilian signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: exim or postfix
On Thursday 11 November 2004 17:04, Craig Sanders wrote: > 22256 Bad HELO wow. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On Thu, Nov 11, 2004 at 09:25:52PM +, John Goerzen wrote: > I just switched from Postfix to Exim. I am now a big fan of Exim. > > http://changelog.complete.org/articles/2004/11/08/latest-experiment-exim/ > http://changelog.complete.org/articles/2004/11/11/exim-transition-successful/ glad to hear it worked for you. a few comments, though: 1. "synchronization detection" - postfix has done this for years, except that it's called "reject_unauth_pipelining". you enable it as one of the smtpd_*_restrictions. 2. postfix does support filtering during the SMTP transaction. the difference is that the postfix author tells you up front that it is inherently problematic (for *ANY* MTA, not just postfix) because of the potential for SMTP timeouts if the filter takes too long to run (SpamAssassin, for example, could take ages to complete regardless of whether it's run from exim or postfix...especially if it's doing DNSRBL and other remote lookups), and he recommends that you don't do it. other MTAs blithely ignore the potential problem and tell you to go ahead and do it. that said, though, exiscan-acl sounds cool. on a light to moderately loaded server, it's probably not a huge problem. i manage to avoid the problem by having good anti-spam/anti-virus rules (and a huge junk map and set of body_checks & header_checks rules) that it rejects about 99% of all spam during the SMTP session. very little makes it through them to be scanned with amavsid-new/spamasssassin/clamav. still, i sometimes think it would be nice to run SA at the SMTP stage. e.g. my spam-stats.pl report for last week (this is for a little home mail server with about half a dozen users): ganesh:/etc/postfix# spam-stats.pl /var/log/mail.log.0 2 RBL bogusmx.rfc-ignorant.org 4 Unwanted Virus Notification 4 ETRN 6 body checks (VIRUS) 12 header checks (VIRUS) 15 RBL taiwan.blackholes.us 26 RBL Dynablock.njabl.org 28 RBL hongkong.blackholes.us 39 RBL brazil.blackholes.us 76 Local access rule: Helo command rejected 114 Relay access denied 145 SpamAssassin score far too high 148 body checks (Spam) 163 Local address forgery 200 strict 7-bit headers 202 RBL dul.dnsbl.sorbs.net 212 RBL sbl-xbl.spamhaus.org 253 header checks (Spam) 288 Need FQDN address 297 Recipient Domain Not Found 429 RBL list.dsbl.org 517 Local access rule: Client host rejected 687 Greylisted delivery attempt 717 Dynamic IP Trespass 1361 RBL cn-kr.blackholes.us 1463 Sender Domain Not Found 4779 User unknown 6422 Recipient address rejected 6970 Local access rule: Sender address rejected 22256 Bad HELO 47835 TOTAL Spamassassin stats: 77 spam 2919 clean 2996 TOTAL Percentages: spam:non-spam (47912/50831) 94.26% tagged messages (77/2996) 2.57% rejected spam (47835/47912) 99.84% only 2996 messages (out of 50831) were accepted by postfix and scanned by SA. of those, only 77 were tagged as spam, plus another 145 that were discarded by a header_checks rule which detects whether the SA score is over 13.0 (discard, not reject) when amavisd-new tried to reinject the message back into postfix after content-filtering. that was a pretty average week, although (as ever) the number of attempts to deliver spam goes up all the time. 2 months ago, it was averaging about 30-35K rejects per week. now it's nearly 50K. the percentages don't change much, spam is already well over 90% of what my MTA sees. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On Saturday 06 November 2004 22:19, Rodney Richison wrote: Are most of you using exim or postfix? Just curious. I've never tried exim. i use postfix/courier-imap,pop3/maildrop/sqwebmail with amavisd-new, clamav, spamassasin, razor and pyzor. mysql is my userdatabase and postfixadmin my webfrontend. postfix is very well suppotet and has lots of features. there is many 3d party software out there and it has a very modern achitecture. also there are many how-tos out there what can be very helpful ;) eg: http://www.xmission.com/~jmcrc/spamfilter20041003.html exim is somehow more basic. maby it's a little faster but has not as many features as postfix has. greetings florian engelmann neither. courier-mta. just starting to have some production experience, and so far i like it quite a bit. i chose it because it has everything integrated: pop3, esmtp, pop3-ssl, emstp-ssl, esmtp-msa, imap, webmail, and mailing list mgr, etc. Plus it's GPL'd. so far, the only thing i haven't been able to do is setup a per-user preference for rejecting email based on the other server's HELO response. but i'm not going to do that anyway--too much work to maintain the good domains (load balancerers), plus it violates an RFC. regards, mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
I just switched from Postfix to Exim. I am now a big fan of Exim. http://changelog.complete.org/articles/2004/11/08/latest-experiment-exim/ http://changelog.complete.org/articles/2004/11/11/exim-transition-successful/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On Saturday 06 November 2004 22:19, Rodney Richison wrote: > Are most of you using exim or postfix? Just curious. I've never tried > exim. neither. courier-mta. just starting to have some production experience, and so far i like it quite a bit. i chose it because it has everything integrated: pop3, esmtp, pop3-ssl, emstp-ssl, esmtp-msa, imap, webmail, and mailing list mgr, etc. Plus it's GPL'd. so far, the only thing i haven't been able to do is setup a per-user preference for rejecting email based on the other server's HELO response. but i'm not going to do that anyway--too much work to maintain the good domains (load balancerers), plus it violates an RFC. regards, mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
On Wed, Nov 10, 2004 at 11:09:47AM +0100, martin f krafft wrote: > also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.1014 +0100]: > > > I agree. But exim can do it. And even though this is the LDA > > > part of it, postfix also includes an LDA, which is just not up > > > to speed. > > > > and postfix can do it too. > > No, it cannot, unless you use spamassassin as the LDA, which is > deprecated. spamassassin is not an LDA. you use procmail or maildrop or something as the LDA, and that calls SA, running as the user. > Exim can use multiple sequential filters as part of the LDA (which are > all run as the user). that's a function of the LDA. procmail can do that, and so can maildrop. i have no idea if postfix's local can do it because i've never actually used it - i've always used procmail. but it doesn't matter - that's the job of the LDA, not the MTA, and postfix happens to have a modular design which lets you use any LDA you like. > > postfix doesn't do it the same way as exim because postfix is not > > a single monolithic process. > > Stop harping on that and respond to my points, if at all. it wouldn't be necessary to "harpn on" if you didn't consistently miss the obvious. postfix is not exim. stop insisting that it try to be exactly the same. i'll try expressing the concept in simpler language for you, and maybe you'll understand: you go into a take-away food shop and order a steak sandwich. when it arrives, you complain that it doesn't taste like chicken. well, WTF did you expect? it's steak, not chicken. if you had wanted chicken, you should have ordered that. similarly, if you want the exim behaviour and model, then install exim. if you want postifx, then install postfix. but don't expect postfix to operate exactly the same way as exim. to get postfix to do things, you take advantage of the way that postfix works, not complain that it doesn't work exactly like exim. > Even a modular architecture can support filters as part of the LDA; > Postfix does not. again, you don't know what you are talking about. > > > ... not manageable... > > > > of course not. but a) it works, and b) it doesn't have to be > > "manageable", .forward files are not a system-wide setting, they > > are a per user thing. > > So you suggest .forward files for a machine hosting about 1700 > Windows users? no. try reading what i wrote. > > if you want it to run for every user without each user having to > > do custom configuration, then use procmail as the LDA and create > > a rule in /etc/procmailrc. problem solved. > > If you object to exim because of its monolithic setuid nature, how > can you possibly advocate procmail? for the same reason that i can appreciate cats. i.e. it's irrelevant to the question. procmail is not an MTA. and postfix is not an LDA. they have different jobs. more to the point, whatever it's other faults, procmail is not "monolithic" - it does one job, and it does it reasonably well. it fits the modular, small-tools paradigm. the fact that it is setuid root is not necessarily a problem. in fact, it's unavoidable. if you're delivering mail to local users, at some point in the process something has to run as root so that it can change UID to the user. IMO, it's better to have that root or setuid process do just one job (LDA) and revoke root privs as early as possible, than to do half a dozen different jobs (monolithic MTA). > Sure, it's run as the user. But it's a bloody performance hog. Try > that with 1700 users and about 130 to 200 mails per minute, and you'll > find that it does not work. 1. you want to run SpamAssassin for 1700 users and 200 mails/minute and you're complaing that it's *procmail* that's the performance hog. i think you need to resynchronise your brain with reality. 2. use maildrop instead if procmail's performance bothers you. 3. write your own mini LDA 3. the CPU time, memory, and I/O used by either procmail or maildrop (or any LDA) is utterly insignificant compared to that used by SpamAssassin. > > if you don't care about using per-user settings in SA, then just > > use a content filter and you'll get SA checking on ALL mail, not > > just on locally-delivered mail. again, problem solved. IMO, this > > is the best way to do it. > > If you do SA on a system-wide basis, the auto-whitelisting feature > is a problem, true, it doens't work as nicely as it could otherwise.but not very important because auto-whitelisting isn't as useful as it sounds, anyway. > and Bayesian filtering is basically useless. nope, it's not. SA's bayesian filters works perfectly well when used as a system-wide filter. > > but if the question you are asking is "i want postfix to work > > exactly the same as exim", then you'll never get an answer. > > I did not say so. you have done so repeatedly. > > *ALL* mail is both incoming AND outgoing. > > Which (sensible) MTA does not do it this way? dunno, which is why it's so puzzling
Re: exim or postfix
also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.1014 +0100]: > > I agree. But exim can do it. And even though this is the LDA > > part of it, postfix also includes an LDA, which is just not up > > to speed. > > and postfix can do it too. No, it cannot, unless you use spamassassin as the LDA, which is deprecated. Exim can use multiple sequential filters as part of the LDA (which are all run as the user). > postfix doesn't do it the same way as exim because postfix is not > a single monolithic process. Stop harping on that and respond to my points, if at all. Even a modular architecture can support filters as part of the LDA; Postfix does not. > > ... not manageable... > > of course not. but a) it works, and b) it doesn't have to be > "manageable", .forward files are not a system-wide setting, they > are a per user thing. So you suggest .forward files for a machine hosting about 1700 Windows users? > if you want it to run for every user without each user having to > do custom configuration, then use procmail as the LDA and create > a rule in /etc/procmailrc. problem solved. If you object to exim because of its monolithic setuid nature, how can you possibly advocate procmail? Sure, it's run as the user. But it's a bloody performance hog. Try that with 1700 users and about 130 to 200 mails per minute, and you'll find that it does not work. > if you don't care about using per-user settings in SA, then just > use a content filter and you'll get SA checking on ALL mail, not > just on locally-delivered mail. again, problem solved. IMO, this > is the best way to do it. If you do SA on a system-wide basis, the auto-whitelisting feature is a problem, and Bayesian filtering is basically useless. > but if the question you are asking is "i want postfix to work > exactly the same as exim", then you'll never get an answer. I did not say so. > *ALL* mail is both incoming AND outgoing. Which (sensible) MTA does not do it this way? > > I am challenging you. > > challenging me to do what? To consider that, in fact, postfix is not the best for all situations. > repeat after me: an MTA is not an LDA. use the right tool for the > job. I believe I said before that I completely agree. This is not the issue being discussed. > > I cheated. It's in there and marked 'impossible'. Exim can do > > it. > > i doubt if it's impossible. You are making a fool of yourself. > in short, the answer is "that's not a useful question". routing > based on solely the From: address is inherently broken. Did I say that the From address was the only feature to base routing on? Also you (and Wietse) are failing to see the value for store-and-forward relays. Anyway, this is pointless. You just read my last post on the issue. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Re: exim or postfix
On Wed, Nov 10, 2004 at 09:19:49AM +0100, martin f krafft wrote: > also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.0901 +0100]: > > > Anyway, if you are so confident about postfix, then maybe you > > > can teach me how to set up spamassassin to run under the local > > > user's identity, > > > > procmail, maildrop or whatever local delivery agent you use can > > run spamassassin. that's part of an LDA's job. > > I agree. But exim can do it. And even though this is the LDA part of > it, postfix also includes an LDA, which is just not up to speed. and postfix can do it too. just because it does it differently to the way exim does it, doesn't mean that it can't do it. postfix doesn't do it the same way as exim because postfix is not a single monolithic process. it's a modular system of small tools that each do their own job. expecting postfix to do it as a single monolithic setuid binary when it doesn't even have one goes way beyond absurd, it's being wilfully blind. > > even on the simplest level, a .forward file which pipes to SA is > > executed under the UID of the user. > > ... not manageable... of course not. but a) it works, and b) it doesn't have to be "manageable", .forward files are not a system-wide setting, they are a per user thing. if you want it to run for every user without each user having to do custom configuration, then use procmail as the LDA and create a rule in /etc/procmailrc. problem solved. if you don't care about using per-user settings in SA, then just use a content filter and you'll get SA checking on ALL mail, not just on locally-delivered mail. again, problem solved. IMO, this is the best way to do it. but if the question you are asking is "i want postfix to work exactly the same as exim", then you'll never get an answer. that problem can not be solved. they are two different programs that work in quite different ways. the conceptual model for mail processing is different. for instance, postfix has no real notion of "incoming" or "outgoing" mail - more precisely, because it queues everything, *ALL* mail is both incoming AND outgoing. it comes into the queue (from any one of numerous different sources, smtp, uucp, /usr/sbin/sendmail, etc) and eventually leaves the queue (again, via any one of numerous different transports, smtp, uucp, local, procmail, maildrop, etc) this particular feature confuses lots of newbies to postfix, because they refuse to believe it. they persist in thinking in terms of incoming and outgoing mail, when it is patently obvious that there is no such thing in postfix. > > before you say "but i want the MTA to do it", that's just you > > thinking in terms of a monolithic MTA like exim. > > I am challenging you. challenging me to do what? i've already explained how insisting that the MTA itself does it is stupid. you're trying to force a square peg into a round hole, when you'd be much better just trying the round peg. repeat after me: an MTA is not an LDA. use the right tool for the job. > > > and how to route messages based on the sending address (for SPF > > > reasons). > > > > no idea, never needed to do it. try the postfix-users archives. > > I cheated. It's in there and marked 'impossible'. Exim can do it. i doubt if it's impossible. more likely, no-one cares enough about it to bother figuring out how to do it. > > if it's not straight-forward, i'll bet you could do it with > > a policy server. > > A policy server has no decision on route destination. try a tcp map then. after doing a bit of reading, it doesn't sound like it's even a good idea. Wietse hacked up a patch to transport tables to do this in 2002, and made the following comments: http://www.irbs.net/internet/postfix/0206/0132.html : It's a pretty schizophrenic architecture, and I am not even sure it : can be made to work. : : For example, sender-based routing breaks message bounces that his : machine sends back to the internet. In fact, any mail with a local : sender address will loop back to his machine, even though it has : a remote recipient address. And he will never be able to receive : mail from someone in a sender-routed domain, because that mail will : always be routed to the ISP for that domain. in short, the answer is "that's not a useful question". routing based on solely the From: address is inherently broken. if it is ever going to work, it needs to be done either with a policy server or a tcp transport map, then you can use more than just the From: address to determine routing (to do it reliably, you also need to know the client IP and whether the client IP is in $mynetworks) craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.0901 +0100]: > > Anyway, if you are so confident about postfix, then maybe you > > can teach me how to set up spamassassin to run under the local > > user's identity, > > procmail, maildrop or whatever local delivery agent you use can > run spamassassin. that's part of an LDA's job. I agree. But exim can do it. And even though this is the LDA part of it, postfix also includes an LDA, which is just not up to speed. > even on the simplest level, a .forward file which pipes to SA is > executed under the UID of the user. ... not manageable... > before you say "but i want the MTA to do it", that's just you > thinking in terms of a monolithic MTA like exim. I am challenging you. My postfix does not do said things, and I sure well know why. > > and how to route messages based on the sending address (for SPF > > reasons). > > no idea, never needed to do it. try the postfix-users archives. I cheated. It's in there and marked 'impossible'. Exim can do it. > if it's not straight-forward, i'll bet you could do it with > a policy server. A policy server has no decision on route destination. Anyway, I can't believe I am arguing against the product that I embrace the most. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Re: exim or postfix
On Wed, Nov 10, 2004 at 08:21:14AM +0100, martin f krafft wrote: > also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.0010 +0100]: > > > There have been some very simple things that I've needed to find > > > solutions to with postfix in the past which I ended up having to > > > do with procmail that I can now deal with in ~ 3 lines in the exim > > > config. > > > > my guess is that you just know exim better than postfix, so things > > that an experienced postfix user would find easy aren't as easy for > > you as just using exim. > > > > all of the things you listed as benefits of exim, my first thought > > was "but postfix does that (and it does it better :)". > > You are not seriously arguing this, right? yes. > The exim routers are far beyond what postfix can do. not in my experience. > IMHO, they are far beyond the job of an MTA, so it's more a plus for > exim than a minus for postfix. show me anything that you think can't be done in postfix and i'll probably tell you how it can be done. in my experience, the only people who say "postfix can't do that" are people who don't actually know postfix, or who are so caught up in the way that you do it in some other MTA that it never occurs to them to investigate how you might do it in something else such as postfix. every MTA has a different conceptual model for how mail is handled. if someone insists on applying exim models to postfix (or vice-versa) then they're not going to be very successful. > Anyway, if you are so confident about postfix, then maybe you can > teach me how to set up spamassassin to run under the local user's > identity, procmail, maildrop or whatever local delivery agent you use can run spamassassin. that's part of an LDA's job. even on the simplest level, a .forward file which pipes to SA is executed under the UID of the user. before you say "but i want the MTA to do it", that's just you thinking in terms of a monolithic MTA like exim. anyone who thinks in postfix terms would be horrified by the idea of having a huge setuid binary try to do everything. postfix consists of several small, modular parts. each one does it's job, and each one is replacable. postfix can hand off local delivery to it's own LDA called "local" or it can hand off local delivery to procmail or maildrop or cyrus or whatever. you can even have some local mail delivered by local and some by procmail etc. as far as postfix is concerned, it doesn't matter - as long as they fulfil the function of a local delivery agent. > and how to route messages based on the sending address > (for SPF reasons). no idea, never needed to do it. try the postfix-users archives. if it's not straight-forward, i'll bet you could do it with a policy server. > > ps: i've used pretty nearly all of the free software MTAs (and > > some not-so-free, like qmail) over the last 15 years. > > So have i, but i miss in your list a mention of exim. i tried exim sometime after switching to sendmail. it was just smail without the stupid bugs, so i saw no reason to switch to it. it's progressed a lot since then, but it is still the same model as exim. > I have also never used exim because I had settled on postfix through > much the same path (I also checked out zmailer in between) as you and > was me too. it didn't do anything amazingly different and was even clumsier to use than qmail. i tried pretty nearly every MTA i ever cam acrossand am a firm believer in the maxim that all mail programs suck, but some suck less. and postfix sucks least of all. craig -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
also sprach Craig Sanders <[EMAIL PROTECTED]> [2004.11.10.0010 +0100]: > > There have been some very simple things that I've needed to find > > solutions to with postfix in the past which I ended up having to > > do with procmail that I can now deal with in ~ 3 lines in the exim > > config. > > my guess is that you just know exim better than postfix, so things that an > experienced postfix user would find easy aren't as easy for you as just using > exim. > > all of the things you listed as benefits of exim, my first thought was "but > postfix does that (and it does it better :)". You are not seriously arguing this, right? The exim routers are far beyond what postfix can do. IMHO, they are far beyond the job of an MTA, so it's more a plus for exim than a minus for postfix. Anyway, if you are so confident about postfix, then maybe you can teach me how to set up spamassassin to run under the local user's identity, and how to route messages based on the sending address (for SPF reasons). > ps: i've used pretty nearly all of the free software MTAs (and > some not-so-free, like qmail) over the last 15 years. So have i, but i miss in your list a mention of exim. I have also never used exim because I had settled on postfix through much the same path (I also checked out zmailer in between) as you and was thoroughly happy, before Phil Hazel published the first usable exim (3.0, in the middle of 1999 IIRC). Thus, I try to avoid categorically arguing that postfix is better. I like postfix and do not feel like starting from scratch with another MTA, otherwise I might well inspect exim more closely. In any case, I think among the strongest points for postfix are Wietse Venema, Wietse Venema, Wietse Venema, and Ralf Hildebrandt (as well as many other folks on postfix-users). If you look at Wietse's code, you'll see that it'll be hard to suggest improvements to the logic. From cursory looks at exim, I could not come to the same conclusion, /usr/sbin/exim was setuid root last I checked. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Re: exim or postfix
On Sun, Nov 07, 2004 at 01:40:30PM +, Brett Parker wrote: > There have been some very simple things that I've needed to find > solutions to with postfix in the past which I ended up having to > do with procmail that I can now deal with in ~ 3 lines in the exim > config. my guess is that you just know exim better than postfix, so things that an experienced postfix user would find easy aren't as easy for you as just using exim. all of the things you listed as benefits of exim, my first thought was "but postfix does that (and it does it better :)". > Then, I've always prefered exim, I like having control at my finger > tips, and things to do what I expect :) odd. that's one of the reasons i prefer postfix over exim. exim's OK, but the best thing i can say about it is that it is "smail done right, without the really stupid bugs". which is not exactly a glowing recommendation. on the plus side, exim's author is damn smart and knows his stuff...but i still prefer postfix. for someone who knows exim really well, i'd say "stick with what you know best", you're unlikely to get enough benefit from switching to be worth the effort. for someone who isn't already a long-term exim user, i'd say that they're much better off using postfix. you'll be able to do more, with far less effort. craig ps: i've used pretty nearly all of the free software MTAs (and some not-so-free, like qmail) over the last 15 years.i was an smail fan for a long time, then sendmail got a lot better and i switched to that for a few years. then qmail came along, and i used either sendmail or qmail on all systems for a few more years, depending on need (i liked most of qmail's features but didn't like the license and really didn't like the feeling that it was a dead-end incompatible trap as bad as any proprietary commercial software). then vmailer aka postfix came along and within a few months i had converted all machines to postfix and now i won't willingly use anything else. it had everything i had wished for for years. -- craig sanders <[EMAIL PROTECTED]> (part time cyborg) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
Many thanks for all the replys. I think, on the upcoming box, I'll give it a whirl... Thanks again! martin f krafft wrote: also sprach Teófilo Ruiz Suárez <[EMAIL PROTECTED]> [2004.11.07.1529 +0100]: Do you have an URL with more info about that policy framework?. Not handy. Please write to , he's the author. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
also sprach Teófilo Ruiz Suárez <[EMAIL PROTECTED]> [2004.11.07.1529 +0100]: > Do you have an URL with more info about that policy framework?. Not handy. Please write to , he's the author. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Re: exim or postfix
On Sun, Nov 07, 2004 at 02:02:35PM +0100, martin f krafft wrote: > [...] > I can't wait until I have time to try/use/improve Md's policy > framework. Do you have an URL with more info about that policy framework?. Thanks, -- teo - http://blog.eltridente.org "Res publica non dominetur" -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
also sprach Brett Parker <[EMAIL PROTECTED]> [2004.11.07.1440 +0100]: > Then, I've always prefered exim, I like having control at my > finger tips, and things to do what I expect :) Ha! Flamebait! Consider yourself whacked. I won't even respond to this. :) /me embraces /etc/postfix/main.cf > Just out of interest, were your tests exim3 or exim4 vs postfix. exim3; sorry, I should have mentioned that. > FWICT there's been a lot of work gone in to exim4, and it does > seem to be faster than exim3, I haven't done a straight speed > comparison between postfix and exim4, though. I have not either for exim4. I would be interested though. I am very happy with postfix, but I do at times eye over to the router config of exim. You are right, I cannot get rid of procmail at the moment, which is definitely a pain. However, I've been using postfix for like 7 years now and I really don't want to start to learn to swim again in icy waters. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Re: exim or postfix
On Sun, Nov 07, 2004 at 02:02:35PM +0100, martin f krafft wrote: > also sprach Brett Parker <[EMAIL PROTECTED]> [2004.11.07.1226 +0100]: > > exim4 and postfix, depending on the machine, and who origionally set it > > up. New machines are getting exim4 because it is far more flexible and > > powerful that postfix (in my experience). > > Well, my last tests have shown postfix to be more performant by > about a factor of 1.6. In addition, there is the single setuid > binary thing about exim. > > You are right that exim has a lot more features than postfix. > However, are they needed? To me, exim tries to be more than an MTA, > which is why I surely prefer postfix. I use a fair chunk of them, so yes, I'd say they are. ACLs and the sheer power of the router config wins me over everytime. I work for a small ISP so the more flexible the solution, the better for us. As new things come up, and new unthought of problems arrise, I find that not having to go outside the server setup for large groups of users is rather useful. Coupled with rather powerful database access, exim4 just makes my life a lot easier. There have been some very simple things that I've needed to find solutions to with postfix in the past which I ended up having to do with procmail that I can now deal with in ~ 3 lines in the exim config. Then, I've always prefered exim, I like having control at my finger tips, and things to do what I expect :) Just out of interest, were your tests exim3 or exim4 vs postfix. FWICT there's been a lot of work gone in to exim4, and it does seem to be faster than exim3, I haven't done a straight speed comparison between postfix and exim4, though. Thanks, -- Brett Parker web: http://www.sommitrealweird.co.uk/ email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
also sprach Mark Ferlatte <[EMAIL PROTECTED]> [2004.11.07.1013 +0100]: > Don't know about most; I use Postfix. I don't think exim is a bad choice, > though; I just liked Postfix better, and it performs well enough to meet my > needs. Well said. also sprach Brett Parker <[EMAIL PROTECTED]> [2004.11.07.1226 +0100]: > exim4 and postfix, depending on the machine, and who origionally set it > up. New machines are getting exim4 because it is far more flexible and > powerful that postfix (in my experience). Well, my last tests have shown postfix to be more performant by about a factor of 1.6. In addition, there is the single setuid binary thing about exim. You are right that exim has a lot more features than postfix. However, are they needed? To me, exim tries to be more than an MTA, which is why I surely prefer postfix. I can't wait until I have time to try/use/improve Md's policy framework. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <[EMAIL PROTECTED]> : :' :proud Debian developer, admin, user, and author `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver! signature.asc Description: Digital signature
Re: exim or postfix
On Sat, Nov 06, 2004 at 09:19:40PM -0600, Rodney Richison wrote: > Are most of you using exim or postfix? Just curious. I've never tried > exim. exim4 and postfix, depending on the machine, and who origionally set it up. New machines are getting exim4 because it is far more flexible and powerful that postfix (in my experience). Cheers, -- Brett Parker web: http://www.sommitrealweird.co.uk/ email: [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim or postfix
Rodney Richison said on Sat, Nov 06, 2004 at 09:19:40PM -0600: > Are most of you using exim or postfix? Just curious. I've never tried > exim. Don't know about most; I use Postfix. I don't think exim is a bad choice, though; I just liked Postfix better, and it performs well enough to meet my needs. M pgpwRaGgrw1KM.pgp Description: PGP signature
Re: Exim conditions for attachments
This one time, at band camp, Craig Schneider said: (redirecting this back to the list - I read the list, so you can send replies there.) > Hi Stephen > > Thanks for the help dude. > > Do you mean like this? Or incorporate it into the condition somehow? > > # deny message = User is unable to receive attachments of this nature > ($found_extension) > # domains = ! +local_domains > # condition = > ${lookup{$recipients}lsearch{/etc/mail/extensions}{1}{0}} > #demime = jpg:mpg:mpeg:mp3:gif:bmp > > Thanks That statement will do this: if ( the domain of the recipient is not a local domain) and ( the recipient is found in a file) and ( after unpacking, the message contains one of these mime types) then deny the email Which is not what I think you want. I am also fairly sure that $recipients is not available in ACL's, but only in system filters. There are several problems with the approach you're trying: First, you can only unpack a message after the data phase of the smtp transaction, at which point you may have one or more recipients for a message. What do you do with the email if one of the recipients is on the list, but the others aren't? If you reject the email, nobody in the recipient list gets the email, whether they're on your list or not, and if you accept it, everybody on the recipient list gets the email. The +local_domain as sender is something that is too easily forged to allow for exemption, IMHO - it's a not uncommon spammer trick to send email from you to you, so you might allow a lot of things that you don't actually want. If I were you, I would take a moment to decide what you mean by 'the email comes from the local domain', and then implementation gets easier. If all local mail is generated on the localhost (e.g., all users use webmail or have shell accounts), then you can write a condition to check for an empty host string. If instead you really plan to use just the domain part of the sender, you can write a test that looks for sender = [EMAIL PROTECTED] or whatever domainlist you use. If you receive mail from your local domain users in other ways (from a set of known machines, or via authenticated smtp), write an acl that puts in a header, and test for that header later in a router or filter. Per user mime filtering will have to be done later, outside of the smtp time transaction, though, so you'll want a router or something to do this work (and you'll want that router to have no-verify in it, since it will mess up routing in the acl's otherwise) Overall, I think the easiest approach would be to use a system filter, rather than an acl. You'll have to decide what you want to do with these emails if the match in the system filter (and I recommend not bouncing at this point, but saving to a special mbox somewhere, to cut down on collateral spam) I highly recommend reading /usr/share/doc/exim4-base/spec.txt.gz for this sort of thing. It makes all of these issues clear. > From: Stephen Gran [mailto:[EMAIL PROTECTED] On Behalf Of Stephen Gran > This one time, at band camp, Craig Schneider said: > > Hi Guys > > > > I have wrtten a condition to check if a user is in a flat text file, > > if so then allow them NOT to receive attachments of a certain type. > > However I need to put a condition in to allow them to receive from the > > If you mean from 127.0.0.1, then add a > ! hosts = : > > If you mean from [EMAIL PROTECTED] (trivially forged, and I would avoid > relying on this test, add a ! senders_domain = +local_domains > > (I may be wrong about sender_domains - check the spec. It's close to > that, but I forget and am too lazy to look right now :) -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpZjDbEU1Nwx.pgp Description: PGP signature
Re: Exim conditions for attachments
This one time, at band camp, Craig Schneider said: > Hi Guys > > I have wrtten a condition to check if a user is in a flat text file, if > so then allow them NOT to receive attachments of a certain type. However > I need to put a condition in to allow them to receive from the > $local_domain. > > Heres what I have so far: > > # deny message = User is unable to recieve attachments of this nature > ($found_extension) > # > condition=${lookup{$recipients}lsearch{/etc/mail/extensions}{1}{0}} > #demime = jpg:mpg:mpeg:mp3:gif:bmp If you mean from 127.0.0.1, then add a ! hosts = : If you mean from [EMAIL PROTECTED] (trivially forged, and I would avoid relying on this test, add a ! senders_domain = +local_domains (I may be wrong about sender_domains - check the spec. It's close to that, but I forget and am too lazy to look right now :) -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - pgpxeke84WLsO.pgp Description: PGP signature
RE: Exim 4.20 + Mailman
Title: RE: Exim 4.20 + Mailman > -Original Message- > From: Kenny Duffus [mailto:[EMAIL PROTECTED]] > Sent: 01 June 2004 10:34 > To: debian-isp@lists.debian.org > Subject: Re: Exim 4.20 + Mailman > > > > Has anyone set up Exim 4.20 and mailman successfully and if > so do you > > mind if I take a look at your exim.conf? I've done this before with > > Exim 3 but am struggling to find working examples for exim4. > > Why do you need to mess with the exim config? Just add the lines that the "newlist" command gives you into your /etc/aliases something like: ## dmfs-discuss mailing list dmfs-discuss: "|/var/lib/mailman/mail/mailman post dmfs-discuss" dmfs-discuss-admin: "|/var/lib/mailman/mail/mailman admin dmfs-discuss" dmfs-discuss-bounces: "|/var/lib/mailman/mail/mailman bounces dmfs-discuss" dmfs-discuss-confirm: "|/var/lib/mailman/mail/mailman confirm dmfs-discuss" dmfs-discuss-join: "|/var/lib/mailman/mail/mailman join dmfs-discuss" dmfs-discuss-leave: "|/var/lib/mailman/mail/mailman leave dmfs-discuss" dmfs-discuss-owner: "|/var/lib/mailman/mail/mailman owner dmfs-discuss" dmfs-discuss-request: "|/var/lib/mailman/mail/mailman request dmfs-discuss" dmfs-discuss-subscribe: "|/var/lib/mailman/mail/mailman subscribe dmfs-discuss" dmfs-discuss-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe dmfs-discuss"
RE: Exim 4.20 + Mailman
Title: RE: Exim 4.20 + Mailman > -Original Message- > From: Kenny Duffus [mailto:[EMAIL PROTECTED]] > Sent: 01 June 2004 10:34 > To: [EMAIL PROTECTED] > Subject: Re: Exim 4.20 + Mailman > > > > Has anyone set up Exim 4.20 and mailman successfully and if > so do you > > mind if I take a look at your exim.conf? I've done this before with > > Exim 3 but am struggling to find working examples for exim4. > > Why do you need to mess with the exim config? Just add the lines that the "newlist" command gives you into your /etc/aliases something like: ## dmfs-discuss mailing list dmfs-discuss: "|/var/lib/mailman/mail/mailman post dmfs-discuss" dmfs-discuss-admin: "|/var/lib/mailman/mail/mailman admin dmfs-discuss" dmfs-discuss-bounces: "|/var/lib/mailman/mail/mailman bounces dmfs-discuss" dmfs-discuss-confirm: "|/var/lib/mailman/mail/mailman confirm dmfs-discuss" dmfs-discuss-join: "|/var/lib/mailman/mail/mailman join dmfs-discuss" dmfs-discuss-leave: "|/var/lib/mailman/mail/mailman leave dmfs-discuss" dmfs-discuss-owner: "|/var/lib/mailman/mail/mailman owner dmfs-discuss" dmfs-discuss-request: "|/var/lib/mailman/mail/mailman request dmfs-discuss" dmfs-discuss-subscribe: "|/var/lib/mailman/mail/mailman subscribe dmfs-discuss" dmfs-discuss-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe dmfs-discuss"
Re: Exim 4.20 + Mailman
On Tue, Jun 01, 2004 at 10:25:03AM +0200, David Ross wrote: > Hi > > Has anyone set up Exim 4.20 and mailman successfully and if so do you > mind if I take a look at your exim.conf? I've done this before with Exim > 3 but am struggling to find working examples for exim4. > Hi I followed the howto on the exim website: http://www.exim.org/howto/mailman21.html As I am using the split config with exim4 I created a transport called 091_mailman_transport: mailman_transport: driver = pipe command = /var/lib/mailman/mail/mailman \ '${if def:local_part_suffix \ {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \ {post}}' \ $local_part current_directory = /var/lib/mailman home_directory = /var/lib/mailman user = list group = list and a router called 091_mailman_router: mailman_router: driver = accept domains = example.com require_files = /var/lib/mailman/lists/$local_part/config.pck local_part_suffix_optional local_part_suffix = -bounces : -bounces+* : \ -confirm+* : -join : -leave : \ -owner : -request : -admin : \ -subscribe : -unsubscribe transport = mailman_transport those numbers worked for me ensuring they were used before any alias files. Doing it that way means that you don't have to add aliases for each new list as it checks the lists directory to see if there is a list called whatever there. Kenny signature.asc Description: Digital signature
Re: Exim 4.20 + Mailman
On Tue, Jun 01, 2004 at 10:25:03AM +0200, David Ross wrote: > Hi > > Has anyone set up Exim 4.20 and mailman successfully and if so do you > mind if I take a look at your exim.conf? I've done this before with Exim > 3 but am struggling to find working examples for exim4. > Hi I followed the howto on the exim website: http://www.exim.org/howto/mailman21.html As I am using the split config with exim4 I created a transport called 091_mailman_transport: mailman_transport: driver = pipe command = /var/lib/mailman/mail/mailman \ '${if def:local_part_suffix \ {${sg{$local_part_suffix}{-(\\w+)(\\+.*)?}{\$1}}} \ {post}}' \ $local_part current_directory = /var/lib/mailman home_directory = /var/lib/mailman user = list group = list and a router called 091_mailman_router: mailman_router: driver = accept domains = example.com require_files = /var/lib/mailman/lists/$local_part/config.pck local_part_suffix_optional local_part_suffix = -bounces : -bounces+* : \ -confirm+* : -join : -leave : \ -owner : -request : -admin : \ -subscribe : -unsubscribe transport = mailman_transport those numbers worked for me ensuring they were used before any alias files. Doing it that way means that you don't have to add aliases for each new list as it checks the lists directory to see if there is a list called whatever there. Kenny signature.asc Description: Digital signature
Re: Exim + MySQL
On Mon, May 17, 2004 at 12:31:45PM -0500, Rod Rodolico wrote: > Does anyone know if MySQL is built into the debian release of Exim? I put the > following line > in my configuration file and get an "unknown command" error. I think I did > this correctly. Depends. In woody -- no. In sarge/sid -- yes, if you choose exim4-*-heavy package. Anyway, you can just download the source package, enable MySQL and create your own .deb easily. Marcin
Re: Exim + MySQL
On Mon, May 17, 2004 at 12:31:45PM -0500, Rod Rodolico wrote: > Does anyone know if MySQL is built into the debian release of Exim? I put the > following line > in my configuration file and get an "unknown command" error. I think I did this > correctly. Depends. In woody -- no. In sarge/sid -- yes, if you choose exim4-*-heavy package. Anyway, you can just download the source package, enable MySQL and create your own .deb easily. Marcin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim AUTH with PAM - pls. HELP
On Wed, Apr 14, 2004 at 11:35:21PM +0200, Johannes Formann wrote: > MINTA GHEORGHE ADRIAN <[EMAIL PROTECTED]> wrote: > > I try to setup an exim mail server with PAM auth. against system > > passwords. Unfortunately the authentification doesn't work: > I bett exim can't read /etc/shadow, make it readable to exim, oder > compile and install pam_exim. Ooooh, neat. Doesn't appear to be in Debian and is a bit of a PITA to build, but certainly an interesting starting point. J. -- jid: [EMAIL PROTECTED] noodles is fat
Re: Exim AUTH with PAM - pls. HELP
On Wed, Apr 14, 2004 at 11:35:21PM +0200, Johannes Formann wrote: > MINTA GHEORGHE ADRIAN <[EMAIL PROTECTED]> wrote: > > I try to setup an exim mail server with PAM auth. against system > > passwords. Unfortunately the authentification doesn't work: > I bett exim can't read /etc/shadow, make it readable to exim, oder > compile and install pam_exim. Ooooh, neat. Doesn't appear to be in Debian and is a bit of a PITA to build, but certainly an interesting starting point. J. -- jid: [EMAIL PROTECTED] noodles is fat -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim AUTH with PAM - pls. HELP
Maarten Vink / Interstroom <[EMAIL PROTECTED]> wrote: > Johannes Formann wrote: > >>>I bett exim can't read /etc/shadow, make it readable to exim, oder > >>>compile and install pam_exim. > > IIRC, you need to run Exim as root to enable PAM functionality. With pam_exim you don't :-) regards Johannes
Re: Exim AUTH with PAM - pls. HELP
Johannes Formann wrote: Franz Georg Köhler <[EMAIL PROTECTED]> wrote: I bett exim can't read /etc/shadow, make it readable to exim, oder compile and install pam_exim. IIRC, you need to run Exim as root to enable PAM functionality. Regards, Maarten
Re: Exim AUTH with PAM - pls. HELP
Maarten Vink / Interstroom <[EMAIL PROTECTED]> wrote: > Johannes Formann wrote: > >>>I bett exim can't read /etc/shadow, make it readable to exim, oder > >>>compile and install pam_exim. > > IIRC, you need to run Exim as root to enable PAM functionality. With pam_exim you don't :-) regards Johannes -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim AUTH with PAM - pls. HELP
Johannes Formann wrote: Franz Georg Köhler <[EMAIL PROTECTED]> wrote: I bett exim can't read /etc/shadow, make it readable to exim, oder compile and install pam_exim. IIRC, you need to run Exim as root to enable PAM functionality. Regards, Maarten -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim AUTH with PAM - pls. HELP
Franz Georg Köhler <[EMAIL PROTECTED]> wrote: > > I bett exim can't read /etc/shadow, make it readable to exim, oder > > compile and install pam_exim. > > He's already using PAM authentification... Not pam_exim, which makes a difference. regards Johannes
Re: Exim AUTH with PAM - pls. HELP
On Mi, Apr 14, 2004 at 11:35:21 +0200, Johannes Formann <[EMAIL PROTECTED]> wrote: > MINTA GHEORGHE ADRIAN <[EMAIL PROTECTED]> wrote: > > > I try to setup an exim mail server with PAM auth. against system > > passwords. Unfortunately the authentification doesn't work: > > I bett exim can't read /etc/shadow, make it readable to exim, oder > compile and install pam_exim. He's already using PAM authentification...
Re: Exim AUTH with PAM - pls. HELP
MINTA GHEORGHE ADRIAN <[EMAIL PROTECTED]> wrote: > I try to setup an exim mail server with PAM auth. against system > passwords. Unfortunately the authentification doesn't work: I bett exim can't read /etc/shadow, make it readable to exim, oder compile and install pam_exim. regards Johannes
Re: Exim AUTH with PAM - pls. HELP
Franz Georg Köhler <[EMAIL PROTECTED]> wrote: > > I bett exim can't read /etc/shadow, make it readable to exim, oder > > compile and install pam_exim. > > He's already using PAM authentification... Not pam_exim, which makes a difference. regards Johannes -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim AUTH with PAM - pls. HELP
On Mi, Apr 14, 2004 at 11:35:21 +0200, Johannes Formann <[EMAIL PROTECTED]> wrote: > MINTA GHEORGHE ADRIAN <[EMAIL PROTECTED]> wrote: > > > I try to setup an exim mail server with PAM auth. against system > > passwords. Unfortunately the authentification doesn't work: > > I bett exim can't read /etc/shadow, make it readable to exim, oder > compile and install pam_exim. He's already using PAM authentification... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim AUTH with PAM - pls. HELP
MINTA GHEORGHE ADRIAN <[EMAIL PROTECTED]> wrote: > I try to setup an exim mail server with PAM auth. against system > passwords. Unfortunately the authentification doesn't work: I bett exim can't read /etc/shadow, make it readable to exim, oder compile and install pam_exim. regards Johannes -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim: Different mail retry times depending upon response from remote host...
On Fri, 30 Jan 2004 05:58, Joe Emenaker <[EMAIL PROTECTED]> wrote: > Because, like you mentioned later in your message, not all mailers give > proper responses. For example, I've see a lot of 5xx codes where the > verbal explanation is that the user is over quota. 5xx is the correct thing to do when the quota is exceeded. Some ISPs I know of have customers who remain over quota for YEARS! If the customer keeps paying their bills then the ISP administrators can not delete the messages that cause the quota to be exceeded or remove the account. As there is little chance of the situation changing the only thing to do is to send a 5xx. If you have an over-quota situation that is likely to be fixed in a short period of time then you probably have a bigger problem. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page
Re: Exim: Different mail retry times depending upon response from remote host...
On Fri, 30 Jan 2004 05:58, Joe Emenaker <[EMAIL PROTECTED]> wrote: > Because, like you mentioned later in your message, not all mailers give > proper responses. For example, I've see a lot of 5xx codes where the > verbal explanation is that the user is over quota. 5xx is the correct thing to do when the quota is exceeded. Some ISPs I know of have customers who remain over quota for YEARS! If the customer keeps paying their bills then the ISP administrators can not delete the messages that cause the quota to be exceeded or remove the account. As there is little chance of the situation changing the only thing to do is to send a 5xx. If you have an over-quota situation that is likely to be fixed in a short period of time then you probably have a bigger problem. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim: Different mail retry times depending upon response from remote host...
On Thu, Jan 29, 2004 at 10:58:19AM -0800, Joe Emenaker wrote: > >why should there be? > > [...] > > Because, like you mentioned later in your message, not all mailers give > proper responses. For example, I've see a lot of 5xx codes where the verbal > explanation is that the user is over quota. well, that's normal (at least, it is not "wrong" to do that). what to do in an excess-quota situation is a local policy decision. some sites choose 5xx, some choose 4xx. > But the *real* problem, I guess, is that I'm seeing so many 5xx's in > /var/spool/exim/msglog at *all*. you shouldn't be seeing *ANY* 5xxs in the spool at all. 5xx specifically means "DO NOT TRY AGAIN". exim should not ever retry delivery on permanent-failure codes (unless there is some debugging option like postfix's soft_bounce in effect). > If the sender address is bogus, the bounce notification just hangs around > forever, it seems. I'd like to be able to give bounce notifications avout 4 > hours to be delivered and then, buh'bye. ah, ok. that's a different problem entirely. that's not retrying a 5xx, that's inability to deliver a bounce. you need to configure exim to REJECT mail sent to non-existent addresses (or which fail your anti-spam/anti-virus etc rules) immediately, rather than accept-and-bounce. that way it is the sending MTA's responsibility to deal with the problem, rather than yours. e.g. if a message comes in for [EMAIL PROTECTED], don't accept it then find out that the user doesn't exist, and then bounce it. it is far better to just reject it during the smtp session with a "550 No such user" response. that way, the bounce is not your responsibility. The sending MTA is responsible for dealing with errors. if the sending "MTA" is a virus, then it probably does nothing - AFAIK, no viruses have bounce-handling codebut it really doesn't matter what the sending MTA is or what it does, the key point is that it is *NOT YOUR PROBLEM*, you have not accepted the mail and have not accepted responsibility for delivering-or-bouncing it. if you can't reject during the smtp session, then your best option is to tag-and-deliver (best for spam) or just discard (best for viruses). IIRC, exim *can* do any or all of these things, depending on how you configure it. probably some exim expert here can tell you how to do it. btw, AFAIK, exim doesn't have any option to specify a different retry period for bounce-messages. that would be a useful feature for dealing with spam and viruses that get through the filters. on my own systems, i have inbound MX boxes and outbound mail relays. the inbound MXs do all the spam & virus filtering, and forward the mail to the POP/IMAP box. they have a retry period of 1 day. it is set so low to avoid the queue getting clogged with undeliverable spam bounces (stuff which makes it through my access maps, but gets caught by amavisd-new/spamassassin/clamav). the outbound relays are for users to send their mail, and they have a retry period of 5 days. > >these sound like 5xx errors, rather than 4xx. exim should be bouncing > >these, if the remote systems are issuing the correct error codes.if they > >aren't, there's little you can do about it. > > Except write a script, I guess. :) you're better off not letting these bounce messages get into the queue in the first place (i.e. "prevention is better than cure"). you don't want them, they just slow down your machinereject unwanted mail with 5xx during the SMTP session wherever possible. > >one possibility is that there is some error in your configuration which is > >making permanent errors be treated as temporary (4xx) errors, > > Well, I haven't tweaked our config too much... BUT it's the config > file from when we switched to Exim about 4 years ago, and I haven't > allowed Debian to overwrite it with a new one (lest we lose our mods to > the config file). > So, it might be time to get a new config file and move our changes over by > hand. But... if we're going through that much trouble geez... I'd just > switch to Courier. why switch to courier-mta when you can switch to postfix? :-) courier's other tools (maildrop, pop, sqwebmail, etc) work fine with postfix as the MTA. courier makes a very nice delivery system for real & virtual users. postfix makes a very nice MTA (better than anything else, including courier-mta). the combination works extremely well. craig
Re: Exim: Different mail retry times depending upon response from remote host...
On Thu, Jan 29, 2004 at 10:58:19AM -0800, Joe Emenaker wrote: > >why should there be? > > [...] > > Because, like you mentioned later in your message, not all mailers give > proper responses. For example, I've see a lot of 5xx codes where the verbal > explanation is that the user is over quota. well, that's normal (at least, it is not "wrong" to do that). what to do in an excess-quota situation is a local policy decision. some sites choose 5xx, some choose 4xx. > But the *real* problem, I guess, is that I'm seeing so many 5xx's in > /var/spool/exim/msglog at *all*. you shouldn't be seeing *ANY* 5xxs in the spool at all. 5xx specifically means "DO NOT TRY AGAIN". exim should not ever retry delivery on permanent-failure codes (unless there is some debugging option like postfix's soft_bounce in effect). > If the sender address is bogus, the bounce notification just hangs around > forever, it seems. I'd like to be able to give bounce notifications avout 4 > hours to be delivered and then, buh'bye. ah, ok. that's a different problem entirely. that's not retrying a 5xx, that's inability to deliver a bounce. you need to configure exim to REJECT mail sent to non-existent addresses (or which fail your anti-spam/anti-virus etc rules) immediately, rather than accept-and-bounce. that way it is the sending MTA's responsibility to deal with the problem, rather than yours. e.g. if a message comes in for [EMAIL PROTECTED], don't accept it then find out that the user doesn't exist, and then bounce it. it is far better to just reject it during the smtp session with a "550 No such user" response. that way, the bounce is not your responsibility. The sending MTA is responsible for dealing with errors. if the sending "MTA" is a virus, then it probably does nothing - AFAIK, no viruses have bounce-handling codebut it really doesn't matter what the sending MTA is or what it does, the key point is that it is *NOT YOUR PROBLEM*, you have not accepted the mail and have not accepted responsibility for delivering-or-bouncing it. if you can't reject during the smtp session, then your best option is to tag-and-deliver (best for spam) or just discard (best for viruses). IIRC, exim *can* do any or all of these things, depending on how you configure it. probably some exim expert here can tell you how to do it. btw, AFAIK, exim doesn't have any option to specify a different retry period for bounce-messages. that would be a useful feature for dealing with spam and viruses that get through the filters. on my own systems, i have inbound MX boxes and outbound mail relays. the inbound MXs do all the spam & virus filtering, and forward the mail to the POP/IMAP box. they have a retry period of 1 day. it is set so low to avoid the queue getting clogged with undeliverable spam bounces (stuff which makes it through my access maps, but gets caught by amavisd-new/spamassassin/clamav). the outbound relays are for users to send their mail, and they have a retry period of 5 days. > >these sound like 5xx errors, rather than 4xx. exim should be bouncing > >these, if the remote systems are issuing the correct error codes.if they > >aren't, there's little you can do about it. > > Except write a script, I guess. :) you're better off not letting these bounce messages get into the queue in the first place (i.e. "prevention is better than cure"). you don't want them, they just slow down your machinereject unwanted mail with 5xx during the SMTP session wherever possible. > >one possibility is that there is some error in your configuration which is > >making permanent errors be treated as temporary (4xx) errors, > > Well, I haven't tweaked our config too much... BUT it's the config > file from when we switched to Exim about 4 years ago, and I haven't > allowed Debian to overwrite it with a new one (lest we lose our mods to > the config file). > So, it might be time to get a new config file and move our changes over by > hand. But... if we're going through that much trouble geez... I'd just > switch to Courier. why switch to courier-mta when you can switch to postfix? :-) courier's other tools (maildrop, pop, sqwebmail, etc) work fine with postfix as the MTA. courier makes a very nice delivery system for real & virtual users. postfix makes a very nice MTA (better than anything else, including courier-mta). the combination works extremely well. craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim: Different mail retry times depending upon response from remote host...
Craig Sanders wrote: On Wed, Jan 28, 2004 at 07:23:50PM -0800, Joe Emenaker wrote: Unfortunately, I haven't seen anything in Exim that lets you customize it's retry behavior based upon this. It does offer an "error" field in the retry section, but it's only for some silly hard-coded failure types. why should there be? All 5xx codes are permanent failures. the MTA should bounce back to sender immediately. All 4xx codes are temporary failures. the MTA should (optionally) retry later, but eventually bounce back to sender if not delivered in X hours/days. Because, like you mentioned later in your message, not all mailers give proper responses. For example, I've see a lot of 5xx codes where the verbal explanation is that the user is over quota. But the *real* problem, I guess, is that I'm seeing so many 5xx's in /var/spool/exim/msglog at *all*. If the sender address is bogus, the bounce notification just hangs around forever, it seems. I'd like to be able to give bounce notifications avout 4 hours to be delivered and then, buh'bye. So, I wrote a little script that goes through all of the msglog files and finds good candidates to toss (ie, "No such user", "Account Terminated", etc.). With just a day's worth of tweaking the script, I've managed to get the pending queue down to about 1/3 of what it was. these sound like 5xx errors, rather than 4xx. exim should be bouncing these, if the remote systems are issuing the correct error codes.if they aren't, there's little you can do about it. Except write a script, I guess. :) one possibility is that there is some error in your configuration which is making permanent errors be treated as temporary (4xx) errors, Well, I haven't tweaked our config too much... BUT it's the config file from when we switched to Exim about 4 years ago, and I haven't allowed Debian to overwrite it with a new one (lest we lose our mods to the config file). So, it might be time to get a new config file and move our changes over by hand. But... if we're going through that much trouble geez... I'd just switch to Courier. - Joe
Re: Exim: Different mail retry times depending upon response from remote host...
Craig Sanders wrote: On Wed, Jan 28, 2004 at 07:23:50PM -0800, Joe Emenaker wrote: Unfortunately, I haven't seen anything in Exim that lets you customize it's retry behavior based upon this. It does offer an "error" field in the retry section, but it's only for some silly hard-coded failure types. why should there be? All 5xx codes are permanent failures. the MTA should bounce back to sender immediately. All 4xx codes are temporary failures. the MTA should (optionally) retry later, but eventually bounce back to sender if not delivered in X hours/days. Because, like you mentioned later in your message, not all mailers give proper responses. For example, I've see a lot of 5xx codes where the verbal explanation is that the user is over quota. But the *real* problem, I guess, is that I'm seeing so many 5xx's in /var/spool/exim/msglog at *all*. If the sender address is bogus, the bounce notification just hangs around forever, it seems. I'd like to be able to give bounce notifications avout 4 hours to be delivered and then, buh'bye. So, I wrote a little script that goes through all of the msglog files and finds good candidates to toss (ie, "No such user", "Account Terminated", etc.). With just a day's worth of tweaking the script, I've managed to get the pending queue down to about 1/3 of what it was. these sound like 5xx errors, rather than 4xx. exim should be bouncing these, if the remote systems are issuing the correct error codes.if they aren't, there's little you can do about it. Except write a script, I guess. :) one possibility is that there is some error in your configuration which is making permanent errors be treated as temporary (4xx) errors, Well, I haven't tweaked our config too much... BUT it's the config file from when we switched to Exim about 4 years ago, and I haven't allowed Debian to overwrite it with a new one (lest we lose our mods to the config file). So, it might be time to get a new config file and move our changes over by hand. But... if we're going through that much trouble geez... I'd just switch to Courier. - Joe -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim: Different mail retry times depending upon response from remote host...
On Wed, Jan 28, 2004 at 07:23:50PM -0800, Joe Emenaker wrote: > You don't have to be a rocket scientist to realize that the following > remote mailer messages give varying degrees of optimism regarding future > delivery: > >550 Requested action not taken: mailbox unavailable >452 Mailbox full >452 Insufficient disk space; try again later >421 Too many concurrent SMTP connections; please try again later. > > With the first, you're pretty sure that the problem is *not* going to be > corrected in the next few days. Meanwhile, the others give you some hope > in waiting. > > Unfortunately, I haven't seen anything in Exim that lets you customize > it's retry behavior based upon this. It does offer an "error" field in > the retry section, but it's only for some silly hard-coded failure types. why should there be? All 5xx codes are permanent failures. the MTA should bounce back to sender immediately. All 4xx codes are temporary failures. the MTA should (optionally) retry later, but eventually bounce back to sender if not delivered in X hours/days. > So, I wrote a little script that goes through all of the msglog files and > finds good candidates to toss (ie, "No such user", "Account Terminated", > etc.). With just a day's worth of tweaking the script, I've managed to get > the pending queue down to about 1/3 of what it was. these sound like 5xx errors, rather than 4xx. exim should be bouncing these, if the remote systems are issuing the correct error codes.if they aren't, there's little you can do about it. one possibility is that there is some error in your configuration which is making permanent errors be treated as temporary (4xx) errors, similar to postfix's "soft_bounce" feature...a useful feature while testing and debugging, but not what you want for normal use. i don't know what this option is called in exim (it's been a few years since i did much with it). > But I figured I'd ask... does anybody already have a script for doing this > (or maybe a better way altogether, since this script has to be explicitly run > periodically)? it shouldn't be necessary. craig
Re: Exim: Different mail retry times depending upon response from remote host...
On Wed, Jan 28, 2004 at 07:23:50PM -0800, Joe Emenaker wrote: > You don't have to be a rocket scientist to realize that the following > remote mailer messages give varying degrees of optimism regarding future > delivery: > >550 Requested action not taken: mailbox unavailable >452 Mailbox full >452 Insufficient disk space; try again later >421 Too many concurrent SMTP connections; please try again later. > > With the first, you're pretty sure that the problem is *not* going to be > corrected in the next few days. Meanwhile, the others give you some hope > in waiting. > > Unfortunately, I haven't seen anything in Exim that lets you customize > it's retry behavior based upon this. It does offer an "error" field in > the retry section, but it's only for some silly hard-coded failure types. why should there be? All 5xx codes are permanent failures. the MTA should bounce back to sender immediately. All 4xx codes are temporary failures. the MTA should (optionally) retry later, but eventually bounce back to sender if not delivered in X hours/days. > So, I wrote a little script that goes through all of the msglog files and > finds good candidates to toss (ie, "No such user", "Account Terminated", > etc.). With just a day's worth of tweaking the script, I've managed to get > the pending queue down to about 1/3 of what it was. these sound like 5xx errors, rather than 4xx. exim should be bouncing these, if the remote systems are issuing the correct error codes.if they aren't, there's little you can do about it. one possibility is that there is some error in your configuration which is making permanent errors be treated as temporary (4xx) errors, similar to postfix's "soft_bounce" feature...a useful feature while testing and debugging, but not what you want for normal use. i don't know what this option is called in exim (it's been a few years since i did much with it). > But I figured I'd ask... does anybody already have a script for doing this > (or maybe a better way altogether, since this script has to be explicitly run > periodically)? it shouldn't be necessary. craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim address aliased to a script
On Fri, 2 Jan 2004 20:31:34 -0600 (CST), "Rod Rodolico" <[EMAIL PROTECTED]> wrote: >Obviously, it wants to know the user that command should be executed by (the >correct answer, I >think, is www-data). It works when I set address_pipe to run as www-data, but >I'm sure that is >not the correct answer. And, I'd prefer to not modify exim.conf if possible. >At least for >this. The clean way would be to modify exim.conf. All other ways I can think of would allow execution of other code in some circumstances. And please, consider migrating to exim 4. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber | " Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
Re: Exim address aliased to a script
On Fri, 2 Jan 2004 20:31:34 -0600 (CST), "Rod Rodolico" <[EMAIL PROTECTED]> wrote: >Obviously, it wants to know the user that command should be executed by (the correct >answer, I >think, is www-data). It works when I set address_pipe to run as www-data, but I'm >sure that is >not the correct answer. And, I'd prefer to not modify exim.conf if possible. At least >for >this. The clean way would be to modify exim.conf. All other ways I can think of would allow execution of other code in some circumstances. And please, consider migrating to exim 4. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber | " Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim accepting mail from specific hosts
Adam Dawes wrote: Yes, that was part of the plan, to point my mx records to my provider. Therefore, any connections to my port 25 should be from only folks that are port scanning (sounds like a spammer to me). Think this is best done as a firewall issue or via David's host_reject option? thanks, Adam Dave Watkins wrote: Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Depends on what logging you want (or more precisly where you want it logged) and the load you can handle. Also perhaps how often and how many other connections you will want to allow (if any). If you want to log all the failed connections and don't want another log to go through to see who's trying to connect then obviously letting exim do it would be preferable, this is assuming your machine can handle the load of spawning exim processes for no real purpose other than logging but I don't think that would be a problem. This would also be better if you want to allow some server(s) to connect directly otherwise you will have to maintain firewall setup that will get more and more complicated as the number of allowed hosts increases. If you're not concerned about logging or are happy to log to another file, and you won't be recieving mail from anyone other than this single host then a firewall would probably be the better option. Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam
Re: Exim accepting mail from specific hosts
Adam Dawes wrote: Yes, that was part of the plan, to point my mx records to my provider. Therefore, any connections to my port 25 should be from only folks that are port scanning (sounds like a spammer to me). Think this is best done as a firewall issue or via David's host_reject option? thanks, Adam Dave Watkins wrote: Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Depends on what logging you want (or more precisly where you want it logged) and the load you can handle. Also perhaps how often and how many other connections you will want to allow (if any). If you want to log all the failed connections and don't want another log to go through to see who's trying to connect then obviously letting exim do it would be preferable, this is assuming your machine can handle the load of spawning exim processes for no real purpose other than logging but I don't think that would be a problem. This would also be better if you want to allow some server(s) to connect directly otherwise you will have to maintain firewall setup that will get more and more complicated as the number of allowed hosts increases. If you're not concerned about logging or are happy to log to another file, and you won't be recieving mail from anyone other than this single host then a firewall would probably be the better option. Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim accepting mail from specific hosts
Yes, that was part of the plan, to point my mx records to my provider. Therefore, any connections to my port 25 should be from only folks that are port scanning (sounds like a spammer to me). Think this is best done as a firewall issue or via David's host_reject option? thanks, Adam Dave Watkins wrote: Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam
Re: Exim accepting mail from specific hosts
Yes, that was part of the plan, to point my mx records to my provider. Therefore, any connections to my port 25 should be from only folks that are port scanning (sounds like a spammer to me). Think this is best done as a firewall issue or via David's host_reject option? thanks, Adam Dave Watkins wrote: Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim accepting mail from specific hosts
> > What do I need to stick in my exim.conf to accept mail from just those > hosts that will be processing my mail? > host_reject should do the trick, assuming you are running woody with 3.3x
Re: Exim accepting mail from specific hosts
Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam
Re: Exim accepting mail from specific hosts
> > What do I need to stick in my exim.conf to accept mail from just those > hosts that will be processing my mail? > host_reject should do the trick, assuming you are running woody with 3.3x. Check out the docs at http://www.exim.org/exim-html-3.30/doc/html/spec_46.html#SEC824 If you are running exim4, you can use one of those handy-dandy ACLs that everyone talks about. See docs athttp://www.exim.org/exim-html-4.20/doc/html/spec_37.html#CHAP37 -davidc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim accepting mail from specific hosts
Configuring Exim to do this would seem like a bad idea, in that your machine then has to accept a connection to determine if you do in fact even want to accept the mail. Ideally you would get the MX record for your domain pointing to your providers mail server (with perhaps a backup MX pointing to yours. That way under normal conditions mail will be routed through your providers mail servers unless they are down, and if they are down it will be routed to you. This will probably require some configuration changes on your providers servers but nothing major (just a routing line in a config file). The other option would be to firewall off port 25 for inbound traffic unless it came from your providers mail server, although this is much less elegant Dave Adam Dawes wrote: Hi, I've implemented a spam service where a provider is filtering all my domain's mail before it hits my server. I want to lock down my mail server so it only accepts mail from those machines to prevent spammers from mailing directly to my host and doing directory harvests. What do I need to stick in my exim.conf to accept mail from just those hosts that will be processing my mail? thanks, Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
I tried Chris' approach below and that didn't seem to work either. But following Dale's suggestion of using * instead of localhost. Just for the future googlers, here's what I added to the top of my routers section to store and forward for exim 3: store_and_forward: driver = domainlist transport = remote_smtp route_list = "* smtp.myisp.net" thanks for the help! Adam On Thu, 20 Nov 2003, Dale E Martin wrote: > > If you don't want to upgrade to version 4, then try adding the > > following as the very last router: > > > > smart_route: > > driver = domainlist > > transport = remote_smtp > > route_list = * smtp.myisp.net bydns_a > > If you make it the very last router, then you need to comment out the > direct_remote: one that is (probably) currently the last one. Basically > what the original poster had was OK except that their route_list specified > to use that route only for "localhost", not "*" iirc. > > Take care, > Dale > -- > Dale E. Martin, Clifton Labs, Inc. > Senior Computer Engineer > [EMAIL PROTECTED] > http://www.cliftonlabs.com > pgp key available > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: Exim store and forward
I tried Chris' approach below and that didn't seem to work either. But following Dale's suggestion of using * instead of localhost. Just for the future googlers, here's what I added to the top of my routers section to store and forward for exim 3: store_and_forward: driver = domainlist transport = remote_smtp route_list = "* smtp.myisp.net" thanks for the help! Adam On Thu, 20 Nov 2003, Dale E Martin wrote: > > If you don't want to upgrade to version 4, then try adding the > > following as the very last router: > > > > smart_route: > > driver = domainlist > > transport = remote_smtp > > route_list = * smtp.myisp.net bydns_a > > If you make it the very last router, then you need to comment out the > direct_remote: one that is (probably) currently the last one. Basically > what the original poster had was OK except that their route_list specified > to use that route only for "localhost", not "*" iirc. > > Take care, > Dale > -- > Dale E. Martin, Clifton Labs, Inc. > Senior Computer Engineer > [EMAIL PROTECTED] > http://www.cliftonlabs.com > pgp key available > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
> If you don't want to upgrade to version 4, then try adding the > following as the very last router: > > smart_route: > driver = domainlist > transport = remote_smtp > route_list = * smtp.myisp.net bydns_a If you make it the very last router, then you need to comment out the direct_remote: one that is (probably) currently the last one. Basically what the original poster had was OK except that their route_list specified to use that route only for "localhost", not "*" iirc. Take care, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available
Re: Exim store and forward
> If you don't want to upgrade to version 4, then try adding the > following as the very last router: > > smart_route: > driver = domainlist > transport = remote_smtp > route_list = * smtp.myisp.net bydns_a If you make it the very last router, then you need to comment out the direct_remote: one that is (probably) currently the last one. Basically what the original poster had was OK except that their route_list specified to use that route only for "localhost", not "*" iirc. Take care, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
On Wed, 19 Nov 2003, Adam Dawes wrote: > I tried commenting out my snippet and adding yours in the beginning of the > routers section. That ended up totally hosing my smtp. Pine gave me an > error saying that the smtp server was unavailable when I tried testing it. > > Where exactly should I put your snippet in my exim file? And do I need to > remove the snippet that I suggested below? hmm... I know why it didn't; you're using version 3 (from your sent mail headers): Exim 3.35 #1 (Debian) I was refering to version 4 which is a very different animal requiring a different config. If you don't want to upgrade to version 4, then try adding the following as the very last router: smart_route: driver = domainlist transport = remote_smtp route_list = * smtp.myisp.net bydns_a Cheers, Chris Foote <[EMAIL PROTECTED]> _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au
Re: Exim store and forward
On Wed, 19 Nov 2003, Adam Dawes wrote: > I tried commenting out my snippet and adding yours in the beginning of the > routers section. That ended up totally hosing my smtp. Pine gave me an > error saying that the smtp server was unavailable when I tried testing it. > > Where exactly should I put your snippet in my exim file? And do I need to > remove the snippet that I suggested below? hmm... I know why it didn't; you're using version 3 (from your sent mail headers): Exim 3.35 #1 (Debian) I was refering to version 4 which is a very different animal requiring a different config. If you don't want to upgrade to version 4, then try adding the following as the very last router: smart_route: driver = domainlist transport = remote_smtp route_list = * smtp.myisp.net bydns_a Cheers, Chris Foote <[EMAIL PROTECTED]> _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
I tried commenting out my snippet and adding yours in the beginning of the routers section. That ended up totally hosing my smtp. Pine gave me an error saying that the smtp server was unavailable when I tried testing it. Where exactly should I put your snippet in my exim file? And do I need to remove the snippet that I suggested below? thanks a lot! Adam On Thu, 20 Nov 2003, Chris Foote wrote: > On Wed, 19 Nov 2003, Adam Dawes wrote: > > > I've running exim as my mta on my home gateway machine which is connected > > via a fixed IP DSL line. I'm having increasing trouble getting my mail > > through as other sites (rightly) find messages coming from a block of dsl > > addresses suspicious. I want to have exim forward my outgoing messages to > > my internet provider's smtp server which is obviously more legit than > > mine. I've added the following at the top of the routers section of my > > exim.conf file. > > > > store_and_forward: > > driver = domainlist > > transport = remote_smtp > > route_list = "localhost smtp.myisp.net" > > > > When I send mail from my server and look at the headers, there's no > > indication that it actually got forwarded on to my isp's smtp server. What > > am I missing here? > > You need to use manualroute for non-local domains, as per: > > smarthost: > driver = manualroute > domains = !+local_domains > transport = remote_smtp > route_list = * smtp.myisp.net > > or alternatively: > > smarthost: > driver = manualroute > transport = remote_smtp > route_list = !+local_domains smtp.myisp.net > > > Grab a copy of the author's new Exim book from > http://www.uit.co.uk/exim-book/ > > > Chris Foote <[EMAIL PROTECTED]> > _ _ _Jabber: [EMAIL PROTECTED] > (_)| | | | Director - INETD PTY LTD > _ _ __ ___ | |___| | Level 2, 132 Franklin St > | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 > | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au > |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 > > Inetd supports: > Linux.Conf.Au Adelaide Jan 12-17 2004 > Australia's Premier Linux Conference > http://lca2004.linux.org.au > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim store and forward
I tried commenting out my snippet and adding yours in the beginning of the routers section. That ended up totally hosing my smtp. Pine gave me an error saying that the smtp server was unavailable when I tried testing it. Where exactly should I put your snippet in my exim file? And do I need to remove the snippet that I suggested below? thanks a lot! Adam On Thu, 20 Nov 2003, Chris Foote wrote: > On Wed, 19 Nov 2003, Adam Dawes wrote: > > > I've running exim as my mta on my home gateway machine which is connected > > via a fixed IP DSL line. I'm having increasing trouble getting my mail > > through as other sites (rightly) find messages coming from a block of dsl > > addresses suspicious. I want to have exim forward my outgoing messages to > > my internet provider's smtp server which is obviously more legit than > > mine. I've added the following at the top of the routers section of my > > exim.conf file. > > > > store_and_forward: > > driver = domainlist > > transport = remote_smtp > > route_list = "localhost smtp.myisp.net" > > > > When I send mail from my server and look at the headers, there's no > > indication that it actually got forwarded on to my isp's smtp server. What > > am I missing here? > > You need to use manualroute for non-local domains, as per: > > smarthost: > driver = manualroute > domains = !+local_domains > transport = remote_smtp > route_list = * smtp.myisp.net > > or alternatively: > > smarthost: > driver = manualroute > transport = remote_smtp > route_list = !+local_domains smtp.myisp.net > > > Grab a copy of the author's new Exim book from > http://www.uit.co.uk/exim-book/ > > > Chris Foote <[EMAIL PROTECTED]> > _ _ _Jabber: [EMAIL PROTECTED] > (_)| | | | Director - INETD PTY LTD > _ _ __ ___ | |___| | Level 2, 132 Franklin St > | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 > | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au > |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 > > Inetd supports: > Linux.Conf.Au Adelaide Jan 12-17 2004 > Australia's Premier Linux Conference > http://lca2004.linux.org.au > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: Exim store and forward
On Wed, 19 Nov 2003, Adam Dawes wrote: > I've running exim as my mta on my home gateway machine which is connected > via a fixed IP DSL line. I'm having increasing trouble getting my mail > through as other sites (rightly) find messages coming from a block of dsl > addresses suspicious. I want to have exim forward my outgoing messages to > my internet provider's smtp server which is obviously more legit than > mine. I've added the following at the top of the routers section of my > exim.conf file. > > store_and_forward: > driver = domainlist > transport = remote_smtp > route_list = "localhost smtp.myisp.net" > > When I send mail from my server and look at the headers, there's no > indication that it actually got forwarded on to my isp's smtp server. What > am I missing here? You need to use manualroute for non-local domains, as per: smarthost: driver = manualroute domains = !+local_domains transport = remote_smtp route_list = * smtp.myisp.net or alternatively: smarthost: driver = manualroute transport = remote_smtp route_list = !+local_domains smtp.myisp.net Grab a copy of the author's new Exim book from http://www.uit.co.uk/exim-book/ Chris Foote <[EMAIL PROTECTED]> _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au
Re: Exim store and forward
On Wed, 19 Nov 2003, Adam Dawes wrote: > I've running exim as my mta on my home gateway machine which is connected > via a fixed IP DSL line. I'm having increasing trouble getting my mail > through as other sites (rightly) find messages coming from a block of dsl > addresses suspicious. I want to have exim forward my outgoing messages to > my internet provider's smtp server which is obviously more legit than > mine. I've added the following at the top of the routers section of my > exim.conf file. > > store_and_forward: > driver = domainlist > transport = remote_smtp > route_list = "localhost smtp.myisp.net" > > When I send mail from my server and look at the headers, there's no > indication that it actually got forwarded on to my isp's smtp server. What > am I missing here? You need to use manualroute for non-local domains, as per: smarthost: driver = manualroute domains = !+local_domains transport = remote_smtp route_list = * smtp.myisp.net or alternatively: smarthost: driver = manualroute transport = remote_smtp route_list = !+local_domains smtp.myisp.net Grab a copy of the author's new Exim book from http://www.uit.co.uk/exim-book/ Chris Foote <[EMAIL PROTECTED]> _ _ _Jabber: [EMAIL PROTECTED] (_)| | | | Director - INETD PTY LTD _ _ __ ___ | |___| | Level 2, 132 Franklin St | | | '_ \ / _ \ | __| / _` | Adelaide SA 5000 | | | | | | | __/ | |_ | (_| | Web: http://www.inetd.com.au |_| |_| |_| \___| \__| \__,_| Phone: (08) 8410 4566 Inetd supports: Linux.Conf.Au Adelaide Jan 12-17 2004 Australia's Premier Linux Conference http://lca2004.linux.org.au -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim config
This one time, at band camp, Craig said: > Hi Guys > > Does anyone happen to know how I could have Exim parse a text file with > a list of users in, if they are in the file to send mail to another an > exhange server else deliver to local mailbox ? > > Any suggestions would be welcomed. I'd take a look at the aliasfile driver - you can have a file set up similar to /etc/aliases, and redirect those addresses. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Exim config
This one time, at band camp, Craig said: > Hi Guys > > Does anyone happen to know how I could have Exim parse a text file with > a list of users in, if they are in the file to send mail to another an > exhange server else deliver to local mailbox ? > > Any suggestions would be welcomed. I'd take a look at the aliasfile driver - you can have a file set up similar to /etc/aliases, and redirect those addresses. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: exim SMTP AUTH
Not specific to exim, because I use postfix+sasl and PAM as method. But I had the same problem. But the suggest from this list, I had to make postfix to included in group "shadow" since /etc/shadow is belong to shadow group, and postfix belong to group postfix. YMMV On Tue, Sep 23, 2003 at 11:25:09AM +0100, Antony Gelberg wrote: > Hi all, > > I'm trying to set up SMTP AUTH with the LOGIN method. I see AUTH LOGIN as a > response to EHLO. I have created /etc/exim/passwd with contents: > bobBob123 > > I converted the username and password to base64, for testing: > echo -n '\0bob\0Bob123'| mimencode > XDBib2JcMEJvYjEyMw== > > > This is what I get: > www:/etc/exim# exim -bh 127.0.0.1 > > SMTP testing session as if from host 127.0.0.1 > Not for real! > > >>> host in host_lookup? yes (*) > >>> looking up host name for 127.0.0.1 > >>> IP address lookup yielded www > >>> Alias www.bob.com > >>> Alias localhost > >>> Alias localhost.localdomain > >>> host in host_reject? no (option unset) > >>> host in host_reject_recipients? no (option unset) > >>> host in auth_hosts? no (option unset) > >>> host in sender_unqualified_hosts? no (option unset) > >>> host in receiver_unqualified_hosts? no (option unset) > >>> host in helo_verify? no (option unset) > >>> host in helo_accept_junk_hosts? no (option unset) > 220 www.bob.com ESMTP Exim 3.35 #1 Tue, 23 Sep 2003 03:10:07 -0700 > ehlo pulse > 250-www.bob.com Hello www [127.0.0.1] > 250-SIZE > 250-PIPELINING > 250-AUTH LOGIN > 250 HELP > auth login XDBib2JcMEJvYjEyMw== > 334 UGFzc3dvcmQ6 > > >>> login authenticator: > >>> $1 = \0bob\0Bob123 > >>> expanded string: 0 > 535 Incorrect authentication data > LOG: Authentication failed for www (bob) [127.0.0.1]: 535 Incorrect > authentication data > quit > 221 www.bob.com closing connection > > Any ideas? I've looked in the exim docs and have no idea where I'm going > wrong. > > Antony > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > signature.asc Description: Digital signature
Re: exim SMTP AUTH
Hi Antony, Are you sure that exim is not expecting encrypted passwords in the /etc/exim/passwd file? I am not an exim expert but I suspect that may be an issue. You might want to paste the relevant snippet from your exim config file. Cheers, Fred. On Tue, 2003-09-23 at 11:25, Antony Gelberg wrote: > Hi all, > > I'm trying to set up SMTP AUTH with the LOGIN method. I see AUTH LOGIN as a > response to EHLO. I have created /etc/exim/passwd with contents: > bobBob123 > > I converted the username and password to base64, for testing: > echo -n '\0bob\0Bob123'| mimencode > XDBib2JcMEJvYjEyMw== > > > This is what I get: > www:/etc/exim# exim -bh 127.0.0.1 > > SMTP testing session as if from host 127.0.0.1 > Not for real! > > >>> host in host_lookup? yes (*) > >>> looking up host name for 127.0.0.1 > >>> IP address lookup yielded www > >>> Alias www.bob.com > >>> Alias localhost > >>> Alias localhost.localdomain > >>> host in host_reject? no (option unset) > >>> host in host_reject_recipients? no (option unset) > >>> host in auth_hosts? no (option unset) > >>> host in sender_unqualified_hosts? no (option unset) > >>> host in receiver_unqualified_hosts? no (option unset) > >>> host in helo_verify? no (option unset) > >>> host in helo_accept_junk_hosts? no (option unset) > 220 www.bob.com ESMTP Exim 3.35 #1 Tue, 23 Sep 2003 03:10:07 -0700 > ehlo pulse > 250-www.bob.com Hello www [127.0.0.1] > 250-SIZE > 250-PIPELINING > 250-AUTH LOGIN > 250 HELP > auth login XDBib2JcMEJvYjEyMw== > 334 UGFzc3dvcmQ6 > > >>> login authenticator: > >>> $1 = \0bob\0Bob123 > >>> expanded string: 0 > 535 Incorrect authentication data > LOG: Authentication failed for www (bob) [127.0.0.1]: 535 Incorrect > authentication data > quit > 221 www.bob.com closing connection > > Any ideas? I've looked in the exim docs and have no idea where I'm going > wrong. > > Antony -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim problem mails stucks in /var/spool/exim/input/
On Tue, Sep 16, 2003 at 14:48:07 -0300, UnKnown wrote: > The problem is that the input dir is fill with file of the tipe > 19yvpW-0001Fz-00-D and we try to reproces the queue with exim -fq but with > no success. Have you tried studying the output of "exim -v -M 19yvpW-0001Fz-00" (note, no -D or -H suffix)? HTH, Ray -- "When you are finished spreading joy on Christmas Eve, come and kick back with me and Erwin for a while. [...] We'll provide the cocoa and cookies, and we'll even teach you how to play Quake." From the Dust Puppy's letter to Santa Claus. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim problem mails stucks in /var/spool/exim/input/
Thx, for the tip y will be working on it. Cheers, rak On Tue, Sep 16, 2003 at 11:39:45PM -0500, Rod Rodolico wrote: > On a mail server with any kind of traffic, this directory should have some files in > it most of > the time. There should be a file with a -H at the end that matches the -D. Look in > /etc/cron.d/exim and see when the incoming messages are processed (standard install > is every > 15 minutes). If I understand correctly, exim is called when an incoming message is > received, > and it puts the message in /var/spool/exim/input. Then, every 15 minutes, another > copy is > started which processes the files and delivers them. So, this directory should have > files in > it most of the time. > > However, if the files stay there for a while, they may be frozen. Try the following: > > exim -bp | grep "*** frozen ***" > > I get a lot of frozen messages on my server and, after looking at them, simply > delete them. I > do this with the following Perl script. THIS SCRIPT DOES NO ERROR CHECKING. Do not > use it > unless you know you want to delete all frozen messages. > > Rod > > #! /usr/bin/perl -w > `exim -bp | grep "*** frozen ***" > unfreeze.txt`; > my $badmessages; > open BADMAIL, " while ( $line = ) { >my ( $time, $size, $messagenumber, $sender, $status ) = split( ' ', $line ); >print "Time on queue => $time\tSize=>$size\tMessage #=>$messagenumber\n"; >$badmessages .= ' ' . $messagenumber; > } > close BADMAIL; > `exim -Mrm $badmessages`; > 1; > > > Hi people, > > Got some problems here im runing a Debian Woody, the system is up to > > date and the mail server is exim with amavis and McAfee uvscan antivirus. > > For some reason that I couldn't find out the mail is beeing stored > > in the /var/spool/exim/input directory and not deliver to its destinated > > users on the system. The amavis config has been double check and its ok and > > the exim it self has no special configuration it is the MX server on the > > domain and has a couple of secondary names... > > The problem is that the input dir is fill with file of the tipe > > 19yvpW-0001Fz-00-D and we try to reproces the queue with exim -fq but with > > no success. > > If anyone got a clue of what is happening or can point me to some > > "good" reading I would be thanks. > > > > Cheers, > > rak > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > > > > > -- > BRITANNUS(shocked): Caesar, this is not proper. > THEODOTUS(outraged): How? > CAESAR (recovering his self-possession): Pardon him, Theodotus: he is a barbarian, > and thinks > that the customs of his tribe and island are the laws of nature. > Caesar and Cleopatra, Act II > --George Bernard Shaw -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim (v3) - How to configure a backup MX?
> I'm wondering how it's possible to configure Exim as a Backup-MX for my > Primary-MX. The Backup-MX should recieve all Mails adressed to him and > try every x Minutes (let x be 5) to forward them to the primary MX. In > case this fails it should keep on trying for an unlimited time. All you do is add the primary's domain to the domains you'll relay for. Say the domain you want a secondary for is "primary.com", and the secondary MX will be on "mail.secondary.com". Then in your exim config in "mail.secondary.com", you'd put: relay_domains = primary.com Now, when mail flows in for "primary.com", you'll queue it and attempt to deliver it as per the normal rules. Later, Dale -- Dale E. Martin, Clifton Labs, Inc. Senior Computer Engineer [EMAIL PROTECTED] http://www.cliftonlabs.com pgp key available -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Exim Reverse Lookup
Rudiger, Mein Deutsch ist sehr slecht, aber: Die Debian mailinglist ist ein Engelse sprache mailinglist. In English: the debian mailinglists are all in English, unless stated otherwise. See www.debian.org for details. Maybe there are also German language ones, check this out on www.debian.org. For now: please state your question in English so we can understand your problem :) Pim - PingWings - - - - - - - - - - - - - - - - - - - - - M: 06-28474259 E: [EMAIL PROTECTED] I: www.pingwings.nl - -Original Message- From: Ruediger Pryss - Elitec.Info [mailto:[EMAIL PROTECTED] Sent: donderdag 17 juli 2003 2:08 To: [EMAIL PROTECTED] Subject: Exim Reverse Lookup Hallo zusammen, ich habe folgende Frage. Ich habe einen root-Server von 1und1. Auf dieser Kiste läuft debian woody mit einem exim 4.20. Nun zum Problem. Ein Connect zum exim dauert ca. 90 Sekunden, ich vermute einfach mal, dass dies die Zeit ist, die für den reverse lookup gebraucht wird. Diese Verzögerung tritt allerdings nur auf, wenn ich mich von meinem Heimarbeitsplatz über T-Online einwähle. Telnete ich exim z.b. über einen Uni- zugang an, dauert das connecten gerade mal 1s. Den Mail- server von 1und1 erreiche ich ja auch mit meinem T-Online Zugang nach dieser knappen Sekunde. Was könnte ich nun eventuell anders einstellen, so dass dieser lookup konstant 1 Sekunde beträgt, oder anders gefragt, was habe ich eventuell auf dem root-Server falsch eingestellt. Es läuft ein bind9 und 1und1 stellt den Secondary DNS. Gruß, Rüdiger -- Elitec Computersysteme Fon 07322 / 9333444 Braunenbergweg 8Fax 07322 / 958794 89537 Giengen mobil 0173 / 8734229 -- Internet www.elitec.infomail [EMAIL PROTECTED] -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim + LDAP + Maildir
I use courier, and the schema which is packaged with courier-ldap (/usr/share/doc/...). ldap_alias: driver = aliasfile forbid_file forbid_pipe search_type = ldapm query=ldap:///dc=maildc,dc=rootdc?maildrop?sub?([EMAIL PROTECTED] ) ldapuser: driver = smartuser local_parts = ${lookup ldap{ldap:///dc=maildc,dc=rootdc?uid?sub?([EMAIL PROTECTED])}{${l ocal_part}}} home_directory = ${lookup ldap{ldap:///dc=maildc,dc=rootdc?homeDirectory?sub?([EMAIL PROTECTED] ain})}{${value}}fail} transport = ldap_delivery I use these as directors. Voodooman - Original Message - From: "Craig" <[EMAIL PROTECTED]> To: "Debian-ISP" Sent: Thursday, July 03, 2003 1:36 PM Subject: Exim + LDAP + Maildir > Hi Fellows > > Does anyone have directors for exim to integrate with LDAP > using Maildir format ? > > Thanks > Craig > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > >
Re: Exim + LDAP + Maildir
I use courier, and the schema which is packaged with courier-ldap (/usr/share/doc/...). ldap_alias: driver = aliasfile forbid_file forbid_pipe search_type = ldapm query=ldap:///dc=maildc,dc=rootdc?maildrop?sub?([EMAIL PROTECTED] ) ldapuser: driver = smartuser local_parts = ${lookup ldap{ldap:///dc=maildc,dc=rootdc?uid?sub?([EMAIL PROTECTED])}{${l ocal_part}}} home_directory = ${lookup ldap{ldap:///dc=maildc,dc=rootdc?homeDirectory?sub?([EMAIL PROTECTED] ain})}{${value}}fail} transport = ldap_delivery I use these as directors. Voodooman - Original Message - From: "Craig" <[EMAIL PROTECTED]> To: "Debian-ISP" <[EMAIL PROTECTED]> Sent: Thursday, July 03, 2003 1:36 PM Subject: Exim + LDAP + Maildir > Hi Fellows > > Does anyone have directors for exim to integrate with LDAP > using Maildir format ? > > Thanks > Craig > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: exim + courier-IMAP + MySQL
May I suggest postfix as an MTA if your keen on doing *sql lookups. I found the best solution for mass mailing host is postfix + amavisd-new + spamassassin + razor + clamd + mysql + courier-imap/pop3 . There's plenty of howto's around for it. -Original Message- From: Jos Elkink [mailto:[EMAIL PROTECTED] Sent: Thursday, 3 July 2003 10:18 PM To: debian-isp@lists.debian.org Hi all, I am trying to set up a mailserver that can handle virtual mail users for different domains on one IP / server. For this, I am following the guide on this page: http://www.tty1.net/virtual_domains_en.html I am only halfway - did not start with the Exim part yet - and something is not working. When I test it through telnet, I get: flizzle:~# telnet localhost imap Trying 127.0.0.1... Connected to flizzle. Escape character is '^]'. * OK Courier-IMAP ready. Copyright 1998-2002 Double Precision, Inc. See COPYING for distribution information. 1 login [EMAIL PROTECTED] *** * BYE [ALERT] Fatal error: Maildir: Permission denied Connection closed by foreign host. *** Of course being my password. Now the problem seems obvious - the wrong permissions to the Maildir folders. However, when I change those to complete public access (just to test, I know it's not secure), it doesn't help. Can this error mean something else? In other words, who has no permission to what exactly? :) Any help would be very welcome - also if the suggestion is to have a completely different setup. What I need is virtual users, webmail, and pop access. And mySQL seemed the easiest, as I work a lot with mySQL, so I know how to handle it. Yours, Jos Elkink flizzle.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: exim + courier-IMAP + MySQL
May I suggest postfix as an MTA if your keen on doing *sql lookups. I found the best solution for mass mailing host is postfix + amavisd-new + spamassassin + razor + clamd + mysql + courier-imap/pop3 . There's plenty of howto's around for it. -Original Message- From: Jos Elkink [mailto:[EMAIL PROTECTED] Sent: Thursday, 3 July 2003 10:18 PM To: [EMAIL PROTECTED] Hi all, I am trying to set up a mailserver that can handle virtual mail users for different domains on one IP / server. For this, I am following the guide on this page: http://www.tty1.net/virtual_domains_en.html I am only halfway - did not start with the Exim part yet - and something is not working. When I test it through telnet, I get: flizzle:~# telnet localhost imap Trying 127.0.0.1... Connected to flizzle. Escape character is '^]'. * OK Courier-IMAP ready. Copyright 1998-2002 Double Precision, Inc. See COPYING for distribution information. 1 login [EMAIL PROTECTED] *** * BYE [ALERT] Fatal error: Maildir: Permission denied Connection closed by foreign host. *** Of course being my password. Now the problem seems obvious - the wrong permissions to the Maildir folders. However, when I change those to complete public access (just to test, I know it's not secure), it doesn't help. Can this error mean something else? In other words, who has no permission to what exactly? :) Any help would be very welcome - also if the suggestion is to have a completely different setup. What I need is virtual users, webmail, and pop access. And mySQL seemed the easiest, as I work a lot with mySQL, so I know how to handle it. Yours, Jos Elkink flizzle.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: exim + courier-IMAP + MySQL
> >Any help would be very welcome - also if the suggestion is to have a >completely different setup. What I need is virtual users, webmail, and >pop access. And mySQL seemed the easiest, as I work a lot with mySQL, so >I know how to handle it. I use a similar configuration as yours, concretely Qmail + Vpopmail (virtual users) + Courier IMAP and MySQL autenthification, I you need help regarding that configuration I could help. As you have sayd you still dont have exim installed and thats maybe why you cannot access Maildirs, because maybe there are no maildirs to access?. Perhaps if you could start your Courier Imap with strace, you could know what files or directories it is trying to open. Mario.
Re: exim + courier-IMAP + MySQL
> >Any help would be very welcome - also if the suggestion is to have a >completely different setup. What I need is virtual users, webmail, and >pop access. And mySQL seemed the easiest, as I work a lot with mySQL, so >I know how to handle it. I use a similar configuration as yours, concretely Qmail + Vpopmail (virtual users) + Courier IMAP and MySQL autenthification, I you need help regarding that configuration I could help. As you have sayd you still dont have exim installed and thats maybe why you cannot access Maildirs, because maybe there are no maildirs to access?. Perhaps if you could start your Courier Imap with strace, you could know what files or directories it is trying to open. Mario. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exim(woody) & amavis-ng(testing)
On Thu, 8 May 2003 18:38:58 -0300, UnKnown <[EMAIL PROTECTED]> wrote: >I wont to confirm that the exim in woody is not compile with the perl >option Yes. You need to recompile exim with embedded perl. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber | " Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
Re: Exim 4 giving trouble compiling on woody HELP
On Thu, 1 May 2003 16:17:20 +0200 (SAST), "Gregory Machin" <[EMAIL PROTECTED]> wrote: >This is my make output . >As far as i can the all the files that arequired on the system are there. >and the Makefile is set to point to the correct loactions. I know that I am late to answer, but I would recommend taking the exim 4 sources from unstable and build them on stable. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber | " Questions are the | Mailadresse im Header Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15 Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
Re: Exim from source
Craig wrote: I have compiled the exim 4.20 from source and would like to install it on my deb box, however it already has the version that comes with woody installed and I cannot remove it because of dependancy problems. One way to do it is to use the equivs package, which is basically a fake package that lies to dpkg and satisfies dependencies. The APT HOWTO at http://www.debian.org/doc/manuals/apt-howto/ch-helpers.en.html describes how to use it, and even uses an MTA as the example case. Note, however, that the package information page at http://packages.debian.org/stable/admin/equivs.html uses language like "crude hack" to describe itself. If there's Debian packaging information for 4.20, I'd strongly recommend just building a new Debian package file and installing /it/ instead. -- Asher Densmore-Lynn <[EMAIL PROTECTED]>
Re: Exim from source
Create an empty dummy-package that solves the dependencies. This link should help you: http://www.debian.org/doc/manuals/apt-howto/ch-helpers.en.html#s-equivs "Craig" <[EMAIL PROTECTED]> wrote on Mon, 19 May 2003 12:02:51 +0200: > I have compiled the exim 4.20 from source and would like to install it > on my deb box, however it already has the version that comes with woody > installed and I cannot remove it because of dependancy problems. > Any ideas ? Mit freundlichen Gruessen / Best regards Dominik Schulz
Re: exim 4 on woody PLEAESE HELP
On Thu, 1 May 2003 02:18 am, [EMAIL PROTECTED] wrote: > I get the following errors when compiling exim this seems to indecate a > missing library. > > make[1]: *** [exim_dumpdb.o] Error 1 > make[1]: Leaving directory > '/home/installs/exim/exim-4.14/build-Linux-i386' > make: *** [go] Error 2 > > could you also give me an idea on how to find out wich libraries it's > looking for when i get these errors, so i can resolve them my self. That error message isn't terribly informative. Was there any output just above it? Usually that's where the breakdown is, and you can check the gcc command line it was using to see what libraries it was trying to load.. t -- GPG : http://n12turbo.com/tarragon/public.key
Re: Exim
Craig wrote: I have set message size restrictions in exim and it tells me in the logs when they are to big however I would like to have a response generated and sent to the recipient too, telling him/her that the message was too large. It is kinda hard to make it *not* do that. Have you looked at the Exim FAQ and documentation? Please tell us more about your configuration. -- Mark [EMAIL PROTECTED]
Re: exim and sql
On Sat, 2003-03-22 at 16:05, Grzesiek Sedek wrote: > Hi all, > I'll be setting up a student mail server, the idea is that each student > will have a email (webmail), and their login will let them log in to > intranet site as well. > So I probably loking on some kind of exim - sql setup? I think you're looking for some exim + ldap setup, I consider ldap simpler to use for user databases than sql. -m-
Re: exim and sql
On Sat, 2003-03-22 at 16:05, Grzesiek Sedek wrote: > Hi all, > I'll be setting up a student mail server, the idea is that each student > will have a email (webmail), and their login will let them log in to > intranet site as well. > So I probably loking on some kind of exim - sql setup? I think you're looking for some exim + ldap setup, I consider ldap simpler to use for user databases than sql. -m- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]