Re: [exim] require verify = sender description
Chris Siebenmann (Fr 07 Apr 2017 17:16:34 CEST):
> > how does verify = sender work. I can't find anything that says what
> > it does exactly in the docs. I'm seeing a valid sender get rejected
> > several times before being finally accepted.
>
> As Jeremy Harris covered, 'verify = sender' attempts to route the
> sender address and uses the result. One consequence of this is that
> you can manually test whether a sender address will route and why
> it's failing with 'exim -bt ', possibly adding debug flags
> as necessary to extract things like DNS failure information.
I believe, it's not 100% correct. The *verifcation* can be simulated by
using `exim -bv ` for recipient addresses, and `exim -bvs
` for sender addresses.
The distinction is important, since there might be routers that are not
responsible for one or the other kind of address.
`exim -bt ` does a routing test, not a verification test,
though in most cases the tests are almost identical (modulo permission
issues, if I remember well. -bt runs with root permissions, as -bv
doesn't, or the other way round. There was some kind of logic, but just
now I do not recall…)
Yes, I think, -bt uses root permissions, as the real routing runs with
root permissions too, because it might need access to ~/.forward files
and such. The root/non-root isn't important, as long as no external
files are involved.
But as always, I may be wrong.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 -
signature.asc
Description: PGP signature
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Discard mail to certain recipients if the subject matches a string
No I haven't. This could be already fixed in a newer jem version. 2017-04-07 15:26 GMT+03:00 Jeremy Harris : > On 07/04/17 12:04, Александр Кириллов via Exim-users wrote: > > Thanks for this one. It helps. > > > > # In particular, the Exim maintainers have had multiple reports of > problems > > # from Russian administrators of issues until they disable this check, > > # because of some popular, yet buggy, mail composition software. > > > > And the prize for the popular, yet buggy, mail composition software goes > to > > ... rubygem mail-2.5.4. Again. > > I trust you have raised bugs against the said buggy software. > -- > Jeremy > > > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] require verify = sender description
> how does verify = sender work. I can't find anything that says what > it does exactly in the docs. I'm seeing a valid sender get rejected > several times before being finally accepted. As Jeremy Harris covered, 'verify = sender' attempts to route the sender address and uses the result. One consequence of this is that you can manually test whether a sender address will route and why it's failing with 'exim -bt ', possibly adding debug flags as necessary to extract things like DNS failure information. (If the DNS failure is erratic, this may not entirely help. In that case, force-flushing or force-restarting the DNS cache of your local resolving DNS server may help to make the problem happen.) - cks -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] require verify = sender description
On 07/04/17 15:31, Dave Restall - System Administrator,,, wrote: > how does verify = sender work. It runs the sender address though the routers to see if it is routable. -- Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] require verify = sender description
Hi, how does verify = sender work. I can't find anything that says what it does exactly in the docs. I'm seeing a valid sender get rejected several times before being finally accepted. I added a warn line in the config :- warn! verify = sender logwrite = oops sender verify failed : $acl_verify_message ($sender_verify_failure) require log_message = require sender fails verify= sender but all I get in the message is for a routing failure e.g. :- 2017-04-07 13:13:48 oops sender verify failed : Sender verify failed (route) I _think_ the issue is DNS timeout related but can't see any way to increase the timeouts (apart from editing the code). Regards, D lists/exim/users/2017-04-07.tx exim-users ++ | Dave Restall, Computer Anorak, Geek, Cyclist, Radio Amateur G4FCU, Bodger | | Mob +44 (0) 7973 831245 Skype: dave.restall Radio: G4FCU | | email : d...@restall.net - Anti-SocialMediaist - Web : Not Ready Yet :-( | +- QOTD -+ | Tact in audacity is knowing how far you can go without going too far. | | -- Jean Cocteau| ++ -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Discard mail to certain recipients if the subject matches a string
On 07/04/17 12:04, Александр Кириллов via Exim-users wrote: > Thanks for this one. It helps. > > # In particular, the Exim maintainers have had multiple reports of problems > # from Russian administrators of issues until they disable this check, > # because of some popular, yet buggy, mail composition software. > > And the prize for the popular, yet buggy, mail composition software goes to > ... rubygem mail-2.5.4. Again. I trust you have raised bugs against the said buggy software. -- Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Discard mail to certain recipients if the subject matches a string
Thanks for this one. It helps. # In particular, the Exim maintainers have had multiple reports of problems # from Russian administrators of issues until they disable this check, # because of some popular, yet buggy, mail composition software. And the prize for the popular, yet buggy, mail composition software goes to ... rubygem mail-2.5.4. Again. 2017-04-07 12:44 GMT+03:00 Lena--- via Exim-users : > > From: ? > > > I've tried nearly anything I could think of: > > > > Commit by > > Commit\ by > > Insert into beginning of Exim config: > > check_rfc2047_length = false > > > From: Jasen Betts > > > RFC2047 sec 2 and section 6 say that all encoded words > > shall be no longer than 75 ascii characters, the one containing > > "Commit_by" is over-length. > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Problem with Mime attachment checking
Thanks Mike and Jeremy. The problem has been resolved by putting all the
attachment names in one line. I think the continuation line was playing havoc
as Mike suspected. For the time being, it is rightly Warning for the pdf
attachments.
Regards
Sujit
From: Mike Brudenell [mailto:mike.bruden...@york.ac.uk]
Sent: 07 April 2017 09:19
To: exim-users@exim.org
Subject: Re: [exim] Problem with Mime attachment checking
Hi,
I'm pretty sure it's unrelated to you not getting the warning message, but
there's an error in your match pattern: you have two consecutive vertical bars
between the dll and pdf extensions (albeit with a line continuation
inbetween).
In passing, as all the file type patterns begin with "." you could factor that
out to before the list of alternatives:
condition = ${if match {${lc:$mime_filename}} \
{\N\.(exe|scr|bat|com|lnk|pif|reg|vbs|vb|vbe|dll|pdf|chm)$\N}}
To see what's in the $mime_filename variable and work out what's going on it
might be an idea to:
1. Create a test message that exhibits the problem when you send it;
2. Run up an Exim listener on a test host with debug options turned on;
3. Send your test message to the test system;
4. Look through the debugging output of Exim: this contains a wealth of
information such as what values are being substituted into string expansions,
tests, etc and lets you see exactly what is being tested where and the
results.
It can help if you have a second window open to view your configuration file
as you read through the debugging output, following the logic through.
The easiest way is to run Exim with verbose mode and all debugging enabled:
this gives you everything, is very verbose, but can help you trace through
your configuration file. Alternatively be more selective what options you turn
on.
exim -v -d+all -bd
All: Is there also a possible problem with the space character before the "\"
continuation character after the dll file type? When I've written LDAP
expressions before I remember having to be very careful not to put spaces
before the continuation character in some places because they didn't get
stripped by Exim's usual leading/trailing whitespace stripper: they were
considered important and part of the pattern.
Cheers,
Mike B-)
On 6 April 2017 at 17:25, Sujit Acharyya-choudhury
wrote:
I am having problem with Mime attachment checking with Exim 4.80 on Solaris.
The following code is in place and I am not getting the Warning message:
in the main settings:
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
acl_check_mime:
# pdf is just for test
warn
condition = ${if match{${lc:$mime_filename}} \
{\N(\.exe|\.scr|\.bat|\.com|\.lnk|\.pif|\.reg|\.vbs|\.vb|\.vbe|\.dll| \
|\.pdf|\.chm)$\N} \
{1}{0}}
message = WARNING: Bad MIME attachment filename ($mime_filename)
log_message = WARNING: Bad MIME attachment filename ($mime_filename)
accept
# ACL that is used after the DATA command
acl_check_data:
denymalware= *
message= This message contains a virus ($malware_name).
However, If I move the checking in the acl_check_data, then it gives the
warning message. Any idea?
Thanks in advance
Sujit Choudhury | IT Services
Birkbeck, University of London
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811
Web:www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
smime.p7s
Description: S/MIME cryptographic signature
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Discard mail to certain recipients if the subject matches a string
> From: ? > I've tried nearly anything I could think of: > > Commit by > Commit\ by Insert into beginning of Exim config: check_rfc2047_length = false > From: Jasen Betts > RFC2047 sec 2 and section 6 say that all encoded words > shall be no longer than 75 ascii characters, the one containing > "Commit_by" is over-length. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Problem with Mime attachment checking
On 07/04/17 09:18, Mike Brudenell via Exim-users wrote: > Is there also a possible problem with the space character before the > "\" continuation character after the dll file type? When I've written LDAP > expressions before I remember having to be very careful not to put spaces > before the continuation character in some places because they didn't get > stripped by Exim's usual leading/trailing whitespace stripper: they were > considered important and part of the pattern. There is no trailing-whitespace stripper. That pattern will match a filename that ends with a space :) -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Problem with Mime attachment checking
Hi,
I'm pretty sure it's unrelated to you not getting the warning message, but
there's an error in your *match* pattern: you have two consecutive vertical
bars between the dll and pdf extensions (albeit with a line continuation
inbetween).
In passing, as all the file type patterns begin with "." you could factor
that out to before the list of alternatives:
condition = ${if match {${lc:$mime_filename}} \
{\N\.(exe|scr|bat|com|lnk|pif|reg|vbs|vb|vbe|dll|
pdf|chm)$\N}}
To see what's in the $mime_filename variable and work out what's going on
it might be an idea to:
1. Create a test message that exhibits the problem when you send it;
2. Run up an Exim listener on a test host with debug options turned on;
3. Send your test message to the test system;
4. Look through the debugging output of Exim: this contains a wealth of
information such as what values are being substituted into string
expansions, tests, etc and lets you see exactly what is being tested where
and the results.
It can help if you have a second window open to view your configuration
file as you read through the debugging output, following the logic through.
The easiest way is to run Exim with verbose mode and all debugging enabled:
this gives you everything, is very verbose, but can help you trace through
your configuration file. Alternatively be more selective what options you
turn on.
exim -v -d+all -bd
*All:* Is there also a possible problem with the space character before the
"\" continuation character after the dll file type? When I've written LDAP
expressions before I remember having to be very careful not to put spaces
before the continuation character in some places because they didn't get
stripped by Exim's usual leading/trailing whitespace stripper: they were
considered important and part of the pattern.
Cheers,
Mike B-)
On 6 April 2017 at 17:25, Sujit Acharyya-choudhury
wrote:
> I am having problem with Mime attachment checking with Exim 4.80 on
> Solaris.
> The following code is in place and I am not getting the Warning message:
>
>
>
> in the main settings:
>
>
>
> acl_smtp_rcpt = acl_check_rcpt
>
> acl_smtp_data = acl_check_data
>
> acl_smtp_mime = acl_check_mime
>
>
>
> acl_check_mime:
>
> # pdf is just for test
>
> warn
>
>
>
> condition = ${if match{${lc:$mime_filename}} \
>
> {\N(\.exe|\.scr|\.bat|\.com|\.lnk|\.pif|\.reg|\.vbs|\.vb|\.vbe|\.dll| \
>
> |\.pdf|\.chm)$\N} \
>
> {1}{0}}
>
> message = WARNING: Bad MIME attachment filename ($mime_filename)
>
> log_message = WARNING: Bad MIME attachment filename
> ($mime_filename)
>
> accept
>
>
>
>
>
> # ACL that is used after the DATA command
>
> acl_check_data:
>
>
>
>denymalware= *
>
>message= This message contains a virus ($malware_name).
>
>
>
>
>
> However, If I move the checking in the acl_check_data, then it gives the
> warning message. Any idea?
>
>
>
>
>
>
>
> Thanks in advance
>
>
>
> Sujit Choudhury | IT Services
>
> Birkbeck, University of London
>
>
>
>
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811
Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
