Re: [exim] How to limit the number of emails sent by each user

2017-12-18 Thread Sebastian Nielsen via Exim-users 
I would suggest using an config that restricts authenticated users to
a specific IP range. Then no bots from china can successfully guess a
account.

Something like:
  accept
authenticated = *
hosts = +relay_from_hosts

Then add:
hostlist relay_from_hosts = Your_local_network_or_ISP_range/CIDR
auth_advertise_hosts = Your_local_network_or_ISP_range/CIDR

A simple idea if you have a lot of users "outside" your Corporation,
use GeoIP instead to restrict relay_from_hosts and
auth_advertise_hosts to the same country as the server is located in.

That will prevent accounts from being hacked and used in spamming, as
the sender must BOTH be inside correct network AND have
username/password to be allowed.

2017-12-18 11:52 GMT+01:00 Lena--- via Exim-users :
>> From: "Ronaldo Luiz de Carvalho"
>
>> how to limit the number of emails sent by each user?
>>
>> I use WHM and I can limit by a domain account, but into a domain I want to
>> set limit to a specific account.
>
> Usually such limits are in order to catch spammers.
> But the limits are either low and inconvenient for honest users
> or high and allow spam to trickle through.
> There is another approach to rate limiting in order to catch spammers:
> https://github.com/Exim/exim/wiki/BlockCracking
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Some mails are queued, other are sent immediately

2017-12-18 Thread Ian Zimmerman 
On 2017-12-18 15:02, Yvan Masson wrote:

> Anyway, during tests I noticed that some emails are sent immediately
> (what I prefer), while other are queued (introducing useless delay):
> - Why this difference ?
> - What could I do to avoid the queue ?

In the voluminous spec, Chapter 14, look at the various
smtp_accept_max_* and smtp_accept_queue_* parameters.  I bet you need to
increase one of those.

Or maybe just run the queue more frequently?  That can be done without
even touching the configuration file, with a command line argument.  I
use -q10 on my lightly loaded server.

-- 
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet, fetch the TXT record for the domain.

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Some mails are queued, other are sent immediately

2017-12-18 Thread Yvan Masson 
Hi,

I am new to Exim. I use it so that Debian servers can send me
notifications (through a smarthost).

First, maybe I should use a simpler MTA but I need :
- queueing (it can happen that the server has not Internet connection
and I do not want to lost any notification)
- ability to rewrite subject (this help recognize which server sent the
mail without having to look the email headers)
- ability to use a smarthost (and thus ability to rewrite "From:" header)

Anyway, during tests I noticed that some emails are sent immediately
(what I prefer), while other are queued (introducing useless delay):
- Why this difference ?
- What could I do to avoid the queue ?

Here is a sample log showing a two emails behaving differently:

2017-12-16 11:18:05 Start queue run: pid=20982
2017-12-16 11:18:05 End queue run: pid=20982
2017-12-16 11:21:30 1eQ9b0-0005YG-C1 <= y...@masson-informatique.fr
U=root P=local S=452
2017-12-16 11:21:35 1eQ9b0-0005YG-C1 => cont...@masson-informatique.fr
R=smarthost T=remote_smtp_smarthost H=smtp.phpnet.org [194.110.192.60]
X=TLS1.2:RSA_AES_256_CBC_SHA1:256 CV=yes DN="CN=*.phpnet.org" A=plain
C="250 OK id=1eQ9b5-dU-4e"
2017-12-16 11:21:35 1eQ9b0-0005YG-C1 Completed
2017-12-16 11:34:37 1eQ9nh-0005zG-PL <= y...@masson-informatique.fr
U=root P=local S=180280
2017-12-16 11:48:05 Start queue run: pid=24317
2017-12-16 11:48:11 1eQ9nh-0005zG-PL => cont...@masson-informatique.fr
R=smarthost T=remote_smtp_smarthost H=smtp.phpnet.org [46.255.160.212]
X=TLS1.2:RSA_AES_256_CBC_SHA1:256 CV=yes DN="CN=*.phpnet.org" A=plain
C="250 OK id=1eQA0o-0006sY-4W"
2017-12-16 11:48:11 1eQ9nh-0005zG-PL Completed
2017-12-16 11:48:11 End queue run: pid=24317


I have read the FAQ, but I could not find something an answer.

Regards,
Yvan



signature.asc
Description: OpenPGP digital signature
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] SPF issue: acting like -all when ~all

2017-12-18 Thread Sander Smeenk via Exim-users 
Quoting Jonathan Gilpin via Exim-users (exim-users@exim.org):

> 2017-12-14 13:09:26 H=smtp1.galacsys.net [217.24.81.209]
> X=TLSv1:DHE-RSA-CAMELLIA256-SHA:256 CV=no
> F= rejected RCPT : SPF
> check failed

Even though this was already tracked back to a broken SPF-record
include, i'd like to share this piece of information on list for
those who run in to SPF-issues at a later date.

In Debian/Ubuntu like installs, you can install the 'spfquery' package,
which brings the tools from http://www.libspf2.org/ to your system.

One of which is 'spfquery.libspf2':
| $ spfquery.libspf2 -d -i 217.24.81.209 -s 'villamanagem...@sibarth.com'

This spits out loads of debugging and makes tracing SPF errors much
easier, especially with all these includes including includes from
other includes

|  [ ... ]
| spf_interpret.c:1087 Debug: include/redirect:  got SPF record:  Could not 
find a valid SPF record
| --vv--
| Context: Main query
| Response result: permerror
| Response reason: none
| Response err: Could not find a valid SPF record
| StartError
| ErrorCode: (2) Could not find a valid SPF record
| Error: No DNS data for 'galacsys.net'.
| EndError
| --^^--
| StartError
| Context: Failed to query MAIL-FROM
| ErrorCode: (2) Could not find a valid SPF record
| Error: No DNS data for 'galacsys.net'.
| EndError
| permerror

It is the first thing i use when someone tells me SPF is failing...

HTH,
-Sndr.
-- 
| The world is so full of these wonderful things,
| i'm sure we should all be as happy as kings.
| 4096R/20CC6CD2 - 6D40 1A20 B9AA 87D4 84C7  FBD6 F3A9 9442 20CC 6CD2

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] How to limit the number of emails sent by each user

2017-12-18 Thread Lena--- via Exim-users 
> From: "Ronaldo Luiz de Carvalho"

> how to limit the number of emails sent by each user?
> 
> I use WHM and I can limit by a domain account, but into a domain I want to
> set limit to a specific account.

Usually such limits are in order to catch spammers.
But the limits are either low and inconvenient for honest users
or high and allow spam to trickle through.
There is another approach to rate limiting in order to catch spammers:
https://github.com/Exim/exim/wiki/BlockCracking

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/