[exim] - lot of spam being relayed through our server
Hi List: A lot of spam being relayed through our server, I do not see this Authenticated and I can not see how they send this SPAM 2016-08-11 13:13:39 1bXsbo-00052w-0I Details : "i...@example.com" - Subject = Re: Hey. 2016-08-11 13:13:42 1bXsbo-00052w-0I <= i...@radiolv15.com.ar H=(radiolv15.com.ar) [127.0.0.1] P=esmtp S=3345 id=1561369038.12335577.1470932006...@example.com 2016-08-11 13:13:46 1bXsbo-00052w-0I => peter...@aol.com R=lookuphost T=remote_smtp H=mailin-02.mx.aol.com [64.12.88.163] X=TLSv1:DHE-RSA-AES256-SHA:256 CV=yes C="250 2.0.0 Ok: queued as 9D6FC70A8" 2016-08-11 13:13:46 1bXsbo-00052w-0I Completed Details: Domain "example.com" is create OK in my server but mail account i...@example.com not exist. I have some error in my configuration file? I called my attention this: "H=(example.com) [127.0.0.1]" Thanks -- *Fabián* *M. Sales *Soporte Técnico & I.T.I Linux *DonWeb * La Actitud Es Todo www.DonWeb.com Nota de confidencialidad: Este mensaje y archivos adjuntos al mismo son confidenciales, de uso exclusivo para el destinatario del mismo. La divulgación y/o uso del mismo sin autorización por parte de DonWeb.com queda prohibida. DonWeb.com no se hace responsable del mensaje por la falsificación y/o alteración del mismo. De no ser Ud el destinatario del mismo y lo ha recibido por error, por favor, notifique al remitente y elim?elo de su sistema. Confidentiality Note: This message and any attachments (the message) are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited by DonWeb.com. DonWeb.com shall not be liable for the message if altered or falsified. If you are not the intended addressee of this message, please cancel it immediately and inform the sender Nota de Confidencialidade: Esta mensagem e seus eventuais anexos podem conter dados confidenciais ou privilegiados. Se você os recebeu por engano ou não é um dos destinatários aos quais ela foi endereçada, por favor destrua-a e a todos os seus eventuais anexos ou copias realizadas, imediatamente. É proibida a retenção, distribuição, divulgação ou utilização de quaisquer informações aqui contidas. Por favor, informenos sobre o recebimento indevido desta mensagem, retornando-a para o autor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] - lot of spam being relayed through our server
A lot of spam being relayed through our server, I do not see this Authenticated and I can not see how they send this SPAM 2016-08-11 13:13:39 1bXsbo-00052w-0I Details : "i...@example.com" - Subject = Re: Hey. 2016-08-11 13:13:42 1bXsbo-00052w-0I <= i...@radiolv15.com.ar H=(radiolv15.com.ar) [127.0.0.1] P=esmtp S=3345 id=1561369038.12335577.1470932006...@example.com 2016-08-11 13:13:46 1bXsbo-00052w-0I => peter...@aol.com R=lookuphost T=remote_smtp H=mailin-02.mx.aol.com [64.12.88.163] X=TLSv1:DHE-RSA-AES256-SHA:256 CV=yes C="250 2.0.0 Ok: queued as 9D6FC70A8" 2016-08-11 13:13:46 1bXsbo-00052w-0I Completed Details: Domain "example.com" is create OK in my server but mail account i...@example.com not exist. I have some error in my configuration file? I called my attention this: "H=(example.com) [127.0.0.1]" -- *Fabián* *M. Sales *Soporte Técnico & I.T.I Linux *DonWeb * La Actitud Es Todo www.DonWeb.com Nota de confidencialidad: Este mensaje y archivos adjuntos al mismo son confidenciales, de uso exclusivo para el destinatario del mismo. La divulgación y/o uso del mismo sin autorización por parte de DonWeb.com queda prohibida. DonWeb.com no se hace responsable del mensaje por la falsificación y/o alteración del mismo. De no ser Ud el destinatario del mismo y lo ha recibido por error, por favor, notifique al remitente y elim?elo de su sistema. Confidentiality Note: This message and any attachments (the message) are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited by DonWeb.com. DonWeb.com shall not be liable for the message if altered or falsified. If you are not the intended addressee of this message, please cancel it immediately and inform the sender Nota de Confidencialidade: Esta mensagem e seus eventuais anexos podem conter dados confidenciais ou privilegiados. Se você os recebeu por engano ou não é um dos destinatários aos quais ela foi endereçada, por favor destrua-a e a todos os seus eventuais anexos ou copias realizadas, imediatamente. É proibida a retenção, distribuição, divulgação ou utilização de quaisquer informações aqui contidas. Por favor, informenos sobre o recebimento indevido desta mensagem, retornando-a para o autor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] [EXIM] Crash Exim with option complie MYSQL
s?
Thanks.
--
*Fabián* *M. Sales
*Soporte Técnico & I.T.I Linux
*DonWeb *
La Actitud Es Todo
www.DonWeb.com
Nota de confidencialidad: Este mensaje y archivos adjuntos al mismo son
confidenciales, de uso exclusivo para el destinatario del mismo. La
divulgación y/o uso del mismo sin autorización por parte de DonWeb.com
queda prohibida.
DonWeb.com no se hace responsable del mensaje por la falsificación y/o
alteración del mismo.
De no ser Ud el destinatario del mismo y lo ha recibido por error, por
favor, notifique al remitente y elim?elo de su sistema.
Confidentiality Note: This message and any attachments (the message) are
confidential and intended solely for the addressees. Any unauthorised
use or dissemination is prohibited by DonWeb.com.
DonWeb.com shall not be liable for the message if altered or falsified.
If you are not the intended addressee of this message, please cancel it
immediately and inform the sender
Nota de Confidencialidade: Esta mensagem e seus eventuais anexos podem
conter dados confidenciais ou privilegiados.
Se você os recebeu por engano ou não é um dos destinatários aos quais
ela foi endereçada, por favor destrua-a e a todos os seus eventuais
anexos ou copias realizadas, imediatamente.
É proibida a retenção, distribuição, divulgação ou utilização de
quaisquer informações aqui contidas.
Por favor, informenos sobre o recebimento indevido desta mensagem,
retornando-a para o autor.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[exim] - block outgoing mails whith from falsified
Hello list,
In a top of my file config:
localpartlist mail_list_this_server = /opt/exim/mail_list_this_server
-
I need to block outgoing mails which is not from an existing and valid
email account on the server.
Some of the tests performed is for example:
I have this ACL:
acl_not_smtp
denycondition = ${if exists {/opt/exim/mail_list_this_server}}
message = From no esta en el archivo mail_list_this_server.
$sender_from
!condition =
${lookup{${domain:$header_from:}}lsearch{/opt/exim/mail_list_this_server} {yes}{no}}
logwrite = From no esta en el archivo mail_list_this_server
My problem is if I use ${domain:$header_from:} only give a domain, but
how I can see full from the account? (user@domain) to compare with my file
I can do this without comparing it to a file? any ideas?
I have on My list /opt/exim/mail_list_this_server
p...@lala.com
j...@example.com
..
Best Regards.
Fabián Sales.
--
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] - local user emails checked by the outgoing spamassassin
El 07/06/16 a las 17:53, Heiko Schlittermann escribió:
Fabián M Sales (Di 07 Jun 2016 21:03:04 CEST):
Hello list,
There's something wrong, the mails sent from unauthenticated accounts for
example from the PHP function. Using the local user for sending NO they are
not checked by the outgoing spamassassin.
The PHP mail function normally uses '/usr/sbin/sendmail' for sending
(which is a symlink to Exim).
Submitting a message via local Exim invocation is NOT SMTP and thus the
acl_smtp_data rules do not apply.
You may hook the spamassassin rules into acl_not_smtp (but, I'm not
sure, if this ACL allow content scanning, in other words, I'm not sure,
if this ACL sees the complete message. According to how I understand the
docs, it should, but …)
Thanks :D in the ACL put this and work OK.
acl_not_smtp = acl_voserver
acl_voserver
warnmessage = X-Spam-Score: $spam_score
condition = ${if <{$message_size}{512K}{1}{0}}
spam = nobody:true/defer_ok
warnmessage = X-Spam-Score-Int: $spam_score_int
condition = ${if <{$message_size}{512K}{1}{0}}
spam = nobody:true/defer_ok
warnmessage = X-Spam-Bar: $spam_bar
condition = ${if <{$message_size}{512K}{1}{0}}
spam = nobody:true/defer_ok
warnmessage = X-Spam-Report: $spam_report
condition = ${if <{$message_size}{512K}{1}{0}}
spam = nobody:true/defer_ok
You can make all outgoing mail is checked by spamassassin?
There is no checking for outgoing messages (except transport filters and
such may be abused).
But every outgoing message was an incoming message in the first place.
You can make only one existing accounts emails sent on the server? to
prevent spoofing from.
Read about the local_from_check. But as far as I know, the From: line
is always taken from the submitter. But the envelope From is supplied by
Exim, as the Sender: is, if necessary. You're free to replace the From:
with whatever you want. But think twice.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[exim] - local user emails checked by the outgoing spamassassin
Hello list, There's something wrong, the mails sent from unauthenticated accounts for example from the PHP function. Using the local user for sending NO they are not checked by the outgoing spamassassin. You can make all outgoing mail is checked by spamassassin? You can make only one existing accounts emails sent on the server? to prevent spoofing from. Best regards -- -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] local user email checked by the outgoing spamassassin
There's something wrong, the mails sent from unauthenticated accounts
for example from the PHP function. Using the local user for sending NO
they are not checked by the outgoing spamassassin.
You can make all outgoing mail is checked by spamassassin?
You can make only one existing accounts emails sent on the server? to
prevent spoofing from.
--
*Fabián* *M. Sales
*Soporte Técnico & I.T.I Linux
*DonWeb *
La Actitud Es Todo
www.DonWeb.com
Nota de confidencialidad: Este mensaje y archivos adjuntos al mismo son
confidenciales, de uso exclusivo para el destinatario del mismo. La
divulgación y/o uso del mismo sin autorización por parte de DonWeb.com
queda prohibida.
DonWeb.com no se hace responsable del mensaje por la falsificación y/o
alteración del mismo.
De no ser Ud el destinatario del mismo y lo ha recibido por error, por
favor, notifique al remitente y elim?elo de su sistema.
Confidentiality Note: This message and any attachments (the message) are
confidential and intended solely for the addressees. Any unauthorised
use or dissemination is prohibited by DonWeb.com.
DonWeb.com shall not be liable for the message if altered or falsified.
If you are not the intended addressee of this message, please cancel it
immediately and inform the sender
Nota de Confidencialidade: Esta mensagem e seus eventuais anexos podem
conter dados confidenciais ou privilegiados.
Se você os recebeu por engano ou não é um dos destinatários aos quais
ela foi endereçada, por favor destrua-a e a todos os seus eventuais
anexos ou copias realizadas, imediatamente.
É proibida a retenção, distribuição, divulgação ou utilização de
quaisquer informações aqui contidas.
Por favor, informenos sobre o recebimento indevido desta mensagem,
retornando-a para o autor.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[exim] [EXIM] Centralize mainlog
Hello List Can centralize log on a single server? I have many servers with Exim and centralize the log if I can do a much better track. Can make log the syslog? I Read some "Lumberjack, Logstash, and Elasticsearch" someone has been able to use? Thank you -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] [EXIM] - check all outgoing emils and discard
Hello List.
I have this ACL:
check_spam:
warnmessage = X-Spam-Score: $spam_score
condition = ${if <{$message_size}{80K}{1}{0}}
spam = nobody:true/defer_ok
warnmessage = X-Spam-Score-Int: $spam_score_int
condition = ${if <{$message_size}{80K}{1}{0}}
spam = nobody:true/defer_ok
warnmessage = X-Spam-Bar: $spam_bar
condition = ${if <{$message_size}{80K}{1}{0}}
spam = nobody:true/defer_ok
warnmessage = X-Spam-Report: $spam_report
condition = ${if <{$message_size}{80K}{1}{0}}
spam = nobody:true/defer_ok
denymessage = Spam score too high ($spam_score_int)
spam = mailnull:true/defer_ok
condition = ${if >{$spam_score_int}{700}{1}{0}}
accept
In this way added to all mails incoming and outgoing headers SPAM score.
This ACL rejects all mail coming into the server. I just want it acts
only on the mails that are sent from the server.
Its posible?
Thanks..
Best Regards.
--
Firma Institucional
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[exim] [EXIM] GeoIP it's posible?
Hello List. Exim exists the possibility of using GeoIP to countries that need can not be connected? Thanks. Best regards. Fabián. Firma Institucional -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] check spamassassin before forward email
On 15/09/14 10:53, Fabián M Sales wrote: > Hello List, > > I need that when a mail is carried foward, This mail is checked by the > spamassasin before leaving my server. > > It is possible? how? nobody has any idea ? :( -- Firma Institucional -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] check spamassassin before forward email
Hello List, I need that when a mail is carried foward, This mail is checked by the spamassasin before leaving my server. It is possible? how? -- Firma Institucional -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] return-path in the auto-reply
how to put the return-path in the auto-reply using the exim filter? -- Saludos Cordiales. -- Fabian Sales Soporte Técnico Dattatec.com :: Soluciones de Web Hosting Su Hosting hecho Simple..! fabian.sa...@dattatec.com Nota de confidencialidad: Este mensaje y archivos adjuntos al mismo son confidenciales, de uso exclusivo para el destinatario del mismo. La divulgación y/o uso del mismo sin autorización por parte de Dattatec.com queda prohibida. Dattatec.com no se hace responsable del mensaje por la falsificación y/o alteración del mismo. De no ser Ud. el destinatario del mismo y lo ha recibido por error, por favor, notifique al remitente y elimínelo de su sistema. Confidentiality Note: This message and any attachments (the message) are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited by Dattatec.com. Dattatec.com shall not be liable for the message if altered or falsified. If you are not the intended addressee of this message, please cancel it immediately and inform the sender Nota de Confidencialidade: Esta mensagem e seus eventuais anexos podem conter dados confidenciais ou privilegiados. Se você os recebeu por engano ou não é um dos destinatários aos quais ela foi endereçada, por favor destrua-a e a todos os seus eventuais anexos ou copias realizadas, imediatamente. É proibida a retenção, distribuição, divulgação ou utilização de quaisquer informações aqui contidas. Por favor, informe-nos sobre o recebimento indevido destamensagem, retornando-a para o autor. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
