Re: [exim] dnslists - how to reject only if sender is in two or more ?
Hi Gregory,
I want to reject the message completely if sender is in two or more RBLs
and accept if
it hits only one.
I check quite some RBLs and also want to have this fine granulated to
circumvent false positives. I have a counter, and some RBL have a higher
weight (adding 2 points). A certain number of points (3+ in this my
case) leads to rejection. So cbl.abuseat.org suffices to reject, all
others need a second. "The add_header" is for error hunting, but I
actually don't had to look since very long. Of course you can do this
more compact, but her is my example:
# Set counter to zero
warn set acl_m0 = 0
warnlog_message = Listed by $dnslist_domain
dnslists = 0spam.fusionzero.com
add_header = X-blacklisted-at: $dnslist_domain 1
set acl_m0 = ${eval:$acl_m0+1}
warnlog_message = Listed by $dnslist_domain
dnslists = zen.spamhaus.org
add_header = X-blacklisted-at: $dnslist_domain 2
set acl_m0 = ${eval:$acl_m0+2}
warnlog_message = Listed by manitu.net
dnslists = ix.dnsbl.manitu.net
add_header = X-blacklisted-at: $dnslist_domain 1
set acl_m0 = ${eval:$acl_m0+1}
# http://www.sorbs.net/using.shtml
# Very sensitive, false positives prone!
warnlog_message = Listed by $dnslist_domain
dnslists = dnsbl.sorbs.net
add_header = X-blacklisted-at: $dnslist_domain 1
set acl_m0 = ${eval:$acl_m0+1}
warnlog_message = Listed by $dnslist_domain
dnslists = bl.spamcop.net
add_header = X-blacklisted-at: $dnslist_domain 2
set acl_m0 = ${eval:$acl_m0+2}
# raised to 3!
warnlog_message = Listed by $dnslist_domain
dnslists = cbl.abuseat.org
add_header = X-blacklisted-at: $dnslist_domain 3
set acl_m0 = ${eval:$acl_m0+3}
denylog_message = Listed by spamlists, $acl_m0 points
message = rejected because $sender_host_address is in public
spamlists
condition = ${if gt{$acl_m0}{2}}
regards
Hardy
smime.p7s
Description: S/MIME Cryptographic Signature
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] data timeout on connection
Hi all, I just want to let you know the situation normalized "all by itself", and as far as I can judge no message was lost, as obviously the sender part considered the problem a temporary one and we were still within retry periods. I didn't change effectively anything, neither to cause nor to resolve the problems, and the sender sides were too many different ones as I would think it plausible they had a problem. Some of you in this list suggested mis-aligned network. I suspect this happened on my hoster's part. They did not communicate any problem, though. I suspect they misconfigured and corrected silently, whatever it was. According to my logs this situation lasted for about 12+ hours. Thanks for all your suggestions. Hardy all of a sudden (after a reboot of the machine, but I cannot see a connection to that) exim produces a lot of data timeout on (message abandoned) on connection from mx.example.com [IP] F= in my logs. These are always the same systems, that retry and fail again. Other systems don't show probs. By the looks this happens in the rcpt or data ACL, as the F= is available in the log. I reinstalled last week's exim.conf to cancel recent changes, but this did not help. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] data timeout on connection
Cyborg, you mean it really may happen that "all of a sudden" my kernel is not IP stack compatible with half of the other world? Given, it is quite an old one, as I do not update productive systems often, I prefer to build a new system and migrate - but not as often then. But again, all of a sudden incompatible with 50% in the world out there? smime.p7s Description: S/MIME Cryptographic Signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] data timeout on connection
Update Jeremy, I saw your post via web. I do not even use check_data, it is commented. In the check_rcpt I now added a condition-less "accept" VERY early to mitigate effects of later rules. Problem persists. And NOW: 2019-10-18T13:56:03.718183+02:00 mailfass exim[4587]: SMTP data timeout (message abandoned) on connection from hummus.csx.cam.ac.uk [131.111.8.88] F= Perhaps someone from your side may have look ;-) Few MTAs still get their messages through. I was successful via telnet and did not see anything odd. # Hi all, all of a sudden (after a reboot of the machine, but I cannot see a connection to that) exim produces a lot of data timeout on (message abandoned) on connection from mx.example.com [IP] F= in my logs. These are always the same systems, that retry and fail again. Other systems don't show probs. By the looks this happens in the rcpt or data ACL, as the F= is available in the log. I reinstalled last week's exim.conf to cancel recent changes, but this did not help. Hope your answers come through ;-) Will follow on the Web archive. Yours urgently Hardy smime.p7s Description: S/MIME Cryptographic Signature -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] data timeout on connection
Hi all, all of a sudden (after a reboot of the machine, but I cannot see a connection to that) exim produces a lot of data timeout on (message abandoned) on connection from mx.example.com [IP] F= in my logs. These are always the same systems, that retry and fail again. Other systems don't show probs. By the looks this happens in the rcpt or data ACL, as the F= is available in the log. I reinstalled last week's exim.conf to cancel recent changes, but this did not help. Hope your answers come through ;-) Will follow on the Web archive. Yours urgently Hardy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Wildcards in aliases
In fact I have an approach not too different from yours. I call it the "volatile" addresses you use for suspicious cases where you need to give your email. It is nameYYMM, it exists for the current and last month, but disappears after that automatically. (By that time you need to decide, whether you like their mail, so either let go, or change to a non-volatile) I am far better in scripting than in looking up configuration details :-( so a monthly script actually changes/adds these in my aliases file m-) But what I need now is indeed closer to your way. I will find something. Thanks again for your input. Hardy On 14.02.2018 11:14, Merlin Hartley via Exim-users wrote: We use the local_part_suffix for all users, then they can choose to give out different addresses to different websites and use filters on any incoming mail based on addressee - for example I use merlin-slurm@… for the slurm mailing list. This way they can automatically file/trash mail from a leaked/sold address. To be honest I don’t think many of our users are utilising that feature, but I personally find it useful! Merlin -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] lowest numbered MX record points to local host
A simple solution may be to read the
domainlist local_domains =
from a flat file that needs to hold the names of the user defined
domains, and keep BOTH routers in their original configuration.
On 14.02.2018 10:28, Cyborg via Exim-users wrote:
Am 14.02.2018 um 09:59 schrieb Bambero via Exim-users:
So what shoud I do to fix that? I can't use local_domains, becouse it's
shared hosting, and users can add domains by hand.
If someone will add domain 'gmail.com' exim will treat it as local domain.
The only way is to check MX.
There is no easy solution to the problem. Local domains defines those
domains, the server shall receive email for.
You could add a rule to the check_rcpt acl , to see, if IN MX of the
domain points to your server. It's doable,
but could be tricked also.
Way easier is to blacklist domains, you will never serve emails for like
gmail.com.
domainlist local_domains = @ : localhost : localhost.localdomain :
${lookup mysql { SELECT domainname FROM .. WHERE ... AND DOMAIN NOT IN
( "gmail.com","t-online.de","gmx.de","gmx.net","outlook.com" ) }}
You could also build an sql with a db defined blacklist, which would be
easier to maintain.
Hope that helped,
Marius
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Wildcards in aliases
On 13.02.2018 13:14, Andrew C Aitchison via Exim-users wrote: > On Tue, 13 Feb 2018, Hardy via Exim-users wrote: >> my aim is to have something in the way of >> >> myname.*: myname >> > > I wonder whether you are trying to implement a feature > already explicitly supported in exim ? > > If you want that for all users, you could use something like > local_part_suffix : . > in the "userforward" router (if I have got that right). > I found it in the docs... sounds interesting, but actually no, I don't want to add it to all users, that is why I would prefer an alias file solution. But still this seeds ideas. Thank you. And all the others, thank you also for pointing me to my self study for expressions... ;-) Hardy -- No pasaran! -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Wildcards in aliases
Thank you Heiko and Merlin,
lookups are my really weak point ;-) and my lack on a grasp on regex
hampers me even more. I know I should change this on the long run, but
for now your short term help is very much appreciated...
A one-time change to the conf is acceptable, of course.
I had hope for a solution to keep my alias file the single point of
maintenance AND keep it compilable by exim_dbmbuild. I would like to
stick with the simple
require verify = recipient
for validation. My lookup now is
data = ${lookup{$local_part}dbm{/etc/exim/$domain.aliases.db}}
Can I still do what I want with dbm, and how would I write the alias
file for entries meaning
myname[digits]: myname
Thanks
Hardy
On 13.02.2018 11:12, Merlin Hartley via Exim-users wrote:
Or even full expansion options - which puts huge power into the aliases file:
data = ${expand:${lookup{$local_part}lsearch{/etc/aliases}}}
Hope this is useful!
Merlin
--
Merlin Hartley
Computer Officer
MRC Mitochondrial Biology Unit
University of Cambridge
Cambridge, CB2 0XY
United Kingdom
On 13 Feb 2018, at 09:38, Heiko Schlittermann via Exim-users
<exim-users@exim.org> wrote:
Hardy via Exim-users <exim-users@exim.org> (Di 13 Feb 2018 09:44:38 CET):
Hi folks,
my aim is to have something in the way of
myname.*: myname
for the local user myname, if this is possible to do in the alias file. I
would rather like to have it here than to change the conf. Possible?
You need to modify the config anyway, to allow for patterns in your
alias file.
data = ${lookup{$local_part}nwildlsearch{/etc/aliases}}
With entries like:
hans: literal
hans*: literal
*hans: pattern
^hans: regexp
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 -
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Wildcards in aliases
Hi folks, my aim is to have something in the way of myname.*: myname for the local user myname, if this is possible to do in the alias file. I would rather like to have it here than to change the conf. Possible? Hardy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
