from:"Yan Seiner"

[exim] Forged FROM

2016-07-28 Thread Yan Seiner


Hi everyone:

I'm not sure what, if anything can be done about my situation. One 
spambot is forging my email address and IP in their FROM headers, so my 
email server is getting hammered with bounces.


I've checked and I'm not running an open relay, and the emails are not 
originating with me but the bounces are coming back from pretty much all 
over the world, sometimes several dozen per minute.


I don't think there's anything I can do except ride this out but it's 
really starting to annoy me.  Since I never see the original emails, 
only the bounces with the forged FROM info, I can't even figure out 
where this is coming from.


Any ideas other than suck it up?



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] .forward being ignored

2015-10-05 Thread Yan Seiner


On 10/5/2015 7:53 AM, Ian Eiloart wrote:
Yes, but it may not be the filters that are at fault. It looks like 
your router isn’t being inspected. If an earlier router handles the 
message, then your filter won’t be run. Pipe a known message into 
Exim, and use -d+all 

Hers's a dump of -d+all:

http://seiner.com/exim_debug.log

Thanks.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] .forward being ignored

2015-10-05 Thread Yan Seiner




On 10/5/2015 6:40 AM, Jeremy Harris wrote:

On 05/10/15 11:31, Yan Seiner wrote:

I am running Exim 4.82.  It works, except that my .forward file is being
ignored.  It tests fine, and when I feed it manually it works.

[...]

But exim ignores it.

Show a debug run of a test mail, with it being ignored.


I ran it with -d-all+filter which should just debug the filters, right?  
(Sorry, I'm not that familiar with exim; it "just works" so I don't get 
to work with it much.


root@selene:/etc/default# /etc/init.d/exim4 start
 * Starting MTA Exim version 4.82 uid=0 gid=0 pid=18323 D=200
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS 
move_frozen_mess   ages 
Content_Scanning DKIM Old_Demime
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm 
dbmjz dbm   nz dnsdb dsearch 
ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite

Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram 
redirect

Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.8.2]
Library version: GnuTLS: Compile: 2.12.23
 Runtime: 2.12.23
Library version: Cyrus SASL: Compile: 2.1.25
 Runtime: 2.1.25 [Cyrus SASL]
Library version: PCRE: Compile: 8.31
   Runtime: 8.31 2012-07-06
Library version: MySQL: Compile: 5.5.35 [(Ubuntu)]
Runtime: 5.5.44
Library version: SQLite: Compile: 3.8.2
 Runtime: 3.8.2
WHITELIST_D_MACROS: "OUTGOING"
TRUSTED_CONFIG_LIST: "/etc/exim4/trusted_configs"
configuration file is /var/lib/exim4/config.autogenerated
log selectors = 0ffc 00632001
cwd=/etc/default 8 args: /usr/sbin/exim4 -bd -q30m -d-all+filter -oX 
25:587 -oP /var/run/exim4/exim.pid

trusted user
admin user
18323 daemon_smtp_port overridden by -oX:
18323   <: 25: 587
18323 listening on all interfaces (IPv6) port 25
18323 listening on all interfaces (IPv4) port 25
18323 listening on all interfaces (IPv6) port 587
18323 listening on all interfaces (IPv4) port 587
18323 pid written to /var/run/exim4/exim.pid
18323 LOG: MAIN
18323   exim 4.82 daemon started: pid=18323, -q30m, listening for SMTP 
on port 2   5 (IPv6 and IPv4) 
port 587 (IPv6 and IPv4)

18323 daemon running with uid=131 gid=139 euid=131 egid=139
18323 SIGALRM received
18323 1 queue-runner process running
18323 Listening...
18325 Starting queue-runner: pid 18325
18323 child 18325 ended: status=0x0
18323   normal exit, 0
18323 0 queue-runner processes now running
18323 Listening...
18323 Connection request from 216.16.230.210 port 61675
18323 1 SMTP accept process running
18323 Listening...
18347 Process 18347 is handling incoming connection from [216.16.230.210]
18347 Process 18347 is ready for new message
18347 trying server 127.0.0.1, port 783
18347 unspool_mbox(): unlinking 
'/var/spool/exim4/scan/1Zj3lC-0004lv-FY/1Zj3lC-0004lv-FY.eml'

18347 LOG: MAIN
18347   <= y...@seiner.com H=css.roadtrek.com ([10.10.31.31]) 
[216.16.230.210] P=esmtpsa X=TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128 
A=plain_server:yan S=724 id=56125c21.7060...@seiner.com

18347 forked delivery process 18351
18347 Process 18347 is ready for new message
18351 Exim version 4.82 uid=131 gid=139 pid=18351 D=40200
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS 
move_frozen_messages Content_Scanning DKIM Old_Demime
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm 
dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql 
sqlite

Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram 
redirect

Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [4.8.2]
Library version: GnuTLS: Compile: 2.12.23
 Runtime: 2.12.23
Library version: Cyrus SASL: Compile: 2.1.25
 Runtime: 2.1.25 [Cyrus SASL]
Library version: PCRE: Compile: 8.31
   Runtime: 8.31 2012-07-06
Library version: MySQL: Compile: 5.5.35 [(Ubuntu)]
Runtime: 5.5.44
Library version: SQLite: Compile: 3.8.2
 Runtime: 3.8.2
WHITELIST_D_MACROS: "OUTGOING"
TRUSTED_CONFIG_LIST: "/etc/exim4/trusted_configs"
18351 configuration file is /var/lib/exim4/config.autogenerated
18351 log selectors = 0ffc 00632001
18351 cwd=/var/spool/exim4 4 args: /usr/sbin/exim4 -d=0x40200 -Mc 
1Zj3lC-0004lv-FY

18351 trusted user
18351 admin user
18347 LOG: smtp_connection MAIN
18347   SMTP connection from cs

[exim] .forward being ignored

2015-10-05 Thread Yan Seiner


I'm stumped, mostly because I've never run across this.

I am running Exim 4.82.  It works, except that my .forward file is being 
ignored.  It tests fine, and when I feed it manually it works.


yan@selene:~$ /usr/lib/sendmail -bf ~/.forward # verifying addresses. Similarly, no_expn means that this router is 
skipped if

# Exim is processing an EXPN command.
#
# The check_ancestor option means that if the forward file generates an
# address that is an ancestor of the current one, the current one gets
# passed on instead. This covers the case where A is aliased to B and B
# has a .forward file pointing to A.
#
# The four transports specified at the end are those that are used when
# forwarding generates a direct delivery to a directory, or a file, or to a
# pipe, or sets up an auto-reply, respectively.
#
userforward:
  debug_print = "R: userforward for $local_part@$domain"
  driver = redirect
  domains = +local_domains
  check_local_user
  file = $home/.forward
  require_files = $local_part:$home/.forward
  no_verify
  no_expn
  check_ancestor
  allow_filter
  forbid_smtp_code = true
  directory_transport = address_directory
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply
  skip_syntax_errors
  syntax_errors_to = real-$local_part@$domain
  syntax_errors_text = \
This is an automatically generated message. An error has\n\
been found in your .forward file. Details of the error are\n\
reported below. While this error persists, you will receive\n\
a copy of this message for every message that is addressed\n\
to you. If your .forward file is a filter file, or if it is\n\
a non-filter file containing no valid forwarding addresses,\n\
a copy of each incoming message will be put in your normal\n\
mailbox. If a non-filter file contains at least one valid\n\
forwarding address, forwarding to the valid addresses will\n\
happen, and those will be the only deliveries that occur.



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] exim taking long time to respond

2015-10-03 Thread Yan Seiner

I am trying to validate my new email server, and I'm finding that it's 
taking about 6 seconds to respond and 8 second to process an email.


The server is lightly loaded so there's something that is causing this 
delay.  AFAIK I have no issues with DNS.  I am using dspam+spamassassin, 
so that could be the cause of the delay, but this is on a quad-core 
server, ssd drives, and load of typically around 1% so it should be much 
faster.  At a guess there's some lookup that's taking that long.


Any way to tell where the delay is coming from?

Here's a typical transaction - note the time stamps.  10 seconds from 
start to finish.


15-10-03 05:35:07 1ZiM1r-0002rf-DI DKIM: d=lightinthebox.chtah.com 
s=20111013 c=relaxed/relaxed a=rsa-sha256 t=1443875689 x=1459686889 
[verification succeeded]
2015-10-03 05:35:13 1ZiM1r-0002rf-DI <= 
bo-b8f3zs6bfs4q1kaupz7fabytuz0...@b.lightinthebox.chtah.com 
H=mta925.chtah.net [8.7.42.21] P=esmtp S=96956 
id=b8f3zs6bfs4q1kaupz7fabytuz0ep2.1951771.9...@mta925.lightinthebox.chtah.com
2015-10-03 05:35:17 1ZiM1r-0002rf-DI => yan  
R=spamcheck_director T=spamcheck

2015-10-03 05:35:17 1ZiM1r-0002rf-DI Completed


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] TLS Base64 unexpected header error

2015-10-01 Thread Yan Seiner


On 9/30/2015 7:16 PM, Heiko Schlittermann wrote:

Yan Seiner  (Do 01 Okt 2015 01:07:33 CEST):

I'm getting this error.  I recently migrated from one server to another, and
since then I am seeing this in my logs:

TLS error on connection from (cert/key setup:
cert=/etc/ssl/certs/mail_seiner_com.pem
key=/etc/ssl/localkeys/mail.seiner.com/mail.seiner.com.key): Base64
unexpected header error.


Can you read the files?

 sudo -u $(exim -n -bP exim_user) openssl x509 -in 
/etc/ssl/certs/mail_seiner_com.pem -noout -text
 sudo -u $(exim -n -bP exim_user) openssl rsa  -in 
/etc/ssl/localkeys/mail.seiner.com/mail.seiner.com.key -noout -text

Thanks guys.  As it turned out, I had lost my private key in the shuffle 
and substituted some unknown key.  I deleted all my mail certs, 
regenerated everything from the beginning, and all is well.


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] TLS Base64 unexpected header error

2015-09-30 Thread Yan Seiner

I'm getting this error.  I recently migrated from one server to another, 
and since then I am seeing this in my logs:


TLS error on connection from (cert/key setup: 
cert=/etc/ssl/certs/mail_seiner_com.pem 
key=/etc/ssl/localkeys/mail.seiner.com/mail.seiner.com.key): Base64 
unexpected header error.


I am running Exim4.82.

I am using the same certs as I did on my other server. Unfortunately the 
older server is not accessible at the moment and may not be for weeks.


I've been through much of the google-suggested remedies and nothing has 
helped.  The certs are downloaded from Comodo and visually look fine - 
no extra characters, no extra whitespace.


What should I be looking at/for?

Thanks.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] cc'ing outgoing mail

2014-06-04 Thread Yan Seiner



On 06/04/2014 04:55 AM, Jasen Betts wrote:

On 2014-06-03, Yan Seiner  wrote:

I have several domains and email addresses I want to CC myself on. I'm
using this router:

  cc_to_me:
  driver = redirect
  domains = xxx.com : yyy.com : zzz.ca : aaa.org
  headers_add = "X-cc-to-me: by $primary_hostname on $tod_full\n\
  Reply-To: y...@qqq.com"
  data = $local_part@$domain, y...@seiner.com

Is it possible to match for a specific email address rather than an
entire domain as above?

  condition + if + inlist

like this:

  condtions=${if inlist{$local_part@$domain}\
{o...@xxx.com : t...@yyy.com : th...@zzz.ca : f...@aaa.org}}


Thanks.




Further, this is cumbersome.  I find that I need to keep fiddling with
exim config files.  I'd like to set up something like .forward for
outgoing mail that says
if $h_to: contains "someb...@xxx.com" then cc y...@seiner.co and add
reply-to: y...@qqq.com

Is that possible?

I can't see an easy way to put all of that in a file that's outside of
exim's configuration.


Reading the docs, it looks like I could use a per-address system filter?

http://www.exim.org/exim-html-current/doc/html/spec_html/ch-systemwide_message_filtering.html#SECTperaddfil

Would that work or am I off-base?

--Yan

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] cc'ing outgoing mail

2014-06-03 Thread Yan Seiner

I have several domains and email addresses I want to CC myself on. I'm 
using this router:


cc_to_me:
driver = redirect
domains = xxx.com : yyy.com : zzz.ca : aaa.org
headers_add = "X-cc-to-me: by $primary_hostname on $tod_full\n\
Reply-To: y...@qqq.com"
data = $local_part@$domain, y...@seiner.com

Is it possible to match for a specific email address rather than an 
entire domain as above?


Further, this is cumbersome.  I find that I need to keep fiddling with 
exim config files.  I'd like to set up something like .forward for 
outgoing mail that says


if $h_to: contains "someb...@xxx.com" then cc y...@seiner.co and add 
reply-to: y...@qqq.com


Is that possible?

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] syntax and use of ${run}

2014-02-13 Thread Yan Seiner


Where can I find some documentation on the syntax of ${run ...}?

I can't find it in the exim spec.

Then again, maybe there's a better way to do this.

I am trying to include the contents of a file in a header so I've been 
trying:


headers_add = "My-Header: ${run {/bin/cat /my/file}{$value}{error}}"

All I get is is either 'error' or a blank, depending on how I configure it.

What's the best way to include a message from a file in the headers?



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] copy email going to one domain

2014-02-10 Thread Yan Seiner



On 02/10/2014 02:49 AM, Heiko Schlittermann wrote:

Yan Seiner  (Mo 10 Feb 2014 00:10:08 CET):

I would like to keep copies of emails that I send to one particular
domain in a separate folder.

Some simplistic approach could be the use of shadow_transport transport
option, but this only helps if the transport you use is a local
transport.

More generic starting point is the use of the redirect router:

 begin routers:

 # order matters! should be one of the first routers
 cc_to_me:
 driver = redirect
 domains = example.com
 data = $local_part@$domain, me-and-mys...@example.org
  

Here's what I've tried:

cc_to_me:
driver = redirect
domains = xxx.com
headers_add = "X-cc-to-me: by $primary_hostname on $tod_full"
data = $local_part@$domain, y...@seiner.com

That way I can sort on the header in my .forward file.

That works except in the corner case where I sent email to my work email 
and it gets forwarded back to me - both copies end up in the "workSent" box.


I have not figured how to add the header or the cc only to email leaving 
my domain, not for email coming in from the outside.




--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] copy email going to one domain

2014-02-09 Thread Yan Seiner

I would like to keep copies of emails that I send to one particular 
domain in a separate folder.


In other words, I want exim to add cc:me to emails that are sent to one 
particular domain.


Is this something exim can do, and if so, where would I start?

(nothing nefarious about this; I use my personal email for work, and I 
want to cc: myself on all work email as I use a variety of MUAs and it's 
hard to keep track of what I sent to whom.)


Thanks!

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Spool file is locked (another process is handling this message)

2012-04-13 Thread Yan Seiner


On Fri, April 13, 2012 1:09 am, Sven Hartge wrote:

>
> I recommend using haveged:
> http://www.issihosts.com/haveged/

I installed this and the problem has not reappeared.  Hopefully that
should fix it.

-- 
On two occasions I have been asked,—"Pray, Mr. Babbage, if you put into
the machine wrong figures, will the right answers come out?" ... I am not
able rightly to apprehend the kind of confusion of ideas that could
provoke such a question.
—Charles Babbage, Inventor of the computer, 1864


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Spool file is locked (another process is handling this message)

2012-04-12 Thread Yan Seiner


On Wed, April 11, 2012 10:39 pm, Phil Pennock wrote:
> On 2012-04-11 at 13:26 -0700, Yan Seiner wrote:
>> 2012-04-11 13:22:16 1SI3wt-0006jb-DK Spool file is locked (another
>> process
>> is handling this message)
>
> Run "exiwhat", it will tell you which Exim processes exist, what they're
> currently doing, etc.
>
> Usually this message just means that there's a slow remote host, an Exim
> from another queue runner is already trying to deliver the mail, and so
> this queue-runner is skipping that message and going onto the next one
> in the queue.  As such, it's harmless.  As long as that is what's
> happening.
>
> A diagnostic log message like this just says "I'm not handling it
> myself, because ...", not "there's a problem to be fixed".  Now, if it
> persists on the same message for a while, you might look into what's
> happening with that particular message.  Perhaps the recipient system
> is doing something icky, such as passing your connections to a tarpit
> system.

Seems to be a TLS entropy issue?  (I'm guessing here but from reading what
I've been able to it looks similar.)

Yesterday the messages were persisting for hours, and there was upwards of
100 stalled at a time.

Not sure what I can do to help the entropy issue.  It may just be that
I've had a huge rsync job running for days and if it's using the same pool
it could be draining all the entropy faster than the system can generate
it.  I don't know enough about how entropy works to make more than guesses
from googling


-- 
On two occasions I have been asked,—"Pray, Mr. Babbage, if you put into
the machine wrong figures, will the right answers come out?" ... I am not
able rightly to apprehend the kind of confusion of ideas that could
provoke such a question.
—Charles Babbage, Inventor of the computer, 1864


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Spool file is locked (another process is handling this message)

2012-04-11 Thread Yan Seiner

I just started getting this message. Seems that many emails (but not all)
are getting hung up.

2012-04-11 13:22:16 1SI3wt-0006jb-DK Spool file is locked (another process
is handling this message)

I have no idea why this started happening; I've checked all the usual
suspects and I have plenty of spool space, the cpu is showing idle time,
and the load on the server is minimal.

And yet mail is getting hung up.  I've googled all over the place and
there doesn't seem to be a single reason for this.  What does this mean? 
And more importantly how do I fix it?

selene:/var/log/exim4# ps auxwww | grep exim
mail 25292  0.0  0.0  86128  1948 ?S13:13   0:00
/usr/sbin/exim4 -q
mail 25294  0.0  0.0  86128  1696 ?S13:13   0:00
/usr/sbin/exim4 -q
100  25737  0.0  0.0  85772  2100 ?Ss   13:13   0:00
/usr/sbin/exim4 -bd -q30m
root 25741  0.0  0.1  85760  4220 ?S13:13   0:00
/usr/sbin/exim4 -q
root 25744  0.0  0.0  86128  3644 ?S13:13   0:00
/usr/sbin/exim4 -q
mail 25746  0.0  0.0  86128  1948 ?S13:13   0:00
/usr/sbin/exim4 -q
mail 25748  0.0  0.0  86128  1696 ?S13:13   0:00
/usr/sbin/exim4 -q
root 25894  0.0  0.1  86092  5332 ?S13:15   0:00
/usr/sbin/exim4 -Mc 1SI3wt-0006jb-DK
mail 25895  0.0  0.0  86092  1992 ?S13:15   0:00
/usr/sbin/exim4 -Mc 1SI3wt-0006jb-DK
mail 25898  0.0  0.0  86092  1652 ?S13:15   0:00
/usr/sbin/exim4 -Mc 1SI3wt-0006jb-DK
root 25990  0.0  0.1  86092  5336 ?S13:16   0:00
/usr/sbin/exim4 -Mc 1SI3yA-0006l8-Ky
mail 25995  0.0  0.0  86092  1996 ?S13:16   0:00
/usr/sbin/exim4 -Mc 1SI3yA-0006l8-Ky
mail 25997  0.0  0.0  86092  1656 ?S13:16   0:00
/usr/sbin/exim4 -Mc 1SI3yA-0006l8-Ky
root 26232  0.0  0.1  86092  5332 ?Ss   13:16   0:00
/usr/sbin/exim4 -odi -Mc 1SI3yI-0006p5-GG
mail 26233  0.0  0.0  86092  1988 ?S13:16   0:00
/usr/sbin/exim4 -odi -Mc 1SI3yI-0006p5-GG
mail 26235  0.0  0.0  86092  1656 ?S13:16   0:00
/usr/sbin/exim4 -odi -Mc 1SI3yI-0006p5-GG
root 26334  0.0  0.1  86092  5332 ?S13:18   0:00
/usr/sbin/exim4 -Mc 1SI3zI-0006qX-Pp
mail 26339  0.0  0.0  86092  1992 ?S13:18   0:00
/usr/sbin/exim4 -Mc 1SI3zI-0006qX-Pp
mail 26341  0.0  0.0  86092  1652 ?S13:18   0:00
/usr/sbin/exim4 -Mc 1SI3zI-0006qX-Pp
root 27696  0.0  0.0   8292   880 pts/12   S+   13:24   0:00 grep exim



-- 
On two occasions I have been asked,—"Pray, Mr. Babbage, if you put into
the machine wrong figures, will the right answers come out?" ... I am not
able rightly to apprehend the kind of confusion of ideas that could
provoke such a question.
—Charles Babbage, Inventor of the computer, 1864


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] pipe transports, aliases, oh my

2011-11-07 Thread Yan Seiner

I am using Request Tracker (http://www.bestpractical.com) which has a
mailgate.

In the past I've just used aliases to pipe the mail to the appropriate
command.  Exim doesn't allow that (Or at least it's strongly discouraged.)

I have about 20 aliases that are piped to various commands.  /etc/aliases
allows this to be grouped neatly and I can see what is going on.  I need
to change the aliases occasionally.

I can't figure out how to do this in exim without creating
router/transport pairs for each email address  That's a total of 40
chunks of config files, each about 5 lines long, or some 200+ lines
altogether to replace 20 lines in /etc/aliases.  There has to be a
better way.

What is the best way to handle this many pipes?


-- 
Pain is temporary. It may last a minute, or an hour, or a day, or a year,
but eventually it will subside and something else will take its place. If
I quit, however, it lasts forever.


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] pipes: what am I missing?

2011-09-09 Thread Yan Seiner


I am trying to set up a pipe to a shell script.

rt_router:
 driver = accept
 local_part_prefix_optional
 local_part_prefix = rt-
 transport = rt_transport

rt_transport:
 driver = pipe
 command = /usr/local/bin/rtcat

The goal is to have exim dump the email to a shell script if it's 
prefaced with a 'rt-'.


The router and transport above work - as long as I don't use redirection 
in the above scrips.  As soon as I use redirection, the transport fails.


So for rtcat:

#!/bin/sh

echo 1234567 > /tmp/abc

results in

2011-09-09 20:47:34 1R2EXW-00017z-RW ** 1...@seiner.com 
 R=rt_router T=rt_transport: Child process of 
rt_transport transport returned 1 from command: /bin/sh


but for rtcat:

#!/bin/sh

echo 1234567

works (there's no error logged) but obviously there's no output.

What am I doing wrong?   I want to process the mail through a shell 
script.


--
Few people are capable of expressing with equanimity opinions which differ from 
the prejudices of their social environment. Most people are even incapable of 
forming such opinions.
   Albert Einstein


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Wildcard aliases

2011-09-09 Thread Yan Seiner


Roger Burton West wrote:

On Thu, Sep 08, 2011 at 11:56:12AM -0700, Yan Seiner wrote:

  

Is there a simple way to do this?



A router with local-part-prefix set?

R

  
How do I go about setting something like that up?  exim works for me so 
well that I never have an opportunity to learn it 


Any examples for idiots?

--
Few people are capable of expressing with equanimity opinions which differ from 
the prejudices of their social environment. Most people are even incapable of 
forming such opinions.
   Albert Einstein


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Wildcard aliases

2011-09-09 Thread Yan Seiner

I am trying to figure out a way to process all email addresses that match
a specific pattern with an external script.

In essence, I need to set up a pipe alias for all emails of the form

rt-*@my.domain.com: "|/my/local/script"

Is there a simple way to do this?




-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Are you human?

2009-08-11 Thread Yan Seiner

Michael Heydon wrote:
> Exim wrote:
>   
>> I just had a client ask for something I haven't done.  He wants emails from
>> unknown users to be sent back with a  "are you human" request they must
>> respond to correctly.  If they do, then they will be automatically added to
>> a list of valid senders.
>>   
>> 
>
> I believe it is called challenge response filtering and it is the most 
> horrible antispam tactic I have seen. If you really absolutely can not 
> get out of doing it, please make sure that you do it as a last resort, 
> check SPF, run SA, use DNSBLs.
>
>   

Not only that, but two people, each using CR, will never get to talk to 
each other; rather they will fire away their "are you human" messages at 
each other.  It only works if a tiny minority of people use it.

And, if you do use it, you will likely never hear from a large number of 
people.  I won't respond to them; many of those messages get caught in 
real spam filters.

So all in all, it's a really bad idea.

Google for challenge-response.  You will get a good variety of ideas.

-- 

   o__
   ,>/'_ o__
   (_)\(_)   ,>/'_  o__
A day may come  (_)\(_) ,>/'_  o__
when the courage of men fails, (_)\(_) ,>/'_ 
when we forsake our friends and break all (_)\(_)
bonds of fellowship, but it is not this day.
It is not this day!
This day we ride!

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Require authentication from local users

2009-06-18 Thread Yan Seiner

Yan Seiner wrote:
> Phil Pennock wrote:
>   
>>
>> Note that you're just adding an extra rejection step at the start of
>> acl_check_rcpt, so if you keep all the rest of that logic the same then
>> you won't risk an open mail relay (unless you're already an OMR).
>> 
>   
Actually, the only thing that's needed is this:

   denyhosts = +home_net
   !authenticated = *
  set acl_c_denied_by_mail = yes
  set acl_c_dbm_message = Papers, please.

That blocks both 25 and 587 unless the user is authenticated.  
Submissions to the local domain work fine.  Just outgoing email needs an 
authenticated user.

That's pretty neat.

--Yan

-- 
Yan Seiner 



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Require authentication from local users

2009-06-18 Thread Yan Seiner

Phil Pennock wrote:
> On 2009-06-18 at 08:55 -0700, Yan Seiner wrote:
>   
>> I'm hot in pursuit of my time-limited ACL.  I've run into yet another
>> stumbling block; my exim config allows local users to send mail without
>> authentication.
>>
>> Can I get a couple of hints on how to configure exim to:
>>
>> 1. Allow unlimited receipt of emails for the local domains
>> 2. Require local users to authenticate at all times
>> 3. Prevent open relaying
>>
>> Obviously I'm concerned about inadvertently causing 3.  1 and 2 are
>> somewhat contradictory as I would like to authenticate all local users,
>> even if they're sending local email.
>> 
>
> So your children haven't yet figured out how to create a Gmail account
> and send mail via Submission on that, back in?  Or are you firewalling
> 25 and 587 outbound except from the mailbox?  Note that firewalling off
> 587 is normally "unfriendly" by ISPs, but it's your house and your
> rules.  I hope you don't have work-related household visitors who expect
> to be able to handle mail ...
>   
It's a sort of "because I can" - it teaches me a lot about proxies, 
acls, and so on, and when my kids get to the point of hacking around my 
assorted firewalls and proxies we'll all learn together.  Know a better 
way to learn?  ;-)

> As long as you have inbound unauthenticated, outbound authentication for
> the purposes of controlling sending at all is problematic;
> authentication for making sure that those who wish to send mail have
> credentials to do so is another matter, and useful for those trying to
> enforce accountability and reduce spam-sources within their
> organisations.
>   
I definitely want to do the latter.

> You can create an ACL on the MAIL command (acl_smtp_mail sets the ACL
> name); because some clients allegedly get upset by 4xx/5xx failures on
> MAIL, rather than reject there you reject at RCPT stage.
>   

Thanks.  I'll play with it.
> Something like this (untested):
>
> 8< cut here >8--
> # main section:
> hostlist home_net = 192.0.2.0/24
> acl_smtp_mail = acl_check_mail
> acl_smtp_rcpt = acl_check_rcpt
> #...
> begin acl
>
> acl_check_mail:
>
>   warnset acl_c_denied_by_mail = no
>   set acl_c_dbm_message = Because my configs are broken
>
>   accept  hosts = !+home_net
>
>   accept  hosts = +home_net
>   condition = ${!=={$received_port}{587}}
> set acl_c_denied_by_mail = yes
> set acl_c_dbm_message = You should use the submission port (587) to 
> send email
>
>   denyhosts = +home_net
>   !authenticated = *
> set acl_c_denied_by_mail = yes
> set acl_c_dbm_message = Papers, please.
>
>   accept
>
> # This one will already exist
> acl_check_rcpt:
>
>   denycondition = $acl_c_denied_by_mail
>   message = $acl_c_dbm_message
>
>   # ALL THE REST OF THE EXISTING ACL GOES HERE
> --------8< cut here >8--
>
> Note that you're just adding an extra rejection step at the start of
> acl_check_rcpt, so if you keep all the rest of that logic the same then
> you won't risk an open mail relay (unless you're already an OMR).
>
> Regards,
> -Phil
>
> !DSPAM:4a3ac0a8271031804284693!
>
>   


-- 
Yan Seiner 

Support my bid for the 4J School Board.
Visit http://www.seiner.com/schoolboard



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Require authentication from local users

2009-06-18 Thread Yan Seiner

Hi everyone:

I'm hot in pursuit of my time-limited ACL.  I've run into yet another
stumbling block; my exim config allows local users to send mail without
authentication.

Can I get a couple of hints on how to configure exim to:

1. Allow unlimited receipt of emails for the local domains
2. Require local users to authenticate at all times
3. Prevent open relaying

Obviously I'm concerned about inadvertently causing 3.  1 and 2 are
somewhat contradictory as I would like to authenticate all local users,
even if they're sending local email.

(My "problem" is that exim is so bloody stable that I never have to touch
it, so when I want to change the config I basically start over - having
forgotten everything I've learned before... The last time I had to
reconfigure it was in 2007.)

--Yan

-- 
Yan Seiner, PE



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] time-of-day ACLs

2009-06-17 Thread Yan Seiner

Phil Pennock wrote:
> On 2009-06-16 at 08:17 -0700, Yan Seiner wrote:
>   
>> I'd like to be able to deny access to specific users at specific times of
>> day.
>>
>> For example, user Joe might have access during the following hours (local
>> time):
>>
>> 0600-0745
>> 1700-1900
>> 2000-2145
>>
>> At times other than these Joe's access to the smtp server should be
>> denied.  I'd like to be able to do this on a per-user basis.
>> 
>
> So you will have a lookup on the $authenticated_id (since I'm guessing
> that's how you know it's Joe) that will return a list of timestamps.
> Call the results of that LOOKUP, let's assume it's colon-separated,
> looking like:
>   0600-0745:1700-1900:2000-2145
>
> Have the tool which generates the lookup normalise the times to GMT.
>
> You can then use $tod_zulu to get the current date and time in GMT as a
> sequence of digits followed by 'Z', and substr to extract the current
> time.
>
> Thus ${substr_8_4:$tod_zulu} yields the current time in an appropriate
> format.
>
> So the expression to check if the current time is within 0500 and 0600
> would be:
> ${if 
> and{{>{${substr_8_4:$tod_zulu}}{0500}}{<{${substr_8_4:$tod_zulu}}{0600
>
> So, if this holds true for any of the time ranges in LOOKUP, then we can
> have a condition be true, otherwise false.
>
> Let's assume that you've made sure that each time-range is nine digits
> long, "0600-0745" and not validate that much; feel free to change the
> split logic according to your degree of trust in the DB building tools
> you have, but the simplest is to just use substring extraction again;
> ${substr_0_4:RANGE} and ${substr_5_4:RANGE} for the given timestamps.
>
>   ${if forany{LOOKUP}{and{\
>   {>{${substr_8_4:$tod_zulu}}{${substr_0_4:$item}}}\
>   {<{${substr_8_4:$tod_zulu}}{${substr_5_4:$item}}}\
>   }}}
>
> The value of $tod_zulu changes but it shouldn't affect the results much;
> reverse the order of the checks if you want to grant a few microseconds
> more leeway.  ;)
>
> It's up to you to provide LOOKUP and use the result of the condition
> accordingly.
>
> -Phil
>
>   
First of all, thanks for the help.  It looks like it should be fairly 
simple, but I can't get my head around it  I'm trying to understand 
how the acl stuff works.  I can't figure out a way to show/log what exim 
is doing.

I've boiled this down to a trivial example.  I seem to be stuck, 
though.  At one time I had this working - it was refusing to let me send 
mail.  I made some changes, added the logwrite stuff, and   now it 
allows me to send mail and it doesn't log anything

acl_smtp_auth:
deny condition = ${if eq{$authenticated_id}{yan}}
logwrite = user $authenticated_id not allowed access at 
this time

accept
logwrite = user $authenticated_id allowed access at this 
time

exim4 -bt apparently doesn't allow me to see what's going on with 
authentication  Is there any way to debug this?

-- 
Yan Seiner 



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] time-of-day ACLs

2009-06-17 Thread Yan Seiner

Ian Eiloart wrote:
>
>
> --On 16 June 2009 08:17:21 -0700 Yan Seiner  wrote:
>
>>
>> I'd like to be able to deny access to specific users at specific 
>> times of
>> day.
>>
>> At times other than these Joe's access to the smtp server should be
>> denied.  I'd like to be able to do this on a per-user basis.
>
>
> It would be interesting to the reason for limiting usage.
>
Well, it's mostly to see if I can.  ;-)  OTOH, my kids have discovered 
computers in a big way and they've also discovered that they can waste a 
huge amount of time sitting in front of them.  So we've come to an 
agreement that certain things will be limited; web access (via squid), 
TV (via mythtv) and email will only work during certain times of day.  
That way they *know* they don't work, and while they can still get email 
from friends they can't reply.

So far it's working - they'd rather go to the park and play than sit in 
front of a dead box.  :-)

--Yan

-- 
Yan Seiner 



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] time-of-day ACLs

2009-06-16 Thread Yan Seiner

Yan Seiner wrote:
> I'd like to be able to deny access to specific users at specific times of
> day.
>
> For example, user Joe might have access during the following hours (local
> time):
>
> 0600-0745
> 1700-1900
> 2000-2145
>
> At times other than these Joe's access to the smtp server should be
> denied.  I'd like to be able to do this on a per-user basis.
>   
Can anyone give me any clues?

I've been reading through the docs but I can't get any traction

What I want (I think) is something that takes $authenticated_id and 
$tod_full, extracts DOW, hour, and minute, checks against an acl for 
allowed times for that user, and either denies or accepts.  I've been 
playing with this but all the acls I build are ignored (no error, but 
nothing happens.)

Is there an acl for idiots guide somewhere?

-- 
Yan Seiner 

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] time-of-day ACLs

2009-06-16 Thread Yan Seiner


I'd like to be able to deny access to specific users at specific times of
day.

For example, user Joe might have access during the following hours (local
time):

0600-0745
1700-1900
2000-2145

At times other than these Joe's access to the smtp server should be
denied.  I'd like to be able to do this on a per-user basis.

--Yan

-- 
Yan Seiner, PE



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Misconfigured FQDN

2009-04-14 Thread Yan Seiner


I've gotten a couple of these bounces.  Seems that my FQDN is
misconfigured.  Exim is using my internal name without a domain instead of
mail.seiner.com...  Where do I start looking?  Sorry if this is a FAQ
somewhere; my google-fu is weak today

This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  x...@yyy
SMTP error from remote mail server after RCPT
TO::
host  [aaa.bbb.ccc.]: 504 5.5.2 :
Helo command rejected: need fully-qualified hostname

-- This is a copy of the message, including all the headers. --

Return-path: 
Received: from localhost
([127.0.0.1] helo=www.datavault.us ident=www-data)
by selene with esmtp (Exim 4.69) <<<<***
(envelope-from )
id 1Lts3S-IN-Uw
for x...@; Tue, 14 Apr 2009 16:28:39 -0700



-- 
Yan Seiner, PE

Support my bid for the 4J School Board
http://www.seiner.com


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] exim meltdown

2009-03-17 Thread Yan Seiner

My server has mysteriously locked up a couple of times in the last few days.

I looked at it today and saw that all 4 cores were running at 100%, fans 
were howling, and exim was getting hammered by messages.

I use spamassassin, dspam, and exim.  Somehow the mysql tables for dspam 
got corrupted, and (apparently) exim was in an endless loop.

I shut down dspam, spamassassin, exim, and repaired the mysql tables, 
and all is well

Is there any way to throttle exim so that it quits refusing messages 
when system resources get close to saturated?

(I know this is a dspam/spamassin problem, but I'd like to get exim 
smart enough to stop receiving messages if it's too busy while I figure 
this out.)

--Yan

-- 
Yan Seiner 

Support my bid for the 4J School Board.
Visit http://www.seiner.com/schoolboard



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] [OT] Stupid spammers

2009-02-18 Thread Yan Seiner


On Wed, February 18, 2009 4:15 pm, windy_1 wrote:
>   We have a home school project web site for kids ages 6 to 14 and get
> over
> 500 spam a day, most totally inappropriate for kids. We had to add parents
> to
> filter the mail. In my opinion it is beyond sick. They have all these
> stupid
> laws about "child safe content" but they don't give a hoot about someone
> sending porn to the kids or using the kids' web site email address as a
> return
> address to send out porn so the kids get a few thousand bounced porn
> emails
> obviously not sent by the kids (who's server can NOT send mail).
>  So do a whois lookup on ICANN's web site and send an email to the
> person listed as admin. It bounces. Then attach the bounce to a complaint
> to
> ICANN for improper whois info on the offender. That they will do something
> about
>go figure

Use sa + dspam + clamav.  That takes care of 99.9% of my spam.  (Of
course, with 1000+ spam / day, the .1% percent that get through are
annoying, but...)  Trying to stop spammers is fruitless; no one can or
will do anything about it.  :-(

> gayle
>
> On Thu, 19 Feb 2009 10:30:37 +1100, Ted Cooper wrote
>> Did anyone else just get spammed by a SEO company offering to increase
>> the nabble website ranking? :P  I'll be hunting down all of their
>> domains and name servers later to block them forever.
>>
>> Time to cycle my email address again.
>>
>> --
>> The Exim Manual
>> http://www.exim.org/docs.html
>> http://docs.exim.org/current/
>>
>> --
>> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
>> ## Exim details at http://www.exim.org/
>> ## Please use the Wiki with this list - http://wiki.exim.org/
>
> --
>
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
> !DSPAM:499ca55790211804284693!
>
>


-- 
  o__
  ,>/'_  o__
  (_)\(_),>/'_o__
Yan Seiner  (_)\(_)   ,>/'_ o__
   Personal Trainer  (_)\(_),>/'_o__
 Professional Engineer (_)\(_)   ,>/'_
Who says engineers have to be pencil necked geeks?  (_)\(_)

You are an adult when you realize that everyone's an idiot sometimes. You
are wise when you include yourself.



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] multiple copies of exim4 running

2008-12-10 Thread Yan Seiner

Marc Sherman wrote:
> Gerard Hooton wrote:
>   
>> Which config file do I set the max connections, I have a split config 
>> 
>
> That's a question for the debian mailing list. Split config isn't 
> supported here.
>   
Dumb question:  What's a split config?

--Yan

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] global .forward file

2008-12-07 Thread Yan Seiner

Is there any way to configure a global .forward file?

I'm playing around with vexim , which 
adds virtual users to exim.  Since these virtual users don't really 
exist on the server, there is no place to add a .forward file.

What I really need is a simple filter that does this:

if $h_X-DSPAM-Result: is "Spam" then save mail/Junk

for all virtual users.  The only other complication is that the above is 
for mbox files; I want to use maildir, but I think the idea is the 
same.  I need to be able to put any suspected spam into the spambox, for 
all users, without a .forward file for each user.

Thanks,

--Yan

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Virtual users with no local accounts

2008-12-04 Thread Yan Seiner

I'd like to set up a few accounts on a virtual domain.  I don't want these
users to have local accounts, or at least login accounts.

Right now with my virtual accounts, mail gets delivered to the local
machine and the virtual domain name is lost.

I'd like to be able to set up email delivery to a web interface like
squirrelmail, and maintain a separate domain for these users.

Right now, [EMAIL PROTECTED] and [EMAIL PROTECTED] both end up in the local yan
mailbox.  Is there some way to set it up that the two accounts stay
separate?  Any ideas?

--Yan

-- 
  o__
  ,>/'_  o__
  (_)\(_)        ,>/'_o__
Yan Seiner  (_)\(_)   ,>/'_ o__
   Personal Trainer  (_)\(_),>/'_o__
 Professional Engineer (_)\(_)   ,>/'_
Who says engineers have to be pencil necked geeks?  (_)\(_)

You are an adult when you realize that everyone's an idiot sometimes. You
are wise when you include yourself.



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] exim fails to start after debian lenny upgrade

2008-05-13 Thread Yan Seiner

Graeme Fowler wrote:
> On Tue, 2008-05-13 at 05:57 -0700, Yan Seiner wrote:
>   
>> OK, this is not quite an exim problem, but I hope someone can clue me in...
>> 
>
> You're quite right, it isn't - you'll be better off asking on the
> relevant Debian support list:
>
> http://lists.alioth.debian.org/mailman/listinfo/pkg-exim4-users
>
> ...which is detailed in the README.Debian that the Debian exim4 package
> contains.
>   

Thanks  Too early and not enough coffee to think straight.  Sorry 
for the noise.

The relevant fix is here:

http://lists.alioth.debian.org/pipermail/pkg-exim4-users/2008-May/001363.html

--Yan

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] exim fails to start after debian lenny upgrade

2008-05-13 Thread Yan Seiner

OK, this is not quite an exim problem, but I hope someone can clue me in...

I am running debian lenny.  I did an upgrade last night, and now exim 
won't restart via the /etc/init.d/exim4 script; it fails with

selene:/etc/init.d# /etc/init.d/exim4 start
Starting MTA:start_daemon -p /var/run/exim4/exim.pid /usr/sbin/exim4 -bd 
-q30m
exim: incompatible command-line options or arguments
selene:/etc/init.d#

I put in an echo statement; it's the start_daemon line that's failing.  
The strange thing is that there's nothing wrong with exim itself:

selene:/etc/init.d# /usr/sbin/exim4 -bd -q30m
selene:/etc/init.d# ps auxwww | grep exim
100  12585  0.0  0.0  83140  1488 ?Ss   05:48   0:00 
/usr/sbin/exim4 -bd -q30m
root 12615  0.0  0.0   8236   816 pts/8R+   05:49   0:00 grep exim
selene:/etc/init.d#

Anyone else have this issue?  And how do I fix it?
  

-- 
  o__
  ,>/'_  o__
  (_)\(_)    ,>/'_o__
Yan Seiner  (_)\(_)   ,>/'_ o__
   Personal Trainer  (_)\(_),>/'_o__
 Professional Engineer (_)\(_)   ,>/'_
Who says engineers have to be pencil necked geeks?  (_)\(_)

"I worry about my child and the Internet all the time, even though she's too 
young to have logged on yet. Here's what I worry about. I worry that 10 or 15 
years from now, she will come to me and say 'Daddy, where were you when they 
took freedom of the press away from the Internet?'"
--Mike Godwin, Electronic Frontier Foundation 


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] imap recomendation

2008-03-27 Thread Yan Seiner

Arvid Ephraim Picciani wrote:
> Hi,
> anyone can recommend an imap server? 
> Tried courier but i really dislike it. I don't run exim as root so courier 
> will just disconnect the client without any warning whatsoever becouse the 
> mails are owned by exim and not the user. (although the user can write them 
> through group rights). which is not acceptable.
>   

I've been using dovecot for a while now with no problems.

> Also i'd like to filter spam into INBOX.Spam as well as mailing lists into 
> INBOX.SomeLists directly by exim.  i figured i could use .forward, but it is 
> fairly limited. any other ideas to do that?
>   
I use spamassassin + dspam to filter email.  Spam is tagged by dspam in 
the headers.  I then use the following simple .forward file:

# Exim filter

if $h_X-DSPAM-Result: is "Spam" then save mail/Junk
elif $h_from: contains "[EMAIL PROTECTED]" then save mail/system
elif $h_from: contains "[EMAIL PROTECTED]" then save mail/system
elif not personal then save mail/lists
endif

--Yan

-- 
  o__
  ,>/'_  o__
  (_)\(_),>/'_o__
Yan Seiner  (_)\(_)   ,>/'_ o__
Certified Personal Trainer   (_)\(_),>/'_o__
Licensed Professional Engineer (_)\(_)   ,>/'_
Who says engineers have to be pencil necked geeks?  (_)\(_)

Help out my kids' school: http://www.seiner.com/blog/Travels/


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Slightly OT: autodelete older emails

2008-03-26 Thread Yan Seiner

Marc Sherman wrote:
> Yan Seiner wrote:
>   
>>   
>> So how do I find emails older than some arbitrary date?  I started down 
>> that path, but couldn't find a ready-made way to select emails by date.  
>> formail doesn't do that AFAICT.
>> 
>
> Ted's find script is the same way I do it.
>   

OK, so I guess that brings up the next question

I'm running debian, which seems partial to mbox format.

How do I convert to maildir with the least amount of pain?

--Yan

-- 
  o__
  ,>/'_  o__
  (_)\(_),>/'_o__
Yan Seiner  (_)\(_)   ,>/'_ o__
Certified Personal Trainer   (_)\(_),>/'_o__
Licensed Professional Engineer (_)\(_)   ,>/'_
Who says engineers have to be pencil necked geeks?  (_)\(_)

Help out my kids' school: http://www.seiner.com/blog/Travels/


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Slightly OT: autodelete older emails

2008-03-26 Thread Yan Seiner

Marc Sherman wrote:
> Yan Seiner wrote:
>   
>> I am using exim .forward to put all mailist emails into a single lists 
>> file.  Now I would like to set up that list file as a ringbuffer, so 
>> that when a new email comes in, an older one drops off.  (most maillists 
>> are archived anyway, so there's no point in keeping old emails).
>>
>> I can either do this as each mail comes in, or daily in batch, but how 
>> do I set up a filter to delete older emails?  Or should I write a script 
>> to do this from cron?
>> 
>
> Cron is definitely the right way to do this; you don't want to inspect 
> your entire mailstore possibly hundreds of times a day as each message 
> arrives, looking for old messages to expire.
>
> I do something similar with my Sent folder (moving messages older than 
> two weeks to an Archive folder) and it works well.
>
>   
So how do I find emails older than some arbitrary date?  I started down 
that path, but couldn't find a ready-made way to select emails by date.  
formail doesn't do that AFAICT.

--Yan

-- 
  o__
  ,>/'_  o__
  (_)\(_),>/'_o__
Yan Seiner  (_)\(_)   ,>/'_ o__
Certified Personal Trainer   (_)\(_),>/'_o__
Licensed Professional Engineer (_)\(_)   ,>/'_
Who says engineers have to be pencil necked geeks?  (_)\(_)

Help out my kids' school: http://www.seiner.com/blog/Travels/


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Slightly OT: autodelete older emails

2008-03-26 Thread Yan Seiner

I am using exim .forward to put all mailist emails into a single lists 
file.  Now I would like to set up that list file as a ringbuffer, so 
that when a new email comes in, an older one drops off.  (most maillists 
are archived anyway, so there's no point in keeping old emails).

I can either do this as each mail comes in, or daily in batch, but how 
do I set up a filter to delete older emails?  Or should I write a script 
to do this from cron?

--Yan

-- 
  o__
  ,>/'_  o__
  (_)\(_),>/'_    o__
Yan Seiner  (_)\(_)   ,>/'_ o__
Certified Personal Trainer   (_)\(_),>/'_o__
Licensed Professional Engineer (_)\(_)   ,>/'_
Who says engineers have to be pencil necked geeks?  (_)\(_)

Help out my kids' school: http://www.seiner.com/blog/Travels/


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] toaster?

2008-03-08 Thread Yan Seiner

A Guy wrote:
> Since i never worked with exim it scares me that i will make my server
> spammer friendly or less secure. Lot of those packages i mentioned have rpms
> available. So far, only one thing is missing: good web interface that i can
> give to my users so that they can work with their email accounts without
> calling me. Because everything about exim is new to me i was asking maybe a
> too general question.
>   

I have to echo these concerns. I came to Exim from Sendmail, mostly
because the debian .deb for sendmail is really badly broken, and I
didn't want to build sendmail from scratch again. Exim, while very
powerful, is really complicated.

It would help tremendously if there were canned configs available:

exim relay to smarthost
exim single domain
exim + dspam + sa

and so on.

I ended up hunting and gathering all over the web for snippets of config
files and had a hard time getting exim to work.

It's a real hurdle for those of us switching from other MTAs.

Back to the OP:

Your users shouldn't really have to mess with exim. You want something
like dovecot to give your users access to their mail, with squirrelmail
for the user interface.

--Yan

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Sender Verify

2007-12-19 Thread Yan Seiner

On Wed, Dec 19, 2007 at 03:50:30PM +, Peter Bowyer wrote:
> On 19/12/2007, Daniel Aquino <[EMAIL PROTECTED]> wrote:
> > In the default config file a line in the first ACL is:
> >
> >  require verify= sender
> >
> > Does this require a reverse smtp connection to check if the sender is
> > a valid recipient on the relay?
> 
> No. As the docs indicate[1], it simply runs the sender address through
> the routers in your config to determine if a message addressed to the
> purported sender would be routable. The /callout option causes the
> behaviour you're referring to.

Hmmm..  Would it be possible to set up exim to sender verfify, and then 
enenter the result in a header?  e.g:

X_Sender_Verified: Yes

That way dspam could use that to filter as well.

--Yan

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Authentication

2007-10-31 Thread Yan Seiner

Dave Evans wrote:
> On Wed, Oct 31, 2007 at 03:26:13PM -0700, Yan Seiner wrote:
>   
>> 1.  Clients connecting on 25 unauthenticated can send email only to the 
>> local domains.
>>
>> 2.  Clients requesting relaying must connect encrypted and authenticate.
>>
>> 3.  Clients requesting relaying unencrypted are rejected.
>> 
>
> Pretty standard...
>
>   
>> I have TLS working so encryption is there but I can't get the 
>> authentication to go.
>> 
>
> So it sounds like once you've got the authentication working, your relaying
> will be fine too.
>
> However, I think we could do with some more information...
>
> What sort of authentication do you want?  
I've been authenticating against PAM, but from what I gather that's not 
a good idea.  So a local exim passwd file would be fine.  (I only have a 
few users who would request relaying.)

> What does your "authentication"
> config section look like? 

# this returns the matching line from passwd.client and doubles all ^
PASSWDLINE=${sg{\

${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
}\
{\\N[\\^]\\N}\
{^^}\
}

plain:
  driver = plaintext
  public_name = PLAIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
  client_send = "<; ${if !eq{$tls_cipher}{}\
{^${extract{1}{:}{PASSWDLINE}}\
 ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}\
   }fail}"
.else
  client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\
^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
.endif

login:
  driver = plaintext
  public_name = LOGIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
  # Return empty string if not non-TLS AND looking up $host in passwd-file
  # yields a non-empty string; fail otherwise.
  client_send = "<; ${if and{\
  {!eq{$tls_cipher}{}}\
  {!eq{PASSWDLINE}{}}\
 }\
  {}fail}\
 ; ${extract{1}{::}{PASSWDLINE}}\
 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
.else
  # Return empty string if looking up $host in passwd-file yields a
  # non-empty string; fail otherwise.
  client_send = "<; ${if !eq{PASSWDLINE}{}\
  {}fail}\
 ; ${extract{1}{::}{PASSWDLINE}}\
 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
.endif


>  What sort of failure are you experiencing - does
> the server not offer the authentication, or does the server reject the
> client's credentials?  
The server doesn't listen on SSL at all, and anything on 25 is rejected.


> What do the logs show?  
2007-10-31 14:57:08 H=mail.piercecorporation.com ([192.168.2.3]) 
[66.224.227.170] F=<[EMAIL PROTECTED]> rejected RCPT 
<[EMAIL PROTECTED]>: relay not permitted
2007-10-31 14:57:12 unexpected disconnection while reading SMTP command 
from mail.piercecorporation.com ([192.168.2.3]) [66.224.227.170]


> Have you tried running with
> debugging enabled (exim -d)?  What does the debug output look like?
>   
No; I guess that's next.

--Yan


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Authentication

2007-10-31 Thread Yan Seiner

OK, I know this has been re-hashed many times, but I'm going cross-eyed 
from reading the docs and not getting any closer.

My background:

I've been running sendmail for the last 10 years; typically compiling 
from source.  As I am starting to maintain more systems remotely, I am 
looking for an easier MTA.  exim4 comes with debian and works, pretty 
much, out of the box.

My policies are as follows:

1.  Clients connecting on 25 unauthenticated can send email only to the 
local domains.

2.  Clients requesting relaying must connect encrypted and authenticate.

3.  Clients requesting relaying unencrypted are rejected.

Sounds simple.  But I can't for the life of me get 2 to work.  exim 
always rejects relaying.  (That's good, anyway.)

I have TLS working so encryption is there but I can't get the 
authentication to go.

I am running exim4-heavy from debian lenny. 

Could someone please clue me in?  I need the "exim4 relaying for morons" 
guide

Thanks,

--Yan

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

43 matches

Mail list logo