Adrian wrote:
> By having
> server_condition = ${if crypteq {$3}{${lookup pgsql {SELECT password FROM
> users WHERE username='$2'}}}{yes}{no}}
> in the authenticator it was possible for me to execute a bad SQL query
> by sending this username:
> test'; INSERT INTO valid_email_addresses VALUES ('a
On 5 Feb 2006, at 22:08, Fred Viles wrote:
On 5 Feb 2006 at 19:16, Giuliano Gavazzi wrote about
"[exim] problem with certain DNS loo":
| let me cut it short:
|
| set acl_c9 = ${lookup dnsdb{ns=152/29.160.221.217.in-addr.arpa}
| {$value}{none}}
|
| should give ns.ondecorte.net and instead i
Adrian wrote:
Hi,
I've noticed that SQL Injection is possible when using a SQL Query for
SMTP AUTH.
By having
server_condition = ${if crypteq {$3}{${lookup pgsql {SELECT password FROM users
WHERE username='$2'}}}{yes}{no}}
in the authenticator it was possible for me to execute a bad SQL query
On 5 Feb 2006, at 22:35, Dave Lugo wrote:
When one cannot determine spam/ham before end-of-data, boucing
spam/viruses is much worse than simply bit-bucketing it, imho.
if one cannot determine spam/ham before end-of-data [so that he
is happy to deliver to the end user,] he is better
off with s
On 6 Feb 2006, at 01:08, Stephen Gran wrote:
the helo name matches the rdns
this is not such a good (or justified) criterium.
The HELO should match the IP, via forward DNS.
It will match the rDNS by way of DNS consistency,
but this is not the root requirement, it is just a corollary.
the hel
On Sun, 5 Feb 2006, Giuliano Gavazzi wrote:
> set acl_c9 = ${lookup dnsdb{ns=152/29.160.221.217.in-addr.arpa}{$value}{none}}
>
> should give ns.ondecorte.net and instead it gives none. (I call it from the
> DATA acl but this is irrelevant)
Using "exim -d -be" shows that the problem is this:
D
On Sun, 5 Feb 2006, Stephen Gran wrote:
> On Sun, Feb 05, 2006 at 01:39:45AM +0100, Stanislaw Halik said:
> > Adam Funk <[EMAIL PROTECTED]> wrote:
> > > I propose for the wishlist a router option that would allow Exim to
> > > pass on to the next router if the text accompanying a 5yz error
> > > m
On 6 Feb 2006, at 11:44, Philip Hazel wrote:
On Sun, 5 Feb 2006, Giuliano Gavazzi wrote:
set acl_c9 = ${lookup dnsdb{ns=152/29.160.221.217.in-addr.arpa}
{$value}{none}}
should give ns.ondecorte.net and instead it gives none. (I call it
from the
DATA acl but this is irrelevant)
Using "e
On Mon, Feb 06, 2006 at 10:06:48AM +0100, Giuliano Gavazzi said:
>
> On 6 Feb 2006, at 01:08, Stephen Gran wrote:
>
> >the helo name matches the rdns
>
> this is not such a good (or justified) criterium.
> The HELO should match the IP, via forward DNS.
> It will match the rDNS by way of DNS cons
On Sat, 4 Feb 2006, Jeremy Harris wrote:
>
> I note with interest that sesame's spam-labelling
> leaves the original Subject: line in place,
> adding a new one later in the headers - and that
> Thunderbird displays the later one.
I believe that whatever spam labelling you are seeing isn't being do
On Mon, 2006-02-06 at 11:39 +, Tony Finch wrote:
> On Sat, 4 Feb 2006, Jeremy Harris wrote:
> >
> > I note with interest that sesame's spam-labelling
> > leaves the original Subject: line in place,
> > adding a new one later in the headers - and that
> > Thunderbird displays the later one.
>
>
On Sun, 5 Feb 2006, Jakob Hirsch wrote:
>
> acl_check_mail:
>
> deny
> message = sender does not match auth data
> ! senders = ${lookup mysql {select address from smtp_auth where
> username='${quote_mysql:$authenticated_id}'}}
That works if you have fairly uniform addresses, or a well-populat
On Mon, 6 Feb 2006, g wrote:
>
> That is CNAMES and Zones can have a slash in their value, while a
> slash is not allowed in a domain name.
Your terminology is mixed up. Domain names can have any characters in
them. Hostnames (which resolve to A or records) and mail domains
(which resolve to
On Sun, 5 Feb 2006, Jeremy Harris wrote:
>
> - Don't do it in the rcpt acl, you'll be repeating it during
> multi-recipient messages.
Exim caches ACL test results so this isn't a problem.
Tony.
--
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}
g wrote:
> is legal. That is CNAMES and Zones can have a slash in their value,
> while a slash is not allowed in a domain name. So, in the "a/test" zone,
> I cannot have A records like:
>
> aINA127.0.0.1
>
> The error given by bind is: bad owner name (check-names)
That's a bind limi
On Mon, 6 Feb 2006, g wrote:
> I guessed that... indeed I cannot get a slash as a PTR or as a LHS of an A
> record.
The DNS specifications allow any character other than a dot in
components of domain names.
However, RFC 2821 (SMTP) restricts email domains to letters, digits, and
hyphens, and RF
On Mon, 6 Feb 2006, Philip Hazel wrote:
>
> The DNS specifications allow any character other than a dot in
> components of domain names.
Actually, dots are allowed too (!). The protocol-level representation of
DNS labels is a counted string so even nul characters are permitted (!!).
There's a synt
Tony Finch wrote:
>
> That works if you have fairly uniform addresses, or a well-populated
> database. My approach is to store the username in $address_data in the
> final router that handles local delivery.
I thought your approach was to use sender rewriting in submission mode?
Isn't that why y
On 6 Feb 2006, at 13:34, Philip Hazel wrote:
The reason for the existence of dns_check_names_pattern is that some
resolvers give (gave?) temporary errors instead of "no such record"
when
presented with a name containing "strange" characters. There shouldn't
actually be a need for dns_check_n
Cancel that, solution is in the list expected.
I assumed since the file I was supplying was newline seperated that I
wanted that as well, after reading another post regarding mailing lists
I found a result transform:
senders = ${sg {${lookup
ldapm{ldap://localhost/ou=$domain,dc=mydomain,dc=com?
Greetings all,
Exim version 4.50
I have setup my LDAP structure to support a custom CourierBlacklist
objectClass containing a "mail" attribute. I am then, in
acl_check_rcpt, attempting to do a lookup of all CourierBlacklist
objects under that domain to see if a sender or recipient matches.
Res
On 6 Feb 2006, at 14:24, Giuliano Gavazzi wrote:
Atch, I though I would test this against microsoft so I typed:
dig p/d.microstoft.com
;; QUESTION SECTION:
;p/d.microstoft.com.IN A
;; ANSWER SECTION:
p/d.microstoft.com. 3600IN A 64.49.213.238
what the...?
Philip Hazel wrote:
On Fri, 3 Feb 2006, Kenevel wrote:
Following on from this, surely the VERP section in the documentation needs
revisiting if setting return_path is redundant?
I have not followed the details of this thread, but, for a message
delivered over SMTP, you can change the retu
On Fri, 3 Feb 2006, Bill Hacker wrote:
> Hmmm how about web-alizing those 'as is' in one iFrame,
> and putting the old-style 'topic/ alphabetical director' index in the a side
> bar in another frame? Created by an external process?
I'm sure that Nigel, who was hoping to think more about the
On Mon, 6 Feb 2006, Marc Sherman wrote:
>
> I thought your approach was to use sender rewriting in submission mode?
> Isn't that why you implemented it? Or do you only use it in certain
> situations?
We do that too. The logic is that we use the anti-forgery check to slap
people who are playing s
I have my acl defined to accept from authenticated connections but i
want to make some basic filtering for
- Forwards can be only configured to send to local domains
Example: local_domains: example.com
My users can set up forwards but the destination of the forwarded
email can be only on example.
On Mon, 6 Feb 2006, alexis wrote:
>
> - Forwards can be only configured to send to local domains
> My users can set up forwards but the destination of the forwarded
> email can be only on example.com
That's something you should probably configure in your system for
configuring forwarding. If your
On 2/6/06, Tony Finch <[EMAIL PROTECTED]> wrote:
> On Mon, 6 Feb 2006, alexis wrote:
> >
> > - Forwards can be only configured to send to local domains
> > My users can set up forwards but the destination of the forwarded
> > email can be only on example.com
>
> That's something you should probably
Here are the symptoms:
The server is running cPanel. All domains except the first domain can send and
receive mail. The first domain can receive mail, but not send mail.
I can log into the user's POP3 account using telnet to port 25, then try to send
mail through the SMTP port, but as soon as I e
On 06/02/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> So, I'm wondering if anyone knows how to check smtp authorization from telnet?
You need John Jetmore's 'swaks' tool -
http://www.jetmore.org/john/code/#swaks
--
Peter Bowyer
Email: [EMAIL PROTECTED]
Tel: +44 1296 768003
VoIP: sip:[EMA
[EMAIL PROTECTED] wrote:
>
> 550-hostname.domain.name (localhost) [xx.xx.xx.xx] is currently not permitted
> 550-to relay through this server. Perhaps you have not logged into the
> pop/imap
> 550-server in the last 30 minutes or do not have SMTP Authentication turned on
> 550 in your email clien
Because it just came up (and I may write some code and a patch, but I
don't have time just at the moment), a feature suggestion is to be able
to filter on number of recipients per queue entry, possibly both more than
and less than.
What do people think?
Cheers
MBM
--
Matthew Byng-Maddick
On Mon, Feb 06, 2006 at 10:41:38AM -0600, John Jetmore wrote:
> On Mon, 6 Feb 2006, Matthew Byng-Maddick wrote:
>> Because it just came up (and I may write some code and a patch, but I
>> don't have time just at the moment), a feature suggestion is to be able
>> to filter on number of recipients pe
Chris Purves wrote:
Michael Ben-Nes wrote:
Chris Purves wrote:
Michael Ben-Nes wrote:
I'm getting allot of User unknown rejection messages.
Seems that spammers tend to guess popular account names for domains.
Is there a way to drop User unknown messages ?
What do you mean? Do you wa
--On 6 February 2006 18:54:38 +0200 Michael Ben-Nes <[EMAIL PROTECTED]>
wrote:
I want exim to discard the message and not forward it to my account.
I still don't understand the problem. Are you saying that exim
forwards all undeliverable messages to you? Or are you saying that
when mes
On Mon, 6 Feb 2006, alexis wrote:
>
> actually, i forgot to mention this, im configuring the forwards on a
> mysql table.
In that case the best place to implement this check is in the code that
adds stuff to the database.
Tony.
--
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]> http://dotat.at/ ${
great, thanks a lot.
btw the other control worked just fine.
On 2/6/06, Tony Finch <[EMAIL PROTECTED]> wrote:
> On Mon, 6 Feb 2006, alexis wrote:
> >
> > actually, i forgot to mention this, im configuring the forwards on a
> > mysql table.
>
> In that case the best place to implement this check
Is there a way to limit the rate of which Exim sends mail to each domain
name?
I run a service where my users can sign up to receive an email alert when
something matches their personal criteria. It's not spam, it really is a
valid service that my users pay me an annual fee to opt-in to the l
Ian Eiloart wrote:
>
> You should reject it. That way senders of legitimate email will be notified
> (if their mail system works properly), but spam won't cause bounce messages
> to be sent to innocent third parties.
This is the behaviour of the default exim4 configuration. If you're
getting n
Hi,
in my acl_smtp_data ACL I have this rule:
warnmessage = X-Spam-Flag: YES
condition = ${if <{$message_size}{80k}{1}{0}}
spam = nobody
condition = ${if >{$spam_score_int}{${lookup pgsql { SELECT * FROM
flagSpam('${quote_pgsql:[EMAIL PROTECTED]:
On Sunday 05 February 2006 21:21, Marc Sherman wrote:
> What you and Daevid have repeatedly been told on this list is that that
> is _not_ at all a reliable way to operate a mail server. You should
> unconditionally send all your mail through a smarthost. You cannot
> rely on all servers which w
On Sunday 05 February 2006 21:38, Marc Sherman wrote:
> Leonardo Boselli wrote:
> > Il 5 Feb 2006 alle 16:21 Marc Sherman immise in rete
> >
> >> Many servers will simply drop your traffic silently, or quarantine
> >> it.
> >
> > I think this would break the rules ... one is free to not accept a
>
That's because a message may have more than one recipient, so there is no
single appropriate value for $local_part or $domain for ACLs that deal
with the message as a whole (i.e. anything except the RCPT ACL).
Tony.
--
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]> http://dotat.at/ ${sg{\N${sg{\
N
Adam Funk wrote:
>
> I take your point, but I do think there is a bit of hypocrisy floating
> around here on this issue: people condemn what Daevid and I want as
> *wrong* -- even though I genuinely don't think it violates the RFC -- but
> condone (at least tacitly) violations on the "receiving
On Monday 06 February 2006 10:52, Philip Hazel wrote:
> This WishList suggestion is impossible to implement. Control cannot be
> given back to the routers after Exim has entered the transport phase.
> Remember: all the routing happens before any of the transporting.
> Fallback hosts would be the o
> That's because a message may have more than one recipient, so there is no
> single appropriate value for $local_part or $domain for ACLs that deal
> with the message as a whole (i.e. anything except the RCPT ACL).
> Tony.
Is there a way to use it at least for messages
On Monday 06 February 2006 19:47, Adrian wrote:
> Is there a way to use it at least for messages with only a single
> recipient? Or how else can I allow users to use custom spam thresholds
> (I have a database table which contains the user who owns an email
> address and a table where the spam thr
[EMAIL PROTECTED] wrote:
> So, I'm wondering if anyone knows how to check smtp authorization from telnet?
sure.
~$ php
ehlo [host]
<- 250 [features]
-> auth plain
<- 334
-> AHVzZXJuYW1lAHBhc3N3b3Jk
pgpwKhkHsKqZR.pgp
Description: PGP signature
--
## List details at http://www.exim.org/mailman/
Hi all
I have exim as a front-end server and exchange 2003 sp2 as a backend system.
Not sure if SP2 is related - but I am getting problems sending email to certain
recipients. I have tried telneting to the mail server in question and it
accept verification if I use an email address that the e
Marc wrote:
>You've already been told about swaks. However, if you do post here
>again in the future, please do not obfuscate:
>http://www.exim.org/eximwiki/MailingListEtiquette#head-a6f7fb5ce8816568569a321f783315207ec38063
Thank you for the link. However, I'm doing tech support for a server hos
Adam Funk wrote:
> I take your point, but I do think there is a bit of hypocrisy floating
> around here on this issue: people condemn what Daevid and I want as
> *wrong* -- even though I genuinely don't think it violates the RFC -- but
> condone (at least tacitly) violations on the "receiving e
On Mon, Feb 06, 2006 at 02:37:21PM -0600, [EMAIL PROTECTED] said:
> Marc wrote:
>
> With the other MTA's I test, I can emulate the account I'm mailing from and
> see
> the results in gory detail. I haven't found a way to do that yet using exim,
> so
> I thought I'd ask here since this group seem
[EMAIL PROTECTED] wrote:
> terminal window. Although I've telnetted to port 25 thousands of times on
> thousands of servers, I've seldom run across a session that didn't let me send
> mail outside the domain after authenticating with POP3.
You can have that with Exim, too, but I'd rather not supp
Karl,
The reason that only '=>' lines are counted as each one of these
represent a message sent down a transport and significant work done.
Each '->' line is an additional address at the same destination
which does not require a new message to be sent and is not a
significant amount of work.
54 matches
Mail list logo
