Re: [exim] Block tld

Hi, Emanuel - The problem is that you are making a huge assumption: that all emails from any something@*.bid sender address will be spam. If you're really sure you want to assume this and that there will never be any legitimate email from such an address then it is better do deny rather than disc

[exim] Blocking chunking

I got hit with the security news about chunking But when I do: LSB: exim Mail Transport Agent... * Starting MTA 2017-11-28 11:06:48 Exim configuration error in line 11 of /etc/exim4/exim4.conf: main option "chunking_advertise_hosts" unknown * Warning! Invalid configuration file for exim4. Exi

Re: [exim] Blocking chunking

Am 28.11.2017 um 11:13 schrieb Sebastian Nielsen via Exim-users: > I got hit with the security news about chunking (...) > Exim version 4.86_2 #2 built 03-Jun-2017 05:07:28 Exim 4.86 does not have the chunking feature so you can disable it (and you are not affected by the security vulnerability) :

Re: [exim] Blocking chunking

On 28/11/17 10:13, Sebastian Nielsen via Exim-users wrote: > I got hit with the security news about chunking > Exim version 4.86_2 #2 built 03-Jun-2017 05:07:28 Your exim is so old it doesn't support chunking; you can ignore the security alert. -- Cheers, Jeremy -- ## List details at https:

Re: [exim] Blocking chunking

Am 28.11.2017 um 11:32 schrieb Jeremy Harris: > On 28/11/17 10:13, Sebastian Nielsen via Exim-users wrote: >> I got hit with the security news about chunking >> Exim version 4.86_2 #2 built 03-Jun-2017 05:07:28 > Your exim is so old it doesn't support chunking; you > can ignore the security alert.

Re: [exim] Block tld

Mike has hit the nail on the head. As an additional tip, I found for those cheap domains (like .win, .top etc), using a combination of slightly weighted scoring on the domain name and SpamAssassins relay geoip module, I was able to eliminate most spam relatively easily. You'll probably notice that

Re: [exim] Blocking chunking

On 28/11/17 11:44, Cyborg wrote: > Am 28.11.2017 um 11:32 schrieb Jeremy Harris: >> On 28/11/17 10:13, Sebastian Nielsen via Exim-users wrote: >>> I got hit with the security news about chunking >>> Exim version 4.86_2 #2 built 03-Jun-2017 05:07:28 >> Your exim is so old it doesn't support chunking

[exim] redirect suspicious messages to special postmaster accounts

Hello.! I have an idea to avoid sending spam from my server. Is it possible to create a rule so that when it is sent to a recipient, the mail is discarded and an alert arrives by email? My question is because I have represented cases in which the computer is infected with viruses to my client

Re: [exim] Block tld

I use the deny sender_domains to block the tld ".bid". Thanks for your help.!! Regards, -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/

[exim] Restrict SMTP only to authenticated, local and a spam filter

Trying to find a way to do this in cPanel v68.0.8. Every answer I have found seems to refer back to the same old article: https://web.archive.org/web/20110729131804/http://www.sant-media.co.uk:80/2010/03/how-to-configure-exim-to-receive-email-for-domain-only-from-specific-ip-addresses#more-360

[exim] CVE-2017-16943, CVE-2017-16944

Both issues are fixed now. CVE-2017-16943 (RCE) Exim Bug 2199 master: 4e6ae6235c68de243b1c2419027472d7659aa2b4 exim-4_89+fixes:4090d62a4b25782129cc1643596dc2f6e8f63bde Fix done by Jeremy Harris CVE-2017-16944 (DoS) Exim Bug 2201

Re: [exim] Restrict SMTP only to authenticated, local and a spam filter

On 27/11/17 18:28, Williams One wrote: > Trying to find a way to do this in cPanel v68.0.8. > > Every answer I have found seems to refer back to the same old article: > > https://web.archive.org/web/20110729131804/http://www.sant-media.co.uk:80/2010/03/how-to-configure-exim-to-receive-email-for-d

Re: [exim] [exim-announce] CVE-2017-16943, CVE-2017-16944

> Distros are advised to include these commits. deb/ubu distros are so far behind that they do not have the vuln randy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/

Re: [exim] Exim 4.90 RC2 uploaded [bug found]

On 26/11/17 09:46, Torsten Tributh via Exim-users wrote: > Hi, > in RC2 the acl_smtp_auth will be called in more cases > than just AUTH. > I see a lot of connects where the AUTH-acl will be called > directly after STARTTLS in the smtp stream. If your exim is build with the AUTH_TLS option, and the

Re: [exim] [exim-announce] CVE-2017-16943, CVE-2017-16944

Randy Bush (Di 28 Nov 2017 23:34:55 CET): > > Distros are advised to include these commits. > > deb/ubu distros are so far behind that they do not have the vuln That isn't true. The current stable Debian (9.x) ships with Exim 4.89. And from (including) 4.88 onwards Exim is vulnerable. Though, t

Re: [exim] [exim-announce] CVE-2017-16943, CVE-2017-16944

>> deb/ubu distros are so far behind that they do not have the vuln > > That isn't true. The current stable Debian (9.x) ships with > Exim 4.89. And from (including) 4.88 onwards Exim is vulnerable. you are correct. due to ganeti etc, we're still deb8. 86 randy -- ## List details at https: