Peter via Exim-users (Fr 31 Mär 2023 15:40:35 CEST):
> From: Jeremy Harris via Exim-users
> Subject: Re: [exim] Configuring for non-encrypted MUA to localhost.
> TLS-on-connect, exim to smarthost.
> > Debian has a configuration wizard. In what respect is
> > not offering what you need?
>
>
Andreas Metzler via Exim-users (Do 16 Mär 2023 18:28:49
CET):
> Thanks to all the involved parties for clearing this up (and obviously
> for handling the whole thing in the first place)!
The missing CVE text is online since yesterday.
https://www.exim.org/static/doc/security/CVE-2021-38
Hi Andrew,
Andrew C Aitchison via Exim-users (Mi 15 Mär 2023
21:00:11 CET):
> > > www.exim.org/static/doc/security/CVE-2021-38371.txt
I'll publish your announcement there. Thank you, Andrew, for
preparing it. *But*, as we do not see this as a practical security
issue, we'll place a notice there:
Hi,
TomNewChao via Exim-users (Fr 10 Mär 2023 03:00:13 CET):
> Hello, When I compiled exim, spf was enabled, and I used the libspf2 library.
> How can I configure spf in /etc/exim.conf, it is only setting CHECK_RCPT_SPF
> = true , and else ?
> The exim config is below:
> .ifdef CHECK_RCPT_S
Gary Stainburn via Exim-users (Mo 27 Feb 2023 11:21:56
CET):
>
> However, when I install the new files I get SSL errors.
>
> TLS error on connection from mail14.atl281.mcsv.net [198.2.143.14]
> (SSL_CTX_use_PrivateKey_file file=/etc/pki/tls/certs/ringways.co.uk.key):
> error:0906D06C:PEM routin
Sebastian Tennant via Exim-users (Di 21 Feb 2023 12:59:57
CET):
> Hello Jeremy,
>
> hosts_require_auth = $host_address
$host_address likely contains colons, which confuses the parser here.
Use … = <; $host_address
--
Heiko
signature.asc
Description: PGP signature
--
## List details at htt
Ian Zimmerman via Exim-users (Di 14 Feb 2023 01:40:52
CET):
> With OpenSSL the certificates specified explicitly either by file or
> directory are added to those given by the system default location.
>
> Is it at all possible with OpenSSL to stop the "system" location from
> being checked? I
Hi,
I may be totally wrong, but…
Gary Stainburn via Exim-users (Mi 01 Feb 2023 14:02:06
CET):
> driver = dovecot
> public_name = LOGIN
> server_socket = /var/run/dovecot/auth-client
> server_set_id = $auth1
>
> dovecot_plain:
> driver = dovecot
> public_name = PLAIN
> server_sock
This router is ran for all your local domains. If it creates a new
address @+local_domains, there is no chance to get to the routers
further down the chain: A new address means, the routing starts again at
the very first router, and eventually it will reach your pgsql_aliases
again, which doesn't c
Johnnie W Adams via Exim-users (Mo 19 Dez 2022 18:22:34
CET):
> Hi, folks,
>
> Twice recently, my outbound SMTP server has stopped working for no
> apparent reason. There's nothing in the logs but this:
Can you, please, provide the unit files for Exim and Postfix?
systemctl cat ex
Dengler, Gabriel (Do 24 Nov 2022 00:19:42 CET):
> > somewhere for later use as encryption/decryption key?
> yeah, that's my main idea. For clearness, a "normal" communication profile
> would look like this:
> * An external sender sends an e-mail to our local Exim Server.
> * The Exim Server saves
Hi Gabriel,
Dengler, Gabriel via Exim-users (Mi 23 Nov 2022 01:16:19
CET):
> I want to store the incoming e-mails using the Maildir file format encrypted
> by using some symmetric encryption using the user's password (e.g., AES). So
> in the end, Exim should write the encrypted files directly on
The Doctor via Exim-users (Mo 14 Nov 2022 19:34:05 CET):
> Quick question!
> I have on my incoming server , virtual e-mail working correct.
> Can I safely copy to the outbound server?
It depends.
--
Heiko
signature.asc
Description: PGP signature
--
## List details at https://lists.exim.org/m
Brent Clark via Exim-users (Fr 04 Nov 2022 13:38:18 CET):
>
> All I did was, I created the file /etc/mysql/conf.d/my,cnf
>
> With the contents.
> [exim]
> host= $IP_OF_PROXYSQL
> port= $PORT
> user=$USERNAME
> password=$PASSWORD
> database=$DATABASE
> ssl_cert=/etc/ssl/server-cert.pem
> ssl_key=
Dengler, Gabriel via Exim-users (Mi 02 Nov 2022 19:03:34
CET):
> About the security caveats: do you think that there could be bigger security
> issues if the code runs in an isolated environment like Gramine is? Or can
> you sketch how a possible security attack could look?
If I remember well, u
Jeremy Harris via Exim-users (Di 01 Nov 2022 11:24:45
CET):
> On 01/11/2022 06:28, Brent Clark via Exim-users wrote:
> > I would like to run exim to use MariaDB's inherent TLS / SSL functions.
> >
> > Is this possible with exim? I changed the '/etc/my.cnf' '[client]' section
> > to define the k
Heiko Schlittermann via Exim-users (Di 01 Nov 2022
08:00:55 CET):
> Good Morning,
> Brent Clark via Exim-users (Di 01 Nov 2022 07:28:42
> CET):
> > I would like to run exim to use MariaDB's inherent TLS / SSL functions.
> ...
> > I checked the exim docs under MySQL
Good Morning,
Brent Clark via Exim-users (Di 01 Nov 2022 07:28:42 CET):
> I would like to run exim to use MariaDB's inherent TLS / SSL functions.
...
> I checked the exim docs under MySQL and didn't see any reference to SSL. Is
> it not possible to use MySQL's native SSL support with exim?
I chec
Jeremy Harris via Exim-users (So 30 Okt 2022 13:22:25
CET):
> Does anyone have opinions on the licensing of Exim?
I didn't think about Exim's licensing ever. For me Exim is just Free and
Open Source, whatever this means in detail, but *personally* most
important: no restrictions are applied to E
Patrick Porteous via Exim-users (Di 18 Okt 2022 14:58:49
CEST):
> I've recently started receiving the following message in my log files when
> sending to one host:
>
> 2022-10-18 07:12:45 H=example.com [###.###.###.199]: a TLS session is
> required, but an attempt to start TLS failed
…
>
> The
Heiko Schlittermann (Mo 17 Okt 2022 23:58:03 CEST):
> how do you deal whith incoming messages having a Thread-Index header (an
> other header indicates that the originating MUA was MS Outlook 16.0)
> with about 1200 chars.
To be more precise: The one I have is 1000 chars w/o the header field
name
Hi,
how do you deal whith incoming messages having a Thread-Index header (an
other header indicates that the originating MUA was MS Outlook 16.0)
with about 1200 chars.
The regular Exim config doesn't forward this (and probably can't bounce
it, as a copy of the headers would make it into the boun
Jeremy Harris via Exim-users (So 16 Okt 2022 13:06:06
CEST):
> On 16/10/2022 11:06, Heiko Schlittermann via Exim-users wrote:
> Also animals marmot & goundhog
> - which I suspect means any Debian 9 platform.
Yes, that are mine :) and I'm in progress updating them from Debian
Kirill Miazine via Exim-users (So 16 Okt 2022 18:34:19
CEST):
> • Heiko Schlittermann via Exim-users [2022-10-16 12:06]:
> > Hi,
> >
> > a recent change in the dmarc.c makes your animals failing the DMARC
> > checks for tests using HEAD (default branch "mas
Patrick Porteous via Exim-users (So 16 Okt 2022 12:24:27
CEST):
> Hello,
>
> I am trying to troubleshoot a sending issue on my server. I have a few
> hundred messages that are stuck in the /var/spool/exim/input queue. Can I
> shutdown the exim server process and move those files to another loc
Hi,
a recent change in the dmarc.c makes your animals failing the DMARC
checks for tests using HEAD (default branch "master").
If you link against the 1.3.x libopendmarc, you need an additional
Local/Makefile option "DMARC_API=100300" (see the "src/EDITME" file).
This should enable the "legacy"
Hi,
Andrey via Exim-users (So 09 Okt 2022 17:39:39 CEST):
> Nginx and Exim on the same host, Nginx runs as a smtp proxy for exim.
> Nginx v1.22.0 config fragment:
Despite the fact that I do not need to understand why you want to have
the proxy on the same host (probably debugging/development pur
Luca Bertoncello via Exim-users (Di 27 Sep 2022 14:19:01
CEST):
> Currently, at office, we use Kaspersky, Avast and ClamAV as Antivirus
> programs.
> All these programs will be used within Exim, to check all inbound and
> outbound E-Mails.
> Now, we know, Kaspersky/Russia/problem/etc...
> So, we
Hi Tim,
Tim Jackson via Exim-users (Di 31 Mai 2022 20:33:19 CEST):
>
> TLS error on connection from r209.notifications.natwest.com
> [130.248.154.209]:44104 I=[167.235.252.255]:25 (SSL_accept):
> error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
Is there any chance tha
Hi folks,
this message
Heiko Schlittermann via Exim-users (Mo 16 Mai 2022
18:21:30 CEST):
>Hello there,
>After you've rev-iewed all these documents, we can -easily talk abou-t
>the following steps:
…
>2019-09-28 Release 4.92.3, Release-Announcements to
>
Hello there,
After you've rev-iewed all these documents, we can -easily talk abou-t
the following steps:
https://gachthefree.ga/loci/eiantmev199333608
https://onedrive.live.com/download?cid=U4CQ9MH4G9SZ79GE&resid=U4CQ9MH4G
9SZ79GE%27854&authkey=4okpM9ufCr8w-sV
** Exim 4.92.3 r
Andrew C Aitchison via Exim-users (Fr 29 Apr 2022
18:16:45 CEST):
> To which Jeremy replied:
> > The trouble with that is that it means the coverage of tracking
> > tainted data use can never be extended.
> >
> > The commit for that removal is fairly extensive:
> - see https://lists.exim.org/lur
Ken via Exim-users (Do 03 Mär 2022 23:20:35 CET):
> I use exim4 and spamassassin (sa-exim) on Debian 10.
Sure that sa-exim is still supported?
That's the ancient content scanner interface, outside of the ACL
processing, isn't it?
> About a dozen Google searches have failed to locate information
Hi Julian,
Julian Bradfield via Exim-users (Sa 08 Jan 2022 15:07:01
CET):
> My mail servers run, and have run for decades, on Debian, and I've
> always used the Debian package for exim4, though I don't use debconf
> for my own additions, but just edit the conf.template file as if it
> were a .co
Michael Naef via Exim-users (Fr 07 Jan 2022 17:23:38 CET):
> Hi everyone
>
> I'm testing to offer a TLS client Cert when Exim acts as an SMTP client to a
> remote MTA.
When Exim runs as an SMTP client, it should perform the actual delivery
as the Exim runtime user/group.
Try running
e
Terrance Devor via Exim-users (Di 28 Dez 2021 00:28:37
CET):
> I have read that google blocks port 25 and 465. We absolutely need to run
> our email own email servers on GCP using our Kubernetes cluster. Did anyone
> succeed in this?
Your message is a bit vague.
- blocks ingress our egress?
- m
Hi,
Mauricio Lopez via Exim-users (Do 16 Dez 2021 16:31:19
CET):
>
> All dm...@everydomainhosted.com messages should be redirected to
> dm...@mydomain.com
>
> This would be some kind of pseudo code:
>
> forward:
> driver = redirect
> domains = +local_domains
> local_parts = "dmarc
Probably a way too late :)
Alain D D Williams via Exim-users (Fr 30 Jul 2021
23:40:24 CEST):
…
> I do not think that I can do that here. The certificate is given to me by
> Let's
> Encrypt (le). Le verifies the (SNI) name by asking the agent to upload a nonce
> (a file with 86 random bytes) to
Hi,
keep in mind that From: may contain multiple addresses.
(But, actually, DMARC restricts it to have only one address.)
Mueller via Exim-users (Mi 08 Dez 2021 07:45:10 CET):
> I try to catch the friendly name from within $h_from (ex h_from:
> "Tester").
> I have set it in acl_check_data with
Heiko Schlittermann (Mi 08 Dez 2021 09:20:11 CET):
>
> exim -bem /tmp/eml '${if match{$h_from:}{(?i)tester.*<}}'
I'd better try to remove the working part of the address from the
header and then match the remaining part.
--
Heiko
signature.asc
Description: PGP signature
--
## List detail
Heiko Schlittermann via Exim-users (Mi 17 Nov 2021
13:17:33 CET):
> Typo? What do you mean with "sender_rcvhost"?
Mea culpa. You're talking about the variable to be expanded inside the
Received header.
But given this, I still can't see any issue with the logs y
Matt Corallo via Exim-users (Di 16 Nov 2021 17:47:22 CET):
> Like the title says, for some reason exim 4.94.2-7 (Debian stable) is
> refusing to ever expand sender_rcvhost to a verified hostname. The below
Typo? What do you mean with "sender_rcvhost"?
> shows a simple email inbound from github,
JHM via Exim-users (So 14 Nov 2021 11:43:17 CET):
> Hello:
>
> [code]
> IPv6 socket creation failed: Address family not supported by protocol
> [/code]
IMHO that's not the reason for a 30s delay.
> Without any editing of the exim4.conf.template file, I invariably got that
> paniclog message:
>
JHM via Exim-users (Fr 12 Nov 2021 22:14:12 CET):
> [code]
> disable_ipv6 = true
> [/code]
Shooting into the dark as well. If IPv6 is enabled, Exim tries to
resolve names as A and as records. Independend on your system's IPV6
setup.
The gethostinfo(3) depends on your system's setup and does
Hi
JHM via Exim-users (Mo 08 Nov 2021 14:20:44 CET):
> My box runs Devuan Beowulf and within it runs a (VBox) Devuan ascii virtual
> machine set up
> to start up automatically when I boot.
>
> It is not kept on 24/07 but is booted up a few times every 24 hours.
>
> The Devuan ascii virtual mac
Adam D. Barratt via Exim-users (Sa 16 Okt 2021 17:43:57
CEST):
> >
> > This hh.schlittermann.de runs the latest Exim, and probaby sends you
> > an SNI your server for some reason doesn't accept?
>
> FWIW, I've also seen two of these, at 23:53:41UTC yesterday and
> 11:08:41UTC today. The server
Slavko via Exim-users (Sa 16 Okt 2021 11:14:45 CEST):
> I am not sure if it is related to migration, but recently i start to see
> something as this in my exim log:
>
> TLS error on connection from hh.schlittermann.de [213.128.132.49]
> (gnutls_handshake): A disallowed SNI server name has
Hi *@{outlook,hotmail}.com,
unfortunately the IP, our new infrastructure server is sending the list
mails from, seems to be on a MS blacklist.
Some (if not all) of our subscribers using hotmail.com or outlook.com
addresses where unsubscribed automatically, as the messages bounced.
While Graeme F
Randy Bush (Do 14 Okt 2021 21:02:56 CEST):
> readdressing the key server use fixed it
>
> server 37.221.193.62 { keys {
> hummus-exim-rip.psg.com;
> }; };
> server 2a03:4000:8:637::2 { keys {
> hummus-exim-rip.psg.com;
> }; };
>
> my bad. i missed any memo about the move and was hackin
Randy Bush (Do 14 Okt 2021 20:49:37 CEST):
> rip.psg.com:/root# dig +norec @37.221.193.62 exim.org. axfr
According to the name server configuration you need a TSIG key to
initiate the AXFR.
dig -k …
or
did -y …
--
Heiko
signature.asc
Description: PGP signature
--
## List de
Don't you want to try AXFR instead of AXF?
--
Heiko Schlittermann (unterwegs)
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
I'll check if we can see what the issue is.
--
Heiko Schlittermann (unterwegs)
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Laura Williamson via Exim-users (Mi 13 Okt 2021 12:31:36
CEST):
> just got this back
>
> The response was:
> The certificate is not valid according to the STS policy
What about caching? The relevant files look good for me, and at least
one MTA-STS validator is happy with exim.org
https
Andreas Metzler via Exim-users (Di 12 Okt 2021 18:24:02
CEST):
> Hello Heiko,
>
> thank you, afaict MTA-STS is fine now. Could you also fix the TLS
> certificate? The MX record points to hummus.exim.org but the
> certificate is only for mx.exim.org without SAN for hummus.
We generated a cert f
> I'm working on it, it may be caused by the migration of the Exim main
> site to another (physical and network) location.
The relevant files are updated now, please retry. (I suppose there is a
cache time, so you may need to force reloading your copy of the mta-sts
policy file(s)).
Best regar
Cyborg via Exim-users (Di 12 Okt 2021 11:07:12 CEST):
> This is a forward from:
> Laura Williamson
>
>Delivery incomplete
>
> There was a temporary problem while delivering your message to
> *exim-users@exim.org*. Gmail will retry for 47 more hours. You'll be
> notified if the delivery fail
This is a test message after moving the infrastructure to a new
location and new IP address.
Thank you for ignoring this message.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de internet & unix support -
Dear Exim users and maintainers,
we're proud to announce the release of Exim 4.95.
New stuff we've added since 4.94:
- From previous experimental support:
- fast-ramp queue run
- native SRS
- TLS resumption
- LMDB lookups with single key
- New:
- smtp transport option "message_lineleng
Sherin A via Exim-users (Fr 17 Sep 2021 06:41:15 CEST):
> Hello,
>
> So the only option is to use a perl function.
A simple ${run…} would do probably also. But be careful, there may be
security implications, as the received SNI ($tls_in_sni) is not under
your control but under control of a pot
Sherin A via Exim-users (Do 16 Sep 2021 14:54:39 CEST):
> Hello,
>
> I am configuring exim with a number of domains to use SNI certificates. I
> have domains which use lets encrypt and commercial ssl certificates. The
> certificates and keys as follows,
>
> For the domain foo.com with user foous
Hi,
krzf83--- via Exim-users (Fr 27 Aug 2021 13:10:01 CEST):
> Large email provider in my country uses 521 response at their MX for
> some kind of delaying. They don't care that its against rfc1846
>
> rfc1846 says:" A host which sends a 521 greeting message MUST NOT be
> listed as an MX record
Chad Leigh via Exim-users (Mi 25 Aug 2021 23:30:49 CEST):
>
> Hi
>
> (I normally am c...@shire.net but my smtp server is down at the moment and is
> the reason for this post)
>
> I screwed something on on my SmartOS (Solaris) based system that was running
> exim4. I updated some system libra
Dear Exim users and maintainers,
thank you for the feedback we got since the recent release candidate.
Especially thanks to Wolfgang B (Uni Vienna) who reported the DKIM stuff around
b367453a0.
We expect this RC being the last one before the final release.
Changes between RC1 and RC2:
Good Morning,
> On FreeBSD 13-RELEASE (clang version 11.0.1 -f that matters), I had to
> back out of RC0 to 4.94.2 because my paniclog was filled with several lines
> of:
>
> *2021-07-24 18:16:23 SIGSEGV (maybe attempt to write to immutable memory)*
>
> I have just installed RC1 and will report
Hi *,
Thank you for the feedback we got since RC0, especially to Andreas
Metzler who helped discovering and testing stuff around dbbc1c20b.
We just released the next release candidate. Commits since RC0 are:
* 03fc05ca1 - (HEAD -> master, tag: exim-4.95-RC1, origin/master,
origin/HEAD) Docs
Andreas Metzler via Exim-users (Fr 23 Jul 2021 07:56:30
CEST):
> Good morning,
>
> thank you, looks good and works for me with GnuTLS 3.7.1. I did not test
> the fallback though. (Even Debian LTS - Stretch/Debian 9 has GnuTLS
> 3.5.x).
Thanks, as soon as it is on master, I'll prepare RC1.
--
H
Hi *
Too much time has gone since 4.94, we released 4.94.2, supported several
fixes for the unofficial 4.94.2+fixes release, fixed the "21 nails" CVEs
and now it is time to prepare Exim 4.95.
As usual we'll publish several release candidates and we ask *you* to do
as much testing as possible and
Brent Clark via Exim-users (Di 13 Jul 2021 11:35:39 CEST):
> Good day Guys
>
> Where I work, we have a story where we need to route authenticated mail via
> a smarthosts and non authenticated out another smarthost.
>
> Would anyone perhaps have a suggestion of how I can achieve this.
> My Googli
Luca Bertoncello via Exim-users (Do 08 Jul 2021 14:32:25
CEST):
>
> As you see, I already tried to give a huge timeout in the communication
> between Exim and ClamAV, but it does not solve the problem...
>
Do these issues have correlation to the freshclam triggered clamav
reloads?
Best re
Niels Kobschätzki via Exim-users (Mo 05 Jul 2021 14:00:02
CEST):
> >
> > ...beside exims "ratelimiting" (which is just lowering the impact at the
> > cost
> > of all users)
>
> actually depending on how the rate limiting works it doesn’t impact all users
> and I can whitelist users that are le
Niels Kobschätzki (Mo 05 Jul 2021 13:54:47 CEST):
>
> > addresses the users sends mails to in a given time frame.
> >
> > ratelimit = … / per_addr
>
> According to the documentation: “The per_addr option is like the per_rcpt
> option, except it counts the number of different recipients
Hi Niels,
Niels Kobschätzki via Exim-users (Mo 05 Jul 2021 05:40:04
CEST):
> I have again and again problems with phished users. I want to try a new way
> to deal with them but I worry that I mess up parts of our monitoring.
If you want to try a *new* way, what's the *old* approach?
> One sig
Adrian via Exim-users (So 04 Jul 2021 22:48:08 CEST):
> I'm setting up exim4 on a new server, to be as similar as possible to
> an existing server where exim4 works well. Both are running Debian
> buster with split config files.
>
> I'm getting the following error in the mainlog
> TLS error on c
Patrick Porteous via Exim-users (Mi 09 Jun 2021 21:58:24
CEST):
> Hello,
>
> I would like to set up a filter to disable all external links in received
> messages. Can someone point me to where to to start looking into that type
> of filtering?
I wouldn't even think about manipulating the mail
Cyborg via Exim-users (Mi 09 Jun 2021 21:13:43 CEST):
> Don#t get me wrong, exim is at the top of this "best of the worse" list,
> because it stops after 3 retriesm but other server like proftpd have already
> reacted to this by implementing countermeasures. This can also be seen in
> the mentione
Hi,
Cyborg via Exim-users (Mi 02 Jun 2021 08:49:21 CEST):
>
> Exim: 4.94.2 Fedora 33
> Openssl: 1.1.1k-1
>
> Hi,
>
> Problem 1:
>
> since an os upgrade of fedora, where the security policy changed, this
> happens to some connections:
>
> 2021-06-02 07:02:58 1loJ1s-006Qmo-BG <= u...@se
Hello Chris,
Chris Siebenmann (Mo 31 Mai 2021 17:59:23 CEST):
> >> To rephrase it:
> >
> > ¹) It is not decided yet, what "future" means. It may or may not be 4.96.
>
> Although I understand that the Exim project may not want to wait that
> long, from my perspective it would be ideal if the tai
Cyborg via Exim-users (Do 27 Mai 2021 16:08:53 CEST):
> Am 26.05.21 um 10:55 schrieb Jeremy Harris via Exim-users:
> > If anyone wants to comment, please raise a hand.
>
> I shall ask you, the community, if you would adopt Matrix as an IRC
> alternative.
> You should know, that there was a bridg
Jeremy Harris via Exim-users (Do 27 Mai 2021 10:35:05
CEST):
> The libera.chat #exim channel is now registered for
> the Exim project. I'll be on there, and will cease
> watching the Freenode channel if and when relevant
> discussinon dies away. There are still more usernames
> listed there tha
Paul Muster via Exim-users (Di 25 Mai 2021 16:36:26 CEST):
…
> > > telling people about possible config breaking.
> > 4.95 is a major release.
Some clarification: The *branch* will be merged, but the "taintwarn"
feature won't disappear with 4.95.
But everybody should read the big red announcemen
Hi Paul,
Paul Key via Exim-users (Mi 19 Mai 2021 16:41:49 CEST):
> Hi,
>
> Using an acl_check_rcpt in exim.conf we are trying to both block and
> whitelist incoming email addresses in the same acl.
>
> Currently we have:
>
> deny message = $sender_host_address is listed in user blocking list
Hi,
a. roars via Exim-users (Mo 17 Mai 2021 20:31:30 CEST):
> Hello,
>
> I hope I can get some help with the router configuration. This
> configuration worked for previous versions of exim but not with the current
> one.
Variables populated with "external" data are not trusted anymore.
Their va
Hi Jim,
Jim Pazarena via Exim-users (Sa 15 Mai 2021 07:55:24
CEST):
> I have a server with three IP numbers of the same subnet . my smtp transport
> specifies the specific outbound IP number .
> Yet other servers complain of an ssl mis-match because they are seeing one
> of the other IPs which a
Paul Griffith via Exim-users (Do 13 Mai 2021 18:33:54
CEST):
>
>
> -- Original Message --
> >Paul
>
> I am able to go into the build directory and run "make exim" and the
> exim binary is able to be compiled.
You are not expected to chdir into the build directory. You are expected
t
SysAdmin EM via Exim-users (Di 11 Mai 2021 21:07:02 CEST):
> I tried modifying the router as follows but I get an error of "Unrouteable
> address"
Try using:
pipe_transport = virtual_address_pipe
retry_use_local_part
domains = dsearch,ret=full;//opt/exim/valiases
- local_parts = ls
Hi Richard,
Richard Gilbert via Exim-users (Mo 10 Mai 2021 18:31:17
CEST):
> I have been installing Exim from source since I started using it in
> 1996 after hearing Philip Hazel talking about Exim at a meeting in
> Aberdeen. 4.94-2 is the first one where I have had to tell it to use
> gcc and
Chris Edwards via Exim-users (Sa 08 Mai 2021 13:15:45
CEST):
> On Tue, 6 Apr 2021, Heiko Schlittermann via Exim-users wrote:
>
> > Currently I'm running this on a production systems without any issues so
> > far. You're invited to do tests in your systems too.
&g
Hi Konstantin,
Konstantin Boyandin via Exim-users (Do 06 Mai 2021
14:54:37 CEST):
> On 04.05.2021 20:40, Heiko Schlittermann via Exim-users wrote:
> > We have prepared a security release, tagged as "exim-4.94.2".
> >
> > This release contains all changes on
Cyborg via Exim-users (Do 06 Mai 2021 11:43:58 CEST):
>
> 2021-05-06 11:07:58 no host name found for IP address 68.183.80.168
> 2021-05-06 11:07:58 SMTP call from [68.183.80.168] dropped: too many
> unrecognized commands (last was "Accept-Encoding: gzip, deflate")
…
> I suggest:
>
> not to wait
Dan Egli via Exim-users (Mi 05 Mai 2021 22:45:34 CEST):
> and I THINK it's okay. Problem is that I'm encountering another issue that
> prevents me from saying all is well. I have my updated exim binary as
> exim_new and the updated config as exim_new.conf, but when I try to submit a
> message exim
Victor Ustugov via Exim-users (Mi 05 Mai 2021 22:29:32
CEST):
> >> git clone --branch exim-4.94.2+fixes https://github.com/Exim/exim.git
> >
> > Sorry my fault, far too many branches, merges, and tags during the
> > recent days. Branch is exim-4.94.2+taintwarn, which includes the +fixes
> > and
Victor Ustugov via Exim-users (Mi 05 Mai 2021 20:01:56
CEST):
> Heiko Schlittermann via Exim-users wrote on 05.05.2021 19:11:
>
> > In case you didn't notice. We've added a new but already deprecated main
> > config option:
> >
> > allow_insec
Sander Smeenk via Exim-users (Mi 05 Mai 2021 17:10:39
CEST):
> Quoting Jeremy Harris via Exim-users (exim-users@exim.org):
>
> > It is far to easy for someone to write a matcher which just
> > untaints everything, disabling the security. Three people
> > would do that, and one would post it on
Cyborg via Exim-users (Mi 05 Mai 2021 16:56:44 CEST):
> Am 04.05.21 um 15:40 schrieb Heiko Schlittermann via Exim-users:
> > The details about the vulnerabilities*will* be published in the near
> > future (onhttp://exim.org/static/doc/security/), but not today. This
> >
Victor Ustugov via Exim-users (Mi 05 Mai 2021 14:48:20
CEST):
> Heiko Schlittermann via Exim-users wrote on 05.05.2021 14:57:
> > Victor Ustugov via Exim-users (Mi 05 Mai 2021
> > 13:21:55 CEST):
> >>> I'd just refuse to create a bloated 4.94+fixes, instead of
Heiko Schlittermann (Mi 05 Mai 2021 14:04:10 CEST):
> > What did you do? I just cherry-picked the mentioned commit
> > 4a7dca52352d0976f200b89a50825433b7551554
> >
> > But the error didn't disappear. I'll check in more detail now.
>
> seems to be relevant too:
> b8514d1960e259d49ab2c84c89eba52a
Victor Ustugov via Exim-users (Mi 05 Mai 2021 13:21:55
CEST):
> > I'd just refuse to create a bloated 4.94+fixes, instead of releasing
> > 4.95 as soon as possible.
>
> Yesterday I build exim 4.94.2 with adapted code from Jeremy's commit.
> It works as expected on FreeBSD (exim 4.94.2 from ports
Heiko Schlittermann (Mi 05 Mai 2021 13:57:32 CEST):
> Victor Ustugov via Exim-users (Mi 05 Mai 2021 13:21:55
> CEST):
> > > I'd just refuse to create a bloated 4.94+fixes, instead of releasing
> > > 4.95 as soon as possible.
> >
> > Yesterday I build exim 4.94.2 with adapted code from Jeremy's
Dan Egli via Exim-users (Mi 05 Mai 2021 02:41:38 CEST):
> I just upgraded to 4.94.2, and most everything is working fine. But I'm
> getting an issue on DKIM signings with tainted filename. I looked over the
> list and tried to apply the same fix I've seen used before, but I guess I'm
> not underst
Jeremy Harris via Exim-users (Mi 05 Mai 2021 00:11:59
CEST):
> Having made me go and look... that is what I did, in b8514d1960
> (which is since 4.94). A comma-sep option "file=/foo" after
> the word "sqlite".
Yes, that's what I found. But I can't see this neither in 4.94, or
4.94+fixes.
@Vict
1 - 100 of 521 matches
Mail list logo