Hello everyone,
I'm an Exim newbie, so please don't get annoyed if issues I raise seem
obvious to you. :-)
I get some legitimate mail discarded by Exim system_filter and the only
effect visible
in logs is this:
/var/log/exim/mainlog.1:2006-10-24 12:22:34 1GcJQR-000DuK-WD =>
discarded (system
hen when you have found one that is getting caught by the filter test
> the filter with that message using exim *-bF
> *
OK, thanks
> *
> *
>
> On 26/10/06, *Marcin Krol* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
> wrote:
>
> Hello everyo
Thanks for reply, Tim, that was informative.
Tim Jackson napisał(a):
> OK, before we go into any more detail, the main issue is that you are
> using an "attachment blocking" system filter which is based on one
> written by Nigel M and:
>
> - is over 5 years old
> - was a hack at the best of tim
Hello everyone,
On one of our machines (only one!) the queue processing of Exim seems
not to work
properly and whatever I do with exiqgrep I get:
da3 /var/log % exiqgrep -o 1
Line mismatch: 224d 1FLcig-0006Dg-5S
exiqgrepping anything with any option always gives me the above message.
Int
Hello,
Due to terrible problems with spam we had to use RBLs (yes, I know, it's
not very good solution
but it helps in the meantime until we roll out smth better).
I tried to make Exim aware that SASL-authenticated users should not be
subject to checking by RBLs by adding this line:
accept
Hello,
Is it possible to get Exim router or transport acquire and record queue
ID this router / transport is processing (or possibly pipe queue ID into
another program)?
Let's say we have a router like this:
domain_filter:
driver = redirect
allow_filter
no_check_local_user
condition =
rect response for the OP is to get the admin of the offending
> broken mail server to fix it. Failing that, exempt it from callouts.
defer_ok in the sender callout seems to work as well, but it
makes the sender verification weaker, doesn't it?
Suppose this scheme becomes widely availabl
Hello,
We have upgraded from 4.66 to 4.67 and a very weird effect appeared:
when normal SMTP session is started, Exim hangs for some 30 seconds up
to 2 minutes on RCPT TO:.
There is no delay on RCPT TO: when session is started from localhost,
and there's always a delay when session is started fro
83.149.101.180
but without any ident (RFC 1413) callback.
This is not for real!
...
>>> processing "deny"
>>> check dnslists = opm.blitzed.org
>>> DNS list check: opm.blitzed.org
>>> new DNS lookup for 180.101.149.83.opm.blitzed.org
/etc/exim/wildcard_whitelist_domains} {yes}{no}}
It is fulfilled, because the wildcard domain "*.playfoto.pl" is added
there (and I have tested it in case of domains that have good MX but
where sender verify fails for some other reasons, like greylisting).
Therefore, correctness of M
Graeme Fowler napisał(a):
> However, they can be extremely useful in cases such as hosting farms,
> dedicated server providers and colos where all the mail goes out through
> a smarthost - calling back to *your own network* to check whether or not
> a sender is valid is very useful indeed.
>
The
Phil (Medway Hosting) napisał(a):
> Do you realise that callouts are considered abusive in anti-spam circles and
> are often used in certain forms of ddos attacks ?
Using "collateral callout" for DDOS to attack host B seems kind of
pointless, because the attacker is sending spam to the host A that
Phil (Medway Hosting) napisał(a):
>> I tend to consider them as a way of reducing spam, and everything that
>> does is for the Greater Good, IMO. Also, I'm quite happy to receive this
>> kind of requests at our server, so I'll happily use them myself -
>> according to some principle we read in some
Jethro R Binks napisał(a):
> I am somewhat near the fence on this issue, so I err on the side of
> caution and do not do callouts to arbitrary domains. I can see both
> points of view: I can see the value of callouts and the benefits to the
> would-be recipient, but I also see the damage that
re
processing high volumes of mail, it all adds up.
Am I really limited to hand-coding local_scan() extension in C if I
want to do it the right way?
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
plain file that is
written by external closed-source software package)
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
domain -l
\"$local_part\" -s $message_size -a $sender_address -m $message_id -c
$rcpt_count -t $received_protocol -e
/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs
-p $pipe_addresses
use_bsmtp
user = mail
Does anybody
alexis napisał(a):
> So what i want to to is to move out the marked spam to a different
> folder reachable by imap and leave the inbox that read's the pop3
> clients with the non marked email.
>
You could use user filters and a redirect filter:
domain_filter:
driver = redirect
allow_filter
age_prefix =
message_suffix =
return_fail_output
no_return_path_add
transport_filter = /usr/bin/spamc -u
${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}
use_bsmtp
user = mail
# must use a privileged user to set $received_protocol on the way back in!
--
Marcin Krol
--
Thomas Hochstein napisał(a):
>> Intermittently I get errors logged like in subject while mail is locally
>> spam-scanned (traditional method of external scanning and the mail
>> filter re-injecting the message with exim -oMr spam-scanned -bS).
>>
>
> Why don't you do it during SMTP-time?
>
Mostafa M.Fouad napisał(a):
> that when a message detected as a spam it automatically update the ip address
> into the file exim_access_list, even through external perl script
> so the next time i recieve spam from the same source it can be blocked from
> the connection time...and hence reduce th
"
group = mail
home_directory = "/tmp"
log_output
message_prefix =
message_suffix =
return_fail_output
no_return_path_add
user = mail
This pipes a message into a command.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
;command" in the transport dutifully
delivers what it got from filter, i.e. empty mail.
Run exim -d -v [EMAIL PROTECTED] to find out.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki
Hello,
OK, so as some of you may know, clamav now features filtering out
phishing and/or spam as well.
The problem is this generates rather unreadable reject messages:
SMTP error from remote mail server after end of data:
host mail.da4.promo.pl [83.149.102.11]: 550 Wirus (virus):
Ema
John Hall pisze:
>>> But why would you want to accept and silently discard mail? If the mail
>>> contains a virus, don't you think it's better that the sender is told so?
>>>
>> No! That causes collateral spam! Think faked sender...
>>
>
> Not if you're rejecting during the SMTP trans
Dave Evans pisze:
> This is fine, but ONLY if you send the message to the correct person, which is
> usually NOT <$sender_address>. Alas in most environments you won't know who
> to send it to!
>
> Do NOT automatically send messages to <$sender_address>!
Well of course that would generate mostly
Hello,
This is slightly OT, but only slightly I believe - I connected
statistical filter to Exim, but am lacking spam stream to feed it.
I have published spamtrap addr on some webpages and posted the web and
e-mail addresses to test Usenet newsgroups, over a month has passed and
still no spam is
15]:2288
helo=[192.168.1.30])
by da2.domeny.com with esmtpa (Exim 4.67)
(envelope-from <[EMAIL PROTECTED]>)
id 1IUhjS-000MZQ-7J
for [EMAIL PROTECTED]; Mon, 10 Sep 2007 13:47:10 +0200
Message-ID: <[EMAIL PROTECTED]>
Date: Mon, 10 Sep 2007 13:48:20 +02
Hello everyone,
I have a situation with SMTP auth that is theoretically impossible - I
have this domain hosted that is definitely not an open relay (no tests
show that it is open), yet it seems that in a peculiar situation some
mail can be relayed without authentication, or at least logs say so:
ev/null
remote_smtp:
driver = smtp
address_pipe:
driver = pipe
return_output
virtual_address_pipe:
driver = pipe
group = nobody
return_output
user = "${lookup{$domain}lsearch* {/etc/virtual/domainowners}{$value}}"
address_file:
driver = appendfile
delivery_date_add
env
John Jetmore pisze:
> Can you post your config? I don't think what you posted alone will
> allow anyone to see what's happening.
Here's entire config:
perl_startup = do '/etc/exim.pl'
system_filter = /etc/system_filter.exim
daemon_smtp_ports = 25 : 587
av_scanner = clamd:/var/run/clamav/c
Magnus Holmgren pisze:
> On Thursday 13 September 2007 19:47, Alejandro Lengua wrote:
> > Most dynamic IPs from ADSL providers are in blacklists, therefore
> when they
> > send
> > emails from my email server, their emails are bounced even if my mail
> > server is not blacklisted.
> > Is there a wa
Peter Bowyer pisze:
>>
>> The user in question is not a spammer, she sent mail from 213.158.196.99
>> (smtp client) via clean MX hosted by us (mail.spbs.pl), and yet the mail was
>> rejected bc the today she got dynamic IP that happens to have been blocked
>> by Spamcop in the past week.
>>
Hello everyone,
Suppose I want the following ACL to verify sender except for certain
recipient addresses (as you might guess, those are spamtraps):
So I converted this acl (called from within acl_smtp_rcpt):
acl_nsvdom:
accept condition = ${lookup {${lc:$sender_address_domain}}
partial1-
mtrap_addresses file, $acl_m_somevariable gets set and then a
router preceding "lookuphost" could be configured that passes the message on to
local delivery depending on $acl_m_somevariable?
Or is there some simpler way to do it?
--
Marcin Krol
--
## List details at htt
pamtrap is nonexistent.
Since I'm a lazy bastard (and partially out of curiosity), I would like to know
if there's a way to make Exim create that directory too, if it doesn't exist.
Anybody?
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
([a-zA-Z0-9]+)\N}{\$1\$2\$3\$4}}
But this is not much better really.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
sts on exim.org would be very convenient.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Hello Ted,
> You're going to end up with filenames longer than your file system can
> handle.
I created a monster:
maildir_tag = T=${length_50:${sg{${sg{${from_utf8:[EMAIL
PROTECTED]&*()~{}\[\]\|"'`;\:/\?<>,\.]\N}{}}}{ +}{_}}}-S=$message_size
It works but d
Hello everyone,
I get the error like in subject while delivering message to pipe (in a
transport).
lookup yielded: da7
direct command after expansion:
argv[0] = /etc/domeny/mailfilter
argv[1] = -u
argv[2] = da7
argv[3] = -d
argv[4] = da7.promo.pl
argv[5] = -l
argv[6] = "tdp"
argv[
Hello everyone,
P.S. It's a serious problem for me, because my mailing lists don't work
if this error message appears in logs while trying to deliver to mailing
list recipients on that host.
> I get the error like in subject while delivering message to pipe (in a
> transport).
>
--
Marcin Kr
y undesireable side effects you can think of?
macros.h:
#define PROCESS_INFO_SIZE 256
I have some experience in C coding but nothing approaching the size and
complexity of Exim...
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at htt
ittle idea how to
organize Exim detecting no revdns part.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Hello everyone,
I have increased PROCESS_INFO_SIZE to 1024 bytes and the "string overflowed
buffer" message is gone, but now I get error like in subject while restarting
Exim...
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim
/root
>
> What happens if you
> "cd ." or "cd `pwd`"?
The same, I stay in /root.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Hello Heiko,
> What does "pwd -P" tell you (if you've /bin/bash). What happens if you
> "cd ." or "cd `pwd`"?
I rebooted the host and the message while restarting is gone.
What the?!
--
Marcin Krol
--
## List details at http://lists.exim.org/mailma
il
Since this script does my custom spam filtering, I really, really need all
those variables, in fact I'm going to need more of them.
Esp. $pipe_addreses might be _really_ long list, considering what some mailing
list software we have to host is doing - it often tells Exim to deliver a mail
wi
5s
domeny_acl_smtp_quit:
accept
condition=${if eq{$authentication_failed}{1}}
ratelimit = 5 / 4h / badauth:$sender_host_address
log_message = -BAD-AUTH: $sender_host_address
domeny_acl_smtp_notquit:
accept
condition=${if eq{$authenticati
IL PROTECTED]
R=lookuphost T=remote_smtp defer (-53): retry time not reached for any host
Could that be the case, i.e. could connection drop by remote host right
after issuing 4xx result in inability of Exim to deliver the message?
If so, is it possible to configure Exim to get around this proble
Hello everyone,
I'd like to propose / ask if the following could be added to Exim wishlist:
1. A user can't use directly functions like lookup in and{}, or{}. Since
"lookup" can return different values, it could return Boolean true and
false as well, and those values could be used in logical conj
.. Donations, anyone? A little fund-raising? ;-)
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Hello Phil,
> On 2007-10-15 at 17:15 +0200, Marcin Krol wrote:
>> Every RBL had to have those 3 conditions tested again right after
>> previous RBL verb tested them, so I decided to consolidate condition
>> lines into a single user variable and this is what I ended up wit
Hello everyone,
Is there a simple way of making Exim say to all inbound mailservers say
smth like:
422 Maintenance, please try again later
exim.org is dead meat at the moment, I can't even search the docs..
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo
d arguments?
P.S. UNIX security model sucks. :-( They really should have implemented ACLs
instead of root / user model.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
;s hard to detect for someone who "just uses" this software
without dwelling a lot on its internals what and where went wrong.
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
:
- Python 2.4+
- Gnuplot 4.0+
TWDT: http://python.domeny.com/
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Hello everyone,
Bugfixes, v0.2 now:
http://python.domeny.com/mailgraph.py
- fixed issue with leaving temporary file around if gzipped logs were used
- significantly reduced memory usage
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details
this could be used for things like increasing SA score or
doing fakereject in Exim.
Could this work? Pros? Cons?
--
Marcin Krol
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
nts if
revdns was lacking there. *something/someone* should get them to clean
up their act, because their mess is where spammers hide.
> If you have a problem with your DNS server, or a network problem makes
> your resolver unable to do lookups to certain parts of the internet,
> you&
59 matches
Mail list logo
