[exim] 'Tis time to say Farewell

Dear all, The time has come for me to say farewell to the list, which I'll be doing on Thursday. I handed over running our university's email service to a team last year but stayed on the list to keep my hand in. But I'll soon be taking early retirement and, with annual leave, my last effective

Re: [exim] Help to logical OR two conditions

Having had a chat with Victor off-list, I think the thing he's curious about is why *or* *requires* strict true/false values as its arguments, but the *condition* condition *doesn't* — instead *condition* effectively performs a *bool_lax* on the expression evaluated on its right hand side. This

Re: [exim] Remove & Replace Message Body Content

Hi, Patrick - I'll chip in with my usual caution of: Be careful! Doing this will invalidate any digital signatures that the incoming message has been signed with. If you're planning to do this only for locally originated messages being created by MUAs, or for messages for local delivery that

Re: [exim] rewrite envelope from when forward

Hi, Johannes - Firstly, don't change the contents of the To or CC headers! The message might have been digitally signed and authenticated using a technology such as DKIM. This protects various key headers as well as the message body and the attachments. If you change any of them you will break

Re: [exim] Full SPF/DKIM/DMARC validation policies for Exim on CentOS 8 (feedback please)

Hi, Adrian - Looking at the extract you posted, I think you are denying (rejecting) messages for which either SPF or DKIM verification fails? (For example, you're using *deny* used in the acl_check_mail ACL to refuse the MAIL FROM.) If so (it's late, and my tired eyes might be misreading

Re: [exim] 'verify=helo' and strange warning...

Yup, I think that's correct behaviour for what you're telling Exim to do. You don't explain clearly what it is you're asking, but I'm guessing you're seeing the header added all the time and wondering why? If so… When you read the documentation for *Access Control Lists* you'll see in section

Re: [exim] Weirdness when forcing TLS and checking that its working in ACLs

Hi, Mike - If you look up the description of the *logwrite* modifier in Exim's documentation, you'll see that it says (emphasis mine): This modifier writes a message to a log file as soon *as it is encountered* when processing an ACL. (Compare log_message, which, except in the case of warn and

Re: [exim] Ratelimit doesn't work as expected

Hi, Sebastian - I'm wracking my memory here as I had the exact same problem when setting up a very similar mechanism. If memory serves, the trick is to change the *leaky* to instead be *strict*: certainly that's what we're using now and it's working. When using the leaky setting the computed

Re: [exim] The most used Exim version is the vulnerable one

On Tue, 11 Jun 2019 at 17:24, Niels Dettenbach (Syndicat IT & Internet) via Exim-users wrote: > If i read right, the most major distributors (as exim maintainers too) > backported any patch or solution at least to the most used earlier versions > (still provided in their patches / sec updates -

[exim] exim-users list and replies

On Sun, 19 May 2019 at 17:17, Jeremy Harris via Exim-users < exim-users@exim.org> wrote: > I don't need a copy sent direct; I read the mailinglist. > Please use some basic mail etiquette. If Icloud is incapable > of doing that, or makes it hard, you need to consider using > a better provider.

Re: [exim] Relay prevention in old config

Hi, Kai - Dredges the memory… Those characters weren't just about relaying protection: - % explicitly requested routing/relaying through intermediate systems - ! was used in UUCP addresses and so could be used for relaying (does UUCP still exist? :-) - @ is obviously the separator

Re: [exim] ${address: foo(comment)@bar.org}

> > But you're not dealing with a From: header. You're only doing > a ${address:foo} expansion with a literal string for foo, > in this test. And "foo" gets string-processed, which means > backslash-interpretation for escaping. > Doh! I've got it now. So if it had instead been

Re: [exim] ${address: foo(comment)@bar.org}

On Wed, 13 Feb 2019 at 12:10, Jeremy Harris via Exim-users < exim-users@exim.org> wrote: > On 13/02/2019 11:07, Mike Brudenell via Exim-users wrote: > > > exim -v -be '${address:Pete(A nice \) chap) }' > > gives the empty string, suggesting Exim thinks it's a parse er

Re: [exim] ${address: foo(comment)@bar.org}

Hmm… There does seem to be an oddity. Jasen gave a link to an "extreme example" included in the RFC: https://tools.ietf.org/html/rfc5322#appendix-A.5 Trying this in various forms using Exim 4.90.1 on Ubuntu shows up some interesting things: exim -v -be '${address:Pete(A nice chap) }' gives

Re: [exim] exim spfquery config

Hi, Emanuel - On Tue, 12 Feb 2019 at 15:42, Emanuel Gonzalez via Exim-users < exim-users@exim.org> wrote: > Hi, compile exim with support for spfquery, but not work. > > I read this documentation: > https://github.com/Exim/exim/wiki/SPF The above documentation says that the right hand side of

Re: [exim] cut subjects that are too long + delete emojii from subject lines...

Hi, Sebastian - What you suggest doesn't sound to be a good idea to me, unless you're planning to do it *only* at the point of final delivery into the recipient's mailbox. (You saying you'll make the change then "send the message along" suggests you're not thinking of doing this though, but

Re: [exim] Help extracting From-Address

Hi, Lena - On Sat, 24 Nov 2018 at 12:17, Lena--- via Exim-users wrote: > In messages from mailing lists (such as this [exim-users]) > the domain in "From:" header fails SPF. > SPF checks should be performed on the domain of the RFC5321.MailFrom address, not the RFC5322.From header. (If you're

Re: [exim] Outstanding problems with Exim 4.90.1?

arris via Exim-users wrote: > > On 9/27/18 9:59 AM, Mike Brudenell via Exim-users wrote: > >> Thanks, Andreas, but I think this is a different problem… > > > But it does match the first problem you described, where you got > > a duplicate delivery (and a msglog unlink e

Re: [exim] Outstanding problems with Exim 4.90.1?

at, but Jeremy asked me to check the Ubuntu distribution of the 4.90.1 we're using: I guess just in case it had been backported. Cheers, Mike B-) On Thu, 27 Sep 2018 at 12:06, Jeremy Harris via Exim-users < exim-users@exim.org> wrote: > On 9/27/18 11:04 AM, Mike Brudenell via Exim-users wrot

Re: [exim] Outstanding problems with Exim 4.90.1?

Ah-ha! My apologies: I'd forgotten that was causing duplicate deliveries too. (I've not had my first cup of coffee here yet!) I'm not brilliant at checking whether a specific patch has been included within a Ubuntu-distributed package… - We're using Ubuntu 18.04.1 LTS (bionic) with the

Re: [exim] Outstanding problems with Exim 4.90.1?

virtual host some legacy domains. It's not exactly busy! Strange… Cheers, Mike B-) On Wed, 26 Sep 2018 at 19:00, Andreas Metzler via Exim-users < exim-users@exim.org> wrote: > Mike Brudenell via Exim-users wrote: > [..] > > The sad news is that I've had to give up on cutthrough

Re: [exim] Outstanding problems with Exim 4.90.1?

I've got the OK to share the anonymised logs with Jeremy and will try and get them prepared and sent to him tomorrow. The sad news is that I've had to give up on cutthrough_delivery and turn it off. The problems we were seeing: - Errors going to paniclog about failing to unlink msglog files

Re: [exim] Outstanding problems with Exim 4.90.1?

Hi, Jeremy - Proxies seem to have been introduced sometime between Exim 4.86.2 which we were running before and 4.90.1 so I don't know it's significance. What does it imply/in what way is it worrying? In case it's relevant, our mail gateways sit behind an LVS load balancer so that incoming

Re: [exim] Outstanding problems with Exim 4.90.1?

A little more information gleaned from the logs here… I'm only seeing the "failed to unlink" errors in paniclog on our gateways which receive email from the outside world. It's only these that use cutthrough at all, so it seems to be linked to that. I can see from the logs that we were receiving

Re: [exim] DKIM signing options - specially list of headers

Hi, Sebastian - You didn't tell us the version of Exim you're running so I can't give you the exact chapter/section names, but if you look in the *Specification* for the chapter on DKIM, in the section called something like *Signing outgoing messages* you'll find the description of

Re: [exim] Smarthost condition by h_From header variable

Hello, Others on the list have pointed out that you might not actually be wanting to use the value of the $h_From variable but instead the domain of the envelope. If you do decide to use the domain of the From header itself you might want to do some additional testing, or write your test

Re: [exim] Apple + Outlook - Exim on 587 does not work - Solutions

If I remember rightly Outlook tends to want to connect to port 465 using Implicit TLS. (Which RFC 8314 now makes the preferred choice, reversing the previous recommendation. So anyone running AuthSMTP on port 587 only might want to review their setup and add 465 to it.) Cheers, Mike B-) On Sat,

Re: [exim] Help with dropping spam e-mail.

On Mon, 14 May 2018 at 11:32, Jasen Betts via Exim-users < exim-users@exim.org> wrote: > On 2018-05-14, Mark Elkins via Exim-users wrote: > > Someone is using "ple...@help.co.za" as the source of spam e-mail. The > > address does not exist... > > step 0: publish an SPF

Re: [exim] Help with dropping spam e-mail.

Hi, Mark - It's a little unclear from your message whether: - you've got an influx of messages arriving *from* ple...@help.co.za that you want to block, or - you've got an influx of messages *to* ple...@help.co.za that you want to block. As you mentioned one possibility might be to

Re: [exim] Exim DKIM: exim<->Exim verifies but not on Gmail or Office 365

Hi, Robert - I'm using 2048-bit keys here: both on our on-site mail gateways running Exim (version 4.86.1 at present un Ubuntu) and at Google. That setup is working OK re DKIM verification. If you'd like to do an extra check, I find this DKIM validation site very useful:

Re: [exim] Exim regex limit length

Hi, Emanuel - I'm not quite sure what you mean by "create it in more directions" but from the example you give afterwards I'm guessing you're wanting to match Subject text when: - there are between 0 and 20 characters, and then - the string "Unlock Your Account" with exactly those upper

Re: [exim] Logging used port

Read the description of *log_selector* in the *Exim Specification* chapter on Log Files, and the options you can set with it. :-) Be careful when thinking about what you're wanting to achieve. The "H=" field logs the IP address (and optionally port) of the remote server, whereas the "I=" field

[exim] ACL verb "reject" - An error in the Specification?

Am I going mad? Section 43.36 *Detailed information from merged DNS lists* in the Specification has two examples, such as: reject message = \ rejected because $sender_host_address is

Re: [exim] Filter for Conditional Header Removal

On 12 April 2018 at 10:05, Ajay Kajla via Exim-users wrote: > Hi, > > We have following requirement any mail coming from a...@abc.com and subject > contains "SomeThing" to go to x...@mydomain.com With complete headers and > to > a...@mydomain.com without Cc and From headers.

Re: [exim] NDN, Mailer-Daemon, DSN - EXIM

On 11 April 2018 at 19:43, Jeremy Harris via Exim-users wrote: > That would be incorrect per standards. The HELO name should identify > the sending system. > Umm… Agreed, but what if this mysterious and obfuscated organisation has multiple A records under different domain

Re: [exim] NDN, Mailer-Daemon, DSN - EXIM

Hello, Be careful: it might not be 65*3 = 195 new SPF records that you need. It might only be three! Remember that it is whatever your Exim (in this case I think the Exim running on the server known as corp17.company.com) puts into its HELO/EHLO command when it connects to another server. By

Re: [exim] NDN, Mailer-Daemon, DSN - EXIM

Hello, I've read through your question a few times and have a feeling I know what might be wrong. If I'm right then it's not a problem with Exim, but that you're missing one or more SPF records. I think you're saying that: 1. Someone sends a message to the non-existent email address <

Re: [exim] Change attached file extension

Hi, Dmitriy - Jeremy's already answered saying it's not possible to change the file extension. I'll chip in with my usual waving of a warning flag to say you need to be very careful when thinking about altering the headers and/or content of a message (which includes its attachments) and the

Re: [exim] Exclude TLS_RSA_WITH_SEED_CBC_SHA from cipher list

Could I ask a possibly radical question of the list? Firstly, I fully appreciate that a number of older encryption protocols and ciphers are very weak. So *preferring* stronger ones over the weaker ones has a clear benefit. But given that most MTA to MTA traffic uses *opportunistic* encryption,

Re: [exim] How to rewrite From: header of offsite forwards only to prevent Amazon SES 554 error

Hi, Pete - On 20 March 2018 at 22:04, Pete Schaefers via Exim-users < exim-users@exim.org> wrote: > Mike, thanks for taking the time to detail that! I guess I assumed (maybe > wrongly) that when EXIM forwards a message that the SPF and DKIM of the > domain on the EXIM server would apply and be

Re: [exim] How to rewrite From: header of offsite forwards only to prevent Amazon SES 554 error

Be careful if you plan to start rewriting the RFC5322.From header. If the message has had a DKIM signature applied to it that header's content will almost certainly be covered by the signature to detect tampering/alterations such as you're proposing, and you'll be invalidating it; this might give

Re: [exim] Why "blackhole"?

On 12 March 2018 at 15:59, Luca Bertoncello via Exim-users < exim-users@exim.org> wrote: > > Yes! Kaspersky. And I must say, that I already had some suspect on that... > > If local_scan says to accept the message but it has no recipients left it >> is blackholed. >> > > OK, thanks. > But I really

Re: [exim] Why "blackhole"?

Have you added a local_scan function to your configuration? https://www.exim.org/exim-html-current/doc/html/spec_html/ch-adding_a_local_scan_function_to_exim.html If so, then it sounds like it has decided to discard all the recipients for that incoming message. If you read the *Specification*

Re: [exim] Router testing with "source port"

Hi, Luca - Take a look at the *The Exim command line* section in the *Exim Specification*. In there you'll find many options beginning with "-oM" that can be used to set all sorts of things. For example, you might find the -oMa option useful. You can use these with -bt, or you can do other types

Re: [exim] Exim, ClamAV and AllowSupplementaryGroups being deprectaed

Ah-ha! Thank you, Andrew! I hadn't spotted any mention of it becoming the default. That's a relief. Cheers, Mike B-) On 7 March 2018 at 16:24, Andrew C Aitchison wrote: > > I'm running bleeding edge ClamAV on my home machine, but not in anger or > connected to exim. > >

[exim] Exim, ClamAV and AllowSupplementaryGroups being deprectaed

Dear all, For our Central Mail Gateways we run Exim on an LTS (Long Term Stable) release of Ubuntu: currently 16.04 LTS. In April this year the next LTS release will be coming out with updated Exim and ClamAV packages. When we moved to the 16.04 release ClamAV stopped working with Exim, until we

Re: [exim] rate limit for maximum outgoing emails to mail-relay

Hi, Jeremy - Sadly we're not building from source, but our policy is to use the package that comes with the LTS (Long Term Stable) release of Ubuntu on which we run the service. The next LTS release is due in April, at which point I leapfrog from 4.86 + security fixes to 4.90.1. (Yay!) A shame,

Re: [exim] rate limit for maximum outgoing emails to mail-relay

l_arg1 > > > and my router: > > ratelimit_outbound: > driver = redirect > no_verify > allow_defer > condition = ${if exists {CFG_D/ratelimit-table}} > data= ${lookup {$local_part@$domain} lsearch*@ > {CFG_D/ratelimit-table} \ >

Re: [exim] rate limit for maximum outgoing emails to mail-relay

{ ${acl {acl_ratelimit_outbound} {$local_part@$domain} {$value}} } \ fail} Cheers, Mike B-) On 28 February 2018 at 10:34, Jeremy Harris via Exim-users < exim-users@exim.org> wrote: > On 28/02/18 10:17, Mike Brudenell via Exim-users wrote: > >

Re: [exim] rate limit for maximum outgoing emails to mail-relay

Of course the need for outbound rate limiting is not confined to sending to Gmail/G Suite recipients. For example we see problems when a group here has a fault with one of their software systems and it triggers umpteen emails to their alerts/support address. This is *not* hosted at Gmail/G Suite

Re: [exim] Wildcards in aliases

Please forgive me veering off topic a little for a moment, but in case it helps you Hardy I find these two web sites really useful for testing various flavours of regular expressions. (I think Exim uses PCRE if memory serves?) - https://www.debuggex.com/?flavor=pcre -

Re: [exim] ACL to early reject connections from hosts which keep on retrying after a permanent reject

Hi, Sebastian - You might want to try the *strict* ratelimit option instead of *leaky*… When I was setting something up here I seem to remember that using leaky ended up with the ratelimit value capping out at around its limit, meaning my defence measure never kicked in. Changing to strict meant

Re: [exim] Bounce router based on both sender and recipient

rouHi, Jarle - Because Exim is very flexible there are usually many ways of achieving the same effect. I'll leave it to others to comment on whether your ideaof using a router for this is "bad", but to me it seems overly complex and "less good" :-) As a general rule of thumb I think of -

Re: [exim] Selecting rewriting flags based on a condition

On 11 January 2018 at 21:37, Jeremy Harris <j...@wizmail.org> wrote: > On 11/01/18 17:53, Mike Brudenell via Exim-users wrote: > > I'd like to rewrite both Envelope and header addresses if the connection > is > > from an on-site IP address, but only the Envelope other

[exim] Selecting rewriting flags based on a condition

Hi, all - I can't spot an elegant (or indeed any) way of doing this at the moment; can anyone help? … I have a rewriting rule in the *begin rewrite* section: nore...@york.ac.uk no-re...@york.ac.uk Eh I'd like to rewrite both Envelope and header addresses if the connection is from an on-site

Re: [exim] Bounce router based on both sender and recipient

Hi, Jarle - Am I missing something, but why do you need a *router* to do this? Couldn't you do it in an *acl_smtp_rcpt ACL* instead? You can test the sender and recipient address easily then rejects the message with a *deny* if met. Something like this, perhaps (untested!)… deny senders=

Re: [exim] Exim header check and mailsploit?

It's one of the things that annoys me about the dumbed down nature of many modern MUAs: their habit of showing only the display name rather than also including the email address. For example here Gmail is showing me a previous message as being fromjust "Adrian Zaugg" unless I actively click a

Re: [exim] List of DNSBL's anywhere?

Exim is probably flexible enough to work with most DNSBLs. One way of finding out ones that exist is to use a lookup tool such as https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3aexample.com You can also find a list of DNSBLs (with onward links to more information about them) at

Re: [exim] Routing email to different smarthosts accordin to a "percentage"

I love the way that, despite having (quite a while ago now) read the *Specification* from cover to cover I still learn new things about Exim that hadn't sunk in or I'd glossed over! :-) Cheers, Mike B-) On 4 December 2017 at 16:41, Viktor Dukhovni wrote: > > > > On Dec

Re: [exim] Routing email to different smarthosts accordin to a "percentage"

Hi, Diego - I'm assuming you're using a *manualroute* router to select the smarthost to send your outgoing message to? I so and you are happy with a fairly even spread between the onward smarthosts then the simplest solution might be to just add *hosts_randomize* to your router on smarthost0 —

Re: [exim] DKIM pubkey_dns_syntax

Strictly speaking the RFC says that the tag name ("v") MUST be compared case-insensitively, and its value compared case-sensitively unless the specific description for the tag says otherwise. The description for "v" doesn't mention allowing case-insensitive comparisons for its value, but does say

Re: [exim] redirect suspicious messages to special postmaster accounts

I'm confused… From what Marco posted it looks like the "continue" line is commented out? If so, why is it being seen and causing the error? (Assuming, of course, that line 329 refers to the line given in the sample! :-) Cheers, Mike B-) On 1 December 2017 at 12:10, Jeremy Harris

Re: [exim] Again nested LDAP queries...

t;g...@lilliput.linux.it> wrote: > Mandi! Mike Brudenell via Exim-users > In chel di` si favelave... > > > If you're trying to get to values within a list, try using the > *listextract* > > expansion item: > > https://www.exim.org/exim-html-current/doc/html/sp

Re: [exim] Again nested LDAP queries...

If you're trying to get to values within a list, try using the *listextract* expansion item: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpansionitems There's a bit more on it in the *File and database lookups* chapter in the *Format of data returned

Re: [exim] Block tld

Hi, Emanuel - The problem is that you are making a huge assumption: that all emails from any something@*.bid sender address will be spam. If you're really sure you want to assume this and that there will never be any legitimate email from such an address then it is better do deny rather than

Re: [exim] Weird error showing up in mainlog

"The Doctor", Pulling together bits and pieces, and trying to add something of my own; see if this makes sense… The log entry for Exim message id 1eIGVs-000Ntb-OB shows the incoming message has an RC5321.MailFrom address of , but either the "for" recipient list has

Re: [exim] Sender Name & Email

You might be thinking of the ${address:} expansion operator, which interprets the string as an RFX 2822 address, as it might appear in a header line, and the effective address is extracted from it. If the string does not parse successfully, the result is empty. See the *String Expansions* chapter

Re: [exim] PLAIN authenticator that checks against two data sources

Dear all, Just to wind this up and record the outcome for anyone now or in the future searching for a solution to a similar problem… Our underlying problem was that when Exim tries to bind using ldapauth to our LDAP server to verify a username/password combination it's getting an

Re: [exim] PLAIN authenticator that checks against two data sources

On 9 August 2017 at 16:15, Jeremy Harris wrote: > It's explicitly how it's coded. > Agreed: I believe I've tracked down the relevant bit of code, in src/lookups/ldap.c /* Invalid credentials when just checking credentials returns FAIL. This stops any further servers being

Re: [exim] PLAIN authenticator that checks against two data sources

Hi, Jeremy and Nigel - On 9 August 2017 at 13:39, Jeremy Harris <j...@wizmail.org> wrote: > On 09/08/17 12:58, Mike Brudenell via Exim-users wrote: > > 12:36:39 23140 LDAP parameters: user=uid=baduser,ou=blah,dc=uk > > pass=badpassword size=0 time=0 connect=0 dereference=0

Re: [exim] PLAIN authenticator that checks against two data sources

Hi, I'm debugging this again using our Ubuntu packaged Exim version 4.86_2 #1, and trying to work out what's wrong with my configuration by going back to a really simple setup that will always fail: server_condition = ${if eq{0}{1} {true} {false}} This correctly gives rise to the SMTP

Re: [exim] PLAIN authenticator that checks against two data sources

anyone managed to get a two-source check for authentication working properly, with the second using LDAP? Cheers, Mike B-) On 8 August 2017 at 21:04, Jeremy Harris <j...@wizmail.org> wrote: > On 08/08/17 19:00, Mike Brudenell via Exim-users wrote: > > PS: Am I right in thinking yo

Re: [exim] PLAIN authenticator that checks against two data sources

PS: Am I right in thinking you can only have one authenticator for each type: LOGIN, PLAIN, etc? Or is it possible to have two LOGIN authenticators and if the first fails to authenticate Exim continues on to try the second one? Cheers, Mike B-) -- Systems Administrator & Change Manager IT

[exim] PLAIN authenticator that checks against two data sources

Hi! I have tried so many ways to get this working and have used Exim 4.86.2 in debug mode on Ubuntu until I'm going crackers but am stuck… I'm trying to write a LOGIN authenticator using the plaintext driver that checks two sources for authentication details: 1. First it checks a file for

Re: [exim] conditional break if dnsdb reveals a NXDOMAIN ?

But isn't a non-existent domain just a special case of a domain that fails sender verification? For example as far as my memory goes to pass sender verification for a remote address you need it to be routeable, which typically means: - the domain has to exist, and - has MX, A or

Re: [exim] Bug in Expansion conditions

Hi, Karsten - I can't spot anyone replying to this so, belatedly… You might be looking at the wrong thing. In your message you seem yo say that your Exim configuration includes this: acl_check_data: condition = ${if < {$message_size}{1M}} If so then the error is accurate and is telling

Re: [exim] Router Conditional Lookup Fails

Hi, Patrick - On 14 June 2017 at 22:01, Patrick Porteous wrote: > Here is an example of my router setup with comments on what errors I > receive in each case: > > localuser_filter: > driver = accept > transport = local_spam_delivery > condition = ${lookup {Spam}

Re: [exim] DMARC spf_domain= empty

On 5 June 2017 at 07:09, Richard James Salts via Exim-users < exim-users@exim.org> wrote: > Was the message a bounce or autoreply with an empty sender? Should the > behaviour be to fall back to helo domain with spf when > processing a message from the empty sender? Is that even desirable? > If

Re: [exim] How do I disable double at sign in message-ID?

Hi, On 30 May 2017 at 13:32, Imri Paloja || De Hosting Makelaar < i...@dehostingmakelaar.nl> wrote: > Pardon me asking, but I see the double at sign in the mail log on our > server, meaning the double at sign is created by EXIM? > > How does one disable the double at sign in EXIM? > Every email

Re: [exim] Problems with ldap lookup and doubling comma in userPassword field

Hi, Daniel - Is the problem that you've forgotten to use Exim's quoting features on the username and password when constructing the LDAP lookup? For example the *Specification* gives examples such as this for ldapauth: server_condition = ${if and{{ \ !eq{}{$auth1} }{ \ ldapauth{\

Re: [exim] Retry Rules

Hi, Joe - Just from looking at the rule I believe it will do what you describe, with the proviso that periods are are measured from the time of the first failed delivery attempt. (So it would "try every minute for the first hour from the first failed delivery attempt, then every 30 minutes until

Re: [exim] Problems with Smarthost configuration and space in the password

Hi, Sebastian - As far as I know, there is nothing in Exim's standard configuration that creates/uses passwd.client and so on. Instead it has to be put into the configuration file by the person looking after the mail service. However it might be that Debian have "helpfully" provided various

Re: [exim] Exim lsearch lookup in multiple files at the same time

Hi, Rustam - Can I check your setup? Is it that: - You have a number of files, one per domain — /etc/exim/d1.example.com /etc/exim/d2.example.com /etc/exim/d3.example.com and so on - You want to look up the $sender_address to find the value for *client_send* to use Is there a

Re: [exim] verify = header_syntax and specific From

Hi, Max - If from your error message you mean that the RFC5322.From header of the message reads From: CEX.IO Mailer [nore...@cex.io] then yes, I think it is expected behaviour as the header you give is syntactically invalid according to RFC 5322: from= "From:"

Re: [exim] Problem with Mime attachment checking

Hi, I'm pretty sure it's unrelated to you not getting the warning message, but there's an error in your *match* pattern: you have two consecutive vertical bars between the dll and pdf extensions (albeit with a line continuation inbetween). In passing, as all the file type patterns begin with "."

Re: [exim] Discard mail to certain recipients if the subject matches a string

Chris' solution seems neater and simpler; I always forget about using setting variables like that. (Starts musing on how to rewrite a somewhat convoluted test in my own Exim config!) On 5 April 2017 at 16:06, Chris Siebenmann wrote: > Something like: > > warn >

Re: [exim] Discard mail to certain recipients if the subject matches a string

Hi, The error message seems pretty clear: you can't use the *recipients* condition within an *acl_smtp_data* ACL. I assume this is because the recipients condition tests the recipient currently being considered against the list. However by the time you've got to an acl_smtp_data ACL there is no

Re: [exim] Public key syntax error with some DKIM keys?

Hi, Mike - The value of the TXT record for mysmtp._domainkey.1click-email.com looks a bit dodgy to me: dig is displaying the value enclose within double-quotes. If you look at the end you'll see the value (within the double-quotes) finishes with \" I can't remember off the top of my head

Re: [exim] Block if sender and recipient domain are the same?

Hi, Pete - Assuming by sender and recipient you mean the RFC5321.MailFrom and RFC5321.RcptTo addresses — ie, those in the envelope — then it should be straightforward. (You can still do it if you mean the RFC5322.From and RFC5322.To header addresses, but it's a little more complicated.) You'll

Re: [exim] Rewriting sender based on recipient?

Hi, Marco - I'm not too sure what you're asking… Is it about the *errors_to* option for routers in Exim? If so, the documentation for errors_to in the *Specification* shows it is expanded when it is used. That is, you can use a string expansion expression with the option to choose what value you

Re: [exim] How to permit unqualified senders once authenticated

Hi, Adam - I'm not sure how good an idea it is to accept email addresses not qualified with a domain name unless, of course, you're going to qualify them by adding a domain name yourself using *qualify_domain*. For example if you sent onward an email with the RFC5321.MailFrom set to how would a

Re: [exim] Exim Filters Bypass

Hi, Usama - It's not clear what you're asking, so a very general answer… You can find the documentation for the Exim Filter Specification at http://www.exim.org/exim-html-current/doc/html/spec_html/filter.html Section 3.4 says that "A complete list of the available variables is given in the

Re: [exim] DKIM outgoing Mail

Hi, Basti - On 2 March 2017 at 11:42, basti wrote: > dkim_domain = ${if match_domain{$sender_address_domain}{+local_domains}\ > {$sender_address_domain}\ > {}\ > } > Remember that you should still lowercase the $sender_address_domain before

Re: [exim] DKIM outgoing Mail

Hi, basti - You can prevent the error by first checking whether the private key file exists using the *exists* operator. For example, dkim_private_key = ${if exists{/etc/exim4/ssl/dkim.${lc:${domain:$h_from:}}.private.key} \ {/etc/exim4/ssl/dkim.${lc:${domain:$h_from:}}.private.key}} However

Re: [exim] Ongoing email issues

Including the symbol table makes the binary larger (and so, I guess, possibly its memory requirements: I can't remember). Turning off optimisation means the compiler generates less efficient code. Cheers, Mike B-) On 1 March 2017 at 10:30, Odhiambo Washington via Exim-users <

Re: [exim] outbound discard all filter for cpanel twisted exim

Hi, Brian - On 17 February 2017 at 00:45, ping murder wrote: > re-reading your reply - it looks like an ACL might work (as long as cPanel > updates don't clear them out) but would you have an example of a discard > ACL for all mail? Assuming I'm not going totally

Re: [exim] outbound discard all filter for cpanel twisted exim

Hi, PM - Do your servers send the outbound email direct to the recipient or to a smarthost? That is, are you wanting to configure the individual servers to not send out email, or to configure your smarthost to discard mail coming in from them instead of delivering it onward? Assuming it's the

Re: [exim] No MAIL verb before RCPT

Hi, Phillip - On 13 February 2017 at 17:44, Phillip Carroll < postmas...@enablingsimplicity.com> wrote: > Some questions: > Should my mta deny RCPT from any host that did not send a MAIL verb? Is > that sequence even permitted by RFC? Even if not RFC-permitted, is it > fairly common practice

Re: [exim] Load balancing between multiple exim servers

Hi, John - You should think about two use cases separately: - MSA (Message Submission Agent), as used by your desktop client email software etc to submit emails your users send out, and - MTA (Message Transfer Agent), as used when another mail server (MTA) wants to talk to yours.

Re: [exim] Exim 4.89 RC2 uploaded (openssl-only)

Hi, Torsten - On 7 February 2017 at 05:01, Torsten Tributh via Exim-users < exim-users@exim.org> wrote: > I assume that an email address constructed like: >mail+u...@example.org > is legit. > Checking against RFC 5321 , the RFC5321.MailFrom takes an

  1   2   >