Am 06.05.21 um 14:14 schrieb Paul Muster via Exim-users:
Use fail2ban to detect these attempts in Exim's logfiles and ban the
source on IP basis.
Of course we do this too, but the point is, the logfile is written with
a delay. If you have 10 connections in parallel,
it would be easier if t
On Thu, May 06, 2021 at 12:14:52PM +0200, Claus Assmann via Exim-users wrote:
> On Thu, May 06, 2021, Cyborg via Exim-users wrote:
>
> > these are clients, that send "GET /..whatever HTTP/1.0"В as greeting.
>
> sendmail and postfix drop the connection at least on GET, POST,
> CONNECT, e.g.,
> 42
Am 06.05.2021 um 11:43 schrieb Cyborg via Exim-users:
Everyone of us sees this in their logsfiles :
2021-05-06 11:07:57 no host name found for IP address 68.183.80.168
2021-05-06 11:07:58 no host name found for IP address 68.183.80.168
2021-05-06 11:07:58 SMTP call from [68.183.80.168] dropped:
On 06/05/2021 10:43, Cyborg via Exim-users wrote:
these are clients, that send "GET /..whatever HTTP/1.0" as greeting.
I think, that exim could be reliable
Nothing is reliable when dealing in that level of bogosity.
Please raise a wishlist-level bug for this.
I'm thinking in terms of an ac
On Thu, May 06, 2021, Cyborg via Exim-users wrote:
> these are clients, that send "GET /..whatever HTTP/1.0"?? as greeting.
sendmail and postfix drop the connection at least on GET, POST,
CONNECT, e.g.,
421 4.7.0 Rejecting open proxy
--
## List details at https://lists.exim.org/mailman/listinfo
Cyborg via Exim-users (Do 06 Mai 2021 11:43:58 CEST):
>
> 2021-05-06 11:07:58 no host name found for IP address 68.183.80.168
> 2021-05-06 11:07:58 SMTP call from [68.183.80.168] dropped: too many
> unrecognized commands (last was "Accept-Encoding: gzip, deflate")
…
> I suggest:
>
> not to wait
Hi,
Everyone of us sees this in their logsfiles :
2021-05-06 11:07:57 no host name found for IP address 68.183.80.168
2021-05-06 11:07:58 no host name found for IP address 68.183.80.168
2021-05-06 11:07:58 SMTP call from [68.183.80.168] dropped: too many
unrecognized commands (last was "Accept
Marc Perkel wrote:
> What do you think of this?
>
> *forany{**}{**}
> *
> *The idea is this. You parse the list and call the ACL each time with
> $item being updated on each call.
>
> Who likes this?
> *
>
If '$item' is my bank balance, results are in coin of the realm, and
direction is postiv
What do you think of this?
*forany{**}{**}
*
*The idea is this. You parse the list and call the ACL each time with
$item being updated on each call.
Who likes this?
*
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use
Eduardo Diaz Comellas wrote:
> Hi!
>
> I would find very useful to be able to reject and close a connection
> depending on the result of a local scan action. I my setup this would
> be used to close a connection after a high score spam is received, not
> allowing the sender to push more mess
Hi!
I would find very useful to be able to reject and close a connection
depending on the result of a local scan action. I my setup this would
be used to close a connection after a high score spam is received, not
allowing the sender to push more messages though that connection.
To achieve th
It would be handy if the ACL regex command set expansion variables $0 $1
$2 etc.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
On Fri, Nov 10, 2006, John Robinson wrote:
>>> but then the delay would be the sum of the reply times.
>>> With ONE dnslists condition, it's just the maximum of the single delays.
>> I don't understand what you mean here. What delay are you talking about?
>> How does testing on multiple "dnslist"
On 10/11/2006 00:26, Dean Brooks wrote:
> On Fri, Nov 10, 2006 at 12:30:09AM +0100, Steffen Heil wrote:
>> but then the delay would be the sum of the reply times.
>> With ONE dnslists condition, it's just the maximum of the single delays.
>
> I don't understand what you mean here. What delay are
On Fri, Nov 10, 2006 at 12:30:09AM +0100, Steffen Heil wrote:
> Is there a way to check, how many dnslists matched?
>
> dnslists = a : b : c : d
>
> I would like to know, if only one matched or multiple ones ($dnslist_count)?
Currently, dnslists quits checking as soon as it finds a positive
hi
Hi
Is there a way to check, how many dnslists matched?
If I say
dnslists = a : b : c : d
I would like to know, if only one matched or multiple ones ($dnslist_count)
?
Yes, I know, I could do a query for every single one and count using acl
variables, but then the delay would be the sum of th
Marc Perkel, 05.11.2006 (d.m.y):
> Need a few simple features added to your ratelimit command to make it
> very useful.
>
> Need a command where if the ACL is true will affect the count but not
> return a result to the ACL.
>
> and
>
> Need a command to read a count and return a result but no
Marc Perkel wrote:
> If you get really inspired how about a hints database that is mySQL
> driven so that the data can be shared across several servers?
That would be really great, but I'm afraid this will be a performance
problem, and at least has to be thought very well. Especially as it is a
f
On Sat, 4 Nov 2006, Marc Perkel wrote:
> Phil,
>
> Need a few simple features added to your ratelimit command to make it
> very useful.
It's Tony's ratelimit command, not mine. :-)
> Need a command where if the ACL is true will affect the count but not
> return a result to the ACL.
>
> and
>
Phil,
Need a few simple features added to your ratelimit command to make it
very useful.
Need a command where if the ACL is true will affect the count but not
return a result to the ACL.
and
Need a command to read a count and return a result but not affect the
count.
The idea here is that o
Martin Nicholas wrote:
> I would of thought a vacation message would be do the least
> damage if it came from a blackhole, rather than be a bounce. Bounces indicate
> a delivery failure to most mailing systems.
>
> I'd like therefore to be able to set the return_path to something like:
> [EMAIL P
Setting a "return_path" on the autoreply transport is forbidden on the
grounds that it can cause loops.
I would of thought a vacation message would be do the least
damage if it came from a blackhole, rather than be a bounce. Bounces indicate
a delivery failure to most mailing systems.
I'd like t
Rather than suborning ~/exim/paniclog as a convenient place to write things
with
use of Exim's built-in 'logwrite' and 'log_message' tools...
- Might we have one (or even three?) 'spare', blank, 'freeform' logs.
"blank" as in not even timestamped unless $tod_epoch or such is specified.
Rationa
Here's what I need to do. I need to be able to read the results of a
sender verification attempt. In the following example what I want is the
text where the result is returned. As in "450 <[EMAIL PROTECTED]>:
Recipient address rejected: Service is unavailable". That way I can test
the string to
Marc Perkel wrote:
> filewrite $sender_host_address /path/to/file
sqlite is quite good for this particular kind of case.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/exim
On Fri, 2006-06-23 at 07:21 -0700, Marc Perkel wrote:
> I'd like to see a feature that would allow me to write data to a text
> file that would look something like this:
>
> filewrite $sender_host_address /path/to/file
>
> would be handy
Use embedded perl.
Adding that sort of operator would hav
I'd like to see a feature that would allow me to write data to a text
file that would look something like this:
filewrite $sender_host_address /path/to/file
would be handy
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please u
Frank Myhr wrote:
> As I understand it, Exim allows only a single outer ACL for the RCPT
> (and other) smtp commands. So the above acl logic must be written like:
>
> Do Check 1
> If Condition A:
> Do Check 2
> If Condition A:
> Do Check 3
Nope.
"acl = acl_foobar"
- Jeremy
--
##
Hello,
My acl_smtp_rcpt logic goes like:
Do Check 1
If Condition A:
Do Check 2
Do Check 3
.
.
.
Do Check 9
Do Check 10
As I understand it, Exim allows only a single outer ACL for the RCPT
(and other) smtp commands. So the above acl logic must be wr
On Thu, 8 Jun 2006, Marc Perkel wrote:
> I need the ability to run it in a filter - can I do that?
Yes: forbid_filter_lookup is false by default.
Tony.
--
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4
On Thursday 08 June 2006 02:50, Marc Perkel took the opportunity to write:
> I may be missing something by MySQL support in Exim seems to be limited
> to lookups rather than just the ability to randomly run any MySQL
> command I want. It also seems to lack MySQL support in the filter language.
>
>
Martin A. Brooks wrote:
> Marc Perkel wrote:
>> I may be missing something by MySQL support in Exim seems to be
>> limited to lookups rather than just the ability to randomly run any
>> MySQL command I want.
>
> You can do any query you like already. What more do you need?
I need the ability t
Marc Perkel wrote:
> I may be missing something by MySQL support in Exim seems to be limited
> to lookups rather than just the ability to randomly run any MySQL
> command I want.
You can do any query you like already. What more do you need?
--
Martin A. Brooks | http://www.antibodymx.net/
John W. Baxter wrote:
> It would indeed be nice to be able to produce arbitrary queries within
> Exim (not just for MySQL although that's the one we use).
Um... the exim spec doesn't limit queries to SELECTs and say you have to
use the results of a query, so something like this works perfectly
(d
On 6/7/06 5:50 PM, "Marc Perkel" <[EMAIL PROTECTED]> wrote:
> I may be missing something by MySQL support in Exim seems to be limited
> to lookups rather than just the ability to randomly run any MySQL
> command I want. It also seems to lack MySQL support in the filter language.
>
> I'm in the pr
I may be missing something by MySQL support in Exim seems to be limited
to lookups rather than just the ability to randomly run any MySQL
command I want. It also seems to lack MySQL support in the filter language.
I'm in the process of trying to do some really kool stuff and fighting
the Exim s
On Sun, May 21, 2006, Magnus Holmgren wrote:
>> During ACLs, sometimes it is required to get a final recipient's address
>> (in my setup, expand an alias and read the antispam settings of the
>> expanded address).
> You should be able to do this by setting address_data in the appropriate
> router.
Sunday 21 May 2006 22:30 skrev Stanislaw Halik:
> During ACLs, sometimes it is required to get a final recipient's address
> (in my setup, expand an alias and read the antispam settings of the
> expanded address).
You should be able to do this by setting address_data in the appropriate
router.
-
Hello,
While preparing my exim setup for a hosting service, I was thinking
about a certain feature, which IMHO would turn out to be quite useful.
During ACLs, sometimes it is required to get a final recipient's address
(in my setup, expand an alias and read the antispam settings of the
expanded a
On Fri, 21 Apr 2006 23:15:02 +0200, Christian Schmidt
<[EMAIL PROTECTED]> wrote:
>That can be done using a system filter, e.g.:
>
>### Tag Subject line of recognized Spam Mails:
>if "${if def:header_X-New-Subject: {there}}" is there
>then
> headers remove subject
> headers add "Subject: $h_X-New-
On Fri, 21 Apr 2006 10:59:31 -0700, Marc Perkel <[EMAIL PROTECTED]>
wrote:
>You're being rude. I know how to work arounds it. My suggestion
>eliminated the need for the if statement and makes the code look better
>and simplier.
exim's stance on configuration is an abstract one. I'd be surprised
On Fri, 21 Apr 2006, Marc Perkel wrote:
> accept condition
> addheader = x-something: something
>
> But - I want to only add the header once.
If that is in a RCPT or MIME ACL, Exim will only add that header once,
however many recipients there are. Amazingly, I actually thought of this
p
On 4/21/06 3:33 PM, "Marc Perkel" <[EMAIL PROTECTED]> wrote:
> Right - all the suff I'm asking for can already be done, but it takes
> several lines to do it. By adding new featues it makes it easier. And
> easier is a good thing.
Granted.
Now, whether implementing the stuff is a good thing depe
Christian Schmidt wrote:
> Hello Marc,
>
> Marc Perkel, 21.04.2006 (d.m.y):
>
>
>> Marc Perkel wrote:
>>
>>> Like to have a feature like add_header called perhaps add_unique_header
>>> which will only add the header if that header isn't already there.
>>>
>>>
>>>
>> Also would
Hello Marc,
Marc Perkel, 21.04.2006 (d.m.y):
> Marc Perkel wrote:
> > Like to have a feature like add_header called perhaps add_unique_header
> > which will only add the header if that header isn't already there.
> >
> >
> Also would like to see a replace_header command to delete and existing
Marc Perkel wrote:
> Like to have a feature like add_header called perhaps add_unique_header
> which will only add the header if that header isn't already there.
>
>
Also would like to see a replace_header command to delete and existing
header if there and replace it with a newer version.
Marc Sherman wrote:
> Marc Perkel wrote:
>
>> Like to have a feature like add_header called perhaps add_unique_header
>> which will only add the header if that header isn't already there.
>>
>
> I'd like to grow wings on my back so I that could fly to work. Doesn't
> mean it's going to
Marc Perkel wrote:
> Like to have a feature like add_header called perhaps add_unique_header
> which will only add the header if that header isn't already there.
I'd like to grow wings on my back so I that could fly to work. Doesn't
mean it's going to happen.
In the interim, RTFM ${if} and the
Like to have a feature like add_header called perhaps add_unique_header
which will only add the header if that header isn't already there.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http:/
On Thu, 30 Mar 2006, Steffen Heil wrote:
> However, my feature request enables much more...
>
> I am just thinking, that I can READ every variable everywhere using
> $variable, why shouldn't I be able to assign them? (At least for most, this
> should not be a problem.)
Some of them are obviously
Quoting Steffen Heil:
> I know, I can do all this using $ack_cX, but I have a lot of rules, all of
is it really so hard?
set a macro, e.g. "ACL_AUTHENTICATED = acl_c99"
In some acl (e.g. mail from, that's usually the first one used after
authentication):
warn
authenticated = *
set ACL_AUTHEN
Hi
> What I use in this situation is the SASL EXTERNAL mechanism.
> This is designed for lifting some lower-level authentication
> (such as IPSEC or
> TLS) to the SASL level, but there's no reason that you can't
> consider TCP connections from a known client to be good
> enough authentication
On Thu, 30 Mar 2006, Steffen Heil wrote:
>
> I would like to do the following:
>
> warn host = a.b.c.d
>set authenticed = test
>
> So that remote hosts can be authenticated directly.
What I use in this situation is the SASL EXTERNAL mechanism. This is
designed for lifting some lower-level
Hi
I would ask you about you opinion about a new feature request:
I would like to do the following:
warn host = a.b.c.d
set authenticed = test
So that remote hosts can be authenticated directly.
I know, I can do all this using $ack_cX, but I have a lot of rules, all of
them using authen
Ian Eiloart wrote:
Yes, that works nicely. Thanks! I've defined a generic BOUNCE_REASON,
which I can override from the command line.
I don't think you even need to do that; bounce_message_text defaults to
unset, and is only included in the bounce message if it's set. That's
why I wrapped
On 10 Nov 2005, at 17:04, Marc Sherman wrote:
Philip Hazel wrote:
On Thu, 10 Nov 2005, Ian Eiloart wrote:
exim -Mg --message "Try hotmail.com not hotamil.com" $ID
From the Wish List:
(94) 13-May-1999 M message to go with -Mg
Hmm... Would this work?
.ifdef BOUNCE_REASON
bounce_message_
Philip Hazel wrote:
On Thu, 10 Nov 2005, Ian Eiloart wrote:
exim -Mg --message "Try hotmail.com not hotamil.com" $ID
From the Wish List:
(94) 13-May-1999 M message to go with -Mg
Hmm... Would this work?
.ifdef BOUNCE_REASON
bounce_message_text = BOUNCE_REASON
.endif
exim '-DBOUNCE_
On Thu, 10 Nov 2005, Ian Eiloart wrote:
> exim -Mg --message "Try hotmail.com not hotamil.com" $ID
>From the Wish List:
(94) 13-May-1999 M message to go with -Mg
Well, it's only 6.5 years...
--
Philip HazelUniversity of Cambridge Computing Service,
[EMAIL PROTECTED] Cambrid
On 10 Nov 2005, at 15:39, Bill Hacker wrote:
Ian Eiloart wrote:
Hi,
My queues are small enough that I can afford to go in
occasionally and look at what's stuck. Most of what's there is
down to typos in mail local part or domains. Users get annoyed by
warning messages, though I've tri
Hi,
My queues are small enough that I can afford to go in occasionally
and look at what's stuck. Most of what's there is down to typos in
mail local part or domains. Users get annoyed by warning messages,
though I've tried to pare down the frequency. I like to keep the
queues short - it's
Steve Campbell and I were having a conversation about a feature request
I had for eximstats, and he suggested I air it on the list to see if
others thought it would be useful:
Marc Sherman wrote:
Would it be possible to add an option to include remote authenticated
users in the Top 50 Local Sen
Lasse B. Jensen wrote:
Possiblity to change
spamd_score_char from '+' or '-' to a configuration parameter in exim.conf
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050523/msg00107.html
Bob
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim de
Possiblity to change
from spam.c exim 4.51 source
spamd_score_char = spamd_score > 0 ? '+' : '-';
spamd_score_char from '+' or '-' to a configuration parameter in exim.conf
Reason:
when matching with exim filter on the spam_bar to sort spam with more
than score X, which can vary from
Hi,
I find myself wanting to log random information from within the
router chain, but without running in debug mode. Is there a clean
way to do this?
Currently I'm using variants of
=
lookup_delivery_chk2:
driver =redirect
condition = ${if !def:h_X-randomreas
64 matches
Mail list logo
