|
|
|
|
|
|
| Author |
Message |
Peter Bowyer
*nix forums Guru
Joined: 27 Jan 2005
Posts: 340
|
 Posted: Fri Jan 28, 2005 10:11 am Post subject:
Re: Re: iplist filtering
|
|
|
On Thu, 27 Jan 2005 13:37:11 -0800, ppichlak <ppichlak@uvic.ca> wrote:
| Quote: | Hello,
I am running Spamassassin from exim on a per email basis via exiscan-acl.
Stored in some file I have a list of ips that signify users whose email
should always be allowed through.
To prevent Spamassassin from filtering that email out as spam I wanted to
append
a header to each email with some message that Spamassassin would look for,
that way it would know that this message is allowed.
My solution was to do this using one of exim's ACL's, unfortunately
Spamassassin can't see the appended header.
Any ideas, or different ways to go about this?
|
Use your list of IPs in a condition in the ACL which calls the spam scan
warn message = X-Spam-Status: Yes
!hosts = <list of ips to let through>
spam = nobody
Modify to fit your DATA ACL structure.
Peter
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
 |
Marc MERLIN
*nix forums beginner
Joined: 31 Jan 2005
Posts: 9
|
| Posted: Mon Jan 31, 2005 2:52 am Post subject:
Re: greylisting
|
|
|
On Thu, Jan 20, 2005 at 02:43:12PM +0000, Dennis Davis wrote:
| Quote: | On Thu, 20 Jan 2005, Oliver Egginger wrote:
From: Oliver Egginger <oliver.egginger@dvz.fh-giessen.de
To: Jeanne Schock <jschock@brynmawr.edu
Cc: Exim User's Mailing List <exim-users@exim.org
Date: Thu, 20 Jan 2005 15:33:05 +0100
Subject: Re: [exim] greylisting
You have to implement an additional state machine, which coexists in
front of your MTA. For doing this you need a database (mysql for
example) where you can store a triple of ip address, sender address and
recipient address for incomming connections.
See:
http://projects.puremagic.com/greylisting/
for a useful source of material. In particular the links page contains
pointers to various implementations for exim. Can't comment any further
as I don't use greylisting.
|
I apologize for everyone who already knows about this :)
http://marc.merlins.org/linux/exim/sa.html#greylisting
The main idea is that I don't think you want to greylist everyone, and
greylisting at RCPT TO causes some problems with VERP, so you only
greylist people who you're not sure are spammers or good folks.
Out of curiosity, does anyone know of other adaptive greylisting
implementations (i.e. you let most mails through without delay, refuse
the clear spammers right away, and only greylist people in the middle)
Marc
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/ | Finger marc_f@merlins.org for PGP key
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Tony Finch
*nix forums Guru
Joined: 22 Mar 2002
Posts: 1222
|
| Posted: Mon Jan 31, 2005 8:08 am Post subject:
Re: Very long delay after RCPT
|
|
|
On Thu, 27 Jan 2005, Ben Giddings wrote:
| Quote: |
Very likely, but nothing at all is showing up in my logs, that was the first
place I looked. That's why I need some more help figuring out why it's not
working properly.
|
Try running Exim in debugging mode then.
Tony.
--
<fanf@exim.org> <dot@dotat.at> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Craig Jackson
*nix forums beginner
Joined: 29 Jan 2005
Posts: 44
|
| Posted: Mon Jan 31, 2005 10:29 am Post subject:
Re: greylisting
|
|
|
On Sun, 30 Jan 2005 19:52:31 -0800
Marc MERLIN <marc_news@merlins.org> wrote:
| Quote: | On Thu, Jan 20, 2005 at 02:43:12PM +0000, Dennis Davis wrote:
On Thu, 20 Jan 2005, Oliver Egginger wrote:
From: Oliver Egginger <oliver.egginger@dvz.fh-giessen.de
To: Jeanne Schock <jschock@brynmawr.edu
Cc: Exim User's Mailing List <exim-users@exim.org
Date: Thu, 20 Jan 2005 15:33:05 +0100
Subject: Re: [exim] greylisting
You have to implement an additional state machine, which coexists
in front of your MTA. For doing this you need a database (mysql
for example) where you can store a triple of ip address, sender
address and recipient address for incomming connections.
See:
http://projects.puremagic.com/greylisting/
for a useful source of material. In particular the links page
contains pointers to various implementations for exim. Can't
comment any further as I don't use greylisting.
I apologize for everyone who already knows about this :)
http://marc.merlins.org/linux/exim/sa.html#greylisting
The main idea is that I don't think you want to greylist everyone, and
greylisting at RCPT TO causes some problems with VERP, so you only
greylist people who you're not sure are spammers or good folks.
Out of curiosity, does anyone know of other adaptive greylisting
implementations (i.e. you let most mails through without delay, refuse
the clear spammers right away, and only greylist people in the middle)
|
I have a resend boolean field. That way the if the email is resent, it
is never greylisted again. Of course that is only good for that
recipient. Also the IP field uses x.x.x.0/24 to account for the fact
that many companies send mail from multiple IPs. I agree that
greylisting can be quite restrictive. I lowered the time interval to 5
minutes because I noticed that most spammers never resend.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Wycliffe Bahati
*nix forums beginner
Joined: 01 Feb 2005
Posts: 8
|
| Posted: Tue Feb 01, 2005 10:41 am Post subject:
Re: timed permission
|
|
|
On Thu, 2005-01-27 at 13:25, Ron McKeating wrote:
| Quote: | Hi all, we are looking at a way of only allowing certain people to send
email at certain time, eg out of hours. This would be useful for say
allowing the students union to send out ents information, which goes to
all students and could put a very large load on the server during
working hours.
Just wondering if anybody has already done this before we re-invent the
wheel.
Ron
Hi |
I guess you could make use of iptables and a script to allow and
disallow smtp connections at certain times.
Wycliffe
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Ben Giddings
*nix forums beginner
Joined: 27 Jan 2005
Posts: 5
|
| Posted: Tue Feb 01, 2005 9:20 pm Post subject:
Re: Very long delay after RCPT
|
|
|
It looks like I solved the problem. It was actually a DNS issue, rather
than an exim issue. Exim was trying to resolve some hosts, was unable
to do so, and bailed out after a while.
I used Tony Finch's suggestion and ran Exim in debugging mode and
watched what happened. I ran it as
exim4 -bd -q30m -d
I know that -bd tries to background it and -d overrides that an
foregrounds it, but I wanted to use nearly the same configuration that
gets used when I ran it from init.d
So, I saw the DNS failures and figured that was the problem.
One question though: does exim cache the results of the DNS lookups it
does? From scanning what was happening, it looked like it was trying to
resolv all the hosts in local_domains etc. multiple times. I hope it
isn't trying to look up that unchanging list every single time an
incoming email arrives. That seems pretty inefficient, if it is the case.
Anyhow, looks like the problem is solved. Thanks!
Ben
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Bill Hacker
*nix forums Guru
Joined: 27 Jan 2005
Posts: 427
|
| Posted: Tue Feb 01, 2005 11:05 pm Post subject:
Re: timed permission
|
|
|
Wycliffe Bahati wrote:
| Quote: | On Thu, 2005-01-27 at 13:25, Ron McKeating wrote:
Hi all, we are looking at a way of only allowing certain people to send
email at certain time, eg out of hours. This would be useful for say
allowing the students union to send out ents information, which goes to
all students and could put a very large load on the server during
working hours.
Just wondering if anybody has already done this before we re-invent the
wheel.
Ron
Hi
I guess you could make use of iptables and a script to allow and
disallow smtp connections at certain times.
Wycliffe
|
Looks like these, or any 'broadcast' funtionality should really be
(probably already ARE) in a Mailing List Manager.
That toolset should already have a mechanism for controlling delivery
time - or one (such as a 'digest' function) that can be utilized to the
same effect. Sub-lists may be called for.
Using that built-in, or scripting a time-window for it, would probably
be easier and 'safer' than messing with Exim - which one supposes must
continue to be a 24x7 service for all other mail.
Bill Hacker
Bill Hacker
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Bill Hacker
*nix forums Guru
Joined: 27 Jan 2005
Posts: 427
|
| Posted: Wed Feb 02, 2005 12:13 am Post subject:
Re: Very long delay after RCPT
|
|
|
Ben Giddings wrote:
| Quote: | It looks like I solved the problem. It was actually a DNS issue, rather
than an exim issue. Exim was trying to resolve some hosts, was unable
to do so, and bailed out after a while.
I used Tony Finch's suggestion and ran Exim in debugging mode and
watched what happened. I ran it as
exim4 -bd -q30m -d
I know that -bd tries to background it and -d overrides that an
foregrounds it, but I wanted to use nearly the same configuration that
gets used when I ran it from init.d
So, I saw the DNS failures and figured that was the problem.
One question though: does exim cache the results of the DNS lookups it
does? From scanning what was happening, it looked like it was trying to
resolv all the hosts in local_domains etc. multiple times. I hope it
isn't trying to look up that unchanging list every single time an
incoming email arrives. That seems pretty inefficient, if it is the case.
Anyhow, looks like the problem is solved. Thanks!
Ben
|
IIUIC, it does cache DNS (and other) lookups - unless running in a
manual test or debug mode, where it would not ordinarily be useful,
practical, or desireable to do so.
Bill Hacker
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Tony Finch
*nix forums Guru
Joined: 22 Mar 2002
Posts: 1222
|
| Posted: Wed Feb 02, 2005 9:17 am Post subject:
Re: Very long delay after RCPT
|
|
|
On Tue, 1 Feb 2005, Ben Giddings wrote:
| Quote: | One question though: does exim cache the results of the DNS lookups it does?
|
Some. It assumes that most DNS cacheing will be done by the local name
server, so it doesn't try to be particularly clever about DNS cacheing
itself.
Tony.
--
<fanf@exim.org> <dot@dotat.at> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Tony Finch
*nix forums Guru
Joined: 22 Mar 2002
Posts: 1222
|
| Posted: Wed Feb 02, 2005 9:30 am Post subject:
Re: timed permission
|
|
|
On Wed, 2 Feb 2005, Bill Hacker wrote:
| Quote: |
Looks like these, or any 'broadcast' funtionality should really be (probably
already ARE) in a Mailing List Manager.
|
The problem here is that the mailing list system is not under the control
of the person running the recipients' mail system.
Tony.
--
<fanf@exim.org> <dot@dotat.at> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Chad Leigh -- Shire.Net L
*nix forums addict
Joined: 09 Feb 2005
Posts: 52
|
| Posted: Wed Feb 02, 2005 4:18 pm Post subject:
Re: really old mail hanging around
|
|
|
On Jan 26, 2005, at 12:35 AM, Odhiambo G. Washington wrote:
| Quote: | This is mail addressed to your MAILMAN_USER. You run mailman, yes?
|
Sorry to not get back to you right away -- was out of town a few days.
Yes and no. We run mailman, but not at mailman@shire.net . The
machine in question runs @shire.net mail and mailman is run on a
different server @lists.shire.net . The difficulty is that these
"servers" are virtual servers (FreeBSD jail) on one piece of HW and for
various reasons the UIDs need to be set up on the main mail server.
Mailman is set up correctly on its own server.
Chad
| Quote: |
In my setup, MM_HOME = /usr/local/mailman. In yours it's
/nonexistent. I don't believe this is right, if you really followed
the instructions on configuring Exim with Mailman.
Here is the HOWTO: http://www.exim.org/howto/mailman21.html
Once you follow that and fix the home for MM_UID, your problem will
have been solved.
About your other questions, I may not be able to answer them for now,
using guesswork, but maybe others here will.
|
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Chad Leigh -- Shire.Net L
*nix forums addict
Joined: 09 Feb 2005
Posts: 52
|
| Posted: Wed Feb 02, 2005 4:23 pm Post subject:
Re: really old mail hanging around
|
|
|
Hi
I went out of town for a few days before I could respond... (Was in
Vegas for a trade show  )
On Jan 26, 2005, at 2:46 AM, Philip Hazel wrote:
| Quote: | On Wed, 26 Jan 2005, Chad Leigh -- Shire.Net LLC wrote:
2004-08-31 08:40:49 mailman@shire.net R=userforward defer (-1):
failed to stat
/nonexistent/. (No such file or directory)
The last almost three weeks of logfile shows NO retries at all.
Just a ton
of
2005-01-05 12:25:41 1C29oW-0004AC-00 == mailman@shire.net routing
defer (-51):
retry time not reached
The retry config shows
* * F,2h,15m; G,16h,2h,1.5; F,10d,8h
(there are no specific retry rules for this domain)
Why don't you try a delivery with debugging turned on, to see how Exim
is handling this message? Make it do a queue run for just the one
message, so that the conditions are identical to real queue runs and
the
retry rules are inspected. For example:
exim -d -q 1C29oW-0004AC-00 1C29oW-0004AC-00
If the debug output (sent to stderr) looks suspicious, you can always
send it to me for comment (though I am shortly going to be away for 2.5
weeks).
|
Before I had a chance to do that, it "solved itself". I basically
purged the retry database and for some reason it started to fail a few
until the retry database got established again and then it would never
retry again. (Maybe there were too many of them in the queue).
Anyway, I set up a cron job to continuously purge the retry database
until all of these were gone. And then I added the retry rule that
Phillip mentioned in another mail to have it fail off hand and so we
are not getting the problem anymore...
| Quote: |
For the record, which release of Exim?
|
4.43
Thanks
Chad
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Stephen M. Canale
*nix forums beginner
Joined: 02 Feb 2005
Posts: 1
|
| Posted: Wed Feb 02, 2005 6:25 pm Post subject:
Specifying smtp_ratelimit_rcpt
|
|
|
I'm using smtp_ratelimit_rcpt = 4,0.25s,1.015,4m as referenced in the Exim
docs but would like to specify a different option (more lenient) for a
particular server.
In fact, I'd like to have a whole different set configuration options for
this one server.
But, I'm not sure how to do so.
Is there a way to use one set of configurations for the "world" and another
set of configs for specific server (s)??
Stephen
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
David Brodbeck
*nix forums addict
Joined: 02 Mar 2005
Posts: 53
|
| Posted: Wed Feb 02, 2005 9:48 pm Post subject:
RE: Re: SMTP protocol violation (3ware raid controller mai ling to exim 4.44)
|
|
|
| Quote: | -----Original Message-----
From: Jakob Hirsch [mailto:jh@plonk.de]
Exim's default setting of smtp_enforce_sync is strict and therefore
violates the principle of "be tolerant about what you
accept", but the
only people affected by this are spammers and strange smtp clients
(which themselves violate the principle "be strict about what you
send"). And any administrator whos needs to use such software can
disable it.
|
I'd really like to be able to disable it on a per-host basis. That way I
could accommidate "strange smtp clients" while still getting the overall
spam-rejection benefits of this setting.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
WJCarpenter
*nix forums beginner
Joined: 03 Feb 2005
Posts: 14
|
| Posted: Thu Feb 03, 2005 12:25 am Post subject:
RE: Seg fault when using perl
|
|
|
http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20021125/msg00182.html
This posting from November 2002 describes getting a segmentation fault
when using embedded perl with exim 4.10 and suggests an exim code
fix. (Other posts in the thread suggest this is specifically a
problem with threaded perl and that a fix was applied for that after
4.10.)
OK, I found the above post because I suddenly decided I wanted to use
embedded perl, fired up exim, and got a segmentation fault. I got it
in Exim 4.44 as well as 3.36. Applying the suggested code change
(commenting out a couple lines) in perl.c in both versions *seems* to
cure the problem.
So, of course, my questions are as expected: Is this some known issue
with some combinations of OS and perl? Are others hitting the same
thing? Are others curing the problem with the same code change?
FWIW, I'm on RH 9.2 with:
This is perl, v5.8.0 built for i386-linux-thread-multi
(with 1 registered patch, see perl -V for more detail)
--
bill@carpenter.ORG (WJCarpenter) PGP 0x91865119
38 95 1B 69 C9 C6 3D 25 73 46 32 04 69 D6 ED F3
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ## |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
|
The time now is Tue Dec 02, 2008 6:09 am | All times are GMT
|
|
Secured Loans | Mortgage Calculator | Debt Consolidation | Debt Consolidation | Car Credit
|
|
Copyright © 2004-2005 DeniX Solutions SRL
|
|
|
|
Other DeniX Solutions sites:
Unix/Linux blog |
electronics forum |
medicine forum |
science forum |
|
|
Privacy Policy
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
Apps
»
Exim
