> > So for me, the exim email system on the desktop computers is
> > exclusively used by the Linux operating system. I do not enable
> > incoming email, so all mails are generated by the various services
> > that come with Linux. Some of these services are operated
> > intentionally by me, like log
On Wed, Oct 04, 2023 at 09:36:12PM +0200, Mario Emmenlauer wrote:
> > Rather than leak user@.domain forms out to the public
> > Internet, explain and solve the real problem that not masquerading
> > all users behind the primary domain is supposed to solve???
>
> So for me, the exim email system o
On 04/10/2023 17:49, Chris Siebenmann via Exim-users wrote:
And notice how common 'local_domains'
(pluralized) is in Exim configurations.
The word is only meaningful in the context of the Exim configuration.
It's commonly used as a domain-list, sure. And used in a specific way.
But this is t
Dňa 4. októbra 2023 19:07:50 UTC používateľ Heiko Schlittermann via Exim-users
napísal:
>Hm, maybe I'm confusing things, but the dmarc condition doesn't work
>well if you do not use the spf condition first. So (but I may be totally
>wrong), `dmarc = …` doesn't automatically call `spf = …`
>
>Ple
Slavko via Exim-users (Mi 04 Okt 2023 19:26:12
CEST):
> Dňa 4. októbra 2023 8:01:03 UTC používateľ Heiko Schlittermann via Exim-users
> napísal:
>
> >So, if you do not want to disable the `spf` condition and `spf`
> >lookups in your Exim configuration, you could try to use a patched
> >version
Dňa 4. októbra 2023 8:01:03 UTC používateľ Heiko Schlittermann via Exim-users
napísal:
>So, if you do not want to disable the `spf` condition and `spf`
>lookups in your Exim configuration, you could try to use a patched
>version of the libspf2 library.
Just curious, but libopendmarc2 uses libsp
On Wed, Oct 04, 2023 at 10:45:25AM +0200, Slavko via Exim-users wrote:
> > responses--however, if that recursive resolver is on a different
> > machine than exim itself, which probably is a common setup, then
> > an attacker with access to the same local network can just send
> > exim faked DNS re
On Wed, Oct 04, 2023 at 12:49:29PM -0400, Chris Siebenmann via Exim-users wrote:
> > But does that mean that in turn, each of these subdomains would need
> > to be added as a local domain in exim on mydomain.org? Are there any
> > downsides with that? It seems a bit wrong that mydomain.org has loc
On Wed, 4 Oct 2023, Mario Emmenlauer via Exim-users wrote:
I have a dedicated server running exim. It works great, except I
can not get a smarthost setup to work in combination with sender
verification.
On the server, I have sender verification enabled, as a means to
reduce spam. It generally
> This is a very interesting and valid point! I could actually quite
> easily create MX entries for the host's subdomains on mydomain.org,
> so that MX .mydomain.org points to mydomain.org.
>
> But does that mean that in turn, each of these subdomains would need
> to be added as a local domain in e
On Wed, Oct 04, 2023 at 03:59:23PM +0200, Mario Emmenlauer wrote:
> So to confirm, the ACL that verifies only non-authenticated users would read:
>
> deny
> !acl = acl_local_deny_exceptions
> !verify = sender
> authenticated = *
> message = Sender verification failed
You should
> Now I would like to configure this server as a smarthost, so it will
> forward emails from my desktop computers (without static IP or DNS).
> Also, I'd like to have unique mailnames for each desktop, like
> .mydomain.org, to better identify where the mail originated
> from. But these domains do n
On Wed, Oct 04, 2023 at 02:11:27PM +0200, Mario Emmenlauer via Exim-users wrote:
> Also, I'd like to have unique mailnames for each desktop, like
> .mydomain.org, to better identify where the mail originated
> from. But these domains do not really exist, they would be "fake"
> mailnames to identif
On Wed, Oct 04, 2023 at 02:11:27PM +0200, Mario Emmenlauer via Exim-users wrote:
> I wanted sender verification only for non-authenticated users. The
> spam protection is (for me) not relevant for authenticated users.
> They are assumed to be trustworthy.
What's the problem to add conditions like
I have a dedicated server running exim. It works great, except I
can not get a smarthost setup to work in combination with sender
verification.
On the server, I have sender verification enabled, as a means to
reduce spam. It generally works well. The ACLs are just the ones
from Debian/Ubuntu:
Heiko Schlittermann via Exim-users (Mi 04 Okt 2023
10:01:03 CEST):
> - Git repo for `gbp`: https://gitea.schlittermann.de/DEB/libspf2
> - Packages: https://apt.schlittermann.de/pool/main/libs/libspf2/
Fixed again. My patch was broken. Credits to Lutz Pressler.
--
Heiko
signature.asc
Descriptio
Okay thanks for the clarification.
On Wed, 4 Oct 2023 at 2:39 PM, Jeremy Harris via Exim-users <
exim-users@lists.exim.org> wrote:
> On 04/10/2023 09:35, Shaheena Kazi via Exim-users wrote:
> > Is there any directive that can be added in the remote_smtp_smarthost to
> > bypass the authentication
Laura Williamson via Exim-users (Mi 04 Okt 2023
11:04:08 CEST):
> Hi
>
> this patch is based on 1.2.10, the latest version is 1.2.11, not sure what
> the difference is but there might be something overlooked. The website
Debian ships 1.2.10 for bookworm, probably backporting some changes that
a
On 04/10/2023 09:35, Shaheena Kazi via Exim-users wrote:
Is there any directive that can be added in the remote_smtp_smarthost to
bypass the authentication ?
Your probably have done so already; that's the implication of that error
response.
Amazon is *requiring* that you authenticate to them b
Hi
this patch is based on 1.2.10, the latest version is 1.2.11, not sure
what the difference is but there might be something overlooked. The website
https://www.libspf2.org/
is 1.2.10 (seems not to be updated)
where github is the
https://github.com/shevek/libspf2
1.2.11
I believe 1.2.11 w
Dňa 4. 10. o 8:45 Florian Zumbiehl via Exim-users napísal(a):
responses--however, if that recursive resolver is on a different machine
than exim itself, which probably is a common setup, then an attacker with
access to the same local network can just send exim faked DNS responses
ahead of the re
Hi Guys,
I have a Debian 11 server with exim4 on it. I have configured exim4 to
always use Amazon's smtp server ("mail.mydomainname.com") for email
delivery.
I do have access credentials, but I want to know if its possible to force
exim to not authenticate the Amazon server credentials.
I get th
Dear Exim users,
while the recent CVEs addressed some issues that existed in Exim, there
seems to be at least one issue that is related to a library we
potentially use.
ZDI-23-1472 | ZDI-CAN-17578 | CVE-2023-42118 | Exim Bug 3032
- https://bugs.exim.org/show_bug.cgi?id=3032
- https://www.zeroday
Hi,
> It's in that vein, but not quite. The issue pointed to by ZDI was the
> trusting
> of the "chunk sizes" for the possibly multiple chunks of an RR, versus the
> whole
> RR size.
>
> An opinion from another (non-Exim, but a name I recognize) dev was
> - yes there's at least one resolver ou
24 matches
Mail list logo
