Hi,
a short report from our cluster:
Every system has been hit with this "test" :
2023-10-02 04:48:31 SMTP call from (hello) [152.32.233.30] dropped: too
many syntax or protocol errors (last command was "AUTH NTLM
TlRMTVNTUAABB4IIAAA=", C=EHLO,HELP,AUTH)
"TlRMTVNTU
Dňa 2. 10. o 9:13 Cyborg via Exim-users napísal(a):
2023-10-02 04:48:31 SMTP call from (hello) [152.32.233.30] dropped: too
many syntax or protocol errors (last command was "AUTH NTLM
TlRMTVNTUAABB4IIAAA=", C=EHLO,HELP,AUTH)
From time to time i see these for years, th
On 02/10/2023 10:20, Slavko via Exim-users wrote:
AFAIK EXTERNAL requires TLS auth before,
No; only if your config enforces that.
The example in the docs does, but that's not the only way to use External.
thus will not come from random untrusted hosts...
Being able to talk TLS is everywhere
Dear Exim Users,
we released the available fixes for the issues mentioned in the recent
CVEs.
See this link for a summary:
https://exim.org/static/doc/security/CVE-2023-zdi.txt
Distribution points:
- git://git.exim.org
branches:
- spa-auth-fixes (based on the current ma
Dear List
The official communication talks of "EXTERNAL auth": Is it meant for
driver = external
as mentioned under [1] or any external authentication like
driver = dovecot
and thus written capitalized? Or does EXTERNAL refer to something completely
different?
Thank you for
Dňa 2. októbra 2023 9:36:00 UTC používateľ Jeremy Harris via Exim-users
napísal:
>On 02/10/2023 10:20, Slavko via Exim-users wrote:
>> AFAIK EXTERNAL requires TLS auth before,
>
>No; only if your config enforces that.
>The example in the docs does, but that's not the only way to use External.
I
On 02/10/2023 13:44, Adrian Zaugg via Exim-users wrote:
The official communication talks of "EXTERNAL auth": Is it meant for
driver = external
as mentioned under [1] or any external authentication like
driver = dovecot
and thus written capitalized? Or does EXTERNAL refer to so
> Every system has been hit with this "test" :
>
> 2023-10-02 04:48:31 SMTP call from (hello) [152.32.233.30] dropped: too
> many syntax or protocol errors (last command was "AUTH NTLM
> TlRMTVNTUAABB4IIAAA=", C=EHLO,HELP,AUTH)
>
> "TlRMTVNTUAABB4IIAA
On 2023-10-02 Christof Meerwald via Exim-users
wrote:
> On Sun, 01 Oct 2023 20:35:48 +, Slavko via Exim-users wrote:
> > Dňa 1. októbra 2023 20:07:45 UTC používateľ Christof Meerwald via
> > Exim-users napísal:
> >>This was only officially confirmed today (which is very unfortunate),
> >
>
On Mon, 2 Oct 2023 18:11:49 +0200, Andreas Metzler via Exim-users wrote:
> On 2023-10-02 Christof Meerwald via Exim-users
> wrote:
>> On Sun, 01 Oct 2023 20:35:48 +, Slavko via Exim-users wrote:
>> > Dňa 1. októbra 2023 20:07:45 UTC používateľ Christof Meerwald via
>> > Exim-users napísal:
Am 02.10.23 um 19:38 schrieb Christof Meerwald via Exim-users:
"Please why?
+ do you use AUTH (NTLM/EXTERNAL) on port 25?"
So I was asking if these details were indeed available somewhere
before Sunday evening.
A lance for security:
The Trend Micro abstracts had already enough inf
Dňa 2. októbra 2023 17:38:02 UTC používateľ Christof Meerwald via Exim-users
napísal:
>So I was asking if these details were indeed available somewhere
>before Sunday evening.
Yes, it was.
I don't remember exactly where, because (as here was silence
officially) i tried various sources. Perhaps
On Mon, 2 Oct 2023 20:54:56 +0200, Cyborg via Exim-users wrote:
> That slowed it down massively and now, with the public advisories from
> ZDI, the pressure was immense to find it in time and develope a working fix.
But my understanding here is that fixes were actually already done in
May 2023, s
13 matches
Mail list logo
