Hi,
> It's in that vein, but not quite. The issue pointed to by ZDI was the
> trusting
> of the "chunk sizes" for the possibly multiple chunks of an RR, versus the
> whole
> RR size.
>
> An opinion from another (non-Exim, but a name I recognize) dev was
> - yes there's at least one resolver ou
Dear Exim users,
while the recent CVEs addressed some issues that existed in Exim, there
seems to be at least one issue that is related to a library we
potentially use.
ZDI-23-1472 | ZDI-CAN-17578 | CVE-2023-42118 | Exim Bug 3032
- https://bugs.exim.org/show_bug.cgi?id=3032
- https://www.zeroday
Hi Guys,
I have a Debian 11 server with exim4 on it. I have configured exim4 to
always use Amazon's smtp server ("mail.mydomainname.com") for email
delivery.
I do have access credentials, but I want to know if its possible to force
exim to not authenticate the Amazon server credentials.
I get th
Dňa 4. 10. o 8:45 Florian Zumbiehl via Exim-users napísal(a):
responses--however, if that recursive resolver is on a different machine
than exim itself, which probably is a common setup, then an attacker with
access to the same local network can just send exim faked DNS responses
ahead of the re
Hi
this patch is based on 1.2.10, the latest version is 1.2.11, not sure
what the difference is but there might be something overlooked. The website
https://www.libspf2.org/
is 1.2.10 (seems not to be updated)
where github is the
https://github.com/shevek/libspf2
1.2.11
I believe 1.2.11 w
On 04/10/2023 09:35, Shaheena Kazi via Exim-users wrote:
Is there any directive that can be added in the remote_smtp_smarthost to
bypass the authentication ?
Your probably have done so already; that's the implication of that error
response.
Amazon is *requiring* that you authenticate to them b
Laura Williamson via Exim-users (Mi 04 Okt 2023
11:04:08 CEST):
> Hi
>
> this patch is based on 1.2.10, the latest version is 1.2.11, not sure what
> the difference is but there might be something overlooked. The website
Debian ships 1.2.10 for bookworm, probably backporting some changes that
a
Okay thanks for the clarification.
On Wed, 4 Oct 2023 at 2:39 PM, Jeremy Harris via Exim-users <
exim-users@lists.exim.org> wrote:
> On 04/10/2023 09:35, Shaheena Kazi via Exim-users wrote:
> > Is there any directive that can be added in the remote_smtp_smarthost to
> > bypass the authentication
Heiko Schlittermann via Exim-users (Mi 04 Okt 2023
10:01:03 CEST):
> - Git repo for `gbp`: https://gitea.schlittermann.de/DEB/libspf2
> - Packages: https://apt.schlittermann.de/pool/main/libs/libspf2/
Fixed again. My patch was broken. Credits to Lutz Pressler.
--
Heiko
signature.asc
Descriptio
I have a dedicated server running exim. It works great, except I
can not get a smarthost setup to work in combination with sender
verification.
On the server, I have sender verification enabled, as a means to
reduce spam. It generally works well. The ACLs are just the ones
from Debian/Ubuntu:
On Wed, Oct 04, 2023 at 02:11:27PM +0200, Mario Emmenlauer via Exim-users wrote:
> I wanted sender verification only for non-authenticated users. The
> spam protection is (for me) not relevant for authenticated users.
> They are assumed to be trustworthy.
What's the problem to add conditions like
On Wed, Oct 04, 2023 at 02:11:27PM +0200, Mario Emmenlauer via Exim-users wrote:
> Also, I'd like to have unique mailnames for each desktop, like
> .mydomain.org, to better identify where the mail originated
> from. But these domains do not really exist, they would be "fake"
> mailnames to identif
> Now I would like to configure this server as a smarthost, so it will
> forward emails from my desktop computers (without static IP or DNS).
> Also, I'd like to have unique mailnames for each desktop, like
> .mydomain.org, to better identify where the mail originated
> from. But these domains do n
On Wed, Oct 04, 2023 at 03:59:23PM +0200, Mario Emmenlauer wrote:
> So to confirm, the ACL that verifies only non-authenticated users would read:
>
> deny
> !acl = acl_local_deny_exceptions
> !verify = sender
> authenticated = *
> message = Sender verification failed
You should
> This is a very interesting and valid point! I could actually quite
> easily create MX entries for the host's subdomains on mydomain.org,
> so that MX .mydomain.org points to mydomain.org.
>
> But does that mean that in turn, each of these subdomains would need
> to be added as a local domain in e
On Wed, 4 Oct 2023, Mario Emmenlauer via Exim-users wrote:
I have a dedicated server running exim. It works great, except I
can not get a smarthost setup to work in combination with sender
verification.
On the server, I have sender verification enabled, as a means to
reduce spam. It generally
On Wed, Oct 04, 2023 at 12:49:29PM -0400, Chris Siebenmann via Exim-users wrote:
> > But does that mean that in turn, each of these subdomains would need
> > to be added as a local domain in exim on mydomain.org? Are there any
> > downsides with that? It seems a bit wrong that mydomain.org has loc
On Wed, Oct 04, 2023 at 10:45:25AM +0200, Slavko via Exim-users wrote:
> > responses--however, if that recursive resolver is on a different
> > machine than exim itself, which probably is a common setup, then
> > an attacker with access to the same local network can just send
> > exim faked DNS re
Dňa 4. októbra 2023 8:01:03 UTC používateľ Heiko Schlittermann via Exim-users
napísal:
>So, if you do not want to disable the `spf` condition and `spf`
>lookups in your Exim configuration, you could try to use a patched
>version of the libspf2 library.
Just curious, but libopendmarc2 uses libsp
Slavko via Exim-users (Mi 04 Okt 2023 19:26:12
CEST):
> Dňa 4. októbra 2023 8:01:03 UTC používateľ Heiko Schlittermann via Exim-users
> napísal:
>
> >So, if you do not want to disable the `spf` condition and `spf`
> >lookups in your Exim configuration, you could try to use a patched
> >version
Dňa 4. októbra 2023 19:07:50 UTC používateľ Heiko Schlittermann via Exim-users
napísal:
>Hm, maybe I'm confusing things, but the dmarc condition doesn't work
>well if you do not use the spf condition first. So (but I may be totally
>wrong), `dmarc = …` doesn't automatically call `spf = …`
>
>Ple
On 04/10/2023 17:49, Chris Siebenmann via Exim-users wrote:
And notice how common 'local_domains'
(pluralized) is in Exim configurations.
The word is only meaningful in the context of the Exim configuration.
It's commonly used as a domain-list, sure. And used in a specific way.
But this is t
On Wed, Oct 04, 2023 at 09:36:12PM +0200, Mario Emmenlauer wrote:
> > Rather than leak user@.domain forms out to the public
> > Internet, explain and solve the real problem that not masquerading
> > all users behind the primary domain is supposed to solve???
>
> So for me, the exim email system o
> > So for me, the exim email system on the desktop computers is
> > exclusively used by the Linux operating system. I do not enable
> > incoming email, so all mails are generated by the various services
> > that come with Linux. Some of these services are operated
> > intentionally by me, like log
24 matches
Mail list logo
