Dňa 30. apríla 2023 12:54:12 UTC používateľ Moritz Orbach via Exim-users
napísal:
>Still open:
>- There was protest about the new domain
>- ARC signing
>- Lurker non-HTTPS post
I can only guess, but what i can see after quick look into
wget downloaded page, it seems that your backend hardcodes
Hi,
i wonder about DDoS, i will try explain why in more descriptive,
please aproximate my English...
I have separate MSA exim, it autentificates users against dovecot
and i use dovecot's Auth Policy daemon to do some checks before
ligin itself.
I am facing many login attempts (attacks) from ~100
Dňa 11. mája 2023 19:32:03 UTC používateľ "Martin Waschbüsch via Exim-users"
napísal:
>Under what circumstances would exim add that line? Those lines are not
>currently added on my setup.
See message_prefix pipe transport option, it is added by
default, if not defined
regards
--
Slavko
htt
Dňa 12. mája 2023 4:07:51 UTC používateľ Lena--- via Exim-users
napísal:
>How do you know that connection is held open and timeout happens?
From logs, eg:
2023-05-12 00:45:57 H=[52.176.51.76] Connected CC=US con=1
2023-05-12 00:46:06 dovecot_login authenticator failed for ([52.176.51.7
Dňa 12. mája 2023 11:56:18 UTC používateľ Jeremy Harris via Exim-users
napísal:
>The _max option is there to cap the load imposed on the system;
>a DDOS is possible whether you have that cap or not (though a
>DOS become easier if you limit to lower than the ultimate
>system capability). It's no
Dňa 12. mája 2023 14:36:23 UTC používateľ Jeremy Harris via Exim-users
napísal:
>Your short setting for smtp_receive_timeout is probably the best
>way (despite violating standards).
IMO that standars violating is not true, RFC 6409 allows shorting
SMTP timeouts for MSA, it doesn't strictly defi
Dňa 13. mája 2023 8:50:26 UTC používateľ Cyborg via Exim-users
napísal:
>I suggest to choose your timeout for the kill wisely, as some servers send a
>big chunk of data slow as hell, but a reasonable amount would be 30s.
As i have separate MSA, would not be more easy to setup
that timeout righ
Dňa 12. mája 2023 14:36:23 UTC používateľ Jeremy Harris via Exim-users
napísal:
>Indeed, with the dovecot authenticator and that version of Exim
>I don't think there's anything special you can do if you can't
>fingerprint these connections in some way.
I did simplifíed adaption of python doveco
Dňa 13. mája 2023 11:55:36 UTC používateľ Andrew C Aitchison via Exim-users
napísal:
>I don't think we can do the kill from within exim.
But is that needed? When timeout happens, socket is closed
and process ends.
>We may be able to get exim to fork a process that waits and then kills the
>st
Dňa 13. mája 2023 18:01:43 UTC používateľ Jeremy Harris via Exim-users
napísal:
>On 13/05/2023 14:03, Jeremy Harris via Exim-users wrote:
>> We could
>> - manipulate the SMTP command timeout, as you suggest
>
>It turns out to be not much code to add an ACL control
>which modifies the timeout. Wo
Dňa 13. mája 2023 19:59:24 UTC používateľ Jeremy Harris via Exim-users
napísal:
>On 13/05/2023 20:24, Slavko via Exim-users wrote:
>> Or can this control be set from failed auth event
>> named ACL?
>Yes.
nice ;-)
--
Slavko
https://www.slavino.sk/
--
## subscription confi
Dňa 16. mája 2023 11:58:36 UTC používateľ MRob via Exim-users
napísal:
>warn condition = ${if {${if }}fail}
>
Beware, this one differs from previous two by forced fail of
the first condition. from docs:
if the expansion is forced to fail, the condition is ignored.
The effect is to
Dňa 16. mája 2023 19:36:00 UTC používateľ MRob via Exim-users
napísal:
>Hi, I want to capture part of a regex match (capture group) to put in logs.
>This example using subject header works but is there a better way?
>
>warn set acl_c_temp = ${if match{$h_Subject:}{group>}{$1}{none}}
> !condi
Dňa 16. mája 2023 21:05:49 UTC používateľ MRob via Exim-users
napísal:
>I wasnt sure which is best. In this situation temp variable getting set every
>time *even if set to undefined* correct? So I understand it should not matter
>what variable to use, right?
Yes, you can (re)set variables to
Ahoj,
Dňa Sat, 20 May 2023 09:20:46 +0100 James via Exim-users
napísal:
> I use:
> condition = ${if and
> {{>{$rcpt_count}{2}}{>{${eval:$rcpt_count-$recipients_count}}{2}}}{yes}{no}}
Current debian's exim has something as this (i slightly rewrote it):
condition = ${if >{$rcpt_count
Dňa 26. mája 2023 10:05:16 UTC používateľ Jeremy Harris via Exim-users
napísal:
>A simple (hah!) matter of remove-header, suitable regex, and add-header.
Even more simple, instead of regex, just extract ${address:...}
and use that to replace header, in case of single address...
regards
--
S
Dňa 26. mája 2023 17:50:14 UTC používateľ Jeremy Harris via Exim-users
napísal:
>Why without? Using ${addresses: } does seem to work ok
>for this example:
Jeremy, please, i check docs for ${address:...} now, in it
states RFC 2822 parsing. I don't know how to ask properly
in English. But RFC 28
Dňa 26. mája 2023 17:28:41 UTC používateľ Victor Ustugov via Exim-users
napísal:
>Please show me how you are going to extract the address without the
>regular expression from the header shown above.
Just curious, can you share your regex for address extracting?
regards
--
Slavko
https://www
Dňa 26. mája 2023 20:41:44 UTC používateľ Jeremy Harris via Exim-users
napísal:
>As I read it, 5322 defines display-name as "phrase"
>and then helpfully does not define *that*.
Phrase is defined in 3.2.5 section as one or more words,
and as word is atom or quoted-string, phrase is one or
more
Dňa 26. mája 2023 17:28:41 UTC používateľ Victor Ustugov via Exim-users
napísal:
>I posted example to this list five weeks ago:
>
>From: =?utf-8?Q?My=20Bizness:=20Inc.?=
>
>I know that comma must be encoded. Also I know that MUAs correctly
>display such headers.
All MUAs? Your MUAs?
My MUA s
Dňa 26. mája 2023 22:04:42 UTC používateľ Victor Ustugov via Exim-users
napísal:
>Or was your question about MTA features for your personal use only?
No, that was rhetorical questions ;-)
>It would be nice if everyone used your MUA or my MUA. But that doesn't
>happen in real life. I would cons
Dňa 26. mája 2023 22:31:56 UTC používateľ Victor Ustugov via Exim-users
napísal:
>
>${if
>eq{${address:$rh_From:}}{}{${sg{$rh_From:}{\N^.*<(\S+?@\S+?)>\s*\N}{\$1}}}{${address:$rh_From:}}}
>
Thanks, but do you know that is not perfect too? Eg. try
add "(comment)" after address and will match inv
Dňa 26. mája 2023 23:45:22 UTC používateľ Victor Ustugov via Exim-users
napísal:
>But more than one address in a From header is rare. And if there are
>several such incorrect addresses in the From header of the attacker's
>email, then it's good that at least one of them can be extracted using a
Ahoj,
Dňa Sat, 27 May 2023 13:20:48 +0300 Victor Ustugov via Exim-users
napísal:
> I think that in this case it is not necessary to use a very "horrible
> complicated" full RFC compliant regexp. It may be sufficient to ignore
> all parenthesized text after the last ">". Or even ignore all text i
Ahoj,
Dňa Sat, 27 May 2023 13:37:29 +0300 Victor Ustugov via Exim-users
napísal:
> I think checking the headers of emails sent by your users could be
> more strict. Because if ${address:...} returns empty result then
> header is not RFC compliant.
Yes, but i am not sure, if my ACLs are prepared
Dňa 28. mája 2023 9:35:07 UTC používateľ AC via Exim-users
napísal:
>Thanks, I already did check localhost but it appears what I was after was
>actually sender_host_name being empty which, from what I understand, is what
>H=([ip]) actually represents in the logs (if that's not the case hopeful
Dňa 28. mája 2023 10:34:33 UTC používateľ AC via Exim-users
napísal:
>Thank you for the clarification. So in the case of the log showing
>H=(hostname) [ip] then the HELO/EHLO name matched the hostname obtained by
>RDNS of the ip but if I saw H=hostname (other_hostname) [ip] then the
>HELO/EHL
Dňa 29. mája 2023 9:01:56 UTC používateľ Pete Long via Exim-users
napísal:
>drop
> message = No host name found.
> condition = ${if eq{$host_lookup_failed} {1} {1}{0}}
Beware, host lookup is done by forward confirmation,
in other words, PTR followed by A/ lookup. That
variable has 1 if
Dňa 3. júna 2023 17:52:10 UTC používateľ Julian Bradfield via Exim-users
napísal:
>> Yes. But you didn't show us that bit.
>
>Because it isn't there.
You can use notquit ACL to produce log line on that
case(s), including notquit reason...
But anyway, you cannot expect nice (RFC compliant)
beh
Dňa 3. júna 2023 20:29:11 UTC používateľ Julian Bradfield via Exim-users
napísal:
>Nonetheless, I think that a pipeline should be aborted if you already
>know that the far end is closed.
IMO you are confused. That RCPT rejection was logged,
doesn't mean that it was send, and even if, i am sure
Dňa 4. júna 2023 9:40:25 UTC používateľ Julian Bradfield via Exim-users
napísal:
>True. Indeed, the docs for delay say that SMTP output is, by default,
>flushed before the delay, even in pipelining mode, so now I no longer
>understand why exim doesn't detect the closed stream on the first
>delay
Dňa 4. júna 2023 13:54:49 UTC používateľ Julian Bradfield via
Exim-users napísal:
>I'm a small MTA, handling only relatives and one small sports club.
>So I'm not a particularly heavy target.
Perhaps you can be not target of targeted atrack, but...
Have you properly set SPF/DKIM/DMARC and have
Ahoj,
Dňa Fri, 21 Apr 2023 14:40:47 +0100 Jeremy Harris via Exim-users
napísal:
> On 21/04/2023 13:13, Slavko via Exim-users wrote:
> > it can
> > be related to per_addr option
>
> per_addr can only be used in the rcpt acl.
> You'd possibly be able to just u
Dňa 4. júna 2023 20:08:05 UTC používateľ Julian Bradfield via Exim-users
napísal:
>> BTW, how many of them repeats every some days?
>Actually, I was wrong - I now blacklist for ten days. I must have
>changed it a while ago.
You didn' answer the question: How many of them repeats?
In other word
Dňa 13. júna 2023 4:02:32 UTC používateľ Bill Brelsford via Exim-users
napísal:
>Anyone else seeing this? Any suggestions before I file a bug report?
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1025420
regards
--
Slavko
https://www.slavino.sk/
--
## subscription configuration (requ
Dňa 24. júna 2023 19:40:10 UTC používateľ Ray O'Donnell via Exim-users
napísal:
>(i) Putting this in /etc/exim4/update-exim4.conf.conf:
>
>dc_other_hostnames=${lookup pgsql{select domain_name from domains }}
I afraid, that script which generate final config file is not prepared
to got anything
Hi all,
i have working multidomain DKIM signing, which is based on DB (lsearch),
where i have exact (sub) domains listed with appropriate selectors.
Recently i want to extend (improve) it to use default DKIM domain for
subdomains not exactly mentioned in DB. My main goal is to use common
DKIM key
Dňa 19. augusta 2023 15:15:49 UTC používateľ Jeremy Harris via Exim-users
napísal:
>Could you use one lookup to map (sub) domains to the signing domain,
>and then a second to get the selector (from a different file)?
Thanks.
I can, or at least, i think that i can. But that is what i want to avo
Dňa 19. augusta 2023 15:37:08 UTC používateľ Jeremy Harris via Exim-users
napísal:
>RFC 5322 only lists this as a SHOULD (section 3.8.4) -
>but I see it as spamsign.
Beware, eg. Alibaba sends its access code (2FA or so) without
Message-ID.
regards
--
Slavko
https://www.slavino.sk/
--
## s
Dňa 19. augusta 2023 17:55:36 UTC používateľ Ian Z via Exim-users
napísal:
>Consider first the approach of generating both maps from a common
>source with a tool like awk or perl.
After some play, i end with compromise, i add to file:
example.org: dom=example.org sel=seled:selrsa
And in s
Hi all,
recently i decide to improve my pipe transport for reports processing
to allow relative commands and i go into problems. It was worked
without problems with absolute script path for long time. I solved it,
but i want to know why that happens...
The only changes which i did, are -- i add p
Dňa 28. augusta 2023 12:01:49 UTC používateľ Andrew C Aitchison
napísal:
>> I guess that and your first change meant that /usr/bin/env could no longer
>> find pthyon3.
>
>Sorry, I meant to add
> because env uses path.
Yes, that was my first idea too, but as i wrote, already, i s
Dňa 29. augusta 2023 16:34:24 UTC používateľ Jeremy Harris via Exim-users
napísal:
>Does your shell auto-export a set variable to the environment?
>Or does it stay as an internal variable, leaving the PATH
>in the environment unchanged?
I don't know how bash deals with autoexport, but i find di
Ahoj,
Dňa Thu, 24 Aug 2023 19:46:50 +0200 Charles Leclerc via Exim-users
napísal:
> I've tried looking in the configuration but didn't find anything. Why
> would delivering of identical, locally submitted emails, differ ?
I will guess only, but exim is forking transport process for delivery,
b
Ahoj,
Dňa Sat, 23 Sep 2023 11:30:02 +0200 Mario Emmenlauer via Exim-users
napísal:
> I'd like to reject emails that are not sent from a valid DKIM-enabled
> sender.
Do not do that. Failed DKIM is the same as no DKIM at all (by RFC) and
here is a lot reasons why legitimate email can have broken
Dňa 24. septembra 2023 23:40:38 UTC používateľ Jasen Betts via Exim-users
napísal:
>Such a per-domain database with public sender opt-in exists.
>It is called DMARC
No, DMARC is not "must have DKIM" DB, as it is SPF **or** DKIM.
Main problem (in this case) is, that it is not your DB/decision a
Dňa 25. septembra 2023 8:46:49 UTC používateľ Jeremy Harris via Exim-users
napísal:
>acl_smtp_data:
> ...
> deny condition = ${if def:dkim_verify_status}
> ${if !inlist {pass}{$dkim_verify_status}}
> # remove line below to also reject non-signed messages
>
Dňa 25. septembra 2023 10:47:30 UTC používateľ Jeremy Harris via Exim-users
napísal:
>"So long as a DKIM ACL is defined (it need do no more than accept), after all
>the DKIM ACL runs have completed, the value becomes a colon-separated list of
>the values after each run. This is maintained for
Dňa 1. októbra 2023 17:49:26 UTC používateľ Rainer Dorsch via Exim-users
napísal:
>I stopped the exim4 service on servers with port 25 accessible from the
>internet
Please why?
+ do you use AUTH (NTLM/EXTERNAL) on port 25?
+ do you have untrusted proxy in front?
+ you have not reliable resolv
Dňa 1. októbra 2023 20:07:45 UTC používateľ Christof Meerwald via Exim-users
napísal:
>This was only officially confirmed today (which is very unfortunate),
That is true only in this ML, othervise it was confirmed in Friday:
https://www.openwall.com/lists/oss-security/2023/09/29/5
But yes
Dňa 2. 10. o 9:13 Cyborg via Exim-users napísal(a):
2023-10-02 04:48:31 SMTP call from (hello) [152.32.233.30] dropped: too
many syntax or protocol errors (last command was "AUTH NTLM
TlRMTVNTUAABB4IIAAA=", C=EHLO,HELP,AUTH)
From time to time i see these for years, th
Dňa 2. októbra 2023 9:36:00 UTC používateľ Jeremy Harris via Exim-users
napísal:
>On 02/10/2023 10:20, Slavko via Exim-users wrote:
>> AFAIK EXTERNAL requires TLS auth before,
>
>No; only if your config enforces that.
>The example in the docs does, but that's not the only
Dňa 2. októbra 2023 17:38:02 UTC používateľ Christof Meerwald via Exim-users
napísal:
>So I was asking if these details were indeed available somewhere
>before Sunday evening.
Yes, it was.
I don't remember exactly where, because (as here was silence
officially) i tried various sources. Perhaps
Dňa 3. októbra 2023 11:04:28 UTC používateľ Paul Vinkenoog via Exim-users
napísal:
>I'm running exim on a number of servers and after the news yesterday
>I expected to see the fixed version appear soon in the various repos.
On debian i updated my mail systems yesterday (2. Oct) at ~19:00 CEST
a
Dňa 3. októbra 2023 15:48:01 UTC používateľ Johnnie W Adams via Exim-users
napísal:
>Hi, folks,
>
> What I take from this mitigation statement--Use a trustworthy DNS
>resolver which is able to validate the data according to the DNS record
>types--is that if our DNS service is solid, we are no
Dňa 4. 10. o 8:45 Florian Zumbiehl via Exim-users napísal(a):
responses--however, if that recursive resolver is on a different machine
than exim itself, which probably is a common setup, then an attacker with
access to the same local network can just send exim faked DNS responses
ahead of the re
Dňa 4. októbra 2023 8:01:03 UTC používateľ Heiko Schlittermann via Exim-users
napísal:
>So, if you do not want to disable the `spf` condition and `spf`
>lookups in your Exim configuration, you could try to use a patched
>version of the libspf2 library.
Just curious, but libopendmarc2 uses libsp
Dňa 4. októbra 2023 19:07:50 UTC používateľ Heiko Schlittermann via Exim-users
napísal:
>Hm, maybe I'm confusing things, but the dmarc condition doesn't work
>well if you do not use the spf condition first. So (but I may be totally
>wrong), `dmarc = …` doesn't automatically call `spf = …`
>
>Ple
Dňa 5. októbra 2023 13:29:46 UTC používateľ Mario Emmenlauer via Exim-users
napísal:
>Yes, this is something I did not really consider :( But after the
>suggestions here on the list I can value this. I'll go for an approach
>that keeps the addresses routable. Thanks for pointing that out!
I use
Dňa 6. októbra 2023 2:22:10 UTC používateľ Jasen Betts via Exim-users
napísal:
>> Please, do you want to tell, that having resolver on localhost prevents
>> to exploit this?
>
>It does not prevent the exploit, but to execute the exploit you'd need
>root permissions, which kind of makes it moot,
Dňa 6. októbra 2023 16:24:27 UTC používateľ Andreas Metzler via Exim-users
napísal:
>On 2023-10-06 Slavko via Exim-users wrote:
>[...]
>> hmm, i still cannot get how "network adjacent" is related to root
>> privileges. But my head never was good for attacks...
>
Dňa 8. októbra 2023 13:53:31 UTC používateľ u34--- via Exim-users
napísal:
>Making the whole system treats self signed certificates in the same manner
>as it treats other certificate authorities is distribution dependent.
Self signed certificate is basically CA root certificate directly used
b
Dňa 15. októbra 2023 16:17:32 UTC používateľ Heiko Schlittermann via Exim-users
napísal:
>today we released 2 more fixes for the issues mentioned in the recent
>CVEs.
Nice job, thanks.
>- We fixed issues in the `dnsdb` lookup subsystem.
Please, can you now elaborate more about "trusted resolv
Dňa 15. októbra 2023 17:07:00 UTC používateľ Jeremy Harris via Exim-users
napísal:
>A resolver that you trust to only send properly-structured DNS responses
>towards you. As opposed to crafted responses with interally-inconsistent
>data, which the resolver access library functions (at least in
Dňa 15. októbra 2023 18:37:54 UTC používateľ Andrew C Aitchison via Exim-users
napísal:
>Sadly no. Ubuntu 23-10/mantic (released last week) still has:
>Debian is similar.
I contacted debian's security team about week ago with this.
The response was (in that time), that it is unknown if this
pat
Dňa 20. 10. o 11:45 brunoc68 via Exim-users napísal(a):
Actually the filter works fine : whether one sets up DKIM or not, the
outgoing email gets both disclaimers (txt + html).
However, DKIM check fails (only) when the disclaimers are added.
IMO, the DKIM signature is done before filter (and
Dňa 23. októbra 2023 12:28:50 UTC používateľ Markus Reschke via Exim-users
napísal:
>I'm also looking into optimizing my DKIM configuration, especially which
>headers to sign.
I use this macro:
DKIM_SIGN_HEADERS =
+From:+Reply-To:+Sender:+Subject:+To:+Cc:+Date:+MIME-Version\
${if def:h_Messa
Dňa 3. novembra 2023 16:18:05 UTC používateľ Chris Siebenmann via Exim-users
napísal:
>(In practice it's very rare and generally alarming to see multiple
>instances of most headers.)
AFAIK it was way to trick MUAs to show different value in eg.
From: or Subject: fields. Without oversign, some M
Dňa 15. novembra 2023 23:14:39 UTC používateľ Viktor Dukhovni via Exim-users
napísal:
>If you're using Let's Encrypt as your CA and prefer to publish
>DANE-TA(2), rather than DANE-EE(3) TLSA records, please look over:
Just curious. Enough recent certbot provides --reuse-key and --new-key
(or so
Ahoj,
Dňa Thu, 16 Nov 2023 15:12:15 -0500 Viktor Dukhovni via Exim-users
napísal:
> I don't recommend DANE-TA(2), and encourage use of DANE-EE(3) instead.
I am far from DANE expert, but my understanding is, that DANE-TA is
good for own CAs, where one have full control on (intermediate) CA's
cer
Dňa 19. novembra 2023 19:33:12 UTC používateľ Viktor Dukhovni via Exim-users
napísal:
>It is possible for the path unit to fail to run, but the ACME client
>believes it is done. Does systemd's path unit guarantee "at least once"
>execution.
ACME client doesn't need (nor is) to know about that.
Dňa 19. decembra 2023 17:56:37 UTC používateľ Ray O'Donnell via Exim-users
napísal:
>On 19/12/2023 17:36, Andrew C Aitchison via Exim-users wrote:
>> On Tue, 19 Dec 2023, Odhiambo Washington via Exim-users wrote:
>>
>>> Does this imply that Debian-ists are scared of running anything
>>> outside
Dňa 27. decembra 2023 14:28:23 UTC používateľ Hardy via Exim-users
napísal:
>I put example.com to the "local-dkim-daomains" for testing.
>It selects the correct router and transport. It seems just to ignore
>"allow_localhost"
Is not the allow_localhost transport option?
regards
--
Slavko
h
Dňa 5. januára 2024 13:15:37 UTC používateľ Cyborg via Exim-users
napísal:
>Exim(-> openssl) does not accept one specific TLS 1.2 cipher on incoming
>connections anymore.
>Fact checked with s_client -tls1_2 -cipher ECDHE-RSA-AES256-GCM-SHA384
Do you use EC(DSA) or RSA certificate?
regard
Dňa 14. januára 2024 19:16:17 UTC používateľ Jeremy Harris via Exim-users
napísal:
>On 1/14/24 18:30, Ken via Exim-users wrote:
>> Once in a while a legitimate sender manages to send an important message
>> that really, really looks like spam, so it gets saved (for a little while)
>> in /var/sp
Dňa 14. januára 2024 20:34:12 UTC používateľ Jeremy Harris via Exim-users
napísal:
>Longterm, I'd think something like using the experimental
>queuefile transport would be simplest. You can either manually
>copy the spool file pair back to the main spooldir, or
>just use a directory suitable fo
Ahoj,
Dňa Sun, 21 Jan 2024 12:32:59 -0300 Ronaldo Luiz via Exim-users
napísal:
> How can I know the time when an email was read by the recipient?
Ask him :-D
regards
--
Slavko
https://www.slavino.sk
pgpNvWCNiDyr6.pgp
Description: Digit??lny podpis OpenPGP
--
## subscription configuration
Dňa 21. januára 2024 17:06:30 UTC používateľ Ronaldo Luiz
napísal:
>I want to know the time that the message is in the mail server. The time
>between received and read. This time will show me the delay time of the mail
>server.
Perhaps do you mean time between receiving and delivering? Or, in
Dňa 21. januára 2024 19:03:17 UTC používateľ Ronaldo Luiz de Carvalho
napísal:
>I didn't find how to include it on cPanel Exim Configuration.
I never used cpanel. Ask (or search) in its support.
regards
--
Slavko
https://www.slavino.sk/
--
## subscription configuration (requires account):
Dňa 3. februára 2024 7:52:07 UTC používateľ mouse via Exim-users
napísal:
>The problem is - at malware scanning time the "X-ACL-Data" header does not
>exist in a message. But it DOES exist when a message is finally delivered to
>recipient.
It is clearly documented, all headers added/removed i
Dňa 27. februára 2024 12:36:23 UTC používateľ graeme vetterlein via Exim-users
napísal:
>+ in /etc/default/exim (set COMMONOPTIONS='' ..to -d and =d+all)
I didn't investigate why, but that doesn't work, i guess that it can
be something with mixing systemd & sysv. As debug usually is not
good
Hi all,
i found in ML archives recipe how to remove duplicates from list,
i tried it in that form in file used -be input:
APPEND_ITEM = ${if def:value {$value,$item}{$item}}
INLIST = inlist{$item}{<,$value}
${reduce{<, item1, item2, item1}\
{}\
{${if INLIS
Dňa 28. februára 2024 18:07:47 UTC používateľ Ian Z via Exim-users
napísal:
>I have no real solution, but as tricky as it seems to be, I think a
>new built-in expansion operator to uniquify a list would be a good
>thing.
I found solution (workaround) -- move $value outside of inlist:
INLIS
Dňa 29. februára 2024 6:42:38 UTC používateľ Jasen Betts via Exim-users
napísal:
>On 2024-02-28, Slavko via Exim-users wrote:
>I see what you mean, "${if inlist" doesn't seem to work inside "${reduce"
Not exactly, you can use inlist inside reduce just fain,
Dňa 1. marca 2024 19:06:22 UTC používateľ Ian Z via Exim-users
napísal:
>There is definitely some overhead with the embedded perl approach,
Yes, i mean that overhead.
regards
--
Slavko
https://www.slavino.sk/
--
## subscription configuration (requires account):
## https://lists.exim.org
Dňa 8. marca 2024 20:12:08 UTC používateľ Jeremy Harris via Exim-users
napísal:
>DKIM signing is done after a transport filter.
Please, is that documented somewhere? I fail to find that,
and headers add/remove/rewrite in too.
I roughly remember from tests: "do not rewrite headers" in
signing t
Dňa 9. marca 2024 7:15:17 UTC používateľ Andreas Metzler via Exim-users
napísal:
>The DKIM section of "DKIM, SPF, SRS and DMARC" starts with
>| Exim’s DKIM implementation allows for
>|
>| 1. Signing outgoing messages: This function is implemented in the
>|SMTP transport. It can co-e
Dňa 9. marca 2024 15:38:43 UTC používateľ Jeremy Harris via Exim-users
napísal:
>However, the text of the headers (and body) of the message used as input
>for the various hashes and signatures of the DKIM signing *is* the
>output of any transport filter (this adds significant coding and cpu
>ove
Ahoj,
Dňa Sat, 9 Mar 2024 15:38:43 + Jeremy Harris via Exim-users
napísal:
> However, the text of the headers (and body) of the message used as
> input for the various hashes and signatures of the DKIM signing *is*
> the output of any transport filter (this adds significant coding and
I wil
Dňa 10. marca 2024 14:36:16 UTC používateľ graeme vetterlein via Exim-users
napísal:
>So, taken together:
>
>1: Set /etc/mailname to "home"
>2: Set dc_other_hostnames=" ... home" and few similar names but NOT
>"mydomain.com"
>3: Set dc_readhost=mydomain.com and dc_hide_mailname=true
>
>So insid
Ahoj,
Dňa Sat, 16 Mar 2024 12:22:40 +0100 Hardy via Exim-users
napísal:
> what am I missing?
are you sure, that your version supports it?
exim -bP macro _ACL_COND_SEEN
_ACL_COND_SEEN=y
regards
--
Slavko
https://www.slavino.sk
pgpIk3_MbY735.pgp
Description: Digit??lny podpis OpenP
Dňa 17. 3. o 11:53 Hardy via Exim-users napísal(a):
Ich behaupte, Slavko via Exim-users behauptete am 17.03.24:
are you sure, that your version supports it?
exim -bP macro _ACL_COND_SEEN
_ACL_COND_SEEN=y
Errm.. no. I use the Debian distro package.
The previous output was from
Dňa 10. 3. o 14:31 Jeremy Harris via Exim-users napísal(a):
That matches my code-diving. You can't use (transport) header manipulation
results in the transport's dkim-control options (but the changed values
are what gets signed, if any such headers are included in the definition
for the signatu
Dňa 10. 4. o 8:28 Evgeniy Berdnikov via Exim-users napísal(a):
I've looked, but found no answer what's bad. Probably domain is hashed.
Maybe you want an explicit domain string?
The answer is in docs, search for details in add/remove headers, more
precise when they are removed/added.
I h
Dňa 29. 4. o 0:52 Jeremy Harris via Exim-users napísal(a):
accept set acl_m_tmp = \${certextract {subj_altname,dns}{\$$acl_arg2}}
please, can you explain me why the $ are escaped?
If i understand it correctly, the "\$$acl_arg2" part is about sending
variable name in acl_arg2, but the esca
Dňa 29. apríla 2024 11:48:18 UTC používateľ Jeremy Harris via Exim-users
napísal:
>So that they are not taken as expansion-markers on that line,
Ah, they are expanded later, many thanks
regards
--
Slavko
https://www.slavino.sk/
--
## subscription configuration (requires account):
## htt
Dňa 1. mája 2024 16:52:04 UTC používateľ halbtaxabo-jnq--- via Exim-users
napísal:
>DKIM_DOMAIN = ${lookup{$domain:$h_from:}lsearch{/etc/exim4/dkim/domainslist}}
lsearch lookup key in fike and returns its value, thus it expects:
key: value
The value can be empty, i guess that your file has
Dňa 2. mája 2024 9:19:43 UTC používateľ Jeremy Harris via Exim-users
napísal:
>On 02/05/2024 03:38, Thomas Krichel via Exim-users wrote:
>The From: header is distinct from the envelope-from in
>a message. SPF only cares about it for bounces (when the
>envelope-from is empty).
Are you sure with
Dňa 13. mája 2024 16:32:43 UTC používateľ francois via Exim-users
napísal:
>Debian has read access to the keys (public and private)
Debian??? Exim must have acess to read it.
>DKIM_DOMAIN = ${lc:${domain:$h_from:}}
This is only one dynamic setting, it can fail (be empty) in some
border cases,
Dňa 16. mája 2024 12:39:02 UTC používateľ Odhiambo Washington via Exim-users
napísal:
> I think you could do proxy authentication with a local instance of Dovecot
>running on your Exim server.
>https://fuerstnet.de/post/2021-07-30-proxy-imap-pop-smtp-using-dovecot-and-postfix/
Or do UDS -> soca
1 - 100 of 136 matches
Mail list logo
