logs archiveIRC Archive / Freenode / #exim / 2009 / November / 26 / 1
henk
hm, strange... according to the docs 4.50 was the last version to add headers to a mail when using the message directive in a warn-acl. debian still seems to do that in 4.69 though.
phx
rewrite it to use add_header
i already told you you can never know with debian
henk
yeah, i know... but apart from switching to some bsd there is no good alternative to debian is there?!
hah, it was just moved to some other place in the docs after 4.50 it seems.
muffnerf
nothing [much] wrong with debian as such? you can always just over-write their 'funny' exim config (as i do :/)
henk
now it's here: http://www.exim.org/exim-html-4.69/doc/html/spec_html/ch40.html#SECTaddheadacl
while before it was explained with the acl verbs...
the split config is useful for working with puppet or other means of distributing config files.
imho
phx
for me it's a lot easier to work with a single configfile for exim
henk
you can do that in debian too if you like.
phx
i know
henk
http://paste.debian.net/52437/ does that setup make sense to you? 1. check for rDNS, add header and set variable if wrong, send message and delay 5 seconds. 2. check two blacklists independently of each other, add header and set resp. increase variable if listed, send a message and delay for 5s. any feedback appreciated.
         

phx
where is my coffeee
henk
pf, junkie :-p
phx
it's 8:25 in the bloody morning
henk
exactly! almost lunchtime...
time to be awake and jump around and tune exim configs :)
Jello_cm
Hello, question: Can I modify the file permissions of 'mainlog' ? The file-permissions are default 640 but I need at least 644. When I change it, it will be reverted to 640 after a day. Some suggestion ?
henk
Jello_cm: why do you need 644?
Jello_cm
because I have a small PHP script that reads the file, this script is called externally via Apache (GET-request), so the 'world'-permission. Since 640 doesn't give the 'world' read access, my script can't access the file
henk
but do you really want to give ALL users read access to your mail logs? because i for sure would never want that.
Jello_cm
well, the /var/log isn't accessable for the world, I mean: apache doesn't link to it, http requests are limited to the /var/www folder . Only my script need to have access to the file, unless I have a bug, they shouldn't be able to read the logs, I guess ?
henk
unless you have a bug? you just said you were using php!
:-p
Jello_cm
yes, you can have bugs with PHP lol
henk
i was rather thinking of other users on the server...
Jello_cm
no problem with that
only user on the server
henk
you HAVE bugs with php...
Jello_cm
vps
henk
ah ok...
well, the logfile is rotated and created newly every day.
Jello_cm
I known but I thought there was a setting for the default chmod, but I couldn't find it
henk
depending on your distribution that might be done by logrotate. it is in debian.
Jello_cm
it's debian yes
henk
look in /etc/logrotate.d/exim4-base
         

Jello_cm
wauw thanks, found it and changed it
quite logical
henk
argh, i'm pretty dumb, am i?
set acl_c_bl = ${if def:acl_c_bl { ${eval:$acl_c_bl+1} { 1 } } } this line seems to cause an error. why?
oh, i think i found it...
phx
could you please next time find it before asking? :)
henk
phx: i'll do my very best ;)
phx: you were talking about sender verification callouts. you really do a callout for every mail that's being delivered to you?
phx
yes, i do
though there could be some optimizations be done with this, i just don't have that much traffic that'd make any difference
petemc
some people consider that abuse
phx
those people should make this kind of checks unnecessary then
petemc
how would they do that?
phx
beating up all spammers and everyone on the world who are using non-existant sender addresses
yeah, that'd be the best
henk
mhm, iirc backscatter.org lists hosts doing callouts globally
phx
the only time i've met with such a blacklist when some spammer was sending using a sender address which's MX used such a blacklisting service
it was kinda funny
babilen
Hi all! Could you suggest a good exim4 tutorial?
phx
exim.org -> docs
the official documentation has everything there is to now about exim, just read that. tutorials will only mess you up
babilen
phx: I went there first after reading the channel topic. So there is *no* tutorial/introduction that you would suggest?
phx
http://exim.org/exim-html-current/doc/html/spec_html/index.html
and answering your question, yes, there is.
babilen
phx: Great reference manual, but I was looking for something lighter. Thanks for the pointer though :-D
muffnerf
+1 for the spec, u can also try the book ;)
http://www.uit.co.uk/exim-book
(Action) has a copy. it's defnitli a gentler introduction.
babilen
muffnerf: thanks. Anything else I might want to read on my journey?
phx: You said, "yes there is" would you share it with me?
phx
already did
muffnerf
babilen: nothing else i'm aware of
phx
you'll end up either ways at the offical docs
babilen
phx: Ah, i get it. Thanks!
Have a nice day...
henk
assuming i get a connection where the rDNS does not match, the helo is wrong and the host is in 2 blacklists: is it too aggressive to not accept mail from that server?
phx
deny it, and you'll see whether it was too strong or not :)
henk
:-p
another condition that throws an error: condition = ${if def:acl_c_bogus { ${if >={$acl_c_bogus}{4} {true}{false} } } {false} }
error is: invalid "condition" value " false "
do i have to quote the "false"?
do i need the check def:acl_c_bogus at all?
hm, quoting does not help either...
fishsponge
hey people - how do i find out where my exim is relaying all outgoing email through?
i know it's relaying through messagelabs, but i need to know where that setting is in the config...
phx
in the config
henk
phx: i'm pretty sure you have an equally useful hint for my problem above! :)
fishsponge
i know it's in the config... but i can't find it!
i'm looking in /etc/exim4/exim4.conf, but i cannot find the right lines...
phx
fishsponge, for message routing, check the.. uhh... routers?
fishsponge
is it supposed to be the "route_list =" line in the "dnslookup" router? if so, i have a strange problem.
ours is set to "route_list = * mail19.messagelabs.com" but a mail that was delivered came through a whole different messagelabs server...
henk
fishsponge: have you checked that hostname in the dns?
fishsponge
actually, more to the point... what does the "route_list=" line in the "dnslookup" router actually correspond to?
DNS isn't an issue here, mail19 looks up as the correct IP for mail19, but the email was delivered through mail184
anyway, both of those are wrong... what does the route_list line in the "dnslookup" router correspond to?
is that the smart host that all non-local mail is relayed through?
henk
fishsponge: check the dns...
fishsponge
i did check the DNS... as mentioned before...
henk
dig +short mail19.messagelabs.com
fishsponge
DNS isn't an issue here, mail19 looks up as the correct IP for mail19, but the email was delivered through mail184
henk
result?
fishsponge
result is the 3 IPs that correspond to mail19.messagelabs.com
henk
did you check the PTR records for those ips?
fishsponge
interestingly, they both lookup as the same damn IP. I wish messagelabs hadn't told me they were different servers!
so anyway... does the "route_list" line in the "dnslookup" router correspond to the smart host all external mail should be relayed through??
and if so, what does the * mean in our config: route_list = * mail19.messagelabs.com
henk
fishsponge: you could check the docs for route_list...
fishsponge
OK, i'm reading the docs, but i can't seem to find what the * means still...
ok... can you confirm that the * means send email for ALL domains through "mail19.messagelabs.com"?
that's my understanding...
is my understanding correct?
henk
yes, looks like it to me
fishsponge
thanks, henk...
just made the change, confirmed with messagelabs and all up and running...
henk
good :)
Guest28372
Hi, I want to setup DKIM for my exim 4.69 server. Can any one point me to a good tutorial. centos
adegtyarev
Guest28372: upgrade to the latest version - it is compiled in in a base distribution and much improved compared with 4.69.
Guest28372
adegtyarev: Is it better for DKIM or something?
adegtyarev
for something and for DKIM in particular
and as usual the best tutorial is spec.txt
jamesho
Just installed exim4 on Debian Lenny and trying to setup tls. Testing with swaks gives and error. I've googled and not been able to find any solution to this.
The error code is: <- 250-SIZE 52428800 <- 250-PIPELINING <- 250-STARTTLS <- 250 HELP -> STARTTLS *** Remote host closed connection unexpectedly.
I don't believe its a exim4 issue but some thing to do with tls / exim4 interaction.
« prev