logs archiveIRC Archive / Freenode / #exim / 2010 / February / 19 / 1
riot
hmm, my server allows anonymous users to connect via telnet and send mail to local accounts (even mailman lists!) with faked usernames..
which is quite.. stupid
what went wrong
CunningPike
riot: So, you have a mail server on the Internet that accepts connections from anyone on port 25 and relays mail to local accounts?
riot
CunningPike: no, it doesn't open relay, its halfopen :/
CunningPike
I didn't say open relay - I said relays to local accounts
riot
yes
CunningPike
My point is, that is exactly what MTAs are supposed to do
riot
a friend faked a mail under my name to a local maillist
something is wrong here.
tried with another mailsystem - didn't work
CunningPike
So, he sent a mail purporting to be from a local account?
riot
yes
         

CunningPike
Well, it sounds like you need some ACLs set to prevent that...
The sample exim.conf contains examples, I'm sure
riot
i wonder, why they are maybe i fscked up during my configuration. It was a clean debian config
which afaik doesn't allow that to happen
CunningPike
riot: Use 'exim -d -bh <ip_address>' to troubleshoot your ACLS
riot
hmhmm
i can't make out anything bad - or anything at all
EMPER0R
hi, i set 1MB to attach to level global, how can i accept 5MB example for @example.domain?
i mean message_size_limit = 1M how can i set condition to 5M if the mail came from @example.domain?
CunningPike
riot, EMPER0R: You both need to read up on how to write acls
EMPER0R
yea i guess i found it
is this correct ? just check me this line
example.com: 20M
exmaple.com: The largest acceptable message size for Example.com is\ ${expand:${lookup{$domain}lsearch*@{/etc/exim4/domain-size-limits}}}.\ Your message was $message_size.
CunningPike
As a line in exim.conf?
EMPER0R
yes just that
it's correct? right?
i found that here http://koivi.com/exim4-config/
justin_
hi all, is there a way to tell exim not to show the initial received from header? the IP of our office (we are a tech support operation, we do some in house support) is blacklisted because a PC brought in for repair sent out a few spam messages and its getting legitimate emails bounced
EMPER0R
uhmm can't make acl message_size_limit
uf need domain check to can pass more Mb
kinlo
hi, I can't seem to find the documentation on how to change the internal databases for exim. I would like to change the build-in database for rate-limit to some external mysql database, so I can have multiple exim servers that use the same ratelimiting... is this possible?
myforke
hello guys, I have a problem. Sometime forgot my exim the upstream hosts list. Have somebody something near it?
mhoran
Is there any way to defer on a per message instead of per host or recipient basis? And to set a specific defer retry time for that case?
Or something similar to defer that provides a means of delaying message delivery?
I have a router that pipes a message to an external program which writes to a database.
I need to forward the message on to a list of users once the external system has processed the message.
Normal defer doesn't work because it's per host, so each incoming message bumps the retry time further.
Well, I found http://bugs.exim.org/show_bug.cgi?id=212, which hasn't been addressed since at least 2002.
So if anyone else has ideas, your input would be appreciated!
Yeretik
Hi, i need to deny some messages filtering it for the subject, but i don't know how to do this... Any suggestion ?
« prev next »