logs archiveIRC Archive / Freenode / #exim / 2010 / March / 3 / 1
thenthenio
Hello!
For some unqnown reason my exim4 MTA stopped working this morning....
I can see there are many mails waiting to be dispatched (mailq) but they sleep there!!!
Can you please help me finding what happened?
petemc
thenthenio: check the log
thenthenio
petemc: k
lau
hello, how to change email dest before sending email with exim4 2.69 ? where to look documentation to do that ?
petemc
what do you mean?
henk
exim4 2.69?
let me guess: ubuntu user.
lau
hello petemc, echo "test mail" | mail -s "testing exim redirect" foo@foo.tld to be redirected to bar@bar.tld
henk, 4.69-2
henk
lau: is that a 'yes'?
:-p
petemc
lau: a very simple router could do that
foo:\n driver = redirect\n domains = foo.tld\n local_parts = foo\n data = bar@bar.tld
that does exactly what you ask, and no more
         

lau
henk: yes
petemc: i created a new file in /etc/exim4/conf.d/router/910-my-test-conf
I restarted exim4 but I still get the mail to foo@foo.tld and nothing at bar@bar.tld
henk
hrhr, funny...
petemc
the routers are processed in the order they appear in the config
lau: so your router may not be called due to its position, try a smaller number
lau
petemc: is this right http://dpaste.com/167267/ ?
petemc
looks fine
you can test with exim -d -bt myname@foo.tld
lau
i tested with the file in the second position (i.e just after "begin router")
but the mail still go to first address
petemc
use -bt
lau
myname@foo.tld and hername@bar.tld are both non local_domains thus they are treated as remote delivery right ?
thus the router is never check for that two addresses?
petemc
why do you think that
?
lau
i think once the myname@foo.tld message is accepted by exim omes to exim
oups
i think once the myname@foo.tld message is accepted by exim, it starts the router conf
first the dnslookup: stuff
with no_more
since myname@foo.tld is not a local domain the router part with redirect is not reach
am i right ?
are we ok with the fact that I want that all emails __to__ myname@foo.tld
be redirected __to__ hername@bar.tld ?
not _from_ ?
mybe I should set the splited conf files settings ?
petemc
do you think that would help
?
you seem a bit unclear on a few things
lau
petemc: thx for your time
it's working
petemc
oh, good
np
lau
my general exim4 conf was not properly set
thx for your router definition :)
petemc
no bother
lau
is '*' a wild card for router domain definitions ? http://dpaste.com/167279/
petemc
no
just leave the domains clause out, it will match all domains
and dont name the router *
lau
something like http://dpaste.com/167283/
petemc
with a name for that router, it should work to deliver all mail to those addresses
i havent tried multiple email addresses in data myself
test it#
lau
thus i modified the exim conf file like this
:
data = name1@bar.tld
sorry
:
driver = redirect
data = name1@bar.tld
no names for the router juste ':'
and all the emails are routed to name1@bar.tld
concatenation of emails addresses in data does not work :( or I am not using the right concatenator char
         

petemc
lau: you need to give the router a name
Nova_Logic
hi
cannonball
good morning
Nova_Logic
hi
is there any way to debug auth on exim if I use dovecot for smtp auth?
cannonball
I've never had to debug an auth statement, so I'm not sure. What is or isn't working? Are you the same one asking about Dovecot on the mailing list?
Nova_Logic
no
i have trouble with cram-md5 auth
passwords are in mysql db
dovecot smtp auth working perfectly for methods PLAIN and login
but not for cram-md5
cannonball
which version of dovecot?
If using Dovecot authentication with Exim, note that Exim will abort if authenticating against Dovecot 2.0. See this post: http://dovecot.org/list/dovecot/2010-January/046281.html
Nova_Logic
dovecot 1.0.7
cannonball
However, it sounds like you're ok since PLAIN and LOGIN work.
Nova_Logic
in dovecot.conf i have auth_debug=yes
but it seems that this work only for pop3/imap auth
not if i want debug auth from exim
cannonball
BRB
Nova_Logic
and i don't want debug auth with strace:) it's like to try kill fly with atom bomb
Simon-
exim -d -bh 127.0.0.1
cannonball
Nova_Logic: Have you looked through this thread? They give an example of how they have it set up: http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg704389.html
beber
Hi,
I'm getting troubles with an exim router
Nova_Logic
<cannonball> thx 4 link
beber
that is configured to strip local_part via "local_part_suffix = +*",
then, the transport if forwarding mail with a RCPT TO: without the suffix
how can I fix this ?
cannonball
Nova_Logic: There's a couple of useful messages at the bottom of this page too: http://old.nabble.com/Dovecot-CRAM-MD5---DIGEST-MD5-td18342176.html
beber: I don't do any of the suffix stuff, just plain user@domain.com, so this may be dumb. What situation exists that you have to strip it? Can you just stop stripping the suffix?
beber
I don't what it to be stripped
But I see that exim use a bad RCPT TO when forwarding to another smtp
i have a mail to bla+foo@dom.com received as input
exim forward it to another smtp (via a SQL request to get nexthop)
and RCPT TO: bla@dom.com
so, not use correctly by the second server
petemc
exim does what you tell it to do
beber
why is it deleting +foo ?
petemc
run the address testing in debug mode
-d -bt
beber
envelope to: is correct
maybe should I look in another place ?
petemc
did you read the whole output of running the address in debug testing mode?
beber
yes
routed by mysql_user router
envelope to: bla+foo@dom
transport: internal
..
petemc
so wheres the problem?
beber
when I tcpdump, I can see that the RCPT TO emited by exim is just bla@dom
rcpt_include_affixes fix that
petemc
all fixed, then?
ctuininga
Hey all - just upgraded my Debian box and Exim went from 4.63 to 4.69. Yes ... I *am* using the split configuration, but I'm hoping folks might be able to help me anyway. ;) The issue is that since the upgrade, mail clients that were behaving perfectly normal before are now suddenly trying to send commands to Exim before the initial 220 banner gets sent, leading to 'MTP protocol synchronization error (input sent without waiting for greeting): rejected c
It's from a variety of mail client software ... Thunderbird, Evolution, even some Outllook clients...
henk
imho that's rather a client issue...
ctuininga
It does seem like one, definitely. The thing is that there were none of these problems before I upgraded exim. :/ Now suddenly all my customers are reporting this problem ... except to make it fun, I can't reproduce it myself. (And all my customers are remote, of course)
henk
hm interesting...
hagedorn
hi, is there a passibility to show the route and transport which will use a mail ?
petemc
exim -bt foo
hagedorn
thank you :)
cannonball
ctuininga: Probably because you're in the relay_from_hosts or whatever Debian calls it.
ctuininga
cannonball: Good thought, but no. There are no relay_from_hosts set.
cannonball
Can you find 'pipelining_advertise_hosts' in your configs? What's it set to? What determines how it is set?
ctuininga
I actually realized that I had forgotten to copy over the "tls_on_connect = 465" setting
cannonball
Could be that it's set to some value that is allowing you to pipeline commands but not them (their IP's).
ctuininga
I can't find a setting like that in the config anywhere... (did a grep -ri)
cannonball
So it was the clients issuing a STARTTLS command? Or was it that they were not issuing a STARTTLS command and you hadn't told exim to expect TLS on that port?
ctuininga
The problem now seems to be a lot of errors that look like:
TLS error on connection from [XX.XX.XX.XX] (gnutls_handshake): A TLS packet with unexpected length was received.
cannonball: That's kinda what I'm assuming
cannonball
ctuininga: are you using libpam-ldap for your authentication?
ctuininga
Nope
cannonball
Are you setting tls_try_verify_hosts ?
Do you have smtp_enforce_sync or control = no_enforce_sync set anywhere in your config?
http://www.debian-administration.org/users/dkg/weblog/42
Basically, check to see if your self signed cert is built using md5. If yes, convert it (re-issue it to yourself) to sha1.
If I am understanding that correctly....
ctuininga
Hmmm - I am using the default tls_try_verify_hosts of '*' ....
no enforce_sync settings are on...
And I'm using a "valid" server cert (from geotrust)
(iow, not a self-signed)
cannonball
http://lists.exim.org/lurker/message/20090616.115533.6230bc37.en.html
ah, ok.
ctuininga
Let me try turning of tls_try_verify ... I don't have any client certs (nor am I likely to) so if that does the trick, I'd be content. :)
djce
(Action) suspects entropy exhaustion
ctuininga
djce: I checked ... entropy isn't huge, but it is consistently at over 300...
Is that not enough?
djce
hmm. I /think/ that's fine, it's been a while since I had that problem.
ctuininga
What could I do about it if that *was* the problem? :/
djce
I forget, but you'll find lots of google hits about it.
ctuininga
K
djce: You might be on to something ... I'm watching it now and it's dipping down into the low 100s...
cannonball
Aren't you supposed to used /dev/urandom instead of /dev/random? (One of them is non-blocking, but would have to google to see which one).
djce
top google hit for "gnutls_handshake A TLS packet with unexpected length was received" seems relevant, maybe
but tricky if you can't replicate it.
ctuininga
Yikes - with a suggestion of symlinking /dev/random to /dev/urandom?
cannonball
One quick way to test. make urandom a symlink to random :-/
errr, I said it backwards. What you said.
ctuininga
I found one article that suggested adding rng-tools but to set the source device as /dev/urandom ... it doesn't seem to be as effective as claimed in the article honestly.
Ahh - set the feed interval to 1 and now I'm swimming in entropy. :)
Now for the real question ... will that fix the issue. :)
Doh ... the answer is no.
Time to try the tls_try_verify hack I guess. :/
Lo and behold!
I don't like it, but that did the trick.
cannonball
Will have to file that little bit of trivia into someplace useful.
« prev