logs archiveIRC Archive / Freenode / #exim / 2010 / May / 17 / 1
mtrg
Hi -- what options do I have, if I wanted to add additional SMTP commands, or modify eim's inbound SMTP connection handling?
simply, I need to add an additional SMTP command
I gues I would need to modify SMTP transport?
petemc
mtrg: the transports are for delivery, what kind of command do you need?
mtrg
petemc: for research porpose, I'd like to create a totally new smtp command
petemc: smtp_in should list it as an option during smtp conversation, and take the command along with its arguments into account and process it accordingly as I code later
petemc
perhaps you could do that with perl in the acls, if not you'll need to edit the exim source
mtrg
petemc: never used exim. are acls processed on emails stored in spool, or actively while the tcp connection is up?
petemc
during the smtp transaction
mtrg
petemc: basically, what I want is decrypting and validating the signiture based on arguments passed to a new command
petemc: so the perl script, needs to decrypt the mail, and then let it be stored in spool
for further processing (routing and delivering..etc)
petemc
the docs on exim.org are fairly complete, good luck!
mtrg
petemc: my Q is, is what I want possible through perl?
exim's use of perl in acls
         

petemc
i wouldnt have suggested it if i didnt think it was, tho im not sure which is why i added the clause
mtrg
petemc: i read some parts of the perl doc in exim
petemc: it says that perl is used in the string expantion process; which I am not sure how broad this is when it comes to exim
petemc
keep reading
mtrg
i am not sure if it is used in other places beside string expantion
petemc
it is
sobersabre
hi. I'm trying to setup exim with smarthost. it is using smarthost of MS Exchange type.
I'm getting "unroutable address".
phx
so you send all your mail through an msexchange, and you get all mails from the exchange?
sobersabre
basically this is what I want.
It is AD setup, small office. I thought the only thing I need to do is setup smarthost, user, password and it would work.
it isn't.
phx
that's not hard
sobersabre
well, I don't know where to look in the exchange why did it bounce the messages.
phx
but why aren't you doing it the other way around? it's not really smart to put exchange on the internet directly, most poeple usually put a smarthost in front of the exchange
sobersabre
and I'm not expecting MS people to listen on IRC.
phx
you're the first i hear doing it the other way around: storing mails on the exim, and using exchange as a smarthost
sobersabre
phx: I currently don't really understand you.
I know "SMTP", "MTA".
do you mean I should setup exim as the main mail exchanger for my external domain ?
phx
you're doing <inet> --- <exchange> -- <exim>, right? storing actual mails on the exim, and using exchange as a smarthost
sobersabre
nono.
I'm inside my intranet.
phx
people usually doing <inet> -- <smartohst> -- <exchange>, because they don't consider exchange safe enough to be put directly on inet
sobersabre
phx: do you say the regular exchange shipped with windows SBS 2008 needs tweaking to harden against some kinds of attacks ?
phx
ehh, s/some kinds/any/
first, it's content filter is not the usable kind. you need some decent virus+spam filtering next to it. by default it's openrelay.
petemc
you must be thinking of exchange 5.5
exchange 2008 isnt all bad
         

phx
i'm using 2003 right now
isn't that exchange 2010? iirc there's no 2008
petemc
exchange 2007, even
sobersabre
phx: apparently my exchange 2007 doesn't relay even my internal mail server. so it is NOT openrelay.
phx
yes, exchange has to be told the relaying subnets
sobersabre
phx: how ?
phx
*click* *click* *click* *click* *click*
sobersabre
(I'm really a blind kitten with with that one)
phx
it's somewhere there... :)
i can't tell it, but i can find it in a few minutes on this 2k3
sobersabre
I would be thankful and happy!!!
phx
sobersabre, anyway, could you do some illustrated description of your desired setup? i'm hardly getting what you'd like to achive
as illustrated, i mean a network topologhy diagram
sobersabre
ok. sorry, I have a small tech talk for 20 mins, so I will send a link to a picture to you only in ~30 mins. is this ok ?
phx
sure
i'll be in the office for a while
pro
phx, i read the doc's. I wouldnt say i know them 100% yet, but im understanding a lot better now. so Thank you.
phx
pro, you're welcome
is it working fine by now?
pro
yeah
well, it did
phx
did?
you messed it up right away? :)
pro
they called me yesterday and asked me to release them to the exchange
cause they redid the server so i allowed the exim to thaw them and deliver them
phx
and what went wrong?
pro
with exchange?
phx
anything
pro
no the exim worked, all the mails that came in for their domains got frozen in the queue, then when they fixed their exchange i did a exim -M $msgid's and then got delivered
then i reconfigured the exim to relay them again
so it all worked great
my next idea is to make a sql table that i can stick a domain name in and then it will freeze those mails till i release them
phx
only do that if you often have to do such things
otherwise it doesn't worth the effort, except for the lurning curve
pro
well most of my clients have an exchange server so i can see that happening often
phx
then i'd suggest putting the domain-mailserver forwarding table into an SQL, adding a colum indicating the freezing status
then you have everything at one hand, under control
pro
i also think i should set up a 'hub' where i point all my clients MX to, and then i'll deliver to them, cause then I can do all the antivirus and antispam and so on,
yeah, thats a better idea
phx
yes, that's the idea of a smarthost in a way
pro
like my one mailserver where I host mailboxes I have exim and for a front end im using postfix admin while i write my own
phx
we're doing that at my workplace, though we have just 1 exchange for storing the mail
pro
yeah, i have over 80 clients that have a linux box on their network, with an exchange server behind it,
and basically all i do is let exim accept the mails for their domain and then relay it to the exim ( it logs the stuff into mysql )
phx
i'm doing it with postgres
pro
and i block access to port 25, then set exim as the smarthost on exchange, and only allow relay from the excange
phx
yeah, that has to be done. i'm also blocking outgoing 25/tcp on the firewall, and the set my exim up as smarthost
actually it's a pair of exims, but that's a different thing
pro
ok
sorry was on the phone
mrec
hi, is there any way I can test greylisting support?
everytime our mailserver hits a server which supports greylisting the mail is just dropped
the configuration is set to deliver the mail again
the logfile says:
2010-05-17 13:12:34 1ODyFD-0000bl-NO Spool file 1ODyFD-0000bl-NO-D not found
I guess it has something to do with that one but I have no idea where I should look to fix up this issue
debug mode doesn't give much more information either
pro
mrec, why would it be in the queue?
mrec, do you understand what greylisting is?
phx
it has nothing to do about greylisting
mrec
pro: the mail should be delivered again after a few minutes
phx
for some reason your mail is lost and not written to the queue
but we gone over this a few times
mrec
but it's not queued
well I skeemed the config file and couldn't find anything
phx
pro, what do you think, where is the message till it's being retried?
pro
oh wait, i read it as your server is doing the greylisting, never mind then
mrec
the config file says it should redeliver the mail
phx
mrec, IT HAS NOTHING TO DO WITH GREYLISTING, YOU HAVE A NONWORKING QUEUE, PROBABLY A DISK OR FILESYSTEM ERROR
do you get that?
pro
as far as i know exim should just leave that mail in the queue until it retries
yeah, i understand that much
mrec
phx: how comes: 1. mails to normal servers work 2. why doesn't exim print more information about what's wrong even in debug mode?!
if I cannot check what's wrong how should I fix it? if I send the mail again manually it will simply be delivered ..
phx
mrec, because probably it's not exim's fault?
mrec
phx: well I need to have more information about where to fix it
phx
mrec, and when it's not greylisted, then it's also not queued
pro
is syslog bi**hing about the drive at all?
phx
try putting control = queue_only for other messages, then the message will put into the queue and delivered by a queuerunner
most probably you'll face the same issue
mrec
there's just /var/log/exim4/mainlog
phx
there's just your stupidity
mrec
phx: this mailserver was configured by someone else who left already
pro
what about manually going into the queue dir and putting some big files in there (stop exim first) and see if you get errors
mrec
left the company.
phx
you're blaming this on exim, you want to fix exim, but most probably this has nothing to do with exim
mrec
I'm blaming this on the configuration
phx
on exim's configuration, that is.
pro
mrec, i dont think its the configuration, unless the guy that set it up made the queue dir on a drive that doesnt exist
phx
pro, then exim wouldn't be able to write the queuefile, but exim is do able to write it
he's issue is, the queue file is writte, write() and close() are successful, but when exim wants to pick the queue file up, it disappears by that time
like something else is touching the queue, clearing it, the fs is corrupted or something strange
pro
yeah thats true too, maybe they have a script that is clearing out the spool every few mins
mrec
I have no idea about this...I see a backup configuration where virtual_localdelivery pointed to a spooldirectory
http://pastebin.com/btR1WQ6i
http://pastebin.com/J0pC0nff (this was the previous one as far as I can see)
pro
thats not your spool
or its not your queue dir
mrec, on the server type df -h
do any of them show 0 space let?
do any of them show 0 space left?
also try df -i and see if you have run out of inodes
mrec
this stuff is absolutely crap nothing else
now exim won't restart
phx
cool. google://how+to+ask
mrec
there's enough space free on that server
phx
neither of these are queues
mrec
aah
ALERT: exim paniclog /var/log/exim4/paniclog has non-zero size, mail system possibly broken failed!
that's nothing critical
phx
what's in paniclog? pastebin it
mrec
nothing critical I had a typo before restarting it the first time but I fixed it up immediately
after removing it it's gone again exim did start properly before
I think I found a problem
this entire debian exim configuration is sh*t
phx
agreed, in general :)
mrec
I wonder which crackhead defined the exim userid
it's spread over dozend files it seems
well ok it's starting again but what should I look for the issue is still unresolved
there's enough disk space available
phx
do it as queue_only, and after a 2xx response, verify it's really there
exim -bd -d+all, verify the path where it has been written to
mrec
I do not see anything unusual in that log output but it enters local delivery which always worked
just resending doesn't work
phx
control = queue_only, tod you
told
mrec
I wonder why it's so difficult to write a mailserver with an intuitive configuration :(
petemc
have a go at it and you'll see
exim is intuitive, its just very configurable which also translates to seemingly complex
phx
mrec, check openbsd's bsmtpd
petemc, may i ask whether you're just another admin out there, or any kind of developer of exim?
petemc
just an admin
im actually a manager, by trade..
mrec
phx: I have no idea where I should put control = queue_only somewhere to the ACLs ya but nothing happens
petemc
queue_only = yes , in main would work too, its just not very selective
mrec
I wonder why it didn't get picked up by something I added it to the local acls
phx
pete's suggestions is better, yes
mrec
ok after sending a mail the mail 1. did not arrive and it's not queued either now
phx
what happened to it? check logs
mrec
15:24:17 14765 SMTP>> 250 OK id=1OE0Ir-0003q9-Ec
but it's not there?
ah
2010-05-17 15:24:21 1OE0Ir-0003q9-Ec Spool file 1OE0Ir-0003q9-Ec-D not found
pro
mrec, check crontabs that there is nothing deleting the files
mrec
some more information from exim would be very very helpful but I don't see anything that might be related to it
pro
because its not exim
mrec
right I see that the file was there but is gone quickly
pro
mrec, stop exim, go into the queue dir and then type touch somefile
mrec
spamfilter I guess?
pro
then sit and wait and see if it gets removed
mrec
I tried that already
pro
and is something deleting it?
mrec
only the spoolfile
which comes from exim
I guess exim is triggering the spamfilter and the spamfilter is deleting it?
could that be?
1 2 next »