Exim 4.60

jlasman said:
It may have some dependencies which will keep it from installing. If it does, be sure to not satisfy those dependencies or you could break a lot of other things.

Jeff
Click to expand...
thanks for the heads up. we'll wait for an official release from you for RH9
 
Ever since following the directions to upgrade to Exim 4.60 from 4.53, my clients have been having horrible troubles sending email (mostly to one another in the same domain). I downgraded to 4.54 but the problems persisted. As of now I've downgraded to 4.53 and I'm waiting to see what happens.

The problems are VERY hard to naildown. One person mailing a client of mine had problems emailing her, but yet emails me just fine. When they try to copy and paste the error message to send to me, it won't send. I was able to get this copy of an error message from one user:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

[email protected]
local delivery failed

The following text was generated during the delivery attempt:

------ [email protected] ------

An error was detected while processing a file of BSMTP input.
The error message was:

421 Lost incoming connection

The SMTP transaction started in line 0.
The error was detected in line 3.
0 previous messages were successfully processed.
The rest of the batch was abandoned.
421 Lost incoming connection
Transaction started in line 0
Error detected in line 3


Any ideas? This was an intermittent issue yesterday but however has appeared again periodically today and clients aren't happy.

Help!!
 
So far I've found that the issue lies between Exim and SpamAssassin. I have Exim 4.60 running right now just fine, but have had to disable SpamAssassin temporarily. By doing this, the above error messages have went away. I plan on reinstalling SpamAssassin and changing it's child spawning process to a higher number to see if that helps the issue.

For now though I'm left to run Exim without SA.
 
There's currently an ongoing thread on the problem on the exim-users list.

I hope that by tomorrow some time i'll have enough information to resolve it, but so far no concrete answers.

Thanks to the DA user who posted on the exim-users forum.

Jeff
 
That was me that posted the issue on there after not finding much concrete answer wise here on the forums. I figured I'd branch out a bit.

And yes the modemnet.net/spam page isn't working because I just made the exim change this weekend and haven't had a moment to sit down and put up one. I'm working on it now though. :)

Brad
 
I thought it might have been you, Brad, but I wasn't sure.

I'm glad you posted it.

I didn't because as you probably know (at least now after reading my replies) that I'm working on our next version already, which is going to use exiscan.

It's a major rewrite, and I'm hoping to get even more help than I've gotten so far.

Jeff
 
Definately keep me updated on the progress of that. I would gladly test it as I'm always looking to see where I could improve email protection wise. Now I'm curious to see what if anyone will figure out regarding how Exim is interacting with SpamAssassin. I'm not sure if S.A. is dropping the request from Exim or if Exim is having a problem communicating with S.A. to begin with.
 
Keep reading these forums and the exim-users list, and you'll see all my announcements :) .

I'm not sure where the problem is either, and we don't seem to be getting any help on the list, so I guess I'm back on my own :( .

Moving forward, though.

A beta-test announcement will be made once we've tested it here.

Jeff
 
Thanks for the info. One question just probing your mind. In your opinion based on what you've read about the issue thus far, is it something you think that is fixable inside the exim.conf file... or is it something that would actually require programming code changes in the exim binaries themselves?
 
Thanks, that gives me one less thing to worry over specifically, at least not for the moment anyway.
 
thanks to all the hard work from the guys on the exim.conf, no easy task I am sure. Although I am not having the problems mentioned I am sure it is appreciated and will be useful to avoid potential problems in the future for others.
 
Could you post about yoursetup? OS? Latest DirectAdmin? Your Exim.conf file? The proceedure you used to update to Exim 4.60 & SA 3.1?
 
Almost done

on my FreeBSD 5.3 I installed exim 4.60 and SpamAssassin 3.1.0 but not ClamAV. Is there some easy howto for ClamAV? Or better wait with the installation?
 
The How-Tos on these forums require the use of an external scanner; they were written before DA included exiscan in exim.

So I'd say if you can wait until the new exim.conf file is written.

Jeff
 
Clamav is so easy to setup on freebsd...
Just add this to exim.conf:
Code: 
av_scanner = clamd:/var/run/clamav/clamd

Check that the path to the daemon is correct in your clamd.conf.
 
Olivier,

That uses exiscan built into Exim.

But it doens't include the ACL information.

Is that all you've done?

What does it do with the viruses?

Jeff
 
That's true, you need an ACL part, I forgot about that. I did paste one of my exim.conf in another thread last year, but here is what I use for ACL.

Where you call the acl routines, I have added this:


Code: 
acl_smtp_mime = check_mime
acl_smtp_data = check_message

and the routines are like this:
Code: 
check_mime:
  # Decode MIME parts to disk. This will support virus scanners later.
  warn decode = default

  # File extension filtering.
  deny message = This message contains an attachment of a type which we do not accept
  condition = ${if match \
              {${lc:$mime_filename}} \
              {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com|.vbs)$\N} \^M
              {1}{0}}

  # CLSID attack filtering
  deny message = Hiding of file extensions(CLSID hidden) is not allowed
  condition = ${if match {$mime_filename}\
              {\N\{[a-hA-H0-9-]{25,}\}\N}{1}{0}}^M

  # Finally accept all other messages that have
  # made it to this point
  accept
check_message:
  # Reject virus infected messages.
  deny message = This message contains a virus or other harmful content ($malware_name)
  malware = *

  warn message = X-Antivirus-Scanner: Scanned with Exiscan. You should still use an antivirus.
  accept

With this config, viruses are not accepted by the mail system.
You get this in your logs:
Code: 
rejected during MIME ACL checks: Hiding of file extensions(CLSID hidden) is not allowed
or this:
Code: 
rejected after DATA: This message contains a virus or other harmful content (Worm.Mytob.IC)
 
Last edited:
Looks much better now :) .

Code similar to this will be in the next version of the Spamblocker exim.conf file, now in work.

Jeff
 
You must log in or register to reply here.
Back
Top