Exim 4.93 has been released

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,005
Hello,

Exim 4.93 has been released, info here:

Note that this release requires Makefile changes to:
  1. Include
    Code:
    USE_OPENSSL=yes
  2. Append
    Code:
    -std=gnu99
    to the CFLAGS
CustomBuild 2.0 will do this for you.
To update:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build exim
Note, CustomBuild 1.2 and older (which should not be using) will not do this for you, and you'd need to use custombuild/custom/exim/Makefile to set it up manually.

John
 

wattie

Verified User
Joined
May 31, 2008
Messages
1,082
Location
Bulgaria
On FreeBSD 11.3 I got this issue after building Exim:

Code:
...
Exim 4.93 Installed.
Restarting exim.
Shutting down exim:     [ OK ]
Starting exim:          [ OK ]
Downloading             s-nail-14.9.15.tar.gz...
/usr/local/directadmin/custombuild/s-nail-14.9        1011 kB 1348 kBps    01s
Found /usr/local/directadmin/custombuild/s-nail-14.9.15.tar.gz
Extracting ...
Done.
Making s-nail...
LC_ALL=C: Command not found.
export: Command not found.
if: Expression Syntax.
then: Command not found.
*** Error code 1

Stop.
make: stopped in /usr/local/directadmin/custombuild/s-nail-14.9.15
 

Tazmanian79

Verified User
Joined
Jul 24, 2010
Messages
88
I have done this update but mails keep stuck in the queue.

All mails are showing these errors:

Code:
2019-12-10 09:41:06 Received from planning@eutram.com H=(SAMCLOUD01.samandar.be) [185.2.54.141] P=esmtpa A=login:planning@eutram.com S=135997 T="ETM - Transportopdracht 193687"
2019-12-10 09:41:07 H=howel-nl.mail.protection.outlook.com [104.47.6.36] Broken pipe
2019-12-10 09:41:07 H=howel-nl.mail.protection.outlook.com [104.47.4.36] Broken pipe
2019-12-10 09:41:07 H=aspmx.l.google.com [172.217.218.27] Broken pipe
2019-12-10 09:41:07 H=alt1.aspmx.l.google.com [172.253.118.27] Broken pipe
2019-12-10 09:41:07 H=alt2.aspmx.l.google.com [108.177.97.27] Broken pipe
2019-12-10 09:41:07 H=aspmx2.googlemail.com [172.253.118.26] Broken pipe
2019-12-10 09:41:07 weltens-holten@howel.nl R=lookuphost T=remote_smtp defer (32): Broken pipe
2019-12-10 09:41:07 planning@eutram.com R=lookuphost T=remote_smtp defer (32): Broken pipe
2019-12-10 09:42:37 H=howel-nl.mail.protection.outlook.com [104.47.4.36] Broken pipe
2019-12-10 09:42:37 H=howel-nl.mail.protection.outlook.com [104.47.5.36] Broken pipe
2019-12-10 09:42:37 H=aspmx.l.google.com [172.217.218.27] Broken pipe
2019-12-10 09:42:37 H=alt1.aspmx.l.google.com [172.253.118.27] Broken pipe
2019-12-10 09:42:37 H=alt2.aspmx.l.google.com [108.177.97.27] Broken pipe
2019-12-10 09:42:37 H=aspmx2.googlemail.com [172.253.118.26] Broken pipe
2019-12-10 09:42:37 weltens-holten@howel.nl R=lookuphost T=remote_smtp defer (32): Broken pipe
2019-12-10 09:42:37 planning@eutram.com R=lookuphost T=remote_smtp defer (32): Broken pipe

EDIT: support of my host has downgraded to Exim 4.92 which solved the problem.
Waiting for info about how this problem can be solved so I can upgrade again to 4.93
 
Last edited:

Marwen

Verified User
Joined
Nov 7, 2003
Messages
145
Location
germany
Hi.
After Upgrade from 4.92 to 4.93 we have many SPF fails.
"550-Please see http://www.open-spf.org"

ALL Sender Server has SPFs.
Settings like "mx"
If the sender has only one MX everything is ok and the mail will delivered.
Has the sender 2 or more mx and send over the different mx so exim make fails and block with
"SPF: IP is not allowed to send mail from "domain" Please see http://www.open-spf.org/Why?

Perhaps a bug ?
 

bdacus01

Verified User
Joined
Jul 22, 2017
Messages
676
Location
Murfreesboro
On FreeBSD 11.3 I got this issue after building Exim:

Code:
...
Exim 4.93 Installed.
Restarting exim.
Shutting down exim:     [ OK ]
Starting exim:          [ OK ]
Downloading             s-nail-14.9.15.tar.gz...
/usr/local/directadmin/custombuild/s-nail-14.9        1011 kB 1348 kBps    01s
Found /usr/local/directadmin/custombuild/s-nail-14.9.15.tar.gz
Extracting ...
Done.
Making s-nail...
LC_ALL=C: Command not found.
export: Command not found.
if: Expression Syntax.
then: Command not found.
*** Error code 1

Stop.

make: stopped in /usr/local/directadmin/custombuild/s-nail-14.9.15
looks like s-nail. Wonder could it be that
 

dkzr

Verified User
Joined
Oct 17, 2013
Messages
59
Location
The Netherlands
Hi.
After Upgrade from 4.92 to 4.93 we have many SPF fails.
"550-Please see http://www.open-spf.org"

ALL Sender Server has SPFs.
Settings like "mx"
If the sender has only one MX everything is ok and the mail will delivered.
Has the sender 2 or more mx and send over the different mx so exim make fails and block with
"SPF: IP is not allowed to send mail from "domain" Please see http://www.open-spf.org/Why?

Perhaps a bug ?
Maybe this can be the cause?

https://git.exim.org/exim.git/blob_plain/885bb037cb791e057de2105bb3790c6135914c62:/doc/doc-txt/NewStuff point 10:
10. The spf lookup now supports IPv6.
 

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
9,005
SPF: Also confirm that exim is compiled with SPF support, eg:
Code:
 exim -bV | grep 'Support for:'
Support for: crypteq IPv6 Perl OpenSSL move_frozen_messages Content_Scanning DKIM DNSSEC Event OCSP PRDR SPF Experimental_SRS
looking for SPF in the output.

Just tested again, and incoming SPF checks are working on our live test box.
Not too sure how the IPv6 would be affecting it, but you can manually test the lookup with:
Code:
dig TXT domain.com
to see what it shows. It should contain either the ipv4 or ipv6 in question.. but if it shows "a" or "mx" or "include", then you'd do lookups on those values.. so "a" would be
Code:
dig A domain.com
and MX would be:
Code:
dig MX domain.com
followed by the lookup on the MX result. Also try "dig AAAA domain.com" lookups on the values to see if it works.. wondering if something weird setup with the domains TXT spf regarding AAAA only shows itself now that exim is working? I'm not too sure.

s-nail: I Believe this is the basic "mail" command the some CB scripts use to send notices, like the daily update notices, when available. Pretty sure it's not critical for exim to operate, but I'll look into why it's having compile issues on FreeBSD.

John
 

nmb

Verified User
Joined
Sep 13, 2008
Messages
213
Still got problem with SPF with CB2 rev 2315. What I did is send an email to "check-auth@verifier.port25.com" which is the email testing service. It will normally email back the result. With this update, no result comes back. But if I downgrade to 4.92, this work fine.

Log is below :

2019-12-11 08:44:37 SPFCheck: 34.209.113.130 is not allowed to send mail from verifier.port25.com: Please see http://www.open-spf.org/Why?id=auth-results@verifier.port25.com&ip=34.209.113.130&receiver=xxx.xxx.com : Reason: mechanism
2019-12-11 08:44:37 H=verifier.port25.com [34.209.113.130] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<auth-results@verifier.port25.com> rejected RCPT <xxx@xxx.com>: SPF: 34.209.113.130 is not allowed to send mail from verifier.port25.com: Please see http://www.open-spf.org/Why?id=auth-results@verifier.port25.com&ip=34.209.113.130&receiver=xxx.xxx.com : Reason: mechanism
 

Marwen

Verified User
Joined
Nov 7, 2003
Messages
145
Location
germany
Still got problem with SPF with CB2 rev 2315. What I did is send an email to "check-auth@verifier.port25.com" which is the email testing service. It will normally email back the result. With this update, no result comes back. But if I downgrade to 4.92, this work fine.

Log is below :

2019-12-11 08:44:37 SPFCheck: 34.209.113.130 is not allowed to send mail from verifier.port25.com: Please see http://www.open-spf.org/Why?id=auth-results@verifier.port25.com&ip=34.209.113.130&receiver=xxx.xxx.com : Reason: mechanism
2019-12-11 08:44:37 H=verifier.port25.com [34.209.113.130] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<auth-results@verifier.port25.com> rejected RCPT <xxx@xxx.com>: SPF: 34.209.113.130 is not allowed to send mail from verifier.port25.com: Please see http://www.open-spf.org/Why?id=auth-results@verifier.port25.com&ip=34.209.113.130&receiver=xxx.xxx.com : Reason: mechanism
The same symtoms we had here with the 4.93 Exim version. With the Exim 4.92 everything works again.

For several customers who had 2 or more MX, it looked like only the last MX was detected. The other two reported the IP xxxx is not allowed to send mail from "domain name" Please see http://www.open-spf.org
 

ViAdCk

Verified User
Joined
Feb 14, 2005
Messages
271
I have done this update but mails keep stuck in the queue.

All mails are showing these errors:

Code:
2019-12-10 09:41:06 Received from planning@eutram.com H=(SAMCLOUD01.samandar.be) [185.2.54.141] P=esmtpa A=login:planning@eutram.com S=135997 T="ETM - Transportopdracht 193687"
2019-12-10 09:41:07 H=howel-nl.mail.protection.outlook.com [104.47.6.36] Broken pipe
2019-12-10 09:41:07 H=howel-nl.mail.protection.outlook.com [104.47.4.36] Broken pipe
2019-12-10 09:41:07 H=aspmx.l.google.com [172.217.218.27] Broken pipe
2019-12-10 09:41:07 H=alt1.aspmx.l.google.com [172.253.118.27] Broken pipe
2019-12-10 09:41:07 H=alt2.aspmx.l.google.com [108.177.97.27] Broken pipe
2019-12-10 09:41:07 H=aspmx2.googlemail.com [172.253.118.26] Broken pipe
2019-12-10 09:41:07 weltens-holten@howel.nl R=lookuphost T=remote_smtp defer (32): Broken pipe
2019-12-10 09:41:07 planning@eutram.com R=lookuphost T=remote_smtp defer (32): Broken pipe
2019-12-10 09:42:37 H=howel-nl.mail.protection.outlook.com [104.47.4.36] Broken pipe
2019-12-10 09:42:37 H=howel-nl.mail.protection.outlook.com [104.47.5.36] Broken pipe
2019-12-10 09:42:37 H=aspmx.l.google.com [172.217.218.27] Broken pipe
2019-12-10 09:42:37 H=alt1.aspmx.l.google.com [172.253.118.27] Broken pipe
2019-12-10 09:42:37 H=alt2.aspmx.l.google.com [108.177.97.27] Broken pipe
2019-12-10 09:42:37 H=aspmx2.googlemail.com [172.253.118.26] Broken pipe
2019-12-10 09:42:37 weltens-holten@howel.nl R=lookuphost T=remote_smtp defer (32): Broken pipe
2019-12-10 09:42:37 planning@eutram.com R=lookuphost T=remote_smtp defer (32): Broken pipe

EDIT: support of my host has downgraded to Exim 4.92 which solved the problem.
Waiting for info about how this problem can be solved so I can upgrade again to 4.93
Same issue here, we are downgrading to exim 4.92 on the affected systems.

Any fix for these issues?
 

dkzr

Verified User
Joined
Oct 17, 2013
Messages
59
Location
The Netherlands
The same symtoms we had here with the 4.93 Exim version. With the Exim 4.92 everything works again.
Can confirm Marwen using the same auth-results@verifier.port25.com service. I get the IPv6 ip error. SPF settings of verifier.port25.com seem to be ok?

Logfile:
Code:
2019-12-11 10:26:18 SPFCheck: 2600:1f14:a73:9b01:d769:5be1:de28:5251 is not allowed to send mail from verifier.port25.com: Please see http://www.open-spf.org/Why?id=auth-results%40verifier.port25.com&ip=2600%3a1f14%3aa73%3a9b01%3ad769%3a5be1%3ade28%3a5251&receiver=<snip> : Reason: mechanism
Code:
$ dig +short txt verifier.port25.com
"v=spf1 a -all"

$ dig +short a verifier.port25.com
34.209.113.130

$ dig +short aaaa verifier.port25.com
2600:1f14:a73:9b01:d769:5be1:de28:5251
Downgrading to exim 4.92 does not generate this error.
 

sneer

Verified User
Joined
Jan 31, 2005
Messages
11
Location
Warsaw / Poland
For me there is the same issue with email messages being rejected by SPF mechanism. After downgrading do 4.92 issue is resolved, but it is no real solution.
 

Wanabo

Verified User
Joined
Jan 19, 2013
Messages
182
SPF: Also confirm that exim is compiled with SPF support, eg:
Code:
 exim -bV | grep 'Support for:'
Support for: crypteq IPv6 Perl OpenSSL move_frozen_messages Content_Scanning DKIM DNSSEC Event OCSP PRDR SPF Experimental_SRS
looking for SPF in the output.

John
I've got:
Apache config:
]# exim -bV | grep 'Support for:'
Support for: crypteq IPv6 Perl OpenSSL move_frozen_messages Content_Scanning DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open Experimental_SRS
2019-12-12 16:03:34 cwd=/root 2 args: exim -bV
No SPF support!
My system:
Centos 7.7.1908
CB 2317

exim -bV
Exim version 4.92.3 #5 built 05-Oct-2019 22:39:59
Copyright (c) University of Cambridge, 1995 - 2018
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2018
Berkeley DB: Berkeley DB 5.3.21: (May 11, 2012)
Support for: crypteq IPv6 Perl OpenSSL move_frozen_messages Content_Scanning DKIM DNSSEC Event OCSP PRDR TCP_Fast_Open Experimental_SRS
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb
Authenticators: cram_md5 dovecot plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Malware: f-protd f-prot6d drweb aveserver fsecure kavdaemon sophie clamd mksd avast sock cmdline
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
2019-12-12 16:38:47 cwd=/etc 2 args: exim -bV
Configuration file is /etc/exim.conf

Do I need to do/fix something? I have no mail que or 550 messages.

Edit: As I am reading my own post I am surprised to see I have exim 4.92. I followed the build instructions in the opening post to the letter a couple of days earlier.
 
Last edited:
Top