Hello,
I would like to request some comment from Exim experts regarding an
issue that cropped up with my email delivery on Friday 9 January 2004.
I would like to ask whether a change I made to an Exim filter actually
fixed a problem or whether it is coincidence. (I am an Exim novice)
The problem:
I have webhosting and email service though a provider that runs a
Linux platform. Late last year when the bogus Microsoft Service Patch
emails were coming 50 to the hour, the webhost's tech support set up
an Exim filter for me to kill those messages:
------------
# Exim filter
if $header_X-Spam-Status: contains "MICROSOFT_EXECUTABLE"
then
seen finish
endif
-------------
This worked great until Friday 9 January 2004. My email simply
stopped coming after noon California time. The webhost's tech support
was inexplicably out and they don't work weekends so I've been forced
to fend for myself. This was not a connection issue. I could get to
the POP3 server, I had webmail access and IMAP access. Just no mails
were getting through. I could send just fine. The webhosting
component of my service was never affected by any of this - only the
email reception.
Late in the evening I began receiving a small number of emails. BUT,
the dozens of test messages I had sent to myself, listserv email from
other Yahoo!Groups that I know was sent, and mail other from regular
known correspondents did not (and have not) made it through.
From the sender's side, there have been no errors, bounces,
mailer-daemon complaints, etc. I sent some messages through a mail -v
command from a Unix box and the connections were made/terminated
gracefully although the messages themselves never appeared.
So, it appears that several hours worth of mail are backed up in a
queue somewhere or have been diverted to oblivion. At that point, I
thought that maybe the Exim filter had something to do with it
although I have no idea why it would begin behaving differently all of
a sudden.
The Exim question:
More or less out of desperation, I thought to check some Exim websites
in order to try to setup a .forward functionality. Rationale: If the
connection is made to the mail server, divert it to a known working
address. Turns out this is very easy to do.
I commented out the MS Executable test and added a line to send a copy of
any message to my email to an emergency email account:
My filter file now looks like:
--------------
# Exim filter
# if $header_X-Spam-Status: contains "MICROSOFT_EXECUTABLE"
# then
# seen finish
# endif
# Forwarding copy of all email to backup account
unseen deliver <backup email address>
---------------
The Current Status and my questions:
I now seem to be getting emails at my regular address with a cc to the
backup address. Was this due to the Exim tweak above or did something
magical happen at the same time? I realize that correlation is NOT
causality and don't want to lull myself into thinking that all is well
again.
And, if it was due to the tweak, why would the match on the
X-Spam-Status header begin behaving differently?
The host uses Spam Assassin but I don't know if that is before Exim's
filtering or after.
Finally, is there any chance that those unreceived emails are in some
kind of limbo and will show up eventually?
Thanks for reading through this long post and I look forward to any
comments or suggestions.
Sincerely,
Ravi Narasimhan
http://www.rettacs.org
