I would just like to say thank you to you all for helping me get my emails
back on track it must have helped as the people that were not receiving them
are now Thank you very much
>From: exim-users-request@???
>Reply-To: exim-users@???
>To: exim-users@???
>Subject: Exim-users Digest, Vol 21, Issue 11
>Date: Tue, 07 Feb 2006 20:55:50 +0000
>
>Send Exim-users mailing list submissions to
> exim-users@???
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://www.exim.org/mailman/listinfo/exim-users
>or, via email, send a message with subject or body 'help' to
> exim-users-request@???
>
>You can reach the person managing the list at
> exim-users-owner@???
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of Exim-users digest..."
>Today's Topics:
>
> 1. Re: STARTTLS before EHLO? (Jakob Hirsch)
> 2. Re: STARTTLS before EHLO? (Marc Sherman)
> 3. Re: STARTTLS before EHLO? (Heiko Schlittermann)
> 4. exim listens on http port (Juhasz Peter Karoly)
> 5. Re: exim listens on http port (Peter Bowyer)
> 6. Re: exim listens on http port (John Jetmore)
> 7. Re: exim listens on http port (Tim Jackson)
> 8. Acl to help prevent spam from insecure php mail forms (Terry)
> 9. Re: STARTTLS before EHLO? (Jakob Hirsch)
> 10. Re: Acl to help prevent spam from insecure php mail forms
> (Stephen Gran)
> 11. Re: exim listens on http port (Patrick Boutilier)
> 12. Re: Acl to help prevent spam from insecure php mail forms
> (Steven Wayne)
> 13. Re: eximstats - counting "=>" but not "->" (Karl Fischer)
> 14. Exim has stopped sending email (Mike Jones)
> 15. Re: Exim has stopped sending email (Marc Sherman)
> 16. RE: Exim has stopped sending email (Mike Jones)
> 17. Re: exim listens on http port (Philip Hazel)
> 18. Re: smtp authorization test via telnet? (meburke@???)
> 19. sophos puremessage (Kendall Libby)
> 20. Re: Re: smtp authorization test via telnet? (Jakob Hirsch)
> 21. Remote Domains Not Supported (Jason Johnson)
> 22. problem with authentication and virtual users (R. S?nchez)
> 23. Re: Remote Domains Not Supported (Marc Sherman)
> 24. Re: local_part and original_domain empty in smtp_data ACL
> (Stian Jordet)
> 25. Re: local_part and original_domain empty in smtp_data ACL
> (Marc Sherman)
> 26. Re: exim listens on http port (Juhasz Peter Karoly)
> 27. Re: STARTTLS before EHLO? (W B Hacker)
> 28. Re: eximstats - counting "=>" but not "->" (Karl Fischer)
>From: "Jakob Hirsch" <jh@???>
>Reply-To: exim-users@???
>To: "exim-users" <exim-users@???>
>Subject: Re: [exim] STARTTLS before EHLO?
>Date: Tue, 7 Feb 2006 13:28:36 +0100 (CET)
>Heiko Schlittermann wrote:
>
> > should exim support receiving a STARTTLS *before* receiving an EHLO?
>
>no.
>Well, it wouldn't hurt (just like allowing AUTH before EHLO), but why? No
>proper client would do it.
>
> > openssl s_client -connect ssl.schlittermann.de:25 -starttls smtp
> > 503 STARTTLS command used when not advertised..
>
>Which openssl version is this? 0.9.7f (on FC4) sends "EHLO some.host.name"
>before STARTTLS.
>
> > Is this (exims) behaviour just a missing feature oder standard/RFC
> > compliance? (a short look into RFC2487 just showed me an example with
> > connect -> EHLO -> STARTTLS, but no hint if this is required.)
>
>I'd say: A server is not required to enforce EHLO before using extensions,
>but it is also not required to allow them before he has announced them
>through an ESMTP response.
>
>Anyway, RFC 821 says: "The first command in a session must be the HELO
>command.", changed by RFC 1869, 4.1.1:
>
> RFC 821 states that the first command in an SMTP session must be the
> HELO command. This requirement is hereby amended to allow a session
> to start with either EHLO or HELO.
>
>So, anything before HELO/EHLO is a RFC violation.
>Still, many servers even allow sending mail without EHLO/HELO, they are
>just more tolerant then they have to.
>
>
>
>
>From: Marc Sherman <msherman@???>
>Reply-To: exim-users@???
>To: exim-users@???
>Subject: Re: [exim] STARTTLS before EHLO?
>Date: Tue, 07 Feb 2006 07:58:31 -0500
>W B Hacker wrote:
> >
> > It does do so.
> >
> > That is the 'legacy' ssl mode AKA 'tls_on_connect'
>
>Bill, please be more careful about answering questions with incorrect
>information. tls_on_connect does not involve sending the STARTTLS
>command _at_all_. The connection is SSL-encrypted from the moment it's
>opened.
>
> > tls_on_connect_ports = 465 : 587
>
>This has come up before; if you're going to recommend to random list
>posters that they configure 587 for tls_on_connect, please warn them
>explicitly that your configuration is very non-standard.
>
>- Marc
>
>
>
>From: Heiko Schlittermann <hs@???>
>To: exim-users@???
>Subject: Re: [exim] STARTTLS before EHLO?
>Date: Tue, 7 Feb 2006 14:46:00 +0100
>Jakob Hirsch <jh@???> (Di 07 Feb 2006 13:28:36 CET):
> > Heiko Schlittermann wrote:
> >
> > > should exim support receiving a STARTTLS *before* receiving an EHLO?
> >
> > no.
> > Well, it wouldn't hurt (just like allowing AUTH before EHLO), but why?
>No
> > proper client would do it.
>
>Hey - I didn't ask for implementing it. :)
>
> >
> > > openssl s_client -connect ssl.schlittermann.de:25 -starttls smtp
> > > 503 STARTTLS command used when not advertised..
> >
> > Which openssl version is this? 0.9.7f (on FC4) sends "EHLO
>some.host.name"
> > before STARTTLS.
>
> OpenSSL 0.9.7e 25 Oct 2004
> and
> OpenSSL 0.9.8a 11 Oct 2005
>
>both do not send 'EHLO'. (Debian)
>
>
> > I'd say: A server is not required to enforce EHLO before using
>extensions,
> > but it is also not required to allow them before he has announced them
> > through an ESMTP response.
> >
> > Anyway, RFC 821 says: "The first command in a session must be the HELO
> ~~~~
> > command.", changed by RFC 1869, 4.1.1:
> >
> > RFC 821 states that the first command in an SMTP session must be the
> > HELO command. This requirement is hereby amended to allow a session
> > to start with either EHLO or HELO.
>
>
>... that's what I needed to know :) Thank you.
>
>
> Best regards from Dresden
> Viele GrüÃe aus Dresden
> Heiko Schlittermann
>--
> SCHLITTERMANN.de ---------------------------- internet & unix support -
> Heiko Schlittermann HS12-RIPE -----------------------------------------
> gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
> gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -
><< signature.asc >>
>From: Juhasz Peter Karoly <stone@???>
>To: exim-users@???
>Subject: [exim] exim listens on http port
>Date: Tue, 7 Feb 2006 15:01:40 +0100 (CET)
>hello,
>
>today when i restarted my apache it couldn't bint to https and http ports,
>i found out that exim listens on that ports, after i killed the process i
>could start apache and everything worked fine. but is still don't know what
>was it. i found a thread on exim-users about the same thing but didn't
>found the cause / solution.
>
>stone
>
>
>
>From: Peter Bowyer <peeebeee@???>
>Reply-To: peter@???
>To: exim users <exim-users@???>
>Subject: Re: [exim] exim listens on http port
>Date: Tue, 7 Feb 2006 14:14:57 +0000
>On 07/02/06, Juhasz Peter Karoly <stone@???> wrote:
> > hello,
> >
> > today when i restarted my apache it couldn't bint to https and http
>ports,
> > i found out that exim listens on that ports, after i killed the process
>i
> > could start apache and everything worked fine. but is still don't know
> > what was it. i found a thread on exim-users about the same thing but
> > didn't found the cause / solution.
>
>Exim *could* do that if you told it to in the config
>(daemon_smtp_ports) or on the command line (-oX nn). But it wouldn't
>do it otherwise.
>
>On some OSs there's a option in netstat to tell you what process is
>listening on a port - I suggest you have a go with that. Smart money
>says it's not Exim getting in the way of Apache.
>
>netstat -pan springs to mind, please check your docs.
>
>Peter
>
>
>From: John Jetmore <jetmore@???>
>To: exim users <exim-users@???>
>Subject: Re: [exim] exim listens on http port
>Date: Tue, 7 Feb 2006 08:25:24 -0600 (CST)
>On Tue, 7 Feb 2006, Peter Bowyer wrote:
>
> > On 07/02/06, Juhasz Peter Karoly <stone@???> wrote:
> > > today when i restarted my apache it couldn't bint to https and http
>ports,
> > > i found out that exim listens on that ports, after i killed the
>process i
> > > could start apache and everything worked fine. but is still don't know
> > > what was it. i found a thread on exim-users about the same thing but
> > > didn't found the cause / solution.
> >
> > Exim *could* do that if you told it to in the config
> > (daemon_smtp_ports) or on the command line (-oX nn). But it wouldn't
> > do it otherwise.
> >
> > On some OSs there's a option in netstat to tell you what process is
> > listening on a port - I suggest you have a go with that. Smart money
> > says it's not Exim getting in the way of Apache.
> >
> > netstat -pan springs to mind, please check your docs.
>
>I'm not sure it's an exim problem, but this really does happen. Try to
>restart apache, it doesn't come back up because something else is bound to
>port 80. Use lsof -i TCP:25 and find sendmail procs bound to port 80 (I
>don't think you can actually initiate an smtp transaction on 80, but it's
>bound to nonetheless). I believe this is from sending mail from apache
>using /usr/sbin/sendmail directly. I've definitely seen it on a mod_perl
>enabled apache, unsure about plain, which may be part of the issue.
>
>My circumstances are such that it doesn't bother me that much (I don't
>restart apache very often, and it's a backend box so restarting sendmail
>when I also restart apache doesn't cause any problems), but I did want to
>note that what the OP describes really can happen.
>
>--John
>
>
>From: Tim Jackson <lists@???>
>To: exim-users@???
>Subject: Re: [exim] exim listens on http port
>Date: Tue, 07 Feb 2006 14:26:19 +0000
>Juhasz Peter Karoly wrote:
>
>>today when i restarted my apache it couldn't bint to https and http ports,
>>i found out that exim listens on that ports, after i killed the process i
>>could start apache and everything worked fine. but is still don't know
>>what was it. i found a thread on exim-users about the same thing but
>>didn't found the cause / solution.
>
>I believe it happens when there are exim child processes spawned from
>Apache, and you then kill Apache. This happens e.g. if you have perl or php
>scripts that call "/usr/bin/sendmail" or similar to send mail, and those
>child processes are still running when you kill the webserver.
>
>Not being a UNIX networking expert I don't really understand why those
>child processes end up being "bound" to the Apache ports (they're not
>really listening on them in any meaningful sense), but that's what seems to
>happen.
>
>Tim
>
>
>From: Terry <terry@???>
>To: exim-users@???
>Subject: [exim] Acl to help prevent spam from insecure php mail forms
>Date: Tue, 07 Feb 2006 14:46:30 +0000
>Does any one have any ideas to help block insecure php mail forms. Lots of
>spammers some how to seem to inject a flood of address into the bcc.
>I have set a bcc limit but was wondering if there was any thing else to be
>done rather than depend on the writers of such forms.
>It would also give less over head than using mod_security on apache.
>Thanks
><< terry.vcf >>
>From: "Jakob Hirsch" <jh@???>
>Reply-To: exim-users@???
>To: exim-users@???
>Subject: Re: [exim] STARTTLS before EHLO?
>Date: Tue, 7 Feb 2006 15:53:52 +0100 (CET)
>Heiko Schlittermann wrote:
>
> > OpenSSL 0.9.7e 25 Oct 2004
> > OpenSSL 0.9.8a 11 Oct 2005
> > both do not send 'EHLO'. (Debian)
>
>Looking at the sources, they put it into 0.9.7 starting with the f
>version, but not in 0.9.8/8a (for whatever reason). The change is trivial,
>it does not even check if the server supports STARTTLS.
>Anyway, you could bother the openssl people to put it into 0.9.8, for the
>good of all of us. Any while you are at it, they should also put in
>-starttls imap with something like "OSSL STARTTLS". :)
>
>
>
>
>From: Stephen Gran <steve@???>
>To: exim-users@???
>Subject: Re: [exim] Acl to help prevent spam from insecure php mail forms
>Date: Tue, 7 Feb 2006 15:09:04 +0000
>On Tue, Feb 07, 2006 at 02:46:30PM +0000, Terry said:
> > Does any one have any ideas to help block insecure php mail forms. Lots
> > of spammers some how to seem to inject a flood of address into the bcc.
> > I have set a bcc limit but was wondering if there was any thing else to
> > be done rather than depend on the writers of such forms.
> > It would also give less over head than using mod_security on apache.
> > Thanks
>
>chmod -x /path/to/php
>
>Failing that, fix the forms.
>
>Failing that, you can set up an acl statement (both non-smtp and smtp,
>depending on how php sends the mail) to look at the ident of the sender,
>and if it matches your web server, error on more than some number of
>recipients.
>
>From: Patrick Boutilier <boutilpj@???>
>To: exim users <exim-users@???>
>Subject: Re: [exim] exim listens on http port
>Date: Tue, 07 Feb 2006 11:09:12 -0400
>John Jetmore wrote:
>>On Tue, 7 Feb 2006, Peter Bowyer wrote:
>>
>>>On 07/02/06, Juhasz Peter Karoly <stone@???> wrote:
>>>>today when i restarted my apache it couldn't bint to https and http
>>>>ports,
>>>>i found out that exim listens on that ports, after i killed the process
>>>>i
>>>>could start apache and everything worked fine. but is still don't know
>>>>what was it. i found a thread on exim-users about the same thing but
>>>>didn't found the cause / solution.
>>>Exim *could* do that if you told it to in the config
>>>(daemon_smtp_ports) or on the command line (-oX nn). But it wouldn't
>>>do it otherwise.
>>>
>>>On some OSs there's a option in netstat to tell you what process is
>>>listening on a port - I suggest you have a go with that. Smart money
>>>says it's not Exim getting in the way of Apache.
>>>
>>>netstat -pan springs to mind, please check your docs.
>>
>>I'm not sure it's an exim problem, but this really does happen. Try to
>>restart apache, it doesn't come back up because something else is bound to
>>port 80. Use lsof -i TCP:25 and find sendmail procs bound to port 80 (I
>>don't think you can actually initiate an smtp transaction on 80, but it's
>>bound to nonetheless). I believe this is from sending mail from apache
>>using /usr/sbin/sendmail directly. I've definitely seen it on a mod_perl
>>enabled apache, unsure about plain, which may be part of the issue.
>>
>>My circumstances are such that it doesn't bother me that much (I don't
>>restart apache very often, and it's a backend box so restarting sendmail
>>when I also restart apache doesn't cause any problems), but I did want to
>>note that what the OP describes really can happen.
>
>I used to have the problem of exim "listening" on port 80 as well in the
>past but it has been a long time (at least a couple of years) since it
>happened to me.
>
>
>http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030414/052620.html
>
>
>>
>>--John
>>
>
>
>
>From: Steven Wayne <swayne@???>
>Reply-To: Exim Mailing List <exim-users@???>
>To: exim-users@???
>Subject: Re: [exim] Acl to help prevent spam from insecure php mail forms
>Date: Tue, 7 Feb 2006 15:17:00 +0000
>On Tue, Feb 07, 2006 at 02:46:30PM +0000, Terry wrote:
> > Date: Tue, 07 Feb 2006 14:46:30 +0000
> > From: Terry <terry@???>
> > To: exim-users@???
> > Subject: [exim] Acl to help prevent spam from insecure php mail forms
> >
> > Does any one have any ideas to help block insecure php mail forms. Lots
> > of spammers some how to seem to inject a flood of address into the bcc.
> > I have set a bcc limit but was wondering if there was any thing else to
> > be done rather than depend on the writers of such forms.
> > It would also give less over head than using mod_security on apache.
> > Thanks
>
>Fix the PHP page.
>
>Have a hard coded TO address and only allow them to put one address in a
>FROM field, then don't accept email addresses in any other field.
>
>Steven.
>
>From: Karl Fischer <karl.fischer@???>
>Reply-To: exim-users@???
>To: steve@???
>CC: Exim Users <exim-users@???>
>Subject: Re: [exim] eximstats - counting "=>" but not "->"
>Date: Tue, 07 Feb 2006 16:22:58 +0100
>Steve Campbell wrote:
>
>>Karl,
>>
>>The reason that only '=>' lines are counted as each one of these represent
>>a message sent down a transport and significant work done. Each '->' line
>>is an additional address at the same destination which does not require a
>>new message to be sent and is not a significant amount of work.
>>
>>Hence treating '=>' and '->' lines the same would not be accurate!
>>
>>However, we could do a seperate count of addresses (recipients) in
>>addition to the message and volume counts and show these.
>>
>>I'll put it on to the todo list.
>>
>>Steve
>
>
>Thanks Steve,
>
>I thought nobody is interested in this topic, so I worked on this
>myself. I tried not to mess up the total statistics, so I'm counting
>the '->' only for local_users and remote_users ($size) ...
>The totals are counted with the (new) $tsize, which is only set if
>$flag is '=>' (counting as it was ...)
>
>Of course the new behavior is switched on with a new commandline
>switch -cd to count the duplicates ...
>
>So here's the diff with my changes to V1.36 ...
>On request I can post/send the complete file (be aware, it's 96k)
>
>comments welcome ... (pls let me know if that's usable ...)
>
>- Karl
>
>
>
>
>*** /usr/sbin/eximstats Fri May 27 10:10:10 2005
>--- /usr/local/sbin/eximstats Mon Feb 6 23:42:46 2006
>***************
>*** 196,201 ****
>--- 196,206 ----
> #
> # 2005-02-07 V1.36 Gregor Herrmann / Steve Campbell
> # Added average sizes to HTML Top tables.
>+ #
>+ # 2006-02-06 V1.36a Karl Fischer
>+ # Added a new cmd-line switch -cd to count duplicate
>deliveries
>+ # => and -> for each account seperately for the
>+ # Top <n> (local|host) destinations by (volume|message count)
>
>
> =head1 NAME
>*************** Don't display transport information.
>*** 239,244 ****
>--- 244,253 ----
>
> Don't display transport information that matches
>
>+ =item B<-cd>
>+
>+ Count duplicate deliveries seperately for each host
>+
> =item B<-q>I<list>
>
> List of times for queuing information single 0 item suppresses.
>*************** On B<Debian GNU/Linux> you can use
>*** 354,364 ****
> C<apt-get install libgd-perl libgd-text-perl libgd-graph-perl>
> instead.
>
>! =item B<-chartdir>I <dir>
>
> Create the charts in the directory <dir>
>
>! =item B<-chartrel>I <dir>
>
> Specify the relative directory for the "img src=" tags from where to
>include
> the charts
>--- 363,373 ----
> C<apt-get install libgd-perl libgd-text-perl libgd-graph-perl>
> instead.
>
>! =item B<-chartdir> I<dir>
>
> Create the charts in the directory <dir>
>
>! =item B<-chartrel> I<dir>
>
> Specify the relative directory for the "img src=" tags from where to
>include
> the charts
>*************** use vars qw($topcount $local_league_tabl
>*** 453,458 ****
>--- 462,469 ----
> use vars qw($hist_opt $hist_interval $hist_number $volume_rounding);
> use vars qw($relay_pattern @queue_times $html @user_patterns
>@user_descriptions);
>
>+ use vars qw($count_duplicate);
>+
> use vars qw(%do_sender); #Do sender by Host, Domain,
>Email, and/or Edomain tables.
> use vars qw($charts $chartrel $chartdir $charts_option_specified);
> use vars qw($merge_reports); #Merge old reports ?
>*************** of the messages processed. Valid options
>*** 1341,1346 ****
>--- 1352,1360 ----
> -nr/pattern/ don't display relaying information that matches
> -nt don't display transport information
> -nt/pattern/ don't display transport information that matches
>+
>+ -cd Count duplicate deliveries seperately for each host
>+
> -nvr don't do volume rounding. Display in bytes, not KB/MB/GB.
> -q<list> list of times for queuing information
> single 0 item suppresses
>*************** EoText
>*** 1395,1401 ****
> #######################################################################
> sub generate_parser {
> my $parser = '
>! my($ip,$host,$email,$edomain,$domain,$thissize,$size,$old,$new);
> my($tod,$m_hour,$m_min,$id,$flag);
> while (<$fh>) {
>
>--- 1409,1415 ----
> #######################################################################
> sub generate_parser {
> my $parser = '
>! my($ip,$host,$email,$edomain,$domain,$thissize,$size,$tsize,$old,$new);
> my($tod,$m_hour,$m_min,$id,$flag);
> while (<$fh>) {
>
>*************** sub generate_parser {
>*** 1557,1564 ****
> #ENDIF ($hist_opt > 0)
> }
>
>! elsif ($flag eq "=>") {
> $size = $size{$id} || 0;
> if ($host ne "local") {
> $remote_delivered{$id} = 1;
>
>--- 1571,1579 ----
> #ENDIF ($hist_opt > 0)
> }
>
>! elsif ($flag eq "=>" || ($flag eq "->" && $count_duplicate > 0)) {
> $size = $size{$id} || 0;
>+ $tsize = ($flag eq "=>") ? $size : 0;
> if ($host ne "local") {
> $remote_delivered{$id} = 1;
>
>*************** sub generate_parser {
>*** 1621,1650 ****
>
> #IFDEF ($do_sender{Host})
> $delivered_count{Host}{$host}++;
>!
> add_volume(\\$delivered_data{Host}{$host},\\$delivered_data_gigs{Host}{$host},$size);
> #ENDIF ($do_sender{Host})
> #IFDEF ($do_sender{Domain})
> if ($domain) {
> $delivered_count{Domain}{$domain}++;
>!
>add_volume(\\$delivered_data{Domain}{$domain},\\$delivered_data_gigs{Domain}{$domain},$size);
> }
> #ENDIF ($do_sender{Domain})
> #IFDEF ($do_sender{Email})
> $delivered_count{Email}{$email}++;
>!
> add_volume(\\$delivered_data{Email}{$email},\\$delivered_data_gigs{Email}{$email},$size);
> #ENDIF ($do_sender{Email})
> #IFDEF ($do_sender{Edomain})
> $delivered_count{Edomain}{$edomain}++;
>!
> add_volume(\\$delivered_data{Edomain}{$edomain},\\$delivered_data_gigs{Edomain}{$edomain},$size);
> #ENDIF ($do_sender{Edomain})
>
> $total_delivered_count++;
>!
>add_volume(\\$total_delivered_data,\\$total_delivered_data_gigs,$size);
>
> #IFDEF ($show_transport)
> my $transport = (/\\sT=(\\S+)/) ? $1 : ":blackhole:";
> $transported_count{$transport}++;
>!
>add_volume(\\$transported_data{$transport},\\$transported_data_gigs{$transport},$size);
> #ENDIF ($show_transport)
>
> #IFDEF ($hist_opt > 0)
>--- 1636,1665 ----
>
> #IFDEF ($do_sender{Host})
> $delivered_count{Host}{$host}++;
>!
> add_volume(\\$delivered_data{Host}{$host},\\$delivered_data_gigs{Host}{$host},$tsize);
> #ENDIF ($do_sender{Host})
> #IFDEF ($do_sender{Domain})
> if ($domain) {
> $delivered_count{Domain}{$domain}++;
>!
>add_volume(\\$delivered_data{Domain}{$domain},\\$delivered_data_gigs{Domain}{$domain},$tsize);
> }
> #ENDIF ($do_sender{Domain})
> #IFDEF ($do_sender{Email})
> $delivered_count{Email}{$email}++;
>!
> add_volume(\\$delivered_data{Email}{$email},\\$delivered_data_gigs{Email}{$email},$tsize);
> #ENDIF ($do_sender{Email})
> #IFDEF ($do_sender{Edomain})
> $delivered_count{Edomain}{$edomain}++;
>!
> add_volume(\\$delivered_data{Edomain}{$edomain},\\$delivered_data_gigs{Edomain}{$edomain},$tsize);
> #ENDIF ($do_sender{Edomain})
>
> $total_delivered_count++;
>!
>add_volume(\\$total_delivered_data,\\$total_delivered_data_gigs,$tsize);
>
> #IFDEF ($show_transport)
> my $transport = (/\\sT=(\\S+)/) ? $1 : ":blackhole:";
> $transported_count{$transport}++;
>!
>add_volume(\\$transported_data{$transport},\\$transported_data_gigs{$transport},$tsize);
> #ENDIF ($show_transport)
>
> #IFDEF ($hist_opt > 0)
>*************** $topcount = 50;
>*** 2662,2667 ****
>--- 2677,2683 ----
> $local_league_table = 1;
> $include_remote_users = 0;
> $hist_opt = 1;
>+ $count_duplicate = 0;
> $volume_rounding = 1;
> $localtime_offset = calculate_localtime_offset(); # PH/FANF
>
>*************** while (@ARGV > 0 && substr($ARGV[0], 0,
>*** 2711,2716 ****
>--- 2727,2733 ----
> elsif ($ARGV[0] =~ /^-chartdir$/) { $chartdir = $ARGV[1]; shift;
>$charts_option_specified = 1; }
> elsif ($ARGV[0] =~ /^-chartrel$/) { $chartrel = $ARGV[1]; shift;
>$charts_option_specified = 1; }
> elsif ($ARGV[0] =~ /^-cache$/) { } #Not currently used.
>+ elsif ($ARGV[0] =~ /^-cd$/) { $count_duplicate = 1 }
> elsif ($ARGV[0] =~ /^-byhost$/) { $do_sender{Host} = 1 }
> elsif ($ARGV[0] =~ /^-bydomain$/) { $do_sender{Domain} = 1 }
> elsif ($ARGV[0] =~ /^-byemail$/) { $do_sender{Email} = 1 }
>
>
>
>
>From: "Mike Jones" <mike.jones@???>
>To: <exim-users@???>
>Subject: [exim] Exim has stopped sending email
>Date: Tue, 7 Feb 2006 15:27:30 -0000
>This has only started happening in the last week or so, and I've drawn a
>blank as to the cause.
>
>
>
>We have exim V4.3 installed along with ClamAV and SpamAssassin and its
>perfectly happy to receive emails. However if someone tries to send a
>reasonably sized email (an attachment) then we get a timeout error in
>Outlook. This also happens with our Linux and Mac users. Small emails seem
>unaffected and get sent fine.
>
>
>
>Nothing appears in the log files (in fact it looks like the mail hasn't got
>to the server to get sent).
>
>
>
>This is obviously causing major problems, and its got to the stage now,
>where I'm considering rebuilding the mail server.
>
>
>
>I've even cleared down the mail queue in case that was the problem.
>
>
>
>If anyone has any ideas why this might be happening, let me know. The only
>thing we've noticed is all of a sudden SpamAssassin is using a lot of
>memory
>and the server is running out, but we've restricted SA to only scan
>messages
>up to 256K.
>
>
>
>Michael Jones
>Systems and Network Administrator
>Fast Web Media Ltd
>Email: michael.jones@???
>Tel: +44(0)161 835 3444
>Fax: +44(0)161 835 3488
>Mobile: +44(0)7921 677161
>
>Fast Web Media Ltd is the wholly owned UK operating company of Total Sports
>Online ASA - www.totalsportsonline.com
>This e-mail is intended solely for the addressee and is strictly
>confidential. If you are not the addressee, please do not read, print,
>re-transmit, store or act in reliance on it or any attachments. Instead
>please e-mail it back to the sender and delete the message from your
>computer.
>Total Sports Online ASA accepts no liability for changes made to this
>e-mail
>(and any attachments) after it was sent or for viruses arising as a result
>of this e-mail transmission.
>Any unauthorised reproduction, dissemination, copying, disclosure,
>modification, distribution and/or publication of this e-mail message is
>strictly prohibited.
>
>Fast Web Media Ltd, 12th Floor, Sunlight House, Quay Street, Manchester, M3
>3JZ, UK
>
>
>
>
>
>
>From: Marc Sherman <msherman@???>
>Reply-To: exim-users@???
>To: exim-users@???
>Subject: Re: [exim] Exim has stopped sending email
>Date: Tue, 07 Feb 2006 10:48:05 -0500
>Mike Jones wrote:
> >
> > If anyone has any ideas why this might be happening, let me know. The
>only
> > thing we've noticed is all of a sudden SpamAssassin is using a lot of
>memory
> > and the server is running out, but we've restricted SA to only scan
>messages
> > up to 256K.
>
>Check your spamassassin rules. Are you using bigevil.cf? That file is
>obsolete, and, to quote the SARE description, "will bring a large email
>server to its knees! Please Don't use unless you have to!"
>
>- Marc
>
>
>
>From: "Mike Jones" <mike.jones@???>
>Reply-To: mike.jones@???
>To: <exim-users@???>
>Subject: RE: [exim] Exim has stopped sending email
>Date: Tue, 7 Feb 2006 16:23:51 -0000
>Nah, I've just checked.
>
>Some additional info. Linux users can send ok after all, so it just seems
>to
>be affecting windows and Mac users.
>
>The SW versions are:
>
>ClamAV 0.67
>Exim 4.3
>SpamAssassin 3.0.2
>
>I know ClamAV is very old and I'm going to upgrade Exim and ClamAV tonight
>to see if that helps.
>
>Mike
>
>-----Original Message-----
>From: exim-users-bounces@??? [mailto:exim-users-bounces@exim.org] On
>Behalf Of Marc Sherman
>Sent: 07 February 2006 15:48
>To: exim-users@???
>Subject: Re: [exim] Exim has stopped sending email
>
>Mike Jones wrote:
> >
> > If anyone has any ideas why this might be happening, let me know. The
>only
> > thing we've noticed is all of a sudden SpamAssassin is using a lot of
>memory
> > and the server is running out, but we've restricted SA to only scan
>messages
> > up to 256K.
>
>Check your spamassassin rules. Are you using bigevil.cf? That file is
>obsolete, and, to quote the SARE description, "will bring a large email
>server to its knees! Please Don't use unless you have to!"
>
>- Marc
>
>
>
>From: Philip Hazel <ph10@???>
>Reply-To: exim-users@???
>To: Tim Jackson <lists@???>
>CC: exim-users@???
>Subject: Re: [exim] exim listens on http port
>Date: Tue, 7 Feb 2006 16:27:49 +0000 (GMT)
>On Tue, 7 Feb 2006, Tim Jackson wrote:
>
> > I believe it happens when there are exim child processes spawned from
>Apache,
> > and you then kill Apache. This happens e.g. if you have perl or php
>scripts
> > that call "/usr/bin/sendmail" or similar to send mail, and those child
> > processes are still running when you kill the webserver.
> >
> > Not being a UNIX networking expert I don't really understand why those
>child
> > processes end up being "bound" to the Apache ports (they're not really
> > listening on them in any meaningful sense), but that's what seems to
>happen.
>
>A forked process inherits its parent's file descriptors. Presumably the
>code in appache is forking another process, and then running perl/php
>without closing the listening file descriptors.
>
>
>From: meburke@???
>To: exim-users@???
>Subject: [exim] Re: smtp authorization test via telnet?
>Date: Tue, 7 Feb 2006 10:34:20 -0600
>Thank you all for your help! I entirely missed the log_selector parameter
>and I
>misunderstood what I read about the -bh options (probably as a result of
>trying
>to eat too much in one meal).
>
>Jakob wrote: (in response to POP-before-SMTP)
>
> > You can have that with Exim, too, but I'd rather not support obsolete
>hacks.
>
>Jakob,
>
>If you have a couple of minutes, can you direct me to a list or discussion
>of
>the pros and cons on this? Or, alternatively, can you give me a short
>version
>of your thinking on this? (Off list is fine.)
>
>Thank you all again for your help.
>
>Mike Burke
>
>
>
>From: fubar-exim@??? (Kendall Libby)
>To: exim-users@???
>Subject: [exim] sophos puremessage
>Date: Tue, 7 Feb 2006 11:44:47 -0500
>
>The University has been looking at commercial products to help fend
>off spam; one of the leading contenders was Sophos' PureMessage,
>partly because we've been using their AV stuff but mostly because it
>looks like a good product. However, when their "sales engineer" came
>to talk to us, they said that Exim wasn't supported due to
>"performance problems" and that it would never be supported. As PM
>seems to be using a milter interface (I say seems for the same reason
>I put "sales engineer" in quotes), so having it work with Exim
>shouldn't be rocket science...
>
>My question to the masses is, has anyone out there tried getting them
>to work together, or talked to Sophos about doing same?
>
>K.
>
>
>From: "Jakob Hirsch" <jh@???>
>Reply-To: exim-users@???
>To: meburke@???
>CC: exim-users@???
>Subject: Re: [exim] Re: smtp authorization test via telnet?
>Date: Tue, 7 Feb 2006 18:47:31 +0100 (CET)
>meburke@??? wrote:
>
> > Jakob wrote: (in response to POP-before-SMTP)
> > the pros and cons on this? Or, alternatively, can you give me a short
> > version of your thinking on this?
>
>pop-before-smtp is merely hack, introduced because there smtp had no
>authentication facility. But that is long ago, the smtp auth RFC is dated
>March 99 and all today's email clients support smtp auth.
>
>Why is pop-before-smtp a hack?
>- does not work with some clients (e.g. OE, possible workarounds though)
>- misuses a protocol to submit information for another protocol
>- ... which can be submitted through the protocol itself
>- possible race-conditions (though mostly irrelevant in practice)
>- slower and more resource usage
>- involves online parsing of logfiles or a hacked pop3d daemon
>- needs a database or a special daemon to keep the login information
>- therefore generates more points of failure
>
>These are things that come to mind right now, there are possibly many more.
>
>
>
>
>From: Jason Johnson <jasonj@???>
>To: exim-users@???
>Subject: [exim] Remote Domains Not Supported
>Date: Tue, 7 Feb 2006 12:37:32 -0600
>All,
>
>I am trying to send a message using the php library phpmailer from one of
>our debian web servers. I configure the script to use the mail() function,
>which apparently by default hands off the message to the local MTA if at
>all possible. The script itself reports successful delivery to exim, which
>I have confirmed by the following being found in `/var/log/exim4/mainlog`:
>
> "jasonj@??? R=nonlocal: Mailing to remote domains not supported"
>
>It then ends up permanently rejected for delivery in `www-data`'s local
>mailbox.
>
>In this situation, how do I allow exim to send mail to any address at any
>domain? Is there a particular configuration directive (as I imagine there
>is) I need to be aware of?
>
>Thank you in advance,
>Jason
>
>
>
>From: "R. Sánchez" <reven@???>
>To: exim list <exim-users@???>
>Subject: [exim] problem with authentication and virtual users
>Date: Tue, 07 Feb 2006 19:40:18 +0100
>Hi,
>
>I have a virtual user setup with exim + teapop and on the intranet side
>everything is working fine. Problems start when trying to authenticate
>from the outside. I've tried ssl, tls, no encryption... I have been able
>to get deliveries through, but only after waiting about 45 sec. (and
>sometimes timing-out a couple of times). Authentication is been done
>against a mysql table.
>
>I've tried to telnet from the outside, but I don't even get a response
>from port 25 with telnet. From the inside telnet works ok without
>encryption.
>
>I've been googling for two days and changing all sorts of config
>options, but I'm not able to get anywhere. Someone knows where my config
>may be failing? May there be some interference from another package?
>
>All other aspects work flawlessly: virtual re-directs, virtual users,
>local delivery, etc.
>
>Thanks. Any help will be welcome
>Robert.
>
>PS- I'll post logs if needed. Just tell me which ones would help.
>
>
>From: Marc Sherman <msherman@???>
>Reply-To: exim-users@???
>To: exim-users@???
>Subject: Re: [exim] Remote Domains Not Supported
>Date: Tue, 07 Feb 2006 13:58:12 -0500
>Jason Johnson wrote:
> > All,
> >
> > I am trying to send a message using the php library phpmailer from one
> > of our debian web servers. I configure the script to use the mail()
> > function, which apparently by default hands off the message to the
> > local MTA if at all possible. The script itself reports successful
> > delivery to exim, which I have confirmed by the following being found
> > in `/var/log/exim4/mainlog`:
> >
> > "jasonj@??? R=nonlocal: Mailing to remote domains not
> > supported"
>
>The nonlocal router is unique to the Debian configuration. You should
>re-post this question to the Debian exim mailing list, which is
>documented in /usr/share/doc/exim4-base/README.Debian.gz
>
>- Marc
>
>
>From: Stian Jordet <liste@???>
>To: Adrian <adrian@???>
>CC: exim-users@???
>Subject: Re: [exim] local_part and original_domain empty in smtp_data ACL
>Date: Tue, 07 Feb 2006 19:58:43 +0100
>man, 06,.02.2006 kl. 19.47 +0100, skrev Adrian:
> >
> > ------------------------
> > > That's because a message may have more than one recipient, so there is
>no
> > > single appropriate value for $local_part or $domain for ACLs that deal
> > > with the message as a whole (i.e. anything except the RCPT ACL).
>
> > Is there a way to use it at least for messages with only a single
> > recipient? Or how else can I allow users to use custom spam thresholds
> > (I have a database table which contains the user who owns an email
> > address and a table where the spam thresholds for the users are
> > stored).
>
>You have to use $recipients, and make sure every mail only has one
>recipient (by using similar tricks to
>
>http://duncanthrax.net/exiscan-acl/exiscan-acl-examples.txt
>
>:)
>
>Best regards,
>Stian
>
>
>
>From: Marc Sherman <msherman@???>
>Reply-To: exim-users@???
>To: exim-users@???
>Subject: Re: [exim] local_part and original_domain empty in smtp_data ACL
>Date: Tue, 07 Feb 2006 14:20:32 -0500
> > man, 06,.02.2006 kl. 19.47 +0100, skrev Adrian:
> >
> >> Is there a way to use it at least for messages with only a single
> >> recipient? Or how else can I allow users to use custom spam
> >> thresholds (I have a database table which contains the user who
> >> owns an email address and a table where the spam thresholds for the
> >> users are stored).
>
>Stian Jordet wrote:
> >
> > You have to use $recipients, and make sure every mail only has one
> > recipient (by using similar tricks to
> >
> > http://duncanthrax.net/exiscan-acl/exiscan-acl-examples.txt
>
>A better solution would be to lookup the recipient's threshold in the
>RCPT acl, and store it in an acl_mN variable. For subsequent
>recipients, if the acl_mN variable is already set, defer if the new
>recipient has a different threshold than what's already set.
>
>So, something like this:
>
>acl_check_rcpt:
>
> # acl_m1 is a scratch var used only locally
> require set acl_m1 = ${lookup pgsql { SELECT * FROM
>flagSpam('${quote_pgsql:$local_part}@${quote_pgsql:$original_domain}')}}
>
> defer
> message = threshold mismatch
> condition = ${if and{{def:acl_m2}{!={$acl_m1}{$acl_m2}}}}
>
> # acl_m2 is the threshold for all accepted recipients of the message
> require set acl_m2 = $acl_m1
>
>acl_check_data:
> warn message = X-Spam-Flag: YES
> condition = ${if <{$message_size}{80k}{1}{0}}
> spam = nobody
> condition = ${if >{$spam_score_int}{$acl_m2}}
>
>- Marc
>
>
>From: Juhasz Peter Karoly <stone@???>
>To: exim users <exim-users@???>
>Subject: Re: [exim] exim listens on http port
>Date: Tue, 7 Feb 2006 20:57:22 +0100 (CET)
>>I believe it happens when there are exim child processes spawned from
>>Apache, and you then kill Apache. This happens e.g. if you have perl or
>>php scripts that call "/usr/bin/sendmail" or similar to send mail, and
>>those child processes are still running when you kill the webserver.
>
>this may be the cause, because around that time tousands of mails were send
>out by a php script.
>
>stone
>
>
>
>
>
>
>
>
>From: W B Hacker <wbh@???>
>To: exim-users@???
>Subject: Re: [exim] STARTTLS before EHLO?
>Date: Wed, 08 Feb 2006 04:44:57 +0800
>Marc Sherman wrote:
>>W B Hacker wrote:
>>
>>>It does do so.
>>>
>>>That is the 'legacy' ssl mode AKA 'tls_on_connect'
>>
>>
>>Bill, please be more careful about answering questions with incorrect
>>information. tls_on_connect does not involve sending the STARTTLS
>>command _at_all_. The connection is SSL-encrypted from the moment it's
>>opened.
>>
>
>I know that. I said that. We rely on that.
>
>>
>>>tls_on_connect_ports = 465 : 587
>>
>>
>>This has come up before; if you're going to recommend to random list
>>posters that they configure 587 for tls_on_connect, please warn them
>>explicitly that your configuration is very non-standard.
>>
>>- Marc
>>
>>
>
>'Legacy', perhaps, but not 'non-standard' w/r our use of those
>two ports.
>
>465 is covered in RFC 825, 2825. 587 under RFC 3207.
>
>Take note:
>
>"... the submission port is by definition not a publicly
>referenced SMTP server...." (RFC 3207 & port 587)
>
>QED.
>
>Bill
>
>
>
>
>
>
>
>
>From: Karl Fischer <karl.fischer@???>
>Reply-To: exim-users@???
>To: steve@???
>CC: Exim Users <exim-users@???>
>Subject: Re: [exim] eximstats - counting "=>" but not "->"
>Date: Tue, 07 Feb 2006 21:55:42 +0100
>Steve Campbell wrote:
>
>>Karl,
>>
>>Guess who else was working on this today :-)
>>
>>It was a bit more work, but we now output the address (recipient)
>>statistics in addition to the message statistics. You can be the first
>>person to test it!
>>
>>eximstats version 1.36? Gosh. That version's a year old today! There have
>>been several major enhancements since then, including
>>
>>* dramatic memory savings
>>* multiple simultaneous output formats (text, html, xls)
>>* mail rejection statistics
>
>Steve,
>
>1.36? - a year old? hmmm, so I've been working on a steam engine, eh?
>Shame on me ...
>
>Just gave your version a try, looks much(!) better that the old one ...
>However, it still doesn't do, what I want it to ...
>
>Am I too stupid?
>
>Here's the original example again:
>
>: 2006-02-04 15:18:15 1F5OEx-0004Z0-Fi <= test@domain U=test P=local S=722
>: 2006-02-04 15:18:15 1F5OEx-0004Z0-Fi => user1 <user1@domain>
>: 2006-02-04 15:18:15 1F5OEx-0004Z0-Fi -> user2 <user3@domain>
>: 2006-02-04 15:18:15 1F5OEx-0004Z0-Fi -> user3 <user2@domain>
>: 2006-02-04 15:18:15 1F5OEx-0004Z0-Fi Completed
>
>
>I would like to see this:
>
>: Top 50 local destinations by message count
>: ------------------------------------------
>:
>: 1 772B user1
>: 1 772B user2
>: 1 772B user3
>:
>: Top 50 local destinations by volume
>: -----------------------------------
>:
>: 1 772B user1
>: 1 772B user2
>: 1 772B user3
>
>
>instead of:
>
>: Top 50 local destinations by message count
>: ------------------------------------------
>:
>: 1 772B user1
>:
>: Top 50 local destinations by volume
>: -----------------------------------
>:
>: 1 772B user1
>
>
>with the new version I see:
>
>: Top 50 local destinations by message count
>: ------------------------------------------
>: Messages Addresses Bytes Average Local destination
>: 1 1 722 722 user1
>:
>: Top 50 local destinations by volume
>: -----------------------------------
>: Messages Addresses Bytes Average Local destination
>: 1 1 722 722 user1
>
>
>but I'd like to see:
>
>: Top 50 local destinations by message count
>: ------------------------------------------
>: Messages Addresses Bytes Average Local destination
>: 1 1 722 722 user1
>: 1 1 722 722 user2
>: 1 1 722 722 user3
>:
>: Top 50 local destinations by volume
>: -----------------------------------
>: Messages Addresses Bytes Average Local destination
>: 1 1 722 722 user1
>: 1 1 722 722 user2
>: 1 1 722 722 user3
>
>
>
>Should we take that off-line?
>
>- Karl
>
>
>
>--
>
>## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
>details at http://www.exim.org/ ##
_________________________________________________________________
Are you using the latest version of MSN Messenger? Download MSN Messenger
7.5 today!
http://messenger.msn.co.uk
