On 16/12/10 17:20, Sebastian Tennant wrote:
> Hi Ximmers,
>
> For the last two or three days I've woken up to the following message in my
> /var/log/exim4/paniclog:
>
> 2010-12-16 01:21:27 string too large in smtp_notquit_exit()
>
> Anyone know what's causing it and why it should have suddenly started
> happening? I haven't touched my exim setup in a while.
Sounds like someone is compromising your server with the buffer exploit
that was discovered in the wild last week, but which was patched in Nov
2008, released Nov 2009 with 4.70.
That log message is an indication that a large part of the memory has
been overwritten and was an error message that popped up a lot in my
testing.
Update to 4.72 or at least patch from bug 787 to remove the buffer exploit.
http://www.exim.org/lurker/message/20101210.164935.385e04d0.en.html
http://bugs.exim.org/show_bug.cgi?id=787