On Tue, May 4, 2021 at 4:52 PM Heiko Schlittermann via Exim-users <
exim-users@???> wrote:
> Dear Exim-Users
>
> Abstract
> --------
>
> Several exploitable vulnerabilities in Exim were reported to us and are
> fixed.
>
> We have prepared a security release, tagged as "exim-4.94.2".
>
> This release contains all changes on the exim-4.94+fixes branch plus
> security fixes.
>
> You should update your Exim instances as soon as possible. (See below
> for short upgrade notes.)
>
I have installed this version and I am getting a strange error which was
not appearing with v4.94:
2021-05-04 16:45:39 1ldwIb-000LOY-LA H=maily102.outbound.eversrv.com
[154.0.15.102] I=[46.165.223.102]:25
X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<
bounce_5k3W1xx3vfd9mww6_dlY8zIlXgZEJudOT_b3ccc2b800ca38d4_19@???>
temporarily rejected after DATA: failed to expand ACL string "${lookup
sqlite,file=/var/spool/exim/db/greylist.db {SELECT host from resenders
WHERE helo='${quote_sqlite:$sender_helo_name}' AND
host='$sender_host_address';} {1}}": absolute file name expected for
"sqlite" lookup
<CUT>
GREYDB=/var/spool/exim/db/greylist.db
greylist_mail:
accept condition = ${if eq{$acl_m_greylistreasons}{} {1}}
accept hosts = :
accept authenticated = *
accept
hosts = +IPwhitelist
accept
sender_domains = facebook.com : twitter.com : facebookmail.com :
linkedin.com
accept
hosts = +backup_mx_hosts
accept condition = ${lookup sqlite,file=GREYDB {SELECT host from
resenders \
WHERE
helo='${quote_sqlite:$sender_helo_name}' \
AND host='$sender_host_address';} {1}}
warn set acl_m_greyident =
${hash{20}{62}{$sender_address$recipients$h_message-id:}}
warn set acl_m_greyexpiry = ${lookup sqlite,file=GREYDB {SELECT expire
FROM greylist \
WHERE
id='${quote_sqlite:$acl_m_greyident}';}{$value}}
warn condition = ${if eq {$acl_m_greyexpiry}{} {1}}
set acl_m_dontcare = ${lookup sqlite,file=GREYDB {INSERT INTO
greylist \
VALUES ( '$acl_m_greyident', \
'${eval10:$tod_epoch+300}',
\
'$sender_host_address', \
'${quote_sqlite:$sender_helo_name}' );}}
defer condition = ${if eq {$acl_m_greyexpiry}{} {1}}
condition = ${lookup sqlite,file=GREYDB {SELECT expire FROM
greylist \
WHERE
id='${quote_sqlite:$acl_m_greyident}';} {1}}
message = Mail is suspicious. Please retry later.
log_message = Greylisted <$h_message-id:> from <$sender_address>
for offences: ${sg {$acl_m_greylistreasons}{\n}{,}}
warn condition = ${if eq {$acl_m_greyexpiry}{} {1}}
log_message = Greylist insertion failed. Bypassing greylist.
accept condition = ${if eq {$acl_m_greyexpiry}{} {1}}
defer condition = ${if > {$acl_m_greyexpiry}{$tod_epoch}}
message = Mail is suspicious. Please retry later.
warn set acl_m_orighost = ${lookup sqlite,file=GREYDB {SELECT host FROM
greylist \
WHERE
id='${quote_sqlite:$acl_m_greyident}';}{$value}}
set acl_m_orighelo = ${lookup sqlite,file=GREYDB {SELECT helo FROM
greylist \
WHERE
id='${quote_sqlite:$acl_m_greyident}';}{$value}}
set acl_m_dontcare = ${lookup sqlite,file=GREYDB {INSERT INTO
resenders \
VALUES ( '$acl_m_orighost', \
'${quote_sqlite:$acl_m_orighelo}',
\
'$tod_epoch' ); }}
logwrite = Added host $acl_m_orighost with HELO '$acl_m_orighelo' to
known resenders
accept
</CUT>
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)
