Thanks for the replies. I don’t fully understand everything you asked but as much as i’ve been able to figure out is pasted below. Also the config incase there’s an obvious issue there.
I haven’t raised a debian bug, I’m assuming it’s just my incompetence.
Any assistance deeply appreciated.
Version:
Exim version 4.96 #2 built 29-Sep-2023 20:38:02
Permissions:
-rwsr-xr-x 1 root root 1575384 Sep 30 09:38 exim4
Configuration file:
#####################################
primary_hostname = controlroom.co
# ports
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
#MySQL
VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'
MAIN_LOCAL_DOMAINS = @ : controlroom.co : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
MAIN_RELAY_TO_DOMAINS = ${lookup mysql{RELAY_DOMAINS}}
MAIN_RELAY_NETS = localhost : @ : 192.168.0.0/24
MAIN_TRUSTED_USERS = www-data : vexim : root
VEXIM_LOCALPART_SUFFIX = +*
VEXIM_SPAM_REPORT_HEADER_NAME = X-Spam-Status
hide mysql_servers = localhost::(/var/run/mysqld/mysqld.sock)/vexim/vexim/#######
# users
exim_user = Debian-exim
exim_group = Debian-exim
never_users = root
# TLS
MAIN_TLS_ENABLE = 1
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
REQUIRE_PROTOCOL = smtps
MAIN_TLS_CERTIFICATE = /etc/letsencrypt/live/controlroom.co/fullchain.pem
MAIN_TLS_PRIVATEKEY = /etc/letsencrypt/live/controlroom.co/privkey.pem
auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}}
tls_dhparam = none
#####################################
$ openssl s_client -connect localhost:587 -servername controlroom.co -starttls smtp
CONNECTED(00000003)
809BCD053E7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:../ssl/record/rec_layer_s3.c:303:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 230 bytes and written 353 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
$ swaks -a -tls -p 587 -q AUTH -s controlroom.co -au julian@???
Password: #########
=== Trying controlroom.co:587...
=== Connected to controlroom.co.
<- 220 controlroom.co ESMTP Exim 4.96 Fri, 27 Oct 2023 11:00:24 +1300
-> EHLO ip-172-31-27-131.ap-southeast-2.compute.internal
<- 250-controlroom.co Hello controlroom.co [52.65.43.74]
<- 250-SIZE 52428800
<- 250-8BITMIME
<- 250-PIPELINING
<- 250-PIPECONNECT
<- 250-CHUNKING
<- 250-STARTTLS
<- 250-PRDR
<- 250 HELP
-> STARTTLS
*** Remote host closed connection unexpectedly.
$ sudo tail -f /var/log/mail.log
2023-10-27T12:59:18.381777+13:00 ip-172-31-27-131 imapd-ssl: Connection, ip=[::ffff:121.99.134.237], port=[53803]
2023-10-27T12:59:18.438273+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, user=julian@???, ip=[::ffff:121.99.134.237], port=[53803], protocol=IMAP
2023-10-27T12:59:18.495509+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, user=julian@???, ip=[::ffff:121.99.134.237], port=[53803], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1
$ sudo tail -f /var/log/exim4/mainlog
2023-10-27 12:55:32 SIGSEGV (fault address: 0x4)
2023-10-27 12:55:32 SEGV_MAPERR
2023-10-27 12:55:32 SIGSEGV (null pointer indirection)
2023-10-27 12:55:32 SIGSEGV (1400295 handling incoming connection from (smtpclient.apple) [121.99.134.237]
)
2023-10-27 12:55:32 SMTP syntax error in "\026\003\001?\251\001??\245\003\003e:\374t+\035\007" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\223l\334D\227\275\2412\315\303\251*?h\257\257\327c\346>w\247e\264??,?\377\300,\300+\300$\300#\300" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\300 \300\b\3000\300/\300(\300'\300\024\300\023\300\022?\235?\234?=?<?5?/?" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\001??P???\023?\021??\016controlroom.co?" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP call from [121.99.134.237] dropped: too many syntax or protocol errors (last command was "\001??P???\023?\021??\016controlroom.co?", NULL)
$ sudo tail -f /var/log/syslog
2023-10-27T13:01:28.132700+13:00 ip-172-31-27-131 imapd-ssl: Connection, ip=[::ffff:121.99.134.237], port=[53825]
2023-10-27T13:01:28.133760+13:00 ip-172-31-27-131 systemd[1]: Started systemd-coredump@??? - Process Core Dump (PID 1400340/UID 0).
2023-10-27T13:01:28.184822+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, user=julian@???, ip=[::ffff:121.99.134.237], port=[53825], protocol=IMAP
2023-10-27T13:01:28.245152+13:00 ip-172-31-27-131 imapd-ssl: ip=[::ffff:121.99.134.237], Unexpected SSL connection shutdown.
2023-10-27T13:01:28.245752+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, user=julian@???, ip=[::ffff:121.99.134.237], port=[53825], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1
2023-10-27T13:01:28.433487+13:00 ip-172-31-27-131 systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012Stack trace of thread 1400339:#012#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)#012#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a (exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a (exim4 + 0xad622)#012#7 0x000056095cf06eef n/a (exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)#012#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object binary architecture: AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: systemd-coredump@???: Deactivated successfully.
systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012Stack trace of thread 1400339:#012#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)#012#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a (exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a (exim4 + 0xad622)#012#7 0x000056095cf06eef n/a (exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)#012#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object binary architecture: AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: systemd-coredump@???: Deactivated successfully.
$ sudo journalctl -e
Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: Started systemd-coredump@??? - Process Core Dump (PID 1400386/UID 0).
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: Connection, ip=[::ffff:121.99.134.237], port=[53917]
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGIN, user=julian@???, ip=[::ffff:121.99.134.237], port=[53917], protocol=IMAP
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGOUT, user=julian@???, ip=[::ffff:121.99.134.237], port=[53917], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1
Oct 27 13:07:28 ip-172-31-27-131 systemd-coredump[1400387]: [🡕] Process 1400385 (exim4) of user 113 dumped core.
Stack trace of thread 1400385:
#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)
#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)
#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)
#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)
#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)
#5 0x000056095cf88280 n/a (exim4 + 0xc1280)
#6 0x000056095cf74622 n/a (exim4 + 0xad622)
#7 0x000056095cf06eef n/a (exim4 + 0x3feef)
#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)
#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)
#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)
#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)
ELF object binary architecture: AMD x86-64
Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: systemd-coredump@???: Deactivated successfully.
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]: admin : TTY=pts/0 ; PWD=/var/log ; USER=root ; COMMAND=/usr/bin/journalctl -e
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]: pam_unix(sudo:session): session opened for user root(uid=0) by admin(uid=1000)
Thank in advance, Julian
> On 19/10/2023, at 9:41 PM, Jeremy Harris via Exim-users <exim-users@???> wrote:
>
> On 19/10/2023 07:53, Julian Waters via Exim-users wrote:
>> Since upgrading to Debian Bookworm
>
> That doesn't actually tell us what version of Exim. "exim -bV" will.
> Have you raised a Debian bug?
>
>> After reconfiguring from scratch a few times narrowed it down to this error in the exim4 mainlog:
>
>> 2023-10-19 19:45:43 SIGSEGV (fault address: 0x4)
>> 2023-10-19 19:45:43 SEGV_MAPERR
>> 2023-10-19 19:45:43 SIGSEGV (null pointer indirection)
>> 2023-10-19 19:45:43 SIGSEGV (1302999 handling incoming connection from [xx.xx.xx.xx]
>
> Not much to go on there apart from "it crashed". What was it doing
> at the time? Anything logged immediately before? If not, if you place
> a custom log line in the connect ACL, does it shoe up consistently
> before crashes?
>
> Can you run with debug?
> Can you get a coredump (note: Exim is usually run suid)?
>
> --
> Cheers,
> Jeremy
>
>
> --
> ## subscription configuration (requires account):
> ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@???
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
