From rwickberg at gmail.com Tue Jan 3 16:02:13 2006 From: rwickberg at gmail.com (Robert Wickberg) Date: Tue, 3 Jan 2006 19:02:13 -0500 Subject: [SA-exim] "Unknown Failure" Message-ID: <7468e6d50601031602q1a05181cx2108d963067e7674@mail.gmail.com> I have exim4 installed on my up to date debian testing box. Now I installed SA and SA-exim, and changed pretty much nothing except commenting out that one line in sa-exim.conf necessary to get sa-exim to start working. Now my incoming mail headers contain the following: X-SA-Exim-Connect-IP: 209.198.87.109 X-SA-Exim-Mail-From: wickberg at sover.net and X-SA-Exim-Version: 4.2 (built Thu, 03 Mar 2005 10:44:12 +0100) X-SA-Exim-Scanned: No (on localhost.localdomain); Unknown failure Can anyone tell me what's happening, or at least give me a method to troubleshoot? I take it from trying to do a google search on SA-exim and "Unknown Failure" that this isn't an uncommon problem, as what I got back was a lot of mail in mail archives that has this in the header, and nothing much helpful. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.merlins.org/archives/sa-exim/attachments/20060103/0b0d17d6/attachment.htm From marc at merlins.org Wed Jan 11 23:16:34 2006 From: marc at merlins.org (Marc MERLIN) Date: Wed, 11 Jan 2006 23:16:34 -0800 Subject: [SA-exim] SA-Exim 4.2.1 released (security update) Message-ID: <20060112071634.GA5522@merlins.org> Thanks to a report from Chris Morris, I confirmed that sa-exim 4.2 had indeed an unsafe cronjob which didn't properly delete duplets with spaces (I thought I meant to have removed spaces in Greylisting.pm, but failed to do so) Also, the log cleaning cron job has no reason to run as root anyway, so I'm now recomending that it run as the spamd user (nobody in most cases) Since the cronjob in shell was a bad idea anyway, I've used the opportunity to upgrade to Mark Lawrence's contributed perl cronjob which does the job in a saner way anyway. If you do not use the old /etc/cron.hourly/greylistclean cron job, you don't have to upgrade. You can also apply one of the following fixes instead of upgrading: --- ../sa-exim-4.2/Greylisting.pm Thu Dec 2 18:44:12 2004 +++ Greylisting.pm Mon Jan 9 08:30:12 2006 @@ -153,14 +153,14 @@ # resource expensive) # envfrom could be cleaned outside of the loop, but the other method # options might now want that - $envfrom =~ tr/!#%( )*+,-.0123456789:<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~/_/c; + $envfrom =~ tr/!#%()*+,-.0123456789:<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~/_/c; # clean variables to run properly under -T $envfrom =~ /(.+)/; $tmpvar = ($1 or ""); # work around bug in perl untaint in perl 5.8 $envfrom=undef; $envfrom=$tmpvar; - $rcptto =~ tr/!#%( )*+,-.0123456789:<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~/_/c; + $rcptto =~ tr/!#%()*+,-.0123456789:<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_abcdefghijklmnopqrstuvwxyz{|}~/_/c; $rcptto =~ /(.+)/; $tmpvar = ($1 or ""); $rcptto=undef; Or remove /etc/cron.hourly/greylistclean, download and install http://marc.merlins.org/linux/exim/files/sa-exim-cvs/greylistclean instead But of course, you are otherwise welcome to upgrade, there shouldn't be any other changes in the code. Changelog * 2006/01/09 - v4.2.1 (sa-exim.tar.gz or local_scan only) Security update (reported by Chris Morris) * Modified Greylisting.pm not to generate tuplets with spaces, although the cleaning cron job is now safe with regard to whitespace * Included Mark Lawrence's perl script to better clean old tuplets * Highly recommend to run under the least necessary priviledge: the exim user (mail, exim, Debian-exim) instead of root Downloads: http://marc.merlins.org/linux/exim/sa.html http://sourceforge.net/projects/sa-exim/ Deb package is here: http://marc.merlins.org/linux/exim/files/debian/ (compiled against unstable, you might have to rebuild for testing/stable, or wait for official deb packages from Sander Smeenk) Sorry about the screwup, it'll teach me to make releases while on Xmas vacation Marc -- "A mouse is a device used to point at the xterm you want to type in" - A.S.R. Microsoft is to operating systems & security .... .... what McDonalds is to gourmet cooking Home page: http://marc.merlins.org/ | Finger marc_f at merlins.org for PGP key