Tag Archives: exim

Clear exim queue

The queue can be viewed with mailq, which is the same as exim -bp.
You can view individual messages using exim -Mvc <message-id>. Once you’re done, run

exim -bp | grep -Eo "[[:alnum:]]{6}-[[:alnum:]]{6}-[[:alnum:]]{2}" | xargs exim -Mrm

Exim: force retrying delivery of mail in local spool

My mail got stuck in the spool a few days ago due to misconfiguration of ~/.forward. After fixing the file, the commands to force retry of delivery are:

cd /var/spool/exim/msglog
exim -M *

or

exim -qf

Provided, of course, your shell is smart enough to do * expansion properly.

Exim 4.69 (or 4.71) ACL for SpamAssassin

I was having trouble with Exim not adding headers to SpamAssassin-checked emails. One day, when I should have really been doing something else, I read Chapter 40 of Exim’s specification, and all became clear.

Here’s what my appropriate ACL (in /etc/mail/exim.conf) looks now, almost completely by-the-book:

acl_check_data:
  
  # ...
  # malware section
  # ...
  
  # Add headers to a message if it is judged to be spam. Before enabling this,
  # you must install SpamAssassin. You may also need to set the spamd_address  
  # option above.
  
  # spams are never big and spamassassin can die on big emails, so we  
  # limit its use under 100kb  
  accept  condition = ${if >={$message_size}{100k}{yes}{no}}

  # put headers in all messages (no matter if spam or not)
  warn  spam = spamd:true
        add_header = X-Spam-Score: $spam_score ($spam_bar)
        add_header = X-Spam-Report: $spam_report
  
  # add second subject line with *SPAM* marker when message
  # is over threshold
  warn  spam = spamd
        add_header = Subject: *SPAM* $h_Subject:

  # reject spam at high scores (> 20)
  deny  message = This message scored $spam_score spam points.
        spam = spamd:true
        condition = ${if >{$spam_score_int}{200}{1}{0}}

  # Accept the message.
  accept

Kiddies playing

Here’s what exim caught:

> 2009-09-15 23:59:31 SMTP protocol synchronization error (input sent without waiting for greeting):
+rejected connection from H=[220.139.127.112] input="GET http://www.scanproxy.com:80/p-25.html
+HTTP/1.0\r\nContent-Type: text/html\r\nProxy-Connection: keep-alive\r\nHost: http://www.scanproxy.com\r\nAccept:
+image/gif,"
> 2009-09-15 23:59:32 SMTP protocol synchronization error (input sent without waiting for greeting):
+rejected connection from H=[220.139.127.112] input="0401"
> 2009-09-15 23:59:33 SMTP protocol synchronization error (input sent without waiting for greeting):
+rejected connection from H=[220.139.127.112] input="0501"

220.139.127.112 is Chunghwa Telecom Co., Ltd. in Taiwan.

SpamAssassin and Exim on Arch Linux: some config trouble

I had this happen – SA wasn’t reading user_prefs out of a proper home dir:

[12071] info: spamd: creating default_prefs: //.spamassassin/user_prefs
[12071] dbg: config: using "/.spamassassin" for user state dir
[12071] dbg: config: mkdir /.spamassassin failed: mkdir /.spamassassin: Permission denied at /usr/share/perl5/vendor_perl/Mail/SpamAssassin.pm line 1577
[12071] dbg: config: Permission denied
[12071] warn: config: cannot write to //.spamassassin/user_prefs: No such file or directory
[12071] info: spamd: failed to create readable default_prefs: //.spamassassin/user_prefs
[12071] dbg: config: read_scoreonly_config: cannot open "//.spamassassin/user_prefs": No such file or directory

I thought this was due to the way spamassassin was invoked, so I tried specifying the user and homedir explicitly. It didn’t work. I tried creating a ‘spamd’ user, a homedir, changing the invocation to that:

sudo spamd -c --max-children 3 --username spamd -H "/var/lib/spamassassin/" -s stderr -D

Didn’t help.

Then I RTFMed some. That reminded me of writing something about user ‘nobody’ in exim.conf. That’s the user for which spam filtering is invoked; so if you allow per-user configuration, it doesn’t really matter that you specify “/var/lib/spamassassin” as a homedir, that’s just for the parent spamd process. For every child, the directory will be changed; for ‘nobody’ it’s ‘/’.

So I changed that line to have ‘spamd’ instead, and voila!

[12071] info: spamd: creating default_prefs: /var/lib/spamassassin/.spamassassin/user_prefs
[12071] dbg: config: using "/var/lib/spamassassin/.spamassassin" for user state dir
[12071] warn: config: created user preferences file: /var/lib/spamassassin/.spamassassin/user_prefs
[12071] dbg: conf: finish parsing

Configuring Exim to use SpamAssassin in ArchLinux

There’s a lot of outdated stuff floating on the internets. This one was most useful to me.

Basically, if you install Exim and SA from pacman, you’ve already got everything enabled. Filtering spam is done via an Access Control List (the last one in exim.conf). Don’t bother with transports unless you’re sure you want them.

Add spamd to daemons in rc.conf. If you want reject logging, append

-s /var/log/spamd.log -D check

to the string in /etc/config.d/spamd.

Trouble retrieving mail from remote host

I couldn’t retrieve mail (with fetchmail) to exim. The two errors were:

1) Upon telnet localhost 25:
451Temporarily unavailable - please try again later
(As always, I forgot to save the exact messagei.)

This is what appeared in /var/log/exim/mainlog:

2008-12-22 17:57:17 temporarily refused connection from [127.0.0.1] (tcp wrappers errno=10)

2) When trying fetchmail -v, the connection to the server was made, but then message couldn’t be delivered to localhost:

fetchmail: SMTP connection to localhost failed (or something like that)

I tried everything, and later found out my hosts.allow was empty!

Put this in:

ALL: LOCAL 127.0.0.1

Read man, modify.