Jul 03 2009

Using TLS with Exim on Debian

This article describes how to enable TLS support for Exim as server on Debian with the split configuration model. /usr/share/doc/exim4-config/README.Debian.gz already contains a fairly good description of that setup (currently in section 2.2).

First step is to put the SSL key and SSL certificate into /etc/exim4:

erebus:/etc/exim4# ls -l exim.*
-rw-r----- 1 root Debian-exim 960 2009-07-03 11:10 exim.crt
-rw-r----- 1 root Debian-exim 887 2009-07-03 11:10 exim.key

Jun 09 2009

Error Diagnosis on Pipe Transports

Maildrop exits in certain cases with exit code 75. This signals a temporary error to Exim, but no further
explanation can be learned from the exim log file:

2009-06-09 11:58:32 1MDy6C-0003Lm-Ky == racke@linuxia.de R=virtualuser T=vinson_virtualuser_drop defer (0): Child process of vinson_virtualuser_drop transport returned 75 (could mean temporary error) from command: /usr/bin/maildrop

For better diagnosis, add the log_defer_output and log_fail_output options
to the corresponding pipe transport, e.g.:

Oct 22 2008

Mail Server Configuration

Keep your mail server from blacklists.

Spamhaus is used by a lot of email providers, e.g. GMX and Yahoo, to refuse incoming emails from
IPs listed there.

You can check the Spamhaus blacklists (SBL,PBL, XBL) at http://www.spamhaus.org/query/bl?ip=IP.

Instructions for avoiding the CBL are here.
The answer to the HELO should be fully qualified domain name (e.g. "mail.linuxia.de"), with correct reverse DNS lookup.

Apr 16 2008

Monitoring Exim's Mail Queue with Nagios

There is a plugin at Nagios Exchange to monitor Exim's Mail Queue:


Put this script into your Nagios plugin directory. Adjust the paths to utils.sh and the exim binary if necessary.

On Debian you need to install nagios-plugins-basic first and use the following

. /usr/lib/nagios/plugins/utils.sh


Install sudo if necessary.

Jun 15 2007

SPAM attack through vulnerable PHP script

One of my customers reported this morning that their webserver was unusually slow. I discovered that it was abused for sending SPAM through web forms. The PHP script processing these forms lacked proper input sanitization. After disabling the script by renaming its mail function I deleted almost 1000 of SPAM emails from the queue:

xxx:/var/spool/exim4/input# grep -l "Email von yyy.zz:" *-D | perl -pe 's/-D$//' | xargs exim -Mrm

Jun 06 2007

Delays on Email Delivery

To avoid unnecessary DNS lookups for the hostname of the machine, define primary hostname:

primary_hostname = linuxia.de

Or you can use on of the alternatives described at: