rpms
/
exim
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

New version 

De-fuzzified patches
This commit is contained in:
Jaroslav Škarvada 2019-06-05 11:16:58 +02:00
parent 89cc74b43d
commit 8656a01853
16 changed files with 123 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
exim-4.91-allow-filter.patch → exim-4.92-allow-filter.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/configure.default b/src/configure.default
index 7d26076..ce3b3b0 100644
index cef3779..09f0b36 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -733,7 +733,7 @@ userforward:
@@ -810,7 +810,7 @@ userforward:
# local_part_suffix = +* : -*
# local_part_suffix_optional
file = $home/.forward

34
exim-4.91-config.patch → exim-4.92-config.patch
View File

@ -12,7 +12,7 @@ index 7e0bf38..c97ccec 100755
echo "" >>$mft
cat $mftt >> $mft
diff --git a/src/EDITME b/src/EDITME
index bd5151d..3ffc3a0 100644
index cbb0805..343d24a 100644
--- a/src/EDITME
+++ b/src/EDITME
@@ -98,7 +98,7 @@
@ -117,7 +117,7 @@ index bd5151d..3ffc3a0 100644
# If you have content scanning you may wish to only include some of the scanner
# interfaces. Uncomment any of these lines to remove that code.
@@ -590,7 +593,7 @@ FIXED_NEVER_USERS=root
@@ -595,7 +598,7 @@ FIXED_NEVER_USERS=root
# CONFIGURE_OWNER setting, to specify a configuration file which is listed in
# the TRUSTED_CONFIG_LIST file, then root privileges are not dropped by Exim.
@ -126,7 +126,7 @@ index bd5151d..3ffc3a0 100644
#------------------------------------------------------------------------------
@@ -635,17 +638,14 @@ FIXED_NEVER_USERS=root
@@ -640,17 +643,14 @@ FIXED_NEVER_USERS=root
# included in the Exim binary. You will then need to set up the run time
# configuration to make use of the mechanism(s) selected.
@ -152,7 +152,7 @@ index bd5151d..3ffc3a0 100644
# Heimdal through 1.5 required pkg-config 'heimdal-gssapi'; Heimdal 7.1
# requires multiple pkg-config files to work with Exim, so the second example
@@ -669,7 +669,7 @@ FIXED_NEVER_USERS=root
@@ -674,7 +674,7 @@ FIXED_NEVER_USERS=root
# one that is set in the headers_charset option. The default setting is
# defined by this setting:
@ -161,7 +161,7 @@ index bd5151d..3ffc3a0 100644
# If you are going to make use of $header_xxx expansions in your configuration
# file, or if your users are going to use them in filter files, and the normal
@@ -689,7 +689,7 @@ HEADERS_CHARSET="ISO-8859-1"
@@ -694,7 +694,7 @@ HEADERS_CHARSET="ISO-8859-1"
# the Sieve filter support. For those OS where iconv() is known to be installed
# as standard, the file in OS/Makefile-xxxx contains
#
@ -170,7 +170,7 @@ index bd5151d..3ffc3a0 100644
#
# If you are not using one of those systems, but have installed iconv(), you
# need to uncomment that line above. In some cases, you may find that iconv()
@@ -758,11 +758,11 @@ HEADERS_CHARSET="ISO-8859-1"
@@ -763,11 +763,11 @@ HEADERS_CHARSET="ISO-8859-1"
# leave these settings commented out.
# This setting is required for any TLS support (either OpenSSL or GnuTLS)
@ -185,7 +185,7 @@ index bd5151d..3ffc3a0 100644
# Uncomment the first and either the second or the third of these if you
# are using GnuTLS. If you have pkg-config, then the second, else the third.
@@ -834,7 +834,7 @@ HEADERS_CHARSET="ISO-8859-1"
@@ -839,7 +839,7 @@ HEADERS_CHARSET="ISO-8859-1"
# Once you have done this, "make install" will build the info files and
# install them in the directory you have defined.
@ -194,7 +194,7 @@ index bd5151d..3ffc3a0 100644
#------------------------------------------------------------------------------
@@ -847,7 +847,7 @@ HEADERS_CHARSET="ISO-8859-1"
@@ -852,7 +852,7 @@ HEADERS_CHARSET="ISO-8859-1"
# %s. This will be replaced by one of the strings "main", "panic", or "reject"
# to form the final file names. Some installations may want something like this:
@ -203,7 +203,7 @@ index bd5151d..3ffc3a0 100644
# which results in files with names /var/log/exim_mainlog, etc. The directory
# in which the log files are placed must exist; Exim does not try to create
@@ -919,7 +919,7 @@ ZCAT_COMMAND=/usr/bin/zcat
@@ -924,7 +924,7 @@ ZCAT_COMMAND=/usr/bin/zcat
# (version 5.004 or later) installed, set EXIM_PERL to perl.o. Using embedded
# Perl costs quite a lot of resources. Only do this if you really need it.
@ -212,7 +212,7 @@ index bd5151d..3ffc3a0 100644
#------------------------------------------------------------------------------
@@ -929,7 +929,7 @@ ZCAT_COMMAND=/usr/bin/zcat
@@ -934,7 +934,7 @@ ZCAT_COMMAND=/usr/bin/zcat
# that the local_scan API is made available by the linker. You may also need
# to add -ldl to EXTRALIBS so that dlopen() is available to Exim.
@ -221,7 +221,7 @@ index bd5151d..3ffc3a0 100644
#------------------------------------------------------------------------------
@@ -939,7 +939,7 @@ ZCAT_COMMAND=/usr/bin/zcat
@@ -944,7 +944,7 @@ ZCAT_COMMAND=/usr/bin/zcat
# support, which is intended for use in conjunction with the SMTP AUTH
# facilities, is included only when requested by the following setting:
@ -230,7 +230,7 @@ index bd5151d..3ffc3a0 100644
# You probably need to add -lpam to EXTRALIBS, and in some releases of
# GNU/Linux -ldl is also needed.
@@ -1047,7 +1047,7 @@ ZCAT_COMMAND=/usr/bin/zcat
@@ -1052,7 +1052,7 @@ ZCAT_COMMAND=/usr/bin/zcat
# group. Once you have installed saslauthd, you should arrange for it to be
# started by root at boot time.
@ -239,7 +239,7 @@ index bd5151d..3ffc3a0 100644
#------------------------------------------------------------------------------
@@ -1061,8 +1061,8 @@ ZCAT_COMMAND=/usr/bin/zcat
@@ -1066,8 +1066,8 @@ ZCAT_COMMAND=/usr/bin/zcat
# library for TCP wrappers, so you probably need something like this:
#
# USE_TCP_WRAPPERS=yes
@ -250,7 +250,7 @@ index bd5151d..3ffc3a0 100644
#
# but of course there may need to be other things in CFLAGS and EXTRALIBS_EXIM
# as well.
@@ -1114,7 +1114,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
@@ -1119,7 +1119,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
# is "yes", as well as supporting line editing, a history of input lines in the
# current run is maintained.
@ -259,7 +259,7 @@ index bd5151d..3ffc3a0 100644
# You may need to add -ldl to EXTRALIBS when you set USE_READLINE=yes.
# Note that this option adds to the size of the Exim binary, because the
@@ -1131,7 +1131,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
@@ -1136,7 +1136,7 @@ SYSTEM_ALIASES_FILE=/etc/aliases
#------------------------------------------------------------------------------
# Uncomment this setting to include IPv6 support.
@ -268,7 +268,7 @@ index bd5151d..3ffc3a0 100644
###############################################################################
# THINGS YOU ALMOST NEVER NEED TO MENTION #
@@ -1152,13 +1152,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases
@@ -1157,13 +1157,13 @@ SYSTEM_ALIASES_FILE=/etc/aliases
# haven't got Perl, Exim will still build and run; you just won't be able to
# use those utilities.
@ -289,7 +289,7 @@ index bd5151d..3ffc3a0 100644
#------------------------------------------------------------------------------
@@ -1360,7 +1360,7 @@ EXIM_TMPDIR="/tmp"
@@ -1365,7 +1365,7 @@ EXIM_TMPDIR="/tmp"
# (process id) to a file so that it can easily be identified. The path of the
# file can be specified here. Some installations may want something like this:

4
exim-4.91-cyrus.patch → exim-4.92-cyrus.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/configure.default b/src/configure.default
index 78e44d2..ae50b15 100644
index 69e0ed1..6db4947 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -774,6 +774,16 @@ address_reply:
@@ -901,6 +901,16 @@ address_reply:
driver = autoreply

2
exim-4.91-dane-enable.patch → exim-4.92-dane-enable.patch
View File

@ -1,5 +1,5 @@
diff --git a/src/EDITME b/src/EDITME
index ec04a22..38f0881 100644
index d8c4fad..37bb3ab 100644
--- a/src/EDITME
+++ b/src/EDITME
@@ -370,7 +370,7 @@ PCRE_CONFIG=yes

27
exim-4.91-dlopen-localscan.patch → exim-4.92-dlopen-localscan.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/EDITME b/src/EDITME
index 25d96ce..6f8e99f 100644
index 343d24a..a588b25 100644
--- a/src/EDITME
+++ b/src/EDITME
@@ -818,6 +818,20 @@ TLS_LIBS=-lssl -lcrypto
@@ -823,6 +823,20 @@ TLS_LIBS=-lssl -lcrypto
# specified in INCLUDE.
@ -24,7 +24,7 @@ index 25d96ce..6f8e99f 100644
# The default distribution of Exim contains only the plain text form of the
# documentation. Other forms are available separately. If you want to install
diff --git a/src/config.h.defaults b/src/config.h.defaults
index ce478d5..6ce0d45 100644
index 7c2e534..3fafe61 100644
--- a/src/config.h.defaults
+++ b/src/config.h.defaults
@@ -32,6 +32,8 @@ Do not put spaces between # and the 'define'.
@ -37,10 +37,10 @@ index ce478d5..6ce0d45 100644
#define CONFIGURE_FILE
diff --git a/src/globals.c b/src/globals.c
index 7d18b38..438c993 100644
index b3362a3..0884fe5 100644
--- a/src/globals.c
+++ b/src/globals.c
@@ -167,6 +167,10 @@ uschar *tls_verify_hosts = NULL;
@@ -173,6 +173,10 @@ uschar *tls_verify_hosts = NULL;
uschar *tls_advertise_hosts = NULL;
#endif
@ -52,10 +52,10 @@ index 7d18b38..438c993 100644
/* Per Recipient Data Response variables */
BOOL prdr_enable = FALSE;
diff --git a/src/globals.h b/src/globals.h
index da1230b..b9f0155 100644
index f71f104..3faf176 100644
--- a/src/globals.h
+++ b/src/globals.h
@@ -126,6 +126,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */
@@ -131,6 +131,11 @@ extern uschar *tls_try_verify_hosts; /* Optional client verification */
extern uschar *tls_verify_certificates;/* Path for certificates to check */
extern uschar *tls_verify_hosts; /* Mandatory client verification */
#endif
@ -68,10 +68,10 @@ index da1230b..b9f0155 100644
extern uschar *dsn_envid; /* DSN envid string */
diff --git a/src/local_scan.c b/src/local_scan.c
index 3500047..8599172 100644
index 4dd0b2b..8599172 100644
--- a/src/local_scan.c
+++ b/src/local_scan.c
@@ -5,60 +5,131 @@
@@ -5,61 +5,131 @@
/* Copyright (c) University of Cambridge 1995 - 2009 */
/* See the file NOTICE for conditions of use and distribution. */
@ -83,6 +83,7 @@ index 3500047..8599172 100644
-Local/local_scan.c, and edit the copy. To use your version instead of the
-default, you must set
-
-HAVE_LOCAL_SCAN=yes
-LOCAL_SCAN_SOURCE=Local/local_scan.c
-
-in your Local/Makefile. This makes it easy to copy your version for use with
@ -251,16 +252,16 @@ index 3500047..8599172 100644
+
/* End of local_scan.c */
diff --git a/src/readconf.c b/src/readconf.c
index cbbef6e..da3421a 100644
index 5742d10..3f1d9c1 100644
--- a/src/readconf.c
+++ b/src/readconf.c
@@ -195,6 +195,9 @@ static optionlist optionlist_config[] = {
@@ -199,6 +199,9 @@ static optionlist optionlist_config[] = {
{ "local_from_prefix", opt_stringptr, &local_from_prefix },
{ "local_from_suffix", opt_stringptr, &local_from_suffix },
{ "local_interfaces", opt_stringptr, &local_interfaces },
+#ifdef DLOPEN_LOCAL_SCAN
+ { "local_scan_path", opt_stringptr, &local_scan_path },
+#endif
#ifdef HAVE_LOCAL_SCAN
{ "local_scan_timeout", opt_time, &local_scan_timeout },
{ "local_sender_retain", opt_bool, &local_sender_retain },
{ "localhost_number", opt_stringptr, &host_number_string },
#endif

4
exim-4.90.1-environment.patch → exim-4.92-environment.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/configure.default b/src/configure.default
index b955c6e..590c664 100644
index 241a961..1403d4a 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -360,8 +360,8 @@ timeout_frozen_after = 7d
@@ -384,8 +384,8 @@ timeout_frozen_after = 7d
# Note that TZ is handled separately by the timezone runtime option
# and TIMEZONE_DEFAULT buildtime option.

29
exim-4.91-greylist-conf.patch → exim-4.92-greylist-conf.patch
View File

@ -1,16 +1,16 @@
diff --git a/src/configure.default b/src/configure.default
index f1260cf..05e9371 100644
index 9242bac..eabf102 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -107,6 +107,7 @@ hostlist relay_from_hosts = localhost
@@ -119,6 +119,7 @@ hostlist relay_from_hosts = localhost
# manual for details. The lists above are used in the access control lists for
# checking incoming messages. The names of these ACLs are defined here:
+acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
@@ -371,6 +372,29 @@ timeout_frozen_after = 7d
+acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
.ifdef _HAVE_PRDR
acl_smtp_data_prdr = acl_check_prdr
@@ -395,6 +396,29 @@ timeout_frozen_after = 7d
begin acl
@ -40,7 +40,7 @@ index f1260cf..05e9371 100644
# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.
@@ -496,7 +520,8 @@ acl_check_rcpt:
@@ -520,7 +544,8 @@ acl_check_rcpt:
# There are no default checks on DNS black lists because the domains that
# contain these lists are changing all the time. However, here are two
# examples of how you can get Exim to perform a DNS black list lookup at this
@ -50,7 +50,7 @@ index f1260cf..05e9371 100644
#
# deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
# dnslists = black.list.example
@@ -504,6 +529,10 @@ acl_check_rcpt:
@@ -528,6 +553,10 @@ acl_check_rcpt:
# warn dnslists = black.list.example
# add_header = X-Warning: $sender_host_address is in a black list at $dnslist_domain
# log_message = found in $dnslist_domain
@ -61,8 +61,8 @@ index f1260cf..05e9371 100644
#############################################################################
#############################################################################
@@ -517,6 +546,10 @@ acl_check_rcpt:
# require verify = csa
@@ -554,6 +583,10 @@ acl_check_rcpt:
# set acl_m_content_filter = ${lookup PER_RCPT_CONTENT_FILTER}
#############################################################################
+ # Alternatively, greylist for it:
@ -72,7 +72,7 @@ index f1260cf..05e9371 100644
# At this point, the address has passed all the checks that have been
# configured, so we accept it unconditionally.
@@ -555,6 +588,12 @@ acl_check_data:
@@ -612,6 +645,12 @@ acl_check_data:
# deny condition = ${if !def:h_Message-ID: {1}}
# message = RFC2822 says that all mail SHOULD have a Message-ID header.\n\
# Most messages without it are spam, so your mail has been rejected.
@ -85,7 +85,7 @@ index f1260cf..05e9371 100644
# Deny if the message contains a virus. Before enabling this check, you
# must install a virus scanner and set the av_scanner option above.
@@ -589,8 +628,30 @@ acl_check_data:
@@ -658,8 +697,31 @@ acl_check_data:
# message = Your message scored $spam_score SpamAssassin point. Report follows:\n\
# $spam_report
@ -113,6 +113,7 @@ index f1260cf..05e9371 100644
+# To enable the greylisting, also uncomment this line:
+# .include /etc/exim/exim-greylist.conf.inc
+
acl_check_mime:
# File extension filtering.

4
exim-4.87-localhost-is-local.patch → exim-4.92-localhost-is-local.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/configure.default b/src/configure.default
index d1ce2f1..1f10008 100644
index 09f0b36..9242bac 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -55,7 +55,7 @@
@@ -67,7 +67,7 @@
# +local_domains, +relay_to_domains, and +relay_from_hosts, respectively. They
# are all colon-separated lists:

18
exim-4.91-pamconfig.patch → exim-4.92-pamconfig.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/configure.default b/src/configure.default
index ae50b15..6966ad3 100644
index 6db4947..f1198b1 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -142,7 +142,7 @@ acl_smtp_data = acl_check_data
@@ -157,7 +157,7 @@ acl_smtp_data = acl_check_data
# Allow any client to use TLS.
@ -11,7 +11,7 @@ index ae50b15..6966ad3 100644
# Specify the location of the Exim server's TLS certificate and private key.
# The private key must not be encrypted (password protected). You can put
@@ -150,8 +150,8 @@ acl_smtp_data = acl_check_data
@@ -165,8 +165,8 @@ acl_smtp_data = acl_check_data
# need the first setting, or in separate files, in which case you need both
# options.
@ -22,7 +22,7 @@ index ae50b15..6966ad3 100644
# For OpenSSL, prefer EC- over RSA-authenticated ciphers
# tls_require_ciphers = ECDSA:RSA:!COMPLEMENTOFDEFAULT
@@ -165,8 +165,8 @@ acl_smtp_data = acl_check_data
@@ -180,8 +180,8 @@ acl_smtp_data = acl_check_data
# them you should also allow TLS-on-connect on the traditional but
# non-standard port 465.
@ -33,7 +33,7 @@ index ae50b15..6966ad3 100644
# Specify the domain you want to be added to all unqualified addresses
@@ -224,6 +224,24 @@ never_users = root
@@ -239,6 +239,24 @@ never_users = root
host_lookup = *
@ -56,9 +56,9 @@ index ae50b15..6966ad3 100644
+#
+auth_advertise_hosts =
# The settings below cause Exim to make RFC 1413 (ident) callbacks
# for all incoming SMTP calls. You can limit the hosts to which these
@@ -853,7 +871,7 @@ begin authenticators
# The setting below causes Exim to try to initialize the system resolver
# library with DNSSEC support. It has no effect if your library lacks
@@ -980,7 +998,7 @@ begin authenticators
# driver = plaintext
# server_set_id = $auth2
# server_prompts = :
@ -67,7 +67,7 @@ index ae50b15..6966ad3 100644
# server_advertise_condition = ${if def:tls_in_cipher }
# LOGIN authentication has traditional prompts and responses. There is no
@@ -865,7 +883,7 @@ begin authenticators
@@ -992,7 +1010,7 @@ begin authenticators
# driver = plaintext
# server_set_id = $auth1
# server_prompts = <| Username: | Password:

14
exim-4.91-procmail.patch → exim-4.92-procmail.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/configure.default b/src/configure.default
index dd5bfeb..7d26076 100644
index 8f88a3b..cef3779 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -741,6 +741,12 @@ userforward:
@@ -818,6 +818,12 @@ userforward:
pipe_transport = address_pipe
reply_transport = address_reply
@ -15,9 +15,9 @@ index dd5bfeb..7d26076 100644
# This router matches local user mailboxes. If the router fails, the error
# message is "Unknown user".
@@ -782,6 +788,16 @@ remote_smtp:
driver = smtp
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
@@ -866,6 +872,16 @@ remote_smtp:
hosts_try_prdr = *
.endif
+# This transport invokes procmail to deliver mail
+procmail:
@ -30,5 +30,5 @@ index dd5bfeb..7d26076 100644
+ initgroups
+ return_output
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format. By default it will be run under the uid and gid of the
# This transport is used for delivering messages to a smarthost, if the
# smarthost router is enabled. This starts from the same basis as

6
exim-4.91-rhl.patch → exim-4.92-rhl.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/configure.default b/src/configure.default
index 79bbc8c..78e44d2 100644
index 555dec3..69e0ed1 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -639,7 +639,7 @@ system_aliases:
@@ -718,7 +718,7 @@ system_aliases:
driver = redirect
allow_fail
allow_defer
@ -11,7 +11,7 @@ index 79bbc8c..78e44d2 100644
# user = exim
file_transport = address_file
pipe_transport = address_pipe
@@ -740,8 +740,8 @@ local_delivery:
@@ -867,8 +867,8 @@ local_delivery:
delivery_date_add
envelope_to_add
return_path_add

12
exim-4.91-smarthost-config.patch → exim-4.92-smarthost-config.patch
View File

@ -1,10 +1,10 @@
diff --git a/src/configure.default b/src/configure.default
index 05e9371..5e61818 100644
index eabf102..db2d98a 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -849,6 +849,15 @@ remote_smtp:
driver = smtp
message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}
@@ -934,6 +934,15 @@ remote_smtp:
hosts_try_prdr = *
.endif
+# This transport is used for delivering messages over SMTP using the
+# "message submission" port (RFC4409).
@ -18,7 +18,7 @@ index 05e9371..5e61818 100644
# This transport invokes procmail to deliver mail
procmail:
driver = pipe
@@ -957,6 +966,21 @@ begin rewrite
@@ -1083,6 +1092,21 @@ begin rewrite
# AUTHENTICATION CONFIGURATION #
######################################################################
@ -40,7 +40,7 @@ index 05e9371..5e61818 100644
# The following authenticators support plaintext username/password
# authentication using the standard PLAIN mechanism and the traditional
# but non-standard LOGIN mechanism, with Exim acting as the server.
@@ -972,7 +996,7 @@ begin rewrite
@@ -1098,7 +1122,7 @@ begin rewrite
# The default RCPT ACL checks for successful authentication, and will accept
# messages from authenticated users from anywhere on the Internet.

36
exim-4.91-spamdconf.patch → exim-4.92-spamdconf.patch
View File

@ -1,16 +1,16 @@
diff --git a/src/configure.default b/src/configure.default
index 6966ad3..dd5bfeb 100644
index f1198b1..8f88a3b 100644
--- a/src/configure.default
+++ b/src/configure.default
@@ -109,6 +109,7 @@ hostlist relay_from_hosts = localhost
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
@@ -124,6 +124,7 @@ acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data_prdr = acl_check_prdr
.endif
acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
# You should not change those settings until you understand how ACLs work.
@@ -121,7 +122,7 @@ acl_smtp_data = acl_check_data
@@ -136,7 +137,7 @@ acl_smtp_data = acl_check_data
# of what to set for other virus scanners. The second modification is in the
# acl_check_data access control list (see below).
@ -19,7 +19,7 @@ index 6966ad3..dd5bfeb 100644
# For spam scanning, there is a similar option that defines the interface to
@@ -434,7 +435,8 @@ acl_check_rcpt:
@@ -458,7 +459,8 @@ acl_check_rcpt:
accept local_parts = postmaster
domains = +local_domains
@ -29,9 +29,9 @@ index 6966ad3..dd5bfeb 100644
require verify = sender
@@ -544,27 +546,63 @@ acl_check_data:
message = header syntax
log_message = header syntax ($acl_verify_message)
@@ -601,21 +603,26 @@ acl_check_data:
message = header syntax
log_message = header syntax ($acl_verify_message)
+ # Put simple tests first. A good one is to check for the presence of a
+ # Message-Id: header, which RFC2822 says SHOULD be present. Some broken
@ -62,7 +62,12 @@ index 6966ad3..dd5bfeb 100644
+ # accept condition = ${if >={$message_size}{100000} {1}}
+ # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size
- # Accept the message.
#############################################################################
# No more tests if PRDR was actively used.
@@ -629,11 +636,40 @@ acl_check_data:
# condition = ...
#############################################################################
+ # Run SpamAssassin, but allow for it to fail or time out. Add a warning message
+ # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA
+ # score exceeds the SA system threshold.
@ -73,7 +78,8 @@ index 6966ad3..dd5bfeb 100644
+ # accept condition = ${if !def:spam_score_int {1}}
+ # add_header = X-Spam-Note: SpamAssassin invocation failed
+ #
+
- # Accept the message.
+ # Unconditionally add score and report headers
+ #
+ # warn add_header = X-Spam-Score: $spam_score ($spam_bar)\n\
@ -87,7 +93,6 @@ index 6966ad3..dd5bfeb 100644
accept
+acl_check_mime:
+
+ # File extension filtering.
@ -98,7 +103,6 @@ index 6966ad3..dd5bfeb 100644
+ {1}{0}}
+
+ accept
+
######################################################################
# ROUTERS CONFIGURATION #

4
exim-4.91-support-proxies.patch → exim-4.92-support-proxies.patch
View File

@ -1,8 +1,8 @@
diff --git a/src/EDITME b/src/EDITME
index 6f8e99f..ec04a22 100644
index a588b25..d8c4fad 100644
--- a/src/EDITME
+++ b/src/EDITME
@@ -965,12 +965,12 @@ SUPPORT_PAM=yes
@@ -970,12 +970,12 @@ SUPPORT_PAM=yes
# If you may want to use outbound (client-side) proxying, using Socks5,
# uncomment the line below.

36
exim.spec
View File

@ -14,8 +14,8 @@
Summary: The exim mail transfer agent
Name: exim
Version: 4.91
Release: 3%{?dist}
Version: 4.92
Release: 1%{?dist}
License: GPLv2+
Url: http://www.exim.org/
Group: System Environment/Daemons
@ -52,23 +52,23 @@ Source25: exim-gen-cert
Source26: clamd.exim.service
%endif
Patch4: exim-4.91-rhl.patch
Patch6: exim-4.91-config.patch
Patch4: exim-4.92-rhl.patch
Patch6: exim-4.92-config.patch
Patch8: exim-4.82-libdir.patch
Patch12: exim-4.91-cyrus.patch
Patch13: exim-4.91-pamconfig.patch
Patch14: exim-4.91-spamdconf.patch
Patch18: exim-4.91-dlopen-localscan.patch
Patch19: exim-4.91-procmail.patch
Patch20: exim-4.91-allow-filter.patch
Patch21: exim-4.87-localhost-is-local.patch
Patch22: exim-4.91-greylist-conf.patch
Patch23: exim-4.91-smarthost-config.patch
Patch12: exim-4.92-cyrus.patch
Patch13: exim-4.92-pamconfig.patch
Patch14: exim-4.92-spamdconf.patch
Patch18: exim-4.92-dlopen-localscan.patch
Patch19: exim-4.92-procmail.patch
Patch20: exim-4.92-allow-filter.patch
Patch21: exim-4.92-localhost-is-local.patch
Patch22: exim-4.92-greylist-conf.patch
Patch23: exim-4.92-smarthost-config.patch
Patch26: exim-4.85-pic.patch
Patch27: exim-4.90.1-environment.patch
Patch27: exim-4.92-environment.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1542870
Patch34: exim-4.91-support-proxies.patch
Patch35: exim-4.91-dane-enable.patch
Patch34: exim-4.92-support-proxies.patch
Patch35: exim-4.92-dane-enable.patch
Requires: /etc/pki/tls/certs /etc/pki/tls/private
Requires: /etc/aliases
@ -620,6 +620,10 @@ test "$1" = 0 || %{_initrddir}/clamd.exim condrestart >/dev/null 2>&1 || :
%{_sysconfdir}/cron.daily/greylist-tidy.sh
%changelog
* Tue Jun 4 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 4.92-1
- New version
- De-fuzzified patches
* Wed Mar 27 2019 Jaroslav Škarvada <jskarvad@redhat.com> - 4.91-3
- Enabled DANE support
Resolves: rhbz#1693202

2
sources
View File

@ -1,2 +1,2 @@
SHA512 (exim-4.92.tar.xz) = 62c327e6184a358ba7f0dbc38b44d2537234be91727a5bfac97e74af64a8d77e376b3221dcfdd8f6eca7d812f9233595503dc6e50e2972bed40a1b74eb209c31
SHA512 (sa-exim-4.2.tar.gz) = 2c1839c4d897bf65d19c754bbc9dc0674276ccad4a564c639591396afc23f1456decceec94817f62ee9b688f5d6d90436d3d47c869e04a69c955b1376c9fbd7b
SHA512 (exim-4.91.tar.xz) = 35b34dda8dd0f27c0429e6eb8409756ecd3cf9e535bac421d696b1560db0ff3bf4cd0e4a00bc0b7e32137d31bb5de20776c7c1830ec125aa36b5c4376b0c71a2