Bug#607576: closed by Andreas Metzler <ametzler at downhill.at.eu.org> (Re: Bug#607576: exim4-config: after upgrade, /etc/exim4/exim4.conf is present and breaks exim)
Andrew Pimlott
andrew at pimlott.net
Mon Apr 18 14:19:52 UTC 2011
A belated thank-you for informing me of this issue. I'm sure you are
right and it is correct to close the bug.
Andrew
Excerpts from owner's message of Sun Apr 17 10:06:04 -0700 2011:
> This is an automatic notification regarding your Bug report
> which was filed against the exim4 package:
>
> #607542: exim4-config: after upgrade, /etc/exim4/exim4.conf is present and breaks exim
>
> It has been closed by Andreas Metzler <ametzler at downhill.at.eu.org>.
>
> Their explanation is attached below along with your original report.
> If this explanation is unsatisfactory and you have not received a
> better one in a separate message then please contact Andreas Metzler <ametzler at downhill.at.eu.org> by
> replying to this email.
>
> On 2010-12-20 Andreas Metzler <ametzler at downhill.at.eu.org> wrote:
> [...]
> > Looks like your system has been hacked,
> [...]
>
> closing.
>
> cu andreas
> Package: exim4-config
> Version: 4.69-9+lenny1
> Severity: important
>
> I have a locally-compiled exim4-daemon-custom package, along with the
> standard exim4, exim4-base, and exim4-config packages. Recently, they were
> all at 4.69-9 when 4.69-9+lenny1 hit security. aptitude prompted me to
> upgrade exim4, exim4-base, and exim4-config from 4.69-9 -> 4.69-9+lenny1,
> and I accepted--probably foolishly, since exim4-daemon-custom was still at
> 4.69-9.
>
> The result was a major failure. All of my incoming mail that should have
> been delivered was rejected "relay not permitted". For every reject,
> mainlog had:
>
> 2010-12-18 06:27:22 no IP address found for host MAIN_RELAY_NETS (during SMTP connection from [69.147.233.108])
> 2010-12-18 06:27:22 H=[69.147.233.108] F=<webtop at jetline1.com> rejected RCPT <andrew at pimlott.net>: relay not permitted
>
> Actually, this did not happen right away, because the package updates didn't
> restart the daemon. It was only after a routine daemon restart that the
> failures started.
>
> I have resolved the problem, but I can't really figure out what happened.
> The odd thing I noticed is that when things weren't working, I had an
> /etc/exim4/exim4.conf. Since I've always used Debconf and the "split"
> configuration, I did not expect this file to be present. (But I am not
> positive it was not present before, and I don't have a convenient backup to
> check.) It looks like exim4 was taking this config file in preference to
> the auto-generated one. This exim4.conf is identical to
> exim4.conf.template, except for whitespace changes. Also, it is mode 0400
> and owned by Debian-exim. When I move this file out of the way, things
> start working again.
>
> So is it possible that my upgrade somehow created the exim4.conf that broke
> my configuration? I understand that getting my packages out of sync the way
> I did is probably not supported, but I would still like to get to the bottom
> of this.
>
> By the way, my custom package was for SRS and DomainKeys. I don't have a
> lot of custom configuration.
>
> Andrew
>
> -- Package-specific info:
> Exim version 4.69 #1 built 03-Jan-2010 17:26:17
> Copyright (c) University of Cambridge 2006
> Berkeley DB: Berkeley DB 4.6.21: (September 27, 2007)
> Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages Experimental_SRS Experimental_DomainKeys
> Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch nis nis0 passwd
> Authenticators: cram_md5 plaintext
> Routers: accept dnslookup ipliteral manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
> Fixed never_users: 0
> Size of off_t: 8
> Configuration file is /var/lib/exim4/config.autogenerated
> # /etc/exim4/update-exim4.conf.conf
> #
> # Edit this file and /etc/mailname by hand and execute update-exim4.conf
> # yourself or use 'dpkg-reconfigure exim4-config'
> #
> # Please note that this is _not_ a dpkg-conffile and that automatic changes
> # to this file might happen. The code handling this will honor your local
> # changes, so this is usually fine, but will break local schemes that mess
> # around with multiple versions of the file.
> #
> # update-exim4.conf uses this file to determine variable values to replace
> # the DEBCONFsomethingDEBCONF strings in the configuration template files.
> #
> # Most settings found in here do have corresponding questions in the
> # Debconf configuration, but not all of them.
> #
> # This is a Debian specific file
>
> dc_eximconfig_configtype='internet'
> dc_other_hostnames='pimlott.net;madstop.net'
> dc_local_interfaces=''
> dc_readhost=''
> dc_relay_domains=''
> dc_minimaldns='false'
> dc_relay_nets=''
> dc_smarthost=''
> CFILEMODE='644'
> dc_use_split_config='true'
> dc_hide_mailname=''
> dc_mailname_in_oh='true'
> dc_localdelivery='mail_spool'
> mailname:pimlott.net
>
> -- System Information:
> Debian Release: 5.0.7
> APT prefers stable
> APT policy: (500, 'stable')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.30.5-xenU (SMP w/1 CPU core)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
> Versions of packages exim4-config depends on:
> ii adduser 3.110 add and remove users and groups
> ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy
>
> exim4-config recommends no packages.
>
> exim4-config suggests no packages.
>
> -- debconf information:
> * exim4/dc_other_hostnames: pimlott.net;madstop.net
> * exim4/dc_eximconfig_configtype: internet site; mail is sent and received directly using SMTP
> exim4/dc_noalias_regenerate: false
> exim4/no_config: true
> exim4/hide_mailname:
> * exim4/dc_postmaster: andrew
> exim4/dc_smarthost:
> * exim4/dc_relay_domains:
> * exim4/dc_relay_nets:
> * exim4/mailname: pimlott.net
> exim4/dc_readhost:
> * exim4/use_split_config: true
> exim4/exim4-config-title:
> * exim4/dc_localdelivery: mbox format in /var/mail/
> * exim4/dc_local_interfaces:
> * exim4/dc_minimaldns: false
More information about the Pkg-exim4-maintainers
mailing list