Mailscanner + Exim >= 4.73

Jonas jonas at vrt.dk
Fri Feb 18 12:30:31 GMT 2011


Hi George

> This is really an Exim question so feel free to tell me to ask elsewhere... ;-) It is
> related to my MailScanner configuration though.
> 
> Apparently Exim 4.73 will not allow any "-D" options by default and eventually
> the functionality will be removed. From mailing list post:
> 
> http://lists.exim.org/lurker/message/20101215.161702.fcdb3f77.gl.html
> ---
> +# By contrast, you might be maintaining a system which relies upon the
> ability
> +# to override values with -D and assumes that these will be passed
> through to
> +# the delivery processes.  As of Exim 4.73, this is no longer the case
> +by # default.  Going forward, we strongly recommend that you use a shim
> +Exim # configuration file owned by root stored under
> TRUSTED_CONFIG_PREFIX_LIST.
> +# That shim can set macros before .include'ing your main configuration
> file.
> +#
> +# As a strictly transient measure to ease migration to 4.73, the #
> +WHITELIST_D_MACROS value definies a colon-separated list of macro-names
> +# which are permitted to be overriden from the command-line which will
> +be # honoured by the Exim user.  So these are macros that can persist
> +to
> delivery
> +# time.
> +# Examples might be -DTLS or -DSPOOL=/some/dir.  The values on the #
> +command-line are filtered to only permit: [A-Za-z0-9_/.-]* # # This
> +option is highly likely to be removed in a future release.  It
> exists
> +# only to make 4.73 as easy as possible to migrate to.  If you use it,
> +we # encourage you to schedule time to rework your configuration to not
> +depend # upon it.  Most people should not need to use this.
> ---
> 
> I think I am already seeing symptoms of this on my Debian Squeeze box which
> relies (as per documentation of the rather old Debian MailScanner
> package) on the "-DOUTGING" option for the split pool configuration:
> ---
> scruffy:~# exim4 -bP -DOUTGOING spool_directory macros_trusted overriden
> to true by whitelisting spool_directory = /var/spool/exim4
> 
> vs
> 
> scruffy:~# exim4 -bP spool_directory
> spool_directory = /var/spool/exim4_incoming
> ---
> 
> I have only just noticed this an I am looking for some advice on how to "future-
> proof" my Mailscanner + Exim4 implementation.
> 
> The message above talks about a "shim configuration file" but I don't really
> understand what they are talking about there and how to use it for split pool
> configuration. :-(
> 
> Any pointers would be greatly appreciated.
> 

I'm not sure I have any pointers yet, I'm still on Debian Lenny and its patched exim 4.69.

I will face the same issues your describing soon so I'm also interested in what might be the smoothest solution.

I think Martin is right that the 2 different config file setup is one way to do it, think that have always been an option as far as I know.

But I think most people would prefer a 1 file solution, as we both run with currently.

So question is if anybody is going to come up with a fancy way to do that.

If not I guess you can always fall back on the 2 file solution.

Hoping to hear more about this soon.

Med venlig hilsen / Best regards
 
Jonas Akrouh Larsen
 
TechBiz ApS
Laplandsgade 4, 2. sal
2300 København S
 
Office: 7020 0979
Direct: 3336 9974
Mobile: 5120 1096
Fax:    7020 0978
Web: www.techbiz.dk




More information about the MailScanner mailing list