Mailscanner + Exim >= 4.73

[George B.]

On 18/02/11 12:30, Jonas wrote:
> I'm not sure I have any pointers yet, I'm still on Debian Lenny and its patched exim 4.69.
>
> I will face the same issues your describing soon so I'm also interested in what might be the smoothest solution.

Hi Jonas,

I think moving from Lenny to Squeeze is OK - my split queue system still 
continues to work (I only saw the error because my patched 
/etc/cron.daily/exim4-base script mails it to me every day).

Looking at the docs it seems Debian package managers took good care of 
us yet again and specifically whitelisted "OUTGOING". From 
/usr/share/doc/exim4-daemon-light/NEWS.Debian.gz
---
   If exim is invoked with the -C or -D option the daemon will not regain
   root privileges though re-execution. This is usually necessary for local
   delivery, though. Therefore it is generally not possible anymore to 
run an
   exim daemon with -D or -C options.

   However this version of exim has been built with
   TRUSTED_CONFIG_LIST=/etc/exim4/trusted_configs. TRUSTED_CONFIG_LIST
   defines a list of configuration files which are trusted; if a config file
   is owned by root and matches a pathname in the list, then it may be
   invoked by the Exim build-time user without Exim relinquishing root
   privileges.

   As a hotfix to not break existing installations of mailscanner we have
   also set WHITELIST_D_MACROS=OUTGOING. i.e. it is still possible to start
   exim with -DOUTGOING while being able to do local deliveries.

   If you previously were using -D switches you will need to change your
   setup to use a separate configuration file. The ".include" mechanism
   makes this easy.
---


Best regards,

George.