We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Problem after upgrade to exim-4.94-1.el7 on CentOS 7 Topic is solved
Problem after upgrade to exim-4.94-1.el7 on CentOS 7
Hi,
after upgrading to the newest epel release exim-4-94-1.el7 exim stops working and starts complaining in the log.
Sending email:
sender verify defer for <[email protected]>: failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
Receiving email:
2020-06-18 11:47:08 Tainted filename for search: '/etc/exim/domains/myfancydomain.com/aliases'
2020-06-18 11:47:08 H=stp.vestacp.com [188.226.163.96] X=TLS1.2:DHE-RSA-AES128-SHA:128 CV=no F=<[email protected]> temporarily rejected RCPT <[email protected]>: failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
Is there any solution to fix the config? As far as I found out this is caused by exim 4.94 that stops using tainted $local_part variable as local filename for delivery. This seems to be already fixed on Debian accordingly to https://launchpad.net/debian/+source/exim4/+changelog but now it´s live on Epel and there is no availability to downgrade to the older version via Epel.
If you want to downgrade on CentOS 7 and get back the working version exim-4.93-3.el7.x86_64.rpm do the following:
wget https://ca1.dynanode.net/exim-4.93-3.el7.x86_64.rpm
rpm -Uvh --oldpackage exim-4.93-3.el7.x86_64.rpm
after upgrading to the newest epel release exim-4-94-1.el7 exim stops working and starts complaining in the log.
Sending email:
sender verify defer for <[email protected]>: failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
Receiving email:
2020-06-18 11:47:08 Tainted filename for search: '/etc/exim/domains/myfancydomain.com/aliases'
2020-06-18 11:47:08 H=stp.vestacp.com [188.226.163.96] X=TLS1.2:DHE-RSA-AES128-SHA:128 CV=no F=<[email protected]> temporarily rejected RCPT <[email protected]>: failed to expand "${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}": NULL
Is there any solution to fix the config? As far as I found out this is caused by exim 4.94 that stops using tainted $local_part variable as local filename for delivery. This seems to be already fixed on Debian accordingly to https://launchpad.net/debian/+source/exim4/+changelog but now it´s live on Epel and there is no availability to downgrade to the older version via Epel.
If you want to downgrade on CentOS 7 and get back the working version exim-4.93-3.el7.x86_64.rpm do the following:
wget https://ca1.dynanode.net/exim-4.93-3.el7.x86_64.rpm
rpm -Uvh --oldpackage exim-4.93-3.el7.x86_64.rpm
Last edited by peters on Fri Jun 19, 2020 10:51 pm, edited 1 time in total.
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
Additional Info:
https://git.exim.org/exim.git/blob/HEAD ... E.UPDATING
29 Exim version 4.94
30 -----------------
31
32 Some Transports now refuse to use tainted data in constructing their delivery
33 location; this WILL BREAK configurations which are not updated accordingly.
34 In particular: any Transport use of $local_part which has been relying upon
35 check_local_user far away in the Router to make it safe, should be updated to
36 replace $local_part with $local_part_data.
37
38 Attempting to remove, in router or transport, a header name that ends with
39 an asterisk (which is a standards-legal name) will now result in all headers
40 named starting with the string before the asterisk being removed. We recommend
41 staying away from such names, if they are private ones (and in case of future
42 enhancements, alao header names that look like REs).
https://git.exim.org/exim.git/blob/HEAD ... E.UPDATING
29 Exim version 4.94
30 -----------------
31
32 Some Transports now refuse to use tainted data in constructing their delivery
33 location; this WILL BREAK configurations which are not updated accordingly.
34 In particular: any Transport use of $local_part which has been relying upon
35 check_local_user far away in the Router to make it safe, should be updated to
36 replace $local_part with $local_part_data.
37
38 Attempting to remove, in router or transport, a header name that ends with
39 an asterisk (which is a standards-legal name) will now result in all headers
40 named starting with the string before the asterisk being removed. We recommend
41 staying away from such names, if they are private ones (and in case of future
42 enhancements, alao header names that look like REs).
-
- Posts: 24
- Joined: Mon Oct 22, 2018 3:30 pm
- Os: CentOS 6x
- Web: apache + nginx
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
Today epel has updated exim to 4.94-1.el7 and this has blocked my exim server with the following errors!
I have made a downgrade and it works perfect but I would like to be able to use the new version of exim;
These are the errors that it gives when updating, what parameters does exim.con come with by default in vestacp?
error next update 4.94-1:
-Tainted filename '/etc/exim/domains/domain.com/dkim.pem
-Tainted filename for search: '/etc/exim/domains/domain.com/aliases
-failed to expand "$ {extract {1} {:} {$ {lookup {$ local_part @ $ domain} lsearch {/ etc / exim / domains / $ domain / aliases}}}}": NULL
I have made a downgrade and it works perfect but I would like to be able to use the new version of exim;
These are the errors that it gives when updating, what parameters does exim.con come with by default in vestacp?
error next update 4.94-1:
-Tainted filename '/etc/exim/domains/domain.com/dkim.pem
-Tainted filename for search: '/etc/exim/domains/domain.com/aliases
-failed to expand "$ {extract {1} {:} {$ {lookup {$ local_part @ $ domain} lsearch {/ etc / exim / domains / $ domain / aliases}}}}": NULL
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
I also have the same problem.
How to downgrade?
This did not work:
yum history undo 59
How to downgrade?
This did not work:
yum history undo 59
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
If you want to downgrade on CentOS 7 and get back the working version exim-4.93-3.el7.x86_64.rpm do the following:
wget https://ca1.dynanode.net/exim-4.93-3.el7.x86_64.rpm
rpm -Uvh --oldpackage exim-4.93-3.el7.x86_64.rpm
However this is only a workaround. I´m not sure if there will be a fixed exim version available or how the provided config from VestaCP should be changed to fix this problem. Any ideas?
wget https://ca1.dynanode.net/exim-4.93-3.el7.x86_64.rpm
rpm -Uvh --oldpackage exim-4.93-3.el7.x86_64.rpm
However this is only a workaround. I´m not sure if there will be a fixed exim version available or how the provided config from VestaCP should be changed to fix this problem. Any ideas?
Last edited by peters on Fri Jun 19, 2020 10:52 pm, edited 1 time in total.
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
Very good. It worked. Thanks.
Unfortunately I don't know how to make it work in version 4.94.
Unfortunately I don't know how to make it work in version 4.94.
peters wrote: ↑Thu Jun 18, 2020 3:18 pmIf you want to downgrade on CentOS 7 and get back the working version exim-4.93-3.el7.x86_64.rpm do the following:
wget ftp://ftp.pbone.net/mirror/download.fed ... x86_64.rpm
rpm -Uvh --oldpackage exim-4.93-3.el7.x86_64.rpm
However this is only a workaround. I´m not sure if there will be a fixed exim version available or how the provided config from VestaCP should be changed to fix this problem. Any ideas?
-
- Posts: 4
- Joined: Thu Jun 18, 2020 5:52 pm
- Os: CentOS 6x
- Web: nginx + php-fpm
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
It worked. Thanks.
peters wrote: ↑Thu Jun 18, 2020 3:18 pmIf you want to downgrade on CentOS 7 and get back the working version exim-4.93-3.el7.x86_64.rpm do the following:
wget ftp://ftp.pbone.net/mirror/download.fed ... x86_64.rpm
rpm -Uvh --oldpackage exim-4.93-3.el7.x86_64.rpm
However this is only a workaround. I´m not sure if there will be a fixed exim version available or how the provided config from VestaCP should be changed to fix this problem. Any ideas?
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
For your information this issue has been reported today on bugzilla. Let's hope that they can fix the next version and exim 4.94 will work.
https://bugzilla.redhat.com/show_bug.cgi?id=1848283
https://bugzilla.redhat.com/show_bug.cgi?id=1848283
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
I got the same problem too, any way to fix it or we wait for a new update?
Re: Problem after upgrade to exim-4.94-1.el7 on CentOS 7
This is affecting me too. It's disappointing that they would push such a breaking change without better documentation how to correct config files.
For anybody trying to find a copy of the old 49.3-3 package which has now been replaced with 49.4 on all of the mirrors, you can get the package below if you choose to downgrade.
https://koji.fedoraproject.org/koji/bui ... ID=1507634
For anybody trying to find a copy of the old 49.3-3 package which has now been replaced with 49.4 on all of the mirrors, you can get the package below if you choose to downgrade.
https://koji.fedoraproject.org/koji/bui ... ID=1507634