Exim4U Version History Current Exim4U Version Is 2.1.1 2.1.1 Release Date: October 12, 2012 Exim Configuration's URIBL/SURBL/DBL Blocklists (exim_surbl) Upgraded exim_surbl upgraded from version 2.2 to version 2.3. This new version of exim_surbl supports added functionality to better parse "http://" strings that are encoded. Regenerated surbl_whitelist.txt, two-level-tlds, and three-level-tlds files. exim_surbl version 2.3 is described here: http://www.teuton.org/~ejm/exim_surbl Spamassassin's Spam Report May Now Be Included In All Email SpamHeaderType variable is now specified in the exim4u_global_spam_virus configuration file. For SpamHeaderType=0, Spamassassin's Spam Report will only appear in email headers for Spam Score > Spam Tag Score. For SpamHeaderType=1, Spamassassin's Spam Report will appear in all email headers. Bug Fixes The crypt field was expanded to 256 characters which solved a problem with Debian installations. An update script is also provided for upgrading existing installs. In prior Exim4U versions, a domain's Mailman installation could not be implemented on the Exim4U server when webhosting for that domain was on a different server. Exim4U's php code has been modified to solve this issue. Now, if web hosting for a mail domain is not on the same server as Exim4U then another domain is specified in variables.php which is to be used by Mailman on the Exim4U server. Other Exim's ident callbacks are now disabled by default in exim4u_local.conf.inc with: rfc1413_query_timeout = 0s This can be re-enabled by setting a value > 0. The default config now requires TLS encryption for all authenticated connections in exim4u_local.conf.inc with: +auth_advertise_hosts = ${if eq{$tls_cipher}{}{}{*}} This can be disabled by commenting out the auth_advertise_hosts line. The Groups router configuration and the Simple Mailing List router configuration were modified to support Groups and Simple Mailing List addresses with hyphens in the local part of the address. Uncomment the following lines in exim-mailinglist-router.conf.inc and exim-group-router.conf.inc. to re-enable: local_part_suffix = -* local_part_suffix_optional Various other modifications and bug fixes were also implemented. Revised Documentation The following documents were revised: INSTALL, NOTES, EXIM_4.69, DEBIAN, WEBMAIL, CHANGELOG and VERSION. 2.0.1 Release Date: October 11, 2011 Simple Mailing List Added To Exim4U's Web Interface Exim4U now includes a mailing list manager module called the Simple Mailing List. This module is accessibly from within the Exim4U web interface and is similar in functionality to dedicated mailing list manager packages but with substantially fewer features. The Simple Mailing List is not meant as a direct replacement for dedicated mailing list manager packages since it has a much smaller feature set, however, it offers a quick and simple alternative for basic mailing lists especially for installations where no other mailing list manager is installed. Exim4U Webmail Groupware Is Now Based On Horde Version 4 And Uses The Horde Pear Installer Horde Version 4 is a significant upgrade over Horde version 3 with much improved AJAX frontends for the various modules along with a new installation process using the PEAR installer. The Horde PEAR installer has several advantages including a much easier installation/configuration process and installations may be updated at will immediately after new Horde versions are released. Scripts are provided which will automatically configure the Exim4U preferences, appearance features and file ownerships/permissions. Revised Documentation The following documents were revised: APPEARANCE, DEBIAN, MIGRATE, SPAMASSASSIN, and WEBMAIL. Other The Exim4U web interface has been streamlined to be simpler and more consistent for improved usability. OpenProtect's rule channel has been removed from the recommended Spamassassin configuration since the OpenProtect channel is now obsolete. The spamreport script would not run properly on Debian/Ubuntu which is now fixed. A problem was discovered on Debian Squeeze related to an empty crypt field while logging into exim4u's web interface and was resolved with a modification to the crypt_password function in config/function.php. A bug was fixed in the Exim4U user interface that caused formatting problems in userchange.php Various other improvements and bug fixes. Credits Thomas Carrié designed and implemented all of the software for the Simple Mailing List module. Thanks Thomas! Neza Nice reported the spamreport bug, the obsolescence of the OpenProtect Spamassassin channel and contributed changes in the DEBIAN instruction file. Kebba Foon reported the empty crypt field bug and participated in its resolution. Thanks Neza and Kebba! 1.2.5 Release Date: January 26, 2011 Exim Configuration's URIBL/SURBL/DBL Blocklists (exim_surbl) Upgraded Upgraded exim_surbl from version 2.0 to version 2.2. This new version of exim_surbl adds the Spamhaus DBL list for enhanced spam prevention and supports the new SURBL implementation guidelines. exim_surbl version 2.2 is described here: http://www.teuton.org/~ejm/exim_surbl Revised Exim Configuration's Vacation Autoreply Transport Configuration The new vacation autoreply transport configuration limits autoreplys for each sender to one autoreply per user specified time period (default = 1 day) in order to avoid email ping pong infinite loops with mailing lists, etc. Revised Documentation The following documents were revised to reflect the upgrade of exim_surbl from version 2.0 to version 2.2: README, INSTALL, NOTES, and SPAMASSASSIN. The following document was added which contains a crontab script necessary for the implementation of exim_surbl version 2.2: etc/exim/exim.pl/README2. The MIGRATE document was changed to include instructions for expanding the vacation autoreply message field in the MySQL database. The DEBIAN file was amended to include instructions for the location of the greylisting db file and the vacation autoreply db files. While the db file locations in the instructions work fine in RedHat/CentoS and FreeBSD they have been reported to conflict with Debian's exim4-base cron.daily script. Other Bug fix to adminuserchange.php related to the vacation autoreply text for admin users. Expanded the vacation autoreply message field in the MySQL database to 4096 characters. The smtp_accept_queue_per_connection configuration option was added to exim4u_local.conf.inc. This option specifies the maximum number of delivery processes that exim starts automatically when receiving messages via SMTP. If not specified, a default value of 10 is used, however, on large systems and/or systems with large mailing lists, this parameter should be increased or set to zero (zero means disabled). Other minor enhancements were implemented to several of the documentation files and the exim configuration files. Credits The vacation autoreply modifications were contributed by Jörg Roßdeutscher who also recommended the additions to the DEBIAN documentation file. The upgrade to exim_surbl 2.2 and the smtp_accept_queue_per_connection configuration option was suggested by Odhiambo Washington. Thanks Jörg and Odhiambo! 1.2.4 Release Date: October 21, 2010 Webmail Groupware Upgraded To Version Horde-1.2.7 Webmail Groupware (home/exim4u/public_html/webmail) was upgraded to incorporate Horde Webmail Groupware Version 1.2.7. Revised Exim Configuration Files (/etc/exim): exim.conf was revised so that sender address callout verifications are only performed for spammy mail (spam score > 0). Also, minor modifications were made to the in-line documentation in exim.conf and exim4u_local.conf.inc to improve clarity. Revised Documentation: WEBMAIL - Minor modifications were made to the Webmail instructions to improve clarity. TODO - Revised to include an additional item 5 - Mailbox size quota notification script. 1.2.3 Release Date: May 13, 2010 Critical Security Release: Version 1.2.3 is a critical security release. As such, all Exim4U installations should immediately be upgraded to version 1.2.3. This release addresses several security vulnerabilities in Exim4U v1.2.2 that were inherited from the base Vexim 2.2.1 php code. In addition to resolving the security issues identified, it tightens other areas of the php code effectively reducing the potential for additional undiscovered vulnerabilities being present in the tightened areas. New Documentation: SECURITY - Instructions for implementing additional administrative precautions to help protect your Exim4U installation from hostile intruders and other potential security issues. Other: Minor enhancements were implemented to several of the documentation files and the exim configuration files. Credits: The security vulnerabilities were identified by Mike Garratt who also provided guidance in fixing the identified issues as well as personally correcting many of the weaknesses himself. Thanks Mike! 1.2.2 Release Date: February 21, 2010 New Documentation: APPEARANCE - Instructions for customizing Exim4U's icons, images and appearance. EXIM_4.69 - Instructions for running Exim Version 4.69 instead of 4.71. FREEBSD, DEBIAN and REDHAT-CENTOS - OS specific installation notes. Exim Configuration Changes: Bug fixed in the acl_smtp_data ACL in exim.conf related to running exim with clamd disabled. Minor enhancement to SpamAssassin header rewriting in exim.conf. Moved several parameter settings from exim.conf to exim4u_local.conf.inc: exim_user exim_group av_scanner spamd_address Added default setting for mailman domain list in exim4u_local.conf.inc: domainlist mm_domains = : The variable, SENDER_RL, was added to exim4u_local.conf.inc which toggles sender ratelimiting ON/OFF in etc/exim/exim4u_acl_check_dkim.conf.inc. SENDER_RL = YES (on) /NO (off). Shell Scripts: Minor modifications were made to the following scripts: eximstats.sh spamdel spamreport The mailx/nail commands from the Heirloom project were also added to these scripts for mailing the reports. The spam deletion utility, spamdel, was completely rewritten to produce an improved report appearance and to be more easily configured for any mailstore locations (mailroot directories). Other: The HTML menu scripts in the following directories were modified to support site specific appearance modifications (logos, images, etc.): home/exim4u/public_html/admin_menu home/exim4u/public_html/user_menu The Exim4U Email Admin PHP scripts were modified in the following directories to support site specific appearance modifications (header text, logos, images, etc.): home/exim4u/public_html/exim4u/config home/exim4u/public_html/exim4u/images All Exim4U logos were modified for improved appearance. The Exim4U admin icon was replaced with a new check mark icon along with another icon which is a "human" image and which may be alternatively used as the Exim4U admin icon. All tab characters were removed from the Exim4U Email Admin PHP code since some custom installations of Apache appeared not to handle tabs well. Other minor bug fixes, modifications and documentation improvements. 1.2.1 Release Date: February 21, 2010 Bug fix for mysql setup scripts where on_spamboxreport field in the users table was improperly named on-spambox_report. mysql_migrate/mysql_migrate.sql and mysql_setup/mysql.sql scripts were revised where the field named on-spambox_report was replaced with the name on_spamboxreport in the users table. 1.2.0 Release Date: February 21, 2010 Exim4U Version 1.2.0 requires Exim version 4.71 or higher for complete functionality. DKIM was implemented. DKIM signing of outgoing mail and DKIM verification of imcoming mail was implemented with or without greylisting and/or failure rejection during the SMTP session. Note that Exim 4.7x's implementation of DKIM causes the obsolescence of DomainKeys with the Exim MTA for all versions after Exim 4.69. Therefore, DomainKeys is obsoleted for all Exim4U versions after Exim4U 1.1.0. Exim RPMs are no longer included. Download links are provided instead and the license is modified accordingly. Minor bug fixes and house cleaning. Changelog available here: http://exim4u.org/svn/exim4u_src/tags/1.2.0/CHANGELOG 1.1.0 Release Date: February 21, 2010 Exim4U Version 1.1.0 requires Exim version 4.68 or 4.69 for complete functionality. DomainKeys is implemented for Exim4U Version 1.1.0.