[Exim] Problem with "allow_localhost" in exim (SSL relaying …

Top Page
Delete this message
Reply to this message
Author: Wojtek Zabolotny
Date:  
To: exim-users
Subject: [Exim] Problem with "allow_localhost" in exim (SSL relaying from trusted DIP connected hosts)
Hi All,

I've finally got the "almost working" configuration for relaying of messages
from trusted hosts connected through untrusted dial-up ISPs.
On my box, I've created the SSL tunnel with foloowing command:

stunnel -v 2 -d localhost:465 -r localhost:25

On each DIP connected box, I've modified the two files:

1) /etc/ppp/ip-up.d/exim

#!/bin/sh
stunnel -c stunnel -c -p /etc/ssl/certs/valid_certificate.pem \
   -d localhost:465 -r my.host.name:465
# Flush exim queue
if [ -x /usr/sbin/exim ]; then
      /usr/sbin/exim -qf
fi                                                                              


2) /etc/exim.conf
 a) I've created the new transport definition
   my_smtp:
    driver = smtp
    port = 465
    allow_localhost = true 
 b) I've changed the smarthost definition
   smarthost:
     driver = domainlist
      #  transport = remote_smtp
      #  route_list = "* my.host.name bydns_a"
     transport = my_smtp
     route_list = "* localhost byname"


In theory all should work fine (I tried to connect with telnet to the
465 port on the DIP connected box, and it really worked with exim on
my.host.name, the certificate checking worked and so on).
However exim on connected boxes fails to deliver the mail ("freezes" it),
and complains to the postmaster, sending the following info:

The following address(es) have yet to be delivered:
user1@???: remote host address is the local host

AFAIK this should be fixed with the "allow_localhost = true" in the
my_smtp transport definition, however it doesn't work (I get strictly
the same results without this option and with it).
What have I done wrong? Do I need to recompile exim to allow supporting
of "allow_localhost = true" option?

My system is debian/linux 2.2 (potato) with exim version. 3.12 (debian
package 3.12-10)
-- 
                TIA
                Wojtek Zabolotny
                wzab@???