Author: Sheldon Hearn Date: To: exim-users Subject: [Exim] Unresolvable IP breaks host_accept_relay lookup
Hi folks,
I have the following relay control in place:
MYSQL_RELAY = select ip from popb4smtp where ip="${sender_host_address}"
host_accept_relay = 127.0.0.1/32 : 10.0.0.1/24 : net-mysql;MYSQL_RELAY
host_lookup =
Notice that I'm using the net- lookup prefix to ensure that a host
lookup is not required. Also, notice that I've disabled DNS reverse
resolution for all hosts that don't advertise themselves falsely in
HELO.
Most importantly, notice that I query on IP address and not on hostname.
Now watch what happens when I attempt to relay from an IP address that
has no hostname...
-----> Begin
# exim -C ${eximcfg} -d 9 -bh X.X.X.X
Exim version 3.22 debug level 9 uid=0 gid=0
probably Berkeley DB version 1.8x (native mode)
[...]
sender_fullhost = [X.X.X.X]
sender_rcvhost = [X.X.X.X]
**** SMTP testing session as if from host X.X.X.X
**** Not for real!
host in host_lookup? no (option unset)
host in host_reject? no (option unset)
host in host_reject_recipients? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in receiver_unqualified_hosts? no (option unset)
host in helo_verify? no (option unset)
host in helo_accept_junk_hosts? no (option unset) SMTP>> 220 mail.gambling.com ESMTP Exim 3.22 #1 Wed, 13 Jun 2001 09:52:29 -0400 220 mail.gambling.com ESMTP Exim 3.22 #1 Wed, 13 Jun 2001 09:52:29 -0400
smtp_setup_msg entered
mail from:sheldonh@???
SMTP<< mail from:sheldonh@???
sheldonh@??? in sender_reject? no (option unset)
sheldonh@??? in sender_reject_recipients? no (option unset) SMTP>> 250 <sheldonh@???> is syntactically correct 250 <sheldonh@???> is syntactically correct
mail from:sheldonh@???
SMTP<< mail from:sheldonh@???
sheldonh@??? in sender_reject? no (option unset)
sheldonh@??? in sender_reject_recipients? no (option unset) SMTP>> 250 <sheldonh@???> is syntactically correct 250 <sheldonh@???> is syntactically correct
rcpt to:sheldonh@???
SMTP<< rcpt to:sheldonh@???
uunet.co.za in local_domains? no (end of list)
uunet.co.za in relay_domains? no (end of list)
looking up host name for X.X.X.X
IP address lookup failed
host in host_accept_relay? no (failed to find host name or lookup deferred)
host in sender_address_relay_hosts? yes (*)
sheldonh@??? in sender_address_relay? no (end of list)
sender is not permitted to relay SMTP>> 550 relaying to <sheldonh@???> prohibited by administrator (failed to find host name from IP address) 550 relaying to <sheldonh@???> prohibited by administrator (failed to find host name from IP address)
LOG: 1 MAIN REJECT
refused relay (sender & host_accept_relay) to <sheldonh@???> from <sheldonh@???> H=[X.X.X.X] (failed to find host name from IP address)
-----> End
The address (hidden here as X.X.X.X) is definitely in the popb4smtp
database. But Exim doesn't even try the lookup.
I can understand why a failed DNS lookup prevents Exim from evaluating
host_accept_relay, because host_accept_relay may contain hostnames
instead of IP addresses. I also understand the explanation given in
section 7.13 [Host lists]. Unfortunately, the advice given in section
7.14 [Mixing host names and addresses in host lists] doesn't apply and
doesn't help even if I try.
The bottom line is that, for his lookup, I don't need the hostname and
don't want Exim to require it. I'm pretty sure I don't want to modify
the host list with +allow_unknown, because that will allow _any_ host
whose address can't be resolved to relay through me.
