[Exim] Unresolvable IP breaks host_accept_relay lookup

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Sheldon Hearn
Date:  
À: exim-users
Sujet: [Exim] Unresolvable IP breaks host_accept_relay lookup
Hi folks,

I have the following relay control in place:

MYSQL_RELAY = select ip from popb4smtp where ip="${sender_host_address}"
host_accept_relay = 127.0.0.1/32 : 10.0.0.1/24 : net-mysql;MYSQL_RELAY
host_lookup =

Notice that I'm using the net- lookup prefix to ensure that a host
lookup is not required. Also, notice that I've disabled DNS reverse
resolution for all hosts that don't advertise themselves falsely in
HELO.

Most importantly, notice that I query on IP address and not on hostname.

Now watch what happens when I attempt to relay from an IP address that
has no hostname...

-----> Begin
# exim -C ${eximcfg} -d 9 -bh X.X.X.X
Exim version 3.22 debug level 9 uid=0 gid=0
probably Berkeley DB version 1.8x (native mode)
[...]
sender_fullhost = [X.X.X.X]
sender_rcvhost = [X.X.X.X]

**** SMTP testing session as if from host X.X.X.X
**** Not for real!

host in host_lookup? no (option unset)
host in host_reject? no (option unset)
host in host_reject_recipients? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in receiver_unqualified_hosts? no (option unset)
host in helo_verify? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
SMTP>> 220 mail.gambling.com ESMTP Exim 3.22 #1 Wed, 13 Jun 2001 09:52:29 -0400

220 mail.gambling.com ESMTP Exim 3.22 #1 Wed, 13 Jun 2001 09:52:29 -0400
smtp_setup_msg entered
mail from:sheldonh@???
SMTP<< mail from:sheldonh@???
sheldonh@??? in sender_reject? no (option unset)
sheldonh@??? in sender_reject_recipients? no (option unset)
SMTP>> 250 <sheldonh@???> is syntactically correct

250 <sheldonh@???> is syntactically correct
mail from:sheldonh@???
SMTP<< mail from:sheldonh@???
sheldonh@??? in sender_reject? no (option unset)
sheldonh@??? in sender_reject_recipients? no (option unset)
SMTP>> 250 <sheldonh@???> is syntactically correct

250 <sheldonh@???> is syntactically correct
rcpt to:sheldonh@???
SMTP<< rcpt to:sheldonh@???
uunet.co.za in local_domains? no (end of list)
uunet.co.za in relay_domains? no (end of list)
looking up host name for X.X.X.X
IP address lookup failed
host in host_accept_relay? no (failed to find host name or lookup deferred)
host in sender_address_relay_hosts? yes (*)
sheldonh@??? in sender_address_relay? no (end of list)
sender is not permitted to relay
SMTP>> 550 relaying to <sheldonh@???> prohibited by administrator (failed to find host name from IP address)

550 relaying to <sheldonh@???> prohibited by administrator (failed to find host name from IP address)
LOG: 1 MAIN REJECT
refused relay (sender & host_accept_relay) to <sheldonh@???> from <sheldonh@???> H=[X.X.X.X] (failed to find host name from IP address)
-----> End

The address (hidden here as X.X.X.X) is definitely in the popb4smtp
database. But Exim doesn't even try the lookup.

I can understand why a failed DNS lookup prevents Exim from evaluating
host_accept_relay, because host_accept_relay may contain hostnames
instead of IP addresses. I also understand the explanation given in
section 7.13 [Host lists]. Unfortunately, the advice given in section
7.14 [Mixing host names and addresses in host lists] doesn't apply and
doesn't help even if I try.

The bottom line is that, for his lookup, I don't need the hostname and
don't want Exim to require it. I'm pretty sure I don't want to modify
the host list with +allow_unknown, because that will allow _any_ host
whose address can't be resolved to relay through me.

So what do I do? :-)

Ciao,
Sheldon.