Re: [Exim] I am desperated

Top Page
Delete this message
Reply to this message
Author: Mark Baker
Date:  
To: Guenter Mueller
CC: exim-users
Subject: Re: [Exim] I am desperated
On Wed, Sep 19, 2001 at 10:23:34AM +0200, Guenter Mueller wrote:

> we are running exim 3.22 and were sure that we could not act as open
> relay. But we are open to the percent hack!!

[...]

> Though the percent_hack isn't enabled,
> exim accepts all mails for X%Y@???
> and delivers it to mail host uni-freiburg.de [132.230.1.230]
> which accepts relaying because this is from local domain
> and delivers to X@Y
> which is unwanted relay!


Yes, the percent hack can cause this kind of two-stage relay problem. You
really need either both stages to expand percent hacks or neither; the
situation you have where the first one doesn't and the second does causes
problem.

The best solution is to turn off the percent hack on the second stage, but
since that's beyond your control, you'll have to work around it.

The first thing you need to do is to turn _on_ percent hack. That means that
it will replace x%y@yourdomain with x@y; but it will only forward the mail
iif it is allowed to relay mail to y, so that's OK.

Secondly, as others have pointed out, the percent hack in exim only applies
to local addresses, so you'll need to make uni-freiburg.de local, and then
set up a director that forwards all mail to the right place.

An alternative might be to use rewriting to rewrite anything with a % in it
into something that will definitely bounce. I haven't tried this and don't
know whether it's possible.