Re: [Exim] accepting mail without being an open relay

Top Page
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: Rejo Zenger
CC: exim-users
Subject: Re: [Exim] accepting mail without being an open relay
On Thu, 13 Jun 2002, Rejo Zenger wrote:

> Hi,
>
> I guess this is something terribly simple, but I just can't fugureout
> how to solve it.
>
> I'm running Exim 4. All is running well, except for the posts by a perl
> script (using the module Net::SMTP from libnet). Script is running on
> the same host as Exim (sisterray.xs4all.nl). I keep getting these
> errors:
>
> 2002-06-13 11:27:43 H=sisterray.xs4all.nl [213.84.142.121]
> F=<autoresponder-modbot-nl.erotiek.overig=bounces@???>
> rejected RCPT <peter@???>: EO ACL: relaying denied
>
> The last part is from the last ACL in my configuration so I'm able to
> track where the message exactly got rejected.
>
> So, although I have tried a lot, I just can't getting the server
> accepting these connections, without being an open relay. How can I
> solve this?



It looks like the perl script is making its connection to your real IP
address, so it will appear to be _coming_ from your real IP address.

Assuming that 213.84.142.121 really is the IP address of your server,
you could add an:


accept        hosts = 213.84.142.121


before the deny.


Or, tell the perl script to connect to 127.0.0.1 instead, and then make
sure 127.0.0.1 is allowed to relay.



>
> I guess these are the relevant parts of /etc/exim/configure:
>
> | domainlist local_domains = sisterray.xs4all.nl
> | hostlist   relay_hosts =
> |
> | primary_hostname = sisterray.xs4all.nl
> |
> | begin acl
> |
> | check_recipient:
> |
> |   accept  hosts         = :
> |
> |   [... blacklists and other stuff skipped ...]
> |
> |   accept  local_parts   = lsearch;/etc/exim/recipients_reject_except
> |           domains       = +local_domains
> |
> |   deny    message       = [...]
> |           log_message   = suspicious characters in local_part
> |           local_parts   = ^.*[@%!/|]
> |
> |   require verify        = sender
> |
> |   accept  domains       = +local_domains
> |           endpass
> |           message       = unknown user
> |           verify        = recipient
> |
> |   accept  authenticated = *
> |
> |   deny    log_message   = EO ACL: relaying denied
> |           message       = [...]

>
> Thanks in adavcne,
>
>     -Rejo.

>
> --
> # rejo@???, pgp: see headers, http://www.xs4all.nl/~sister
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>



--