Re: [Exim] exim_rejectlog

Top Page
Delete this message
Reply to this message
Author: Tabor J. Wells
Date:  
To: Tony VanScoy
CC: exim-users
Subject: Re: [Exim] exim_rejectlog
On Fri, Oct 18, 2002 at 01:34:51PM -0400,
Tony VanScoy <tvanscoy@???> is thought to have said:

> I have a client who can recieve but not send email. he gets an error
> "Unknow error has occurred. no error number" when trying to send email. my
> rejectlog reads
>
> refused relay (host) to <some@???> from <client@???>
> H=188.philadelphia-23-24rs.pa.dial-access.att.net (jre) [12.90.9.188]
>
> what in the world does that mean? the client was only trying to reply to an
> email. why is it trying to relay it?


Any time a system sends mail to your server and your server sends it along
to another remote server, that is relaying. In this case your client
attempted to send mail to your server for the purpose of relaying it to a
remote site.

A properly configured MTA does not relay for unauthenticated hosts outside
it's network. This is necessary because spammers like to send their junk
through unsecured relays. Your server is doing the right thing refusing this
connection from a client on a dialup network that presumably you do not
control.

Your options to have this customer send mail through your server without
opening it up to allow anyone on the net to send mail through it are:

1) Configure SMTP AUTH on your Exim server. See the various docs and
examples on how to do this.

2) Use a pop-before-smtp setup so that users that pick up their mail from
outside your network have a small window of time (like say 15 minutes to an
hour) to send mail through your mail server from the IP address they checked
mail from. There are examples of how to do this in the list archives and in
the FAQ

3) If you have some kind of VPN solution in place on your network to allow
roaming clients access to your local network, require them to first connect
to the VPN before sending mail.

4) Have the customer use the local mail server of whatever network he is
connected through to send out mail.

Tabor

--
--------------------------------------------------------------------
Tabor J. Wells                                     twells@???
Fsck It!                 Just another victim of the ambient morality