Re: [Exim] SMTP AUTH problem

Top Page
Delete this message
Reply to this message
Author: Martin Helas
Date:  
To: exim-users
Subject: Re: [Exim] SMTP AUTH problem
Hi Nico,

host_accept_relay and host_auth_accept_relay are both set to localhost.

I tried as you said with masta@??? exim denied relaying (as it should
be). Probably i should exlain what i want exim to do:

-Some of my users connect to the mail server
-exim only accepts incoming mail from this users if they have done
authentification. (e.g. Outlook: Server requires authentification)
Otherwise exim rejects to accept the mail and closes connection.

(Many ISP do so (like GMX, Puretec ...))

I tried exim -d9 -bh some.ip.address with RCPT TO: something@localdomain.
Debug-Information follows:


root@testlab1:/home/mhelas# exim -d9 -bh 130.83.124.2
Exim version 3.35 debug level 9 uid=0 gid=0
Berkeley DB: Sleepycat Software: Berkeley DB 2.7.7: (08/20/99)
testlab1.helas.net in local_domains? yes (matched testlab1.helas.net)
Unable to create IPv6 socket to find interface addresses:
error 97 Address family not supported by protocol
Trying for an IPv4 socket
Actual local interface address is 127.0.0.1 (lo)
Actual local interface address is 192.168.114.116 (eth0)
Caller is an admin user
Caller is a trusted user
user name "root" extracted from gecos field "root"
originator: uid=0 gid=0 login=root name=root
sender address = root@???
sender_fullhost = [130.83.124.2]
sender_rcvhost = [130.83.124.2]

**** SMTP testing session as if from host 130.83.124.2
**** Not for real!

host in host_lookup? yes (*)
looking up host name for 130.83.124.2
IP address lookup yielded s1.konaktiva.tu-darmstadt.de
sender_fullhost = s1.konaktiva.tu-darmstadt.de [130.83.124.2]
sender_rcvhost = s1.konaktiva.tu-darmstadt.de ([130.83.124.2])
set_process_info: 739 handling incoming connection from s1.konaktiva.tu-darmstadt.de [130.83.124.2]
host in host_reject? no (option unset)
host in host_reject_recipients? no (option unset)
host in auth_hosts? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in receiver_unqualified_hosts? no (option unset)
host in helo_verify? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
SMTP>> 220 testlab1.helas.net ESMTP Exim 3.35 #1 Wed, 30 Oct 2002 17:23:43 +0100220 testlab1.helas.net ESMTP Exim 3.35 #1 Wed, 30 Oct 2002 17:23:43 +0100

smtp_setup_msg entered
EHLO exim.org
SMTP<< EHLO exim.org
sender_fullhost = s1.konaktiva.tu-darmstadt.de (exim.org) [130.83.124.2]
sender_rcvhost = s1.konaktiva.tu-darmstadt.de ([130.83.124.2] helo=exim.org)
set_process_info: 739 handling incoming connection from s1.konaktiva.tu-darmstadt.de (exim.org) [130.83.124.2]
250-testlab1.helas.net Hello s1.konaktiva.tu-darmstadt.de [130.83.124.2]
250-SIZE
250-PIPELINING
250-AUTH CRAM-MD5
250 HELP
SMTP>> 250-testlab1.helas.net Hello s1.konaktiva.tu-darmstadt.de [130.83.124.2]

250-SIZE
250-PIPELINING
250-AUTH CRAM-MD5
250 HELP
MAIL FROM: <>
SMTP<< MAIL FROM: <>
SMTP>> 250 <> is syntactically correct

250 <> is syntactically correct
RCPT TO: izobel@???
SMTP<< RCPT TO: izobel@???
testlab1.helas.net in local_domains? yes (matched testlab1.helas.net)
host in receiver_verify_hosts? yes (*)
>>>>>>>>>>>>>>>>>>>>>>>>

Verifying izobel@???
testlab1.helas.net in local_domains? yes (matched testlab1.helas.net)
testlab1.helas.net in percent_hack_domains? no (end of list)
address izobel@???
local_part=izobel domain=testlab1.helas.net
domain is local
>>>>>>>>>>>>>>>>>>>>>>>>

directing izobel@???
real_local director skipped: prefix mismatch
calling system_aliases director
df_lookup entered: search type = lsearch
system_aliases director: lsearch key=izobel
file="/etc/aliases"
search_open: lsearch "/etc/aliases"
search_find: file="/etc/aliases"
key="izobel" partial=-1
LRU list:
7/etc/aliases
End
internal_search_find: file="/etc/aliases"
type=lsearch key="izobel"
file lookup required for izobel
in /etc/aliases
lookup failed
system_aliases director declined for izobel:
userforward director skipped: verify 2 0 0
procmail director skipped: verify 2 0 0
calling mysql_aliases director
df_lookup entered: search type = mysql
mysql_aliases director: mysql query=SELECT maildir FROM users where id = 'izobel@???';
search_open: mysql "NULL"
search_find: file="NULL"
key="SELECT maildir FROM users where id = 'izobel@???';" partial=-1
LRU list:
7/etc/aliases
End
internal_search_find: file="NULL"
type=mysql key="SELECT maildir FROM users where id = 'izobel@???';"
database lookup required for SELECT maildir FROM users where id = 'izobel@???';
MYSQL query: SELECT maildir FROM users where id = 'izobel@???';
MYSQL new connection: host=localhost port=0 database=maildb user=mail password=XXXXXXXX
lookup yielded: /home/mail/testlab1.helas.net/izobel/Maildir/
parse_extract_addresses: /home/mail/testlab1.helas.net/izobel/Maildir/
extract item: /home/mail/testlab1.helas.net/izobel/Maildir/
mysql_aliases director generated /home/mail/testlab1.helas.net/izobel/Maildir/
pipe, file, or autoreply
errors_to=NULL transport=address_directory
uid=8 gid=8 home=NULL
mysql_aliases director succeeded for izobel
SMTP>> 250 <izobel@???> verified

250 <izobel@???> verified




* Nico Erfurth <masta@???> [021030 17:14]:
> Martin Helas wrote:
> >Hi,
> >
> >i'm trying to set up a multi-domain configuration using exim 3.35 which
> >works
> >quite fine. I want to set up SMTP AUTH to prevent my server used for UCE.
> >
> >But have a problem setting up SMTP AUTH. Authentification is working quite
> >fine[1] but i am still able to send mails WITHOUT authentification. I
> >could'nt
> >find any hint in the documentation or using google to find what i am doing
> >wrong.
> >
> >Somebody any hint for me?
>
> Who is allowed to send mail without authentication?
> Any host? (you can check with exim -bh IP or exim_checkaccess)
>
> Check your host_accept_relay and host_auth_accept_relay settings.
>
> Do
> exim -d9 -bh some.ip.address
> EHLO exim.org
> MAIL FROM: <>
> RCPT TO: masta@???
>
> and send us the output.
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>


--
|------------------------------------------------------------
|   Martin Helas                          Auf dem Hohlrech 9a
|   helas@???                               64380 Roßdorf
|   mhelas@???                    Tel. 0 61 54-69 36 99
|   mhelas@???  Tel. 0 17 2 - 66 15 987
|    PGP: 1474 4CAC EF5C ECFA E29E  2CB1 7929 AB90 F7AC 3AF0

|------------------------------------------------------------