Re: [Exim] suffix related question

Top Page
Delete this message
Reply to this message
Author: Drav Sloan
Date:  
To: exim-users
Subject: Re: [Exim] suffix related question
Philip Hazel wrote:
> >    Simply all I want to do is be able to stick a suffix router
> > in that allows me to use user-xxxx@???. I can get it all to
> > work hunky dorey over locally injected mail, and also via -bt on
> > the command line. But via SMTP I always get a 5xx from exim.

>
> The difference is (I presume) that you are doing sender verification in
> the SMTP case.


Well its the recipient that fails (ie the user-suffix case) on the
rcpt to (when no_verify is set). Then when the no_verify is dropped
the 'rcpt to' is accepted but after the data stage it falls over:

delivering message 18MAx1-000F6a-00
Connecting to domain.com [10.0.2.180.25] ... connected
SMTP<< 220 domain.com ESMTP Exim 4.10 Thu, 12 Dec 2002 12:53:02 +0000
SMTP>> EHLO real-life.tm

  SMTP<< 250-domain.com Hello exim at real-life.tm [10.0.2.1]
         250-SIZE 52428800
         250-PIPELINING
         250 HELP

SMTP>> MAIL FROM:<holborn@???> SIZE=1494
SMTP>> RCPT TO:<holborn-foo@???>
SMTP>> DATA

SMTP<< 250 OK
SMTP<< 421 Unexpected failure, please try later
LOG: 0 MAIN
SMTP error from remote mailer after RCPT TO:<holborn-foo@???>: host domain.com [10.0.2.180]: 421 Unexpected failure, please try later
SMTP<< 421 Unexpected failure, please try later
SMTP>> QUIT


> Sounds like you have something in the router that works when you run it
> as root (which it will for a delivery or -bt) but does not work when it
> runs as exim (which it will during verification). Since you don't post
> the router, I can't help further...


Ahh yes, that was a bit silly of me, appologies! It is a simple router:

prefixeduser:
    driver = redirect
    check_local_user
    file = $home/.forward
    local_part_suffix = -*
    allow_filter
    file_transport = address_file


> > Bottom line, how do you simply allow suffix stuff to work over
> > SMTP as opposed to just via local submittion on the command line?
>
> I don't think this is a suffix issue.


Okay, I did wonder, but I've been fiddling about so much that I'm more
confused than I am enlightened :P

> > Is the no_verify the intentional way to make only certain routers
> > work locally and not over SMTP (I can see why if this is the case).
>
> no_verify is mostly used for that kind of thing, yes, but it is a
> general feature that allows you to use different routers for
> verification and delivery if you want to.


Ah right :) That man explain a load!

> > --------> prefixeduser router <--------
> > local_part=holborn-foo domain=domain.com
> > stripped suffix -foo
> > checking for local user
> > calling prefixeduser router
> > rda_interpret (file): $home/.forward
> > expanded: /mud/vmud/holborn/.forward
> > changed uid/gid: prefixeduser router (recipient is holborn-foo@???)
> > uid=100 gid=100
> > auxiliary group list: <none>
>
> Aha! It won't be able to do that uid change when verifying as exim.


It runs as exim from inetd (and not root). Right, okay, I gotacha. So
is there a way to fix that?!

> > exim[13373]: [ID 197553 mail.info] 2002-12-11 17:49:03 unable to set gid=100
> or uid=100 (euid=25): prefixeduser router (recipient is
> holborn-foo@???)
>
> Yup, that's it.
>
> What are you actually trying to achieve? Do you need to run that
> redirect router while verifying? In many cases all that is needed is to
> check that foo@??? is a valid local user, which you can do with a
> router something like this:
>
> check_prefix:
> router = accept
> verify_only
> check_local_user
> prefix = holborn-
>
> Note the "verify_only".


So basically you have two routers? One that DOES the work, and another
that does the verification over smtp?

Umm basically a friend used to have an exim 3 router that allowed him
to set any joe random suffix to his username, and then he had a few
rules in his forward file to handle the differing suffixes. It's just
a question of trying to get the same behaviour with exim 4, and we've
been going around in circles and getting more and more confused.

What were after is being able to recieve (both locally and remotly)
any suffix to a username, which is then passed to the .forward exim
filters to be processed as to where to store that address. The idea
being that if you sign upto a new list you don't have to update loads
of aliases/exim filters to handle it, you just add a identifier for
that list as a suffix and the exim filters save it as
~/mail/$local_part$local_part_suffix or whatever ;)

Thanks once again,

D.