Author: Tim Jackson Date: To: exim-users Subject: Re: [Exim] Bizaare log entry
Hi Justin, on Mon, 18 Aug 2003 18:41:30 -0400 you wrote:
> My first question is the "U=root". I take it this means that the user
> 'root' tried to send this message from 218.13.251.100 ?
I *think* that's the RFC1413 ident, but as this isn't something I've
looked into in any great detail then someone might have to correct me :)
> My next question is the "was: 553 sorry, that domain isn't in my list >
> of.."
That's qmail's version of "relaying denied".
Basically, it looks to me like you got an incoming message from:
Your Exim process then did a callout to their MX (218.102.48.123).
Presumably cnfax.com are either spammers, and/or have misconfigured DNS,
and/or 218.102.24.123 is a misconfigured MX which thinks it isn't an MX
for their domain. Therefore 218.102.48.123 said "sorry, don't know that
domain [cnfax.com]".
The key line here is Exim's fairly verbose statement which is easier to
read if you break it down a bit:
> sender verify fail (the envelope sender couldn't be verified)
> for <sales@cn fax.com> (this is the envelope sender)
> response to "RCPT TO:<sales@???>" (this is the callout command sent by Exim)
> from mail.netvigator.com [218.102.48.123] (this is the host receiving the callout)
> was: (what follows is why the envelope sender couldn't be verified)
> 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) (this is what the host receiving the callout said)