Re: [Exim] temporarily rejected RCPT

Página Inicial
Delete this message
Reply to this message
Autor: Jan Lühr
Data:  
Para: exim-users
Assunto: Re: [Exim] temporarily rejected RCPT
Greetings,

Am Sonntag, 18. Juli 2004 13:57 schrieben Sie:
> On fre, 2004-07-16 at 19:52 +0200, Jan Lühr wrote:


> > > >
> > > > 2004-07-15 22:12:27 H=dial-194-8-196-171.netcologne.de (dagobert)
> > > > [194.8.196.171] F=<jan@???> temporarily rejected
> > > > RCPT <jlu ehr@???>
> > >
> > > hard to say without seeing your ACLs, I think. but I do know that your
> > > messages would be _permanently_ rejected by my server. "dagobert"
> > > isn't a valid argument for HELO, it needs to be fully qualified.
> >
> > Hmm... That sounds logical. But the point is I have not set any ACLs on
> > purpose. Everyone who is able to authorize himeself with a valid username
> > and password should be able to send mail. It's a logged, anyway, maybe
> > some defaults might have changed. Do you have a more specific idea? I
> > don't have whitelists, blacklists, etc...
>
> do the ACLs contain secrets?


No: These is everything from conf.d/acl (Everything is default - afaik)
20_exim4-config_whitelist_local_deny:

acl_whitelist_local_deny:
  accept hosts = ${if exists{CONFDIR/local_host_whitelist}\
                        {CONFDIR/local_host_whitelist}\
                        {}}
  accept senders = ${if exists{CONFDIR/local_sender_whitelist}\
                        {CONFDIR/local_sender_whitelist}\
                        {}}


30_exim4-config_check_rcpt

  accept hosts = :
...
 deny    domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
          message       = restricted characters in address
....
deny    domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
          message       = restricted characters in address
...
accept local_parts = postmaster
         domains = +local_domains
....
deny message = sender IP address $sender_host_address is locally blacklisted
here. If you think this is wrong, get in touch with postmaster
       !acl = acl_whitelist_local_deny
       hosts = ${if exists{CONFDIR/local_host_blacklist}\
                             {CONFDIR/local_host_blacklist}\
                             {}}
 accept domains = +local_domains
         endpass
         message = unknown user
         verify = recipient
...
accept domains = +relay_to_domains
         endpass
         message = unrouteable address
         verify = recipient
...
accept hosts = +relay_from_hosts
accept authenticated = * <-- Should make everything pass by.
deny message = relay not permitted


40_exim4-config_check_data
warn condition = ${if !def:h_Message-ID: {1}}
        hosts = +relay_from_hosts
        message = Message-ID: <E$message_id@$primary_hostname>


accept



> > What should I look for?
>
> DNS is still a possibility. also it could be your client, just from
> your original message we've already located two serious (IMHO) faults in
> standards compliance.
>
> I'd start with ruling out the client. run SMTP sessions manually, using
> openssl s_client and exim -bh.


A friend of mine confirmed the behaviour with another client.
Because of exim need 30 sec to reject me, I guess there is some timeout.
It writes 451 Temporary local problem - please try later.

So DNS might be an issue. What might go wrong, if local delivery works fine,
but remote delivery shows timeout related troubles?
ping www.google.com works fine...

Keep smiling
yanosz
- --
Achtung Adressfälschungen! Daher gilt:
"Jans Echte" - Nur echt mit der Signatur.
Infos siehe: http://www.luehr.mynetcologne.de/echeck.html