I'm having a rough time getting a mysql query in a hostlist to work
the way I expect. Running exim in '-bh 1.2.3.4' mode suggests that
while the mysql lookup returned '1.1.1.1' for the hostlist, '1.2.3.4'
somehow matches, thus [open] relaying is allowed. Can anyone please
help me understand what I may be doing wrong?
exim.conf contains:
hostlist popb4smtp = mysql;SELECT DISTINCT ip FROM exim.popb4smtp
accept hosts = +popb4smtp
endpass
verify = recipient
verify = sender
# mysql -e 'select distinct ip from exim.popb4smtp'
1.1.1.1
# exim -d -bh 1.2.3.4
Exim version 4.42 uid=0 gid=0 pid=3705 D=fbb95cfd
Berkeley DB: Sleepycat Software: Berkeley DB 2.7.7: (08/20/99)
Support for: iconv() OpenSSL
Lookups: lsearch wildlsearch nwildlsearch iplsearch dbm dbmnz dsearch
mysql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir autoreply pipe smtp
Fixed never_users: 0
changed uid/gid: forcing real = effective
uid=0 gid=0 pid=3705
auxiliary group list: <none>
configuration file is /usr/local/exim_marinar/etc/exim.conf
log selectors = ffffffff 7fffffff
trusted user
admin user
changed uid/gid: privilege not needed
uid=8 gid=8 pid=3705
auxiliary group list: <none>
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
finduser used cached passwd data for mail
originator: uid=0 gid=0 login=root name=root
sender address = root@???
sender_fullhost = [1.2.3.4]
sender_rcvhost = [1.2.3.4]
**** SMTP testing session as if from host 1.2.3.4
**** but without any ident (RFC 1413) callback.
**** This is not for real!
LOG: smtp_connection MAIN
SMTP connection from [1.2.3.4]
host in host_lookup? no (option unset)
set_process_info: 3705 handling incoming connection from [1.2.3.4]
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
SMTP>> 220 marinar.com ESMTP Exim 4.42 Fri, 29 Oct 2004 14:40:52
-0400
220 marinar.com ESMTP Exim 4.42 Fri, 29 Oct 2004 14:40:52 -0400
smtp_setup_msg entered
helo test
SMTP<< helo test
test in helo_lookup_domains? no (end of list)
sender_fullhost = (test) [1.2.3.4]
sender_rcvhost = [1.2.3.4] (helo=test)
set_process_info: 3705 handling incoming connection from (test)
[1.2.3.4]
250 marinar.com Hello test [1.2.3.4]
SMTP>> 250 marinar.com Hello test [1.2.3.4]
mail from: <>
SMTP<< mail from: <>
SMTP>> 250 OK
250 OK
rcpt to: hank@???
SMTP<< rcpt to: hank@???
using ACL "acl_check_rcpt"
processing "accept"
check hosts = :
host in ":"? no (end of list)
accept: condition test failed
processing "deny"
check local_parts = ^.*[@%!/|] : ^\\.
hank in "^.*[@%!/|] : ^\."? no (end of list)
deny: condition test failed
processing "defer"
check hosts = +defer_hosts
host in "/usr/local/exim_marinar/etc/host/defer"? no (end of list)
host in "+defer_hosts"? no (end of list)
defer: condition test failed
processing "accept"
check authenticated = *
accept: condition test failed
processing "accept"
check local_parts = postmaster
hank in "postmaster"? no (end of list)
accept: condition test failed
processing "deny"
check hosts = +blacklist_hosts
host in "/usr/local/exim_marinar/etc/host/blacklist"? no (end of
list)
host in "+blacklist_hosts"? no (end of list)
deny: condition test failed
processing "accept"
check hosts = +popb4smtp
search_open: mysql "NULL"
search_find: file="NULL"
key="SELECT DISTINCT ip FROM exim.popb4smtp" partial=-1 affix=NULL
starflags=0
LRU list:
internal_search_find: file="NULL"
type=mysql key="SELECT DISTINCT ip FROM exim.popb4smtp"
database lookup required for SELECT DISTINCT ip FROM exim.popb4smtp
MYSQL query: SELECT DISTINCT ip FROM exim.popb4smtp
MYSQL new connection: host=localhost port=0 socket=NULL database=NULL
user=exim
lookup yielded: 1.1.1.1
host in "mysql;SELECT DISTINCT ip FROM exim.popb4smtp"? yes (matched
"mysql;SELECT DISTINCT ip FROM exim.popb4smtp")
data from lookup saved for cache for +popb4smtp: 1.1.1.1
host in "+popb4smtp"? yes (matched "+popb4smtp")
check verify = recipient
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Verifying hank@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Considering hank@???
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
routing hank@???
--------> dnslookup router <--------
local_part=hank domain=marinar.com
checking domains
marinar.com in "@"? no (end of list)
marinar.com in "! +local_domains"? yes (end of list)
calling dnslookup router
dnslookup router called for hank@???
domain = marinar.com
DNS lookup of marinar.com (MX) succeeded
65.255.160.16 in "0.0.0.0/8 : 10.0.0.0/8 : 127.0.0.0/8 :
172.16.0.0/12 : 169.254.0.0/16 : 192.168.0.0/16 :
198.18.0.0/15 : 224.0.0.0/3"? no (end of list)
fully qualified name = marinar.com
host_find_bydns yield = HOST_FOUND (2); returned hosts:
intrepid.marinar.com 65.255.160.16 MX=10
set transport remote_smtp
queued for remote_smtp transport: local_part = hank
domain = marinar.com
errors_to=NULL
domain_data=NULL localpart_data=NULL
routed by dnslookup router
envelope to: hank@???
transport: remote_smtp
host intrepid.marinar.com [65.255.160.16] MX=10
----------- end verify ------------
check verify = sender
accept: condition test succeeded
SMTP>> 250 Accepted
250 Accepted
quit
SMTP<< quit
LOG: smtp_incomplete_transaction MAIN
H=(test) [1.2.3.4] incomplete transaction (QUIT)
SMTP>> 221 marinar.com closing connection
221 marinar.com closing connection
LOG: smtp_connection MAIN
SMTP connection from (test) [1.2.3.4] closed by QUIT
search_tidyup called
close MYSQL connection: localhost//exim
>>>>>>>>>>>>>>>> Exim pid=3705 terminating with rc=0 >>>>>>>>>>>>>>>>
Thank you all very much for taking the time to read this request for
assistance.
-hank