Giuliano Gavazzi wrote:
>>>
no, I was going to reply to your previous because I did not really
see your point and now I think that the answer is not the most
correct..
You said:
>Today I checked with a relay test ("telnet relay-test.mail-abuse.org"
>from your exim box) and that darn tool tried to send mail to
><user@???>; sure enough exim belched with a 451 "try
>later" message.
>Debugging via -bt revealed that "remote host address is the local host"
>(as if I didn't know).
well, it should have immediately replied with a "550 relay not
permitted", or equivalent, and this should have not involved any
routers (except for checking the MAIL FROM:) as the source is
certainly not a host you relay from and myhostname.company.org is not
a local_domain (since you have NO local domains!) or a
relay_to_domain. So, why did your box try to route the email in the
first place?
<<<
Now that is a good question. :)
The reason is that I have an acl like
deny message = unrouteable address
!verify = recipient
and this verification is calling the routers and finds out that the
domain in question is the local host. So the domainlist router is
called during an ACL test and not during the delivery.
If I remove that ACL then (thanks tho the final catch-all) it indeed
fails with "relaying not allowed".
--
Ben
