Fred Viles wrote:
> On 10 Nov 2004 at 18:31, Rob wrote about
> "Re: [exim] unrouteable address from":
>
> |...
> | Sure thing, it originally came from http://www.jcdigita.com/eximconfig/
>
> Gad.
>
> | begin routers
> |...
> | # Route directly via SMTP (Outbound messages.)
> | outbound_direct:
> | driver = dnslookup
> | transport = remote_smtp
> | domains = ! +local_domains : ! +relay_domains
> | condition = "${if or { \
> | {eq {$sender_address}{}} \
> | {eq {$sender_address_domain}{HOSTNAME}} \
> | {eq
> | {${lookup{$sender_address_domain}lsearch{CONFIGDIR/domains/local}{FOUND}{}}}{FOUND}}
> | \
> | {eq
> | {${lookup{$sender_address_domain}lsearch{CONFIGDIR/domains/relay}{FOUND}{}}}{FOUND}}
> | \
> | } {1}{0}}"
> | ignore_target_hosts = IGNORE_TARGET_HOSTS
> | verify_recipient = true
> | verify_sender = false
>
> This appears to be the only router intended to handle general
> outbound addresses. The ${if condition appears to restrict the
> sender addresses allowed for relay prevention. If so, it would not
> be expected to accept messages with arbitrary external addresses in
> MAIL FROM, and your symptom is the expected result.
>
> If you remove the condition, it will "solve" the reported problem.
> But my guess is that it will also turn you into an open relay. So
> before doing that, make sure you have adequate checks in your RCPT
> ACL to prevent relay attempts! I'll bet your config does not do that
> currently and that's why it's doing it in the router.
>
> - Fred
>
I thought it was a pretty in-depth config to use. It has alot of
anti-spam work already done, which is why I am testing it.
heres the output of exim -bhc ip.of.internal.host again, its in my other
post as well:
>>> processing "accept"
>>> check hosts = +local_relay_hosts
>>> host in "+local_relay_hosts"? yes (matched "+local_relay_hosts" -
cached)
>>> accept: condition test succeeded
250 Accepted
data
354 Enter message, ending with "." on a line by itself
then the data acls run and ultimately accept it
>>> processing "accept"
>>> accept: condition test succeeded
>>> unspool_mbox(): unlinking
'/var/spool/exim4/scan/1CS332-00075r-4w/1CS332-00075r-4w.eml'
>>> unspool_mbox(): unlinking
'/var/spool/exim4/scan/1CS332-00075r-4w/1CS332-00075r-4w-00000.com'
LOG: 1CS332-00075r-4w SA: Action: Not running SA because SAEximRunCond
expanded to false (Message-Id: 1CS332-00075r-4w). From
<remote-sender@???> (host=internal.ourdomain.com
[65.217.179.167]) for test123@???
LOG: 1CS332-00075r-4w <= imatester@??? H=internal.ourdomain.com
[65.217.179.167] I=[NULL]:-1 P=smtp S=491 from
<remote-sender@???> for test123@???
250 OK id=1CS332-00075r-4w
**** SMTP testing: that is not a real message id!
quit
That looks like all is well to me, unless I am mistaken. I think that
in the test scenario it does not take the outgoing alias into account.
And that is where it fails in the outbound_direct router and just dies.
I suppose on the internal host, which has a more vanilla config, I can
just do a manual route for the few addresses that need to be forwarded
(for blackberrys) and send that to a different machine.
