Re: [exim] unrouteable address from alias on internal host

Góra strony
Delete this message
Reply to this message
Autor: Fred Viles
Data:  
Dla: exim-users
Temat: Re: [exim] unrouteable address from alias on internal host
On 10 Nov 2004 at 20:10, Rob wrote about
    "Re: [exim] unrouteable address from":


| Fred Viles wrote:

|...
| >
| > This appears to be the only router intended to handle general
| > outbound addresses. The ${if condition appears to restrict the
| > sender addresses allowed for relay prevention. If so, it would not
| > be expected to accept messages with arbitrary external addresses in
| > MAIL FROM, and your symptom is the expected result.

|...
| heres the output of exim -bhc ip.of.internal.host again, its in my other
| post as well:


Did you not understand my explanation above?

What does
    exim -f remote-sender@??? -bt test123@???
show you?


|...
| That looks like all is well to me, unless I am mistaken.


It doesn't show testing of the addresses, since your ACLs don't do
that. Hmm, I've downloaded EximConfig in all it's glory, and it
looks to me like the your -bhc test *should* have failed in the RCPT
ACL.

You've apparently either deleted a bunch of clauses, or you've moved
an "accept" clause of two much higher in the ACL. Your current
config is not operating as Boggis intended.

| I suppose on the internal host, which has a more vanilla config, I can
| just do a manual route for the few addresses that need to be forwarded
| (for blackberrys) and send that to a different machine.


Again, just my $.02: I don't think you should hack a special-purpose
solution like that. I think it's better to learn how exim works well
enough to be able to understand what your own config file is actually
doing, and then fix the external server to operate correctly. In
these days of a hostile Internet, a responsible email admin really
has to know what he's doing - you can't take shortcuts.

BTW, what happens when you try a test run simulating an external
message to an invalid local address:

exim -bh <some.EXTERNAL.IP>
HELO foo.com
MAIL FROM: <remote-sender@???>
RCPT TO: <bogus-user@???>
DATA
etc...
.

You should get "550 unknown user" after the RCPT TO: - do you?

- Fred