RE: [exim] Re: [Debian issue #244724] exim 4 usesdouble?reve…

Top Page
Delete this message
Reply to this message
Author: Eli
Date:  
To: 'Andreas Metzler', exim-users, 'Marc Haber'
CC: 
Old-Topics: [exim] Re: [Debian issue #244724] exim 4 uses double?reverselookupforindexing into client password file
Subject: RE: [exim] Re: [Debian issue #244724] exim 4 usesdouble?reverselookupforindexing into client password file
Andreas wrote:
> > "hosts_try_auth" expects a *HOST* list. Unfortunately for lack of
> > better choices, a "host" list is in fact a list of IPs. You cannot
> > specify a hostname in a hostlist.
>
> No.


Augh, you're right. I thought there was something that allowed only IPs and
thought it was hostlists. I apparently missed reading section 10.9 which
says you can use domain names in a hostlist.

> > It then passes control to the transport, which sets up delivery and
> > checks host_try_auth. The problem is that Exim cares not about the
> > hostname of the server at this point, it wants an IP to
> deliver to.
> > Your config does an "exists" test on the "passwd.client"
> file, sees it
> > and expands the ${if...} test to "smarthost.fqdn.example" which is
> > illegal in a hostlist, so Exim ignores it. You then fail
> in SMTP auth
> > since there's no confirmation of an IP and thus the problem.
> [...]
>
> Eh, no.
>
> We are using {${lookup{$host} in the authenticator which
> "contains the name of the server to which the client is connected".


Ok, well the config file snippets that Marc showed didn't include that part.
As far as I could tell (despite being wrong on a few things - blame my ~
year of not twiddling with Exim on that) his issue was with the
hosts_try_auth and wasn't even getting to the SMTP authenticator stage.

>
> This will work perfectly _unless_ smarthost.fqdn.example is a CNAME.
>
> We'll need to use a smarter lookup with or or save the 
> original name in $hosts_data.
>            cu andreas


That answers that! So $host stores the hostname after Exim has looked it up
which comes back to what Marc initially stated as the potential issue it
seems.

All I have to say is you boys can play with this one, and I won't be
responding to any further Debian bugzilla reports. I went through what, 5-6
emails back and forth looking all sorts of information up and in the end
find out that everything I said was useless because I had no idea what was
contained in the entire configuration file (to my defense, I did ask for the
config file).

In the future (we'll use this case as an example) with situations like this,
can you please provide debug output? It would have shown exactly what Exim
was doing and where it was failing - rather than have me guess at possible
problems and stir up trouble.

Eli.