Autor: Tony Marques Data: A: exim-dev Assumpte: Re: [exim-dev] Exim from mailnull by local "Auto-Submitted:
auto-generated" bounces keep bouncing
> It's more an error in configuration. These days, sending back an entire > message in a bounce is most unfriendly, since it's so likely to distribute a
> virus to an innocent third party. We cut off our bounce messages at--I
> think--10K. Newer Exims (I forget the transition point) can also be
> configured not to return the body at all).
Yes, that is preferential, although I hope it still returns headers or
at least the IP address of the incoming message.
Yet this doesn't matter in the case where a 550 User Unknown error is
generated. The entire SMTP transaction is briefly... HELO< 250>, MAIL
FROM< 250 OK>, RCPT TO< 550 Unknown User>, QUIT. No DATA so the
message that caused the bounce is irrelevant. This is less of a
problem although there is no reason for the Exim server to retry this
27 times over the next few days.
>> Here is the problem, the Exim servers will retry to resend the message
>> (ignoring the 55x errors) every two hours for 2 or 3 days. The
>> bounce's message-id, date, other headers, and the quoted forgery all
>> demonstrate that the multiple bounces are caused by a single message
>> and the multiples are a result of a problem with Exim not
>> acknowledging my server's 55x responses. Normally this problem
>> wouldn't be noticed as bounces aren't normally seen.
>
> In my experience, Exim doesn't do that, and I'm not quite sure what I would
> do to cause it.
I can get you a list of Exim servers from my logs which seem to do
this. Poeple on this list are even less likely to experience this as
their Exim servers may accept problem messages in the first place and
filter them immediately.
To duplicate this, authenticate or otherwise use your Exim server to
relay a message to a non-local account that generates a 550 User
Unknown error.
1. In DNS, configure the mx sub.yourdom.com to point to any foreign
mail server (like mx1.hotmail.com or whatever).
2. Send a message to your Exim server from <x@???> to
<y@???> using authentication or from a local/known IP
address so it acts as a relay. Once accepted the trap is set.
Your Exim server will try to deliver the message to the foreign host
and get a 550 user unknown or 550 we do not relay for
<x@???> (or in the case of hotmail, 550 Requested action
not taken: mailbox unavailable).
Then it should try to send a bounce from <> to <x@???>, if
that message remains in the queue after the first attempt then we've
duplicated the problem. This is only a few seconds after we've sent
the message.
Just to ensure, this wasn't a problem with my server or it's software
as opposed to the half dozen or so examples of different Exim servers
that I've quickly found in my logs. I've just gone through the
trouble (2 minutes) of setting up the SMTP service on a new server to
debug this.
I took a test Windows 2003 box setup the SMTP service (my main server
doesn't use MS mail software so different server/different mail server
software) and opened the smtp port. With no mailboxes and nothing
else setup, now any message sent to that machine will get a 550 Unable
to relay for <whomever>. I needed to test this against a foreign
server so I setup a public MX for test.tymes.net to forward to this
server (which still won't accept it). That servers logs will indicate
when the remote server tries to connect and deliver a bounce.
I sent off the seed message from a bogus address
<exim-test@???> to test an Exim server (sorry, but they
have already sent me 27 virus infected messages) and two hours later,
I got a second bounce so this will presumably continue for the next
few days as that remote Exim 4.50 server tries to deliver the bounce.
Someone with their own Exim server wouldn't haven't to wait two hours
as they would just be able to look in the Outgoing queue to see if the
bounce was still there after the first attempt.
Here is a snipt from the SMTP logs of the server I setup.
