After making the jump from Exim 3.35 to 4.60, my callouts are behaving
differently than expected. As they no longer appear to be checking the
domains MX, and instead perform callouts either back to the connecting
host, or hostname in the email address.
The relevant part of my "acl_check_rcpt:" ACL from the 4.60 server:
deny message = sender rejects callback
!hosts = 192.168.0.0/16: 172.16.0.0/12
!dnslists = dsn.rfc-ignorant.com/$sender_address_domain
!verify = sender/callout=30s,random
/var/log/exim/mainlog entries:
2006-03-17 06:33:37 H=out-mx1.fcservices.com [209.190.210.134] sender
verify defer for <reply@???>: could not connect to
out-mx1.fcservices.com [209.190.210.134]: Connection timed out
2006-03-17 06:33:37 H=out-mx1.fcservices.com [209.190.210.134]
F=<reply@???> temporarily rejected RCPT
<postmaster@???>: Could not complete sender verify callout
out-mx1.fcservices.com is not listed as an MX for fcservices.com:
~$ dig fcservices.com MX
;; QUESTION SECTION:
;fcservices.com. IN MX
;; ANSWER SECTION:
fcservices.com. 1800 IN MX 10 mx2.fcservices.com.
fcservices.com. 1800 IN MX 5 mx1.fcservices.com.
;; MSG SIZE rcvd: 72
IP Info:
mx2.fcservices.com has address 64.245.25.141 (reverse IP matches)
mx1.fcservices.com has address 65.114.156.181 (reverse IP matches)
out-mx1.fcservices.com has address 209.190.210.134 (reverse IP matches)
Am I doing something wrong, misunderstanding something, or are callbacks
to the connecting host/address's hostname, instead of the MX, the
expected behavior in Exim 4.60?
Thanks,
Gregg Berkholtz