Re: [exim] Mail from remote server sending to my dedicated s…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: W B Hacker
Dátum:  
Címzett: exim users
Tárgy: Re: [exim] Mail from remote server sending to my dedicated site: 550Error Relay not permitted
Albert Wong wrote:
> So, I posted this before, but I did some more work on this.
>
> _On my Dedicated Box_
> Exim's primary_host / local_domains / ACL section *does* seem to be
> configured to receive the mail to the appropriate domains [local_domains]
> when mail is sent out **from the local "mail" command line** on the
> dedicated box... However, when the mail is sent **from a remote mail
> server**, [like yahoo.com or my ISP dslextreme.com] to the dedicated box, I
> get the "550 Error Relay not permitted".
>


Your hosting provider is doing several weird things. See below, and see their
'explanation' in their online FAQ.

Then go and get a proper hosting provider.


> I think that the locally originating mail gets appropriately passed through
> the exim.configure file, but remotely originating mail does not .
>
> When I dig "ithou.org" when I am logged onto the localhost, I get this:
>
> dig ithou.org -t mx
>
> gives:
>
> ;; QUESTION SECTION:
> ;ithou.org. IN MX
>
> ;; ANSWER SECTION:
> ithou.org. 3600 IN MX 20 mail.ithou.org.
> ithou.org. 3600 IN MX 10 mx.ithou.org.
>
> ;; AUTHORITY SECTION:
> ithou.org. 3600 IN NS ns2.ithou.org.
> ithou.org. 3600 IN NS ns1.ithou.org.
>
> ;; ADDITIONAL SECTION:
> mx.ithou.org. 3600 IN A 216.32.94.10
> mail.ithou.org. 3600 IN A 216.32.94.10
> ns1.ithou.org. 3600 IN A 216.32.94.10
> ns2.ithou.org. 3600 IN A 216.32.94.10
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Mon Aug 14 11:24:01 2006
> ;; MSG SIZE rcvd: 167
>
> whereas the actual godaddy nameservers [where my site nameservers are set up
> right now] yields the following:
>
> dig @park29.secureserver.net ithou.org -t mx
>
> gives this output:
>
> ;; QUESTION SECTION:
> ;ithou.org. IN MX
>
> ;; ANSWER SECTION:
> ithou.org. 3600 IN MX 10 mx.ithou.org.
> ithou.org. 3600 IN MX 30 mail.ithou.org.
>
> ;; ADDITIONAL SECTION:
> mail.ithou.org. 3600 IN A 216.32.94.10
> mx.ithou.org. 3600 IN A 216.32.94.10
>
> ;; Query time: 39 msec
> ;; SERVER: 64.202.165.19#53(64.202.165.19)
> ;; WHEN: Mon Aug 14 11:29:15 2006
> ;; MSG SIZE rcvd: 99
>
> ---------------


There is more to it.

Do 'host mx.ithou.org', which returns 216.32.94.10

Now do 'host 216.32.94.10' and get:
10.94.32.216.in-addr.arpa domain name pointer 10.94.32.216.reverse.layeredtech.com.

Then try:

dig any reverse.layeredtech.com
dig any PTR reverse.layeredtech.com

Note the 'NS' and 'A' records do NOT end up on your IP, nor is there a PTR record.

>
> Additionally, here's the main parts of the exim configure file:
>
> primary_hostname = ithou.org
>
> domainlist local_domains = @ : ithou.org : <http://www.ithou.org>
> www.ithou.org
> domainlist relay_to_domains = *.ithou.org : ithou.org
> hostlist relay_from_hosts = localhost : 216.32.94.10
>
> Thanks for any ideas! :-)
>
> Finally: and this might be key... when I try to do a telnet test send
> message from exim, I get the following response:
>
> #telnet ithou.org 25
> Connected to ithou.org.
> Escape character is '^]'.
> 220 newinst.layeredtech.com ESMTP Exim 4.62 Mon, 14 Aug 2006 11:37:00 -0500


The 'banner' should reflect *your* server ID, not that of the upstream.
Aside from their proprietary idea of what a PTR record is (see their FAQ),
they are doing something else strange.

Note that *your* DNS has 'A' and 'MX' records.

Note that layeredtech has constructed an rDNS for your IP, but have assigned it
to *their* domain.tld, not to your domain.tld.

Do a traceroute to your IP, your domain.tld and save the last two lines.

Now do the same to one or more other mail servers, (mine, sesame, etc.).

Compare the last two lines with the last two lines from these with the last two
lines where layeredtech is mis-labeling your server.

Then go and find a proper hosting provider.

Meanwhile, rude as that is, as you DO have an A record, it should not stop the
world from turning.

> ehlo ithou.org
> 250-newinst.layeredtech.com Hello ithou.org [216.32.94.10]
> 250-SIZE 52428800
> 250-PIPELINING
> 250 HELP
> MAIL FROM: wonga@???
> 250 OK
> RCPT TO: wonga@???
> 451 Temporary local problem - please try later
>


This is a separate issue.

If I follow the same procedure, but use *my* address as 'MAIL FROM:'
with RCPT TO: wonga@???, I get 'accepted', not the 451 error message.

Your Exim is seeing a remote client attempt to impersonate a local domain.tld
(probably doesn't let it get far enough to care about the local_part).

> Thanks for all your ideas!
>
> I've tried to contact LayeredTech.com which is my hosting company to try and
> set things up with a PTR / DNS record upstream. because Bill Hacker
> graciously recommended that I do so earlier, but the hosting company is
> being kinda unresponsive.
>


More accurately, responsive in a proprietary and unhelpful way - one taht will
throw you into the penalty box for apparent 'forgery' as you move forward.

> Anyhow, thanks for your help!
>
> Albert
>
>
>


Suggest you use a 'real' remote address for MAIL FROM: on telnet testing so as
not to complicate/obscure the issues.

HTH,

Bill