[exim] domain literals puzzle

Top Page
Delete this message
Reply to this message
Author: Jim McCloskey
Date:  
To: exim-users
Subject: [exim] domain literals puzzle

Hello. I've been struggling with this puzzle for some time now, so I
really hope that someone here can help or provide a pointer.

I take care of a small group of workstations/servers running Debian
testing. The machines run exim 4.63 as packaged for Debian.

With four of them, all works fine. But with the fifth there is a
problem. Outgoing mail works fine, and local mail addressed to
user@localhost works fine, but mail coming in from any other machine
is bounced with this complaint:

   ----- The following addresses had permanent fatal errors -----
<user@???>
    (reason: 501 <user@[123.456.789.101]>: domain literals not allowed)


----- Transcript of session follows -----
... while talking to [123.456.789.101]:
>>> DATA

<<< 501 <user@[123.456.789.101]>: domain literals not allowed
554 5.0.0 Service unavailable
<<< 503 valid RCPT command must precede DATA

I know what the error message is telling me, and I understand why
delivery to literal IP addresses is disabled by default in exim. But I
don't understand why literal IP addresses are being used for delivery
attempts in the first place. The test messages I have sent from various
machines are addressed in the normal way to user@???; they are
not addressed to user@123.456.789.10.

And what puzzles me most is the fact that the configuration of exim
v.4 on the machine which bounces mail is exactly the same as the
configuration of exim v.4 on the other machines, all of which deliver
mail from other machines without complaint.

Nor does Exim v.3 show this behavior on the problematic machine.

So it looks like exim v.4 is sensitive to some oddity in the network
setup of the affected machine, an oddity that exim v.3 is not
sensitive to. But I can't see what that difference could be. What
configuration or misconfiguration could persuade exim v4 (but not v3)
that it had to attempt delivery to name@[123.456.789.10] rather than
to name@????

If anyone has any ideas on this, or could point me to some useful
source of information, I would be very grateful indeed. I have found
quite a few discussions of the use of domain literals, but I haven't
found discussions of anything much like this problem.

Thanks very much in advance.

Jim McCloskey