--On 21 February 2007 11:51:02 +0200 Timo Neuvonen <timo-news@???>
wrote:
> I'm getting huge amount of lines like this into reject log:
>
> H=kingmani2.tempdomainname.com [128.121.215.219]
> F=<> temporarily rejected RCPT someone@mydomain:
> lowest numbered MX record points to local host
Please don't obfuscate your log reports. Report them accurately.
The fact that you're asking for help means that you don't understand what's
happening. That means that you aren't qualified to judge what is
significant in the log file.
> These lines are obviously backscatter caused by 3rd party
> spam with forged from-addresses.
No, they're not. They're forged return-paths from the SMTP envelope.
> Now, I'm wondering what part of exim.conf makes it
> to *temporarily* rejet these messages? The same happens,
> although there were a decent from address instead of
> F=<>. Actually, I'd like to change the response from temporary
> to permanent reject, in both the cases: whether there is
> a valid from address or not.
It looks like the recipient domain MX is local, but Exim doesn't know how
to deliver it, perhaps?
Anyway, because you obscured the RCPT address, we can't tell.
> Now, I have in 'acl_check_rcpt:' the following:
> 1)
> require verify = sender
>
> 2)
> accept domains = +local_domains
> endpass
> message = unknown user
> verify = recipient
>
> Both above are from (some old) original exim.conf file, and
> the comments say "otherwise deny". What this "deny" means,
> is the temporary reject caused by these conf items? If so,
> how can I change it from temporary to permanent reject?
>
>
> Regards,
> Timo
--
Ian Eiloart
IT Services, University of Sussex
