I want to allow remote users from certain ip ranges to be able to send out email through my mailserver. So I have added their ip range in my relay_from_hosts list and when i do
exim -d -bh ip_number
it says the message would be accepted.
but in my log file it is saying these messages are still being rejected :-
2007-03-23 13:40:06 H=(DH1) [85.92.179.169] F=<> rejected RCPT <pamela.spatec@???>: relay not permitted
the problem only happens with ip numbers in the 85.92.x.x range, other ip numbers in my relay_from_hosts list work fine.
can someone let me know how i can debug this further?
Here is my current access list, you will see I have 85.92.0.0/16 included in
it
hostlist relay_from_hosts = 127.0.0.1 : \
82.195.106.38 : \
62.64.128.0/17 : \
80.40.0.0/13 : 80.225.0.0/16 : 85.92.0.0/16 \
88.104.0.0/13 : \
194.247.224.0/19 : \
212.1.128.0/19 : 212.74.96.0/19 :
212.139.0.0/16 : \
212.159.128.0/18 : \
62.137.0.0/16 : 62.137.128.0/23 :
62.137.130.0/24 : \
62.137.134.0/23 : 62.137.136.0/24 :
62.137.137.0/24 : \
62.137.144.0/23 : 62.137.146.0/24 :
62.137.150.0/23 : \
62.137.152.0/24 : 62.137.153.0/24 : \
84.45.128.0/17 : \
87.127.0.0/17 : \
84.45.198.168/29
and if I do a test on my mailserver and pretend to be from one of those ip
numbers then the message is accepted :-
[root@hmimap exim]# /usr/local/exim/bin/exim -d -bh 85.92.179.169 Exim
version 4.44 uid=0 gid=0 pid=31186 D=fbb95cfd Berkeley DB: Sleepycat
Software: Berkeley DB 4.3.27: (April 25, 2005) Support for: iconv()
Lookups: lsearch wildlsearch nwildlsearch iplsearch dbm dbmnz
Authenticators: plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir autoreply pipe smtp Fixed never_users: 0
changed uid/gid: forcing real = effective
uid=0 gid=0 pid=31186
auxiliary group list: <none>
configuration file is /usr/local/exim/configure log selectors = 00000ffc
00010400 trusted user admin user changed uid/gid: privilege not needed
uid=209 gid=302 pid=31186
auxiliary group list: <none>
finduser used cached passwd data for hmweb
originator: uid=0 gid=0 login=root name=root sender address =
root@??? sender_fullhost = [85.92.179.169]
sender_rcvhost = [85.92.179.169]
**** SMTP testing session as if from host 85.92.179.169
**** but without any ident (RFC 1413) callback.
**** This is not for real!
host in hosts_connection_nolog? no (option unset)
LOG: smtp_connection MAIN
SMTP connection from [85.92.179.169]
host in host_lookup? no (option unset)
set_process_info: 31186 handling incoming connection from [85.92.179.169]
host in host_reject_connection? no (option unset) host in
sender_unqualified_hosts? no (option unset) host in
recipient_unqualified_hosts? no (option unset) host in helo_verify_hosts? no
(option unset) host in helo_try_verify_hosts? no (option unset) host in
helo_accept_junk_hosts? no (option unset)
SMTP>> 220 hmimap.uk1.bibliotech.net ESMTP Exim 4.44 Fri, 23 Mar 2007
SMTP>> 13:14:35 +0000
220 hmimap.uk1.bibliotech.net ESMTP Exim 4.44 Fri, 23 Mar 2007 13:14:35
+0000 smtp_setup_msg entered HELO junk SMTP<< HELO junk junk in
helo_lookup_domains? no (end of list) sender_fullhost = (junk)
[85.92.179.169] sender_rcvhost = [85.92.179.169] (helo=junk)
set_process_info: 31186 handling incoming connection from (junk)
[85.92.179.169] 250 hmimap.uk1.bibliotech.net Hello junk [85.92.179.169]
SMTP>> 250 hmimap.uk1.bibliotech.net Hello junk [85.92.179.169]
MAIL FROM: junk@???
SMTP<< MAIL FROM: junk@???
SMTP>> 250 OK
250 OK
RCPT TO: junk@???
SMTP<< RCPT TO: junk@???
using ACL "acl_check_rcpt"
processing "accept"
check hosts = :
host in ":"? no (end of list)
accept: condition test failed
processing "deny"
check local_parts = ^.*[@%!/|]
junk in "^.*[@%!/|]"? no (end of list)
deny: condition test failed
processing "accept"
check local_parts = postmaster
junk in "postmaster"? no (end of list)
accept: condition test failed
processing "accept"
check domains = +local_domains
yahoo.com in "@"? no (end of list)
yahoo.com in "+local_domains"? no (end of list)
accept: condition test failed
processing "accept"
check domains = +relay_to_domains
yahoo.com in ""? no (end of list)
yahoo.com in "+relay_to_domains"? no (end of list)
accept: condition test failed
processing "accept"
check hosts = +relay_from_hosts
host in "127.0.0.1 : 82.195.106.38 : 62.64.128.0/17 : 80.40.0.0/13 :
80.225.0.0/16 : 85.92.0.0/16 88.104.0.0/13 : 194.247.224.0/19 :
212.1.128.0/19 : 212.74.96.0/19 : 212.139.0.0/16 : 212.159.128.0/18 :
62.137.0.0/16 : 62.137.128.0/23 : 62.137.130.0/24 : 62.137.134.0/23 :
62.137.136.0/24 : 62.137.137.0/24 : 62.137.144.0/23 : 62.137.146.0/24 :
62.137.150.0/23 : 62.137.152.0/24 : 62.137.153.0/24 : 84.45.128.0/17 :
87.127.0.0/17 : 84.45.198.168/29"? yes (matched "85.92.0.0/16
88.104.0.0/13") host in "+relay_from_hosts"? yes (matched
"+relay_from_hosts")
accept: condition test succeeded
SMTP>> 250 Accepted
250 Accepted
DATA
SMTP<< DATA
SMTP>> 354 Enter message, ending with "." on a line by itself
354 Enter message, ending with "." on a line by itself search_tidyup called
test .
host in ignore_fromline_hosts? no (option unset)
>>Headers received:
search_tidyup called
>>Headers after rewriting and local additions:
Data file written for message 1HUjcH-000870-Ma
>>Generated Received: header line
P Received: from [85.92.179.169] (helo=junk)
by hmimap.uk1.bibliotech.net with smtp (Exim 4.44)
id 1HUjcH-000870-Ma
for junk@???; Fri, 23 Mar 2007 13:15:42 +0000 calling
local_scan(); timeout=300
local_scan() returned 0 NULL
LOG: MAIN
<= junk@??? H=(junk) [85.92.179.169] P=smtp S=175
SMTP>> 250 OK id=1HUjcH-000870-Ma
250 OK id=1HUjcH-000870-Ma
**** SMTP testing: that is not a real message id!
smtp_setup_msg entered
QUIT
SMTP<< QUIT
SMTP>> 221 hmimap.uk1.bibliotech.net closing connection
221 hmimap.uk1.bibliotech.net closing connection
LOG: smtp_connection MAIN
SMTP connection from (junk) [85.92.179.169] closed by QUIT search_tidyup
called
>>>>>>>>>>>>>>>> Exim pid=31186 terminating with rc=0 >>>>>>>>>>>>>>>>
[root@hmimap exim]#
any help,suggestions would be really appreciated,
thanks,
oliver
--
Oliver Howe
Senior Systems Administrator
Tel: +44 (0) 79 7420 6484
Fax: +44 (0) 20 7664 7878
Spider Networks - the power behind interactive web communications -
www.spider-networks.net
--
Confidentiality Notice: This email is confidential and may also be privileged. If you are not the intended recipient, please notify the sender IMMEDIATELY; you should not copy the email or use it for any purpose or disclose its contents to any other person. General Statement: Any statements made, or intentions expressed in this communication, may not necessarily reflect the view of Spider Networks, that no content herein may be held binding upon Spider Networks or any associate or any associated company unless confirmed by the issuance of a formal contractual document or purchase order.