Author: W B Hacker Date: To: exim users Subject: Re: [exim] Other IP checking than SPF
Andy Smith wrote: > Hi list,
>
> appologies that this isnt specifically Exim related, however Im
> having the following problem from a customer attempting to relay
> email via our Exim servers:
>
> We are getting an
>
>
> SMTP error from remote mail server after MAIL
> FROM:<hello@???> SIZE=1892: host mail.itcuk.net
> [195.226.40.68]: 550 Sorry, <hello@???> is not allowed
> access from your location
>
> So it seems the remote host is doing some check that we are genuinely
> sending for the domain, however there is no SPF record for the
> domain. Does anyone know what other methods of checking the senders
> IP address could be causing the issue?
>
>
> thanks for any clues! Andy.
More helpful if we knew both sending and receiving MTA info...
But form what we have been shown, it probably is not the sender's IP
that is causing the rejection.
The entry indicates your are in smtp_mail_from, ergo:
- smtp_connect, where the IP is the only thing you are sure of.
and
- smtp_helo where you *should* have seen a FQDN, but do not always get
such,
... have already passed, and shoudl not hve thrown a flag as:
host -v on the IP or <domain>.<tld> you posted shows what appears to be
proper MX and PTR RR, further reducing the probability that it is
IP-related.
Could it be a domain and/or user@domain specific local blacklist?
We use these extensively. Some kick at mail_from, others await
smtp_rcpt_to to allow matched correspondent (only) whitelisting.
