------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=823
Summary: exim does not perform smtp authentication when
performing callouts
Product: Exim
Version: 4.69
Platform: All
OS/Version: Linux
Status: NEW
Severity: bug
Priority: high
Component: SMTP Authentication
AssignedTo: nigel@???
ReportedBy: jaco@???
CC: exim-dev@???
I'm using exim for a setup where I've got a host on a fixed IP, to which the MX
records is pointing. I'm then forwarding some of these addresses to a host on
a dynamic IP. For this reason I'm using authentication in order to prevent
certain dyndns issues (like a dangling record pointing at some other host).
The dynamic IP also rejects all delivery attempts on non-authenticated
connections.
On the MX host, I've got "require verify = recipient" in my rcpt to acl.
My virtual_user transport will then "rewrite" the addresses to intended
targets, eg, jaco@??? will get rewritten to jaco@???, at
this stage exim will drive jaco@??? to my explicit transport for
atlantis.uls.co.za which will ask it to relay it via authenticated smtp to the
intended host.
When performing a recipient callout verification exim will in the above case
actually connect to the intended host and attempt a "bounce delivery" to
jaco@??? without authenticating. Since the destination host
doesn't accept non-authenticated connections the message gets rejected, and
bounced (due to the fact that the callout doesn't perform authentication).
Fortunately in this case there is a relatively easy workaround, just pretend
that mail.uls.co.za is always authenticated on the recipient host, this does,
however, expose me to dangling IP records again for callout verifications.
Also, I should be able to create a router that "steals" the routing in the case
of verify to only check that the email address exists locally and not cause
SMTP callouts.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
