Re: [exim] rejected RCPT, relay not permitted

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Renee
Date:  
À: Ian Eiloart
CC: exim users
Sujet: Re: [exim] rejected RCPT, relay not permitted
Of course today I figure out that it only works properly if I change the
alpine local config smtp-server to "localhost/...." and send from the
localhost (cielo). If I change the local config's smtp-server to "
cielo.unm.edu/...." and send from the localhost or from some other server,
it performs the same behavior as before... Argh.

I am giving up. My best guess is that there are at least two different
alpine bugs at work here. I'm more convinced than ever to move my pine
users to mutt or something more 21st century...

Renee


On Tue, May 5, 2009 at 5:37 AM, Ian Eiloart <iane@???> wrote:

>
>
> --On 1 May 2009 11:10:24 -0600 Renee <soundwreck@???> wrote:
>
> Thanks Ian & Bill, for your advice.
>>
>> Bill- I think I'm okay under the scenarios you listed in "A". "B" could
>> be a different story...? My un-obfuscated logs, below, with "log_selector
>> +all" should be able to shed more light on this subject.
>>
>
> Interesting. Alpine is connecting on port 587, and getting a "relay not
> permitted" error. Then it does an RSET, and somehow manages to send the
> message, to the same Exim process "[4062]".
>
> Does your backend authenticator log authentication attempts? My guess is
> that alpine is maybe trying to send email without authentication first, then
> with authentication. The first attempt really ought to fail, whoever the
> recipient is.
>
> If you send to a local recipient, then this may succeed first time. It
> shouldn't really. You really do want your MSA connections authenticated.
> Exceptions may be permitted if you have a reason to trust the machine
> sending the email.
>
>
> I did a few different tests this morning. Two from alpine on both the
>> localhost (cielo) and another host within my control that has alpine
>> configured to look to cielo. I won't post the log from the latter, as it
>> is essentially the same, just a different sending host. I also did some
>> tests from webmail (squirrelmail) and thunderbird to show the difference.
>> I'll just post the log from thunderbird.
>>
>> It appears that there are two extra lines in the alpine output logging
>> that aren't displayed when using thunderbird, etc.. First the "relay not
>> permitted" line, then an "incomplete transaction" statement.
>>
>> Also, since I first posted, I've added mailscanner back into the loop, but
>> I've already confirmed that the same problem occurs with and without
>> mailscanner's involvement.
>>
>> alpine:
>> 2009-05-01 10:49:47 [3958] SMTP connection from [129.24.125.136]:33508
>> I=[129.24.125.136]:587 (TCP/IP connection count = 1)
>> 2009-05-01 10:49:47 [4062] H=cielo.unm.edu [129.24.125.136]:33508
>> I=[129.24.125.136]:587 F=<obscure@???> rejected RCPT <
>> soundwreck@???>: relay not permitted
>> 2009-05-01 10:49:47 [4062] H=cielo.unm.edu [129.24.125.136]:33508
>> I=[129.24.125.136]:587 incomplete transaction (RSET) from <
>> obscure@???>
>> 2009-05-01 10:49:47 [4062] 1Lzvvn-00013W-Of "obscure@???" from
>> env-from rewritten as "obscure@???" by submission mode
>> 2009-05-01 10:49:47 [4062] 1Lzvvn-00013W-Of <= obscure@??? H=
>> cielo.unm.edu [129.24.125.136]:33508 I=[129.24.125.136]:587 P=esmtpsa
>> X=TLSv1:AES256-SHA:256 CV=no A=dovecot_plain:obscure S=571 id=
>> alpine.GSO.2.00.0905011049180.4005@??? T="test from alpine"
>> from < obscure@???> for soundwreck@???
>> 2009-05-01 10:49:47 [4062] SMTP connection from
>> cielo.unm.edu[129.24.125.136]:33508 I=[129.24.125.136]:587 closed by
>> QUIT
>> 2009-05-01 10:49:50 [4069] cwd=/var/spool/MailScanner/incoming/3969 5
>> args: /usr/local/exim/bin/exim -C /usr/local/exim/etc/configure.out -Mc
>> 1Lzvvn-00013W-Of
>> 2009-05-01 10:49:51 [4069] 1Lzvvn-00013W-Of => soundwreck@??? F=<
>> obscure@???> P=<prvs=03722334aa=obscure@???>
>> R=dnslookup_batv T=external_smtp_batv S=857
>> H=gmail-smtp-in.l.google.com[209.85.147.27]:25 C="250 2.0.0 OK
>> 1241196591 v9si4857027wah.1" QT=4s DT=1s
>> 2009-05-01 10:49:51 [4069] 1Lzvvn-00013W-Of Completed QT=4s
>>
>> thunderbird:
>> 2009-05-01 10:51:03 [3958] SMTP connection from [129.24.124.254]:50149
>> I=[129.24.125.136]:587 (TCP/IP connection count = 1)
>> 2009-05-01 10:51:12 [4073] 1LzvxA-00013h-2e "obscure@???" from
>> env-from rewritten as "obscure@???" by submission mode
>> 2009-05-01 10:51:12 [4073] 1LzvxA-00013h-2e <= obscure@??? H=
>> d00-129-24-124-254.dhcp.unm.edu [129.24.124.254]:50149
>> I=[129.24.125.136]:587 P=esmtpsa X=TLSv1:AES256-SHA:256 CV=no
>> A=dovecot_plain:obscure S=603 id=49FB2877.7060900@??? T="test
>> from thunderbird" from <obscure@???> for soundwreck@???
>> 2009-05-01 10:51:12 [4073] SMTP connection from
>> d00-129-24-124-254.dhcp.unm.edu [129.24.124.254]:50149
>> I=[129.24.125.136]:587 closed by QUIT
>> 2009-05-01 10:51:15 [4079] cwd=/var/spool/MailScanner/incoming/4013 5
>> args: /usr/local/exim/bin/exim -C /usr/local/exim/etc/configure.out -Mc
>> 1LzvxA-00013h-2e
>> 2009-05-01 10:51:16 [4079] 1LzvxA-00013h-2e => soundwreck@??? F=<
>> obscure@???> P=<prvs=03722334aa=obscure@???>
>> R=dnslookup_batv T=external_smtp_batv S=891
>> H=gmail-smtp-in.l.google.com[209.85.147.27]:25 C="250 2.0.0 OK
>> 1241196676 j15si4817136waf.64" QT=4s
>> DT=1s
>> 2009-05-01 10:51:16 [4079] 1LzvxA-00013h-2e Completed QT=4s
>>
>
>
>
> --
> Ian Eiloart
> IT Services, University of Sussex
> 01273-873148 x3148
> For new support requests, see http://www.sussex.ac.uk/its/help/
>