Re: [exim] Forwarding of delivery error messages to non-exis…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: W B Hacker
Datum:  
To: exim users
Betreff: Re: [exim] Forwarding of delivery error messages to non-existent local users' aliases fails
My BSD wrote:
> On Tue, 26 May 2009 20:32:12 +0800
> W B Hacker <wbh@???> wrote:
>
> ...
>> ...
>>
>> Look at your routers and the transports they call.
>>
>> - why would one of those ID's - by definition, with '..no local account'
>>    be latched-on-to for local delivery at all?

>
> Why indeed? I'm not looking for local delivery -- but to forward it per the
> aliases entry.
>
>> - and if/as/when it is, *where* would Exim expect to deliver it?
>>
>> ...
>>
>> But if the the only 'virtualization' you do is driven by /etc/[mail]/aliases.
>> you must either insure those addresees are NOT taken up by a local delivery
>> router/transport in the first instance, OR provide it with a place to drop 'em
>> or the privs to create such on-the-fly if you DO allow it.
>>
> Again, I'm not looking for local delivery -- but for messages to be
> forwarded per the aliases entries.
>> ...
>>
>
> To rephrase my original question, why are messages between non-existent
> "local users" forwarded and delivery but delivery error messages from the
> existing exim user to non-existent "local users" frozen instead of forwarded
> per the aliases entries?
>
> Thanks for your insight Bill.
>


Well this is why we say 'do not obfuscate'

It has to do with the *nature* of the delivery.

Unless your info was more obfuscated than average, Exim is protecting you from a
loop.

"But local delivery *error messages* are frozen with the following log entries:

-----------------------------------------------------------------------------------------------------------
2009-05-26 04:16:49 1M8rq5-0003kh-LJ ** [user@???]
<[user@???]>: Unknown user

2009-05-26 04:16:49 1M8rq5-0003kh-LJ Frozen (delivery error message)"
-----------------------------------------------------------------------------------------------------------

Reading between the lines ..

You've attempted a delivery.

It failed at the 'remote' end, (which could be on the adjacent box for all we
know..)

A DSN was returned. '....Unknown User'

You do NOT want to send that 'bounce' (if that is what your hand-constructed
'example' really represnts) to the only address you have for that user, 'coz it
is the very one that just failed. And is probably going to create another
bounce, which you will forward...

ping pong ping pong ... and find yourself blacklisted.

Exim has protected you from that.

..or you have obfuscated what it really did...

Consider one of:

A) errors_to .. with the address of the mailadmin. Or /dev/null if you don't
give a Massatwoshits.

B) errors_to .. with logic to dig out the 'real' aliased-user's 'other' mail
address, if they have one, and find a route to that 8instead of* the forwarder.

C) a 'stub' mailstore for those users you did not WANT to have local storage,
and a cron job to detect an accumulation and let <lucky soul> know something
needs looked at.

D) Suspending forwarding for any clients whose messages are denied landing rights.

Bill