I'm running exim 4.72 to service a small number of users (less than 50) and
to relay mail from a few groupware apps running on one particular machine
(which I'll call Samson).
Samson sends email 'from' quite a few different addresses. It can have any
number of group projects, and each group project has a name, and the names
become part of a cluster of associated email accounts, such as "
project1-site@???" and "project1-calendar@???" and "
project1-subscribe@???".
I have samson's FQDN, ip address, and the verizon-generated FQDN for the
public ip address (see below) all added to my relay-from-hosts file, which
then looks something like this:
11.111.111.1
static-11-111-111-1.prvdri.fios.verizon.net
samson.example.com
The problem I'm having is that mail from samson is being rejected with
verification errors. I thought I had exim configured to relay from samson
correctly, but I've obviously done something wrong.
I'm a n00b. Not going to pretend I know what's wrong. Here's an example
rejection, from my mainlog:
2011-04-25 11:55:27 H=static-11-111-111-1.prvdri.fios.verizon.net (
samson.free-conversant.com) [11.111.111.1] F=<project1-confirm@???>
rejected RCPT <example@???>: Sender verify failed
My exim.cf has this:
Under the Main Configuration Settings:
hostlist relay_from_hosts = lsearch;/etc/exim/relay-from-hosts
my acl_check_rcpt contains (among lots of other things):
acl_check_rcpt:
accept hosts = :
control = dkim_disable_verify
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
deny condition = ${if eq {$sender_address_local_part}{postmaster} \
{true}{false}}
sender_domains = +local_domains
deny condition = ${if eq {$sender_address_local_part}{nobody} \
{true}{false}}
sender_domains = +local_domains
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept hosts = +relay_from_hosts
control = submission
control = dkim_disable_verify
accept authenticated = *
control = submission/sender_retain
control = dkim_disable_verify
add_header = X-Authenticated-Sender: ${sender_address}
require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient
accept
(Sorry if this is hard to follow.)
Can anyone help me figure this out?
Seth
