[exim] What the...

Top Page
Delete this message
Reply to this message
Author: Chris Knipe
Date:  
To: exim-users
Subject: [exim] What the...
Hi,

I'm a bit in the dark here... For the love of me, I cannot determine
why this (and only this specific email from battle.net) are being
rejected by exim. All emails from this specific host seems to be
rejected for some reason, but I cannot determine why? :( All my
rejects in my ACLs have a message specified, but according to the log
the email is rejected without an message...

I have log_selector = +all -pid in my config, and the only entries in
the log is below (together with my acls)...

main.log:
2011-11-07 07:37:45 SMTP connection from [80.239.186.47]:36044
I=[64.16.211.38]:25 (TCP/IP connection count = 1)
2011-11-07 07:37:47 H=ext-smtp11.eu.battle.net [80.239.186.47]:36044
I=[64.16.211.38]:25 F=<noreply@???> rejected RCPT
<savage@???>
2011-11-07 07:37:47 H=ext-smtp11.eu.battle.net [80.239.186.47]:36044
I=[64.16.211.38]:25 incomplete transaction (RSET) from
<noreply@???>
2011-11-07 07:37:48 SMTP connection from ext-smtp11.eu.battle.net
[80.239.186.47]:36044 I=[64.16.211.38]:25 closed by QUIT

reject.log:
2011-11-07 07:37:47 H=ext-smtp11.eu.battle.net [80.239.186.47]:36044
I=[64.16.211.38]:25 F=<noreply@???> rejected RCPT
<savage@???>

ACLs:
######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################
begin acl
acl_check_data:
  deny    message       = Hiding of file extensions is not allowed!
          regex         =
^(?i)Content-Disposition::(.*?)filename=\\s*"+((\{[a-hA-H0-9-]{25,}\})|((.*?)\\s{10,}(.*?)))"+\$
  deny    message       = Message SHOULD have Message-ID: but does not
          condition     = ${if !def:h_Message-ID: {1}}
          hosts         = !+relay_from_hosts
  deny    message       = Message SHOULD have Date: but does not
          condition     = ${if !def:h_Date: {1}}
          hosts         = !+relay_from_hosts
  deny    message       = This message contains a virus or other
harmful content ($malware_name)
          malware       = *
  accept  condition     = ${if >={$message_size}{256k}{yes}{no}}
  warn    message       = X-SA-Score: $spam_score
          hosts         = !+relay_from_hosts
          spam          = spamd
          add_header    = X-Spam_score: $spam_score\n\
                          X-Spam_bar: $spam_bar
  warn    message       = X-SA-Report: $spam_report
          hosts         = !+relay_from_hosts
          spam          = spamd
          condition     = ${if >{$spam_score_int}{0}{true}{false}}
          add_header    = X-Spam_score: $spam_score\n\
                          X-Spam_bar: $spam_bar
  warn    message       = X-SA-Status: Yes
          hosts         = !+relay_from_hosts
          spam          = spamd
          condition     = ${if >{$spam_score_int}{10}{true}{false}}
          add_header    = X-Spam_score: $spam_score\n\
                          X-Spam_bar: $spam_bar
          hosts         = !+relay_from_hosts
  deny    message       = Message not accepted, scored $spam_score spam points.
          hosts         = !+relay_from_hosts
          spam          = spamd
          condition     = ${if >{$spam_score_int}{70}{true}{false}}
  accept


acl_check_helo:
  deny    message       = Im afraid I need your name before I can let you in.
          hosts         = !+relay_from_hosts
          condition     = ${if match {$sender_helo_name}{none} {yes}{no}}
  deny    message       = Invalid HELO/EHLO. You are either spam/a
virus, or your system administrator has incorrectly configured your
network.
          condition     = ${if match{$sender_helo_name}{\\.}{no}{yes}}
          hosts         = !+relay_from_hosts
  deny    message       = HELO/EHLO with my hostname. You are not me.
          hosts         = !+relay_from_hosts
          condition     = ${if or { \
                                   {eq {${lc:$sender_helo_name}}{127.0.0.1}} \
                                   {eq {${lc:$sender_helo_name}}{localhost}} \
                                   {eq
{${lc:$sender_helo_name}}{64.16.211.38}} \
                                   {eq
{${lc:$sender_helo_name}}{netsonic.savage.za.org}} \
                                    } {true}{false} }
  deny    message       = Your message was rejected because
$sender_fullhost is blacklisted at $dnslist_domain see $dnslist_text
for an explanation
          hosts         = !+relay_from_hosts
          dnslists      =
bl.spamcop.net:sbl.spamhaus.org:xbl.spamhaus.org:zombie.dnsbl.sorbs.net:blackholes.mail-abuse.org:\


smtp.dnsbl.sorbs.net:web.dnsbl.sorbs.net:nomail.rhsbl.sorbs.net:badconf.rhsbl.sorbs.net:http.dnsbl.sorbs.net:\
                          socks.dnsbl.sorbs.net:misc.dnsbl.sorbs.net
  accept


acl_check_rcpt:
  accept  hosts         = :
  deny    message       = Suspected Faked Yahoo Account, E-mail Rejected.
          log_message   = Fake Yahoo
          senders       = *@yahoo.com
          condition     = ${if
match{$sender_host_name}{\Nyahoo.com$\N}{no}{yes}}
  deny    message       = Suspected Faked Hotmail Account, E-mail Rejected.
          log_message   = Fake hotmail
          senders       = *@hotmail.com
          condition     = ${if match
{$sender_host_name}{\Nhotmail.com$\N}{no}{yes}}
  deny    message       = Suspected Faked MSN Account, E-mail Rejected.
          log_message   = Fake MSN
          senders       = *@msn.com
          condition     = ${if match
{$sender_host_name}{\N(hotmail|msn).com$\N}{no}{yes}}
  deny    message       = Suspected Faked AOL Account, E-mail Rejected.
          log_message   = Fake AOL
          senders       = *@aol.com
          condition     = ${if match
{$sender_host_name}{\Nmx.aol.com$\N}{no}{yes}}
  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]
  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  accept  local_parts   = postmaster
          domains       = +local_domains
  accept  hosts         = +relay_from_hosts
  require verify        = sender/callout=2m,defer_ok,random
          hosts         = !80.239.186.0/24:!41.183.0.19
          message       = REJECTED - Sender Verify Failed - error code
\"$sender_verify_failure\"\n\nThe return address you are using for
this email message <$sender_address> does not seem to be a working
account.
  deny    message       = REJECTED - Recipient Verify Failed - User Not Found
          domains       = +local_domains
          !verify       = recipient/callout=2m,defer_ok,use_sender
  accept  authenticated = *
          control       = submission
  require message       = relay not permitted
          domains       = +local_domains : +relay_to_domains
  require verify        = recipient
  accept


--

Regards,
Chris Knipe