suggestions (untested):
Maybe use log_message or logwrite instead?
You may also want to look towards the end of section 40.17
in spec.txt.
On Mon, 7 Nov 2011, Chris Knipe wrote:
> Date: Mon, 7 Nov 2011 08:19:53
> From: Chris Knipe <savage@???>
> To: exim-users@???
> Subject: Re: [exim] What the...
>
> Hmm,
>
> Of course, I should have thought about that after being an exim user
> for 15 odd years :)
>
>>>> Attempting full verification using callout
>>>> callout cache: found domain record
>>>> callout cache: domain rejects random addresses
>>>> callout cache: found address record
>>>> callout cache: address record is negative
>>>> ----------- end verify ------------
>>>> require: condition test failed
> LOG: H=ext-smtp11.eu.battle.net [80.239.186.47] sender verify fail for
> <no-reply@???>
>
> Yet - that is not the message I get in the logs. Also from my configuration:
>
> require verify = sender/callout=2m,defer_ok,random
> hosts = !80.239.186.0/24:!41.183.0.19
> message = REJECTED - Sender Verify Failed - error code
> \"$sender_verify_failure\"\n\nThe return address you are using for
> this email message <$sender_address> does not seem to be a working
> account.
>
> Should 80.239.186.47 not be excepted from the callout check,
> considering the hosts statement in the ACL?
>
> [root@netsonic /var/log/exim]# exim_dumpdb /var/spool/exim callout |grep battle
> 07-Nov-2011 07:43:58 noreply@??? callout=accept
> 07-Nov-2011 07:43:58 battle.net callout=accept postmaster=unknown
> random=reject (07-Nov-2011 07:43:57)
>
> Surely the above indicates that the callout was successfull? I'm
> still baffled here as to why it is failing, and even more so why it is
> not logging the error correctly.
>
> [root@netsonic /var/log/exim]# exim -bV
> Exim version 4.76 #1 built 07-Oct-2011 08:57:48
> Copyright (c) University of Cambridge, 1995 - 2007
> Probably Berkeley DB version 1.8x (native mode)
> Support for: crypteq iconv() use_setclassresources OpenSSL
> Content_Scanning DKIM Experimental_SPF Experimental_SRS
> Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm
> dbmnz dnsdb mysql
> Authenticators: cram_md5 plaintext spa
> Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
> Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
> Fixed never_users: 0
> Size of off_t: 8
> Configuration file is /usr/local/etc/exim/exim.conf
>
>
> --
> Chris.
>
>
> On Mon, Nov 7, 2011 at 2:57 PM, Dave Lugo <dlugo@???> wrote:
>>
>> While I don't know why it's not working, this will
>> help you get more debug data:
>>
>> exim -bhc 80.239.186.47
>>
>> ... and simulate the connection. Use the HELO (H=)
>> shown in the log snippet, and the same from/to that
>> are there.
>>
>> The debug output produced should provide some clues.
>>
>>
>> On Mon, 7 Nov 2011, Chris Knipe wrote:
>>
>>> Date: Mon, 7 Nov 2011 07:45:50
>>> From: Chris Knipe <savage@???>
>>> To: exim-users@???
>>> Subject: [exim] What the...
>>>
>>> Hi,
>>>
>>> I'm a bit in the dark here... For the love of me, I cannot determine
>>> why this (and only this specific email from battle.net) are being
>>> rejected by exim. All emails from this specific host seems to be
>>> rejected for some reason, but I cannot determine why? :( All my
>>> rejects in my ACLs have a message specified, but according to the log
>>> the email is rejected without an message...
>>>
>>> I have log_selector = +all -pid in my config, and the only entries in
>>> the log is below (together with my acls)...
>>>
>>> main.log:
>>> 2011-11-07 07:37:45 SMTP connection from [80.239.186.47]:36044
>>> I=[64.16.211.38]:25 (TCP/IP connection count = 1)
>>> 2011-11-07 07:37:47 H=ext-smtp11.eu.battle.net [80.239.186.47]:36044
>>> I=[64.16.211.38]:25 F=<noreply@???> rejected RCPT
>>> <savage@???>
>>> 2011-11-07 07:37:47 H=ext-smtp11.eu.battle.net [80.239.186.47]:36044
>>> I=[64.16.211.38]:25 incomplete transaction (RSET) from
>>> <noreply@???>
>>> 2011-11-07 07:37:48 SMTP connection from ext-smtp11.eu.battle.net
>>> [80.239.186.47]:36044 I=[64.16.211.38]:25 closed by QUIT
>>>
>>> reject.log:
>>> 2011-11-07 07:37:47 H=ext-smtp11.eu.battle.net [80.239.186.47]:36044
>>> I=[64.16.211.38]:25 F=<noreply@???> rejected RCPT
>>> <savage@???>
>>>
>>> ACLs:
>>> ######################################################################
>>> # ACL CONFIGURATION #
>>> # Specifies access control lists for incoming SMTP mail #
>>> ######################################################################
>>> begin acl
>>> acl_check_data:
>>> deny message = Hiding of file extensions is not allowed!
>>> regex =
>>>
>>> ^(?i)Content-Disposition::(.*?)filename=\\s*"+((\{[a-hA-H0-9-]{25,}\})|((.*?)\\s{10,}(.*?)))"+\$
>>> deny message = Message SHOULD have Message-ID: but does not
>>> condition = ${if !def:h_Message-ID: {1}}
>>> hosts = !+relay_from_hosts
>>> deny message = Message SHOULD have Date: but does not
>>> condition = ${if !def:h_Date: {1}}
>>> hosts = !+relay_from_hosts
>>> deny message = This message contains a virus or other
>>> harmful content ($malware_name)
>>> malware = *
>>> accept condition = ${if >={$message_size}{256k}{yes}{no}}
>>> warn message = X-SA-Score: $spam_score
>>> hosts = !+relay_from_hosts
>>> spam = spamd
>>> add_header = X-Spam_score: $spam_score\n\
>>> X-Spam_bar: $spam_bar
>>> warn message = X-SA-Report: $spam_report
>>> hosts = !+relay_from_hosts
>>> spam = spamd
>>> condition = ${if >{$spam_score_int}{0}{true}{false}}
>>> add_header = X-Spam_score: $spam_score\n\
>>> X-Spam_bar: $spam_bar
>>> warn message = X-SA-Status: Yes
>>> hosts = !+relay_from_hosts
>>> spam = spamd
>>> condition = ${if >{$spam_score_int}{10}{true}{false}}
>>> add_header = X-Spam_score: $spam_score\n\
>>> X-Spam_bar: $spam_bar
>>> hosts = !+relay_from_hosts
>>> deny message = Message not accepted, scored $spam_score spam
>>> points.
>>> hosts = !+relay_from_hosts
>>> spam = spamd
>>> condition = ${if >{$spam_score_int}{70}{true}{false}}
>>> accept
>>>
>>> acl_check_helo:
>>> deny message = Im afraid I need your name before I can let you
>>> in.
>>> hosts = !+relay_from_hosts
>>> condition = ${if match {$sender_helo_name}{none} {yes}{no}}
>>> deny message = Invalid HELO/EHLO. You are either spam/a
>>> virus, or your system administrator has incorrectly configured your
>>> network.
>>> condition = ${if match{$sender_helo_name}{\\.}{no}{yes}}
>>> hosts = !+relay_from_hosts
>>> deny message = HELO/EHLO with my hostname. You are not me.
>>> hosts = !+relay_from_hosts
>>> condition = ${if or { \
>>> {eq {${lc:$sender_helo_name}}{127.0.0.1}}
>>> \
>>> {eq {${lc:$sender_helo_name}}{localhost}}
>>> \
>>> {eq
>>> {${lc:$sender_helo_name}}{64.16.211.38}} \
>>> {eq
>>> {${lc:$sender_helo_name}}{netsonic.savage.za.org}} \
>>> } {true}{false} }
>>> deny message = Your message was rejected because
>>> $sender_fullhost is blacklisted at $dnslist_domain see $dnslist_text
>>> for an explanation
>>> hosts = !+relay_from_hosts
>>> dnslists =
>>>
>>> bl.spamcop.net:sbl.spamhaus.org:xbl.spamhaus.org:zombie.dnsbl.sorbs.net:blackholes.mail-abuse.org:\
>>>
>>>
>>> smtp.dnsbl.sorbs.net:web.dnsbl.sorbs.net:nomail.rhsbl.sorbs.net:badconf.rhsbl.sorbs.net:http.dnsbl.sorbs.net:\
>>> socks.dnsbl.sorbs.net:misc.dnsbl.sorbs.net
>>> accept
>>>
>>> acl_check_rcpt:
>>> accept hosts = :
>>> deny message = Suspected Faked Yahoo Account, E-mail Rejected.
>>> log_message = Fake Yahoo
>>> senders = *@yahoo.com
>>> condition = ${if
>>> match{$sender_host_name}{\Nyahoo.com$\N}{no}{yes}}
>>> deny message = Suspected Faked Hotmail Account, E-mail Rejected.
>>> log_message = Fake hotmail
>>> senders = *@hotmail.com
>>> condition = ${if match
>>> {$sender_host_name}{\Nhotmail.com$\N}{no}{yes}}
>>> deny message = Suspected Faked MSN Account, E-mail Rejected.
>>> log_message = Fake MSN
>>> senders = *@msn.com
>>> condition = ${if match
>>> {$sender_host_name}{\N(hotmail|msn).com$\N}{no}{yes}}
>>> deny message = Suspected Faked AOL Account, E-mail Rejected.
>>> log_message = Fake AOL
>>> senders = *@aol.com
>>> condition = ${if match
>>> {$sender_host_name}{\Nmx.aol.com$\N}{no}{yes}}
>>> deny message = Restricted characters in address
>>> domains = +local_domains
>>> local_parts = ^[.] : ^.*[@%!/|]
>>> deny message = Restricted characters in address
>>> domains = !+local_domains
>>> local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
>>> accept local_parts = postmaster
>>> domains = +local_domains
>>> accept hosts = +relay_from_hosts
>>> require verify = sender/callout=2m,defer_ok,random
>>> hosts = !80.239.186.0/24:!41.183.0.19
>>> message = REJECTED - Sender Verify Failed - error code
>>> \"$sender_verify_failure\"\n\nThe return address you are using for
>>> this email message <$sender_address> does not seem to be a working
>>> account.
>>> deny message = REJECTED - Recipient Verify Failed - User Not
>>> Found
>>> domains = +local_domains
>>> !verify = recipient/callout=2m,defer_ok,use_sender
>>> accept authenticated = *
>>> control = submission
>>> require message = relay not permitted
>>> domains = +local_domains : +relay_to_domains
>>> require verify = recipient
>>> accept
>>>
>>>
>>
>> --
>> --------------------------------------------------------
>> Dave Lugo dlugo@??? No spam, thanks.
>> Are you the police? . . . No ma'am, we're sysadmins.
>> --------------------------------------------------------
>>
>> --
>> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
>> ## Exim details at http://www.exim.org/
>> ## Please use the Wiki with this list - http://wiki.exim.org/
>>
>
>
>
>
--
--------------------------------------------------------
Dave Lugo dlugo@??? No spam, thanks.
Are you the police? . . . No ma'am, we're sysadmins.
--------------------------------------------------------
