Author: Jakobus Schürz Date: To: Heiko Schlittermann Subject: Re: [exim] $sender_host_address is localhost - it is wrong
Am 2017-02-15 15:40, schrieb Heiko Schlittermann: > Hi,
>
> Jakob Schürz <eisenbahn@???> (Di 14 Feb 2017 16:11:45 CET):
>> Hi!
>> I'm running exim 4.88-5 from debian. And i have a problem.
> …
>> But then i realized, the sender host ip is 127.0.0.1. So i thought,
>> the
>> sender has a misconfigured mail-system.
> …
>
> $sender_host_address is the address that contacted your system, it is
> the IP address of the client, sending the message to your system, the
> server.
Here... it is fetchmail and exim itself (bogofilter with bogotransport)
>
>> Feb 13 14:47:48 aldebaran exim[12477]: 2017-02-13 14:47:48
>> H=(aldebaran.localdomain) [127.0.0.1]
>> F=<notification+ybbrsasn@???> rejected RCPT
>> <jakob@localhost>: SPF check failed.
>> Feb 13 14:47:48 aldebaran exim[12477]: 2017-02-13 14:47:48
>> H=(aldebaran.localdomain) [127.0.0.1]
>> F=<notification+ybbrsasn@???> rejected RCPT
> <jakob@localhost>: SPF check failed.
>> Feb 13 14:47:48 aldebaran fetchmail[850]: Nachricht
>> username@???@pop.gmx.net:10806 von 10884 wird gelesen (21436 Bytes)
>> (Log-Meldung unvollständig)
>> Feb 13 14:47:48 aldebaran fetchmail[850]: [200B blob data]
>> Feb 13 14:47:48 aldebaran exim[12477]: 2017-02-13 14:47:48
>> H=(aldebaran.localdomain) [127.0.0.1]
>> F=<notification+ybbrsasn@???> rejected RCPT
>> <jakob@localhost>: SPF check failed.
>> Feb 13 14:47:48 aldebaran exim[12477]: 2017-02-13 14:47:48
>> H=(aldebaran.localdomain) [127.0.0.1]
>> F=<notification+ybbrsasn@???> rejected RCPT
>> <jakob@localhost>: SPF check failed.
>> Feb 13 14:47:48 aldebaran fetchmail[850]: kann noch nicht einmal an
>> user senden!
>> Feb 13 14:47:48 aldebaran fetchmail[850]: nicht gelöscht
>
> Huh. Exim is logging via syslog?
systemd-journald. I configured my unit to log to stdout, which leads to
journald :)
>
>> You can see, the sending host is my localhost. But in the email, the
>> sending_host_address is a valid host-ip from the sender. I can see it
>> in
>> the headers.
>
> For the address of the sending host Exim solely relies on the network
> connection, not on some headers.
Ok. I got this point. This happens only on Mails from Mailing-Lists,
Twitter- and Facebook-notifications ans Mails sent from my own account
to my own gmail- or gmx-address...
>
>> I tried a lot to see more about the handling. But i only found out,
>> that
>> exim4 sets $sender_host_address and $sender_host_name to 127.0.0.1 and
>> aldebaran.localdomain.
>
> That's perfectly correct, isn't it?
I don't know... Messages sent from somewhere get rejected by missleading
spf-check, in case of checking against localhost, not the
original-sending-address.
>
>> I read, that this happens, when localhost delivers a message to exim
>> and
>> not an external host... but why does this happen only on a few
>> messages?
>
> Do you have examples wher Exim doesn't set the $sender_host_address to
> 127.0.0.1?
I got a point on my research last night.
My exim runs on my laptop, which is behind a router with dynamic ip.
I configured a port-forwarding and a dynamic-dns for this.
Then i have own domain with a mailserver from my provider. I fetch mails
from this mailserver to my laptop periodically with fetchmail. The
spf-check fails on this point. And i found out, this must be in case of
failing SRS (Sender Rewriting Scheme ). Reverse-DNS for the ip of my
laptop is not correct in case of dynamic-dns.
I put a "domains = !+local_domains" in the acl for spf-check and added
my domain to MAIN_LOCAL_DOMAINS. Now this check is ok. But i don't know,
if other emails get checked... If this is a big problem?
Writing rules for exim is "a little" difficult. The syntax is strange...
i'm learning it very slowly...