Re: [exim] recepient verification callout with defer_ok fail…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Heiko Schlittermann
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] recepient verification callout with defer_ok fails on graylisted server with error code 450
Hi,

Dr. Volker Jaenisch via Exim-users <exim-users@???> (Do 06 Jul 2017 12:07:13 CEST):

>   require  authenticated = *
>            message   = REJECTED - Recipient Verify Failed - User Not Found
>            verify   = recipient/callout=2m,defer_ok,use_sender
>            logwrite = :main: Send to $local_part@$domain is REJECTED of User Not Found

>
> # Accept if the message arrived over an authenticated connection, from
> # any host.
> accept authenticated = *
>
> 2017-07-06 10:08:16 [5039] Send to thomas.bindel@??? is REJECTED of User Not Found
> 2017-07-06 10:08:16 [5039] H=p4fd8b555.dip0.t-ipconnect.de (Birgit-Katzeks-MacBook.local) [79.216.181.85]:49513 I=[193.239.30.7]:25 incomplete transaction (connection lost) from <geschaeftsstelle@???> for thomas.bindel@???
> 2017-07-06 10:08:16 [5039] unexpected disconnection while reading SMTP > command from p4fd8b555.dip0.t-ipconnect.de (Birgit-Katzeks-MacBook.local) [79.216.181.85]:49513 I=[193.239.30.7]:25


> The target server returns a 450 error. The defer_ok flag on the callout
> should nevertheless force the ACL statement to come out positive. This
> is what I understand from the documentation:


Yes, and how do you know that the above 'require' is the failing?
The 'logwrite' just writes its message as soon as it is found
in the sequence of conditions.

And … this is even a prove, that the 'verify' step succeeded, otherwise
you wouln't see the 'logwrite' written message.

The 'message' modifier doesn't write anything (as it would have done if
the verification failed)


I suppose, the message is rejected because of some other rule *following*
the

    accept authenticated = *



For testing you can do:

    swaks -f geschaeftsstelle@??? \
          -t thomas.bindel@??? \
          --pipe 'exim <optionally any debug options> -bhc 79.216.181' 


<debug options> could be '-d-all+acl' or similiar

This should do the callout verification, but it should not send any
message at all.


    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -