Re: [exim] Exim4 keeps mails with multiple recipients infini…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jeremy Harris
Datum:  
To: exim-users
Betreff: Re: [exim] Exim4 keeps mails with multiple recipients infinitely in queue
On 20/03/2020 17:09, Lukas Haase via Exim-users wrote:
> 1.) Exim received a message to be delivered externally on a port != 10029 and router dkimproxy processes which uses transport dkimproxy_smtp to pass the message to localhost:10028


I assume you mean "received, on port != 10029, a message..."

> 2.) dkimproxy listens on localhost:10028. In parallel, it opens an SMTP connection back to exim (via localhost:10029). The purpose is to sign the message via DKIM


Not sure why you're doing that; exim can dkim-sign

> 3.) Since prdr_enable=true, exim advertises PRDR on port 10029


If you're listening on 10029, and have not disabled the main-section
prdr_enable option, yes.

> which is further passed along to exim


But you said that dkimproxy is the source for this connection.  Does it
understand and use PRDR?    Where is this second exim?   Are you
implying that dkimproxy is not a full MTA, but an attempt at a
transparent proxy?


> 4.) Now exim (connected to dkimproxy via port 10028) sees that PRDR was advertised and uses it:
>     MAIL FROM:<from@???> SIZE=1000 PRDR
>     RCPT TO:<to1@???>
>     RCPT TO:<to2@???>
>     DATA
> 5.) exim shuffled in the message, dkimproxy signs it and send it back to exim via port 10029.
> 6.) NORMALLY, the message should arrive back here.


Back where?

> Due the condition
>       condition = "${if eq {$interface_port}{10029}{0}{1}}"
>     in transport "dkimproxy", the router is skipped this time and normal processing continues.
> 7.) However, instead exim hangs: It responds to the DATA command with:
>       353 PRDR content analysis beginning.
>     but nothing else happens. The connection is not terminated (with QUIT) and stays open.


Sounds like your dkimproxy does not understand PRDR, and it not written
to be resilient in the presence of ESMTP extensions it does not
understand.


> Of course, I'd be interested how to DISABLE PRDR for a specific port (10029) or router/transport


Smtp transport option hosts_try_prdr. It's in the docs.
For your purpose, if the transport is shared for other purposes
as well as this dkimproxy feed, use an expansion depending on the
port.

but I'd be more interested to know what is going wrong here.

I'd suggest you use Exim's dkim signing rather than this proxy.
--
Cheers,
Jeremy