[exim-dev] [Bug 2604] New: exim does not send DATA to target…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: admin
Data:  
Para: exim-dev
Asunto: [exim-dev] [Bug 2604] New: exim does not send DATA to target host when verify callout hold and delivery cutthrough
https://bugs.exim.org/show_bug.cgi?id=2604

            Bug ID: 2604
           Summary: exim does not send DATA to target host when verify
                    callout hold and delivery cutthrough
           Product: Exim
           Version: N/A
          Hardware: x86
                OS: Windows
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Transports
          Assignee: unallocated@???
          Reporter: david-exim-bugs@???
                CC: exim-dev@???


Created attachment 1318
--> https://bugs.exim.org/attachment.cgi?id=1318&action=edit
sample pcap of both SMTP sessions

Mail server setup:

sender --smtp--> inbound relay(exim) --smtp--> mailstore host(exim)

Inbound relay has a callout to verify recipient with 'hold' option set to keep
SMTP session alive for the message. Delivery is then cutthrough.

The inbound relay often does not send the DATA command to the mailstore host
and also misses out parts of the message. This causes at best SMTP
synchronisation errors.

Attached is a pcap of a simple test using telnet, but this also happens in
reality with real mail from real senders.

In the pcap:
- sending host is sarlonintman001 (2a05:e200:0:1::1)
- inbound relay is smtpin001 (2a05:e200:1:74::2:1)
- mailstore host is mailstore001 (2a05:e200:1:74::3:1)

The dialogue from sending host to inbound relay:

<< 220 smtpin001.a.snlmail.net ESMTP
>> ehlo asd

<< 250-smtpin001.a.snlmail.net Hello sarlonintman001.sargasso.net.uk
[2a05:e200:0:1::1]
<< 250-SIZE 52428800
<< 250-8BITMIME
<< 250-PIPELINING
<< 250-CHUNKING
<< 250-STARTTLS
<< 250 HELP
>> mail from:<asdadas@???>

<< 250 OK
>> rcpt to:<david@???>

<< 250 Accepted
>> data

<< 354 Enter message, ending with "." on a line by itself
>> Subject: test
>>
>> testing
>> .

<< 554 SMTP synchronization error
>> quit

<< 221 smtpin001.a.snlmail.net closing connection

The dialogue from inbound relay to mailstore host:

<< 220 mailstore001.a.snlmail.net ESMTP
>> EHLO smtpin001.a.snlmail.net

<< 250-mailstore001.a.snlmail.net Hello smtpin001.a.snlmail.net
[2a05:e200:1:74::2:1]
<< 250-SIZE 52428800
<< 250-8BITMIME
<< 250-PIPELINING
<< 250-CHUNKING
<< 250 HELP
>> MAIL FROM:<asdadas@???>
>> RCPT TO:<david@???>

<< 250 OK
<< 250 Accepted
>> testing
>> .

<< 554 SMTP synchronization error
>> QUIT


Note that the DATA command and the initial part of the message (subject line)
is missing.

Exim version 4.92 (Debian exim4-daemon-heavy package)

Configuration on relay host (one standalone file; Debian config is not used):

log_selector               =  +lost_incoming_connection +retry_defer
+sender_on_delivery +skip_delivery +smtp_confirmation +smtp_connection
+smtp_protocol_error +smtp_syntax_error +tls_peerdn
never_users                        = root
host_lookup                        = *
print_topbitchars                  = false
rfc1413_hosts                      = *
rfc1413_query_timeout              = 5s
ignore_bounce_errors_after         = 2d
timeout_frozen_after               = 7d
smtp_banner                        = $smtp_active_hostname ESMTP
smtp_receive_timeout                = 1m


tls_certificate                    = xxx
tls_privatekey                     = xxx


domainlist relay_domains = sargasso.pw

acl_smtp_rcpt    = acl_check_rcpt
acl_smtp_predata = acl_smtp_ratelimit


begin acl

acl_check_rcpt:

  # Accept local
  accept  hosts         = :


  # Accept hostlist
  accept  hosts         = @ : 127.0.0.1


  # Require it is a domain we relay for
  require message       = Relaying not permitted.
          domains       = +relay_domains


  # Require that the user being sent to exists
  require verify        =
recipient/callout=10s,defer_ok,use_sender,hold,no_cache
          message       = Recipient <$local_part@$domain> unknown


  # Accept message and cut-through
  accept  control       = cutthrough_delivery



acl_smtp_ratelimit:

  # Log all sender host ratelimits
  warn    ratelimit     = 0 / 1h / readonly
          log_message   = RATELIMIT INFO: Sender $sender_host_address rate
$sender_rate / $sender_rate_period


  # System-wide rate limit
  defer   ratelimit     = 10 / 1s / $primary_hostname
          log_message   = RATELIMIT DEFER: System message rate $sender_rate /
$sender_rate_period.
          message       = System load exceeded. Try again later.


  # Per sender host rate limit
  defer   ratelimit     = 100 / 1h / strict / $sender_host_address
          log_message   = RATELIMIT DEFER: Sender host $sender_host_address
message rate $sender_rate / $sender_rate_period.
          message       = You have exceeded your maximum message rate. Please
try again later.


# Accept messages not rate limited
accept

######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################


begin routers

system_aliases:
  driver       = redirect
  domains      = @
  allow_defer
  allow_fail
  data         = ${lookup{$local_part}lsearch{/etc/aliases}}
  debug_print  = R: system_aliases for $local_part@$domain


relay_virtual_domains:
  driver       = manualroute
  domains      = +relaydomains
  route_data   = mailstore001
  same_domain_copy_routing = true
  debug_print  = R: relay_virtual_domains for $domain
  transport    = remote_smtp
  no_more


smarthost:
  driver       = manualroute
  domains      = !@ : !+relay_domains
  route_list   = * smtpout byname
  host_find_failed = ignore
  same_domain_copy_routing = true
  debug_print  = R: smarthost for $local_part@$domain
  transport    = remote_smtp
  no_more



begin transports

remote_smtp:
  driver          = smtp
  message_size_limit = ${if > {$max_received_linelength}{998} {1}{0}}


begin retry

* * F,4h,5m; G,16h,1h,1.5; F,2d,6h;

begin authenticators

begin rewrite

--
You are receiving this mail because:
You are on the CC list for the bug.