Re: [exim] Very strange problem: E-Mail denied by ACL, but …

Top Page
Delete this message
Reply to this message
Author: Luca Bertoncello
Date:  
To: exim-users
Subject: Re: [exim] Very strange problem: E-Mail denied by ACL, but send via router
Am 09.03.2021 14:38, schrieb Jeremy Harris via Exim-users:

Hi Jeremy

> Look into the docs description of acl_not_smtp. The data
> ACL is called after an SMTP DATA command finishes, and your
> message source is not SMTP.


So, I see, the "phantom E-Mail" contains an Header X-Loop.
So I create an ACL as:

acl_check_not_smtp:
   deny    condition      = ${if def:h_X-Loop {false}{true}}
           message        = 559 PNS01 - This message is a loop
           log_message    = 559 PNS01 - E-Mail is a loop. 
ASSISTENCE_MESSAGE (PNS01)


accept

and then I tried to send a test E-Mail with password protected ZIP using
exim -bh.
In exim mainlog I see:

2021-03-09 15:21:43 1lJdF1-0008LI-BC F=<lucabert@???> rejected
by non-SMTP ACL: 559 PNS01 - E-Mail is a loop. For assistance, call
+49-351-213038-555. Please provide the following information in your
problem report: time (Tue, 09 Mar 2021 15:21:43 +0100), client (),
server (mail.queo-group.com) and the reported error code (PNS01)
2021-03-09 15:21:43 1lJdF1-0008LK-Bh F=<> rejected by non-SMTP ACL: 559
PNS01 - E-Mail is a loop. For assistance, call +49-351-213038-555.
Please provide the following information in your problem report: time
(Tue, 09 Mar 2021 15:21:43 +0100), client (), server
(mail.queo-group.com) and the reported error code (PNS01)
2021-03-09 15:21:43 1lJdF1-0008LK-Bh Error while reading message with no
usable sender address (R=1lJdF1-0008LI-BC): rejected by non-SMTP ACL:
559 PNS01 - This message is a loop
2021-03-09 15:21:43 1lJdF1-0008LI-BC Child mail process returned status
1

And (this is new and I think very interesting!), the main loop (exim
-bh) says:

>>> check set acl_m_klms_headers =
>>> check set acl_m_klms_result =

LOG: 1lJdEx-0008KG-Jf Message scan failed: Sendmail command exited with
non-zero status: 1
>>> check set acl_m_klms_answer = 
>>> ${dlfunc{/opt/kaspersky/klms/lib64/libklms-exim.so}{scan}{${spool_directory}/input}}
>>>                             = 451 Message processing aborted
>>> warn: condition test succeeded in ACL "acl_check_data"
>>> defer: condition test failed in ACL "acl_check_data"
>>> processing "defer"
>>> check condition = ${if def:h_X-Ciphermail {false}{true}}
>>>                 = true
>>> check condition = ${if match {$acl_m_klms_answer}{\N^451\N}{yes}{no}}
>>>                 = yes
>>> l_message: 451 PVC02 - LMS check defer $acl_m_klms_answer 
>>> $acl_m_klms_result $acl_m_klms_tempfile
>>>   message: 451 PVC02 - Temporary local problem - please try later. 
>>> For assistance, call +49-351-213038-555. Please provide the following 
>>> information in your problem report: time ($tod_full), client 
>>> ($sender_host_address), server ($smtp_active_hostname) and the 
>>> reported error code (PVC02)
>>> defer: condition test succeeded in ACL "acl_check_data"
>>> end of ACL "acl_check_data": DEFER


Now, this is for me a confirmation, that Kaspersky want to send an
E-Mail...
Of course, I cannot leave the situation so, since the sender will retry
to send the E-Mail...

I think, I must contact the support of Kaspersky.

Thanks a lot!
Luca Bertoncello
(lucabert@???)