On Tue Feb 22 2022 at 12:34 PM +0000, Jeremy Harris via Exim-users wrote:
> On 21/02/2022 21:18, Bill Brelsford via Exim-users wrote:
> > I get a significant number of failed SMTP sessions at gmail
> > (smtp.gmail.com::587). Connections start the same, but fail
> > when exim appears to not send an AUTH LOGIN command:
>
> > Suggestions? Thanks.
>
> Get a debug run of a fail. Work out from the sequence why.
Yes, thanks (I should have known to do that..). When it works:
DNS lookup of smtp.gmail.com (A) succeeded
fully qualified name = smtp.gmail.com
smtp.gmail.com 74.125.20.108 mx=-1 sort=-295
...
gethostbyname2 looked up these IP addresses:
name=smtp.gmail.com address=74.125.20.108
74.125.20.108 in hosts_require_auth? yes (matched "smtp.gmail.com")
scanning authentication mechanisms
SMTP>> AUTH LOGIN
...
SMTP>> MAIL FROM:<gnxl@???> SIZE=1244 AUTH=abc@xyz
When fails:
DNS lookup of smtp.gmail.com (A) succeeded
fully qualified name = smtp.gmail.com
smtp.gmail.com 74.125.195.108 mx=-1 sort=-96
...
gethostbyname2 looked up these IP addresses:
name=smtp.gmail.com address=74.125.195.109
74.125.195.108 in hosts_require_auth? no (end of list)
74.125.195.108 in hosts_try_auth? no (option unset)
SMTP>> MAIL FROM:<gnxl@???> SIZE=1244
It gets a different IP address (.109 vs .108) when looking up hosts
in hosts_require_auth, so fails. Why does it do a second DNS lookup
for the target host?
As a workaround I added "hosts_try_auth = *", which works. I first
tried "hosts_try_auth = 74.125.0.0/16", but it still showed "option
unset" and failed (why?).
Bill
