HELP: Exim Blocking Mail from Legitamate Senders

[wilburburns]

OK, for some reason Exim is Rejecting Mail from certain Domains. The Senders are Real, and I can send mail to them.

Here is the exim_rejectlog for the mail being blocked...

exim_rejectlog:2008-07-01 14:52:52 H=mailgw5.domain.com [111.111.111.111] F=<prvs=some.name=061d836d0@domain.com> rejected RCPT <user@to-domain.com>: Sender verify failed

Obviously, I have changed names, but you should be able to see what is going on.

I think the Problem is the "prvs" format, but I am unsure of how to correct the problem in Exim. I do have the following options enabled for Exim.

1:Add sender rates to the mail log
2:** Sender Verification

Cliff Planck

[mtindor]

OK, for some reason Exim is Rejecting Mail from certain Domains. The Senders are Real, and I can send mail to them.

Here is the exim_rejectlog for the mail being blocked...


Obviously, I have changed names, but you should be able to see what is going on.

I think the Problem is the "prvs" format, but I am unsure of how to correct the problem in Exim. I do have the following options enabled for Exim.

1:Add sender rates to the mail log
2:** Sender Verification

Cliff Planck

Do this from the server:

dig to-domain.com mx

Post what it shows as a result.

Mike

[wilburburns]

------ The To-domain My Server -----

[frigga]$ dig pewebhost.com mx

; <<>> DiG 9.2.4 <<>> pewebhost.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37426
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;pewebhost.com. IN MX

;; ANSWER SECTION:
pewebhost.com. 14400 IN MX 0 pewebhost.com.

;; Query time: 102 msec
;; SERVER: 208.113.192.17#53(208.113.192.17)
;; WHEN: Thu Jul 3 06:01:09 2008
;; MSG SIZE rcvd: 47

---- The Sending Domain ------

[frigga]$ dig 53.com mx

; <<>> DiG 9.2.4 <<>> 53.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30324
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;53.com. IN MX

;; ANSWER SECTION:
53.com. 3600 IN MX 10 mailgw5.53.com.
53.com. 3600 IN MX 10 mailgw7.53.com.
53.com. 3600 IN MX 10 mailgw3.53.com.

;; Query time: 95 msec
;; SERVER: 208.113.192.17#53(208.113.192.17)
;; WHEN: Thu Jul 3 06:05:27 2008
;; MSG SIZE rcvd: 96

All Seems normal and fine for both of the above...

I'm pretty sure the problem has to do with how the Sending Server Identifies itself..
IE: F=<prvs=some.name=061d836d0@domain.com>
The From Field from the log...

Thanks,
Cliff

[Miss Jacky]

I have the same issue, and wonder if there would be anything to resolve this conflict between sender verification callouts and BATV..

I'm not keen on switching sender verification callouts off on my servers, they are blocking a LOT of spam, in a load-friendly way...

Anyone has any ideas on this?

Maybe I'll have to reconsider callouts after all, and find a better sollution

[SageBrian]

I have not used callouts since the new ACLs went in back in, I think, September.

Try turning off callouts and just use the default exim ACL's and see how that goes.

I like the concept of callouts, but it does have it's flaws.