#1 (permalink)  
Old 07-02-2008, 09:37 AM
Registered User
 
Join Date: Nov 2003
Posts: 15
wilburburns
Angry HELP: Exim Blocking Mail from Legitamate Senders

OK, for some reason Exim is Rejecting Mail from certain Domains. The Senders are Real, and I can send mail to them.

Here is the exim_rejectlog for the mail being blocked...
Quote:
exim_rejectlog:2008-07-01 14:52:52 H=mailgw5.domain.com [111.111.111.111] F=<prvs=some.name=061d836d0@domain.com> rejected RCPT <user@to-domain.com>: Sender verify failed
Obviously, I have changed names, but you should be able to see what is going on.

I think the Problem is the "prvs" format, but I am unsure of how to correct the problem in Exim. I do have the following options enabled for Exim.

1:Add sender rates to the mail log
2:** Sender Verification

Cliff Planck
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 07-02-2008, 10:30 PM
Registered User
 
Join Date: Sep 2004
Posts: 815
mtindor is on a distinguished road
Quote:
Originally Posted by wilburburns View Post
OK, for some reason Exim is Rejecting Mail from certain Domains. The Senders are Real, and I can send mail to them.

Here is the exim_rejectlog for the mail being blocked...


Obviously, I have changed names, but you should be able to see what is going on.

I think the Problem is the "prvs" format, but I am unsure of how to correct the problem in Exim. I do have the following options enabled for Exim.

1:Add sender rates to the mail log
2:** Sender Verification

Cliff Planck
Do this from the server:

dig to-domain.com mx

Post what it shows as a result.

Mike
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 07-03-2008, 08:08 AM
Registered User
 
Join Date: Nov 2003
Posts: 15
wilburburns
------ The To-domain My Server -----
Quote:
[frigga]$ dig pewebhost.com mx

; <<>> DiG 9.2.4 <<>> pewebhost.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37426
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;pewebhost.com. IN MX

;; ANSWER SECTION:
pewebhost.com. 14400 IN MX 0 pewebhost.com.

;; Query time: 102 msec
;; SERVER: 208.113.192.17#53(208.113.192.17)
;; WHEN: Thu Jul 3 06:01:09 2008
;; MSG SIZE rcvd: 47
---- The Sending Domain ------
Quote:
[frigga]$ dig 53.com mx

; <<>> DiG 9.2.4 <<>> 53.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30324
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;53.com. IN MX

;; ANSWER SECTION:
53.com. 3600 IN MX 10 mailgw5.53.com.
53.com. 3600 IN MX 10 mailgw7.53.com.
53.com. 3600 IN MX 10 mailgw3.53.com.

;; Query time: 95 msec
;; SERVER: 208.113.192.17#53(208.113.192.17)
;; WHEN: Thu Jul 3 06:05:27 2008
;; MSG SIZE rcvd: 96
All Seems normal and fine for both of the above...

I'm pretty sure the problem has to do with how the Sending Server Identifies itself..
IE: F=<prvs=some.name=061d836d0@domain.com>
The From Field from the log...

Thanks,
Cliff
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 07-11-2008, 02:48 AM
Registered User
 
Join Date: Mar 2004
Posts: 91
Miss Jacky
Question

I have the same issue, and wonder if there would be anything to resolve this conflict between sender verification callouts and BATV..

I'm not keen on switching sender verification callouts off on my servers, they are blocking a LOT of spam, in a load-friendly way...

Anyone has any ideas on this?

Maybe I'll have to reconsider callouts after all, and find a better sollution
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 07-13-2008, 08:55 AM
SageBrian's Avatar
Registered User
 
Join Date: Jun 2002
Location: NY/CT (US)
Posts: 362
SageBrian is on a distinguished road
I have not used callouts since the new ACLs went in back in, I think, September.

Try turning off callouts and just use the default exim ACL's and see how that goes.

I like the concept of callouts, but it does have it's flaws.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 10:17 AM.


Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
© cPanel Inc