[BUG] Exim deliver emails to wrong account!!!

[H2Hosting.com]

Situation:

I disabled catch-all account for one of my domain (mydomain.com) and set

verify = recipient/defer_ok/callout=10s,defer_ok
in /etc/exim.conf so all mail to account that does not exist on @mydomain.com
must be bounced on SMTP level without local delivery.

Example: 2003-07-20 05:00:41 H=(bla) [111.111.111.111] F=<--@-----------.com> rejected RCPT <sss@mydomain.com>: Unrouteable address

I have user account "user" /home/user/

What I have: Exim deliver email to "user@mydomain.com" to default
account of "user@blablabla.com"



p.s. Exim 4.2 - 190

cPanel.net Support Ticket Number: 18765

[H2Hosting.com]

I received reply from Cpanel support:

----------------------------------------------
Instead of that filter, the easier way would be to set the default account to :fail: in the cpanel mail configure screen.
----------------------------------------------
1) Yes, thank you - it works....but is there another way to do it?
I think that on some of our accounts *: (default address line) was removed from /etc/valiases/domain.com.
What if to configure new router to disable mail delivery for address that does not exist and for domain without configured catch-all account line?

It worked with Exim 3 without *: :fail:

2) If I set *: fail, if I send email to this account, server response is:
2003-07-20 06:58:06 H=(111.111.111.111) [] F=<e@domain.com> rejected RCPT <john@domain.com>:

if I send to domain without *: :fail:, but there is no such user with "username", server response is:
2003-07-20 07:06:13 H=(h) [] F=<--@-----.com> rejected RCPT <john@domain.com>: unrouteable mail domain "domain.com"

[Stefaans]

Alex, you seem to have been doing something that I have been wondering about for a long time. If you bounce on SMTP level, does that mean that the undeliverable e-mail never enters your server? That would indeed be much better than :fail:

Have you got this feature working again on Exim 4?

cPanel.net Support Ticket Number:

[mickalo]

Originally posted by H2Hosting.com
Situation:

I disabled catch-all account for one of my domain (mydomain.com) and set

verify = recipient/defer_ok/callout=10s,defer_ok
in /etc/exim.conf so all mail to account that does not exist on @mydomain.com
must be bounced on SMTP level without local delivery.

Example: 2003-07-20 05:00:41 H=(bla) [111.111.111.111] F=<--@-----------.com> rejected RCPT <sss@mydomain.com>: Unrouteable address

I have user account "user" /home/user/

What I have: Exim deliver email to "user@mydomain.com" to default
account of "user@blablabla.com"



p.s. Exim 4.2 - 190

cPanel.net Support Ticket Number: 18765

How did you set this up in Exim 3 config file, where is the exim.conf did you apply this and how ??

thx's

cPanel.net Support Ticket Number:

[H2Hosting.com]

Originally posted by Stefaans
If you bounce on SMTP level, does that mean that the undeliverable e-mail never enters your server? That would indeed be much better than :fail:
Have you got this feature working again on Exim 4?

if you set catch-all account to :fail:, it will be impossible to send email to the address that does not exist (pop3 account or forwarder). Try it yourself. So, if the only POP3 account is "JKh3jHGGkfl@yourdomain.com", server will accept connections and delivery email to this account only.

For EXIM4:
add this line to check_recipient ACL:
verify = recipient/defer_ok/callout=10s,defer_ok

*** I replaced acl_smtp_rcpt = check_recepient
to acl_smtp_rcpt = check_myown in 1st box of Exim editor and setup new "check_myown" ACL to be able to set my own acl_smtp_rcpt rules.

For EXIM3:
receiver_verify = true

cPanel.net Support Ticket Number:

[Stefaans]

I'd like to try this but feel uneasy tweaking exim.conf. Please confirm that this is what I should be doing:

Replace
acl_smtp_rcpt = check_recipient
with
acl_smtp_rcpt = check_myown

and then further down add
check_myown
verify = recipient/defer_ok/callout=10s,defer_ok

Thanks for your assistance

cPanel.net Support Ticket Number:

[H2Hosting.com]

Actually, set "acl_smtp_rcpt = check_myown" in 1st box
and then (in 2nd one) start new "check_myown" ACL with
all content of "check_recipient",

add verify = recipient/defer_ok/callout=10s,defer_ok
(insert just after "require verify = sender")

example:
...
accept hosts = :
require verify = sender
verify = recipient/defer_ok/callout=10s,defer_ok
...
...

It will replace "check_recipient" with "check_myown"

Most important - Cpanel insert some mailman tweeks in original exim.conf, but do not show modifications in Exim config editor, so copy all mailman related lines to your edited "check_myown" ACL

p.s. use it on your own risk

cPanel.net Support Ticket Number:

[Stefaans]

Thank you Alex. Your instructions were clear and I could modify exim.conf as suggested

I now get the desired behaviour - an error message on the sender side, rather than a bounce message.

Great stuff! Thank you!

[Stefaans]

Alex, did I mention you are my hero ?

cPanel.net Support Ticket Number:

[Uneeeq]

Thank you Alex !

This solution is perfect.
We had a spammer hammering our server with 500,000 attempts per day to send spam from fake email addresses to non existend users at one of our customers domains, bouncing them would only compound the problem because we were bouncing to non existent recipients. :blackhole: was the most viable solution but not satisfactory as the spammer would continue deliver their via-gra and such spams at a rate of 500,000 or more messages per day!

The only viable solution is to reject at check_recipient stage and not permit the message enter our server... so those spams would accumulate in SPAMMERS que and ultimately bog down his system instead of wasting our resources.

Since they use dynamic IP blocks from all over the world bl lists could not blacklist those IPs fast enough about 500 to 1000 mesages would get through each day even using the most aggressive bls.

I have been searching high and low for this solution for past 2 weeks and cannot thank you enough for posting it! It works like a charm !

[Jeewhizz]

I have the username problem tho. - is there anyway of fixing this?

[fizz]

what exactly goes in the second box, i get a config error, im not quiet understanding..

[amp]

It would be a good idea to just post a copy of the config file so everyone gets the visual idea.