Email - Domain Literals

[RBogan]

Can anyone suggest a way of clearing up this annoying issue when running my domains through tests at dnsreport.com?

WARN: One or more of your mailservers does not accept mail in the domain literal format (user@[0.0.0.0]). Mailservers are technically required RFC1123 5.2.17 to accept mail to domain literals for any of its IP addresses. Not accepting domain literals can make it more difficult to test your mailserver, and can prevent you from receiving E-mail from people reporting problems with your mailserver. However, it is unlikely that any problems will occur if the domain literals are not accepted.

mail.generic.net's postmaster@[xx.xx.xx.xx] response:
>>> RCPT TO:<postmaster@[xx.xx.xx.xx]>
<<< 501 : domain literals not allowed


I have already tried to edit the exim.conf file as suggested in the file itself :

# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above.

# local_domains_include_host_literals


But, needless to say...my Exim configuration seems to ignore its own .conf file. I can't get the variable above to stick when uncommenting the line above.

Any suggestions are appreciated.

Thanks,

[chirpy]

It took a bit of work, but I finally found this out:

The example in exim.conf is wrong (possibly from exim3?). You actually should use the command:

allow_domain_literals

You also need to list your IP addresses within:
/etc/localdomains

as (including square brackets):
[11.22.33.44]

Then restart:
/etc/rc.d/init.d/exim restart

I did this on a cPanel server and it then passed the domain literals test on dnsreport.com (and worked!).

[RBogan]

After applying the steps outlined in your post, the problem is solved and the domains now accept literal email.

Thanks so much for posting this solution!

[goodmove]

Originally posted by chirpy
It took a bit of work, but I finally found this out:

The example in exim.conf is wrong (possibly from exim3?). You actually should use the command:

allow_domain_literals

You also need to list your IP addresses within:
/etc/localdomains

as (including square brackets):
[11.22.33.44]

Then restart:
/etc/rc.d/init.d/exim restart

I did this on a cPanel server and it then passed the domain literals test on dnsreport.com (and worked!).

Are there any security implications of opening up the IPs to external mail tests?

What are the advantages of allowing domain literals?

[chirpy]

The advantages are that it makes your MTA RFC compliant. The main point of domain literals is a "last port of call" when routing or other problems mean that using domain literals is the only way of contacting the postmaster on a server.

For example, if SpamCop cannot find a contact for the IP address of the server, it will attempt to email postmaster@[11.22.33.44].

The main problem with domain literals is that the MTA can have trouble delivering email to the correct mailbox. Exim relies on the username + domain name for email delivery and is why the valiases work for accounts of the same name (e.g. bob@domain1.com and bob@domain2.com can both be POP3 accounts without actual aliases being involved). The problem exim would have is if it receives an email for bob@[11.22.33.44], who should it deliver to?

I'm not aware of any security implications beyond someone receiving an email that should be for someone else for the reasons I mention above. I'd be happy to be corrected, but that's my understanding after reading up on this.

[kliest]

I have a weird problem. I just setup a new server, and it seems that the ip that is used as the mainserver ip is blacklisted on the dsbl.org. They only want to remove me from their blacklist if I can receive messages send to postmaster@[ip] or abuse@[ip]

I edited etc/exim.conf and added the following command:

allow_domain_literals

Then I edited the etc/localdomains and put the server IP there [ip] (including the square brackets)

Then I restarted exim and everything it said that everything was okay. But when I email myself to postmaster@[ip] I receive the message back. Mail delivery error.

I don't know what I am doing wrong. Does anybody have any suggestions. I have set all the system mail preferences to send it to my email account. But it doesn't want to receive the messages send to postmaster@[ip].

Any help is really appreciated.

Thanks,
Edwin

[chirpy]

What is the full bounce message? Is it saying no such user? If so, you will also need an alias for postmaster to forward to, e.g. root.

The full error bounce would help.

[mickalo]

Just curious, after reading this thread as it seems a bit old. We are running the most recent version of exim, and in the exim.conf is the following:

Code:

# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above.

# local_domains_include_host_literals

Would this be the same as the
allow_domain_literals or is this something different and does the server IP address still need to be added to the localdomains file ??

TIA
Mickalo

[kliest]

Oh oops . I was just looking at the bounce error, and saw that I made a little typo in the IP adress. After fixing it, it is working.

Editing the exim.conf, localdomains and sending it to the correct IP did the trick

Thanks for your fast reply

[chirpy]

Good news

[chirpy]

Hi Mickalo,

Would this be the same as the
allow_domain_literals or is this something different

The exim.conf file is wrong. I believe that the comments refer to how domain literals worked in v3 of Exim. They changed the directives for Exim v4 and the directions in my post above are correct for the latest release that cPanel uses.

[mickalo]

Originally posted by chirpy
Hi Mickalo,

The exim.conf file is wrong. I believe that the comments refer to how domain literals worked in v3 of Exim. They changed the directives for Exim v4 and the directions in my post above are correct for the latest release that cPanel uses.

Ok, thanks

where about would one add the allow_domain_literals directive and do you only add the server IP address or each domain IP address ??

Thx's
Mickalo

[chirpy]

Pop it in at the same place where the old comments are in exim.conf.

I guess you would need to list all the IP addresses for the server since exim does listen on each (as it would need to since the MX records for the domains will resolve to the IP address for the domain).

[mickalo]

Originally posted by chirpy
Pop it in at the same place where the old comments are in exim.conf.

I guess you would need to list all the IP addresses for the server since exim does listen on each (as it would need to since the MX records for the domains will resolve to the IP address for the domain).

thx's

[Website Rob]

Thanks for sharing, Jonathan.

Although most Servers will works just fine without Domain Literals, this is one of those 'niggly' things that, if one wants to go all the way to compliance, your information allows them to do that.