The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[200.203.38.***] is currently not permitted$ ??????

Discussion in 'General Discussion' started by snackykiller, Jun 20, 2005.

  1. snackykiller

    snackykiller Member

    Joined:
    Feb 4, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Hey i need some help with this :confused:

    a User of our's cant send e-mail
    everything is set up right and when we test the mail account we can send mail just fine

    i found out that he has no reverse dns lookup on his ip
    and i think that is the problem why he cant send mails out from his outlook trough our server .. (am i right thinking this?)

    is there any way for me to bypass this problem in exim with some lines of code for this user ?


    this is the error i get in the exim_mainlog

    H=(pico) [200.203.38.***] F=<pico@*****.net> rejected RCPT <pico666@*****.com.br>: (pico) [200.203.38.***] is currently not permitted$


    copy of the exim ACL
    Code:
    #!!# ACL that is used after the RCPT command
    check_recipient:
      # Exim 3 had no checking on -bs messages, so for compatibility
      # we accept if the source is local SMTP (i.e. not over TCP/IP).
      # We do this by testing for an empty sending host field.
      accept  hosts = :
    
    
    
    
     drop dnslists =  relays.ordb.org :\
                    sbl-xbl.spamhaus.org
    
    
    
        message = your mail server $sender_host_address is in a black list \
                 at $dnslist_domain ($dnslist_text)
    
      require verify = reverse_host_lookup
              message = your mail server IP address ($sender_host_address) has no reverse DNS PTR hostname
    
    
    
    
    drop hosts = /etc/exim_deny
            message = Connection denied after dictionary attack
            log_message = Connection denied from $sender_host_address after dictionary attack 
    
    
        drop message = Appears to be a dictionary attack
            log_message = Dictionary attack (after $rcpt_fail_count failures)
            condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
            condition = ${run{/etc/exim_deny.pl $sender_host_address }{yes}{no}}
            !verify = recipient
    
    # Accept bounces to lists even if callbacks or other checks would fail
    
      warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
               condition    = \
               ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                         {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
                    {yes}{no}}
    
      accept   condition    = \
               ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                         {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
                    {yes}{no}}
    
    
      # Accept bounces to lists even if callbacks or other checks would fail
      warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
               condition    = \
               ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                         {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
                    {yes}{no}}
    
      accept   condition    = \
               ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                         {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
                    {yes}{no}}
    
      #if it gets here it isn't mailman
                                                                                                                                               
      #sender verifications are required for all messages that are not sent to lists
                                                                                                                                               
      require verify = sender
      accept  domains = +local_domains
      endpass
                                                                                                                                               
      #recipient verifications are required for all messages that are not sent to the local machine
      #this was done at multiple users requests
                                                                                                                                               
      message = "The recipient cannot be verified.  Please check all recipients of this message to verify they are valid."
      verify = recipient
                                                                                                                                               
      accept  domains = +relay_domains
    
      warn  message = ${perl{popbeforesmtpwarn}{$sender_host_name}}
            hosts = +relay_hosts
      accept  hosts = +relay_hosts
                                                                                    
      warn  message = ${perl{popbeforesmtpwarn}{$sender_host_address}}
            condition = ${perl{checkrelayhost}{$sender_host_address}}
      accept  condition = ${perl{checkrelayhost}{$sender_host_address}}
    
      accept  hosts = +auth_relay_hosts
              endpass
              message = $sender_fullhost is currently not permitted to \
                            relay through this server. Perhaps you \
                            have not logged into the pop/imap server in the \
                            last 30 minutes or do not have SMTP Authentication turned on in your email client.
              authenticated = *
    
      deny    message = $sender_fullhost is currently not permitted to \
                            relay through this server. Perhaps you \
                            have not logged into the pop/imap server in the \
                            last 30 minutes or do not have SMTP Authentication turned on in your email client.
    
    
    #!!# ACL that is used after the DATA command
    check_message:
      require verify = header_sender
      accept
    


    Thanks
    Richard
     
  2. hicom

    hicom Well-Known Member

    Joined:
    May 23, 2003
    Messages:
    272
    Likes Received:
    0
    Trophy Points:
    16
    Could be the IP is listend in the RBL group:

    drop dnslists = relays.ordb.org :\
    sbl-xbl.spamhaus.org



    or it is listed in any of hte conditions you have there. you have couple of restrictions in your Exim config, I'm sure one of them, but I'd check sbl-xbl.spamhaus.org first, I've had a problem with them before.
     
  3. snackykiller

    snackykiller Member

    Joined:
    Feb 4, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for the quick reply :)

    i'll try see if removing the RBL works
     
    #3 snackykiller, Jun 21, 2005
    Last edited: Jun 21, 2005
  4. snackykiller

    snackykiller Member

    Joined:
    Feb 4, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Nope that didn’t do it ... :(

    any other ideas ?
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It's because you've added this line to force rDNS lookup:

    require verify = reverse_host_lookup

    If you don't want that, remove it and its associated message line from the ACL settings.
     

Share This Page