URGENT: Exim routing problem...

brianteeter

Well-Known Member
Jan 6, 2002
72
0
306
I have a client who cannot send email through our server. He keeps getting bounced mail and the exim_rejectlog reports this:

2002-09-02 16:38:48 refused relay (host) to &[email protected]& from &[email protected]& H=(web3.assortedinternet.com) [216.40.242.60] (failed to find host name from IP address)

But, what I don't get is, their sending from the localhost. So I ran some diagnostics with exim:

[email protected] [/etc]# exim -d9 -bh 216.40.242.60
Exim version 3.35 debug level 9 uid=0 gid=0
Berkeley DB: Sleepycat Software: DB 2.4.14: (6/2/98)
Caller is an admin user
Caller is a trusted user
originator: uid=0 gid=0 login=root name=root
sender address = [email protected]
sender_fullhost = [216.40.242.60]
sender_rcvhost = [216.40.242.60]

**** SMTP testing session as if from host 216.40.242.60
**** Not for real!

host in host_lookup? no (!0.0.0.0/0)
host in host_reject? no (end of list)
host in host_reject_recipients? no (option unset)
host in auth_hosts? no (option unset)
host in auth_over_tls_hosts? no (option unset)
host in tls_hosts? no (option unset)
host in sender_unqualified_hosts? yes (216.40.242.0/24)
host in receiver_unqualified_hosts? no (option unset)
host in helo_verify? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
SMTP&& 220-web3.assortedinternet.com ESMTP Exim 3.35 #1 Mon, 02 Sep 2002 16:39:19 -0400
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
220-web3.assortedinternet.com ESMTP Exim 3.35 #1 Mon, 02 Sep 2002 16:39:19 -0400
220-We do not authorize the use of this system to transport unsolicited,
220 and/or bulk e-mail.
smtp_setup_msg entered


So, as you can see, its blocking mail from that IP. But, that is a local IP! What the hell??

[email protected] [/etc]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:07:95:5B:D7:E6
inet addr:216.40.242.219 Bcast:216.40.242.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1380723 errors:0 dropped:0 overruns:0 frame:0
TX packets:1477611 errors:0 dropped:0 overruns:0 carrier:0
collisions:16577 txqueuelen:100
Interrupt:12 Base address:0xd400

eth0:1 Link encap:Ethernet HWaddr 00:07:95:5B:D7:E6
inet addr:216.40.242.239 Bcast:216.40.242.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:12 Base address:0xd400

eth0:2 Link encap:Ethernet HWaddr 00:07:95:5B:D7:E6
inet addr:216.40.242.52 Bcast:216.40.242.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:12 Base address:0xd400

eth0:3 Link encap:Ethernet HWaddr 00:07:95:5B:D7:E6
inet addr:216.40.242.53 Bcast:216.40.242.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:12 Base address:0xd400

eth0:4 Link encap:Ethernet HWaddr 00:07:95:5B:D7:E6
inet addr:216.40.242.60 Bcast:216.40.242.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:12 Base address:0xd400


Any ideas what might be going on? Help is greatly appreciated.

Thanks - Brian
 

rpmws

Well-Known Member
Aug 14, 2001
1,822
9
318
back woods of NC, USA
For 3-4 days I have been getting this every 3 seconds in my exim_maillog

2002-09-04 00:55:39 17mSCZ-0007T2-00 remote host address is the local host: localhost.myservername.com

2002-09-04 00:55:39 17mSCZ-0007T2-00 rejected from tomts14.bellnexxia.net (tomts14-srv.bellnexxia.net) [209.226.175.35]: can't currently verify any sender in the header lines (envelope sender is &[email protected]&) - try later


For teh life of me would like to find out who or what account is causing this .Who it is .. it just won't stop.
 

brianteeter

Well-Known Member
Jan 6, 2002
72
0
306
Actually, I figured it out already.

Basically what happens in exim is whenever you use a:

lsearch;/etc/whatever

in a rule, like host_accept, exim will not process anything after that in the rule, so if you specify the rule like this:

host_accept = lsearch;/etc/whatever : 1.2.3.4

and your sending mail from the IP 1.2.3.4 which is not in /etc/whatever, it will bounce the message. This happens because it doesn't read anything in the rule after the lsearch. So you need to re-order the specification of the rule like so:

host_accept = 1.2.3.4 : lsearch;/etc/whatever

Now it will check 1.2.3.4 before it does the search and it will allow the mail to go through.

Strange, but that was the problem. :-0

Thanks for your help.

Brian