valid emails rejected to all ".br" tld's?

N

NoAgendas

Guest
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

(here are about 20 .br tld domains/recipients, about 10 different ones all to brazilian domains)

The domain/IP already has reverse dns as well. There is one for hotmail also.

One example:

[email protected]
unrouteable mail domain "domain.com.br"

Max email per hour per domain is set to 100.

Server:
cpanel release 10x
centos 4.3
100 mails per hour max

Exim.conf

untrusted_set_sender = *
local_from_check = false
#local_sender_retain = true

timeout_frozen_after = 2d
ignore_bounce_errors_after = 12h

domainlist rbl_blacklist = lsearch;/etc/rblblacklist
domainlist rbl_bypass = lsearch;/etc/rblbypass
hostlist rbl_whitelist = lsearch;/etc/relayhosts : partial-lsearch;/etc/rblwhitelist
message_size_limit = 20M
#log_selector = +arguments +subject
log_selector = +all

#timeout_frozen_after = 2d
#ignore_bounce_errors_after = 12h



#!!# ACL that is used after the RCPT command
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :

drop hosts = /etc/exim_deny
message = Connection denied after dictionary attack
log_message = Connection denied from $sender_host_address after dictionary attack

drop message = Appears to be a dictionary attack
log_message = Dictionary attack (after $rcpt_fail_count failures)
condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
condition = ${run{/etc/exim_deny.pl $sender_host_address }{yes}{no}}
!verify = recipient

# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
{yes}{no}}

accept condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
{yes}{no}}


# Accept bounces to lists even if callbacks or other checks would fail
warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
{yes}{no}}

accept condition = \
${if and {{match{$local_part}{(.*)-bounces\+.*}} \
{exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
{yes}{no}}

#if it gets here it isn't mailman

#sender verifications are required for all messages that are not sent to lists

require verify = sender/callout
accept domains = +local_domains
endpass

#recipient verifications are required for all messages that are not sent to the local machine
#this was done at multiple users requests

message = "The recipient cannot be verified. Please check all recipients of this message to verify they are valid."
verify = recipient

accept domains = +relay_domains

warn message = ${perl{popbeforesmtpwarn}{$sender_host_name}}
hosts = +relay_hosts
accept hosts = +relay_hosts

warn message = ${perl{popbeforesmtpwarn}{$sender_host_address}}
condition = ${perl{checkrelayhost}{$sender_host_address}}
accept condition = ${perl{checkrelayhost}{$sender_host_address}}

accept hosts = +auth_relay_hosts
endpass
message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication turned on in your email client.
authenticated = *

deny message = $sender_fullhost is currently not permitted to \
relay through this server. Perhaps you \
have not logged into the pop/imap server in the \
last 30 minutes or do not have SMTP Authentication turned on in your email client.


#!!# ACL that is used after the DATA command
check_message:
# Enabling this will make the server non-rfc compliant
# require verify = header_sender
accept



nobody@lsearch;/etc/localdomains "${if !eq {$header_From:}{}{$header_sender:$header_From:}fai l}" Fs


EXIM log for one of the domains:

2006-09-04 08:59:48 1GKEzJ-0004eB-0f ** [email protected] F=<[email protected]> R=fail_remote_domains: unrouteable mail domain "domain.com.br"
2006-09-04 08:59:48 1GKEzJ-0004eB-0f => adm <[email protected]> F=<[email protected]> P=<[email protected]> R=boxtraper_autowhitelist T=boxtrapper_autowhitelist S=8192 QT=3s DT=0s
 
Last edited by a moderator: