Hello everyone, :-) ... And a special thanks to Bill Hacker for his extensive reply to my last mail message. It took me a while to digest it all.... but it was *very* very much appreciated... I feel like a baby here, I know, so thanks so much for all the help. :-)
Anyhow, things are going much better (whew! :) and I think I've gotten my hosting provider to set up the rDNS appropriately. [Finally!] But there are some new issues happening that maybe you guys could help me with: So, drumrolll.... here's THE PROBLEM..... _The Problem_ ***For SELECTED users, email sent from my dedicated box appears to get *rejected* with a "rejected RCPT" error.*** Here's the actual logs from my mainlog file. You can see that *most* of the messages get sent out ok, but some of them get rejected. -------------------------------------------------------------- 2006-08-24 10:42:00 1GGHLE-000IMU-Iy <= [EMAIL PROTECTED] U =og2list P=local S=714 [EMAIL PROTECTED] 2006-08-24 10:42:00 1GGHLE-000IMW-Jg <= [EMAIL PROTECTED] U=og2list P=local S=716 [EMAIL PROTECTED] 2006-08-24 10:42:00 1GGHLE-000IMY-KN <= [EMAIL PROTECTED] U=og2l ist P=local S=704 [EMAIL PROTECTED] 2006-08-24 10:42:00 1GGHLE-000IMa-LB <= [EMAIL PROTECTED] U= og2list P=local S=712 [EMAIL PROTECTED] 2006-08-24 10:42:00 1GGHLE-000IMd-Lx <= [EMAIL PROTECTED] U=og2list P=local S=718 [EMAIL PROTECTED] 2006-08-24 10:42:00 1GGHLE-000IMf-Me <= [EMAIL PROTECTED] U =og2list P=local S=714 [EMAIL PROTECTED] 2006-08-24 10:42:00 1GGHLE-000IMh-NM <= [EMAIL PROTECTED] U=og 2list P=local S=708 [EMAIL PROTECTED] 2006-08-24 10:42:00 1GGHLE-000IMj-O3 <= [EMAIL PROTECTED] U=og2lis t P=local S=700 [EMAIL PROTECTED] **HERE'S THE WEIRD PART: BEGIN WEIRD*** 2006-08-24 10:42:01 H=sv10pub.verizon.net [206.46.252.146] F=<> rejected RCPT <i [EMAIL PROTECTED]>: Unrouteable address 2006-08-24 10:42:01 H=sv10pub.verizon.net [206.46.252.146] F=<[EMAIL PROTECTED] t.verizon.net> rejected RCPT <[EMAIL PROTECTED]>: Unrouteab le address 2006-08-24 10:42:01 unexpected disconnection while reading SMTP command from sv1 0pub.verizon.net [206.46.252.146] 2006-08-24 10:42:01 1GGHLE-000IMf-Me ** [EMAIL PROTECTED] R=dnslookup T=remo te_smtp: SMTP error from remote mail server after MAIL FROM:<improv+f.kahane1=ve [EMAIL PROTECTED]> SIZE=1755: host relay.verizon.net [206.46.232.11]: 550 You are not allowed to send mail:sv10pub.verizon.net ** END WEIRD ** 2006-08-24 10:42:01 1GGHLF-000IMp-1X <= <> R=1GGHLE-000IMf-Me U=mailnull P=local S=1760 2006-08-24 10:42:01 1GGHLE-000IMf-Me Completed 2006-08-24 10:42:01 1GGHLF-000IMp-1X ** [EMAIL PROTECTED]: Unrouteable address 2006-08-24 10:42:01 1GGHLF-000IMp-1X Frozen (delivery error message) 2006-08-24 10:42:02 1GGHLE-000IMh-NM => [EMAIL PROTECTED] R=dnslookup T=remote_ smtp H=mx2.balanced.swarthy.mail.dreamhost.com [208.97.132.58] X=TLSv1:DHE-RSA-A ES256-SHA:256 2006-08-24 10:42:02 1GGHLE-000IMh-NM Completed 2006-08-24 10:42:04 1GGHLE-000IMU-Iy => [EMAIL PROTECTED] R=dnslookup T=remo te_smtp H=mx2.mail.yahoo.com [67.28.113.72] 2006-08-24 10:42:04 1GGHLE-000IMU-Iy Completed ****AND THIS IS ALSO WEIRD *** 2006-08-24 10:42:05 H=sv22pub.verizon.net [206.46.252.158] F=<> rejected RCPT <i [EMAIL PROTECTED]>: Unrouteable address 2006-08-24 10:42:05 H=sv22pub.verizon.net [206.46.252.158] F=<[EMAIL PROTECTED] t.verizon.net> rejected RCPT <[EMAIL PROTECTED]>: Unrouteable address 2006-08-24 10:42:05 unexpected disconnection while reading SMTP command from sv2 2pub.verizon.net [206.46.252.158] ** END WEIRD ** 2006-08-24 10:42:05 1GGHLE-000IMW-Jg => [EMAIL PROTECTED] R=dnslookup T=rem ote_smtp H=q1.netfirms.com [64.34.66.80] 2006-08-24 10:42:05 1GGHLE-000IMW-Jg Completed 2006-08-24 10:42:06 1GGHLE-000IMa-LB => [EMAIL PROTECTED] R=dnslookup T=remot e_smtp H=mx09.mindspring.com [207.69.200.36] 2006-08-24 10:42:06 1GGHLE-000IMa-LB Completed 2006-08-24 10:42:06 1GGHLE-000IMY-KN => [EMAIL PROTECTED] R=dnslookup T=remote_sm tp H=mailin-03.mx.aol.com [64.12.138.120] 2006-08-24 10:42:06 1GGHLE-000IMY-KN Completed 2006-08-24 10:42:06 1GGHLE-000IMj-O3 => [EMAIL PROTECTED] R=dnslookup T=remote_smtp H=mailin-02.mx.aol.com [205.188.157.25] 2006-08-24 10:42:06 1GGHLE-000IMj-O3 Completed ** WEIRD AGAIN 2006-08-24 10:42:09 H=sd-green-bigip-60.dreamhost.com (swarthymail-mx1.dreamhost .com) [208.97.132.60] F=<> rejected RCPT <[EMAIL PROTECTED]>: Unrouteable address ** END WEIRD 2006-08-24 10:42:11 1GGHLE-000IMd-Lx => [EMAIL PROTECTED] R=dnslookup T=re mote_smtp H=sbcmx5.prodigy.net [207.115.20.21] 2006-08-24 10:42:11 1GGHLE-000IMd-Lx Completed -------------------------------------------------------------- If anyone has any thoughts or ideas about what is going on, it would be muchos appreciated. Thanks! Albert www.ithou.org PS. I'm getting the following -- which looks good, finally! :-) ******* $ host ithou.org ithou.org has address 216.32.94.10 ithou.org mail is handled by 30 mail.ithou.org. ithou.org mail is handled by 10 mx.ithou.org. $ host 216.32.94.10 10.94.32.216.in-addr.arpa domain name pointer www.ithou.org. ******* PPS. The "uname -n" command gives "newinst.layeredtech.com" ... which I'm pretty sure I could reset -- but I've already changed the value: primary_hostname = ithou.org in the exim.configure file, so I think that the messages are getting wrapped correctly [no forgery concerns?] Thanks again, ajw. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of W B Hacker > Sent: Monday, August 14, 2006 9:51 PM > To: exim users > Subject: Re: [exim] Mail from remote server sending to my dedicated site: > 550 Error Relay not permitted > > Albert Wong wrote: > > So, I posted this before, but I did some more work on this. > > > > _On my Dedicated Box_ > > Exim's primary_host / local_domains / ACL section *does* seem to be > > configured to receive the mail to the appropriate domains > [local_domains] > > when mail is sent out **from the local "mail" command line** on the > > dedicated box... However, when the mail is sent **from a remote mail > > server**, [like yahoo.com or my ISP dslextreme.com] to the dedicated > box, I > > get the "550 Error Relay not permitted". > > > > Your hosting provider is doing several weird things. See below, and see > their > 'explanation' in their online FAQ. > > Then go and get a proper hosting provider. > > > > I think that the locally originating mail gets appropriately passed > through > > the exim.configure file, but remotely originating mail does not . > > > > When I dig "ithou.org" when I am logged onto the localhost, I get this: > > > > dig ithou.org -t mx > > > > gives: > > > > ;; QUESTION SECTION: > > ;ithou.org. IN MX > > > > ;; ANSWER SECTION: > > ithou.org. 3600 IN MX 20 mail.ithou.org. > > ithou.org. 3600 IN MX 10 mx.ithou.org. > > > > ;; AUTHORITY SECTION: > > ithou.org. 3600 IN NS ns2.ithou.org. > > ithou.org. 3600 IN NS ns1.ithou.org. > > > > ;; ADDITIONAL SECTION: > > mx.ithou.org. 3600 IN A 216.32.94.10 > > mail.ithou.org. 3600 IN A 216.32.94.10 > > ns1.ithou.org. 3600 IN A 216.32.94.10 > > ns2.ithou.org. 3600 IN A 216.32.94.10 > > > > ;; Query time: 0 msec > > ;; SERVER: 127.0.0.1#53(127.0.0.1) > > ;; WHEN: Mon Aug 14 11:24:01 2006 > > ;; MSG SIZE rcvd: 167 > > > > whereas the actual godaddy nameservers [where my site nameservers are > set up > > right now] yields the following: > > > > dig @park29.secureserver.net ithou.org -t mx > > > > gives this output: > > > > ;; QUESTION SECTION: > > ;ithou.org. IN MX > > > > ;; ANSWER SECTION: > > ithou.org. 3600 IN MX 10 mx.ithou.org. > > ithou.org. 3600 IN MX 30 mail.ithou.org. > > > > ;; ADDITIONAL SECTION: > > mail.ithou.org. 3600 IN A 216.32.94.10 > > mx.ithou.org. 3600 IN A 216.32.94.10 > > > > ;; Query time: 39 msec > > ;; SERVER: 64.202.165.19#53(64.202.165.19) > > ;; WHEN: Mon Aug 14 11:29:15 2006 > > ;; MSG SIZE rcvd: 99 > > > > --------------- > > There is more to it. > > Do 'host mx.ithou.org', which returns 216.32.94.10 > > Now do 'host 216.32.94.10' and get: > 10.94.32.216.in-addr.arpa domain name pointer > 10.94.32.216.reverse.layeredtech.com. > > Then try: > > dig any reverse.layeredtech.com > dig any PTR reverse.layeredtech.com > > Note the 'NS' and 'A' records do NOT end up on your IP, nor is there a PTR > record. > > > > > Additionally, here's the main parts of the exim configure file: > > > > primary_hostname = ithou.org > > > > domainlist local_domains = @ : ithou.org : <http://www.ithou.org> > > www.ithou.org > > domainlist relay_to_domains = *.ithou.org : ithou.org > > hostlist relay_from_hosts = localhost : 216.32.94.10 > > > > Thanks for any ideas! :-) > > > > Finally: and this might be key... when I try to do a telnet test send > > message from exim, I get the following response: > > > > #telnet ithou.org 25 > > Connected to ithou.org. > > Escape character is '^]'. > > 220 newinst.layeredtech.com ESMTP Exim 4.62 Mon, 14 Aug 2006 11:37:00 - > 0500 > > The 'banner' should reflect *your* server ID, not that of the upstream. > Aside from their proprietary idea of what a PTR record is (see their FAQ), > they are doing something else strange. > > Note that *your* DNS has 'A' and 'MX' records. > > Note that layeredtech has constructed an rDNS for your IP, but have > assigned it > to *their* domain.tld, not to your domain.tld. > > Do a traceroute to your IP, your domain.tld and save the last two lines. > > Now do the same to one or more other mail servers, (mine, sesame, etc.). > > Compare the last two lines with the last two lines from these with the > last two > lines where layeredtech is mis-labeling your server. > > Then go and find a proper hosting provider. > > Meanwhile, rude as that is, as you DO have an A record, it should not stop > the > world from turning. > > > ehlo ithou.org > > 250-newinst.layeredtech.com Hello ithou.org [216.32.94.10] > > 250-SIZE 52428800 > > 250-PIPELINING > > 250 HELP > > MAIL FROM: [EMAIL PROTECTED] > > 250 OK > > RCPT TO: [EMAIL PROTECTED] > > 451 Temporary local problem - please try later > > > > This is a separate issue. > > If I follow the same procedure, but use *my* address as 'MAIL FROM:' > with RCPT TO: [EMAIL PROTECTED], I get 'accepted', not the 451 error > message. > > Your Exim is seeing a remote client attempt to impersonate a local > domain.tld > (probably doesn't let it get far enough to care about the local_part). > > > Thanks for all your ideas! > > > > I've tried to contact LayeredTech.com which is my hosting company to try > and > > set things up with a PTR / DNS record upstream. because Bill Hacker > > graciously recommended that I do so earlier, but the hosting company is > > being kinda unresponsive. > > > > More accurately, responsive in a proprietary and unhelpful way - one taht > will > throw you into the penalty box for apparent 'forgery' as you move forward. > > > Anyhow, thanks for your help! > > > > Albert > > > > > > > > Suggest you use a 'real' remote address for MAIL FROM: on telnet testing > so as > not to complicate/obscure the issues. > > HTH, > > Bill > > > -- > ## List details at http://www.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://www.exim.org/eximwiki/ -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
