Marc Haber <[EMAIL PROTECTED]> (So 07 Jan 2007 23:41:01 CET): > On Sun, 7 Jan 2007 23:11:20 +0100, Heiko Schlittermann > <[EMAIL PROTECTED]> wrote: > >Marc Haber <[EMAIL PROTECTED]> (So 07 Jan 2007 22:39:41 CET): > >> this message ends with a debug output from exim 4.63 (Debian) > >> delivering via a smarthost router (also quoted at the end) to a host > >> that requires authentication. Exim is configured to authenticate, and > >> does this most of the time. Other times, this is what happens: > >> > >> routed by smarthost router > >> host gmail-smtp.l.google.com [209.85.133.111] port=587 > >> host gmail-smtp.l.google.com [209.85.133.109] port=587 > >> <snip> > >> remote_smtp_smarthost transport entered > >> <snip> > >> Connecting to gmail-smtp.l.google.com [209.85.133.111]:587 ... connected > >> <snip> > >> 209.85.133.111 in hosts_require_auth? no (option unset) > >> <snip> > >> gethostbyname2 looked up these IP addresses: > >> name=gmail-smtp.l.google.com address=64.233.185.111 > >> name=gmail-smtp.l.google.com address=64.233.185.109 > >> 209.85.133.111 in hosts_try_auth? no (end of list) > > > >It tries to find 209.85.133.111 in the hosts_try_auth list, > >I suppose there's "smtp.gmail.com:..." (constructed from > >passwd.client). > > It is smtp.gmail.com, constructed from DCsmarthost after cutting off > everything behind the first colon. passwd.client is only an "exists" > condition which is meant to avoid trying to authenticate when no > password is present at all. > > >If I understand well, then exim does a A lookup for named entries in > >the host list (and smtp.gmail.com is currently 64.233.183.109), so the > >list looks as follows > > > > hosts_try_auth = 64.233.183.109:... > > > >And this will not match the 209.85.133.111. > > Yes. Any idea how to fix this?
Not yet.
Below I'm just writing some thoughts, nothing new.
(I'll stop here, my wife is about giving a birth and I don't want
to miss it :-))
> >And some other hint:
> >--
> >gethostbyname2(af=inet6) returned 3 (NO_RECOVERY)
> >fully qualified name = gmail-smtp.l.google.com
> >gethostbyname2 looked up these IP addresses:
> > name=gmail-smtp.l.google.com address=209.85.133.111
> > name=gmail-smtp.l.google.com address=209.85.133.109
> >--
> >gethostbyname2(af=inet6) returned 3 (NO_RECOVERY)
> >gethostbyname2 looked up these IP addresses:
> > name=gmail-smtp.l.google.com address=64.233.185.111
> > name=gmail-smtp.l.google.com address=64.233.185.109
> >
> >
> >Appearantly during your debug session the addresses changed.
>
> Yes. This happens frequently, according to the bug reporter. So I need
> to build a way to make authentication work even when the smarthost
> address changes during the run time of a delivery process.
Hm. From the Spec(V.4.63, 30.2) I understand: the router passes the the
list of host names and IPs of your smarthost (209.85.133.{111,109}) to
the transport. During connection $host and $host_address contain the
data for the current connection, these values are used for
hosts_try_auth.
"hosts_try_auth" is a host list. After expansion it is:
hosts_try_auth = smtp.gmail.com
Exim will lookup smtp.gmail.com (and here it gets 64... in your example)
and then compare the result with the host it's connected to.
--
Heiko
signature.asc
Description: Digital signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
