Re: [exim] Frankenstein exim.conf

[schmero...@gmail.com]

On 4/30/2014 9:28 AM, Todd Lyons wrote:
On Wed, Apr 30, 2014 at 6:39 AM, schmero...@gmail.com
<schmero...@gmail.com> wrote:
I have tweaked exim.conf so many times over the years, that I am concerned
something(s) are completely disfunctional. For example I have been receiving
spam from servers blacklist by mcafee & barracuda, reviewing the logs, I
find neither blacklist has blocked any message.
<snip>

   deny message = rejected because $sender_host_address is in a black list at
$dnslist_domain\n$dnslist_text
   deny dnslists =
zen.spamhaus.org/<;$sender_host_address;$sender_address_domain :\
        cidr.bl.mcafee.com : bl.spameatingmonkey.net : bl.mailspike.net :
dnsbl.sorbs.net : b.barracudacentral.org : bb.barracudacentral.org :
psbl.surriel.com : \
        hostkarma.junkemailfilter.com=127.0.0.2

Do a simulated connection and look in the debug output and see what
the problem is:

exim -bh ip.that.should.reject
EHLO hostname.of.that.ip
MAIL FROM:<valid_sen...@example.com>
RCPT TO:<valid_recipi...@example.new>

At this point, the rcpt acl will be processed, which is where your RBL
is checked.  Look in the debug output and find that specific acl
stanza and see what the result is.  Post the section here if you have
difficulty interpreting the results.

...Todd


Exim seems to be disregarding dnslist directive. What setting would 
cause this:
[root@mx2 ~]# dig 83.16.212.66.cidr.bl.mcafee.com +short
127.0.0.3

[root@mx2 ~]# exim -bh 66.212.16.83

**** SMTP testing session as if from host 66.212.16.83
**** but without any ident (RFC 1413) callback.
**** This is not for real!

host in hosts_connection_nolog? no (option unset)
LOG: SMTP connection from [66.212.16.83]
host in host_lookup? yes (matched "*")
looking up host name for 66.212.16.83
IP address lookup yielded 66.212.16.83.static.quadranet.com
gethostbyname2 looked up these IP addresses:
  name=66.212.16.83.static.quadranet.com address=127.0.0.1
checking addresses for 66.212.16.83.static.quadranet.com
  127.0.0.1
no IP address for 66.212.16.83.static.quadranet.com matched
66.212.16.83
66.212.16.83 does not match any IP address for
66.212.16.83.static.quadranet.com
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
220 fastnet1.com ESMTP SMTP Gateway: Authorized Use Only! Violators will 
be persecuted Exim 4.80.1 Wed, 30 Apr 2014 12:03:50 -0500
EHLO phyto-naturalskinyoung.me
phyto-naturalskinyoung.me in helo_lookup_domains? no (end of list)
host in pipelining_advertise_hosts? yes (matched "*")
host in tls_advertise_hosts? no (option unset)
250-mx2.fastnet1.com Hello phyto-naturalskinyoung.me [66.212.16.83]
250-SIZE 73400320
250-8BITMIME
250-PIPELINING
250 HELP
MAIL FROM:<valid_sen...@example.com>
250 OK
MAIL FROM:<valid_sen...@example.com>
LOG: SMTP protocol error in "MAIL FROM:<valid_sen...@example.com>" 
H=(phyto-naturalskinyoung.me) [66.212.16.83] sender already given
503 sender already given
RCPT TO:<j...@katy.com>
using ACL "acl_check_rcpt"
processing "accept"
check hosts = lsearch;/etc/exim/whitelist
sender host name required, to match against lsearch;/etc/exim/whitelist
host in "lsearch;/etc/exim/whitelist"? no (failed to find host name
for 66.212.16.83)
accept: condition test failed in ACL "acl_check_rcpt"
processing "accept"
check hosts = :
host in ":"? no (end of list)
accept: condition test failed in ACL "acl_check_rcpt"
processing "deny"
check local_parts = ^.*[@%!/|] : ^\\.
john in "^.*[@%!/|] : ^\."? no (end of list)
deny: condition test failed in ACL "acl_check_rcpt"
processing "deny"
check condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
                = yes
check condition = ${if match{$sender_helo_name}{\N[^.]\N}{no}{yes}}
                = no
deny: condition test failed in ACL "acl_check_rcpt"
processing "accept"
check domains = +relay_to_domains
katy.com in "partial-lsearch;/etc/exim/transport"? yes (matched
"partial-lsearch;/etc/exim/transport")
katy.com in "+relay_to_domains"? yes (matched "+relay_to_domains")
check verify = recipient
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
routing j...@katy.com
calling redirect router
redirect router declined for j...@katy.com
katy.com in "+relay_to_domains"? yes (matched "+relay_to_domains" -
cached)
calling internal router
routed by internal router
----------- end verify ------------
accept: condition test succeeded in ACL "acl_check_rcpt"
250 Accepted
quit
LOG: H=(phyto-naturalskinyoung.me) [66.212.16.83] incomplete transaction 
(QUIT) from <valid_sen...@example.com> for j...@katy.com
221 mx2.fastnet1.com closing connection
LOG: SMTP connection from (phyto-naturalskinyoung.me) [66.212.16.83] 
closed by QUIT
[root@mx2 ~]#


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/