Bug#270748: marked as done (exim4-config: "ignore private rfc1918 and APIPA addresses" causes problems)

Debian Bug Tracking System owner@bugs.debian.org
Wed, 08 Sep 2004 23:03:12 -0700 

Your message dated Thu, 9 Sep 2004 07:56:38 +0200
with message-id <20040909055638.GA13945@torres.ka0.zugschlus.de>
and subject line Bug#270748: exim4-config: "ignore private rfc1918 and APIPA addresses" causes problems
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 9 Sep 2004 01:50:09 +0000
>From andrew@pimlott.net Wed Sep 08 18:50:09 2004
Return-path: <andrew@pimlott.net>
Received: from gluck.debian.org [192.25.206.10] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1C5E4f-0004xk-00; Wed, 08 Sep 2004 18:50:09 -0700
Received: from c-67-169-42-16.client.comcast.net (localhost.localdomain) [67.169.42.16] 
	by gluck.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1C5E4e-0000YF-00; Wed, 08 Sep 2004 19:50:08 -0600
Received: from andrew by localhost.localdomain with local (Exim 4.34)
	id 1C5Dd7-00069a-8H; Wed, 08 Sep 2004 18:21:41 -0700
Date: Wed, 8 Sep 2004 18:21:41 -0700
From: Andrew Pimlott <andrew@pimlott.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: exim4-config: "ignore private rfc1918 and APIPA addresses" causes problems
Message-ID: <20040909012141.GA23454@apple.dev.nexplan.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 2.64
User-Agent: Mutt/1.5.6+20040818i
Sender: Andrew Pimlott <andrew@apple.dev.nexplan.com>
X-BadReturnPath: andrew@apple.dev.nexplan.com rewritten as andrew@pimlott.net
  using "From" header
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: exim4-config
Version: 4.34-5
Severity: normal

I installed exim4 and exim4-config as an "internet site".  I just found that
I could not send mail within my local network, because it refuses to connect
to RFC 1918 hosts.  This was difficult to debug, because the error in the
bounce and the log was simply "unroutable address".

I don't see any point to this restriction, and I don't see why exim should
assume that it is on the internet, rather than a private network where these
addresses are perfectly valid.  So I would suggest removing this
restriction, or at least making it configurable.

I have my system configured as an "internet site" rather than using a
smarthost because it is a laptop that goes on many networks, and it is
too tedious to reconfigure for every network.  But even if this weren't a
problem, I don't think the current exim behavior is the right default.

Andrew

-- Package-specific info:

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-1-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8

Versions of packages exim4-config depends on:
ii  adduser                       3.59       Add and remove users and groups
ii  debconf [debconf-2.0]         1.4.34     Debian configuration management sy
ii  passwd                        1:4.0.3-30 Change and administer password and

-- debconf information:
  exim4/dc_noalias_regenerate: false
  exim4/dc_smarthost:
* exim4/dc_relay_domains:
* exim4/dc_relay_nets:
* exim4/mailname: apple.dev.nexplan.com
* exim4/dc_local_interfaces: 127.0.0.1
* exim4/dc_minimaldns: false
  exim4/exim3_upgrade: true
* exim4/dc_other_hostnames:
* exim4/dc_eximconfig_configtype: internet site; mail is sent and received directly using SMTP
  exim4/no_config: true
  exim4/hide_mailname:
* exim4/dc_postmaster: andrew
  exim4/dc_readhost:
* exim4/use_split_config: false
  exim4/exim4-config-title:

---------------------------------------
Received: (at 270748-done) by bugs.debian.org; 9 Sep 2004 05:56:45 +0000
>From mh+debian-packages@zugschlus.de Wed Sep 08 22:56:45 2004
Return-path: <mh+debian-packages@zugschlus.de>
Received: from de46d.ipsec0.torres.ka0.zugschlus.de (torres.ka0.zugschlus.de) [212.126.222.70] (Debian-exim)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1C5HvJ-00033E-00; Wed, 08 Sep 2004 22:56:45 -0700
Received: from mh by torres.ka0.zugschlus.de with local (Exim 4.41)
	id 1C5HvC-0003eU-Ni; Thu, 09 Sep 2004 07:56:38 +0200
Date: Thu, 9 Sep 2004 07:56:38 +0200
From: Marc Haber <mh+debian-packages@zugschlus.de>
To: Andrew Pimlott <andrew@pimlott.net>, 270748-done@bugs.debian.org
Subject: Re: Bug#270748: exim4-config: "ignore private rfc1918 and APIPA addresses" causes problems
Message-ID: <20040909055638.GA13945@torres.ka0.zugschlus.de>
References: <20040909012141.GA23454@apple.dev.nexplan.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040909012141.GA23454@apple.dev.nexplan.com>
User-Agent: Mutt/1.3.28i
Delivered-To: 270748-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

On Wed, Sep 08, 2004 at 06:21:41PM -0700, Andrew Pimlott wrote:
> I installed exim4 and exim4-config as an "internet site".  I just found that
> I could not send mail within my local network, because it refuses to connect
> to RFC 1918 hosts.

Feature.

> This was difficult to debug, because the error in the
> bounce and the log was simply "unroutable address".

Upstream issue, easily debuggable with exim -bt.

> I don't see any point to this restriction,

The maintainers do.

> and I don't see why exim should
> assume that it is on the internet,

It is in the vast majority of cases.

> rather than a private network where these
> addresses are perfectly valid.

It does so to avoid delivering e-mail to misconfigured domains to the
wrong place.

> So I would suggest removing this restriction,

Denied. The configuration is there for a reason.

> or at least making it configurable.

Done. Closing the bug. The file holding the restriction is a
dpkg-conffile, feel free to change it with the text editor of your
choice.

I would, however, configure a dedicated router having a list of
domains that are allowed to have a rfc1918 MX, maybe even hard-wiring
the corresponding MX address.

> I have my system configured as an "internet site" rather than using a
> smarthost because it is a laptop that goes on many networks, and it is
> too tedious to reconfigure for every network.

Feel free to remove the restriction completely, and live with
awfully-hard-to-debug 

> But even if this weren't a
> problem, I don't think the current exim behavior is the right default.

Well, the exim4 maintainers do. Feel free to take the issue to the
technical ctte.

Thanks for your bug report.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Karlsruhe, Germany |  lose things."    Winona Ryder | Fon: *49 721 966 32 15
Nordisch by Nature |  How to make an American Quilt | Fax: *49 721 966 31 29