Bug#388460: exim4-daemon-light: sender verification is not working

George B. i93.borg at gmail.com
Wed Sep 20 16:22:25 UTC 2006 

On 20/09/06, Marc Haber <mh+debian-packages at zugschlus.de> wrote:
> On Wed, Sep 20, 2006 at 03:26:39PM +0100, George B. wrote:
> > I attach the config.autogenerated file for the problem server.
>
> I do not see the attachment.

Yeah I noticed, sorry. I posted a followup, but BTS took some time to accept.


> > I have set the appropriate option in the macros file
>
> Which option, which macros file?

I tried /etc/exim4/conf.d/main/000_localmacros and then tried
switching to single file configuration and used
/etc/exim4/exim4.conf.localmacros


> Try exim4 -d -bh <some-ip-address> and simulate an SMTP session with a
> invalid sender on the terminal. The debug output will probably help.
> If not, send the debug output to the bug report.

I attach the debug output (thanks, I never thought of using this test mode).

The verification test is run and it succeeds, not sure why though. I'm
afraid my understanding of Exim is still a little basic.


George.
-------------- next part --------------
Exim version 4.63 uid=0 gid=0 pid=23487 D=fbb95cfd
Berkeley DB: Sleepycat Software: Berkeley DB 4.3.29: (September  6, 2005)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
changed uid/gid: forcing real = effective
  uid=0 gid=0 pid=23487
  auxiliary group list: <none>
seeking password data for user "uucp": cache not available
getpwnam() succeeded uid=10 gid=10
configuration file is /var/lib/exim4/config.autogenerated
log selectors = 00000ffc 00089001
trusted user
admin user
changed uid/gid: privilege not needed
  uid=102 gid=102 pid=23487
  auxiliary group list: 102
seeking password data for user "mail": cache not available
getpwnam() succeeded uid=8 gid=8
user name "root" extracted from gecos field "root"
originator: uid=0 gid=0 login=root name=root
sender address = root@<-snip->.homelinux.org
sender_fullhost = [10.0.0.1]
sender_rcvhost = [10.0.0.1]

**** SMTP testing session as if from host 10.0.0.1
**** but without any ident (RFC 1413) callback.
**** This is not for real!

host in hosts_connection_nolog? no (option unset)
LOG: smtp_connection MAIN
  SMTP connection from [10.0.0.1]
host in host_lookup? yes (matched "*")
looking up host name for 10.0.0.1
DNS lookup of 1.0.0.10.in-addr.arpa (PTR) gave HOST_NOT_FOUND
returning DNS_NOMATCH
IP address lookup using gethostbyaddr()
IP address lookup yielded mail
gethostbyname2(af=inet6) returned 1 (HOST_NOT_FOUND)
gethostbyname2 looked up these IP addresses:
  name=mail address=10.0.0.1
checking addresses for mail
  10.0.0.1 OK
sender_fullhost = mail [10.0.0.1]
sender_rcvhost = mail ([10.0.0.1])
set_process_info: 23487 handling incoming connection from mail [10.0.0.1]
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
SMTP>> 220 <-snip->.homelinux.org ESMTP Exim 4.63 Wed, 20 Sep 2006 16:50:50 +0100
220 <-snip->.homelinux.org ESMTP Exim 4.63 Wed, 20 Sep 2006 16:50:50 +0100
smtp_setup_msg entered
helo me
SMTP<< helo me
sender_fullhost = mail (me) [10.0.0.1]
sender_rcvhost = mail ([10.0.0.1] helo=me)
set_process_info: 23487 handling incoming connection from mail (me) [10.0.0.1]
250 <-snip->.homelinux.org Hello mail [10.0.0.1]
SMTP>> 250 <-snip->.homelinux.org Hello mail [10.0.0.1]
mail from: sdokdkdo at dsaodpojdopj.com
SMTP<< mail from: sdokdkdo at dsaodpojdopj.com
using ACL "acl_check_mail"
processing "accept"
accept: condition test succeeded
SMTP>> 250 OK
250 OK
rcpt to: root at localhost
SMTP<< rcpt to: root at localhost
using ACL "acl_check_rcpt"
processing "accept"
check hosts = :
host in ":"? no (end of list)
accept: condition test failed
processing "deny"
check domains = +local_domains
localhost in "@:localhost:10.0.0.1 : <-snip-> : localhost.localdomain : dsearch;/etc/exim4/virtual"? yes (matched "localhost")
localhost in "+local_domains"? yes (matched "+local_domains")
check local_parts = ^[.] : ^.*[@%!/|`#&?]
root in "^[.] : ^.*[@%!/|`#&?]"? no (end of list)
deny: condition test failed
processing "deny"
check domains = !+local_domains
cached yes match for +local_domains
cached lookup data = NULL
localhost in "!+local_domains"? no (matched "!+local_domains" - cached)
deny: condition test failed
processing "accept"
check local_parts = postmaster
root in "postmaster"? no (end of list)
accept: condition test failed
processing "deny"
check !acl = acl_whitelist_local_deny
using ACL "acl_whitelist_local_deny"
processing "accept"
check hosts = ${if exists{/etc/exim4/local_host_whitelist}{/etc/exim4/local_host_whitelist}{}}
host in ""? no (end of list)
accept: condition test failed
processing "accept"
check senders = ${if exists{/etc/exim4/local_sender_whitelist}{/etc/exim4/local_sender_whitelist}{}}
sdokdkdo at dsaodpojdopj.com in ""? no (end of list)
accept: condition test failed
end of ACL "acl_whitelist_local_deny": implicit DENY
check !verify = sender
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Verifying sdokdkdo at dsaodpojdopj.com
address match: subject=sdokdkdo at dsaodpojdopj.com pattern=*@+local_domains
search_open: dsearch "/etc/exim4/virtual"
search_find: file="/etc/exim4/virtual"
  key="dsaodpojdopj.com" partial=-1 affix=NULL starflags=0
LRU list:
  4/etc/exim4/virtual
  End
internal_search_find: file="/etc/exim4/virtual"
  type=dsearch key="dsaodpojdopj.com"
file lookup required for dsaodpojdopj.com
  in /etc/exim4/virtual
lookup failed
dsaodpojdopj.com in "@:localhost:10.0.0.1 : <-snip-> : localhost.localdomain : dsearch;/etc/exim4/virtual"? no (end of list)
dsaodpojdopj.com in "+local_domains"? no (end of list)
sdokdkdo at dsaodpojdopj.com in "*@+local_domains"? no (end of list)
address match: subject=sdokdkdo at dsaodpojdopj.com pattern=*@<-snip->.homelinux.org
dsaodpojdopj.com in "<-snip->.homelinux.org"? no (end of list)
sdokdkdo at dsaodpojdopj.com in "*@<-snip->.homelinux.org"? no (end of list)
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Considering sdokdkdo at dsaodpojdopj.com
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
routing sdokdkdo at dsaodpojdopj.com
--------> hubbed_hosts router <--------
local_part=sdokdkdo domain=dsaodpojdopj.com
checking domains
expansion of "${if exists{/etc/exim4/hubbed_hosts}{partial-lsearch;/etc/exim4/hubbed_hosts}fail}" forced failure: assume not in this list
hubbed_hosts router skipped: domains mismatch
--------> smarthost router <--------
local_part=sdokdkdo domain=dsaodpojdopj.com
checking domains
search_open: dsearch "/etc/exim4/virtual"
  cached open
search_find: file="/etc/exim4/virtual"
  key="dsaodpojdopj.com" partial=-1 affix=NULL starflags=0
LRU list:
  4/etc/exim4/virtual
  End
internal_search_find: file="/etc/exim4/virtual"
  type=dsearch key="dsaodpojdopj.com"
cached data used for lookup of dsaodpojdopj.com
  in /etc/exim4/virtual
lookup failed
dsaodpojdopj.com in "@:localhost:10.0.0.1 : <-snip-> : localhost.localdomain : dsearch;/etc/exim4/virtual"? no (end of list)
dsaodpojdopj.com in "! +local_domains"? yes (end of list)
R: smarthost for sdokdkdo at dsaodpojdopj.com
calling smarthost router
smarthost router called for sdokdkdo at dsaodpojdopj.com
  domain = dsaodpojdopj.com
route_item = * smtp.blueyonder.co.uk byname
dsaodpojdopj.com in "*"? yes (matched "*")
original list of hosts = "smtp.blueyonder.co.uk" options = byname
expanded list of hosts = "smtp.blueyonder.co.uk" options = byname
set transport remote_smtp_smarthost
finding IP address for smtp.blueyonder.co.uk
calling host_find_byname
gethostbyname2(af=inet6) returned 4 (NO_DATA)
fully qualified name = smtp.blueyonder.co.uk
gethostbyname2 looked up these IP addresses:
  name=smtp.blueyonder.co.uk address=195.188.53.60
queued for remote_smtp_smarthost transport: local_part = sdokdkdo
domain = dsaodpojdopj.com
  errors_to=NULL
  domain_data=NULL localpart_data=NULL
routed by smarthost router
  envelope to: sdokdkdo at dsaodpojdopj.com
  transport: remote_smtp_smarthost
  host smtp.blueyonder.co.uk [195.188.53.60]
----------- end verify ------------
sender sdokdkdo at dsaodpojdopj.com verified ok
deny: condition test failed
processing "deny"
check !acl = acl_whitelist_local_deny
using ACL "acl_whitelist_local_deny"
processing "accept"
check hosts = ${if exists{/etc/exim4/local_host_whitelist}{/etc/exim4/local_host_whitelist}{}}
host in ""? no (end of list)
accept: condition test failed
processing "accept"
check senders = ${if exists{/etc/exim4/local_sender_whitelist}{/etc/exim4/local_sender_whitelist}{}}
sdokdkdo at dsaodpojdopj.com in ""? no (end of list)
accept: condition test failed
end of ACL "acl_whitelist_local_deny": implicit DENY
check senders = ${if exists{/etc/exim4/local_sender_callout}{/etc/exim4/local_sender_callout}{}}
sdokdkdo at dsaodpojdopj.com in ""? no (end of list)
deny: condition test failed
processing "accept"
check hosts = +relay_from_hosts
host in "10.0.0.0/24 : 127.0.0.1 : ::::1"? yes (matched "10.0.0.0/24")
host in "+relay_from_hosts"? yes (matched "+relay_from_hosts")
check control = submission/sender_retain
accept: condition test succeeded
SMTP>> 250 Accepted
250 Accepted
^c

More information about the Pkg-exim4-maintainers mailing list