SpamBlocker-Powered exim.conf, Version 4

Hi.
There are many records in /var/log/exim/rejectlog
Code:
2011-02-02 18:12:25 H=(din-31-75-231-77.ipcom.comunitel.net) [77.231.75.31] F=<[email protected]> rejected RCPT <[B][email protected][/B]>: Sender verify failed

I thought that mail for users on my server shouldn't be locked... Is it normal? Wich rule rejects emails?
 
Can i simply comment whole rule 41 and 42 to skib blocking by external spam lists?
Code:
#EDIT#41:
#...
#....
#EDIT#42:
#  deny message = Email blocked by $dnslist_domain
#       hosts    = !+relay_hosts
#       domains = +use_rbl_domains
#       domains = !+skip_rbl_domains
#       !authenticated = *
#       dnslists = \
#       rhsbl.ahbl.org/$sender_address_domain
Is it correct?
 
One: somene will need to do a diff on my exim.pl file vs the one at DirectAdmin, and let me know what it is and I'll figure out the problem with the DirectAdmin exim.pl file. It's called community involvement, folks :).

Two: Blocking the EDIT#41 and EDIT#42 sections will disable blocking by all external blocklists. And increase your spam by tens of thousands of emails per week if your spam load is anything like mine.

Remember that anytime you change the exim.conf file you should restart exim.

Jeff
 
One: somene will need to do a diff on my exim.pl file vs the one at DirectAdmin, and let me know what it is and I'll figure out the problem with the DirectAdmin exim.pl file.

The only difference between your exim.pl and DA's exim.pl is with regards to limits (/etc/virtual/limit and /etc/virtual/usage/)

http://pastebin.com/1UHC8CPQ

Nobody posted one so I figured I would go ahead and clear that up.
 
The question now (and I'm not making any changes unti it's answered), is which is correct? I've always used the one from DirectAdmin; I just haven't caught it each time it's been updated.

So is there one that works with both my exim.conf file and with the one from DirectAdmin? If so, which? If not, why not.

Thanks!

Jeff
 
Today ive downlaoded the directadmin exim.pl for the limite_peruser featured that i needed and everything is working perfectly with SB4 configuraiton.

Regards
 
my mistake, didnt gave correct permission and in fact wasnt working (noticed cause email limit wasnt working).

The incoming email are refues
Code:
This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  [email protected]
    SMTP error from remote mail server after RCPT TO:<[email protected]>:
    host mail.crazynetwork.it [89.97.218.93]: 550-Verification failed for <[email protected]>
    550-Unrouteable address
    550 Sender verify failed

The receiver server (the one that host crazynetwork.it on error upon) log give:

Code:
2011-02-24 17:19:29 H=mail.reasonthat.com (w3service.reasonthat.com) [89.97.218.91] sender verify fail for <[email protected]>: Unrouteable address
2011-02-24 17:19:29 H=mail.reasonthat.com (w3service.reasonthat.com) [89.97.218.91] F=<[email protected]> rejected RCPT <[email protected]>: Sender verify failed

This is from exim reject log.

Any idea? I would like to use the per-user_email-limit but i cant update exim.pl aswell
 
Generally Sender verify failed means you've got exim.conf set to require sender verification, and for some reason DNS isn't resolving properly on your receiving server.

Jeff
 
Thanks for explanation.

But, when you say that my dns doesnt resolve correctly, what host exactly he doesnt resolv? mail.reasonthat.com or w3service.reasonthat.com?

>ping w3service.reasonthat.com
ping: unknown host w3service.reasonthat.com
>ping mail.reasonthat.com
PING mail.reasonthat.com (89.97.218.91) 56(84) bytes of data.

ok prolly doesnt resolve the server hostname.

Ive added that hostname to my /etc/hosts file for force the resolve and tryed send/receive email and it worked perfectly.

So, i can confirm that wasnt the exim.pl in my case but just a "too strong" configuration on exim.conf

jlasman, does you suggest to use sender-verify or is too enforced in those case?

Thanks for your time.

Regards
 
By the way, the curios part now is another one.. why with the exim.pl this error wasnt appearing and with the DA one it appeared?

Seems like that wasnt doing that check till now, cause i didnt change the conf file but just the pl one.

Very curios thing
 
Ok, this is strange, worked for about 2hours and now started again to reject email from same reason.

Any idea? Disabling verify = sender work perfectly.

Regards
 
verify = sender should do the following: for local senders: verify the user and domain exist; for non-local senders verify the sending domain exists.

Jeff
 
well, dont know how is possible but ive downloaded again the latest directadmin version of exim.pl and now everything seems to be working... really dont know how/why. No change has been applyed to the server from 1 week to today...
 
Oh this is very no-sense... after 20mins sender verify started to fail again without any reason (for me ofc).

Tryed from server a to server b and worked
tryed from server a to server b after 20mins and fail for sender verify

I had to disable that funciont in exim.conf again.. really no sense to me.
 
Which should I change? The documentation or the behavior? I recommend changing the documentation and leaving the behavior. Only the domain is checked, and not the full email address.

Anybody feel differently?

Jeff

I apologize for my late reply, I have gotten sidetracked by other projects.

It's my understanding that "require verify = sender" basically does a "test" e-mail to verify the sender user account at the sending MX, not just the domain.

There was a discussion previously to disable this, because many large e-mail hosts, such as AOL, GMail eventually frown upon this behavior. I think there is even a blacklist of servers that do this type of behavior.

Let me know if you want to see the specific threads and I can search around for them.

Edit: I just noticed SeLLeRoNe's post about sender verify causing issues, I think that might be a perfect example of an e-mail server blocking/ignoring sender verify requests.
 
verify = sender should do the following: for local senders: verify the user and domain exist; for non-local senders verify the sending domain exists.
Jeff

Doesn't seem to be doing that, just enabled it and restarted Exim, setup a bogus sender email, [email protected], and tried sending an email to a gmail account:

Code:
2011-03-03 13:36:44 1Pv7ls-0004Dp-AR <= [email protected] H=localhost (www.prism.nl) [127.0.0.1] P=esmtpa A=login:test S=800 [email protected] T="Test" from <[email protected]> for w******@gmail.com
2011-03-03 13:36:45 1Pv7ls-0004Dp-AR => w******@gmail.com F=<[email protected]> R=lookuphost T=remote_smtp S=831 H=gmail-smtp-in.l.google.com [74.125.79.27] X=TLSv1:RC4-SHA:128 C="250 2.0.0 OK 1299155805 w12si2184449eeh.80"
2011-03-03 13:36:45 1Pv7ls-0004Dp-AR Completed

Since the domain prismnonexistent.nl and the user nonexistent don't exist on this server or anywhere else for that matter, shouldn't Exim just bounce the mail directly back to me?
 
Back
Top