Cannot test domains condition in MAIL ACL

[ozgurerdogan]

One client can not recieve mail from a domain. Error is:


2022-05-17 17:21:31 H=out04.mse.xxx.it [62.77.33.19] X=TLS1.2:ECDHE-ECDSA-AES128-GCM-SHA256:128 CV=no temporarily rejected MAIL <[email protected]>: cannot test domains condition in MAIL ACL

Any idea?

 

[ozgurerdogan]

Here is fix for anyone in exim.conf.

From:

#EDIT#31:
accept sender_domains = +whitelist_domains
domains = +local_domains
logwrite = $sender_host_address whitelisted in local domains whitelist
set acl_m_is_whitelisted = 1

To:

#EDIT#31:
accept sender_domains = +whitelist_domains
logwrite = $sender_host_address whitelisted in local domains whitelist
set acl_m_is_whitelisted = 1

Will exim add "domains = +local_domains" line with next update?

 

[chronic]

I also had the same problem on 2 servers reported to me by clients.
For now I have commented the line as suggested by ozgurerdogan.

But how can I fix it for the future with the next updates of exim.conf?

I investigated and noticed that it also blocked me the report emails that arrive to me via sendmail from other servers (CSF alert, Logwatch ecc) and that instead before I received correctly I put the IP of the servers in /etc/virtual/whitelist_hosts_ip and which now seems to ignore

 

[ozgurerdogan]

I think we need to follow this.

 

[Richard G]

Will exim add "domains = +local_domains" line with next update?

You mean remove it, because it's there by default.
In your from -> to you remove the line too.

 

[ozgurerdogan]

You mean remove it, because it's there by default.
In your from -> to you remove the line too.

Did not understand you.

 

[Richard G]

What do you not understand? You ask if the line "domains = +local_domains" will be added in the next update.
But in your fix you did not add that line, you removed it. It's present by default.

So I ask you if you didn't mean to ask that the line "domains = +local_domains" would be removed in the next update, not added.

 

[Active8]

Will exim add "domains = +local_domains" line with next update?

This is introduced with the latest exim.conf, I am not sure why but updated anyway and have no problems (til now ?)
Maybe @DirectAdmin Support or @fln can explain why

--- 4.5.37/exim.conf-SpamBlockerTechnology-v4.5.37.txt 2022-02-09 16:57:36.622852994 -0700
+++ 4.5.38/exim.conf-SpamBlockerTechnology-v4.5.38.txt 2022-05-04 17:22:25.430236232 -0600
@@ -1,5 +1,5 @@
-# SpamBlockerTechnology* powered exim.conf, Version 4.5.37
-# December 10, 2020
+# SpamBlockerTechnology* powered exim.conf, Version 4.5.38
+# May 4, 2022
# Exim configuration file for DirectAdmin
# Requires exim.pl as distributed by DirectAdmin here:
# http://files.directadmin.com/services/exim.pl version 21 or higher
@@ -212,6 +212,7 @@

#EDIT#31:
accept sender_domains = +whitelist_domains
+ domains = +local_domains
logwrite = $sender_host_address whitelisted in local domains whitelist
set acl_m_is_whitelisted = 1
accept hosts = +whitelist_hosts

 

[Richard G]

This is introduced with the latest exim.conf

That's what I mean, it's already there by default. So I'm wondering now if they want to have it removed, or added because he asks for adding, but in the fix he removed it. So that works confusing.

It's indeed added in the last exim.conf version with this reason:

/etc/virtual/whitelist_domains must have a local recipient

So maybe this can conflict somehow when not using the local mailserver? Not sure.

 

[temporary]

#EDIT#31:
accept sender_domains = +whitelist_domains
domains = +local_domains
logwrite = $sender_host_address whitelisted in local domains whitelist
set acl_m_is_whitelisted = 1

accept if domain in whitelist_domains AND local_domains ?
deny if domain in whitelist_domains and NOT IN local_domains ?

 

[DirectAdmin Support]

Hi guys,

Thanks for the report. We've revoked version 4.5.38, please downgrade to 4.5.37.
If a better solution is found, we'll push 4.5.39.

John