Email Problems after upgrade from FBSD 5.2.1 -> 5.3

damn

Verified User
Joined
Nov 30, 2004
Messages
101
Hi,

I had somebody upgrade my box from 5.2.1 to 5.3.

I have issues with the way incorrect email addresses are dealt with. When I say incorrect I mean the domain IS valid and hosted on this box, but the actual account name is wrong.

What should be done is when the box receives mail for a non existant email account the box should reply back saying the mail was not delivered, and the reason why like "account does not exist" or something like that.

The way the machine behaves now, since the upgrade, is different for:

a) domains that were on the server BEFORE the upgrade
b) domains created AFTER the upgrade.

This can be tested by sending an email, from an external server, with two recipients, one of type A and one of type B (above).

Ie: mail sent to:
[email protected] (type A)
&
[email protected] (type B)

The results are for each:

a) bounce backs do NOT work at all. The server :blackhole:'s the email
b) bounce back is NOT issued, but exim does not accept mail from sending server, and sending server issues a bounceback with:

Code:
Final-Recipient: rfc822; [email][email protected][/email]
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; host mail.xxx.com.au[xxx.xxx.xxx.xxx] said:
    550  (in reply to RCPT TO command)


So at least with point 'B' the people know their mail has not been sent, although they don't know why.

But in point 'A' nobody knows they got the email address wrong, which is bad.

Exim Mainlog of this:

Code:
2005-04-16 12:41:55 H=smtp.external.com.au [xxx.xxx.xxx.xxx] F=<[email protected]> rejected RCPT <[email protected]>: 
2005-04-16 12:41:56 1DMdFr-000L4i-Uo <= [email][email protected][/email] H=smtp.external.com.au [xxx.xxx.xxx.xxx] P=esmtp S=3614 [email protected] T="Non Exist" from <[email protected]> for [email][email protected][/email]
2005-04-16 12:41:56 H=smtp.external.com.au [xxx.xxx.xxx.xxx] incomplete transaction (RSET) from <[email protected]>
2005-04-16 12:41:58 1DMdFt-000L4r-DQ <= <> H=smtp.external.com.au [xxx.xxx.xxx.xxx] P=esmtp S=5428 [email protected] T="Undelivered Mail Returned to Sender" from <> for [email][email protected][/email]
2005-04-16 12:42:06 1DMdFs-000L4m-8u <= [email][email protected][/email] U=mail P=spam-scanned S=6064 [email protected] T="*****SPAM***** Non Exist" from <[email protected]> for [email][email protected][/email]
2005-04-16 12:42:06 1DMdFs-000L4m-8u => :blackhole: <[email protected]> R=virtual_aliases
2005-04-16 12:42:06 1DMdFs-000L4m-8u Completed
2005-04-16 12:42:06 1DMdFr-000L4i-Uo => nonexist <[email protected]> F=<[email protected]> R=spamcheck_director T=spamcheck S=5984
2005-04-16 12:42:06 1DMdFr-000L4i-Uo Completed

Hopefully I have made it clear enough :confused: your assistance would be greatly appreciated.
 
Hello,

Check your /etc/virtual/domain.com/aliases file. Check the value of *. If it's set to ":fail:" then a bounce will be sent. If it's set to ":blackhole:" then nothing really happens anywhere (no bounce, and nothing is saved). If it's set to another email address, then the email will be forwarded there.

John
 
Thanks for the prompt reply.

Okay - it seems that prior to the upgrade that the default was :
*: :blackhole:

After the upgrade, the default for all new domains is:
*: :fail:

Okay - my two questions are:

1) The :fail: doesn't work, as instead of getting a bounce, I get this:

Code:
This is the Postfix program at host externalsmtp.somebody.net.au.

I'm sorry to have to inform you that your message could not be be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can delete your own text from the attached returned message.

			The Postfix program

<[email protected]>: host mail.domain.com.au[xx.xx.xx.xx]
    said: 550  (in reply to RCPT TO command)

So how do I get exim to actually report that the email address does not exist, instead of the reply it gives now?

2) Where is the default setting for this? It looks like it doesn't matter now as I want the default to be :fail:
 
The fail does work; the message you've included in your post is a bounce being sent to you by your mailserver, when it get's told by exim that the email is undeliverable.

What I don't understand is why exim is sending just the "550" error message and not one that's human readable.

Are you using the standard exim.conf file?

Jeff
 
jlasman said:
What I don't understand is why exim is sending just the "550" error message and not one that's human readable.

Are you using the standard exim.conf file?

Jeff

Jeff,

I believe so, but after having two different server management companies work on the system, I can't be 100% sure. I have been told that we are running the standard exim.conf with the spam assassin lines uncommented out.

What part of the exim.conf relates to this & I will post the contents here?
 
Last edited:
I'm not sure and I don't have time to test right now :( .

I'd suggest running exim in the diagnostic mode where you'll see everything it does through the exim.conf file.

Unfortunately I don't have the time to look up how to do that either :( .

Jeff
 
Hello,

I just spent several hour debugging another server that had troubles after he upgraded the kernel from 4.10 to 4.11. The fix was to upgrade exim to a newer version. Not sure exactly what the problem was with the old one, but 4.50 made the problem dissapear. Try upgrading exim.

John
 
Exim was upgraded to 4.5 as part of the OS upgrade, this is when this started.
 
I believe a solution might be to look for the template used that defines the aliases file for new accounts.
 
Okay well further investigation has shown that the issue is NOT different between old & new domains.

I was wrong about this, I went in the wrong direction as I had some accounts that were setup before the OS upgrade, that when I went to add email accounts for them - the results were varied.

Deleting these accounts, and re-creating solved this.


The only real problem is that when somebody tries to send mail to a non existant mail address, the server responds only with:
where I believe it should give some kind of explanation along with it.

So where is this defined?
 
Last edited:
It should be in the exim.conf file, which I'm currently reworking.

I've looked for the issue and haven't found it yet, but I'm still looking.

When I've found all the little issues such as this one, and refined how the various SpamBlocker features work, I'll offer it to JBMC staff.

Jeff
 
Jeff,

Now we're getting somewhere. Looking through exim.conf I see this:

accept hosts = +relay_hosts
accept hosts = +auth_relay_hosts
endpass
message = authentication required
authenticated = *
deny message = relay not permitted

Which looks like the right area, as exim will issue a 550 relay not permitted - but no explanation to go with a 550 when the mailbox doesn't exist.

But I'm happy now, its not just my installation:

Correct replies: (from your mail server)
220 da1.ns-one.net ESMTP Exim 4.24 Mon, 25 Apr 2005 21:42:17 -0700
helo m
250 da1.ns-one.net Hello damn.damn.net.au [203.xxx.xx.xxx]
mail from:[email protected]
250 OK
rcpt to:[email protected]
550-Verification failed for <[email protected]>
550-Unrouteable address
550 Sender verify failed

And the 'no explanation 550 response' which is my problem - except this is from your mail server:
220 da1.ns-one.net ESMTP Exim 4.24 Mon, 25 Apr 2005 21:37:29 -0700
helo me
250 da1.ns-one.net Hello damn.damn.net.au [203.xxx.xx.xxx]
mail from: [email protected]
250 OK
rcpt to: [email protected]
550

Although, I thought I was running 4.5 (that's what I was told) but apparently not:
coolio# exim -bV
Exim version 4.42 #1 built 09-Sep-2004 13:19:22
Copyright (c) University of Cambridge 2004
Probably Berkeley DB version 1.8x (native mode)
Support for: Perl OpenSSL
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Contains exiscan-acl patch revision 27 (c) Tom Kistner [http://duncanthrax.net/exiscan/]
Configuration file is /etc/exim.conf

So does this mean that everybody running the same exim.conf as you and I both are (even though we are running different versions of exim) are in the same suitation?
 
damn said:
So does this mean that everybody running the same exim.conf as you and I both are (even though we are running different versions of exim) are in the same suitation?
I believe so, but I don't think it's part of the exim.conf file, as I believe it worked in the past.

May I post your examples on exim-users ?

Anyone else with any ideas?

Jeff
 
Last edited:
Is it wrong of me to think that given this issue relates to DirectAdmin, and given I have a paid up licience, that waiting for somebody external to DA to fix the problem is not on?

I'm not having a go at Jeff, I totally apprecaite his efforts, but waiting on a forum user to fix the problem is not the way to go.

Am I wrong here?
 
No you not alone in your thoughts, I have already posted my concerns.

The unrouteable error I have seen John tell people to update their exim.pl file.

Here is my config from a FreeBSD 5.3 server running exim 4.51, config supports clamav and spamassassin per user config.

Config based on latest spamblocker then I edited for user based spamassassin and added interfasys config for exiscan support.

exim config
 
Last edited:
Hello,

I think I may have found the spot. Find this section:
Code:
# accept if address is in a local domain as long as recipient can be verified
  accept  domains = +local_domains
          endpass
          verify = recipient
and then change it to
Code:
# accept if address is in a local domain as long as recipient can be verified
  accept  domains = +local_domains
          endpass
          [b]message = "Unknown User"[/b]
          verify = recipient
Then restart exim. Let me know if that does it, and I'll change our default exim.conf.

John
 
DirectAdmin Support said:
Hello,

Let me know if that does it, and I'll change our default exim.conf.

John


BINGO JOHN!!!

That's it mate - update away :)
 
Back
Top