I have the following rule for EXIM, mainly to block spoofed emails sent by forms/hacked websites on the server.
	
	
	
		
I have problems with ONE particular email address of a domain. All emails sent to this address are being blocked as per exim mainlog:
Actual emails redacted: Below log: Sending from [email protected] to [email protected] (thedomain.com) is hosted on the server. MX is pointed correctly, and the option "hosts mail on the server" is ticked. The domain is also present in the hosted_domains and the local_domains variables in exim.
I have tried sending from gmail, hotmail, etc addresses, all fail.
	
	
	
		
This happens to that ONE particular email, other emails of the same domain do not encounter this problem. There are no other settings for this email, no forwarders, vacation messages, etc. Very weird problem.
So from the log, I think it's hitting the acl_not_smtp rule above, but I don't know why an incoming mail would go through that rule.
				
			
		Code:
	
	discard
condition = ${if ! match_domain{${domain:${address:$h_From:}}}{+hosted_domains : +local_domains}}
message = sorry, you don't have\
permission to send email from this server with a header that\
states the email is from ${lc:${address:$h_From:}}.I have problems with ONE particular email address of a domain. All emails sent to this address are being blocked as per exim mainlog:
Actual emails redacted: Below log: Sending from [email protected] to [email protected] (thedomain.com) is hosted on the server. MX is pointed correctly, and the option "hosts mail on the server" is ticked. The domain is also present in the hosted_domains and the local_domains variables in exim.
I have tried sending from gmail, hotmail, etc addresses, all fail.
		Code:
	
	2019-12-30 15:24:53 1ilrID-0000Tu-LD <= [email protected] H=mail-lf1-f66.google.com [209.85.167.66] P=esmtps X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no S=3381 DKIM=gmail.com id=CA+ZeKJ-NBnOf85nFJkDSDSFMiM6dDMv6zZyRLccRHx1vWSGnpxa-V1g@mail.gmail.com T="Testing mail" from <[email protected]> for [email protected]
2019-12-30 15:24:53 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1ilrID-0000Tu-LD
2019-12-30 15:24:53 cwd=/tmp 4 args: /usr/sbin/exim -oMr spam-scanned -bS
2019-12-30 15:24:54 1ilrID-0000U7-Sy <= [email protected] U=mail P=spam-scanned S=3906 id=CA+ZeKJ-NBnOf85nFJkMiM6dDMv6zZyRLccRHx1vWSGnpxa-V1g@mail.gmail.com T="Testing mail" from <[email protected]> for [email protected]
2019-12-30 15:24:54 1ilrID-0000U7-Sy => blackhole (non-SMTP ACL discarded recipients): sorry, you don't havepermission to send email from this server with a header thatstates the email is from [email protected].
2019-12-30 15:24:54 1ilrID-0000U7-Sy Completed
2019-12-30 15:24:54 1ilrID-0000Tu-LD => someuser <[email protected]> F=<[email protected]> R=spamcheck_director T=spamcheck S=3778
2019-12-30 15:24:54 1ilrID-0000Tu-LD CompletedThis happens to that ONE particular email, other emails of the same domain do not encounter this problem. There are no other settings for this email, no forwarders, vacation messages, etc. Very weird problem.
So from the log, I think it's hitting the acl_not_smtp rule above, but I don't know why an incoming mail would go through that rule.