Incoming email blocked/discarded by acl_not_smtp rule


Verified User
Aug 30, 2019
I have the following rule for EXIM, mainly to block spoofed emails sent by forms/hacked websites on the server.

condition = ${if ! match_domain{${domain:${address:$h_From:}}}{+hosted_domains : +local_domains}}
message = sorry, you don't have\
permission to send email from this server with a header that\
states the email is from ${lc:${address:$h_From:}}.
I have problems with ONE particular email address of a domain. All emails sent to this address are being blocked as per exim mainlog:
Actual emails redacted: Below log: Sending from to ( is hosted on the server. MX is pointed correctly, and the option "hosts mail on the server" is ticked. The domain is also present in the hosted_domains and the local_domains variables in exim.

I have tried sending from gmail, hotmail, etc addresses, all fail.

2019-12-30 15:24:53 1ilrID-0000Tu-LD <= [] P=esmtps X=TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no S=3381 T="Testing mail" from <> for
2019-12-30 15:24:53 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1ilrID-0000Tu-LD
2019-12-30 15:24:53 cwd=/tmp 4 args: /usr/sbin/exim -oMr spam-scanned -bS
2019-12-30 15:24:54 1ilrID-0000U7-Sy <= U=mail P=spam-scanned S=3906 T="Testing mail" from <> for
2019-12-30 15:24:54 1ilrID-0000U7-Sy => blackhole (non-SMTP ACL discarded recipients): sorry, you don't havepermission to send email from this server with a header thatstates the email is from
2019-12-30 15:24:54 1ilrID-0000U7-Sy Completed
2019-12-30 15:24:54 1ilrID-0000Tu-LD => someuser <> F=<> R=spamcheck_director T=spamcheck S=3778
2019-12-30 15:24:54 1ilrID-0000Tu-LD Completed
This happens to that ONE particular email, other emails of the same domain do not encounter this problem. There are no other settings for this email, no forwarders, vacation messages, etc. Very weird problem.

So from the log, I think it's hitting the acl_not_smtp rule above, but I don't know why an incoming mail would go through that rule.