Pkg exim4 users - Jul 2007 - acl: RCPT; logs: garbage (questions)

First of all, thanks for wonderful package maintenance, guys.

First question, is there any hidden sense in accepting any local mail
without checking local part? It seems to me non, thus asking.

I.e.

| -*- conf -*
acl_check_rcpt:

  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
  # testing for an empty sending host field.
  accept
    hosts = :
...
| -*-

Instead of doing first

| -*-
acl_check_rcpt:

  require
      verify = recipient
...
| -*-

Second. Is there easy way of getting rid of garbage like this?

| -*- garbage -*-

2007-07-06 17:16:26 SMTP protocol synchronization error (next input sent too so
on: pipelining was advertised): rejected "</p>"
H=(mx5.biz.mail.yahoo.com) [85.
108.174.88] next input="  <p align=3D"left">We offer a free
gift box with every
 VIP wat<span style=\r\n=3D"FONT-SIZE: 2px; FLOAT: right; COLOR:
white"> unl </
span>ch ordered. Y"

| -*-

Thanks.
____

On Sun, Jul 08, 2007 at 09:32:08AM +0000, Oleg Verych
wrote:
> First question, is there any hidden sense in accepting any local mail
> without checking local part? It seems to me non, thus asking.
> 
> I.e.
> 
> | -*- conf -*
> acl_check_rcpt:
> 
>   # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this
by
>   # testing for an empty sending host field.
>   accept
>     hosts = :
> ...
That is taken verbatim from upstream''s example configuration. I
suspect that they want to ensure that locally generated undeliverable
mail (which might originate from a program which might not be prepared
to queue mail or process error message) generates a bounce to catch
the operator''s attention.

For the same reason, our configuration accepts mail from authenticated
senders before doing recipient verification, as many "user-friendly"
MUAs do not show the SMTP error message to the user.

I am more astonisched that we actually do sender verification even for
authenticated senders; I''d have expected these to be accepted and
bounced as well.
> 
> Instead of doing first
> 
> | -*-
> acl_check_rcpt:
> 
>   require
>       verify = recipient
> ...
> | -*-
I do not think that this makes sense for the default configuration. It
might make sense for some local configurations, but the local admin is
invited to adapt the configuration to her needs.
> Second. Is there easy way of getting rid of garbage like this?
> 
> | -*- garbage -*-
> 
> 2007-07-06 17:16:26 SMTP protocol synchronization error (next input sent
too so
> on: pipelining was advertised): rejected "</p>"
H=(mx5.biz.mail.yahoo.com) [85.
> 108.174.88] next input="  <p align=3D"left">We offer a
free gift box with every
>  VIP wat<span style=\r\n=3D"FONT-SIZE: 2px; FLOAT: right; COLOR:
white"> unl </
> span>ch ordered. Y"
Not that I am aware of.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don''t trust Computers. They | Mailadresse
im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190

> For the same reason, our configuration accepts mail from authenticated
> senders before doing recipient verification, as many
"user-friendly"
> MUAs do not show the SMTP error message to the user.
>
> I am more astonisched that we actually do sender verification even for
> authenticated senders; I''d have expected these to be accepted and
> bounced as well.
Isn''t it struggling with symptoms, not the cause?
>> 
>> Instead of doing first
>> 
>> | -*-
>> acl_check_rcpt:
>> 
>>   require
>>       verify = recipient
>> ...
>> | -*-
>
> I do not think that this makes sense for the default configuration. It
> might make sense for some local configurations, but the local admin is
> invited to adapt the configuration to her needs.
Yea. She have full power over her servers :)
>> Second. Is there easy way of getting rid of garbage like this?
>> 
>> | -*- garbage -*-
>> 
>> 2007-07-06 17:16:26 SMTP protocol synchronization error (next input
sent too so
>> on: pipelining was advertised): rejected "</p>"
H=(mx5.biz.mail.yahoo.com) [85.
>> 108.174.88] next input="  <p align=3D"left">We
offer a free gift box with every
>>  VIP wat<span style=\r\n=3D"FONT-SIZE: 2px; FLOAT: right;
COLOR: white"> unl </
>> span>ch ordered. Y"
>
> Not that I am aware of.
Do you think, that patches are welcome?
____

On Mon, Jul 09, 2007 at 01:06:19PM +0000, Oleg Verych
wrote:
> > For the same reason, our configuration accepts mail from authenticated
> > senders before doing recipient verification, as many
"user-friendly"
> > MUAs do not show the SMTP error message to the user.
> >
> > I am more astonisched that we actually do sender verification even for
> > authenticated senders; I''d have expected these to be accepted
and
> > bounced as well.
> 
> Isn''t it struggling with symptoms, not the cause?
How do you fix the cause of misconfigured local services?

Anyway, I do not intend to move away from upstream''s standard
configuration in this regard for the package.
> >> 2007-07-06 17:16:26 SMTP protocol synchronization error (next
input sent too so
> >> on: pipelining was advertised): rejected "</p>"
H=(mx5.biz.mail.yahoo.com) [85.
> >> 108.174.88] next input="  <p
align=3D"left">We offer a free gift box with every
> >>  VIP wat<span style=\r\n=3D"FONT-SIZE: 2px; FLOAT: right;
COLOR: white"> unl </
> >> span>ch ordered. Y"
> >
> > Not that I am aware of.
> 
> Do you think, that patches are welcome?
What do you intend do patch? I think that it makes sense to log
whatever caused the connection to be dropped.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don''t trust Computers. They | Mailadresse
im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190

>> >> 2007-07-06 17:16:26 SMTP protocol synchronization error (next
input sent too so
>> >> on: pipelining was advertised): rejected
"</p>" H=(mx5.biz.mail.yahoo.com) [85.
>> >> 108.174.88] next input="  <p
align=3D"left">We offer a free gift box with every
>> >>  VIP wat<span style=\r\n=3D"FONT-SIZE: 2px; FLOAT:
right; COLOR: white"> unl </
>> >> span>ch ordered. Y"
>> >
>> > Not that I am aware of.
>> 
>> Do you think, that patches are welcome?
>
> What do you intend do patch? I think that it makes sense to log
> whatever caused the connection to be dropped.
SMTP commands have limited, small length. But what i see in the logs
is kind of referrer spam of HTTP server''s logs. And AFAIK Apache have
a disable option for that.
____

On Mon, Jul 09, 2007 at 01:26:09PM +0000, Oleg Verych
wrote:
> >> >> 2007-07-06 17:16:26 SMTP protocol synchronization error
(next input sent too so
> >> >> on: pipelining was advertised): rejected
"</p>" H=(mx5.biz.mail.yahoo.com) [85.
> >> >> 108.174.88] next input="  <p
align=3D"left">We offer a free gift box with every
> >> >>  VIP wat<span style=\r\n=3D"FONT-SIZE: 2px;
FLOAT: right; COLOR: white"> unl </
> >> >> span>ch ordered. Y"
> >> >
> >> > Not that I am aware of.
> >> 
> >> Do you think, that patches are welcome?
> >
> > What do you intend do patch? I think that it makes sense to log
> > whatever caused the connection to be dropped.
> 
> SMTP commands have limited, small length. But what i see in the logs
> is kind of referrer spam of HTTP server''s logs. And AFAIK Apache
have
> a disable option for that.
I do not intend to patch this in Debian. I would like to suggest that
you submit a patch upstream which will then be included in Debian with
the appropriate upstream release.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don''t trust Computers. They | Mailadresse
im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190

Hi everybody,

I''m using Exim4 on Debian Sarge.
Since today my mailserver began to block all e-mails in and out, claiming it
was relayed from blocked IP''s in my dnslists-variable (located in
conf.d/acl/30_exim4-config_check_rcpt)

Typical messages returned were like;

When sending e-mail out:
	<my domain #5.5.0 smtp;550-Message rejected because (my domain)
[000.000.000.000] is blacklisted at>
	(at the zeros my originating IP# was filled in.)

When sending e-mail in from other domains such as hotmail.com:

	Reporting-MTA: dns;bay0-omc2-s9.bay0.hotmail.com
	Received-From-MTA: dns;BAY106-W13
	Arrival-Date: Mon, 9 Jul 2007 11:44:32 -0700

	Final-Recipient: rfc822;my-local at email.address
	Action: failed
	Status: 5.5.0
	Diagnostic-Code: smtp;550-Message rejected because
(bay0-omc2-s9.bay0.hotmail.com) [65.54.246.145] is
	550 blacklisted at list.dsbl.org see

In my exim4 logfiles, I indeed witnessed all e-mails being blocked for being
blacklisted at one of the hosts in my dnslists-variable.

Only after I replaced this value in the above mentioned file in;
	dnslists = 
	(no servers listed at all)
mails were going in and out again (I know have an highly increased spamcount
ofcourse).

Adding back servers one by one only resulted in all e-mails bouncing due to
that specific server.
When all servers were listed, mails just bounced by all servers randomly.

This problem really freaks me out, so I hope it''s something known.

Hope to hear from someone.

Kind regards,
Thijs

On Mon, Jul 09, 2007 at 09:06:53PM +0200, Thijs Koetsier
wrote:
> I''m using Exim4 on Debian Sarge.
> Since today my mailserver began to block all e-mails in and out, claiming
it
> was relayed from blocked IP''s in my dnslists-variable (located in
> conf.d/acl/30_exim4-config_check_rcpt)
> 
> Typical messages returned were like;
> 
> When sending e-mail out:
> 	<my domain #5.5.0 smtp;550-Message rejected because (my domain)
> [000.000.000.000] is blacklisted at>
> 	(at the zeros my originating IP# was filled in.)
http://www.exim.org/eximwiki/DontObfuscate
> When sending e-mail in from other domains such as hotmail.com:
> 
> 	Reporting-MTA: dns;bay0-omc2-s9.bay0.hotmail.com
> 	Received-From-MTA: dns;BAY106-W13
> 	Arrival-Date: Mon, 9 Jul 2007 11:44:32 -0700
> 
> 	Final-Recipient: rfc822;my-local at email.address
> 	Action: failed
> 	Status: 5.5.0
> 	Diagnostic-Code: smtp;550-Message rejected because
> (bay0-omc2-s9.bay0.hotmail.com) [65.54.246.145] is
> 	550 blacklisted at list.dsbl.org see
> 
> In my exim4 logfiles, I indeed witnessed all e-mails being blocked for
being
> blacklisted at one of the hosts in my dnslists-variable.
At which of the hosts? How was that DNSBL behaving at the time you
experienced this? Did you try manual queries, maybe also from a
different site (such as http://rbls.org/)?
> Adding back servers one by one only resulted in all e-mails bouncing due to
> that specific server.
Which specific server? You are holding back all information that might
be enable people to help you.
> When all servers were listed, mails just bounced by all servers randomly.
What happened when you listed only that single entry?

Oh yes, and, please, do not hijack threads. Open your own.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don''t trust Computers. They | Mailadresse
im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190