Mailing List Archive

On 11/19/21 14:53, russellbell--- via Exim-users wrote:
> I'm trying to configure a domain that has never accepted mail
> from external sources to start. The server runs exim, which I've
> never used. I send a message to the domain using its IP, for example
> fred@123.456.789.012.

That is not normally done.

Email addresses have two parts: localpart @ domain. The domain is usually a domain.

If you want to use an IP address it would normally be fred@[1.2.3.4] - the IP address goes in square brackets.

You can configure exim to accept mail sent to a particular IP address and translate that to a domain but I can only guess you don't really want to go through that trouble.

> exim returns:
>
> 'rejected RCPT : The mail server could not deliver mail to
> 'fred@123.456.789.012. The account or domain may not exist,
> 'they may be blacklisted, or missing the proper dns entries.'

We would of course need to see your exim configuration and relevant lines from your log files to understand exactly what happened, but in either case that doesn't matter because you're not doing this the right way,

> dig mx 123.456.789.012
IP addresses are not domain names. They can not have MX records.
>
> returns NXDOMAIN.
>
> fred gets and sends mail locally (sends it to remote
> addressees too), is not in the blacklist; 123.456.789.012 is a valid IP.
> Why does the message get to exim if the MX domain doesn't
> exist?

You haven't explained how the email was sent. Something contacted your exim. What was it?

But perhaps something decided that 123.456.789.012 is an IP address even though it wasn't in [ ] and attempted direct delivery.

It would be very likely to do so if you used a domain name. If there is any domain name that has an A record pointing to 123.456.789.012, it is likely to work much more often than using the IP address directly, even if it has no MX record.

> Since it gets to exim, is it possible to get exim to ignore
> the lack of a DNS entry for the domain and send fred the message?

Is fred a local user?

It would be a matter of setting up 123.456.789.012 as a local domain.

Again, if there is any DNS *name* that *points* to this server it would be a far more conventional setup.

SMTP servers will often try to find an A record, as a fallback, if no MX record exists.



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 2021-11-19, russellbell--- via Exim-users <exim-users@exim.org> wrote:
> I'm trying to configure a domain that has never accepted mail
> from external sources to start. The server runs exim, which I've
> never used. I send a message to the domain using its IP, for example
> fred@123.456.789.012. exim returns:
>
> 'rejected RCPT : The mail server could not deliver mail to
> 'fred@123.456.789.012. The account or domain may not exist,
> 'they may be blacklisted, or missing the proper dns entries.'
>
> dig mx 123.456.789.012
>
> returns NXDOMAIN.

MX is not required. do you have a DNS record for your domain
(like you claim in the subject) or do you only have an IP address?

You probably need to configure [123.456.789.012] as one of the domains
that exim accepts for. you may need to enable IP literal domains too.

--
Jasen.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Quoth Gedalya: 'That is not normally done.'
I know. I'm in a pinch.

'If you want to use an IP address it would normally be
fred@??? - the IP address goes in square brackets.'
My MTA (gmail) rejects the square-bracketed form; without them
the message gets to the target server.

'You can configure exim to accept mail sent to a particular IP
address and translate that to a domain but I can only guess you don't
really want to go through that trouble.'
Sounds good to me.

'IP addresses are not domain names.
Yes. I meant to say that it's a valid address.

'They can not have MX records.'
Why not? If an SMTP server at the address handles mail...

'If there is any domain name that has an A record pointing to
123.456.789.012, it is likely to work much more often than using the
IP address directly, even if it has no MX record.'
There is an A record, but there's also an MX record that
points to our mail server, a Microsoft Outlook thing: mail sent to it
won't arrive at the target server.

'Is fred a local user?'
Yes. He gets messages (local) every day.

'It would be a matter of setting up 123.456.789.012 as a local
domain.'
I added it to 'local_domains'.

Quoth Jasen Betts: 'You probably need to configure
[123.456.789.012] as one of the domains that exim accepts for.
In host_accept_relay ?

'you may need to enable IP literal domains too.'
Does local_domains_include_host_literals do this?

russell bell

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 2021-11-19, russellbell--- via Exim-users <exim-users@exim.org> wrote:

> 'IP addresses are not domain names.
> Yes. I meant to say that it's a valid address.

ok

> 'They can not have MX records.'
> Why not? If an SMTP server at the address handles mail...

then it dosn't need an MX record.

> 'If there is any domain name that has an A record pointing to
> 123.456.789.012, it is likely to work much more often than using the
> IP address directly, even if it has no MX record.'

> There is an A record, but there's also an MX record that
> points to our mail server, a Microsoft Outlook thing: mail sent to it
> won't arrive at the target server.

one way to avoid the need for ip literals is to make another MX record
(on a sub-domain) that points to the A record for this IP

> Quoth Jasen Betts: 'You probably need to configure
> [123.456.789.012] as one of the domains that exim accepts for.
> In host_accept_relay ?

could be local_domains (depending on how different your config is)

> 'you may need to enable IP literal domains too.'
> Does local_domains_include_host_literals do this?

Exim documetation says: allow_domain_literals, I don't know where that
one comes from.

--
Jasen.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 11/20/21 05:47, russellbell--- via Exim-users wrote:
> 'They can not have MX records.'
> Why not? If an SMTP server at the address handles mail...

If, let's say, a new top level domain (TLD) is created which is numerical, and of a value in the range of 0..255, say 128. for example, then you can register a numerical label below it.

You can then construct a domain name such as 128.128.128.128. It would not be an IP address. It is a domain name.

In your zone file you can put:

departmentofsilliness.gedalya.net.    3600    MX    10 mail.gedalya.net.

or, if a numerical TLD existed:

128.128.128.128.    3600    MX    10 mail.gedalya.net.

But no one will look it up if they were treating it as an IP address. It only makes sense to look up DNS things in DNS. If you're looking up an MX record for 128.128.128.128 then by definition it is not an IP address.

Now, of course a numeric TLD is not allowed, exactly because you want code to be able to easily guess if a string should be treated as an IP address, or a domain name that needs to be resolved to an IP address.

> 'If there is any domain name that has an A record pointing to
> 123.456.789.012, it is likely to work much more often than using the
> IP address directly, even if it has no MX record.'
> There is an A record, but there's also an MX record that
> points to our mail server, a Microsoft Outlook thing: mail sent to it
> won't arrive at the target server.

There is an MX record - for what domain?

If there is an A record like your.mail.server. then fred@your.mail.server can be made to work, by configuring your.mail.server. as a local domain in exim.

if a.b.c. has an MX record pointing to your mail server, that is:

a.b.c.    3600    MX    10 your.mail.server.

then fred@a.b.c can be made to work as well.

It sounds like you won't really need to worry about IP literals.



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Thanks for your help.

Quoth Jasen Betts, 'one way to avoid the need for ip literals
is to make another MX record (on a sub-domain) that points to the A
record for this IP'
I'd rather not do this. The message arrives at exim; it
should be able to deliver it.

# If you want to accept mail addressed to your host's literal IP address, for
# example, mail addressed to "user@[111.111.111.111]", then uncomment the
# following line, or supply the literal domain(s) as part of "local_domains"
# above.

# local_domains_include_host_literals

is in my exim.conf. I also added it to /etc/localdomains

I've made progress, gotten to this error:

2021-11-20 23:56:43.226 [27795] H=mail-oi1-f171.google.com [209.85.167.171]:33384 I=[123.456.789.012]:25 X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no F=<arthurbanana@gmail.com> rejected RCPT <fred@123.456.789.012>: Unrouteable address
2021-11-20 23:56:43.269 [27795] H=mail-oi1-f171.google.com [209.85.167.171]:33384 I=[123.456.789.012]:25 incomplete transaction (QUIT) from <arthurbanana@gmail.com>
2021-11-20 23:56:43.269 [27795] SMTP connection from mail-oi1-f171.google.com [209.85.167.171]:33384 I=[123.456.789.012]:25 closed by QUIT


and it's in the mainlog, not the rejectlog.

russell bell

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/