Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. exim>
  3. users
Weird bounces
exim-users at lists
Feb 23, 2024, 12:38 PM
Post #1 of 7 (121 views)
Permalink
The CLient is an Microsoft Outlook client.

The error being seen given the logs is


/var/log/exim/mainlog:2024-02-23 12:29:53.110 [2224] 1rdbF2-000000000Zs-3yMA <= info@domain H=(machine) [client]:16951 I=[outbound.server]:465 Ci=2224 P=esmtpsa L.- X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no SNI=outbound.server A=LOGIN:cleandry S=1222 M8S=0 RT=0.160s id*=E1rdbF2-000000000Zs-3yMA@outbound.server T="Microsoft Outlook Test Message" from <info@domain> for info@domain
/var/log/exim/mainlog:2024-02-23 12:29:53.262 [2255] 1rdbF2-000000000Zs-3yMA ** info@domain F=<info@domain> P=<root> R=dnslookup T=remote_smtp H=inbound.server [inbound.server.ip]:25 I=[outbound.server]:52978 X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="": SMTP error from remote mail server after pipelined MAIL FROM:<root> SIZE=2281: 501 <root>: sender address must contain a domain DT=0.132s
/var/log/exim/mainlog:2024-02-23 12:29:53.274 [2258] 1rdbF3-000000000aQ-1933 <= <> R=1rdbF2-000000000Zs-3yMA U=exim Ci=2258 P=local S=2742 M8S=0 RT=0.000s id*=E1rdbF3-000000000aQ-1933@outbound.server T="Mail delivery failed: returning message to sender" from <> for info@domain
/var/log/exim/mainlog:2024-02-23 12:31:49.196 [2260] 1rdbF3-000000000aQ-1933 => info@domain F=<> P=<> R=dnslookup T=remote_smtp S=2826 H=inbound.server [inbound.server.ip]:25 I=[outbound.server.ip]:27326 X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="" L C="250 OK id=1rdbGt-000000006AE-2z9Z" QT=1m55s DT=1m55s
/var/log/exim/mainlog:2024-02-23 12:46:55.501 [4148] 1rdbVX-0000000014u-15cv <= info@domain H=([IPv6:::ffff:192.168.1.246]) [98.97.162.107]:63873 I=[outbound.server.ip]:465 Ci=4148 P=esmtpsa L.- X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no SNI=smtp.nk.ca A=PLAIN:account S=2288 M8S=0 RT=0.148s id*=E1rdbVX-0000000014u-15cv@outbound.server T="test" from <info@domain> for recipient@domain
/var/log/exim/mainlog:2024-02-23 12:46:55.653 [4171] 1rdbVX-0000000014u-15cv ** recepient@domain F=<info@domain> P=<root> R=dnslookup T=remote_smtp H=inbound.server [inbound.server.ip]:25 I=[outbound.server.ip]:16312 X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="": SMTP error from remote mail server after pipelined MAIL FROM:<root> SIZE=3379: 501 <root>: sender address must contain a domain DT=0.132s
/var/log/exim/mainlog:2024-02-23 12:46:55.665 [4174] 1rdbVX-0000000015K-2mpj <= <> R=1rdbVX-0000000014u-15cv U=exim Ci=4174 P=local S=3793 M8S=0 RT=0.000s id*=E1rdbVX-0000000015K-2mpj@outbound.server T="Mail delivery failed: returning message to sender" from <> for info@domain
/var/log/exim/mainlog:2024-02-23 12:48:52.270 [4176] 1rdbVX-0000000015K-2mpj => info@domain F=<> P=<> R=dnslookup T=remote_smtp S=3910 H=inbound.server [inbound.server.ip]:25 I=[outbound.server.ip]:40136 X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="" L C="250 OK id=1rdbXO-000000006bA-2OFh" QT=1m56s DT=1m56s

--
Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
What worth the power of law that won't stop lawlessness? -unknown

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Weird bounces [ In reply to ]
exim-users at lists
Feb 24, 2024, 6:52 AM
Post #2 of 7 (121 views)
Permalink
On 23/02/2024 20:38, The Doctor via Exim-users wrote:
> /var/log/exim/mainlog:2024-02-23 12:29:53.262 [2255]
> 1rdbF2-000000000Zs-3yMA ** info@domain F=<info@domain>
> P=<root> R=dnslookup T=remote_smtp H=inbound.server
> [inbound.server.ip]:25 I=[outbound.server]:52978
> X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="": SMTP error from remote
> mail server after pipelined MAIL FROM:<root> SIZE=2281: 501
> <root>: sender address must contain a domain DT=0.132s

Seems fairly plain. The system you are obfuscating as "inbound server"
will not accept a sender address of just "root".

It's unclear if it's talking about the envelope From or the
headers From: - but in any case, you could check the configuration
and logs of that system.

And you could consider whether for this source of messages you
should have your Exim configured to use "submission mode",
so that bare names get qualified - because you need to act
as an MSA rather than an MTA. For these messages only.
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Weird bounces [ In reply to ]
exim-users at lists
Feb 24, 2024, 7:02 AM
Post #3 of 7 (121 views)
Permalink
Config question

I want to enable DKIM check for some local users/domains but not all,
not really sure how to do this, I've got this

acl_smtp_dkim:
#does not work

#domains = /etc/mail/mylocaldomainswiththisenabled

     deny dkim_status = fail
           message = DKIM validation failed: $dkim_verify_status
            log_message = DKIM validation failed: $dkim_verify_status \
                (address=$sender_address, domain=$dkim_cur_signer), \
                signature is bad
    defer dkim_status = invalid
            message = DKIM signature invalid: $dkim_verify_status
            log_message = DKIM signature invalid: $dkim_verify_status \
                (address=$sender_address, domain=$dkim_cur_signer), \
                invalid signature
    accept
            # Add an X-DKIM header to the message
            add_header = :at_start: X-DKIM: DKIM validation passed: \
                (address=$sender_address domain=$dkim_cur_signer), \
                signature is good
            logwrite = DKIM validation passed

Also another config question. This will not work if a user sends an
email, with gmail.com as sender but via another smtp (and therefore the
DKIM is not in the header). How can I enable so all gmail.com senders
are validated and if no DKIM, rejected?

    warn sender_domains = gmail.com
       dkim_signers = gmail.com
        dkim_status = none
        log_message = GMail sender without gmail.com DKIM signature


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Weird bounces [ In reply to ]
exim-users at lists
Feb 24, 2024, 7:53 AM
Post #4 of 7 (121 views)
Permalink
On Sat, Feb 24, 2024 at 02:52:16PM +0000, Jeremy Harris via Exim-users wrote:
> On 23/02/2024 20:38, The Doctor via Exim-users wrote:
> > /var/log/exim/mainlog:2024-02-23 12:29:53.262 [2255]
> > 1rdbF2-000000000Zs-3yMA ** info@domain F=<info@domain>
> > P=<root> R=dnslookup T=remote_smtp H=inbound.server
> > [inbound.server.ip]:25 I=[outbound.server]:52978
> > X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="": SMTP error from remote
> > mail server after pipelined MAIL FROM:<root> SIZE=2281: 501
> > <root>: sender address must contain a domain DT=0.132s
>
> Seems fairly plain. The system you are obfuscating as "inbound server"
> will not accept a sender address of just "root".
>
> It's unclear if it's talking about the envelope From or the
> headers From: - but in any case, you could check the configuration
> and logs of that system.
>
> And you could consider whether for this source of messages you
> should have your Exim configured to use "submission mode",
> so that bare names get qualified - because you need to act
> as an MSA rather than an MTA. For these messages only.

Do you need the confog file and if so,
how to get rid of comments?

> --
> Cheers,
> Jeremy
>
>
> --
> ## subscription configuration (requires account):
> ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@lists.exim.org
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

--
Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
What worth the power of law that won't stop lawlessness? -unknown

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Weird bounces [ In reply to ]
exim-users at lists
Feb 24, 2024, 8:07 AM
Post #5 of 7 (121 views)
Permalink
On 24/02/2024 15:53, The Doctor via Exim-users wrote:
> Do you need the confog file and if so,
> how to get rid of comments?

My rates for consultancy engagments are...
probably more than you want to pay.

You've been doing this for long enough
to know where the docs are.
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Weird bounces [ In reply to ]
exim-users at lists
Feb 24, 2024, 8:18 AM
Post #6 of 7 (121 views)
Permalink
On Sat, Feb 24, 2024 at 08:53:17AM -0700, The Doctor via Exim-users wrote:
> On Sat, Feb 24, 2024 at 02:52:16PM +0000, Jeremy Harris via Exim-users wrote:
> > On 23/02/2024 20:38, The Doctor via Exim-users wrote:
> > > /var/log/exim/mainlog:2024-02-23 12:29:53.262 [2255]
> > > 1rdbF2-000000000Zs-3yMA ** info@domain F=<info@domain>
> > > P=<root> R=dnslookup T=remote_smtp H=inbound.server
> > > [inbound.server.ip]:25 I=[outbound.server]:52978
> > > X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="": SMTP error from remote
> > > mail server after pipelined MAIL FROM:<root> SIZE=2281: 501
> > > <root>: sender address must contain a domain DT=0.132s
> >
> > Seems fairly plain. The system you are obfuscating as "inbound server"
> > will not accept a sender address of just "root".
> >
> > It's unclear if it's talking about the envelope From or the
> > headers From: - but in any case, you could check the configuration
> > and logs of that system.
> >
> > And you could consider whether for this source of messages you
> > should have your Exim configured to use "submission mode",
> > so that bare names get qualified - because you need to act
> > as an MSA rather than an MTA. For these messages only.
>
> Do you need the confog file and if so,
> how to get rid of comments?
>

I tried swithcing from 465 to 587, and same result.

> > --
> > Cheers,
> > Jeremy
> >
> >
> > --
> > ## subscription configuration (requires account):
> > ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> > ## unsubscribe (doesn't require an account):
> > ## exim-users-unsubscribe@lists.exim.org
> > ## Exim details at http://www.exim.org/
> > ## Please use the Wiki with this list - http://wiki.exim.org/
>
> --
> Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
> Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
> Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
> What worth the power of law that won't stop lawlessness? -unknown
>
> --
> ## subscription configuration (requires account):
> ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@lists.exim.org
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

--
Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
What worth the power of law that won't stop lawlessness? -unknown

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: Weird bounces [ In reply to ]
exim-users at lists
Feb 24, 2024, 9:23 AM
Post #7 of 7 (121 views)
Permalink
On Sat, Feb 24, 2024 at 09:17:19AM -0700, The Doctor wrote:
> On Sat, Feb 24, 2024 at 08:53:17AM -0700, The Doctor via Exim-users wrote:
> > On Sat, Feb 24, 2024 at 02:52:16PM +0000, Jeremy Harris via Exim-users wrote:
> > > On 23/02/2024 20:38, The Doctor via Exim-users wrote:
> > > > /var/log/exim/mainlog:2024-02-23 12:29:53.262 [2255]
> > > > 1rdbF2-000000000Zs-3yMA ** info@domain F=<info@domain>
> > > > P=<root> R=dnslookup T=remote_smtp H=inbound.server
> > > > [inbound.server.ip]:25 I=[outbound.server]:52978
> > > > X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no DN="": SMTP error from remote
> > > > mail server after pipelined MAIL FROM:<root> SIZE=2281: 501
> > > > <root>: sender address must contain a domain DT=0.132s
> > >
> > > Seems fairly plain. The system you are obfuscating as "inbound server"
> > > will not accept a sender address of just "root".
> > >
> > > It's unclear if it's talking about the envelope From or the
> > > headers From: - but in any case, you could check the configuration
> > > and logs of that system.
> > >
> > > And you could consider whether for this source of messages you
> > > should have your Exim configured to use "submission mode",
> > > so that bare names get qualified - because you need to act
> > > as an MSA rather than an MTA. For these messages only.
> >
> > Do you need the confog file and if so,
> > how to get rid of comments?
> >
>
> I tried switching from port 465 to 587 and still the same result.
>

When I do a cat file | exim -v -f info@domain root@system

I get

info@domain U=root Ci=94661 P=local S=6393 M8S=0 RT=0.000s id*=E1rdvUB-00000000Ocn-2pHZ@outbound
LOG: MAIN
cwd=/var/spool/exim 4 args: /usr/local/sbin/exim -v -Mc 1rdvUB-00000000Ocn-2pHZ
delivering 1rdvUB-00000000Ocn-2pHZ
Connecting to target [192.168.81.1]:25 ... TFO mode connection attempt to 192.168.81.1, 0 data
connected
SMTP<< 220 target ESMTP Exim 4.97.1 Sat, 24 Feb 2024 10:06:51 -0700
SMTP>> HELO gallifrey.nk.ca
SMTP<< 250 target Hello inbound [192.168.81.3]
SMTP>> MAIL FROM:<root>
SMTP<< 501 <root>: sender address must contain a domain
SMTP+> QUIT
SMTP(shutdown)>>
SMTP<< 221 target closing connection
SMTP(close)>>
cmdlog: '220:HELO:250:MAIL:501:QUIT:221'
LOG: MAIN
** admin F=<info@domain> P=<root> R=dnslookup T=remote_smtp H=inbound target [192.168.81.1]:25 I=[192.168.81.3]:38011: SMTP error from remote mail server after MAIL FROM:<root>: 501 <root>: sender address must contain a domain DT=0.113s
LOG: MAIN
cwd=/var/spool/exim 8 args: /usr/local/sbin/exim -v -t -oem -oi -f <> -E1rdvUB-00000000Ocn-2pHZ
LOG: MAIN
<= <> R=1rdvUB-00000000Ocn-2pHZ U=exim Ci=94666 P=local S=7875 M8S=0 RT=0.000s id*=E1rdvUB-00000000Ocs-3SLn@gallifrey.nk.ca T="Mail delivery failed: returning message to sender"
LOG: MAIN
Completed QT=0.153s
LOG: MAIN
cwd=/var/spool/exim 4 args: /usr/local/sbin/exim -v -Mc 1rdvUB-00000000Ocs-3SLn
delivering 1rdvUB-00000000Ocs-3SLn
Connecting to target server [192.168.81.1]:25 ... TFO mode connection attempt to 192.168.81.1, 0 data
connected



--
Member - Liberal International This is doctor@nk.ca Ici doctor@nk.ca
Yahweh, King & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism ; unsubscribe from Google Groups to be seen
What worth the power of law that won't stop lawlessness? -unknown

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal