Mailing List Archive

On Fri, 19 Jul 2002, Cam Ellison wrote:

> I get email from two sources, my own domain which uses a dynamic dns
> assignment (through dyndns.org) and from my ISP (dccnet.com). Until
> yesterday, when I attempted to upgrade to exim 4.05 (I am currently
> using 3.35 as part of Debian woody), everything worked fine (except,
> as Nigel can tell you, when spamassassin got out of hand). I had to
> re-install 3.35, and tidied up the spamassassin contents of exim.conf,
> and ever since, though mail to my domain comes through fine,
> everything coming from dccnet.com (via fetchmail) gets bounced. I
> have searched through the archives, but nothing seems to deal with
> this, nor can I find anything in the FAQ. I'm sure it's a simple
> matter, but at the moment I'm too thick to see it.
>
> Here is an example:
>
> Your message has encountered delivery problems to the following
> recipient(s):
>
> root@localhost
> Delivery failed
>
> Unable to deliver to destination domain
> Mail server at localhost [127.0.0.1] has the same MailSite serial
> number (32073) as this machine.

A "MailSite serial number" doesn't sound like an exim thing;
is it part of spamassassin ?

--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@dpmms.cam.ac.uk http://www.dpmms.cam.ac.uk/~werdna

* Dr Andrew C Aitchison (A.C.Aitchison@dpmms.cam.ac.uk) wrote:
> On Fri, 19 Jul 2002, Cam Ellison wrote:
>

> A "MailSite serial number" doesn't sound like an exim thing;
> is it part of spamassassin ?
>
No. Mailsite is what my ISP uses -- they're still benighted enough to
be running NT servers. :-)

Cam

--
Cam Ellison Ph.D. R.Psych.
From Roberts Creek on B.C.'s incomparable Sunshine Coast
cam@ellisonet.ca
camellison@dccnet.com
cam@fleuryassociates.com

On Sat, 20 Jul 2002, Cam Ellison wrote:
> * Dr Andrew C Aitchison (A.C.Aitchison@dpmms.cam.ac.uk) wrote:
> > On Fri, 19 Jul 2002, Cam Ellison wrote:
> > > Unable to deliver to destination domain
> > >
> > > Mail server at localhost [127.0.0.1] has the same MailSite serial
> > > number (32073) as this machine.

> > A "MailSite serial number" doesn't sound like an exim thing;
> > is it part of spamassassin ?
> >
> No. Mailsite is what my ISP uses -- they're still benighted enough to
> be running NT servers. :-)

Sorry, I wasn't very clear.
The error message makes me think the problem is related to MailSite
not exim.

--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@dpmms.cam.ac.uk http://www.dpmms.cam.ac.uk/~werdna

* Dr Andrew C Aitchison (A.C.Aitchison@dpmms.cam.ac.uk) wrote:
> On Sat, 20 Jul 2002, Cam Ellison wrote:
> > * Dr Andrew C Aitchison (A.C.Aitchison@dpmms.cam.ac.uk) wrote:
> > > On Fri, 19 Jul 2002, Cam Ellison wrote:
> > > > Unable to deliver to destination domain
> > > >
> > > > Mail server at localhost [127.0.0.1] has the same MailSite serial
> > > > number (32073) as this machine.
>
> > > A "MailSite serial number" doesn't sound like an exim thing;
> > > is it part of spamassassin ?
> > >
> > No. Mailsite is what my ISP uses -- they're still benighted enough to
> > be running NT servers. :-)
>
> Sorry, I wasn't very clear.
> The error message makes me think the problem is related to MailSite
> not exim.
>
I had not considered that. I have had problems before, with fetchmail
and MailSite coming up with different byte counts. In this case, what
I saw was a lot of traffic showing on gkrellm, but no email, and then
the error messages from eximon. Maybe I need to look

This is an example of an entry from the mainlog before the problem
started (lines are cut so there's no overflow):

2002-07-18 04:29:33 17V9TQ-0000Fv-00 <=
bounce-debian-user=camellison=dccnet.com@lists.debian.org H=localhost
[127.0.0.1] P=esmtp S=5586 id=0S5zW.A.nRE.PCqN9@murphy
2002-07-18 04:29:34 17V9TR-0000G3-00 <=
bounce-debian-user=camellison=dccnet.com@lists.debian.org U=mail
P=spam-scanned S=5840 id=0S5zW.A.nRE.PCqN9@murphy
2002-07-18 04:29:34 17V9TQ-0000Fv-00 => root <root@localhost>
D=spamcheck_director T=spamcheck
2002-07-18 04:29:34 17V9TQ-0000Fv-00 Completed

Here is a post-"change" example:

2002-07-18 18:02:54 17VMAY-0001iL-00 <=
bounce-debian-user=camellison=dccnet.com@lists.debian.org H=localhost
[127.0.0.1] P=esmtp S=4609 id=AQJ2DB.A.v4F.QK2N9@murphy
2002-07-18 18:02:55 17VMAY-0001iL-00 => root@localhost R=smarthost
T=remote_smtp H=mailhost.dccnet.com [207.230.239.78]
2002-07-18 18:02:55 17VMAY-0001iL-00 Completed

It looks as though the message is not getting as far as the
directors. "smarthost" is set in exim.conf as mailhost.dccnet.com.

Here's my exim.conf (or the bits that are set [and a couple that are
not, but seem important]):

qualify_domain = ellisonet.ca
# qualify_recipient =
local_domains_include_host = true
local_domains_include_host_literals = true
#relay_domains =
percent_hack_domains = :
receiver_try_verify = true
relay_domains_include_local_mx = true
never_users = root
host_lookup = *
headers_check_syntax
host_accept_relay = localhost
# percent_hack_domains=*
trusted_users = "mail"
smtp_verify = false
gecos_pattern = ^([^,:]*)
gecos_name = $1
smtp_accept_queue_per_connection = 1000
freeze_tell_mailmaster = true

local_delivery:
driver = appendfile
group = mail
mode = 0660
mode_fail_narrower = false
envelope_to_add = true
file = /var/spool/mail/${local_part}

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile

address_directory:
driver = appendfile
no_from_hack
prefix = ""
suffix = ""

address_reply:
driver = autoreply

remote_smtp:
driver = smtp

spamcheck:
driver = pipe
command = /usr/sbin/exim -oMr spam-scanned -bS
transport_filter = /usr/bin/spamc
bsmtp = all
home_directory = "/tmp"
user = mail
return_path_add = false
log_output = true
return_fail_output = true
prefix =
suffix =

spamcheck_director:
no_verify
condition = "${if and { {!def:h_X-Spam-Flag:} {!eq
{$received_protocol}{spam-scanned}} {!eq
{$received_protocol}{local}} } {1}{0}}"
driver = smartuser
transport = spamcheck

system_aliases:
driver = aliasfile
file_transport = address_file
pipe_transport = address_pipe
file = /etc/aliases
search_type = lsearch
# user = list

userforward:
driver = forwardfile
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
no_verify
check_ancestor
file = .forward
modemask = 002
filter

localuser:
driver = localuser
transport = local_delivery

smarthost:
driver = domainlist
transport = remote_smtp
route_list = "* mailhost.dccnet.com bydns_a"

*@ellisonet.ca ${lookup{$1}lsearch{/etc/email-addresses}\
{$value}fail} bcfrF

Thanks for the input

Cam

--
Cam Ellison Ph.D. R.Psych.
From Roberts Creek on B.C.'s incomparable Sunshine Coast
cam@ellisonet.ca
camellison@dccnet.com
cam@fleuryassociates.com

--
On Sat, Jul 20, 2002 at 09:58:53AM -0700, Cam Ellison wrote:
| * Dr Andrew C Aitchison (A.C.Aitchison@dpmms.cam.ac.uk) wrote:
| > On Sat, 20 Jul 2002, Cam Ellison wrote:
| > > * Dr Andrew C Aitchison (A.C.Aitchison@dpmms.cam.ac.uk) wrote:
| > > > On Fri, 19 Jul 2002, Cam Ellison wrote:
| > > > > Unable to deliver to destination domain
| > > > >
| > > > > Mail server at localhost [127.0.0.1] has the same MailSite serial
| > > > > number (32073) as this machine.

| > Sorry, I wasn't very clear. The error message makes me think the
| > problem is related to MailSite not exim.

It would seem so, except that there's no reason that MailSite should
see the address "roo@localhost" (and if it was really MailSite's
problem then fetchmail wouldn't play any part and Cam wouldn't have
the bounce message).

Rereading the error message a few times after having realized the
cause of the problem (and written the rest of this message), I now see
where the *other* problem lies. MailSite apparently does some sort of
proprietary callback on the domain to try and prevent pirating. It
sees a (presumably) sender address of @localhost so it (stupidly) does
a callback to localhost and finds out that (surprise surprise) it has
the same serial number as itself. Thus instead of returning "550 No
such user <root@localhost>" it says "You pirated me". What a
perfectly crystal clear error message :-).

| This is an example of an entry from the mainlog before the problem
| started (lines are cut so there's no overflow):
[snip]

BTW you're missing 2 lines there. When using SA like that, each
message will have 2 different exim ids since exim sees each message
twice.

| Here is a post-"change" example:
|
| 2002-07-18 18:02:54 17VMAY-0001iL-00 <=
| bounce-debian-user=camellison=dccnet.com@lists.debian.org H=localhost
| [127.0.0.1] P=esmtp S=4609 id=AQJ2DB.A.v4F.QK2N9@murphy
| 2002-07-18 18:02:55 17VMAY-0001iL-00 => root@localhost

Why is exim trying to deliver to "root@localhost"? What user do you
run fetchmail as? Do you have a "is <foo> here" option where "<foo>"
is your username on your system? I suspect that fetchmail is creating
that recipient, but it isn't what you really want.

| R=smarthost T=remote_smtp H=mailhost.dccnet.com [207.230.239.78]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

For some reason, you are trying to deliver root's mail via your ISP's
server, and it doesn't know how to accept mail for "root@localhost".

(mail shouldn't go to root anyways, you should have an alias in
/etc/aliases that redirects it to your user account)

| It looks as though the message is not getting as far as the
| directors.

It isn't. Directors are only used for "local domains", and you don't
have 'localhost' as a local domain.

| "smarthost" is set in exim.conf as mailhost.dccnet.com.

That would be set on a router. (at least, I certainly hope you don't
have a "smarthost" director!)

| Here's my exim.conf (or the bits that are set [and a couple that are
| not, but seem important]):

You could add "localhost" to the local_domains list setting instead of
fixing the program(s) that generate @localhost addresses.

| qualify_domain = ellisonet.ca

If fetchmail wasn't putting @localhost on the address then exim would
have made it @ellisonet.ca and you wouldn't see this problem.

-D

--
The remote desktop feature of Windows XP is really nice (and *novel*!).
As a Microsoft consultant can *remotely* disable the personal firewall
and control the system. We'll ignore the fact that this tampering with
the firewall is not logged, and more importantly, that the firewall
isn't restored when the clowns from Redmond are done with their job.
-- bugtraq

http://dman.ddts.net/~dman/
--
[ Content of type application/pgp-signature deleted ]
--

* Derrick 'dman' Hudson (dsh8290@rit.edu) wrote:


>Rereading the error message a few times after having realized the
>cause of the problem (and written the rest of this message), I now see
>where the *other* problem lies. MailSite apparently does some sort of
>proprietary callback on the domain to try and prevent pirating. It
>sees a (presumably) sender address of @localhost so it (stupidly) does
>a callback to localhost and finds out that (surprise surprise) it has
>the same serial number as itself. Thus instead of returning "550 No
>such user <root@localhost>" it says "You pirated me". What a
>perfectly crystal clear error message :-).
>
<snip>
>
>| Here is a post-"change" example:
>|
>| 2002-07-18 18:02:54 17VMAY-0001iL-00 <=
>| bounce-debian-user=camellison=dccnet.com@lists.debian.org H=localhost
>| [127.0.0.1] P=esmtp S=4609 id=AQJ2DB.A.v4F.QK2N9@murphy
>| 2002-07-18 18:02:55 17VMAY-0001iL-00 => root@localhost
>
>Why is exim trying to deliver to "root@localhost"? What user do you
>run fetchmail as? Do you have a "is <foo> here" option where "<foo>"
>is your username on your system? I suspect that fetchmail is creating
>that recipient, but it isn't what you really want.
>
My fetchmailrc identifies me as "camellison", and the dccnet server as
"mail.dccnet.com". That has not changed.

>| R=smarthost T=remote_smtp H=mailhost.dccnet.com [207.230.239.78]
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>For some reason, you are trying to deliver root's mail via your ISP's
>server, and it doesn't know how to accept mail for "root@localhost".
>
>(mail shouldn't go to root anyways, you should have an alias in
>/etc/aliases that redirects it to your user account)

I do. Both postmaster and root go directly to me.

<snip>

>| "smarthost" is set in exim.conf as mailhost.dccnet.com.
>
>That would be set on a router. (at least, I certainly hope you don't
>have a "smarthost" director!)

I'm not quite that dim. ;-)

<snip>

>You could add "localhost" to the local_domains list setting instead of
>fixing the program(s) that generate @localhost addresses.
>
I shall do that.

>| qualify_domain = ellisonet.ca
>
>If fetchmail wasn't putting @localhost on the address then exim would
>have made it @ellisonet.ca and you wouldn't see this problem.

I have been running fetchmail as root (unwise, I know, but I was
unsure at the time about how else to set it up, and then forgot to
figure that out and change it). I guess I'd better read up on
fetchmail again and straighten that out.

Thanks, dman. A saviour once again..

Cam

--
Cam Ellison Ph.D. R.Psych.
From Roberts Creek on B.C.'s incomparable Sunshine Coast
cam@ellisonet.ca
camellison@dccnet.com
cam@fleuryassociates.com

--
On Sat, Jul 20, 2002 at 11:06:58AM -0700, Cam Ellison wrote:
| * Derrick 'dman' Hudson (dsh8290@rit.edu) wrote:

| >Why is exim trying to deliver to "root@localhost"? What user do you
| >run fetchmail as? Do you have a "is <foo> here" option where "<foo>"
| >is your username on your system? I suspect that fetchmail is creating
| >that recipient, but it isn't what you really want.
|
| My fetchmailrc identifies me as "camellison", and the dccnet server as
| "mail.dccnet.com". That has not changed.

Hmm. Say, what does
$ grep 127.0.0.1 /etc/hosts
show?

I bet it is
127.0.0.1 localhost
and thus gethostbyaddr() tells fetchmail that your machine is
"localhost". (this affects exim and sendmail and any other program
that uses gethostbyaddr() as well) To fix that, make the first item
in the name list be your FQDN. I determined (via experimentation)
that that is what gethostbyaddr() returns.

| I have been running fetchmail as root (unwise, I know, but I was
| unsure at the time about how else to set it up, and then forgot to
| figure that out and change it). I guess I'd better read up on
| fetchmail again and straighten that out.

If you're running it from cron it is easy to run it as yourself. One
way is to use 'crontab -e' (as yourself) to edit your crontab. Then
cron will run it as you. Another way, if cron runs it as root is to
put "su camellison -c" in front of the command. Alternatively if it
is run from the system crontab you can just specify the user to run as
in front of the command.

-D

--
If your life is a hard drive,
Christ can be your backup.

http://dman.ddts.net/~dman/
--
[ Content of type application/pgp-signature deleted ]
--

* Derrick 'dman' Hudson (dsh8290@rit.edu) wrote:

>Hmm. Say, what does
> $ grep 127.0.0.1 /etc/hosts
>show?
>
>I bet it is
> 127.0.0.1 localhost
>and thus gethostbyaddr() tells fetchmail that your machine is
>"localhost". (this affects exim and sendmail and any other program
>that uses gethostbyaddr() as well) To fix that, make the first item
>in the name list be your FQDN. I determined (via experimentation)
>that that is what gethostbyaddr() returns.

You won your bet.

Sorry to be obtuse, but what do you mean by "name list"? Putting the
127.0.0.1 localhost entry last has no effect -- I get the same
result. The other entries are for my LAN. I have a dynamic IP
address, so I can't do much about setting up an assignment (other than
writing a perl script to re-write /etc/hosts, not an easy task since I
haven't gotten to the end of the first chapter of Learning Perl :-) ).

>| I have been running fetchmail as root (unwise, I know, but I was
>| unsure at the time about how else to set it up, and then forgot to
>| figure that out and change it). I guess I'd better read up on
>| fetchmail again and straighten that out.
>
>If you're running it from cron it is easy to run it as yourself. One
>way is to use 'crontab -e' (as yourself) to edit your crontab. Then
>cron will run it as you. Another way, if cron runs it as root is to
>put "su camellison -c" in front of the command. Alternatively if it
>is run from the system crontab you can just specify the user to run as
>in front of the command.
>
I have changed the owner of fetchmail to fetchmail, group mail, and
have been running at as a daemon. Running it from cron sounds like a
better idea.

Cheers

Cam
--
Cam Ellison Ph.D. R.Psych.
From Roberts Creek on B.C.'s incomparable Sunshine Coast
cam@ellisonet.ca
camellison@dccnet.com
cam@fleuryassociates.com

On Sat, 20 Jul 2002, Cam Ellison wrote:

> * Derrick 'dman' Hudson (dsh8290@rit.edu) wrote:
>
> >Hmm. Say, what does
> > $ grep 127.0.0.1 /etc/hosts
> >show?
> >
> >I bet it is
> > 127.0.0.1 localhost
> >and thus gethostbyaddr() tells fetchmail that your machine is
> >"localhost". (this affects exim and sendmail and any other program
> >that uses gethostbyaddr() as well) To fix that, make the first item
> >in the name list be your FQDN. I determined (via experimentation)
> >that that is what gethostbyaddr() returns.
>
> You won your bet.
>
> Sorry to be obtuse, but what do you mean by "name list"? Putting the
> 127.0.0.1 localhost entry last has no effect -- I get the same
> result. The other entries are for my LAN. I have a dynamic IP
> address, so I can't do much about setting up an assignment (other than
> writing a perl script to re-write /etc/hosts, not an easy task since I
> haven't gotten to the end of the first chapter of Learning Perl :-) ).

I think he means change the line to:
127.0.0.1 myhost.mydomain localhost

I think that this line would have to go after the entry with the real
IP address for that name, which might be hard if it keeps changing,
although /etc/nssswitch.conf might be able to help.

I've never seen any name but localhost given to 127.0.0.1

--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@dpmms.cam.ac.uk http://www.dpmms.cam.ac.uk/~werdna

Thanks for this, James. I'll try the last one, and see how it goes.
I've taken what you have verbatim, and set up a cron script to run it
hourly.

I'll keep you posted.

* James Harr (james@grickle.org) wrote:
<snip>
> # Perhaps even one less file
> new_ip=`ifconfig <dev> | grep "inet addr:" | cut -b21-35 | cut "-d " -f1`
> old_ip=`cat /etc/hosts | grep -v "^#" | grep "foo.bar.com" | cut "-d " -f1`
> cp /etc/hosts /tmp/hosts
> cat /tmp/hosts | sed "s/$old_ip/$new_ip/" > /etc/hosts
> rm /tmp/hosts
>
>
> You could do it in perl to. If you do, make sure you create like a .bak
> file also (incase your program crashes). Then you read the file line by
> line [.eg: while ( <FILE_DESC> ) { $_ is the line of text } ]. And use a
> combo of perl's grep() and split() to rewrite the file. Make sure to see
> the perldoc pages on grep() because it's a boolean return.
>
> Wow. I need a life... hehe
>
Me too.

Cam

--
Cam Ellison Ph.D. R.Psych.
From Roberts Creek on B.C.'s incomparable Sunshine Coast
cam@ellisonet.ca
camellison@dccnet.com
cam@fleuryassociates.com

* James Harr (james@grickle.org) wrote:
> There might be a way to get it to run whenever dhcpcd gets a new ip.. I
> beleive that there's a script for dhcp that actually configures the device
> (for flexibility or somethign). You could toss this at the end of the
> script. I don't have dhcpcd installed on any of my machines, but I think
> the file is something like /etc/dhclient-script.
>
That's worth examining, and there may be a way to use the Python
script that sends the same information to dyndns. I don't know
Python, but this may provide an excuse to learn -- if I had the time.

Cheers

Cam

--
Cam Ellison Ph.D. R.Psych.
From Roberts Creek on B.C.'s incomparable Sunshine Coast
cam@ellisonet.ca
camellison@dccnet.com
cam@fleuryassociates.com