Discussion:
Cannot send mail to gmail.com after reconfigure Exim 4.76?
(too old to reply)
Face
2011-09-03 04:45:33 UTC
Permalink
Hello all,

I had someone send spam using my SMTP, therefore i had to change my
configure to stop this. Now I cannot send to gmail.com and i keep
getting this

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

***@gmail.com
SMTP error from remote mail server after end of data:
host gmail-smtp-in.l.google.com [74.125.91.27]:
550-5.7.1 [173.214.173.77 1] Our system has detected an
unusual rate of
550-5.7.1 unsolicited mail originating from your IP address. To protect our
550-5.7.1 users from spam, mail sent from your IP address has been blocked.
550-5.7.1 Please visit
http://www.google.com/mail/help/bulk_mail.html to review
550 5.7.1 our Bulk Email Senders Guidelines. s9si64275qcy.51

------ This is a copy of the message, including all the headers. ------

Return-path: <***@aldimna.com>
Received: from [10.0.1.9]
by smtp.aldimna.com with esmtp (Exim 4.76)
(envelope-from <***@aldimna.com>)
id 1QzRQp-0003RX-QE
for ***@gmail.com; Fri, 02 Sep 2011 13:57:07 +0300
Message-ID: <***@aldimna.com>
Date: Fri, 02 Sep 2011 13:57:07 +0300
From: admin <***@aldimna.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20110628
Thunderbird/5.0
MIME-Version: 1.0
To: Face <***@gmail.com>
Subject: Re: ssssss
References: <***@mail.gmail.com>
<CAKPwB8L_FcCh9TdEsTfFCiekiP_SGwMkFxhgpL6fRkwtAP-***@mail.gmail.com>
<CAKPwB8+***@mail.gmail.com>
In-Reply-To: <CAKPwB8+***@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit



I also checked spamhaus.org and it seem my ip address is not listed.

Any help would be much appreciated.

here is a link to my configuration:
http://goq8.info/Test/exim.conf.html

$exim -bt -d ***@gmail.com
Exim version 4.76 uid=0 gid=0 pid=11474 D=fbb95cfd
Berkeley DB: Berkeley DB 5.2.28: (June 10, 2011)
Support for: crypteq iconv() PAM OpenSSL move_frozen_messages
Content_Scanning DKIM
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm
dbmnz mysql sqlite
Authenticators: cram_md5 dovecot plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 4
Compiler: GCC [4.6.1 20110819 (prerelease)]
Library version: OpenSSL: Compile: OpenSSL 1.0.0d 8 Feb 2011
Runtime: OpenSSL 1.0.0d 8 Feb 2011
Library version: PCRE: Compile: 8.13
Runtime: 8.13 2011-08-16
Total 8 lookups
Library version: MySQL: Compile: 5.5.15 [Source distribution]
Runtime: 5.5.15
Library version: SQLite: Compile: 3.7.7.1
Runtime: 3.7.7.1
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
changed uid/gid: forcing real = effective
uid=0 gid=0 pid=11474
auxiliary group list: <none>
seeking password data for user "root": cache not available
getpwnam() succeeded uid=0 gid=0
configuration file is /etc/mail.d/exim.d/exim.conf
log selectors = 00000ffc 00612001
trusted user
admin user
seeking password data for user "mail": cache not available
getpwnam() succeeded uid=8 gid=12
user name "root" extracted from gecos field "root"
originator: uid=0 gid=0 login=root name=root
sender address = ***@empty
Address testing: uid=0 gid=79 euid=0 egid=79
Testing ***@gmail.com
Considering ***@gmail.com
routing ***@gmail.com
--------> hubbed_hosts router <--------
local_part=falazemi domain=gmail.com
checking domains
expansion of "${if
exists{/etc/mail.d/exim.d/hubbed_hosts}{partial-lsearch;/etc/mail.d/exim.d/hubbed_hosts}fail}"
forced failure: assume not in this list
hubbed_hosts router skipped: domains mismatch
--------> dnslookup_relay_to_domains router <--------
local_part=falazemi domain=gmail.com
checking domains
search_open: mysql "NULL"
search_find: file="NULL"
key="SELECT domain FROM user WHERE domain='gmail.com' UNION SELECT
domain FROM alias WHERE domain='gmail.com' UNION SELECT domain FROM
catchall WHERE domain='gmail.com'" partial=-1 affix=NULL starflags=0
LRU list:
internal_search_find: file="NULL"
type=mysql key="SELECT domain FROM user WHERE domain='gmail.com'
UNION SELECT domain FROM alias WHERE domain='gmail.com' UNION SELECT
domain FROM catchall WHERE domain='gmail.com'"
database lookup required for SELECT domain FROM user WHERE
domain='gmail.com' UNION SELECT domain FROM alias WHERE
domain='gmail.com' UNION SELECT domain FROM catchall WHERE
domain='gmail.com'
MySQL query: SELECT domain FROM user WHERE domain='gmail.com' UNION
SELECT domain FROM alias WHERE domain='gmail.com' UNION SELECT domain
FROM catchall WHERE domain='gmail.com'
MYSQL new connection: host=localhost port=0 socket=NULL
database=AlDimnaEmailSystem user=exim
MYSQL: no data found
lookup failed
gmail.com in ""? no (end of list)
gmail.com in "smtp.aldimna.com"? no (end of list)
gmail.com in "! +local_domains : +relay_to_domains"? no (end of list)
dnslookup_relay_to_domains router skipped: domains mismatch
--------> dnslookup router <--------
local_part=falazemi domain=gmail.com
checking domains
search_open: mysql "NULL"
cached open
search_find: file="NULL"
key="SELECT domain FROM user WHERE domain='gmail.com' UNION SELECT
domain FROM alias WHERE domain='gmail.com' UNION SELECT domain FROM
catchall WHERE domain='gmail.com'" partial=-1 affix=NULL starflags=0
LRU list:
internal_search_find: file="NULL"
type=mysql key="SELECT domain FROM user WHERE domain='gmail.com'
UNION SELECT domain FROM alias WHERE domain='gmail.com' UNION SELECT
domain FROM catchall WHERE domain='gmail.com'"
cached data used for lookup of SELECT domain FROM user WHERE
domain='gmail.com' UNION SELECT domain FROM alias WHERE
domain='gmail.com' UNION SELECT domain FROM catchall WHERE
domain='gmail.com'
lookup failed
gmail.com in ""? no (end of list)
gmail.com in "! +local_domains"? yes (end of list)
R: dnslookup for ***@gmail.com
calling dnslookup router
dnslookup router called for ***@gmail.com
domain = gmail.com
DNS lookup of gmail.com (MX) succeeded
DNS lookup of gmail-smtp-in.l.google.com (A) succeeded
74.125.91.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :172.16.0.0/12
: 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no (end of list)
DNS lookup of alt1.gmail-smtp-in.l.google.com (A) succeeded
209.85.143.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16
:172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no
(end of list)
DNS lookup of alt2.gmail-smtp-in.l.google.com (A) succeeded
209.85.229.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16
:172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no
(end of list)
DNS lookup of alt3.gmail-smtp-in.l.google.com (A) succeeded
74.125.77.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :172.16.0.0/12
: 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no (end of list)
DNS lookup of alt4.gmail-smtp-in.l.google.com (A) succeeded
74.125.39.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :172.16.0.0/12
: 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no (end of list)
fully qualified name = gmail.com
host_find_bydns yield = HOST_FOUND (2); returned hosts:
gmail-smtp-in.l.google.com 74.125.91.27 MX=5
alt1.gmail-smtp-in.l.google.com 209.85.143.27 MX=10
alt2.gmail-smtp-in.l.google.com 209.85.229.27 MX=20
alt3.gmail-smtp-in.l.google.com 74.125.77.27 MX=30
alt4.gmail-smtp-in.l.google.com 74.125.39.27 MX=40
set transport remote_smtp
queued for remote_smtp transport: local_part = falazemi
domain = gmail.com
errors_to=NULL
domain_data=NULL localpart_data=NULL
routed by dnslookup router
envelope to: ***@gmail.com
transport: remote_smtp
host gmail-smtp-in.l.google.com [74.125.91.27] MX=5
host alt1.gmail-smtp-in.l.google.com [209.85.143.27] MX=10
host alt2.gmail-smtp-in.l.google.com [209.85.229.27] MX=20
host alt3.gmail-smtp-in.l.google.com [74.125.77.27] MX=30
host alt4.gmail-smtp-in.l.google.com [74.125.39.27] MX=40
***@gmail.com
router = dnslookup, transport = remote_smtp
host gmail-smtp-in.l.google.com [74.125.91.27] MX=5
host alt1.gmail-smtp-in.l.google.com [209.85.143.27] MX=10
host alt2.gmail-smtp-in.l.google.com [209.85.229.27] MX=20
host alt3.gmail-smtp-in.l.google.com [74.125.77.27] MX=30
host alt4.gmail-smtp-in.l.google.com [74.125.39.27] MX=40
search_tidyup called
close MYSQL connection: localhost/AlDimnaEmailSystem/exim
Exim pid=11474 terminating with rc=0 >>>>>>>>>>>>>>>>
--
Sincerely,
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Todd Lyons
2011-09-04 16:13:17 UTC
Permalink
Post by Face
Hello all,
I had someone  send spam using my SMTP, therefore i had to change my
configure to stop this. Now I cannot send to gmail.com and i keep
getting this
   550-5.7.1 [173.214.173.77       1] Our system has detected an
unusual rate of
   550-5.7.1 unsolicited mail originating from your IP address. To protect our
   550-5.7.1 users from spam, mail sent from your IP address has been blocked.
It very clearly states: "You did something bad in the past, so we
blocked you." Well, they are still blocking you because you haven't
done anything to them that indicates you fixed it.
Post by Face
   550-5.7.1 Please visit
http://www.google.com/mail/help/bulk_mail.html to review
   550 5.7.1 our Bulk Email Senders Guidelines. s9si64275qcy.51
Did you go to that URL and read all of it? One part that is unstated
is whether you are permanently blocked or whether it's just your
reputation that suffered. If you are permanently blocked, you need to
submit a block removal request, you'll have to find where in the maze
of Gmail support it is. If you are being blocked on your reputation,
over time, probably about a week, they'll start accepting email from
your server again. However, if any of those spams that made it
through your machine start flowing again, you'll very quickly sour
your reputation again and you'll get blocked. Basically, your choice
to me appears to be to make sure that nobody can relay spam through
your system and wait for your reputation with google to go from bad to
good (which can only happen by NOT sending spam and NOT sending a lot
of email at once).

...Todd
--
If Americans could eliminate sugary beverages, potatoes, white bread,
pasta, white rice and sugary snacks, we would wipe out almost all the
problems we have with weight and diabetes and other metabolic
diseases. -- Dr. Walter Willett, Harvard School of Public Health
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Face
2011-09-06 16:24:15 UTC
Permalink
I keep receiving this on my log and i am not sure how to stop it. is
this something i should worry about ?

2011-09-06 18:43:03 1R0d9I-0002kV-7k ** ***@yahoo.com.br
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mta5.am0.yahoodns.net [66.94.237.64]: 554 delivery
error: dd This user doesn't have a yahoo.com.br account
(***@yahoo.com.br) [0] - mta1267.mail.mud.yahoo.com
2011-09-06 18:43:03 1R0d9I-0002kV-7k ***@yahoo.com.br: error ignored
2011-09-06 18:43:04 1R0d9I-0002kV-7k Completed
2011-09-06 18:43:04 1QzdOD-0004O9-ML == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-53): retry time not reached for any
host
2011-09-06 18:43:07 1R0xnn-0007Hw-H0 <= ***@aldimna.com
H=([10.0.1.9]) [10.0.1.9] P=esmtp S=749
id=***@aldimna.com
2011-09-06 18:43:07 1R0xnn-0007Hw-H0 => admin <***@aldimna.com>
R=mysql_user T=local_mysql_delivery
2011-09-06 18:43:07 1R0xnn-0007Hw-H0 Completed
2011-09-06 18:43:48 1R0xoR-0007IA-MZ <= ***@hotmail.com
H=(col0-omc2-s11.col0.hotmail.com) [65.55.34.85] P=esmtp S=2677
id=COL122-***@phx.gbl
2011-09-06 18:43:48 1R0xoR-0007IA-MZ => admin <***@aldimna.com>
R=mysql_user T=local_mysql_delivery
2011-09-06 18:43:48 1R0xoR-0007IA-MZ Completed
2011-09-06 18:46:14 1R0Wzb-0005JG-Cg yard.com [208.38.134.211]
Connection timed out
2011-09-06 18:46:14 1R0Wzb-0005JG-Cg == ***@yard.com R=dnslookup
T=remote_smtp defer (110): Connection timed out
2011-09-06 18:46:17 1QyWiy-0006Pu-8l SMTP error from remote mail
server after end of data: host mx1.mail.eu.yahoo.com [77.238.177.9]:
451 Message temporarily deferred - [70]
2011-09-06 18:46:19 1QyWiy-0006Pu-8l == ***@yahoo.gr
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx2.mail.eu.yahoo.com [77.238.184.241]:
451 Message temporarily deferred - [70]
2011-09-06 18:46:19 1QyWiy-0006Pu-8l ** ***@yahoo.gr: retry
timeout exceeded
2011-09-06 18:46:19 1QyWiy-0006Pu-8l ***@yahoo.gr: error ignored
2011-09-06 18:46:19 1QyWiy-0006Pu-8l Completed
2011-09-06 18:46:24 1QyNZx-0000tY-Jy ** ***@yahoo.fr
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mx2.mail.eu.yahoo.com [77.238.184.241]: 554 delivery
error: dd This user doesn't have a yahoo.fr account
(***@yahoo.fr) [0] - mta1098.mail.ukl.yahoo.com
2011-09-06 18:46:24 1QyNZx-0000tY-Jy ***@yahoo.fr: error ignored
2011-09-06 18:46:24 1QyNZx-0000tY-Jy Completed
2011-09-06 18:46:25 1QygQn-0000g6-Vl ** ***@yahoo.com.pl
R=dnslookup T=remote_smtp: retry time not reached for any host after a
long failure period
2011-09-06 18:46:25 1QygQn-0000g6-Vl ***@yahoo.com.pl: error ignored
2011-09-06 18:46:25 1QygQn-0000g6-Vl Completed
2011-09-06 18:46:25 1R06gL-0002a3-VV cancelled by timeout_frozen_after
2011-09-06 18:46:25 1R06gL-0002a3-VV Completed
2011-09-06 18:46:28 1Qxsj4-00048s-28 ** ***@yahoo.com.br
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mta4.am0.yahoodns.net [98.139.54.60]: 554 delivery
error: dd This user doesn't have a yahoo.com.br account
(***@yahoo.com.br) [0] - mta1290.mail.ac4.yahoo.com
2011-09-06 18:46:28 1Qxsj4-00048s-28 ***@yahoo.com.br: error ignored
2011-09-06 18:46:28 1Qxsj4-00048s-28 Completed
2011-09-06 18:46:32 1QxwS9-0001ID-7V ** ***@yahoo.com.vn
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mx1.mail.sg1.yahoo.com [124.108.116.109]: 554
delivery error: dd This user doesn't have a yahoo.com.vn account
(***@yahoo.com.vn) [0] - mta1033.mail.sg1.yahoo.com
2011-09-06 18:46:32 1QxwS9-0001ID-7V ***@yahoo.com.vn: error ignored
2011-09-06 18:46:32 1QxwS9-0001ID-7V Completed
2011-09-06 18:46:32 1Qys5e-0000dh-3g cancelled by timeout_frozen_after
2011-09-06 18:46:32 1Qys5e-0000dh-3g Completed
2011-09-06 18:46:32 1QyRSY-000386-Sg cancelled by timeout_frozen_after
2011-09-06 18:46:32 1QyRSY-000386-Sg Completed
2011-09-06 18:46:34 1Qy8Kw-0000Q3-Vs SMTP error from remote mail
server after end of data: host mta4.am0.yahoodns.net [98.139.54.60]:
451 Message temporarily deferred - [70]
2011-09-06 18:46:37 1Qy8Kw-0000Q3-Vs ** ***@yahoo.com.br
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mta4.am0.yahoodns.net [67.195.168.230]: 554 delivery
error: dd This user doesn't have a yahoo.com.br account
(***@yahoo.com.br) [0] - mta1068.mail.ac4.yahoo.com
2011-09-06 18:46:37 1Qy8Kw-0000Q3-Vs ***@yahoo.com.br: error ignored
2011-09-06 18:46:37 1Qy8Kw-0000Q3-Vs Completed
2011-09-06 18:46:37 1QyTTQ-0002Hf-0E cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyTTQ-0002Hf-0E Completed
2011-09-06 18:46:37 1QyrTK-00084o-Jo cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyrTK-00084o-Jo Completed
2011-09-06 18:46:37 1QyAx6-0001i1-JB cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyAx6-0001i1-JB Completed
2011-09-06 18:46:37 1QyIhx-0003dZ-LB cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyIhx-0003dZ-LB Completed
2011-09-06 18:46:37 1QxfUw-0002ov-5i cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QxfUw-0002ov-5i Completed
2011-09-06 18:46:37 1QyUp1-0007QD-2u cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyUp1-0007QD-2u Completed
2011-09-06 18:46:37 1QyUKN-0005hG-Gs cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyUKN-0005hG-Gs Completed
2011-09-06 18:46:37 1QyT3x-0001yM-35 cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyT3x-0001yM-35 Completed
2011-09-06 18:46:37 1QyUiW-000763-Nd cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyUiW-000763-Nd Completed
2011-09-06 18:46:40 1R0nis-0003cf-CY ** ***@yahoo.com
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host l.mx.mail.yahoo.com [74.6.136.244]: 554 delivery
error: dd This user doesn't have a yahoo.com account
(***@yahoo.com) [0] - mta1254.mail.sk1.yahoo.com
2011-09-06 18:46:40 1R0nis-0003cf-CY ***@yahoo.com: error ignored
2011-09-06 18:46:40 1R0nis-0003cf-CY Completed
2011-09-06 18:46:40 1QylOm-0007VX-S5 cancelled by timeout_frozen_after
2011-09-06 18:46:40 1QylOm-0007VX-S5 Completed
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 == ***@yahoo.com.tw
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw:
retry timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw: retry
timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw: retry
timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw: retry
timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw: retry
timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw:
retry timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw:
retry timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw:
retry timeout exceeded
2011-09-06 18:46:43 1Qxx63-0002DQ-N2 ** ***@yahoo.com.tw:
retry timeout exceeded
2011-09-06 18:46:44 1R0xrH-0007JT-Uh <= <> R=1Qxx63-0002DQ-N2 U=exim
P=local S=4818
2011-09-06 18:46:44 1Qxx63-0002DQ-N2 Completed
2011-09-06 18:46:46 1R0xrH-0007JT-Uh ** ***@yahoo.fr
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mx1.mail.eu.yahoo.com [77.238.177.9]: 554 delivery
error: dd This user doesn't have a yahoo.fr account
(***@yahoo.fr) [0] - mta1062.mail.ird.yahoo.com
2011-09-06 18:46:46 1R0xrH-0007JT-Uh Frozen (delivery error message)
2011-09-06 18:46:46 1R0oIW-0004Vn-UG Unfrozen by errmsg timer
2011-09-06 18:46:46 1R0oIW-0004Vn-UG ** ***@empty: Unrouteable address
2011-09-06 18:46:46 1R0oIW-0004Vn-UG ***@empty: error ignored
2011-09-06 18:46:46 1R0oIW-0004Vn-UG Completed
2011-09-06 18:46:46 1Qy0nY-0006jk-CX cancelled by timeout_frozen_after
2011-09-06 18:46:46 1Qy0nY-0006jk-CX Completed
2011-09-06 18:46:51 1QxoV3-0006j9-Qw => ***@163.com
R=dnslookup T=remote_smtp H=163mx02.mxmail.netease.com
[123.125.50.139]
2011-09-06 18:46:51 1QxoV3-0006j9-Qw Completed
2011-09-06 18:47:01 queue run: process 28128 crashed with signal 15
while delivering 1QyTib-0003fE-De
2011-09-06 18:47:01 1QyFmo-0008Cq-0i cancelled by timeout_frozen_after
2011-09-06 18:47:01 1QyFmo-0008Cq-0i Completed
--
Sincerely,
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Jeremy Harris
2011-09-06 18:52:54 UTC
Permalink
Post by Face
I keep receiving this on my log and i am not sure how to stop it. is
this something i should worry about ?
That depends. Why are you mailing these nonexistent addresses?
--
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
W B Hacker
2011-09-06 19:26:08 UTC
Permalink
Post by Face
I keep receiving this on my log and i am not sure how to stop it. is
this something i should worry about ?
Probably.

Digging out the root cause, and setting aside the more innocent ones, it
appears that you have more going on than just the odd expired
destination address and clueless sender.

Looks as if you have on your 'input' side, one or more of:

- User(s) with infected WinBoxen.

- Mailing Lists not regularly scrubbed

- a 'hole' or web-app wherein remote spammers can exploit yDO about it.
our system.

Backtrack and identify the *source* of the more problematic messages.
Those destined for non-existent .br and .fr accounts, or possible
backscatter 'bounces', for example.

You may *temporarily* wish to set 'log_selector = +all' to get all the
details so as to better ID the primary issue(s) and what to do next.

You can also add a 'log_message' or three to various acl to record extra
information or flags to simpify your log extraction for analysis.

CAVEAT: Revert to something less verbose once you have what you need, as
'+all' generates seriously massive log files.

HTH,

Bill
Post by Face
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mta5.am0.yahoodns.net [66.94.237.64]: 554 delivery
error: dd This user doesn't have a yahoo.com.br account
2011-09-06 18:43:04 1R0d9I-0002kV-7k Completed
R=dnslookup T=remote_smtp defer (-53): retry time not reached for any
host
H=([10.0.1.9]) [10.0.1.9] P=esmtp S=749
R=mysql_user T=local_mysql_delivery
2011-09-06 18:43:07 1R0xnn-0007Hw-H0 Completed
H=(col0-omc2-s11.col0.hotmail.com) [65.55.34.85] P=esmtp S=2677
R=mysql_user T=local_mysql_delivery
2011-09-06 18:43:48 1R0xoR-0007IA-MZ Completed
2011-09-06 18:46:14 1R0Wzb-0005JG-Cg yard.com [208.38.134.211]
Connection timed out
T=remote_smtp defer (110): Connection timed out
2011-09-06 18:46:17 1QyWiy-0006Pu-8l SMTP error from remote mail
451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
451 Message temporarily deferred - [70]
timeout exceeded
2011-09-06 18:46:19 1QyWiy-0006Pu-8l Completed
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mx2.mail.eu.yahoo.com [77.238.184.241]: 554 delivery
error: dd This user doesn't have a yahoo.fr account
2011-09-06 18:46:24 1QyNZx-0000tY-Jy Completed
R=dnslookup T=remote_smtp: retry time not reached for any host after a
long failure period
2011-09-06 18:46:25 1QygQn-0000g6-Vl Completed
2011-09-06 18:46:25 1R06gL-0002a3-VV cancelled by timeout_frozen_after
2011-09-06 18:46:25 1R06gL-0002a3-VV Completed
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mta4.am0.yahoodns.net [98.139.54.60]: 554 delivery
error: dd This user doesn't have a yahoo.com.br account
2011-09-06 18:46:28 1Qxsj4-00048s-28 Completed
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mx1.mail.sg1.yahoo.com [124.108.116.109]: 554
delivery error: dd This user doesn't have a yahoo.com.vn account
2011-09-06 18:46:32 1QxwS9-0001ID-7V Completed
2011-09-06 18:46:32 1Qys5e-0000dh-3g cancelled by timeout_frozen_after
2011-09-06 18:46:32 1Qys5e-0000dh-3g Completed
2011-09-06 18:46:32 1QyRSY-000386-Sg cancelled by timeout_frozen_after
2011-09-06 18:46:32 1QyRSY-000386-Sg Completed
2011-09-06 18:46:34 1Qy8Kw-0000Q3-Vs SMTP error from remote mail
451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mta4.am0.yahoodns.net [67.195.168.230]: 554 delivery
error: dd This user doesn't have a yahoo.com.br account
2011-09-06 18:46:37 1Qy8Kw-0000Q3-Vs Completed
2011-09-06 18:46:37 1QyTTQ-0002Hf-0E cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyTTQ-0002Hf-0E Completed
2011-09-06 18:46:37 1QyrTK-00084o-Jo cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyrTK-00084o-Jo Completed
2011-09-06 18:46:37 1QyAx6-0001i1-JB cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyAx6-0001i1-JB Completed
2011-09-06 18:46:37 1QyIhx-0003dZ-LB cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyIhx-0003dZ-LB Completed
2011-09-06 18:46:37 1QxfUw-0002ov-5i cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QxfUw-0002ov-5i Completed
2011-09-06 18:46:37 1QyUp1-0007QD-2u cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyUp1-0007QD-2u Completed
2011-09-06 18:46:37 1QyUKN-0005hG-Gs cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyUKN-0005hG-Gs Completed
2011-09-06 18:46:37 1QyT3x-0001yM-35 cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyT3x-0001yM-35 Completed
2011-09-06 18:46:37 1QyUiW-000763-Nd cancelled by timeout_frozen_after
2011-09-06 18:46:37 1QyUiW-000763-Nd Completed
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host l.mx.mail.yahoo.com [74.6.136.244]: 554 delivery
error: dd This user doesn't have a yahoo.com account
2011-09-06 18:46:40 1R0nis-0003cf-CY Completed
2011-09-06 18:46:40 1QylOm-0007VX-S5 cancelled by timeout_frozen_after
2011-09-06 18:46:40 1QylOm-0007VX-S5 Completed
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
R=dnslookup T=remote_smtp defer (-46): SMTP error from remote mail
server after end of data: host mx1.mail.tw.yahoo.com
[203.188.197.119]: 451 Message temporarily deferred - [70]
retry timeout exceeded
timeout exceeded
timeout exceeded
timeout exceeded
timeout exceeded
retry timeout exceeded
retry timeout exceeded
retry timeout exceeded
retry timeout exceeded
2011-09-06 18:46:44 1R0xrH-0007JT-Uh<=<> R=1Qxx63-0002DQ-N2 U=exim
P=local S=4818
2011-09-06 18:46:44 1Qxx63-0002DQ-N2 Completed
R=dnslookup T=remote_smtp: SMTP error from remote mail server after
end of data: host mx1.mail.eu.yahoo.com [77.238.177.9]: 554 delivery
error: dd This user doesn't have a yahoo.fr account
2011-09-06 18:46:46 1R0xrH-0007JT-Uh Frozen (delivery error message)
2011-09-06 18:46:46 1R0oIW-0004Vn-UG Unfrozen by errmsg timer
2011-09-06 18:46:46 1R0oIW-0004Vn-UG Completed
2011-09-06 18:46:46 1Qy0nY-0006jk-CX cancelled by timeout_frozen_after
2011-09-06 18:46:46 1Qy0nY-0006jk-CX Completed
R=dnslookup T=remote_smtp H=163mx02.mxmail.netease.com
[123.125.50.139]
2011-09-06 18:46:51 1QxoV3-0006j9-Qw Completed
2011-09-06 18:47:01 queue run: process 28128 crashed with signal 15
while delivering 1QyTib-0003fE-De
2011-09-06 18:47:01 1QyFmo-0008Cq-0i cancelled by timeout_frozen_after
2011-09-06 18:47:01 1QyFmo-0008Cq-0i Completed
--
韓家標
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list
Face
2011-09-07 15:51:23 UTC
Permalink
cannot start exim with this error:
2011-09-07 18:07:14 Exim configuration error in line 821 of
/etc/mail.d/exim.d/exim.conf:
error in ACL: unknown ACL condition/modifier in "demime = *"



here is my configuration



########################################################################
# macro.conf {
########################################################################
hide mysql_servers = localhost/EmailSystem/exim/Mypasswrd
GREYLIST_TIMEOUT = ${eval:60*10}
GREYLIST_SPAM_THRESHOLD = ${eval:10*1}
SPAM_FILESIZE_LIMIT = 1M
VIRUS_FILESIZE_LIMIT = 32M
MYSQL_LOG=INSERT INTO `spamlog` ( `ID`, `MessageID`, `SenderIP`,
`SenderPort`, `SenderHostname`, `SenderHelo`, `SenderAddress`,
`RecipientAddress`, `Username`, `Domain`, `LoadAverage`, `SpamScore`,
`MessageSize`, `BodySize`, `MessageLines`, `BodyLines`,
`ReceivedHeaders`, `ReceivedProtocol`, `Cipher`, `Authenticated`,
`SenderVerify`, `Age`, `TimeStamp`) \
VALUES( '${quote_mysql:$message_exim_id}', \
'${quote_mysql:$header_Message-ID:}', \
'${quote_mysql:$sender_host_address}', \
'${quote_mysql:$sender_host_port}', \
'${quote_mysql:$sender_host_name}', \
'${quote_mysql:$sender_helo_name}', \
'${quote_mysql:$sender_address}', \
CONCAT('${quote_mysql:$original_local_part}','@','${quote_mysql:$original_domain}'),
\
'${quote_mysql:$local_part}', '${quote_mysql:$domain}', \
'${quote_mysql:$load_average}/1000', \
'${quote_mysql:$header_X-Spam-Score:}', \
'${quote_mysql:$message_size}', \
'${quote_mysql:$message_body_size}', \
'${quote_mysql:$message_linecount}', \
'${quote_mysql:$body_linecount}', \
'${quote_mysql:$received_count}', \
'${quote_mysql:$received_protocol}', \
'${quote_mysql:$tls_cipher}', \
'${quote_mysql:$authenticated_id}', \
'${quote_mysql:$header_X-Sender-Verify:}', \
'${quote_mysql:$message_age}', \
NOW() )

########################################################################
# MAIN CONFIGURATION SETTINGS {
########################################################################
daemon_smtp_ports = smtp : smtps : submission
smtp_enforce_sync = false
primary_hostname = smtp.aldimna.com
domainlist local_domains = ${lookup mysql {\
SELECT domain FROM user WHERE domain='${quote_mysql:$domain}' \
UNION \
SELECT domain FROM alias WHERE domain='${quote_mysql:$domain}' \
UNION \
SELECT domain FROM catchall WHERE domain='${quote_mysql:$domain}'\
}}
domainlist relay_to_domains = $smtp_active_hostname
hostlist relay_from_hosts = 127.0.0.1 : 10.0.1.0/24 : 10.0.0.0/24 :
10.0.0.0/26 : 10.0.1.0/26
untrusted_set_sender = *
local_sender_retain = true
local_from_check = false

smtp_banner = \t$smtp_active_hostname ESMTP\n\tExim $version_number\n\t$tod_full
tls_advertise_hosts = *
tls_on_connect_ports = 465
tls_certificate = /etc/ssl/certs/SMTP-Certificate.crt
tls_privatekey = /etc/ssl/private/SMTP-Certificate.key
log_selector = +tls_cipher +tls_peerdn +all_parents +deliver_time
+delivery_size +queue_time +queue_time_overall +received_recipients
+received_sender +smtp_confirmation +lost_incoming_connection
+smtp_incomplete_transaction +smtp_protocol_error +smtp_syntax_error
acl_smtp_connect = acl_check_connect
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
#av_scanner = $acl_m0
av_scanner = clamd:/var/run/clamav/clamd.sock
spamd_address = /var/run/spamassassin/spamd.sock
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
split_spool_directory = true
########################################################################
# 10-acl.conf {
########################################################################
begin acl

acl_check_connect:
accept
acl_check_helo:
accept
acl_check_rcpt:
accept hosts = :
defer message = Your Message is currently still greylisted!
Please try again later.
log_message = message from ${sender_address} over
[${sender_host_address}] is still GreyListed
!authenticated = *
condition = ${if >={GREYLIST_TIMEOUT}{${lookup mysql{\
SELECT (UNIX_TIMESTAMP()-MAX(first_seen)) AS QueueTime \
FROM greylist \
WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
AND SenderAddress = '${quote_mysql:$sender_address}' \
}{$value}{${eval:GREYLIST_TIMEOUT+1}}}}{true}{false}}
warn authenticated = *
message = X-Authenticated-User: $authenticated_id\n\
X-Authenticator: $sender_host_authenticated
deny message = Sender claims to have a local address, but is
neither authenticated nor relayed (try using SMTP-AUTH!)
log_message = Forged Sender address (claims to be local user
[${sender_address}], but isn't authenticated)
!hosts = +relay_from_hosts
!authenticated = *
condition = ${if match_domain{$sender_address_domain}{+local_domains}}

warn message = You cannot be localhost.localdomain in the internet
log_message = HELO is faked as localhost.localdomain
condition = ${if match{$sender_helo_name}{\Nlocalhost\.localdomain\N}}
warn message = X-Invalid-HELO: HELO is IP only (See RFC2821 4.1.3)
log_message = HELO ($sender_helo_name) is IP only (See RFC2821 4.1.3)
condition = ${if isip{$sender_helo_name}}

warn message = X-Invalid-HELO: HELO is no FQDN (contains no
dot) (See RFC2821 4.1.1.1)
log_message = HELO ($sender_helo_name) is no FQDN (contains no
dot) (See RFC2821 4.1.1.1)
condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}

warn message = X-Invalid-HELO: HELO is no FQDN (ends in dot)
(See RFC2821 4.1.1.1)
log_message = HELO ($sender_helo_name) is no FQDN (ends in dot)
(See RFC2821 4.1.1.1)
condition = ${if match{$sender_helo_name}{\N\.$\N}}

warn message = X-Invalid-HELO: HELO is no FQDN (contains double
dot) (See RFC2821 4.1.1.1)
log_message = HELO ($sender_helo_name) is no FQDN (contains double
dot) (See RFC2821 4.1.1.1)
condition = ${if match{$sender_helo_name}{\N\.\.\N}}

warn message = X-Invalid-HELO: Host impersonating [$primary_hostname]
log_message = HELO ($sender_helo_name) impersonating [$primary_hostname]
condition = ${if match{$sender_helo_name}{$primary_hostname}{yes}{no}}

warn message = X-Invalid-HELO: $interface_address is _my_ address
log_message = HELO ($sender_helo_name) uses _my_ address
($interface_address)
condition = ${if or{{\
eq{[$interface_address]}{$sender_helo_name}\
}{\
eq{$interface_address}{$sender_helo_name}\
}}}

warn message = X-Invalid-HELO: no HELO
log_message = no HELO ($sender_helo_name)
condition = ${if !def:sender_helo_name}

deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]

deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

accept local_parts = postmaster
domains = +local_domains

require verify = sender

warn message = X-Sender-Verify: FAILED ($sender_verify_failure)
log_message = Sender ($sender_address) could not be verified using
callout: $acl_verify_message ($sender_verify_failure)
!verify = sender/callout=10s,random

warn message = X-Sender-Verify: SUCCEEDED (sender exists & accepts mail)
verify = sender/callout=10s,random

accept hosts = +relay_from_hosts
control = submission

accept authenticated = *
control = submission/sender_retain/domain=

require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient

accept

acl_check_data:
deny message = $found_extension files are not accepted here
demime = com:exe:vbs:bat:pif:reg:scr

deny message = Serious MIME defect detected ($demime_reason).
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus ($malware_name) and
is rejected.
log_message = rejected VIRUS ($malware_name) from $sender_address
to $recipients (ClamAV)
set acl_m0 = clamd:/var/run/clamav/clamd.sock
condition = ${if < {$message_size}{VIRUS_FILESIZE_LIMIT}}
demime = *
malware = *
deny demime = zip:rar:arj:tar:tgz:gz:bz2
condition = ${run{/etc/exim/scan_archive.sh $message_exim_id
${lc:$found_extension}}{no}{yes}}
message = This message contains an unwanted binary Attachment
in ${uc:$found_extension} file using a double extension
log_message = ${uc:$found_extension} archive contains potential
dangerous double extension.
delay = 15s
warn message = X-Spam-Score: $spam_score\n\
X-Spam-Score-Int: $spam_score_int\n\
X-Spam-Bar: $spam_bar\n\
X-Spam-Report: $spam_report
!authenticated = *
condition = ${if < {$message_size}{SPAM_FILESIZE_LIMIT}}
spam = spamassassin:true
defer message = Temporary error while spam-scanning. Please try again later.
log_message = message temporarily rejected, because of spam-scan
error (maybe timeout)
!authenticated = *
condition = ${if < {$message_size}{SPAM_FILESIZE_LIMIT}}
condition = ${if !def:spam_score}

deny message = This message is classified as UBE (SPAM) and
therefore rejected. You scored $spam_score points. Congratulations!
!authenticated = *
condition = ${if >={$spam_score_int}{${lookup mysql{\
SELECT ((max(spam_threshold)*2+10)*10) AS spam_reject_threshold \
FROM user \
WHERE SMTP_allowed='YES' \
}{$value}{15}}}{true}{false}}
defer message = Your Message will be greylisted! Please try again
in GREYLIST_TIMEOUT seconds.
log_message = message from ${sender_address} over
[${sender_host_address}] will be GreyListed as it scores $spam_score
spam points
!authenticated = *
condition = ${if
={$spam_score_int}{GREYLIST_SPAM_THRESHOLD}{true}{false}}
condition = ${lookup mysql{ \
SELECT MAX(first_seen) \
FROM greylist \
WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
AND SenderAddress = '${quote_mysql:$sender_address}' \
}{false}{true}}
condition = ${lookup mysql{ \
INSERT INTO greylist ( SenderIP, SenderAddress, first_seen ) \
VALUES ( '${quote_mysql:$sender_host_address}',
'${quote_mysql:$sender_address}', UNIX_TIMESTAMP() ) \
}{$value}fail}

warn message = X-GreyList: Message successfully passed
GreyListing after $acl_m0 seconds.
log_message = message from ${sender_address} over
[${sender_host_address}] with HELO ($sender_helo_name) successfully
passed GreyListing after $acl_m0 seconds and scores $spam_score spam
points
!authenticated = *
condition = ${lookup mysql{ \
SELECT MAX(first_seen) \
FROM greylist \
WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
AND SenderAddress = '${quote_mysql:$sender_address}' \
}{true}{false}}
set acl_m0 = ${eval:$tod_epoch-${lookup mysql{ \
SELECT MAX(first_seen) \
FROM greylist \
WHERE SenderIP = '${quote_mysql:$sender_host_address}' \
AND SenderAddress = '${quote_mysql:$sender_address}' \
}{$value}}}


warn message = X-Exim-Version: $version_number (build at $compile_date)\n\
X-Date: $tod_log\n\
X-Connected-IP: $sender_host_address:$sender_host_port

warn message = X-Message-Linecount: $message_linecount\n\
X-Body-Linecount: $body_linecount\n\
X-Message-Size: $message_size\n\
X-Body-Size: $message_body_size

warn log_message = DEBUG load_avgx1000: $load_average spam_score:
$spam_score message_size: $message_size

accept
########################################################################
# 20-routers.conf {
########################################################################
begin routers

dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more

mysql_all_domain_alias:
driver = redirect
domains = +local_domains
local_parts = alle
data = ${lookup mysql{ \
SELECT CONCAT(username,'@',domain) AS sendto \
FROM user \
WHERE domain='${quote_mysql:$domain}' \
AND SMTP_allowed='YES' \
}}
condition = ${if or {{\
def:authenticated_id\
}{\
eq {$sender_host_address}{127.0.0.1}\
}}\
}
file_transport = address_file
pipe_transport = address_pipe
mysql_alias:
driver = redirect
# restriction to local domains only may be a double check, as data
takes care of it already ;-)
domains = +local_domains
file_transport = address_file
pipe_transport = address_pipe
data = ${if or {{\
def:authenticated_id\
}{\
eq {$sender_host_address}{127.0.0.1}\
}}{\
${lookup mysql{ \
SELECT sendto \
FROM alias \
WHERE ( username='${quote_mysql:$local_part}' \
AND (domain='${quote_mysql:$domain}' OR domain='') )}}\
} {\
${lookup mysql{ \
SELECT sendto \
FROM alias \
WHERE ( ( username='${quote_mysql:$local_part}' AND
(domain='${quote_mysql:$domain}' OR domain='') ) \
AND internal='NO' )}}\
}}
local_part_suffix = +*
local_part_suffix_optional


mysql_user_condition:
driver = accept
domains = +local_domains
caseful_local_part = true
condition = ${if and {{\
# existing user
eq {${lookup mysql{ \
SELECT CONCAT(username,'@',domain) AS email \
FROM user \
WHERE username='${quote_mysql:$local_part}' \
AND domain='${quote_mysql:$domain}' \
AND SMTP_allowed='YES' \
}{true}{false}}}{true}\
}{\
# different conditions
or {{\
# suffix contains #before# and date (yyyymmdd) is not yet
#before#yyyymmdd
and {{\
eq {${sg{$local_part_suffix}{^#([^#]+)#[0-9]\{8\}\$}{\$1}}}{before}\
}{\
lt {$tod_logfile}{${sg{$local_part_suffix}{^#[^#]+#([0-9]\{8\})\$}{\$1}}}\
}\
}\
}{\
# suffix contains #fromdomain# and the domain-name of sender
and {{\
eq {${sg{$local_part_suffix}{^#([^#]+)#.*\$}{\$1}}}{fromdomain}\
}{\
eq {$sender_address_domain}{${sg{$local_part_suffix}{^#[^#]+#(.*)\$}{\$1}}}\
}\
}\
}{\
# suffix contains #b64from# and the base64 encoded address of
sender DOES NOT WORK YET!
and {{\
eq {${sg{$local_part_suffix}{^#([^#]+)#.*\$}{\$1}}}{b64from}\
}{\
eq {${str2b64:$sender_address}}{${sg{$local_part_suffix}{^#[^#]+#(.*)\$}{\$1}}}\
}\
}\
}\
}\
}\
}\
}
local_part_suffix = #*
transport = local_mysql_delivery

mysql_user:
driver = accept
# restriction to local domains only may be a double check, as the
condition takes care of it already ;-)
domains = +local_domains
condition = ${lookup mysql{ \
SELECT CONCAT(username,'@',domain) AS email \
FROM user \
WHERE username='${quote_mysql:$local_part}' \
AND domain='${quote_mysql:$domain}' \
AND SMTP_allowed='YES' \
}{true}{false}}
local_part_suffix = +*
local_part_suffix_optional
transport = local_mysql_delivery
no_more

mysql_catchall:
driver = redirect
# restriction to local domains only may be a double check, as data
takes care of it already ;-)
domains = +local_domains
file_transport = address_file
pipe_transport = address_pipe
data = ${lookup mysql{ \
SELECT sendto \
FROM catchall \
WHERE domain='${quote_mysql:$domain}' \
}}

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/mail/aliases}}
file_transport = address_file
pipe_transport = address_pipe

localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
########################################################################
# 30-transports.conf {
########################################################################
begin transports

remote_smtp:
driver = smtp

spamcheck:
driver = pipe
command = /usr/exim/bin/exim -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/vendor_perl/spamc
home_directory = "/tmp"
current_directory = "/tmp"
user = mail
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =

local_delivery:
driver = appendfile
directory = /var/mail/${local_part}/
maildir_format
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660

local_mysql_delivery:
driver = appendfile
directory = /var/mail/${domain}/${local_part}/
maildir_format
delivery_date_add
envelope_to_add
return_path_add
user = mail
group = mail
mode = 0660
headers_remove = Subject : X-Spam-Flag : X-Spam-Score-Int :
X-Spam-Score : X-Spam-Bar : X-Spam-Report
headers_add = "X-Spam-Threshold: ${lookup mysql{ \
SELECT spam_threshold \
FROM user \
WHERE username='${quote_mysql:$local_part}' \
AND domain='${quote_mysql:$domain}' \
AND SMTP_allowed='YES' \
}{$value}{ERROR}}\n\
X-Spam-Score: $header_X-Spam-Score:\n\
X-Spam-Score-Int: $header_X-Spam-Score-Int:\n\
X-Spam-Bar: $header_X-Spam-Bar:\n\
X-Spam-Report: $header_X-Spam-Report:\n\
X-Spam-Flag: ${if def:header_X-Spam-Score-Int:{\
${if >={${eval:${sg{$header_X-Spam-Score-Int:}{^.*\n}{}}}}\
{${lookup mysql{ \
SELECT spam_threshold*10 \
FROM user \
WHERE username='${quote_mysql:$local_part}' \
AND domain='${quote_mysql:$domain}' \
AND SMTP_allowed='YES' \
}{$value}{ERROR}}}{YES}{NO}}\
}{\
UNKNOWN\
}}\n\
Subject: ${if def:header_X-Spam-Score-Int:{\
${if >={${eval:${sg{$header_X-Spam-Score-Int:}{^.*\n}{}}}}\
{${lookup mysql{ \
SELECT spam_threshold*10 \
FROM user \
WHERE username='${quote_mysql:$local_part}' \
AND domain='${quote_mysql:$domain}' \
AND SMTP_allowed='YES' \
}{$value}{ERROR}}}{${lookup mysql{ \
SELECT spam_tag \
FROM user \
WHERE username='${quote_mysql:$local_part}' \
AND domain='${quote_mysql:$domain}' \
AND SMTP_allowed='YES' \
}{$value}{ERROR}}$h_subject:}{$h_subject:}}\
}{$h_subject:}}\n\
X-Delivered-To: $original_local_part@$original_domain
($local_part@$domain)\n\
X-Message-Age: $message_age"
address_pipe:
driver = pipe
return_fail_output
return_path_add
environment = EXTENSION=${substr_1:$local_part_suffix}

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_directory:
driver = appendfile
maildir_format
delivery_date_add
envelope_to_add
return_path_add

address_reply:
driver = autoreply
########################################################################
# 40-retry.conf {
########################################################################
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
########################################################################
# 50-rewrite.conf {
########################################################################
begin rewrite
########################################################################
# 60-authenticators.conf {
########################################################################
begin authenticators

login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_advertise_condition = ${if eq{$tls_cipher}{}{no}{yes}}
server_condition = ${if crypteq {$2}{\{sha1\}${lookup mysql{ \
SELECT password \
FROM user \
WHERE CONCAT(username,'@',domain)='${quote_mysql:$1}' \
AND SMTPAUTH_allowed='YES' \
}}}{yes}{no}}
server_set_id = $1
--
Sincerely,
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Phil Pennock
2011-09-07 18:42:22 UTC
Permalink
Post by Face
2011-09-07 18:07:14 Exim configuration error in line 821 of
error in ACL: unknown ACL condition/modifier in "demime = *"
You built Exim without demime support.

Either build with WITH_OLD_DEMIME=yes in Local/Makefile or remove the
use of demime from your config file.

-Phil
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Moritz Wilhelmy
2011-09-07 18:55:28 UTC
Permalink
Post by Phil Pennock
Post by Face
2011-09-07 18:07:14 Exim configuration error in line 821 of
error in ACL: unknown ACL condition/modifier in "demime = *"
You built Exim without demime support.
Either build with WITH_OLD_DEMIME=yes in Local/Makefile or remove the
use of demime from your config file.
Is there a new demime, given that the old one is deprecated?

Moritz
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Warren Baker
2011-09-08 08:05:22 UTC
Permalink
Post by Moritz Wilhelmy
Is there a new demime, given that the old one is deprecated?
Have a look at http://www.exim.org/exim-html-current/doc/html/spec_html/ch41.html#SECTscanmimepart
which explains the MIME ACL (acl_smtp_mime).



--
.warren
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Face
2011-09-13 03:05:42 UTC
Permalink
Post by Face
Hello all,
I had someone  send spam using my SMTP, therefore i had to change my
configure to stop this. Now I cannot send to gmail.com and i keep
getting this
This message was created automatically by mail delivery software.
A message that you sent could not be delivered to one or more of its
   550-5.7.1 [173.214.173.77       1] Our system has detected an
unusual rate of
   550-5.7.1 unsolicited mail originating from your IP address. To protect our
   550-5.7.1 users from spam, mail sent from your IP address has been blocked.
   550-5.7.1 Please visit
http://www.google.com/mail/help/bulk_mail.html to review
   550 5.7.1 our Bulk Email Senders Guidelines. s9si64275qcy.51
------ This is a copy of the message, including all the headers. ------
Received: from [10.0.1.9]
       by smtp.aldimna.com with esmtp (Exim 4.76)
       id 1QzRQp-0003RX-QE
Date: Fri, 02 Sep 2011 13:57:07 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20110628
Thunderbird/5.0
MIME-Version: 1.0
Subject: Re: ssssss
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
I also checked spamhaus.org and it seem my ip address is not listed.
Any help would be much appreciated.
http://goq8.info/Test/exim.conf.html
Exim version 4.76 uid=0 gid=0 pid=11474 D=fbb95cfd
Berkeley DB: Berkeley DB 5.2.28: (June 10, 2011)
Support for: crypteq iconv() PAM OpenSSL move_frozen_messages
Content_Scanning DKIM
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm
dbmnz mysql sqlite
Authenticators: cram_md5 dovecot plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 4
Compiler: GCC [4.6.1 20110819 (prerelease)]
Library version: OpenSSL: Compile: OpenSSL 1.0.0d 8 Feb 2011
                         Runtime: OpenSSL 1.0.0d 8 Feb 2011
Library version: PCRE: Compile: 8.13
                      Runtime: 8.13 2011-08-16
Total 8 lookups
Library version: MySQL: Compile: 5.5.15 [Source distribution]
                       Runtime: 5.5.15
Library version: SQLite: Compile: 3.7.7.1
                        Runtime: 3.7.7.1
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
changed uid/gid: forcing real = effective
 uid=0 gid=0 pid=11474
 auxiliary group list: <none>
seeking password data for user "root": cache not available
getpwnam() succeeded uid=0 gid=0
configuration file is /etc/mail.d/exim.d/exim.conf
log selectors = 00000ffc 00612001
trusted user
admin user
seeking password data for user "mail": cache not available
getpwnam() succeeded uid=8 gid=12
user name "root" extracted from gecos field "root"
originator: uid=0 gid=0 login=root name=root
Address testing: uid=0 gid=79 euid=0 egid=79
--------> hubbed_hosts router <--------
local_part=falazemi domain=gmail.com
checking domains
expansion of "${if
exists{/etc/mail.d/exim.d/hubbed_hosts}{partial-lsearch;/etc/mail.d/exim.d/hubbed_hosts}fail}"
forced failure: assume not in this list
hubbed_hosts router skipped: domains mismatch
--------> dnslookup_relay_to_domains router <--------
local_part=falazemi domain=gmail.com
checking domains
search_open: mysql "NULL"
search_find: file="NULL"
 key="SELECT domain FROM user WHERE domain='gmail.com' UNION SELECT
domain FROM alias WHERE domain='gmail.com' UNION SELECT domain FROM
catchall WHERE domain='gmail.com'" partial=-1 affix=NULL starflags=0
internal_search_find: file="NULL"
 type=mysql key="SELECT domain FROM user WHERE domain='gmail.com'
UNION SELECT domain FROM alias WHERE domain='gmail.com' UNION SELECT
domain FROM catchall WHERE domain='gmail.com'"
database lookup required for SELECT domain FROM user WHERE
domain='gmail.com' UNION SELECT domain FROM alias WHERE
domain='gmail.com' UNION SELECT domain FROM catchall WHERE
domain='gmail.com'
MySQL query: SELECT domain FROM user WHERE domain='gmail.com' UNION
SELECT domain FROM alias WHERE domain='gmail.com' UNION SELECT domain
FROM catchall WHERE domain='gmail.com'
MYSQL new connection: host=localhost port=0 socket=NULL
database=AlDimnaEmailSystem user=exim
MYSQL: no data found
lookup failed
gmail.com in ""? no (end of list)
gmail.com in "smtp.aldimna.com"? no (end of list)
gmail.com in "! +local_domains : +relay_to_domains"? no (end of list)
dnslookup_relay_to_domains router skipped: domains mismatch
--------> dnslookup router <--------
local_part=falazemi domain=gmail.com
checking domains
search_open: mysql "NULL"
 cached open
search_find: file="NULL"
 key="SELECT domain FROM user WHERE domain='gmail.com' UNION SELECT
domain FROM alias WHERE domain='gmail.com' UNION SELECT domain FROM
catchall WHERE domain='gmail.com'" partial=-1 affix=NULL starflags=0
internal_search_find: file="NULL"
 type=mysql key="SELECT domain FROM user WHERE domain='gmail.com'
UNION SELECT domain FROM alias WHERE domain='gmail.com' UNION SELECT
domain FROM catchall WHERE domain='gmail.com'"
cached data used for lookup of SELECT domain FROM user WHERE
domain='gmail.com' UNION SELECT domain FROM alias WHERE
domain='gmail.com' UNION SELECT domain FROM catchall WHERE
domain='gmail.com'
lookup failed
gmail.com in ""? no (end of list)
gmail.com in "! +local_domains"? yes (end of list)
calling dnslookup router
 domain = gmail.com
DNS lookup of gmail.com (MX) succeeded
DNS lookup of gmail-smtp-in.l.google.com (A) succeeded
74.125.91.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :172.16.0.0/12
: 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no (end of list)
DNS lookup of alt1.gmail-smtp-in.l.google.com (A) succeeded
209.85.143.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16
:172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no
(end of list)
DNS lookup of alt2.gmail-smtp-in.l.google.com (A) succeeded
209.85.229.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16
:172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no
(end of list)
DNS lookup of alt3.gmail-smtp-in.l.google.com (A) succeeded
74.125.77.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :172.16.0.0/12
: 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no (end of list)
DNS lookup of alt4.gmail-smtp-in.l.google.com (A) succeeded
74.125.39.27 in "0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :172.16.0.0/12
: 10.0.0.0/8 : 169.254.0.0/16 :255.255.255.255"? no (end of list)
fully qualified name = gmail.com
 gmail-smtp-in.l.google.com 74.125.91.27 MX=5
 alt1.gmail-smtp-in.l.google.com 209.85.143.27 MX=10
 alt2.gmail-smtp-in.l.google.com 209.85.229.27 MX=20
 alt3.gmail-smtp-in.l.google.com 74.125.77.27 MX=30
 alt4.gmail-smtp-in.l.google.com 74.125.39.27 MX=40
set transport remote_smtp
queued for remote_smtp transport: local_part = falazemi
domain = gmail.com
 errors_to=NULL
 domain_data=NULL localpart_data=NULL
routed by dnslookup router
 transport: remote_smtp
 host gmail-smtp-in.l.google.com [74.125.91.27] MX=5
 host alt1.gmail-smtp-in.l.google.com [209.85.143.27] MX=10
 host alt2.gmail-smtp-in.l.google.com [209.85.229.27] MX=20
 host alt3.gmail-smtp-in.l.google.com [74.125.77.27] MX=30
 host alt4.gmail-smtp-in.l.google.com [74.125.39.27] MX=40
 router = dnslookup, transport = remote_smtp
 host gmail-smtp-in.l.google.com      [74.125.91.27]  MX=5
 host alt1.gmail-smtp-in.l.google.com [209.85.143.27] MX=10
 host alt2.gmail-smtp-in.l.google.com [209.85.229.27] MX=20
 host alt3.gmail-smtp-in.l.google.com [74.125.77.27]  MX=30
 host alt4.gmail-smtp-in.l.google.com [74.125.39.27]  MX=40
search_tidyup called
close MYSQL connection: localhost/AlDimnaEmailSystem/exim
Exim pid=11474 terminating with rc=0 >>>>>>>>>>>>>>>>
--
Sincerely,
Well,

the problem start when i try to use this
(http://struction.de/projects/HOWTO_VirtualMail_Exim-MySQL-Spamassassin-ClamAV-Dovecot/?set_style=clean)
howto. Now things seem to be working OK ,however, i am unable to get
Spamassassin to do what it supposed to do.
I also replace "demime" with "malware" and thing seem to be working.
If anyone could point me to the right direction
would be great.

I attached my exim Configuration file


Any help would be much appreciated.

Continue reading on narkive:
Loading...