Hello ALUG,
I mentioned this on #alug the other day, but I thought I'd just check to see if anyone else has any ideas regarding it - especially as I can go into more detail here.
My mail setup on my server has broken. I'm using Exim's virtual host method to forward mail sent to the server to a couple of different places. In /etc/exim4/virtual I have files for the domains:
/etc/exim4/virtual +- ariada.uea.ac.uk +- sara.uea.ac.uk +- studios.uea.ac.uk
which contain rules like:
admin : richard.lewis@uea.ac.uk * : :fail: Unknown recipient. Please direct general comments to comments@studios.uea.ac.uk
I have the necessary config in 350_exim4-config_vdom_aliases and I have:
domainlist local_domains = @:localhost:dsearch;/etc/exim4/virtual
in 01_exim4-config_listmacrosdefs.
I've configured Exim using dpkg-reconfigure exim4-config answering like this:
1) internet site; mail is sent and received directly using SMTP 2) System mail name: musariada.mus.uea.ac.uk 3) IP-addresses to listen on for incoming SMTP connections: 139.222.208.19 4) Other destinations for which mail is accepted: studios.uea.ac.uk; sara.uea.ac.uk; ariada.uea.ac.uk 5) Domains to relay mail for: none 6) Machines to relay mail for: none 7) Keep number of DNS-queries minimal: no 8) Delivery method for local mail: mbox format in /var/mail/ 9) Split configuration into small files? yes
When I try to send mail to, e.g., events@studios.uea.ac.uk I get the following error in /var/log/exim4/mainlog
2007-10-08 10:07:54 no IP address found for host MAIN_RELAY_NETS (during SMTP connection from mailgate5.uea.ac.uk [139.222.130.185]) 2007-10-08 10:07:54 H=mailgate5.uea.ac.uk [139.222.130.185] F=richardlewis@fastmail.co.uk rejected RCPT events@studios.uea.ac.uk: Unrouteable address
and I get an "undeliverable" message from the UEA mail server (see below).
Does anyone know why my Exim is not forwarding mail correctly? I'm afraid I don't really understand email and consequently I don't know exactly what's wrong here.
When a message is sent to, e.g., events@studios.uea.ac.uk, does it go to some uea.ac.uk server first (mailgate5.uea.ac.uk?) and then does this server attempt to begin an SMTP conversation with my server? If so, is my server engaging with it correctly?
And why is my server rejecting mail? (/Is/ my server rejecting mail?) Is it because it can't forward it to richard.lewis@uea.ac.uk? If not, why not?
When I first set this up (in June, I think) I'm sure it used to work.
Someone on #alug suggested that sending mail to canonical domain names (which studios.uea.ac.uk is) is not a good idea? Could this be the problem? But if it is, why do I see evidence of a connection in my Exim log? Surely if it was not possible to send mail to CNAME domains, it wouldn't even begin a connection?
Any information would be very much appreciated.
Cheers, Richard
Richard Lewis richardlewis@fastmail.co.uk wrote: [...]
2007-10-08 10:07:54 no IP address found for host MAIN_RELAY_NETS (during SMTP connection from mailgate5.uea.ac.uk [139.222.130.185]) 2007-10-08 10:07:54 H=mailgate5.uea.ac.uk [139.222.130.185] F=richardlewis@fastmail.co.uk rejected RCPT events@studios.uea.ac.uk: Unrouteable address
and I get an "undeliverable" message from the UEA mail server (see below).
Does anyone know why my Exim is not forwarding mail correctly?
Not really. Try exim4 -bt events@studios.uea.ac.uk to get better debugging output. If that is right and your SMTP behaviour is wrong, try restarting exim4, to make sure it's using the current config. For comparison, mine says:
R: dnslookup for events@studios.uea.ac.uk events@studios.uea.ac.uk router = dnslookup, transport = remote_smtp host musariada.mus.uea.ac.uk [139.222.208.19]
But musariada.mus.uea.ac.uk doesn't seem to answer port 25. Does UEA block SMTP now? I think I recall struggling with them at various times to keep MTH and STU mailservers running.
When a message is sent to, e.g., events@studios.uea.ac.uk, does it go to some uea.ac.uk server first (mailgate5.uea.ac.uk?) and then does this server attempt to begin an SMTP conversation with my server? [...]
mailgate5.uea.ac.uk is probably your outgoing mail host. If you're sending through musariada.mus.uea.ac.uk, that's probably another indication that the active configuration isn't quite right.
And why is my server rejecting mail? (/Is/ my server rejecting mail?)
Is events in your studios.uea.ac.uk alias file?
Someone on #alug suggested that sending mail to canonical domain names (which studios.uea.ac.uk is) is not a good idea?
It confuses some servers, but musariada.mus.uea.ac.uk doesn't have an MX either, so I doubt it's the problem here.
Hope that helps,
On Monday 08 October 2007 11:05:43 MJ Ray wrote:
Richard Lewis richardlewis@fastmail.co.uk wrote: [...]
Does anyone know why my Exim is not forwarding mail correctly?
Not really. Try exim4 -bt events@studios.uea.ac.uk to get better debugging output. If that is right and your SMTP behaviour is wrong, try restarting exim4, to make sure it's using the current config. For comparison, mine says:
R: dnslookup for events@studios.uea.ac.uk events@studios.uea.ac.uk router = dnslookup, transport = remote_smtp host musariada.mus.uea.ac.uk [139.222.208.19]
OK. I get this:
musariada:/home/richard# exim4 -bt events@studios.uea.ac.uk s.waters@uea.ac.uk is undeliverable: Unrouteable address <-- events@studios.uea.ac.uk
locally and this:
aquila:/home/richard# exim4 -bt events@studios.uea.ac.uk R: nonlocal for events@studios.uea.ac.uk events@studios.uea.ac.uk is undeliverable: Mailing to remote domains not supported
remotely (from my laptop).
But musariada.mus.uea.ac.uk doesn't seem to answer port 25. Does UEA block SMTP now? I think I recall struggling with them at various times to keep MTH and STU mailservers running.
According to netstat musariada is listening on port 25:
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 28457/exim4 tcp6 0 0 :::25 :::* LISTEN 28457/exim4
It could be the case that ITCS have put this port behind their firewall. Does this port need to be open to the outside world? If so, I'll try and psyche myself up to ring them.
When a message is sent to, e.g., events@studios.uea.ac.uk, does it go to some uea.ac.uk server first (mailgate5.uea.ac.uk?) and then does this server attempt to begin an SMTP conversation with my server? [...]
mailgate5.uea.ac.uk is probably your outgoing mail host. If you're sending through musariada.mus.uea.ac.uk, that's probably another indication that the active configuration isn't quite right.
Is events in your studios.uea.ac.uk alias file?
Yes it is. So my virtual host configuration requires that Exim is able to send mail out. Maybe this is what its having trouble with? How would it be able to send mail? Would it need to know the name of an SMTP server?
Hope that helps,
Thanks for your thoughts. So there seem to be two possible problems: either port 25 on musariada is invisible to outsiders, or Exim can't send mail.
Cheers, Richard
On 08-Oct-07 11:06:08, Richard Lewis wrote:
On Monday 08 October 2007 11:05:43 MJ Ray wrote:
Richard Lewis richardlewis@fastmail.co.uk wrote: [...]
Does anyone know why my Exim is not forwarding mail correctly?
Not really. Try exim4 -bt events@studios.uea.ac.uk to get better debugging output. If that is right and your SMTP behaviour is wrong, try restarting exim4, to make sure it's using the current config. For comparison, mine says:
R: dnslookup for events@studios.uea.ac.uk events@studios.uea.ac.uk router = dnslookup, transport = remote_smtp host musariada.mus.uea.ac.uk [139.222.208.19]
OK. I get this:
musariada:/home/richard# exim4 -bt events@studios.uea.ac.uk s.waters@uea.ac.uk is undeliverable: Unrouteable address <-- events@studios.uea.ac.uk
locally and this:
aquila:/home/richard# exim4 -bt events@studios.uea.ac.uk R: nonlocal for events@studios.uea.ac.uk events@studios.uea.ac.uk is undeliverable: Mailing to remote domains not supported
remotely (from my laptop).
You may be interested in this (transcript of SMTP chat to the UEA's mailgate5):
telnet mailgate5.uea.ac.uk 25 Trying 139.222.130.185... Connected to mailgate5.uea.ac.uk. Escape character is '^]'. 220 mailgate5.uea.ac.uk ESMTP Exim 4.50 Mon, 08 Oct 2007 11:10:40 +0100 EHLO 88-96-44-206.dsl.zen.co.uk 250-mailgate5.uea.ac.uk Hello 88-96-44-206.dsl.zen.co.uk [88.96.44.206] 250-SIZE 10485760 250-PIPELINING 250 HELP mail from: ted.harding@manchester.ac.uk 250 OK rcpt to: events@studios.uea.ac.uk 550 relay not permitted quit
Similar result with "rcpt to: richardlewis@fastmail.co.uk".
This is not definitive, since my 88-96-44-206.dsl.zen.co.uk is a personally-assigned fixed IP address for my ADSL service, and a lot of mailservers are configured to reject such connections unless it's for internal delivery (end even then may only accept from approved hosts).
But is suggests one of two possibilities:
A) The machine your exim connects from is not approved for SMTP transactions with UEA (as determined from its HELO of by reverse loopup) B) Your email destinations studios.uea.ac.uk and fastmail.co.uk are not within what UEa is prepared to route mail to (i.e. "relay").
Just thoughts -- without seeing a full SMTP dialogue one can't tell just why (and where) it fell over, and you didn't get that in the exim logs.
But it may carry a clue. Best wishes, Ted.
But musariada.mus.uea.ac.uk doesn't seem to answer port 25. Does UEA block SMTP now? I think I recall struggling with them at various times to keep MTH and STU mailservers running.
According to netstat musariada is listening on port 25:
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 28457/exim4 tcp6 0 0 :::25 :::* LISTEN 28457/exim4
It could be the case that ITCS have put this port behind their firewall. Does this port need to be open to the outside world? If so, I'll try and psyche myself up to ring them.
When a message is sent to, e.g., events@studios.uea.ac.uk, does it go to some uea.ac.uk server first (mailgate5.uea.ac.uk?) and then does this server attempt to begin an SMTP conversation with my server? [...]
mailgate5.uea.ac.uk is probably your outgoing mail host. If you're sending through musariada.mus.uea.ac.uk, that's probably another indication that the active configuration isn't quite right.
Is events in your studios.uea.ac.uk alias file?
Yes it is. So my virtual host configuration requires that Exim is able to send mail out. Maybe this is what its having trouble with? How would it be able to send mail? Would it need to know the name of an SMTP server?
Hope that helps,
Thanks for your thoughts. So there seem to be two possible problems: either port 25 on musariada is invisible to outsiders, or Exim can't send mail.
Cheers, Richard
-------------------------------------------------------------------- E-Mail: (Ted Harding) ted.harding@nessie.mcc.ac.uk Fax-to-email: +44 (0)870 094 0861 Date: 08-Oct-07 Time: 13:10:33 ------------------------------ XFMail ------------------------------
On Monday 08 October 2007 13:10:40 Ted Harding wrote:
On 08-Oct-07 11:06:08, Richard Lewis wrote:
musariada:/home/richard# exim4 -bt events@studios.uea.ac.uk s.waters@uea.ac.uk is undeliverable: Unrouteable address <-- events@studios.uea.ac.uk
locally
You may be interested in this (transcript of SMTP chat to the UEA's mailgate5):
telnet mailgate5.uea.ac.uk 25 Trying 139.222.130.185... Connected to mailgate5.uea.ac.uk. Escape character is '^]'. 220 mailgate5.uea.ac.uk ESMTP Exim 4.50 Mon, 08 Oct 2007 11:10:40 +0100 EHLO 88-96-44-206.dsl.zen.co.uk 250-mailgate5.uea.ac.uk Hello 88-96-44-206.dsl.zen.co.uk [88.96.44.206] 250-SIZE 10485760 250-PIPELINING 250 HELP mail from: ted.harding@manchester.ac.uk 250 OK rcpt to: events@studios.uea.ac.uk 550 relay not permitted quit
Similar result with "rcpt to: richardlewis@fastmail.co.uk".
This is not definitive, since my 88-96-44-206.dsl.zen.co.uk is a personally-assigned fixed IP address for my ADSL service, and a lot of mailservers are configured to reject such connections unless it's for internal delivery (end even then may only accept from approved hosts).
But is suggests one of two possibilities:
A) The machine your exim connects from is not approved for SMTP transactions with UEA (as determined from its HELO of by reverse loopup) B) Your email destinations studios.uea.ac.uk and fastmail.co.uk are not within what UEa is prepared to route mail to (i.e. "relay").
I'm hoping that this may be a symptom of port 25 being inaccessible to outsiders as, when I try this from a host on the UEA network, I can get all the way to sending a message (which then gets bounced in the manner I described in my initial post). However, if I try it logged into a host elsewhere, I get the same result as you.
Thanks for having a look.
Cheers, Richard
Richard Lewis richardlewis@fastmail.co.uk wrote:
musariada:/home/richard# exim4 -bt events@studios.uea.ac.uk s.waters@uea.ac.uk is undeliverable: Unrouteable address <-- events@studios.uea.ac.uk
musariada doesn't seem to know how to deliver events@studios.uea.ac.uk - that is your first problem to solve. See if you can find a reason why it's undeliverable. Try host -t mx uea.ac.uk from musariada, for example.
It's a bit disappointing that your exim configuration doesn't seem to output Router status messages and so on. Makes it harder to debug. Try adding -d or other verbose options from your man exim4 page.
aquila:/home/richard# exim4 -bt events@studios.uea.ac.uk R: nonlocal for events@studios.uea.ac.uk events@studios.uea.ac.uk is undeliverable: Mailing to remote domains not supported remotely (from my laptop).
So, your laptop doesn't seem to be configured for sending email.
[...]
It could be the case that ITCS have put this port behind their firewall. Does this port need to be open to the outside world? If so, I'll try and psyche myself up to ring them.
If you want the outside world to be able to send you email @studios.uea.ac.uk then port 25 on a mailserver for that domain needs to be open to the outside world.
When a message is sent to, e.g., events@studios.uea.ac.uk, does it go to some uea.ac.uk server first (mailgate5.uea.ac.uk?) and then does this server attempt to begin an SMTP conversation with my server? [...]
mailgate5.uea.ac.uk is probably your outgoing mail host. If you're sending through musariada.mus.uea.ac.uk, that's probably another indication that the active configuration isn't quite right.
Is events in your studios.uea.ac.uk alias file?
Yes it is. So my virtual host configuration requires that Exim is able to send mail out. Maybe this is what its having trouble with?
I don't understand what you mean. If you are sending from musariada to an address @studios.uea.ac.uk, then Exim on musariada should realise that it *is* studios.uea.ac.uk and process the email itself (by changing the destination address as in the aliases). Instead, it seems to be sending it to mailgate5, which then tries to send it back to studios.uea.ac.uk, which refuses it, generating the error.
How would it be able to send mail? Would it need to know the name of an SMTP server?
Yes, but it should be able to work that out from DNS.
Thanks for your thoughts. So there seem to be two possible problems: either port 25 on musariada is invisible to outsiders, or Exim can't send mail.
More that Exim isn't handling mail for studios.uea.ac.uk.
Hope that helps,
On Monday 08 October 2007 13:38:43 MJ Ray wrote:
Richard Lewis richardlewis@fastmail.co.uk wrote:
musariada:/home/richard# exim4 -bt events@studios.uea.ac.uk s.waters@uea.ac.uk is undeliverable: Unrouteable address <-- events@studios.uea.ac.uk
musariada doesn't seem to know how to deliver events@studios.uea.ac.uk - that is your first problem to solve. See if you can find a reason why it's undeliverable. Try host -t mx uea.ac.uk from musariada, for example.
It says:
musariada:/home/richard# host -t mx uea.ac.uk uea.ac.uk MX 10 mailgate5.uea.ac.uk uea.ac.uk MX 5 mailgate6.uea.ac.uk
It's a bit disappointing that your exim configuration doesn't seem to output Router status messages and so on. Makes it harder to debug. Try adding -d or other verbose options from your man exim4 page.
Cool. So it gets as far as deciding that the message for events@studios.uea.ac.uk should be forwarded to s.waters@uea.ac.uk. This is expected.
Then it does this:
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Considering s.waters@uea.ac.uk
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
routing s.waters@uea.ac.uk --------> hubbed_hosts router <-------- local_part=s.waters domain=uea.ac.uk checking domains expansion of "${if exists{/etc/exim4/hubbed_hosts} {partial-lsearch;/etc/exim4/hubbed_hosts}fail}" forced failure: assume not in this list hubbed_hosts router skipped: domains mismatch --------> lowuid_aliases router <-------- local_part=s.waters domain=uea.ac.uk checking domains search_open: dsearch "/etc/exim4/virtual" cached open search_find: file="/etc/exim4/virtual" key="uea.ac.uk" partial=-1 affix=NULL starflags=0 LRU list: 4/etc/exim4/virtual :/etc/exim4/virtual/studios.uea.ac.uk End internal_search_find: file="/etc/exim4/virtual" type=dsearch key="uea.ac.uk" file lookup required for uea.ac.uk in /etc/exim4/virtual lookup failed uea.ac.uk in "@:localhost:dsearch;/etc/exim4/virtual"? no (end of list) uea.ac.uk in "+local_domains"? no (end of list) lowuid_aliases router skipped: domains mismatch
and it continues, I think, trying several different methods to find a route to uea.ac.uk, but eventually fails.
--------> real_local router <-------- --------> vdom_aliases router <-------- --------> system_aliases router <-------- --------> userforward router <-------- --------> procmail router <-------- --------> maildrop router <-------- --------> local_user router <-------- --------> mail4root router <-------- local_part=s.waters domain=uea.ac.uk checking domains cached no match for +local_domains cached lookup data = NULL uea.ac.uk in "+local_domains"? no (end of list) mail4root router skipped: domains mismatch no more routers s.waters@uea.ac.uk is undeliverable: Unrouteable address <-- events@studios.uea.ac.uk search_tidyup called
>>>>>>>>>> Exim pid=29051 terminating with rc=2 >>>>>>>>>>
dnslookup seems to be missing even though earlier on in the debugging output it says:
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
If it /did/ try to use the dnslookup router, would it be likely to succeed? It seems to be configured in 200_exim4-config_primary like this:
dnslookup: debug_print = "R: dnslookup for $local_part@$domain" driver = dnslookup domains = ! +local_domains transport = remote_smtp same_domain_copy_routing = yes # ignore private rfc1918 and APIPA addresses ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\ 172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\ 255.255.255.255 no_more
It could be the case that ITCS have put this port behind their firewall. Does this port need to be open to the outside world? If so, I'll try and psyche myself up to ring them.
If you want the outside world to be able to send you email @studios.uea.ac.uk then port 25 on a mailserver for that domain needs to be open to the outside world.
Is events in your studios.uea.ac.uk alias file?
Yes it is. So my virtual host configuration requires that Exim is able to send mail out. Maybe this is what its having trouble with?
I don't understand what you mean.
When I said "send mail out" I meant forwarding it.
How would it be able to send mail? Would it need to know the name of an SMTP server?
Yes, but it should be able to work that out from DNS.
Thanks for your thoughts. So there seem to be two possible problems: either port 25 on musariada is invisible to outsiders, or Exim can't send mail.
More that Exim isn't handling mail for studios.uea.ac.uk.
So, it seems that the problem, as your comments suggest, is that Exim can't find a route to uea.ac.uk. Maybe if I can find a way to make it use the dnslookup router it might work.
Cheers, Richard
On Monday 08 October 2007 14:47:51 Richard Lewis wrote:
So, it seems that the problem, as your comments suggest, is that Exim can't find a route to uea.ac.uk. Maybe if I can find a way to make it use the dnslookup router it might work.
And the solution, it turns out, is to do this:
send_to_gateway: debug_print = "R: send_to_gateway for $local_part@$domain" driver = manualroute domains = ! +local_domains transport = remote_smtp route_list = * mailgate5.uea.ac.uk no_more
in router/200_exim4-config_primary.
Importantly, its outside the .ifdef DCconfig_internet block.
I don't know how robust it is, but it seems to work at least superficially. Now I just need to get ITCS to open up port 25 for me. :-\
Thanks for all the useful comments!
Cheers, Richard
-
MJ Ray -
Richard Lewis -
ted.harding@nessie.mcc.ac.uk