Relay permission problem with exim4

Corey Edwards tensai at zmonkey.org
Wed Sep 21 09:33:19 MDT 2005


On Wed, 2005-09-21 at 07:04 -0600, Dave Smith wrote:
> Pluggers,
> 
> I've got exim4 working wonderfully with dovecot on my Linode, with one 
> problem. When authenticating and sending email from my home computer 
> (Thunderbird), I keep getting the good ol' "relaying not permitted" 
> error, even though I have this line in my /etc/exim4/exim4.conf.template:
> 
>    accept
>      authenticated = *
> 
> I don't get it. If I remove this deny line below:
> 
>    deny
>      message = relay not permitted
> 
> Then, all is well, but of course, this would make me an open relay. Any 
> ideas how I can fix this?

Can you post your entire rcpt acl, and the list of relay hosts?

For reference, here's mine:

        hostlist relay_hosts = 199.104.112.184/29 : \
            127.0.0.1 : \
            ::::1
        hostlist auth_relay_hosts = *

        acl_check_rcpt:
          # Exim 3 had no checking on -bs messages, so for compatibility
          # we accept if the source is local SMTP (i.e. not over TCP/IP).
          # We do this by testing for an empty sending host field.
          accept  hosts = :
                  set acl_m0 = do-not-scan
          deny    message = you villainous scum
                  hosts = !/etc/exim4/whitelist_ips:/etc/exim4/blacklist_ips
          deny    message = host is listed in $dnslist_domain
                  dnslists = sbl-xbl.spamhaus.org
          deny    senders = /etc/exim4/blacklist_domains
          deny    message = unrouteable sender
                  !verify = sender
          deny    message = unrouteable address
                  !verify = recipient
          deny    !acl = acl_friends
          warn    message = X-outside-us: 1
                  hosts = !/etc/exim4/whitelist_ips:/etc/exim4/greylist_outside_us
          warn    message = X-no-spam-checking: 1
                  hosts = /etc/exim4/whitelist_nospam
                  set acl_m0 = do-not-scan
          accept  hosts = +relay_hosts
          accept  domains = +local_domains
          accept  hosts = +auth_relay_hosts
                  endpass
                  message = authentication required
                  authenticated = *
          deny    message = relay not permitted
        
I'm still not 100% sure what the "endpass" directive does. The exim 3
upgrade script tossed it in there for me. 

Corey

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://plug.org/pipermail/plug/attachments/20050921/0bdf2c30/attachment.bin 


More information about the PLUG mailing list