Mailing List Archive: exim: users

Strange empty return_path variable.

Index | Next | Previous | View Threaded

liste-exim-2008 at ingescom

Mar 3, 2010, 10:58 AM

Post #1 of 3 (475 views)
Permalink

Strange empty return_path variable.

Hello there,

I've past a day searching what could be wrong with my return_path variable :

At the end of my data_acl, I've got this code :

warn log_message = STAUS DKIM : $dkim_verify_status $dkim_cur_signer
$dkim_verify_reason

# accept otherwise
#headers_add = ${if eq{$return_path}{}{}{X-bounce-key:
BOUNCE_ID;${lc:$return_path};$tod_epoch;${length_8:${md5:BOUNCE_ID;${lc:$return_path};$tod_epoch;BOUNCE_SECRET}};}}

warn log_message =
add_header = :after_received:${if eq{$return_path}{}{}{X-bounce-key:
BOUNCE_ID;${lc:$return_path};$tod_epoch;${length_8:${md5:BOUNCE_ID;${lc:$return_path};$tod_epoch;BOUNCE_SECRET}};}}
accept

It puts a header for backscatter verification. Instead of getting this :
X-bounce-key: XXXXXX.com-1;toto [at] foo;1267641467;40828014;

I get that :

X-ACL-Warn:

On my test-server it's ok with my exim4.conf.template but the same code
doesn't work on the production one, because it seems that $return_path
is empty.
I've taken my conf from test to production and it works !

This is the diff of the two files, can you see why return_path is empty
with one file and not with the other ?

lenny:/etc/exim4# diff exim4.conf.template exim4.conf.template_bad
38c38
< primary_hostname = backup.XXXXXX.com
---
> primary_hostname = serveur.XXXXXX.com
60c60
< # id $message_exim_id
---
> # id $message_exim_id
78c78
< # Just for reference and scripts.
---
> # Just for reference and scripts.
158a159
> #MAIN_LOG_SELECTOR = +tls_peerdn +received_recipients +rejected_header
204c205
< ### SAM 01.03.2010
---
> ### SAM 01.03.2010
286c287
< #rfc1413_hosts = *
---
> # rfc1413_hosts = *
585a587,589
> ### SAM 03.03.2010
> # !acl = acl_local_deny_exceptions
> ###
614c618
< #
---
> #
654a659
> log_message = Too many bad recipients
${eval:($rcpt_fail_count+1)} out of $rcpt_count
661,664c666,669
< ### SAM 15.11.2009 Warn insert sql for unknown recipients
< warn
< !verify = recipient
< continue = ${lookup mysql{INSERT INTO black_ip (ip,last_conn)
values('$sender_host_address','$tod_log') on duplicate key update
last_conn='$tod_log';}}
---
> #### SAM 15.11.2009 Warn insert sql for unknown recipients
> # warn
> # !verify = recipient
> # continue = ${lookup mysql{INSERT INTO black_ip (ip,last_conn)
values('$sender_host_address','$tod_log') on duplicate key update
last_conn='$tod_log';}}
679a685,689
> # SAM 17.10.2009
> deny
> message = Bounce vers plusieurs destinataires impossible
> senders = : postmaster@*
> condition = $recipients_count
791,794c801,804
< #deny message = Filtre-Ingescom : Invalid sender / expediteur usurpe
< # !authenticated = *
< # !senders = :
< # sender_domains = +local_domains
---
> deny message = Filtre-Ingescom : Invalid sender / expediteur usurpe
> !authenticated = *
> !senders = :
> sender_domains = +local_domains
1065c1075
< condition = $recipients_count
---
> condition = $recipients_count
1070a1081,1088
> ### SAM 14.11.2009
> # deny
> # message = Too many bad recipients ${eval:$rcpt_fail_count}
out of $rcpt_count
> #condition = ${if > {${eval:$rcpt_fail_count}}{1} {yes}{no}}
> # condition = ${if >{$rcpt_fail_count}{1} {yes}{no}}
> #delay = 3m
> ###
>
1085,1086c1103,1104
< deny message = Your email $sender_host_address must be sent from a
valid server
< log_message = Rejected for invalid DKIM : $dkim_verify_status
$dkim_cur_signer $dkim_verify_reason
---
> deny message = Your email $sender_host_address must be sent from a
valid server
> log_message = Rejected for invalid DKIM : $dkim_verify_status
$dkim_cur_signer $dkim_verify_reason
1126,1127c1144,1145
< deny senders = :
< condition = ${if ! eq{$recipients_count}{1}{1}}
---
> deny senders = :
> condition = ${if ! eq{$recipients_count}{1}{1}}
1130,1137c1148,1155
< deny senders = :
< ! condition = ${if match \
< {$message_body $message_body_end} \
<
{[xX]-bounce-key:\\s*BOUNCE_ID;${rxquote:${lc:$recipients}};(\\d+);(\\w+)} \
< {${if eq {$2} \
<
{${length_8:${md5:BOUNCE_ID;${lc:$recipients};$1;BOUNCE_SECRET}}} \
< {${if <{${sg{${eval:$tod_epoch-$1}}{-}{}}}{864000}{1}}}}}}
< message = Bounce does not contain a valid X-bounce-key signature
---
> deny senders = :
> ! condition = ${if match \
> {$message_body $message_body_end} \
>
{[xX]-bounce-key:\\s*BOUNCE_ID;${rxquote:${lc:$recipients}};(\\d+);(\\w+)} \
> {${if eq {$2} \
>
{${length_8:${md5:BOUNCE_ID;${lc:$recipients};$1;BOUNCE_SECRET}}} \
> {${if
<{${sg{${eval:$tod_epoch-$1}}{-}{}}}{864000}{1}}}}}}
> message = Bounce does not contain a valid X-bounce-key signature
1170c1188
< #
---
> #
1357c1375
< condition = ${if >={$spam_score_int}{120}{1}{0}}
---
> condition = ${if >={$spam_score_int}{140}{1}{0}}
1362c1380
< ### SAM 01.10.2009 un seul destinataire config spamassassin
utilisateur destinataire
---
> ### SAM 01.10.2009 un seul destinataire config spamassassin
utilisateur destinataire
1367c1385
< condition = ${if >={$spam_score_int}{120}{1}{0}}
---
> condition = ${if >={$spam_score_int}{140}{1}{0}}
1403a1422
> !authenticated = *
1409c1428,1429
< spam = Debian-exim
---
> !authenticated = *
> spam = Debian-exim
1415a1436
> !authenticated = *
1424,1427c1445
<
< ###
<
< warn log_message = return path = $return_path STAUS DKIM :
$dkim_verify_status $dkim_cur_signer $dkim_verify_reason
---
> warn log_message = return = $return_path STATUS DKIM :
$dkim_verify_status $dkim_cur_signer $dkim_verify_reason
1434a1453
>

Thanks all a lot.
Sam.

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

liste-exim-2008 at ingescom

Mar 4, 2010, 12:51 AM

Post #2 of 3 (451 views)
Permalink

Re: Strange empty return_path variable. [In reply to]

Hello and thanks to trying help me.

The config is :
Debian-Lenny with custom kernel 2.6.32.8-Grsec
Exim : 4.71-2~bpo50+1 (from backports to have full DKIM stable function)
Dual config : exim1 (queue only) --> mailscanner --> exim outgoing

This is my input buggy full config :

http://pastebin.com/E4ESMkye

It runs quite good except for the empty return_path variable at the end
of data _acl ONLY FROM THE LAN (when I try from outside, return_path is
non-null and my code is working :

warn log_message =
add_header = :after_received:${if eq{$return_path}{}{}{X-bounce-key:
BOUNCE_ID;${lc:$return_path};$tod_epoch;${length_8:${md5:BOUNCE_ID;${lc:$return_path};$tod_epoch;BOUNCE_SECRET}};}}

The bogus spirit efect is that if I remove this quote, it works and
return_path is not empty even from Lan !!! :

# warn
# !verify = recipient
# continue = ${lookup mysql{INSERT INTO black_ip (ip,last_conn)
values('$sender_host_address','$tod_log') on duplicate key update
last_conn='$tod_log';}}

That's why I think my config is buggy somewhere.

Please help me I become crazy.

Thanks a lot.
Sam.

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

liste-exim-2008 at ingescom

Mar 4, 2010, 1:43 AM

Post #3 of 3 (454 views)
Permalink

Re: Strange empty return_path variable. [In reply to]

To be fully clear, this is my check_data_local_acl_file (perharps the
bug is inside):

lenny:/etc/exim4# cat check_data_local_acl_file
deny
message = Filtre-data-titre : This email look like Spam : blacklist
subject
!authenticated = *
# condition = ${if eq{$header_subject:}{The Ultimate Online
Pharmaceutical}{yes}{no}}
condition = ${if !match{$recipients:}{\Nliste-.*@XXXXXXX.com\N}{yes}{no}}
condition = ${if !match{$recipients:}{postmaster}{yes}{no}}
condition =
${lookup{$header_subject:}lsearch{/etc/exim4/acl_subject}{yes}{no}}
#
deny
message = Filtre-data-contenu : This email look like Spam : blacklist
domain
condition = ${if
!match{$recipients:}{\Nliste-.*@XXXXXXXXXX.com\N}{yes}{no}}
condition = ${if !match{$recipients:}{postmaster}{yes}{no}}
!authenticated = *
condition =
${lookup{$message_body:}nwildlsearch{/etc/exim4/acl_body}{yes}{no}}
#
deny
message = Filtre-data-header_received : This email look like Spam
condition = ${if
!match{$recipients:}{\Nliste-.*@XXXXXXXXXXX.com\N}{yes}{no}}
condition = ${if !match{$recipients:}{postmaster}{yes}{no}}
!authenticated = *
#condition = ${if match{$h_Received:}{\Nproacti5.net\N}{yes}{no}}
condition = ${if
forany{${readfile{/etc/exim4/acl_header_received}{:}}}{match{$h_Received:}{$item}}}

Thanks.
Sam

Le 04/03/2010 09:51, Sam a �crit :
> Hello and thanks to trying help me.
>
> The config is :
> Debian-Lenny with custom kernel 2.6.32.8-Grsec
> Exim : 4.71-2~bpo50+1 (from backports to have full DKIM stable function)
> Dual config : exim1 (queue only) --> mailscanner --> exim outgoing
>
> This is my input buggy full config :
>
> http://pastebin.com/E4ESMkye
>
> It runs quite good except for the empty return_path variable at the end
> of data _acl ONLY FROM THE LAN (when I try from outside, return_path is
> non-null and my code is working :
>
> warn log_message =
> add_header = :after_received:${if eq{$return_path}{}{}{X-bounce-key:
> BOUNCE_ID;${lc:$return_path};$tod_epoch;${length_8:${md5:BOUNCE_ID;${lc:$return_path};$tod_epoch;BOUNCE_SECRET}};}}
>
> The bogus spirit efect is that if I remove this quote, it works and
> return_path is not empty even from Lan !!! :
>
> # warn
> # !verify = recipient
> # continue = ${lookup mysql{INSERT INTO black_ip (ip,last_conn)
> values('$sender_host_address','$tod_log') on duplicate key update
> last_conn='$tod_log';}}
>
> That's why I think my config is buggy somewhere.
>
> Please help me I become crazy.
>
> Thanks a lot.
> Sam.
>
>
>

--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads