[Pkg-exim4-users] exim4, gmail and 550-5.7.1

Discussion:

Robert Steinmetz AIA

2015-12-14 22:22:00 UTC

I run two mail servers one postfix and the other exim4, both on Ubuntu.

Any email to a gmail server is rejected with a 550-5.7.1 error,
basically requiring a ipv6 ptr record.

I have known about this problem for a while but used other workarounds.
Recently we have seen more and more people hosting their email on gmail
using this own domains. So I decided it was time to solve the problem
permanently. Unfortunately our IP addresses are provided by our ISPs and
they don't provide ipv6 ptr records.

I solved it with the postfix server by setting up a list of domains to
be to ipv4 only. That works well and is easy to add more domains as I
discover them

Is there a comparable method for exim4? Or some other way of overcoming
the problem? I have Goggled around and the postfix answers came up
pretty easily, I've found very little on exim4.

I did find this web page:

https://github.com/Exim/exim/wiki/How-to-force-IPv4-connections-for-specific-domains-if-IPv6-is-enabled

But I'm not sure how to implement it. I can certainly add a Router and
Transport to the appropriate directory, but where should the domain list
go under conf.d?

Martin Reising

2015-12-15 19:28:51 UTC

Permalink

Domainlists are a rather common element of exim configuration, so
chances are high that there is already a domainlist in the default
configuration.

manual routing via /etc/exim4/hubbed_hosts containing

domain.net: IPv4

isn't a valid option?

Robert Steinmetz

2015-12-16 22:33:19 UTC

Permalink

Post by Robert Steinmetz AIA
I solved it with the postfix server by setting up a list of domains
to be to ipv4 only. That works well and is easy to add more domains
as I discover them

The correct way to fix this would be to tell your ISP to fix their
IPv6, not by turning it off.

Unfortunately I have two ISPs at different sites and they both
exhibit the same problem. As for having them fix it I don't have
much hope. They have told me to use their smtp servers, which I have
set up for my users but there are other limitations on their servers which make
that less than optimal.

Post by Robert Steinmetz AIA
https://github.com/Exim/exim/wiki/How-to-force-IPv4-connections-for-specific-domains-if-IPv6-is-enabled
But I'm not sure how to implement it. I can certainly add a Router
and Transport to the appropriate directory, but where should the
domain list go under conf.d?

Domainlists are a rather common element of exim configuration, so
chances are high that there is already a domainlist in the default
/etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs
and neatly answers your question that a domainlist needs to be in the
"main" part of configuration.

Great. I did grep the main configuration files and the only domain
lists I found were:

***@thelma:/etc/exim4/conf.d/main# grep domainlist *
01_exim4-config_listmacrosdefs:domainlist local_domains = MAIN_LOCAL_DOMAINS
01_exim4-config_listmacrosdefs:domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS

I would recommend putting domainlist, transport and router in their
own files. The only directory where order matters is routers, so you
can arbitrarily choose your file names in main and transports. It is
important that your router is earlier than our remote_smtp router so
that it can take precedence.
Feel free to open a wishlist bug against exim4-config, I think it
might be helpful to offer this mechanismn in the package, offering a
file containing a list of target domains that are delivered via IPv4
only.
Greetings
Marc

Based on the github page I found

I propose adding a new files in main

05_ipv4_force_domains

Containing:

domainlist ipv4_force_domains = \
gmail.com : \
googlemail.com : \
virgin.net : \
linkedin.com : \
virginmedia.com

Greping router for remote_smtp

I get

100_exim4-config_domain_literal: transport = remote_smtp
150_exim4-config_hubbed_hosts: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp_smarthost
500_exim4-config_hubuser: transport = remote_smtp_smarthost

So I propose adding a new file to router called

050_exim4_config_ipv4_only.

Containing

ipv4_only:
driver = dnslookup
domains = +ipv4_force_domains
transport = ipv4_smtp
ignore_target_hosts = <; 0::0/0|

Finally adding a file in transports

50_exim4_config_ipv4_only_transport:

I'm a little puzzled by the one in the example.

ipv4_smtp:
driver = smtp
dkim domain = mydomain.co.uk
dkim_selector = x
dkim_private_key = /usr/exim/dkim.private.key
dkim_canon = relaxed
interface = <my.v4.ip.address>|

Why can't I simply use the existing smtp remote_smtp transport with
the some relatively simple edits? This example contains a directive
that limits it to using ipv4 by specifying the interface using an
ipv4 address. Seems like somewhere should be a directive like
disable_ipv6 = true or dns_ipv4_lookup = *

I also wonder if these dkim statements conflict with the rest of the
basic debian configuration.

--
Rob

Robert Steinmetz

2015-12-18 16:09:28 UTC

Permalink

Based on the link I listed in my first post I have come up with a
potential solution:

Can anyone comment on whether it should work or not?

I propose adding a new files in /etc/exim4/conf.d/main

05_ipv4_force_domains

Containing:

domainlist ipv4_force_domains = \
gmail.com : \
googlemail.com : \
virgin.net : \
linkedin.com : \
virginmedia.com

Greping router for remote_smtp

I get

100_exim4-config_domain_literal: transport = remote_smtp
150_exim4-config_hubbed_hosts: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp_smarthost
500_exim4-config_hubuser: transport = remote_smtp_smarthost

So I propose adding a new file to /etc/exim4/conf.d/router called

050_exim4_config_ipv4_only.

Containing

ipv4_only:
driver = dnslookup
domains = +ipv4_force_domains
transport = ipv4_smtp
ignore_target_hosts = <; 0::0/0|

Finally adding a file in /etc/exim4/conf.d/transports

50_exim4_config_ipv4_only_transport:

I'm a little puzzled by the one in the example.

ipv4_smtp:
driver = smtp
dkim domain = mydomain.co.uk
dkim_selector = x
dkim_private_key = /usr/exim/dkim.private.key
dkim_canon = relaxed
interface = <my.v4.ip.address>|

Why can't I simply use the existing smtp remote_smtp transport with
the some relatively simple edits? This example contains a directive
that limits it to using ipv4 by specifying the interface using an
ipv4 address. Seems like somewhere should be a directive like
disable_ipv6 = true or dns_ipv4_lookup = *

I also wonder if these dkim statements conflict with the rest of the
basic debian configuration.

Robert Steinmetz AIA

2015-12-21 20:13:26 UTC

Permalink

Pretty much, but since I didn't get any responses I thought I'd try again.

Isn't this basically the same message you already sent three days ago?
Greetings
Marc

Subject: Re: [Pkg-exim4-users] exim4, gmail and 550-5.7.1
Date: Fri, 18 Dec 2015 11:09:28 -0500
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:42.0) Gecko/20100101
Firefox/42.0 SeaMonkey/2.39
List-Id: "User-level discussion and support for the Debian packages."
<pkg-exim4-users.lists.alioth.debian.org>
X-Spam-Score: (-) -1.9
X-Spam-Report: torres.zugschlus.de Content analysis details: (-1.9
points, 5.0 required) pts rule name description ----
---------------------- ------------------------------------------- -0.0
T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
domain -1.9 BAYES_00 BODY: Bayes
spam probability is 0 to 1% [score: 0.0000]
Based on the link I listed in my first post I have come up with a
Can anyone comment on whether it should work or not?
I propose adding a new files in /etc/exim4/conf.d/main
05_ipv4_force_domains
domainlist ipv4_force_domains = \
gmail.com : \
googlemail.com : \
virgin.net : \
linkedin.com : \
virginmedia.com
Greping router for remote_smtp
I get
100_exim4-config_domain_literal: transport = remote_smtp
150_exim4-config_hubbed_hosts: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp
200_exim4-config_primary: transport = remote_smtp_smarthost
500_exim4-config_hubuser: transport = remote_smtp_smarthost
So I propose adding a new file to /etc/exim4/conf.d/router called
050_exim4_config_ipv4_only.
Containing
driver = dnslookup
domains = +ipv4_force_domains
transport = ipv4_smtp
ignore_target_hosts = <; 0::0/0|
Finally adding a file in /etc/exim4/conf.d/transports
I'm a little puzzled by the one in the example.
driver = smtp
dkim domain = mydomain.co.uk
dkim_selector = x
dkim_private_key = /usr/exim/dkim.private.key
dkim_canon = relaxed
interface = <my.v4.ip.address>|
Why can't I simply use the existing smtp remote_smtp transport with
the some relatively simple edits? This example contains a directive
that limits it to using ipv4 by specifying the interface using an
ipv4 address. Seems like somewhere should be a directive like
disable_ipv6 = true or dns_ipv4_lookup = *
I also wonder if these dkim statements conflict with the rest of the
basic debian configuration.
_______________________________________________
Pkg-exim4-users mailing list
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-exim4-users

Cam Ellison

2015-12-22 00:37:20 UTC

Permalink

Post by Robert Steinmetz AIA
Pretty much, but since I didn't get any responses I thought I'd try again.

Try your "solution" and find out.

Cam