Hi, we have an exim system in which I am trying to migrate to a new RHEL7 
system and in the process we have noticed that errors to members of a list file 
are not bouncing back correctly in the new system.

I our current system I see that messages are sent out and if they bounce they 
come back to 
[email protected]<mailto:[email protected]> and get 
forwarded to the original sender

If my replacement system I see the bounces are returning to 
[email protected]<mailto:[email protected]>

And I see the following in the logs:

Jun  7 17:28:52 test  exim[32705]: 2021-06-07 17:28:52.615 [32705] 
1lqOfs-0008VV-Jb <= <> H=mailtestmta.test.domain.com (mail.test.domain.com) 
[123.123.215.233]:48218 I=[123.123.215.121]:25 P=esmtps L. 
X=TLS1.2:ECDHE-RSA-AES256-SHA384:256 CV=no K S=34927 M8S=0 RT=0.005s 
[email protected]<mailto:[email protected]>
 T="Mail delivery failed: returning message to sender" from <> for 
[email protected]<mailto:[email protected]>
Jun  7 17:28:52 test  exim[32706]: 2021-06-07 17:28:52.626 [32706] 
cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1lqOfs-0008VV-Jb
Jun  7 17:28:52 test  exim[32705]: 2021-06-07 17:28:52.626 [32705] SMTP 
connection from mailtestmta.test.domain.com (mail.test.domain.com) 
[123.123.215.233]:48218 I=[123.123.215.121]:25 closed by QUIT
Jun  7 17:28:52 test  exim[32706]: 2021-06-07 17:28:52.630 [32706] 
1lqOfs-0008VV-Jb ** [email protected]<mailto:[email protected]> 
F=<>: Unrouteable address DT=0.000s
Jun  7 17:28:52 test  exim[32706]: 2021-06-07 17:28:52.631 [32706] 
1lqOfs-0008VV-Jb Frozen (delivery error message)

I had t make small changes to the config when bringing it over but for the most 
part they are the same but I cannot determine what is causing this bounceback 
problem.  Can someone see what I cannot?:

My broken config is here: pastebin.com/6sivwtjb  Can anyone assist?

And below but less readable

[root@ user]# cat /etc/exim/exim.conf
######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################

DETAINTFILE = /etc/exim/detaint
BADCHARS = \N[^A-Za-z0-9_.-]+\N
SAFELOCALPART = ${lookup{${sg{$local_part}{BADCHARS}{_}}} 
lsearch*,ret=key{DETAINTFILE}}

disable_ipv6=true
log_file_path = syslog : /var/log/exim/%s.log
log_selector = +all

# These lists are referred to later in this configuration using the syntax
# +local_domains and +relay_from_hosts, respectively. They
# are all colon-separated lists:
domainlist local_domains = test.mydomain.com : localhost : localhost.localdomain
hostlist   relay_from_hosts = 127.0.0.1 : mailtestmta.test.mydomain.com
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data


# Allow any client to use TLS.
tls_advertise_hosts = *
tls_certificate = /etc/pki/tls/certs/exim.pem
tls_privatekey = /etc/pki/tls/private/exim.pem

daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
qualify_domain = test.mydomain.com
never_users = root
host_lookup = *
# turn off ident
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 7d
# split_spool_directory = true
message_size_limit = 50M
strip_trailing_dot = true

keep_environment =
add_environment =

######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################

begin acl

# This access control list is used for the MAIL command in an incoming
# SMTP message.

acl_check_mail:

  # Hosts are required to say HELO (or EHLO) before sending mail.
  # So don't allow them to use the MAIL command if they haven't
  # done so.

  deny condition = ${if eq{$sender_helo_name}{} {1}}
       message = Nice boys say HELO first

  accept

# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.

acl_check_rcpt:

  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
  # testing for an empty sending host field.

  accept  hosts = :
          control = dkim_disable_verify

  # Accept mail to postmaster in any local domain, regardless of the source,
  # and without verifying the sender.

  accept  local_parts   = postmaster
          domains       = +local_domains

  # Accept if the message comes from one of the hosts for which we are an
  # outgoing relay.

  accept  hosts         = +relay_from_hosts
          control       = submission
          control       = dkim_disable_verify

  deny

acl_check_data:

  accept condition = ${if match 
{$sender_address_domain}{\N((?i)^mydomain\.com$|(?i)\.mydomain\.com$)\N} {1}}
         add_header = X-UofS-Origin: Internal

  accept

######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################
#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
# An address is passed to each router in turn until it is accepted.  #
######################################################################

begin routers

nameserv_aliases:
  driver = redirect
  data = 
${lookup{$local_part@$domain}dbm{/var/exim/aliases.db}}<mailto:$%7blookup%7b$local_part@$domain%7ddbm%7b/var/exim/aliases.db%7d%7d>

system_aliases:
  driver = redirect
  domains = test.mydomain.com
  data = ${lookup{$local_part}dbm{/var/exim/system.db}}

lists_owner:
  driver = redirect
  domains = test.mydomain.com
  local_part_prefix = owner-
  file = /var/exim/list/$local_part_prefixSAFELOCALPART
  no_more

lists_post:
  driver = redirect
  domains = test.mydomain.com
  headers_remove = ${if exists {/var/exim/header/SAFELOCALPART.removereplyto}\
                    {Reply-to}{}}
  headers_add = ${if exists {/var/exim/header/SAFELOCALPART.add}\
                  {${readfile{/var/exim/header/SAFELOCALPART.add}{\n}}}{}}
  senders = ${if exists {/var/exim/sender/SAFELOCALPART}\
        
{${lookup{${reduce{${addresses:$h_from:}}{}{$item}}}nwildlsearch{/var/exim/sender/SAFELOCALPART}{
 : *}{nwildlsearch;/var/exim/sender/SAFELOCALPART}}}{ : *}}
  file = /var/exim/list/SAFELOCALPART
  forbid_pipe
  forbid_file
  errors_to = ${if exists {/var/exim/error/SAFELOCALPART}\
                {${readfile{/var/exim/error/SAFELOCALPART}{}}}\
                {$sender_address}}
  skip_syntax_errors
  syntax_errors_to = ${if exists {/var/exim/error/SAFELOCALPART}\
                       {${readfile{/var/exim/error/SAFELOCALPART}{}}}\
                       {}}
  no_more

lists_closed:
  driver = redirect
  domains = test.mydomain.com
  allow_fail
  data = :fail: [email protected]<mailto:[email protected]> 
(Error sending to list)

smarthost:
  driver = manualroute
  domains = ! +local_domains
  transport = remote_smtp
#  route_list = !+local_domains post.mydomain.com
#  hosts_randomize = true
  route_list = !+local_domains test-mydomain-com.mail.protection.outlook.com

  no_more

######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################

# A transport is used only when referenced from a router that successfully
# handles an address.

begin transports

# This transport is used for delivering messages over SMTP connections.

remote_smtp:
  driver = smtp
  #This is already specified above, is it needed?
   tls_certificate = /etc/pki/tls/certs/exim.pem
  tls_privatekey = /etc/pki/tls/private/exim.pem

######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################

begin retry

# This single retry rule applies to all domains and all errors. It specifies
# retries every 15 minutes for 2 hours, then increasing retry intervals,
# starting at 1 hour and increasing each time by a factor of 1.5, up to 16
# hours, then retries every 6 hours until 4 days have passed since the first
# failed delivery.

# WARNING: If you do not have any retry rules at all (this section of the
# configuration is non-existent or empty), Exim will not do any retries of
# messages that fail to get delivered at the first attempt. The effect will
# be to treat temporary errors as permanent. Therefore, DO NOT remove this
# retry rule unless you really don't want any retries.

# Address or Domain    Error       Retries
# -----------------    -----       -------

*                      *           F,10m,2m; F,2h,15m; G,16h,1h,1.5; F,4d,6h

######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################

# There are no rewriting specifications in this default configuration file.
# begin rewrite
# begin authenticators
# begin local_scan

# End of Exim configuration file
-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-dev Exim 
details at http://www.exim.org/ ##

Reply via email to