On 11/18/21 12:08, Bill Cole wrote:
On 2021-11-18 at 11:14:27 UTC-0500 (Thu, 18 Nov 2021 11:14:27 -0500)
Is there some way to do so in the config, otherwise I can change the Received line generated by
Exim but it seems strange the defaults fail here.
It can't be done in config, because there needs to be complex logic to parse
out elements.
What I do not see yet, despite reading the thread on the Exim list, is how to identify a *confirmed*
client reverse DNS hostname in Exim's Received headers, vs. a HELO argument vs. a PTR result that
doesn't have an A record pointing back to the client IP.
Sendmail & Postfix do this, making a very explicit statement when the rDNS name doesn't exist or
isn't right:
Received: from HELO_Name ({confirmed hostname|'unknown'} [client IP])
I believe that making Exim do that would fix the issue for existing SA 3.4.x installations. If I can
work out how to detect missing or wrong rDNS in the Received header, that should be fixed for 4.0.
Yea, I can override it locally, just interested in helping out reporting issues
for 4.0 now.
Thanks,
Matt
[1] https://lists.exim.org/lurker/message/20211118.151417.19b10d55.en.html
[2] Received: from [2620:6e:a000:1000:5032:f151:67fb:662b]
(helo=eyeballs.as397444.net)
by mail.as397444.net with smtp id 1mnk27-003mD4-EI
(envelope-from <...>)
for ...; Thu, 18 Nov 2021 16:13:07 +0000
So, if the rDNS name does not resolve, you get 'from [ip-literal]
(helo=HELO_Name)' ?
If the rDNS name resolves back to the client IP, how is it different?
If the rDNS name resolves to some other IP, how is it different?
The above is with an IP which *does* RDNS resolve to the HELO hostname, but which does not have a
FcRDNS match. I believe it looks the same whether RDNS resolves or not, it only changes if FcRDNS
matches.
Quoting from the exim documentation, the default Received line starts with (edited to remove the RFC
1413 bits):
Received: \
${if def:sender_rcvhost {from $sender_rcvhost\n\t}\
{${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}\
by $primary_hostname \
sender_rcvhost is defined as:
This is provided specifically for use in Received: headers. It starts with either the verified
host name (as obtained from a reverse DNS lookup) or, if there is no verified host name, the IP
address in square brackets. After that there may be text in parentheses. When the first item is a
verified host name, the first thing in the parentheses is the IP address in square brackets,
followed by a colon and a port number if port logging is enabled. When the first item is an IP
address, the port is recorded as “port=xxxx” inside the parentheses.
There may also be items of the form “helo=xxxx” if HELO or EHLO was used and its argument was
not identical to the real host name or IP address, and “ident=xxxx” if an RFC 1413 ident string is
available. If all three items are present in the parentheses, a newline and tab are inserted into
the string, to improve the formatting of the Received: header.
