Last modified: 2014-07-30 21:55:28 UTC
"echo Test | mail -s Test tim@tim-landscheidt.de" gets delivered to the intended recipient: | 2014-07-24 23:56:26 1XASs6-0002l4-BE <= scfc@tools.wmflabs.org H=tools-login.eqiad.wmflabs [10.68.16.7] U=Debian-exim P=esmtp S=768 id=E1XASs6-0000rg-8A@tools-login.eqiad.wmflabs | 2014-07-24 23:56:27 1XASs6-0002l4-BE TLS error on connection to smtp.rzone.de [81.169.145.98] (gnutls_handshake): The Diffie-Hellman prime sent by the server is not acceptable (not long enough). | 2014-07-24 23:56:27 1XASs6-0002l4-BE TLS session failure: delivering unencrypted to smtp.rzone.de [81.169.145.98] (not in hosts_require_tls) | 2014-07-24 23:56:28 1XASs6-0002l4-BE => tim@tim-landscheidt.de R=dnslookup T=remote_smtp H=smtp.rzone.de [81.169.145.98] | 2014-07-24 23:56:28 1XASs6-0002l4-BE Completed but "echo Test | mail -s Test legoktm@wikimedia.org" gets delivered (apparently) to the forward of the Labs user legoktm: | 2014-07-25 00:01:50 1XASxK-0002vv-86 <= scfc@tools.wmflabs.org H=tools-login.eqiad.wmflabs [10.68.16.7] U=Debian-exim P=esmtp S=765 id=E1XASxK-0001Cf-4s@tools-login.eqiad.wmflabs | 2014-07-25 00:01:50 1XASxK-0002vv-86 => legoktm.wikipedia@gmail.com <legoktm@wikimedia.org> R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [74.125.193.27] X=TLS1.0:RSA_ARCFOUR_SHA1:16 | 2014-07-25 00:01:50 1XASxK-0002vv-86 Completed
On tools-login: | scfc@tools-login:~$ { echo 'Subject: Test, please ignore'; echo 'To: legoktm@tim-landscheidt.de'; echo; echo Test; } | exim -v -odf -i legoktm@tim-landscheidt.de | LOG: MAIN | <= scfc@tools.wmflabs.org U=scfc P=local S=409 | delivering 1XAf0J-0003b5-4Y | Connecting to tools-mail.eqiad.wmflabs [10.68.16.27]:25 ... connected | SMTP<< 220 relay.tools.wmflabs.org ESMTP Exim 4.76 Fri, 25 Jul 2014 12:53:43 +0000 | SMTP>> EHLO tools-login.eqiad.wmflabs | SMTP<< 250-relay.tools.wmflabs.org Hello Debian-exim at tools-login.eqiad.wmflabs [10.68.16.7] | 250-SIZE 52428800 | 250-PIPELINING | 250 HELP | SMTP>> MAIL FROM:<scfc@tools.wmflabs.org> SIZE=1443 | SMTP>> RCPT TO:<legoktm@tim-landscheidt.de> ^^^^^^^^^^^^^^^^^^^^^^^^^^ | SMTP>> DATA | SMTP<< 250 OK | SMTP<< 250 Accepted | SMTP<< 354 Enter message, ending with "." on a line by itself | SMTP>> writing message and terminating "." | SMTP<< 250 OK id=1XAf0J-0003Ig-7a | SMTP>> QUIT | LOG: MAIN | => legoktm@tim-landscheidt.de R=smart_route T=remote_smtp H=tools-mail.eqiad.wmflabs [10.68.16.27] | LOG: MAIN | Completed | scfc@tools-login:~$ mainlog on tools-login: | 2014-07-25 12:53:43 1XAf0J-0003b5-4Y <= scfc@tools.wmflabs.org U=scfc P=local S=409 | 2014-07-25 12:53:43 1XAf0J-0003b5-4Y => legoktm@tim-landscheidt.de R=smart_route T=remote_smtp H=tools-mail.eqiad.wmflabs [10.68.16.27] ^^^^^^^^^^^^^^^^^^^^^^^^^^ | 2014-07-25 12:53:43 1XAf0J-0003b5-4Y Completed mainlog on tools-mail: | 2014-07-25 12:53:43 1XAf0J-0003Ig-7a <= scfc@tools.wmflabs.org H=tools-login.eqiad.wmflabs [10.68.16.7] U=Debian-exim P=esmtp S=662 id=E1XAf0J-0003b5-4Y@tools-login.eqiad.wmflabs | 2014-07-25 12:53:44 1XAf0J-0003Ig-7a => legoktm.wikipedia@gmail.com <legoktm@tim-landscheidt.de> R=dnslookup T=remote_smtp H=gmail-smtp-in.l.google.com [74.125.193.26] X=TLS1.0:RSA_ARCFOUR_SHA1:16 ^^^^^^^^^^^^^^^^^^^^^^^^^^^ | 2014-07-25 12:53:44 1XAf0J-0003Ig-7a Completed So the message is passed verbatim to tools-mail and the mangling then happens there.
And, indeed: | scfc@tools-mail:~$ sudo exim -d -bt legoktm@tim-landscheidt.de | [...] | >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | Testing legoktm@tim-landscheidt.de | >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | Considering legoktm@tim-landscheidt.de | >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | routing legoktm@tim-landscheidt.de | --------> postmaster_mail router <-------- | local_part=legoktm domain=tim-landscheidt.de | checking "condition" | postmaster_mail router skipped: condition failure | --------> tool_fallback router <-------- | local_part=legoktm domain=tim-landscheidt.de | tool_fallback router skipped: prefix mismatch | --------> user_forward router <-------- | local_part=legoktm domain=tim-landscheidt.de | checking for local user | seeking password data for user "legoktm": cache not available | getpwnam() succeeded uid=2552 gid=500 | calling user_forward router | rda_interpret (string): ${run{/usr/local/sbin/localuser $local_part}{$value}fail} | direct command: | argv[0] = /usr/local/sbin/localuser | argv[1] = legoktm | expanded: legoktm.wikipedia@gmail.com | file is not a filter file | parse_forward_list: legoktm.wikipedia@gmail.com | extract item: legoktm.wikipedia@gmail.com | user_forward router generated legoktm.wikipedia@gmail.com | errors_to=NULL transport=NULL | uid=unset gid=unset home=NULL | routed by user_forward router | envelope to: legoktm@tim-landscheidt.de | transport: <none> | >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | Considering legoktm.wikipedia@gmail.com | >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> | [...]
According to http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_default_configuration_file.html#SECID55, addresses are passed to each router until one accepts it. In our case, the dnslookup router is the last, so only addresses with local parts that are not usernames or patterns in Labs/Tools reach that stage. The exim documentation therefore puts the dnslookup router in the default configuration at the top, and testing shows that this would work for us as well: | root@tools-mail:~# exim -C /etc/exim4/exim4-bug-68545.conf -bt legoktm@tim-landscheidt.de | legoktm@tim-landscheidt.de | router = dnslookup, transport = remote_smtp | host smtp.rzone.de [2a01:238:20a:202:50f0::2097] MX=5 | host smtp.rzone.de [81.169.145.98] MX=5 | root@tools-mail:~# exim -C /etc/exim4/exim4-bug-68545.conf -bt legoktm | legoktm.wikipedia@gmail.com | <-- legoktm@tools.wmflabs.org | router = dnslookup, transport = remote_smtp | host gmail-smtp-in.l.google.com [2607:f8b0:4001:c05::1a] MX=5 | host gmail-smtp-in.l.google.com [74.125.193.26] MX=5 | host alt1.gmail-smtp-in.l.google.com [2607:f8b0:400d:c00::1b] MX=10 | host alt1.gmail-smtp-in.l.google.com [173.194.68.26] MX=10 | host alt2.gmail-smtp-in.l.google.com [2607:f8b0:400c:c03::1a] MX=20 | host alt2.gmail-smtp-in.l.google.com [74.125.131.27] MX=20 | host alt3.gmail-smtp-in.l.google.com [2a00:1450:400c:c03::1a] MX=30 | host alt3.gmail-smtp-in.l.google.com [173.194.66.26] MX=30 | host alt4.gmail-smtp-in.l.google.com [2a00:1450:4013:c01::1a] MX=40 | host alt4.gmail-smtp-in.l.google.com [74.125.136.26] MX=40 | root@tools-mail:~# I'll submit a patch to that effect in a bit.
Change 149316 had a related patch set uploaded by Tim Landscheidt: Tools: Fix exim configuration for non-local addresses https://gerrit.wikimedia.org/r/149316
Change 149316 merged by coren: Tools: Fix exim configuration for non-local addresses https://gerrit.wikimedia.org/r/149316
tools.legobot@tools-login:~$ echo Test | mail -s Test legoktm@wikimedia.org Email ended up in legoktm@wikimedia.org's inbox instead of legoktm.wikipedia@gmail.com. Thanks!
