Bug#949335: exim4: Does not allow relay from IPv6 localhost like for IPv4

David Lee Lambert davidl at lmert.com
Sun Jan 19 23:03:09 GMT 2020 

Package: exim4
Version: 4.92-8+deb10u3
Severity: normal
Tags: ipv6

Dear Maintainer,

I was getting a "Relay not permitted" message from Thunderbird trying to send e-mail.

The immediate workaround was to change the "Server Name:" in Server Settings
from "localhost" to "127.0.0.1". However, the manpage says, and said in squeeze [1],

> dc_relay_nets
>    A list of machines for which we serve as smarthost. _Please note that 127.0.0.1 and ::1 are always permitted to relay since /usr/lib/sendmail is available anyway and relay control doesn't make sense here._ Sets macro MAIN_RELAY_NETS

(I actually had "...; 127.0.0.1/8; [::1]/128; ..." in dc_relay_nets, but
taking those entries out didn't seem to make any difference.)

Testing with "telnet", IPv4 localhost is allowed to relay, IPv6 localhost isn't:

# telnet -4 localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 huitzil.lmert.com ESMTP Exim 4.92 Sun, 19 Jan 2020 16:21:27 -0500
EHLO localhost
250-huitzil.lmert.com Hello localhost [127.0.0.1]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-CHUNKING
250-PRDR
250 HELP
MAIL FROM: test1 at lmert.com
250 OK
RCPT TO: john.doe at example.net
250 Accepted

# telnet -6 localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 huitzil.lmert.com ESMTP Exim 4.92 Sun, 19 Jan 2020 16:22:10 -0500
EHLO localhost
250-huitzil.lmert.com Hello localhost [::1]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-CHUNKING
250-PRDR
250 HELP
MAIL FROM: test1 at lmert.com
250 OK
RCPT TO: john.doe at example.net
550 relay not permitted

... and a log line from the second attempt ...

2020-01-19 16:22:32 H=(localhost) [::1] F=<test1 at lmert.com> rejected RCPT john.doe at example.net: relay not permitted

 [1]: https://manpages.debian.org/jessie/exim4-config/update-exim4.conf.8.en.html

-- Package-specific info:
Exim version 4.92 #5 built 27-Sep-2019 16:09:35
Copyright (c) University of Cambridge, 1995 - 2018
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2018
Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DANE DKIM DNSSEC Event OCSP PRDR SOCKS TCP_Fast_Open
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Configure owner: 0:0
Size of off_t: 8
Configuration file search path is /etc/exim4/exim4.conf:/var/lib/exim4/config.autogenerated
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
#
# Please note that this is _not_ a dpkg-conffile and that automatic changes
# to this file might happen. The code handling this will honor your local
# changes, so this is usually fine, but will break local schemes that mess
# around with multiple versions of the file.
#
# update-exim4.conf uses this file to determine variable values to generate
# exim configuration macros for the configuration file.
#
# Most settings found in here do have corresponding questions in the
# Debconf configuration, but not all of them.
#
# This is a Debian specific file

dc_eximconfig_configtype='smarthost'
dc_other_hostnames='*****; *****; *****'
dc_local_interfaces=''
dc_readhost='lmert.com'
dc_relay_domains='lmert.com; *****.lmert.com'
dc_minimaldns='false'
dc_relay_nets='192.168.***.0/24; [fe80::]/10; [****:***:****:**::]/64'
dc_smarthost='*****.net::587'
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname='true'
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'

mailname:lmert.com
# /etc/default/exim4
EX4DEF_VERSION=''

# 'combined' -	 one daemon running queue and listening on SMTP port
# 'no'       -	 no daemon running the queue
# 'separate' -	 two separate daemons
# 'ppp'      -   only run queue with /etc/ppp/ip-up.d/exim4.
# 'nodaemon' - no daemon is started at all.
# 'queueonly' - only a queue running daemon is started, no SMTP listener.
# setting this to 'no' will also disable queueruns from /etc/ppp/ip-up.d/exim4
QUEUERUNNER='combined'
# how often should we run the queue
QUEUEINTERVAL='30m'
# options common to quez-runner and listening daemon
COMMONOPTIONS=''
# more options for the daemon/process running the queue (applies to the one
# started in /etc/ppp/ip-up.d/exim4, too.
QUEUERUNNEROPTIONS=''
# special flags given to exim directly after the -q. See exim(8)
QFLAGS=''
# Options for the SMTP listener daemon. By default, it is listening on
# port 25 only. To listen on more ports, it is recommended to use
# -oX 25:587:10025 -oP /run/exim4/exim.pid
SMTPLISTENEROPTIONS=''

-- System Information:
Debian Release: 10.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages exim4 depends on:
ii  debconf [debconf-2.0]  1.5.71
ii  exim4-base             4.92-8+deb10u3
ii  exim4-daemon-light     4.92-8+deb10u3

exim4 recommends no packages.

exim4 suggests no packages.

-- debconf information:
* exim4/drec:

More information about the Pkg-exim4-maintainers mailing list