2

I'm trying to use subdomains with Exim, but If I send a test message to any address other fqdn than my basic domain name it gets bounced with a relay error. I can send and login to both Dovecot and Exim with an address with, for example, testing@mysub.mydomain.com, but can only send mail out from that address. Incoming mail works only on the primary domain.

Unfortunately, I chose the Debian muli-file configuration option when I set up my email servers a year ago, so theres lots of config files. Let me know if there is a particular one(s) to post that would be relevant.

I have a workaround, but it ditches the subdomain entirely from the address in the sending and requires only 'local' usernames, not allowing usernames with the full email address.

How can I get Exim to allow all subdomains? It's letting me login with full email address, why not recognizing that address exists?

I'm using PAM user auth with full email addresses for email-enabled usernames. I'm thinking maybe I have a misconfig somewhere in the routing that's appending the domain on top of the email address, since usually PAM uses plain usernames, not full email addresses. It's not in the auth though. It's gotta be in the routing. On the other hand, maybe it has nothing to do with that.

Any ideas would be most welcome, as my searches have turned up everything except how to get Exim to accept mail for subdomains.

jdmayfield
  • 281
  • 3
  • 13

1 Answers1

3

If you are editin the cofiguration directly, add a wildcard to your MAIN_LOCAL_DOMAINS macro in your configuration or template.

MAIN_LOCAL_DOMAINS=@:localhost:example.com : *.example.com

This will set the local_domains used to accept email. 

domainlist local_domains = MAIN_LOCAL_DOMAINS

If you are using Debian based configuration specify your domains as other domains in 'update-exim4.conf.conf' like this:

dc_other_hostnames='example.com : *.example.com'

If you want to verify for actual local subdomains, you and use a DNS lookup instead of a wildcard. See the Exim Specification. The relevant sections are "File and database lookups" and "Domain, host, address, and local part lists"

For lookups on full username including domain, you are outside the normal user lookups. Check the documentation on virtual domains for that kind of lookup. See the Specification section on "Some common configuration settings". There is also an excellent FAQ available.

BillThor
  • 27,737
  • 3
  • 37
  • 69
  • Hi @BillThor. I just tried this, but now I get a different bounce error: Address not found Your message wasn't delivered to testing@contact.xxxxx.com because the address couldn't be found, or is unable to receive mail. The response was: 550 Unrouteable address – jdmayfield Oct 21 '18 at 04:54
  • I think it's a step in the right direction though-- maybe I have a conflict or another security measure I put in or inherited. Non-subdomain emails still recieve normally, however. Is there somewhere I can look that has a more explicit/verbose error? rejectlog basically just tells me the same thing. I'll check my config in a bit soon as I get a chance. – jdmayfield Oct 21 '18 at 04:57
  • So I think there is a second step here. It appears to me that Exim is checking the local user for deliverability by ditching the @subdomain.domain.com part. Not completely sure I am correct here, but if so, how can I get it to additionally check for say testing@sub.domain.com as a full system username as well as just testing (preferably the former first, then the latter)?? – jdmayfield Oct 21 '18 at 08:56
  • I can see with a exim -bt -d test@domain.com (test being a local user account), it succeeds in the local_user router. How can I modify it to succeed with real local users using a whole email address as username as well? Probably make an extra router for it, but copy the local user router and instead of check_local_user.. what? – jdmayfield Oct 21 '18 at 09:08