> On Mon, May 27, 2024 at 3:40 AM Viktor Dukhovni via Postfix-users < postfix-users@postfix.org> wrote:
> You really should have posted "collate" output, which would have shown > the envelope sender address in the "qmgr active" log entry. Perhaps > the actual domain used did not have the expected SPF records. Wietse: notify_classes is working well. Postmaster is hosted by Google and we are seeing sequences like the following as a result. I had to move notify_classes to main.cf to cover all of our email. For debug it would likely be best to have Postmaster email remain on our server -- instead of sending it to Google. Please see below as I believe we may have a better understanding without the email headers. Viktor: The "collate" for this issue is enlightening. Here is an instance: May 28 02:11:41 mail01.raystedman.org postfix/bounce[19442]: B78BC305D5A9: postmaster non-delivery notification: 4A841305D5BE May 28 02:11:41 mail01.raystedman.org postfix/cleanup[19458]: 4A841305D5BE: message-id=<20240528091141.4a841305d...@mail01.raystedman.org> May 28 02:11:41 mail01.raystedman.org postfix/qmgr[16460]: 4A841305D5BE: from=<double-bou...@mail01.raystedman.org>, size=3187, nrcpt=1 (queue active) May 28 02:11:41 mail01.raystedman.org postfix/t124/smtp[19403]: Trusted TLS connection established to aspmx.l.google.com[142.250.141.27]:25: TLSv1.3 with cipher T LS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256 May 28 02:11:41 mail01.raystedman.org postfix/t124/smtp[19403]: 4A841305D5BE: host aspmx.l.google.com[142.250.141.27] said: 421-4.7.26 Your email has been rate limited because it is unauthenticated. Gmail 421-4.7.26 requires all senders to authenticate with either SPF or DKIM. 421-4.7.26 421-4.7.26 Authentication results: 421-4.7.26 DKIM = did not pass 421-4.7.26 SPF [mail01.raystedman.org] with ip: [209.73.152.124] = did not pass 421-4.7.26 421-4.7.26 For instructions on setting up authentication, go to 421 4.7.26 https://support.google.com/mail/answer/81126#authentication d2e1a72fcca58-701bc33108esi1286635b3a.272 - gsmtp (in reply to end of DATA command) May 28 02:11:42 mail01.raystedman.org postfix/t124/smtp[19403]: Trusted TLS connection established to alt2.aspmx.l.google.com[74.125.126.27]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256 May 28 02:11:42 mail01.raystedman.org postfix/t124/smtp[19403]: 4A841305D5BE: to=<postmas...@raystedman.org>, orig_to=<postmaster>, relay= alt2.aspmx.l.google.com[74.125.126.27]:25, delay=1.2, delays=0/0/0.81/0.39, dsn=2.0.0, status=sent (250 2.0.0 OK 1716887502 ca18e2360f4ac-7eae2d6333asi30711039f.32 - gsmtp) May 28 02:11:42 mail01.raystedman.org postfix/qmgr[16460]: 4A841305D5BE: removed It appears that this bounce email was sent using the subdomain mail01.raystedman.org. There is no "from=<>" here but the error log seems to imply the SPF failure was associated with this subdomain. If this is the case, we need to add an SPF record for this subdomain. Please note we are already configured for raystedman.org and devotion.raystedman.org. Are there any other subdomains that Postfix would use? Please let me know and I will make the appropriate modifications to DNS. Thank you, Greg
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
