The network diagram you have is correct. I'm afraid I don't understnad the "use
loopback for internal communication". There's no internal communication. Should
I just put 127.0.0.1 in my main.cf in place of "mail2"?
Sent with Proton Mail secure email.
On Thursday, May 30th, 2024 at 3:39 PM, Wietse Venema via Postfix-users
<[email protected]> wrote:
> Mailman29 via Postfix-users:
>
> > myhostname is set to "mail2" in main.cf, but the mx record points
> > to mail.somedomain.com, (they share the same IP though) would it
> > be doing an ip lookup first? I guess I need to "trick" it into
> > thinking it's not the same if it's IP based.
>
>
> Postfix requires transport_maps to forward mail from a front-end
> MTA to a backend MTA. Other approaches are not supported.
>
> Based on your earlier description I expect something like:
>
> public IP address, port 25: haproxy ->
>
>
> hidden port or address: frontend MTA with transport_maps ->
>
>
> hidden port or address: backend MTA
>
> If all this runs on a single host, and you use loopback (127.0.0.1)
> for internal communication, then Postfix won't care whether servers
> use the same MTA name.
>
> If you use a non-routable network such as 10.* or 192.168.* for
> internal communication, then you will need distinct MTA names.
>
> However, for sanity sake, I'd always recommend that different MTA
> instances identify themselves with different names. Otherwise youir
> logging will be incomprehensible.
>
> Wietse
>
> > On Thursday, May 30th, 2024 at 2:34 PM, Wietse Venema via Postfix-users
> > [email protected] wrote:
> >
> > > Mailman29 via Postfix-users:
> > >
> > > > Well the logs say this, which doesn't help.
> > > > May 30 14:01:02 mail2 postfix/smtp[1390778]: C5DCBA0501:
> > > > [email protected], relay=none, delay=5.2,
> > > > delays=0/0/5.2/0, dsn=5.4.6, status=bounced (mail for somedomain.com
> > > > loops back to myself)
> > >
> > > On the contrary, it says that you have configured a mailer loop,
> > > or that you have two different mail services that use the same MTA
> > > name (in Postfix parlance, the MTA name is the myhostname setting).
> > >
> > > > The domain and the postfix server do share the same IP (haproxy
> > > > server), but if Postfix would deliver the bounce message it would
> > > > get passed through the proxy to the mail server backend. Is there
> > > > a way to force this?
> > >
> > > 1) If the Postfix machine is a front-end for a backend server, then
> > > Postfix must be configured as a mail gateway, and there should be
> > > a transport_maps setting that routes mail for the domain to the
> > > backend instead of sending it to the public internet address. See
> > > https://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall
> > >
> > > 2) If your Postfix server is behind an inbound proxy server, then
> > > you MUST specify the external address with main.cf:proxy_interfaces,
> > > so that Postfix will know that it should not try to connect there.
> > > https://www.postfix.org/postconf.5.html#proxy_interfaces
> > >
> > > 3) If you really have more than one mail server, then they must
> > > have different MTA names (In Postfix parlance the MTA name is the
> > > myhostname setting).
> > >
> > > Wietse
> > >
> > > > On Thursday, May 30th, 2024 at 1:46 PM, Wietse Venema via Postfix-users
> > > > [email protected] wrote:
> > > >
> > > > > Mailman29:
> > > > >
> > > > > > Brilliant! I had a loop with haproxy that pointed it back at my
> > > > > > mail server!
> > > > > >
> > > > > > Now, how do I get postfix to send failures etc to my server? It
> > > > > > seems they just disappear into the ether!
> > > > >
> > > > > Look in your logs: https://www.postfix.org/DEBUG_README.html#logging
> > > > >
> > > > > If you don't understand an error or warning message, report the
> > > > > problem on the postfix-users mailing list.
> > > > >
> > > > > Wietse
> > > > >
> > > > > > Sent with Proton Mail secure email.
> > > > > >
> > > > > > On Thursday, May 30th, 2024 at 12:50 PM, Wietse Venema via
> > > > > > Postfix-users [email protected] wrote:
> > > > > >
> > > > > > > Mailman29 via Postfix-users:
> > > > > > >
> > > > > > > > HI guys.
> > > > > > > > I'm having an awful time getting postfix to work in one form
> > > > > > > > only.
> > > > > > > > Accept mail from one ip address only, regardless of the sender's
> > > > > > > > domain name, and send it out to the recipients. Postfix has no
> > > > > > > > accounts, and accepts no incoming mail. It's only for sending
> > > > > > > > from
> > > > > > > > my local server.
> > > > > > > >
> > > > > > > > Here's my main.cf, as you can see I have it set up to accept
> > > > > > > > mail
> > > > > > > > from my IP address only, but every time I try to send mail
> > > > > > > > through
> > > > > > > > it I get the error : (somedomain.com is placeholder for my FQDN)
> > > > > > > >
> > > > > > > > --> EHLO mail!
> > > > > > > > <-- 250-relay.somedomain.com Hello mail [IPaddress], pleased to
> > > > > > > > meet you
> > > > > > >
> > > > > > > THAT IS NOT Postfix. You can tweak settings and it will have no
> > > > > > > effect,
> > > > > > > because you are not taking to Postfix.
> > > > > > >
> > > > > > > I suggest that you look in the maillog file to fid out what
> > > > > > > program is answering the connection..
> > > > > > >
> > > > > > > Wietse
> > > > > > > _______________________________________________
> > > > > > > Postfix-users mailing list -- [email protected]
> > > > > > > To unsubscribe send an email to [email protected]
> > > > >
> > > > > _______________________________________________
> > > > > Postfix-users mailing list -- [email protected]
> > > > > To unsubscribe send an email to [email protected]
> > > > > _______________________________________________
> > > > > Postfix-users mailing list -- [email protected]
> > > > > To unsubscribe send an email to [email protected]
> > >
> > > _______________________________________________
> > > Postfix-users mailing list -- [email protected]
> > > To unsubscribe send an email to [email protected]
> > > _______________________________________________
> > > Postfix-users mailing list -- [email protected]
> > > To unsubscribe send an email to [email protected]
>
> _______________________________________________
> Postfix-users mailing list -- [email protected]
> To unsubscribe send an email to [email protected]
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
