On 2/15/2011 7:07 PM, Jeroen Geilman wrote:
On 02/15/2011 08:21 PM, John wrote:
First off I am still a bit green on this stuff.
Both my servers are multi-homed, server A which runs Postfix is
configured -> eth0 :n.n.n.186 and eth1:n.n.n.187.
The host name for this server is mail.domain.tld which points to
n.n.n.187.
Up until last Friday we did not have any problems. On Friday we
started to get bounced when we tried to reply to a new contact at
AT&T/Prodigy. Their bounce message is as follows:
"host sbcmx5.prodigy.net[207.115.21.24] said: 553 5.3.0 flpd241
DNSBL:ATTRBL 521< n.n.n.186
>_is_blocked.__For_information_see_http://att.net/blocks (in reply to
MAIL FROM command".
A check of our logs shows only four message destined for their
servers in the last four weeks. I have check our servers using
abuse.net and we do not appear to be an open relay. None of the RBL
have us listed. So I do not think the problem is spamming.
I think the problem is Postfix is sending using eth0, which in turn
means that it appears to come from n.n.n.186, which in turn means
that a reverse lookup does not resolve to mail.domain.tld. The loop
is not closed and therefor we are suspect.
I did some digging around I think that I need to modify my Postfix
configuration by adding "inet_interfaces=n.n.n.186, n.n.n.187,
localhost" and "smtp_bind_address=n.n.n.187". However this is where I
get a little confused as in one set of documents I have read it says
to add these into main.cf, while the postconf.5html say to leave the
inet_interface at default and add the smtp_bind_address the master.cf.
inet_interfaces defines which IPs (and ergo interfaces) postfix
RECEIVES mail on.
This can be overridden per-service by providing the desired IP in the
master.cf service definition.
smtp_bind_address defines which IP postfix uses to SEND mail.
This can be overridden for any outgoing smtp(8) transport.
Unsurprisingly, postconf(5) is correct.
I did not say the postconf(5) is wrong just I had received conflicting
info on how and where to use smtp_bind_address.
Thanks for the clarification above, perhaps if it had been included in
the postconf docs I might not have had the ?.
I decided I would try the "suck it and see" approach and added it to the
master.cf as this seemed from the documentation to be the /best/ place
to put it. I have to say it did not solve the problem with AT&T, but I
can now see that when I send email I appear to be using the correct IP
address, which would seem to be an improvement.
Thanks
John A
--
"All that is necessary for the triumph of evil is that good men do nothing."
(Edmund Burke)
