Hi Michael, This looks like one of my patches broke the TCP table when using "-I"... :-) It should be 500 not 400 it seems. Fruneau will be pleased ^^ I've pushed a fix to my own fork which I'll pull to Fruneau soon - its identical to Fruneau's except for this 400->500 fix. My fork is at: https://github.com/driskell/pfixtools However, I don't think this is your issue - since it should still work without "-I"
> Thanks again Jason - I get this using your specified telnet test: > > 500 Hash invalid in SRS address. This is the reason the decoding isn't happening when you were without "-I", so you can return to NOT using "-I" (or use my fork) Check your secrets file doesn't have blank lines or spaces anywhere in it? And is purely just a couple or so lines with a set of random characters in? (max of 1024 a line) I wonder if there are problems happening with the secrets so it can encode but not decode. Maybe even try telnet to 10001 with: get<space>t...@example.com<enter><ctrl+D> Then with the result telnet to 10002 and decode it. Regards, Jason On 4 Feb 2014, at 00.21, Michael McCallister <mikemc-post...@terabytemedia.com> wrote: > > > So I have been playing around with it more now in light of this new > information - here is what I have found: > > * It works and delivers mail when the "-I" switch is NOT present (this > has been my usage in all examples). However, when I try to decode > in this mode I get "500 Hash invalid in SRS address." when testing > in telnet - which could explain why bounces are not working. Telnet > encode tests on port 10001 work fine. > * When the "-I" switch IS present, it does not deliver mail. However, > it passes both telnet encode/decode tests. Here is the delivery > problem I see in the logs: > > Feb 3 16:31:00 quimby0 postfix/smtpd[32357]: connect from > homer.terabytemedia.com[74.206.115.225] > Feb 3 16:31:00 quimby0 postfix/smtpd[32357]: warning: > tcp:127.0.0.1:10002 lookup error for "~us...@forwardingdomain.com~" > Feb 3 16:31:00 quimby0 postfix/smtpd[32357]: NOQUEUE: reject: RCPT > from homer.terabytemedia.com[74.206.115.225]: 451 4.3.0 > <mikeboun...@acermanuals.com>: Temporary lookup failure; > from=<mikemc@terabyte[added_to_prevent_spam]media.com> > to=<~us...@forwardingdomain.com~> proto=ESMTP > helo=<homer.terabytemedia.com> > Feb 3 16:31:00 quimby0 postfix/smtpd[32357]: disconnect from > homer.terabytemedia.com[74.206.115.225] > > So I am now getting some "warning: tcp:127.0.0.1:10002 lookup error" > with the -I switch enabled - but it passes telnet encode/decode tests. > > I am confused why it is logging a decoding error with -I as opposed to > without -I in the logs above - you would think it would do that in either > case since ~us...@forwardingdomain.com~ is not SRS encoded. One thing that > might explain this - when testing on telnet with -I off, I get a "400 > external domains are ignored" error (maybe 4xx errors are warnings to Postfix > and it continues to send and moves on to encoding?) - with -I on, I get a > "500 Not an SRS address." which I assume is fatal. > > One fix might be to patch pfix-srsd (I don't program in C but could probably > figure it out) to return a 400 error for the "500 Not an SRS address.". I > cannot think of any way that opens me up to problems since I assume the > address would just not be rewritten by Postfix in this case. > > Any ideas? > > Michael > >
