On 4/19/2016 2:12 PM, jaso...@mail-central.com wrote:
> I'm working on a relay to a backend postfix instance across a VPN link.
>
> My 'flow' is
>
> postscreen
> postscreen-smtp
> preQ milters
> postQ spam filter
> relay over VPN to the backend
>
> At the moment, mail's getting both received OK from the net, and sent to it,
> over the VPN.
>
> In my logs I see a 'connection refused' from the backend, even though mail's
> getting delivered.
>
> My goal is to learn how to read & understand this particular log snip. Of
> course well enough to finally to find/fix the problem.
>
> I *think* it's a notification of some sort.
> It's from the 'double-bounce' address, which I've not gotten a good handle on
> yet.
> I don't exactly follow what the logs are telling me.
>
> Looking at my logs at one transaction I see this
>
> Apr 17 06:15:46 mail01 postfix/psint/smtpd[12683]: connect from
> a13-29.smtp-out.amazonses.com[54.240.13.29]
A remote amazonses server connects.
> Apr 17 06:15:48 mail01 postfix/cleanup[12688]: 4daZGw3xUcc426m:
> message-id=<4dazgw3xucc4...@mail01.example.com>
> Apr 17 06:15:48 mail01 postfix/qmgr[10345]: 4daZGw3xUcc426m:
> from=<double-bounce3...@mail01.example.com>, size=254, nrcpt=1 (queue active)
>>> Apr 17 06:15:48 mail01 postfix/vpn/smtp[12689]: connect to
>>> back.mail01.example.com[10.1.1.16]:25: Connection refused
>>> Apr 17 06:15:48 mail01 postfix/vpn/smtp[12689]: 4daZGw3xUcc426m:
>>> to=<exampl...@example.com>, relay=none, delay=0.04, delays=0/0.01/0.03/0,
>>> dsn=4.4.1, status=undeliverable (connect to
>>> back.mail01.example.com[10.1.1.16]:25: Connection refused)
> Apr 17 06:15:48 mail01 postfix/qmgr[10345]: 4daZGw3xUcc426m: removed
The above is an address verification probe, triggered by
reject_unverified_{sender, recipient}.
The mail server at 10.1.1.16 refuses the connection to port 25, so
postfix labels the address exampl...@example.com as "undeliverable".
> Apr 17 06:15:48 mail01 postfix/psint/smtpd[12683]: NOQUEUE:
> client=a13-29.smtp-out.amazonses.com[54.240.13.29]
> Apr 17 06:15:49 mail01 postfix/preqrtrn/smtpd[12692]: connect from
> localhost[127.0.0.1]
> Apr 17 06:15:49 mail01 postfix/preqrtrn/smtpd[12692]:
> 4daZGk98gjkfwj7gQ: client=localhost[127.0.0.1],
> orig_client=a13-29.smtp-out.amazonses.com[54.240.13.29]
> Apr 17 06:15:49 mail01 postfix/cleanup[12688]: 4daZGk98gjkfwj7gQ:
> message-id=<01...@email.amazonses.com>
> Apr 17 06:15:49 mail01 postfix/qmgr[10345]: 4daZGk98gjkfwj7gQ:
> from=<20160417...@bounces.amazon.com>, size=34791, nrcpt=1 (queue active)
> Apr 17 06:15:49 mail01 postfix/preqrtrn/smtpd[12692]: disconnect from
> localhost[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 quit=1 commands=6
> Apr 17 06:15:49 mail01 postfix/psint/smtpd[12683]: proxy-accept:
> END-OF-MESSAGE: 250 2.0.0 from MTA(smtp:[127.0.0.1]:11030): 250 2.0.0 Ok:
> queued as 4daZGk98gjkfwj7gQ; from=<20160417...@bounces.amazon.com>
> to=<exampl...@example.com> proto=ESMTP helo=<a13-29.smtp-out.amazonses.com>
and here we continue the logging of the amazonses client passing
through your smtpd_proxy_filter. Looks as if it passed. Further
logging of this message can be found with the queueid 4daZGk98gjkfwj7gQ.
Nothing interesting here...
>
> My suspicion's that it may be a 'mynetworks' or
> 'smtpd_authorized_xforward_hosts' in master.cf that I need. Reading up on
> those now.
probably not.
>
> But, does that log tell me enough to know what the problem is? Or do I need
> to turn on additional feedback somewhere/how?
The "connection refused" is the part that needs to be fixed.
VPN (temporarily?) down? firewall issue? "wrong" destination?
something else?
-- Noel Jones
>
> Jason
>
