Hi,
I just built a postfix mail server(mail.mytestmx.com) with PostfixAdmin,
SPF and DKIM.,etc. It works very well. Now I try to use the new built
server as the backup mail server of another server (zeta.othermx.com),
so I add a backup domain in PostfixAdmin and setup DNS accordingly.
Later there is an email came with destination to b...@othermx.com, the
relay attempt got rejected at zeta.othermx.com because of SPF.
So what is the solution here? Should I add the mail.mytestmx.com to
zeta.othermx.com's SPF record and make it trust it? If so are there any
risk?
Here I copied the maillog:
------------------------------------------
Nov 17 11:12:43 mail postfix/postscreen[9604]: CONNECT from
[70.38.36.41]:57302 to [10.11.22.33]:25
Nov 17 11:12:49 mail postfix/postscreen[9604]: PASS NEW [70.38.36.41]:57302
Nov 17 11:12:49 mail postfix/smtpd[9612]: connect from
r41.emails.aircanada.com[70.38.36.41]
Nov 17 11:12:50 mail postfix/policy-spf[9622]: Policy action=PREPEND
Received-SPF: pass (emails.aircanada.com ... p18.neolane.net:
70.38.36.41 is authorized to use 'communicati...@emails.aircanada.com'
in 'mfrom' identity (mechanism 'ip4:70.38.36.40/30' matched))
receiver=mail.mytestmx.com; identity=mailfrom;
envelope-from="communicati...@emails.aircanada.com";
helo=r41.emails.aircanada.com; client-ip=70.38.36.41
Nov 17 11:12:50 mail postfix/smtpd[9612]: 9202040121F2:
client=r41.emails.aircanada.com[70.38.36.41]
Nov 17 11:12:50 mail postfix/cleanup[9625]: 9202040121F2: hold: header
Received: from r41.emails.aircanada.com (r41.emails.aircanada.com
[70.38.36.41])??by mail.mytestmx.com (Postfix) with ESMTP id
9202040121F2??for <b...@othermx.com>; Fri, 17 Nov 2017 11:12:49 -0800
from r41.emails.aircanada.com[70.38.36.41];
from=<communicati...@emails.aircanada.com> to=<b...@othermx.com>
proto=ESMTP helo=<r41.emails.aircanada.com>
Nov 17 11:12:50 mail postfix/cleanup[9625]: 9202040121F2:
message-id=<nm640704eca02880ba2aircan...@emails.aircanada.com>
Nov 17 11:12:50 mail opendkim[1277]: 9202040121F2:
r41.emails.aircanada.com [70.38.36.41] not internal
Nov 17 11:12:50 mail opendkim[1277]: 9202040121F2: not authenticated
Nov 17 11:12:50 mail opendkim[1277]: 9202040121F2: DKIM verification
successful
Nov 17 11:12:53 mail MailScanner[9148]: New Batch: Scanning 1 messages,
38613 bytes
Nov 17 11:12:53 mail MailScanner[9148]: Virus and Content Scanning: Starting
Nov 17 11:12:53 mail MailScanner[9148]: Spam Checks: Starting
Nov 17 11:12:53 mail MailScanner[9148]: Expired 2 records from the
SpamAssassin cache
Nov 17 11:12:53 mail MailScanner[9148]: MailWatch: Blacklist refresh
time reached
Nov 17 11:12:53 mail MailScanner[9148]: MailWatch: Starting up MailWatch
SQL Blacklist
Nov 17 11:12:53 mail MailScanner[9148]: MailWatch: Read 0 blacklist entries
Nov 17 11:12:56 mail postfix/smtpd[9612]: disconnect from
r41.emails.aircanada.com[70.38.36.41] ehlo=1 mail=1 rcpt=1 data=1 quit=1
commands=5
Nov 17 11:13:00 mail MailScanner[9637]: Found phishing fraud from
http://t.emails.aircanada.com/r/?id=h6f6c61ee,1448d239,1448e479 claiming
to be www.aeroplan.com in 9202040121F2.A6CDC
Nov 17 11:13:00 mail MailScanner[9637]: Found phishing fraud from
http://t.emails.aircanada.com/r/?id=h6f6c61ee,1448d239,1448e47b claiming
to be www.aircanada.com in 9202040121F2.A6CDC
Nov 17 11:13:00 mail MailScanner[9637]: Found phishing fraud from
http://t.emails.aircanada.com/r/?id=h6f6c61ee,1448d239,1448e47c claiming
to be www.aircanada.com in 9202040121F2.A6CDC
Nov 17 11:13:00 mail MailScanner[9148]: Content Checks: Detected and
have disarmed web bug, phishing tags in HTML message in
9202040121F2.A6CDC from communicati...@emails.aircanada.com
Nov 17 11:13:00 mail MailScanner[9148]: Requeue: 9202040121F2.A6CDC to
EEAA64012121
Nov 17 11:13:00 mail MailScanner[9148]: Uninfected: Delivered 1 messages
Nov 17 11:13:00 mail postfix/qmgr[5097]: EEAA64012121:
from=<communicati...@emails.aircanada.com>, size=37534, nrcpt=1 (queue
active)
Nov 17 11:13:00 mail MailScanner[9148]: Deleted 1 messages from
processing-database
Nov 17 11:13:00 mail MailScanner[9148]: MailWatch: Logging message
9202040121F2.A6CDC to SQL
Nov 17 11:13:00 mail MailScanner[9153]: MailWatch: 9202040121F2.A6CDC:
Logged to MailWatch SQL
Nov 17 11:13:01 mail postfix/smtp[9639]: Anonymous TLS connection
established to zeta.othermx.com[206.116.44.138]:25: TLSv1.2 with cipher
AECDH-AES256-SHA (256/256 bits)
Nov 17 11:13:02 mail postfix/smtp[9639]: EEAA64012121:
to=<b...@othermx.com>, relay=zeta.othermx.com[206.116.44.138]:25,
delay=12, delays=10/0.01/1.3/0.33, dsn=5.7.1, status=bounced (host
zeta.othermx.com[206.116.44.138] said: 550 5.7.1 <b...@othermx.com>:
Recipient address rejected: Please see
http://www.openspf.net/Why?s=mfrom;id=communications%40emails.aircanada.com;ip=209.53.201.252;r=zeta.othermx.com
(in reply to RCPT TO command))
Nov 17 11:13:02 mail postfix/cleanup[9625]: 14AA440121F2:
message-id=<20171117191302.14aa44012...@mail.mytestmx.com>
Nov 17 11:13:02 mail postfix/qmgr[5097]: 14AA440121F2: from=<>,
size=41119, nrcpt=1 (queue active)
Nov 17 11:13:02 mail postfix/bounce[9640]: EEAA64012121: sender
non-delivery notification: 14AA440121F2
Nov 17 11:13:02 mail postfix/qmgr[5097]: EEAA64012121: removed
Nov 17 11:13:03 mail postfix/smtp[9641]: 14AA440121F2:
to=<communicati...@emails.aircanada.com>,
relay=a.mx.p18.neolane.net[70.38.33.129]:25, delay=0.99,
delays=0/0.01/0.65/0.32, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as
BF68E1461D6F)
Nov 17 11:13:03 mail postfix/qmgr[5097]: 14AA440121F2: removed
