On Wed, Apr 15, 2020 at 6:13 PM Wietse Venema <wie...@porcupine.org> wrote: > > Vieri Di Paola: > > On Wed, Apr 15, 2020 at 3:35 PM Wietse Venema <wie...@porcupine.org> wrote: > > > > > > Vieri Di Paola: > > > > Hi, > > > > > > > > I'm using postfix as an smtp filter (antispam) which then forwards the > > > > messages to another mail server with user mailboxes. > > > > > > > > This server has private IP addr. 10.0.0.1, and the mailbox server has > > > > private IP addr. 10.0.0.10. > > > > So, external e-mails are first received by this filter and then > > > > forwarded to the mailboxes. > > > > > > > > It has been working fine for years, but a few days ago some e-mails > > > > were not coming in anymore, and the logs on the filtering server show > > > > messages such as this one: > > > > > > > > postfix/smtp[13093]: A306E1240B1: to=<m...@mydomain.org>, relay=none, > > > > delay=0.06, delays=0.06/0/0/0, dsn=5.4.6, status=bounced (mail for > > > > 10.0.0.10 loops back to myself) > > > > > > What has changed? > > > > > > > I'm still trying to understand what that means exactly. > > > > > > 1) It means that postfix/smtp[13093] received a request to deliver > > > mail for mydomain.org. > > > > > > ***Perhaps it should not have received that request.*** > > > > Yes, it should receive requests for mydomain.org. It is the antispam > > server where all e-mail for mydomain.org should go through first > > before being handed over to the mailbox server at 10.0.0.10. > > > > > 2) It means that postfix/smtp[13093] looked up the MX for mydomain.org > > > and found that Postfix itself (through the inet_interfaces and > > > proxy_interfaces parameter values) is MX for mydomain.org. > > > > > > ***Perhaps inet_interfaces or proxy_interfaces are in error.*** > > > > > > Either way, the Postfix SMTP client will not deliver mail to an IP > > > address that Postfix is already receiving mail on. > > > > Sorry if I might sound foolish, but why? Isn't what "transport" is for? > > With this: > > /etc/postfix/transport:mydomain.org smtp:[10.0.0.10] > > mail was bounced because postfix/smtp[13093] found that > 10.0.0.10 matches inet_interfaces or proxy_interfaces. > > Why did postfix/smtp[13093] find this match? I suppose because > proxy_interfaces uses hostnames, which introduces a dependency > on DNS or /etc/hosts which are subject to change.
My thought exactly, but 10.0.0.10 is nowhere to be seen in postfix's configuration except in "transport". As reported in my first post, there is nothing I can see that is telling postfix that 10.0.0.10 is itself. Let me recap: # egrep 'inet_interfaces|proxy_interfaces' /etc/postfix/main.cf | grep -v ^# proxy_interfaces = mail1.mydomain.org mail2.mydomain.org # host mail1.mydomain.org mail1.mydomain.org has address 10.0.0.2 # host mail2.mydomain.org mail2.mydomain.org has address 10.0.0.1 I get the same with "dig", and /etc/hosts is empty (except for 127.0.0.1 localhost). So, 10.0.0.10 is nowhere to be seen. > If the sender was external, the undeliverable mail will have been > returned there. If the sender was in mydomain.org, then there was > no way to deliver the non-delivery notification. As defined in > SMTP standards, a non-delivery notification is discarded instead > of being bounced, as the latter would result in an infinite loop. The senders were all external. However, is there any proof that the non-delivery notification was actually sent? Is it recorded in postfix logs? Is the following an example of a non-delivery notification that was successfully sent back? # tail -n 10000000 custom_email.log | grep "^Apr 15" | grep "3B4F21240B1" postfix/smtpd[13316]: 3B4F21240B1: client=unknown[10.1.1.1] postfix/cleanup[13083]: 3B4F21240B1: message-id=<1586931633.63377.9971225...@external.org> mimedefang.pl[7901]: 3B4F21240B1: Fake sender check: From supp...@external2.org - Sender <syst...@external2.org> - Relay Address 10.1.1.1 postfix/qmgr[12956]: 3B4F21240B1: from=<syst...@external2.org>, size=8322, nrcpt=1 (queue active) postfix/smtp[13093]: 3B4F21240B1: to=<m...@mydomain.org>, relay=none, delay=0.12, delays=0.12/0/0/0, dsn=5.4.6, status=bounced (mail for 10.0.0.10 loops back to myself) postfix/bounce[13228]: 3B4F21240B1: sender non-delivery notification: 586D11240B3 postfix/qmgr[12956]: 3B4F21240B1: removed # tail -n 10000000 custom_email.log | grep "^Apr 15" | grep "586D11240B3" postfix/cleanup[13208]: 586D11240B3: message-id=<20200415062034.586d1124...@mail2.mydomain.org> postfix/bounce[13228]: 3B4F21240B1: sender non-delivery notification: 586D11240B3 postfix/qmgr[12956]: 586D11240B3: from=<>, size=10346, nrcpt=1 (queue active) postfix/smtp[13093]: 586D11240B3: to=<syst...@external2.org>, relay=mail.external2.org[10.1.1.2]:25, delay=0.21, delays=0/0/0.03/0.18, dsn=2.6.0, status=sent (250 2.6.0 <20200415062034.586d1124...@mail2.mydomain.org> [InternalId=49757140] Queued mail for delivery) postfix/qmgr[12956]: 586D11240B3: removed I just want to be sure everyone was properly notified. Vieri
