On Fri, Aug 06, 2021 at 12:33:22PM +0000, White, Daniel E. (GSFC-770.0)[NICS]
wrote:
> I removed "relay_transport" and inserted
> "transport_maps = hash:/etc/postfic/transport" containing
> ".our.local.domain relay:[MDA server IP]"
>
> I sent a message from another server and got the attached info in the
> logs: (redacted. Sorry, but it is required)
Enabling verbose logging just makes it much harder to find the essential
information amonst all the noise. There is just one useful line in that
log file:
2021-08-06T11:57:18.612598+00:00 MTA_RELAY_SERVER postfix/smtpd[18510]:
NOQUEUE: reject: RCPT from SERVER_SENDING[SERVER_SENDING_IP]:
550 5.1.1 <testuser2@OUR.LOCAL.DOMAIN>: Recipient address rejected:
User unknown in local recipient table; from=<ME@OUR.LOCAL.DOMAIN>
to=<testuser2@OUR.LOCAL.DOMAIN> proto=SMTP helo=<SERVER_SENDING>
>From which we can conlude that you've listed the domain in
"mydestination" (domains delivered to local accounts on the MTA host),
which requires that the recipient "testuser2" be listed in /etc/passwd,
or in the local aliases(5) table.
Since you state that want the domain to be relayed, you need to list
it in "relay_domains", and not list it in "mydestination".
The three lines of non-verbose logs could have been posted inline rather
than attached as a Zip file:
2021-08-06T11:57:18.575041+00:00 MTA_RELAY_SERVER postfix/smtpd[18510]:
connect from SERVER_SENDING[SERVER_SENDING_IP]
2021-08-06T11:57:18.612598+00:00 MTA_RELAY_SERVER postfix/smtpd[18510]:
NOQUEUE: reject: RCPT from SERVER_SENDING[SERVER_SENDING_IP]: 550 5.1.1
<testuser2@OUR.LOCAL.DOMAIN>: Recipient address rejected: User unknown in local
recipient table; from=<ME@OUR.LOCAL.DOMAIN> to=<testuser2@OUR.LOCAL.DOMAIN>
proto=SMTP helo=<SERVER_SENDING>
2021-08-06T11:57:18.614409+00:00 MTA_RELAY_SERVER postfix/smtpd[18510]:
disconnect from SERVER_SENDING[SERVER_SENDING_IP] helo=1 mail=1 rcpt=0/1
commands=2/3
]
On Fri, Aug 06, 2021 at 12:43:29PM +0000, White, Daniel E. (GSFC-770.0)[NICS]
wrote:
> By the way, I am using Postfix 3.5.8 on RHEL 8
>
> $ postmap -q .our.local.domain $(postmap -xh transport_maps)
Sorry, typo, that second "postmap" should have been "postconf" (adjusted
to match the domain exactly, rather than by parent suffix):
$ postmap -q our.local.domain $(postconf -xh transport_maps)
> I tried
> $ postmap -q .our.local.domain /etc/postfix/transport
> and got nothing back
>
> I tried
> $ postmap -q our.local.domain /etc/postfix/transport
> and got back
> relay:[MDA server IP]
Just overriding the transport is not sufficient, to be accepted from
clients not listed in mynetworks, or otherwise "trusted" to relay,
the domain must be in "relay_domains".
--
Viktor.
