> On May 21, 2022, at 4:26 PM, Wietse Venema <wie...@porcupine.org> wrote: > > Yes, you ave a mailer loop. > > mx1 Receive 7B34152BBDB (2326 bytes) from macbook > mx1 Deliver 7B34152BBDB to content filter, receive as B8C5452BBDF (4004 > bytes). > mx1 Deliver B8C5452BBDF to cmx01 as 4L4tdt0Fk8z2SSLv > > cmx01 Receive 4L4tdt0Fk8z2SSLv (4998 bytes) from localhost which was sent to > 8.10.12.14. > cmx01 Deliver 4L4tdt0Fk8z2SSLv to NON-POSTFIX SMTP SERVER with UNKNOWN QUEUE > ID. > > There is no logging how the non-postfix smtp server received the message. > There is no logging how the non-postfix mta forwarded the message to mx1.
All MTAs involved is postfix. The ciphermail stuff is just basically filters on top of postfix to encrypt an incoming email if a gpg key exists for the recipient. > > mx1 receive 7C32952BBDB (4155 bytes) from cmx01 (NOTE MESSAGE HAS SHRUNK) > mx1 deliver 7C32952BBDB to content filter, receive as 5918E52BBDF (5537 bytes) > mx1 Deliver 5918E52BBDF to cmx01 as 4L4tdy3tg5z2SSLv > > cm01 receive 4L4tdy3tg5z2SSLv (6531 bytes) from localhost which was sent to > 8.10.12.14 > cmx01 Deliver 4L4tdy3tg5z2SSLv to NON-POSTFIX SMTP SERVER with UNKNOWN QUEUE > ID. > > And so on. > > Where should the message be stored? Then THAT MTA should be configured > to store email for the recipient. client -> ciphermail (gpg or not?) -> final MTA where the user retrieves mail via imap. All postfix. > > If the problem is with the non-Postfix Postfix MTA, then I can't > make specific recommendations, other that "don't do what you're > doing now." > > If the problem is with one of the Postfix MTAs, then look at > https://www.postfix.org/ADDRESS_CLASS_README.html#classes and > configure the recipient's domain in the appropriate address class > (local domain class, virtual alias domain class, or virtual mailbox > domain class). I’ll take a look at this doc. Thank you. I feel like if I simple drop mail matching domain *.compute.amazonaws.com or even the fqdn of the aws instance, that would be enough to break the chain, but I’m not exactly sure how to do that. > > Wietse
signature.asc
Description: Message signed with OpenPGP
