Goedenavond Wietse, your help is very much appreciated :)
Am 08.07.2022 um 17:04 schrieb Wietse Venema:
When will the queue manager ignore the nexthop from trivial-rewrite?
The queue manager will override that nexthop when a destination is
specified with REDIRECT or FILTER.
Maybe I set up accidentally a REDIRECT or FILTER.
postconf -n
compatibility_level = 3.6
inet_protocols = ipv4
mydomain = mydomain.com
myhostname = smarthost.mydomain.com
mynetworks = 127.0.0.0/8
relayhost = [4.4.4.1]
smtp_tls_note_starttls_offer = yes
smtpd_tls_cert_file = /etc/ssl/certs/smarthost_mydomain_com-fullchain.crt
smtpd_tls_key_file = /etc/ssl/private/smarthost_mydomain_com.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_prng_update_period = 3600s
tls_random_source = dev:/dev/urandom
postconf -P
smtp/inet/content_filter =
smtp/inet/mynetworks = /etc/postfix/exo_networks
smtp/inet/smtp_tls_mandatory_ciphers = high
smtp/inet/smtp_tls_mandatory_protocols = >=TLSv1.2
smtp/inet/smtp_tls_security_level = encrypt
smtp/inet/smtpd_client_restrictions = permit_mynetworks,reject
submission/inet/content_filter =
submission/inet/rewrite_service_name = submission-rewrite
submission/inet/smtp_tls_security_level = encrypt
submission/inet/smtpd_client_restrictions = permit_sasl_authenticated,reject
submission/inet/smtpd_sasl_auth_enable = yes
submission/inet/smtpd_sasl_path = private/auth
submission/inet/smtpd_sasl_security_options = noanonymous
submission/inet/smtpd_sasl_tls_security_options = noanonymous
submission/inet/smtpd_sasl_type = dovecot
submission/inet/syslog_name = postfix/submission
2525/inet/content_filter =
2525/inet/mynetworks = 127.0.0.0/8,10.10.10.0/24,10.11.20.0/24,10.10.30.0/24
2525/inet/receive_override_options =
no_unknown_recipient_checks,no_header_body_checks,no_milters
2525/inet/rewrite_service_name = from-relay-rewrite
2525/inet/smtpd_client_restrictions =
2525/inet/smtpd_helo_restrictions =
2525/inet/smtpd_recipient_restrictions = permit_mynetworks,reject
2525/inet/smtpd_relay_restrictions =
2525/inet/smtpd_sender_restrictions =
submission-rewrite/unix/sender_dependent_relayhost_maps =
hash:/etc/postfix/transport_to_senders_relay
submission-rewrite/unix/syslog_name = postfix/submission-rewrite
submission-rewrite/unix/transport_maps =
hash:/etc/postfix/transport_to_exo_domains
from-relay-rewrite/unix/relayhost =
[mydomain-com02b.mail.protection.outlook.com]
relay/unix/syslog_name = postfix/$service_name
The services "smtp" and "2525" are only placeholders right now. I tried
to get the "submission" service up and running first, that is where I
went into the nexthop issue.
The non-debug log of an e-mail from testa to testa is
Jul 8 19:02:04 localhost postfix/submission/smtpd[106104]: warning:
dict_nis_init: NIS domain name not set - NIS lookups disabled
Jul 8 19:02:05 localhost postfix/submission/smtpd[106104]: connect from
XYZ.dynamic.kabel-deutschland.de[188.194.X.Y]
Jul 8 19:02:06 localhost postfix/submission/smtpd[106104]: Anonymous
TLS connection established from
XYZ.dynamic.kabel-deutschland.de[188.194.X.Y]: TLSv1.3 with cipher
TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519
server-signature ECDSA (P-384) server-digest SHA384
Jul 8 19:02:08 localhost postfix/submission/smtpd[106104]: C9C5E4A99A:
client=XYZ.dynamic.kabel-deutschland.de[188.194.X.Y], sasl_method=PLAIN,
sasl_username=m...@mydomain.com
Jul 8 19:02:08 localhost postfix/cleanup[106110]: C9C5E4A99A:
message-id=<cae9c789-06a9-fcb0-8b91-a0ce204c2...@mydomain.com>
Jul 8 19:02:08 localhost postfix/qmgr[106093]: C9C5E4A99A:
from=<te...@mydomain.com>, size=868, nrcpt=1 (queue active)
Jul 8 19:02:08 localhost postfix/submission/smtpd[106104]: disconnect
from XYZ.dynamic.kabel-deutschland.de[188.194.X.Y] ehlo=2 starttls=1
auth=1 mail=1 rcpt=1 data=1 quit=1 commands=8
Jul 8 19:02:38 localhost postfix/smtp[106112]: connect to
4.4.4.1[4.4.4.1]:25: Connection timed out
Jul 8 19:02:38 localhost postfix/smtp[106112]: C9C5E4A99A:
to=<te...@mydomain.com>, relay=none, delay=30, delays=0.07/0.01/30/0,
dsn=4.4.1, status=deferred (connect to 4.4.4.1[4.4.4.1]:25: Connection
timed out)
Best regards,
Josef
