OK mail from outlook does make it's way thru; e.g., since Monday,
xzegrep "250 2.0.0 Queued as.*outbound.protection.outlook.com"
/var/log/postfix/postfix.log | wc -l
4343
Isn't that outbound mail*to* Microsoft-hosted domains? I wouldn't
expect that to appear in logs of incoming mail.
i grabbed the 250 for my grep from proxy-accept, just for counting convenience
e.g., here's an ok inbound that was accepted/delivered;
2023-07-17T10:19:12.601557-04:00 svr01 postfix/postscreen[44132]:
CONNECT from [40.107.244.113]:33056 to [xx.xx.xx.xx]:25
2023-07-17T10:19:18.800849-04:00 svr01 postfix/postscreen[44132]: PASS
NEW [40.107.244.113]:33056
2023-07-17T10:19:18.926665-04:00 svr01 postfix/ps-int/smtpd[44136]:
connect from mail-mw2nam12on2113.outbound.protection.outlook.com[40.107.244.113]
2023-07-17T10:19:19.247918-04:00 svr01 postfix/ps-int/smtpd[44136]:
Untrusted TLS connection established from
mail-mw2nam12on2113.outbound.protection.outlook.com[40.107.244.113]: TLSv1.2
with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)
2023-07-17T10:19:21.649503-04:00 svr01 auth-milter[34494]: 4325636CF1D:
ERROR: Error parsing existing Authentication-Results header: dkim=none (message not
signed)#015<LF> header.d=none;dmarc=none action=none header.from=example2.com;
2023-07-17T10:19:21.368763-04:00 svr01 postfix/ps-int/smtpd[44136]:
NOQUEUE:
client=mail-mw2nam12on2113.outbound.protection.outlook.com[40.107.244.113]
2023-07-17T10:19:21.992068-04:00 svr01 milter-regex[1108]: localhost.mx1.example1.net
[127.0.0.1]: ACCEPT, HELO: auth-milter.mx1.example2.net, FROM: <some...@example2.com>, RCPT:
<p...@example.com>, From:someone <some...@example2.com>, To: me <p...@example.com>,
Subject: xxxx
2023-07-17T10:19:21.927171-04:00 svr01 postfix/preQ/smtpd[44140]:
connect from localhost.mx1.example1.net[127.0.0.1]
2023-07-17T10:19:21.938905-04:00 svr01 postfix/preQ/smtpd[44140]:
4RF2p96g9nz5K: client=localhost.mx1.example1.net[127.0.0.1],
orig_client=mail-mw2nam12on2113.outbound.protection.outlook.com[40.107.244.113]
2023-07-17T10:19:21.941334-04:00 svr01 postfix/cleanup[44143]: 4RF2p96g9nz5K:
message-id=<B...3.namprd08.prod.outlook.com>
2023-07-17T10:19:22.020339-04:00 svr01 clamav-milter[5784]: Clean message from
<some...@example2.com> to <p...@example.com>
2023-07-17T10:19:28.048393-04:00 svr01 postfix/qmgr[1360]: 4RF2p96g9nz5K:
from=<some...@example2.com>, size=13112, nrcpt=1 (queue active)
2023-07-17T10:19:28.049981-04:00 svr01 postfix/ps-int/smtpd[44136]: proxy-accept:
END-OF-MESSAGE: 250 2.0.0 Queued as 4325636CF1D; from=<some...@example2.com>
to=<p...@example.com> proto=ESMTP helo=<NAM12-MW2-obe.outbound.protection.outlook.com>
2023-07-17T10:19:28.052131-04:00 svr01 postfix/preQ/smtpd[44140]:
disconnect from localhost.mx1.example1.net[127.0.0.1] ehlo=1 xforward=3 mail=1
rcpt=1 data=1 quit=1 commands=8
2023-07-17T10:19:28.171477-04:00 svr01 postfix/ps-int/smtpd[44136]:
disconnect from
mail-mw2nam12on2113.outbound.protection.outlook.com[40.107.244.113] ehlo=2
starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
2023-07-17T10:19:28.268685-04:00 svr01 postfix/relay-mx2/smtp[44150]:
Verified TLS connection established to
internal.mx2.example2.net[172.28.25.1]:25: TLSv1.3 with cipher
TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X448 server-signature
ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1)
client-digest SHA384
2023-07-17T10:19:28.955906-04:00 svr01 postfix/relay-mx2/smtp[44150]:
4RF2p96g9nz5K: to=<p...@example.com>,
relay=internal.mx2.example2.net[172.28.25.1]:25, delay=7, delays=6.1/0.01/0.49/0.4,
dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 4RF2pJ53hDzWf3r)
2023-07-17T10:19:28.956613-04:00 svr01 postfix/qmgr[1360]:
4RF2p96g9nz5K: removed
i'll look some more at TLS handshake, but can't yet grok why it'd work in some
cases, and not others -- from *.outlook.com
as mentioned above, hardly a stress blip to worry about ...
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
