Well, I've done a bunch of recordio debugging now that I have TLS out of the way, so that I can actually read what my SMTP servers are saying to eachother, and things have gotten very interesting. I've included three recordio sessions in this mail, and I'll be commenting them above each session.
Here's the first session. This is from mail.kydance.net, and is the output from squirrelmail talking to the SMTP server on the initial delivery request for the message. Everything in this session is correct. 9991 > 220 mail.kydance.net ESMTP 9991 < HELO webmail.kydance.net 9991 > 250 mail.kydance.net 9991 < MAIL FROM: <[EMAIL PROTECTED]> 9991 > 250 ok 9991 < RCPT TO: <[EMAIL PROTECTED]> 9991 > 250 ok 9991 < DATA 9991 > 354 go ahead 9991 < Received: from 216.190.203.130 (proxying for 192.168.1.254) 9991 < (SquirrelMail authenticated user mwalker%kydance.net) 9991 < by squirrelmail.kydance.net with HTTP; 9991 < Wed, 2 Jul 2003 16:12:20 -0600 (MDT) 9991 < Message-ID: <37732.216.190.203.130.105+ 9991 < [EMAIL PROTECTED]> 9991 < Date: Wed, 2 Jul 2003 16:12:20 -0600 (MDT) 9991 < Subject: Re: FW: Website info. 9991 < From: "Matthew Walker" <[EMAIL PROTECTED]> 9991 < To: [EMAIL PROTECTED] 9991 < User-Agent: SquirrelMail/1.4.1 [CVS] 9991 < MIME-Version: 1+ 9991 < .0 9991 < Content-Type: text/plain;charset=iso-8859-1 9991 < Content-Transfer-Encoding: 8bit 9991 < X-Priority: 3 9991 < Importance: Normal 9991 < 9991 < This is a test.... 9991 < 9991 < . 9991 > 250 ok 1057183940 qp 9993 9991 < QUIT 9991 > 221 mail.kydance.net 9991 > [EOF] Now, this is the recordio session from the server hosting epliantmarketing.com's email (Technically helium.mthmarketing.com, or any of 200 other names...) Pay special attention to the RCPT TO: line, and compare it with what was in the first session. WTF? 0084 > 220 helium.mthmarketing.com ESMTP 0084 < HELO mail.kydance.net 0084 > 250 helium.mthmarketing.com 0084 < MAIL FROM:<[EMAIL PROTECTED]> 0084 > 250 ok 0084 < RCPT TO:<[EMAIL PROTECTED]> 0084 > 250 ok 0084 < DATA 0084 > 354 go ahead 0084 < Received: (qmail 9993 invoked by uid 1028); 2 Jul 2003 22:12:20 -0000 0084 < Received: from unknown (HELO webmail.kydance.net) (127.0.0.1) 0084 < by 0 with SMTP; 2 Jul 2003 22:12:20 -0000 0084 < Received: from 216.190.203.130 (proxying for 192.168.1.254) 20084 < (Squirre+ 0084 < lMail authenticated user mwalker%kydance.net) 0084 < by squirrelmail.kydance.net with HTTP; 0084 < Wed, 2 Jul 2003 16:12:20 -0600 (MDT) 0084 < Message-ID: <[EMAIL PROTECTED]> 20084 < Date: Wed, 2 Jul 2003 16:12:20 -0+ 0084 < 600 (MDT) 0084 < Subject: Re: FW: Website info. 0084 < From: "Matthew Walker" <[EMAIL PROTECTED]> 0084 < To: [EMAIL PROTECTED] 0084 < User-Agent: SquirrelMail/1.4.1 [CVS] 0084 < MIME-Version: 1.0 0084 < Content-Type: text/plain;charset=iso-8859-1 20084 < Content-Transfer-Encoding: 8+ 0084 < bit 0084 < X-Priority: 3 0084 < Importance: Normal 0084 < 0084 < This is a test.... 0084 < 0084 < . 0084 > 250 ok 1057183945 qp 20086 0084 < QUIT 0084 > 221 helium.mthmarketing.com 20084 > [EOF] Finally, this is from mail.kydance.net again, as helium.mthmarketing.com re-routes the mail back to it, since the RCPT TO address is indeed for kydance.net at this point. Nothing seems out of the ordinary here, considering this /is/ what helium.mthmarketing.com recieved. 10000 > 220 mail.kydance.net ESMTP 10000 < HELO helium.mthmarketing.com 10000 > 250 mail.kydance.net 10000 < MAIL FROM:<[EMAIL PROTECTED]> 10000 > 250 ok 10000 < RCPT TO:<[EMAIL PROTECTED]> 10000 > 250 ok 10000 < DATA 10000 > 354 go ahead 10000 < Received: (qmail 20094 invoked by uid 204); 2 Jul 2003 22:12:25 -0000 10000 < Received: from [EMAIL PROTECTED] by helium.mthmarketing.com by uid 1000 with qmail-scanner-1.16 10000 < (clamscan: 0.54. spamassassin: 2.55. Clear:. 10000 < Processed in 0.379036 secs); 02 Jul+ 10000 < 2003 22:12:25 -0000 10000 < Received: from unknown (HELO mail.kydance.net) (216.190.203.134) 10000 < by 0 with SMTP; 2 Jul 2003 22:12:24 -0000 10000 < Received: (qmail 9993 invoked by uid 1028); 2 Jul 2003 22:12:20 -0000 10000 < Received: from unknown (HELO webmail.kydance.net) (1+ 10000 < 27.0.0.1) 10000 < by 0 with SMTP; 2 Jul 2003 22:12:20 -0000 10000 < Received: from 216.190.203.130 (proxying for 192.168.1.254) 10000 < (SquirrelMail authenticated user mwalker%kydance.net) 10000 < by squirrelmail.kydance.net with HTTP; 10000 < Wed, 2 Jul 2003 16:1+ 10000 < 2:20 -0600 (MDT) 10000 < Message-ID: <[EMAIL PROTECTED]> 10000 < Date: Wed, 2 Jul 2003 16:12:20 -0600 (MDT) 10000 < Subject: Re: FW: Website info. 10000 < From: "Matthew Walker" <[EMAIL PROTECTED]> 10000 < To: [EMAIL PROTECTED] 10000 < m 10000 < User-Agent: SquirrelMail/1.4.1 [CVS] 10000 < MIME-Version: 1.0 10000 < Content-Type: text/plain;charset=iso-8859-1 10000 < Content-Transfer-Encoding: 8bit 10000 < X-Priority: 3 10000 < Importance: Normal 10000 < 10000 < This is a test.... 10000 < 10000 < . 10000 > 250 ok 1057183941 qp 10002 10000 < QUIT 10000 < [EOF] What I get from this whole mess, is that for some reason, qmail is rewriting the domainname of the RCPT TO after it gets it. With these new details, does anyone have any advice about how I should go about fixing the problem? I'm willing to provide any configuration detail requested (Though I've provided most of it before, with no luck...) Anyway, advice would be much appreciated. Matthew Walker
