Violaine, > We are using Postfix+amavisd-new on our server. We have set up virtual > domains and virtual aliases, and mail to a...@doma.in gets forwarded to > e...@other.domain. Nothing really weird, it's been working flawlessly > since several years. > > We have a dual postfix setup (TCP/25 for external incoming, TCP/587 for > internal incoming) and dual paths into amavisd-new (TCP/587 uses a policy > bank with 'originating => 1'). > > With the last version of Amavisd-new (2.6.4), we now get lots of > Open relay? Nonlocal recips but not originating: x...@gmail.com > messages when forwarding incoming mail (from TCP/25) to the proper > external addresses.
It's just a warning that was added, no other changes in that area. The intention is to remind you that the $originating flag was not set, probably due to omission in configuration - and that it may do good to address the issue, as the $originating flag controls aspects like DKIM signing, adding disclaimers, pen pals, statistics, etc. > How should we change our configuration to make those messages go away ? It depends on how you determine that a message is coming from inside or from authenticated roaming users. For simple installations with no remote mail submissions it suffices to configure @mynetworks_maps, and, like Jernej notes, not to forget to re-evaluate the @client_ipaddr_policy after/if @mynetworks_maps is changed: @client_ipaddr_policy = map { $_ => 'MYNETS' } @mynetworks_maps; (this is not necessary if only @mynetworks is changed but @mynetworks_maps left to its default) For more complex setups like yours, with dedicated submission port and dual paths to amavisd, letting it receive originating mail on a dedicated port, the solution as you already have is needed, attaching a policy bank with originating => 1 to a TCP port on which originating mail is arriving. It seems you already have this set up with this in view, but got some detail wrong. Check that your message in question really activated a suitable policy bank, setting the originating => 1. (assuming of course that the message really originated from your users) Mark ------------------------------------------------------------------------------ SOLARIS 10 is the OS for Data Centers - provides features such as DTrace, Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW http://p.sf.net/sfu/solaris-dev2dev _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/