Hi Gilles, > On 29 Jan 2019, at 12:58, Gilles Chehade <[email protected]> wrote: > > On Tue, Jan 29, 2019 at 12:41:17PM +0100, Mischa wrote: >> >> >>> On 29 Jan 2019, at 12:30, Gilles Chehade <[email protected]> wrote: >>> >>> On Fri, Jan 25, 2019 at 02:08:41PM +0100, Mischa wrote: >>>> Hi All, >>>> >>> >>> Hi, >>> >>> >>>> ### smtpd.conf >>>> pki mx1.domain1.nl cert "/etc/ssl/mx1.domain1.nl.fullchain.pem" >>>> pki mx1.domain1.nl key "/etc/ssl/private/mx1.domain1.nl.key" >>>> >>>> table names file:/etc/mail/hostnames >>>> table aliases file:/etc/mail/aliases >>>> table www-relays file:/etc/mail/www-relays >>>> table www-senders file:/etc/mail/www-senders >>>> table relay-domains file:/etc/mail/relay-domains >>>> table reject-email file:/etc/mail/reject-email >>>> >>>> table domains sqlite:/etc/mail/sqlite.conf >>>> table virtuals sqlite:/etc/mail/sqlite.conf >>>> table credentials sqlite:/etc/mail/sqlite.conf >>>> >>>> filter check-fcrdns builtin connect fcrdns disconnect "550 fc-rDNS" >>>> >>>> listen on mx1.domain1.nl port 25 tls pki mx1.domain1.nl hostnames <names> >>>> filter check-fcrdns >>>> >>>> action "local" mbox alias <aliases> >>>> action "maildir" maildir "/var/mail/virtual/%{dest:lowercase}/" virtual >>>> <virtuals> >>>> action "relay" relay >>>> action "smartrelay" relay host smtp://mail.domain1.nl >>>> >>>> match from any rcpt-to <reject-email> for any reject >>>> match from src <www-relays> !mail-from <www-senders> for any reject >>>> match from src <www-relays> mail-from <www-senders> action "relay" >>>> match from any for domain <relay-domains> action "smartrelay" >>>> match from any for domain <domains> action "maildir" >>>> match from local action "smartrelay" >>>> match for any action "relay" >>>> ### >>>> >>>> # cat www-relays >>>> 46.23.xx.yy >>>> >>>> # cat www-senders >>>> [email protected] >>>> >>>> As soon as an email is send from one of the www-relays with the >>>> sender that is in www-senders I am getting the following error on >>>> the sending mail server (FreeBSD w/ dma): >>>> >>>> Jan 18 15:56:12 www dma[2eb801]: new mail from user=www uid=80 >>>> envelope_from=<[email protected]> >>>> Jan 18 15:56:12 www dma[2eb801]: mail to=<[email protected]> queued as >>>> 2eb801.801a2d0a0 >>>> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying delivery >>>> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: using smarthost >>>> (mx1.domain1.nl:25) >>>> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying remote delivery to >>>> mx1.domain1.nl [46.23.xx.zz] pref 0 >>>> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: remote delivery to >>>> mx1.domain1.nl [46.23.xx.zz] failed after RCPT TO: 550 Invalid recipient >>>> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: delivery failed, bouncing as >>>> 2eb803 >>>> >>>> >>>> OpenSMTPD is saying (grep "00a1b263550db3c7" /var/log/maillog): >>>> >>>> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected >>>> address=46.23.xx.yy host=46-23-xx-yy.domain1.nl >>>> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command >>>> command="RCPT TO:<[email protected]>" result="550 Invalid recipient" >>>> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp disconnected >>>> reason=disconnect >>>> >>>> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected >>>> address=46.23.xx.xx host=www.domain2.nl >>>> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command >>>> command="RCPT TO:<[email protected]>" result="550 Invalid recipient" >>>> >>>> >>>> Anybody have an idea? >>>> >>> >>> can you run smtpd with -dv -T rules and provide log of which rule is >>> matched ? >> >> It says no rules are matched. Which makes sense from a failure perspective, >> as it's unable to deliver the email locally. >> But the content in the files hasn't changed since the upgrade to the new >> syntax. >> >> debug: lka: helo names:46.23.88.60 >> ed537f31142afcea smtp connected address=46.23.xx.xx host=46-23-xx.xx.high5.nl >> no rule matched >> ed537f31142afcea smtp failed-command command="RCPT >> TO:<[email protected]>" result="550 Invalid recipient" >> ed537f31142afcea smtp disconnected reason=disconnect >> >> Is there a way to get the sender information in the debug? >> > > well, providing the full session log from connect to disconnect without > altering it would be a good start to troubleshoot.
Yeah... not really going to happen on public mailinglist. :/ It has the email address of one of my customers and there isn't anything I want to do with the rcpt-to. The IP address is part of src (www-relays), which I checked and double checked. :) The only thing I can think of is that the mail-from is not matched in www-senders file. Just saw I missed one IP, but that is ok, so you get the drift. > I think you are missing a "for any" on some rules which causes them to > not be matched. I would like this email to match the following rule: match from src <www-relays> mail-from <www-senders> action "relay" action "relay" relay Mischa -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
