On Fri, 8 Mar 2024 at 05:52, Stephen Satchell via Postfix-users
<postfix-users@postfix.org> wrote:
>
> Assuming that one's configuration has open relay, what does a log entry
> for relayed mail look like?

I think you really need to look at multiple log entries to discover that, e.g.

Mar 13 16:21:06 mail-4 postfix/smtpd[1867]: connect from
ptr-for-192-168-0-24.mynet[192.168.0.24]
Mar 13 16:21:06 mail-4 postfix/smtpd[1867]: 1A3B642F9A8:
ptr-for-192-168-0-24.mynet[192.168.0.24]
Mar 13 16:21:06 mail-4 postfix/smtpd[1867]: disconnect from
ptr-for-192-168-0-24.mynet[192.168.0.24]
Mar 13 16:21:06 mail-4 postfix/qmgr[2298]: 1A3B642F9A8:
from=<fromaddr@mynet>, size=9604, nrcpt=1 (queue active)
Mar 13 16:21:07 mail-4 postfix/smtp[1386]: 1A3B642F9A8:
to=<recipi...@otherplace.com>, relay=rmx.otherplace.com[10.1.1.5]:25,
delay=1.2, delays=0/0/0.5/0.72, dsn=2.0.0, status=sent (250 2.0.0
3wtk0e9aqf-1 Message accepted for delivery)
Mar 13 16:21:07 mail-4 postfix/qmgr[2298]: 1A3B642F9A8: removed

That the connection originated outside your network is in the first
two log entries above. The (asserted) sender is in the fourth line.
The fact it is not addressed to your domain and needs to be passed on
elsewhere is in the 5th line. The host I am looking at does not
implement authentication, but ISTR there would be another log entry -
how exactly you reconcile this with the type of entries above is a
different matter though.

Maybe it's just easier to test relaying from outside your network yourself?

C.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to