Re: SRS bounces not working in postfix

Mon, 03 Feb 2014 16:23:17 -0800 

Thanks again Jason - I get this using your specified telnet test:

500 Hash invalid in SRS address.
So I have been playing around with it more now in light of this new information - here is what I have found: 

 * It works and delivers mail when the "-I" switch is NOT present (this
   has been my usage in all examples).  However, when I try to decode
   in this mode I get "500 Hash invalid in SRS address." when testing
   in telnet - which could explain why bounces are not working.  Telnet
   encode tests on port 10001 work fine.
 * When the "-I" switch IS present, it does not deliver mail. However,
   it passes both telnet encode/decode tests.  Here is the delivery
   problem I see in the logs:

   Feb  3 16:31:00 quimby0 postfix/smtpd[32357]: connect from
   homer.terabytemedia.com[74.206.115.225]
   Feb  3 16:31:00 quimby0 postfix/smtpd[32357]: warning:
   tcp:127.0.0.1:10002 lookup error for "~us...@forwardingdomain.com~"
   Feb  3 16:31:00 quimby0 postfix/smtpd[32357]: NOQUEUE: reject: RCPT
   from homer.terabytemedia.com[74.206.115.225]: 451 4.3.0
   <mikeboun...@acermanuals.com>: Temporary lookup failure;
   from=<mikemc@terabyte[added_to_prevent_spam]media.com>
   to=<~us...@forwardingdomain.com~> proto=ESMTP
   helo=<homer.terabytemedia.com>
   Feb  3 16:31:00 quimby0 postfix/smtpd[32357]: disconnect from
   homer.terabytemedia.com[74.206.115.225]

   So I am now getting some "warning: tcp:127.0.0.1:10002 lookup error"
   with the -I switch enabled - but it passes telnet encode/decode tests.
I am confused why it is logging a decoding error with -I as opposed to without -I in the logs above - you would think it would do that in either case since ~us...@forwardingdomain.com~ is not SRS encoded. One thing that might explain this - when testing on telnet with -I off, I get a "400 external domains are ignored" error (maybe 4xx errors are warnings to Postfix and it continues to send and moves on to encoding?) - with -I on, I get a "500 Not an SRS address." which I assume is fatal.
One fix might be to patch pfix-srsd (I don't program in C but could probably figure it out) to return a 400 error for the "500 Not an SRS address.". I cannot think of any way that opens me up to problems since I assume the address would just not be rewritten by Postfix in this case. 

Any ideas?

Michael

Reply via email to