AW: Issues with a Rewriting Gateway

Tue, 25 Apr 2017 14:32:06 -0700 

Hi Viktor,

thank you a lot for your time and effort!

I have now activated the verbose option on my smtp and trivial-rewrite and was 
analyzing the connection log.

Maillog of outgoing mail through the gateway:
http://webertec.net/fileshare/maillog_incoming.txt

Maillog of incoming mail through the gateway:
http://webertec.net/fileshare/maillog_outgoing.txt

The Exchange server at "internal.example" (oldcorp1.com) receives the mail 
"for" [email protected], but "To" [email protected] and therefore it is 
looping back to the postfix system. The RCPT TO is going to the wrong address.

With best regards
Dennis Weber

-----Ursprüngliche Nachricht-----
Von: [email protected] [mailto:[email protected]] 
Im Auftrag von Viktor Dukhovni
Gesendet: Dienstag, 25. April 2017 18:04
An: [email protected]
Betreff: Re: Issues with a Rewriting Gateway

On Tue, Apr 25, 2017 at 07:26:38AM +0000, Dennis Weber wrote:

> I have changed my configuration with your recommendation, but the 
> Exchange server behind the gateway is still receiving mails for 
> [email protected] instead of [email protected].

Please post your configuration as explained in:

    
https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.postfix.org%2FDEBUG_README.html%23mail&data=01%7C01%7Cdennis.weber%40atwork-it.com%7Ce4eb3b84734b45e69dcd08d48bf4a863%7Cd827fc609b284520af06b2d51904fa40%7C1&sdata=rq5NsBt1JyT1H087YZaiqrmFed8VFA4V0XAaL1siYEY%3D&reserved=0

This should also include "postconf -Mf" output with the original line breaks, 
do not let Outlook or other mail client reformat the command output.  Attach as 
a text file if your mail client is too difficult to configure to not mangle 
pasted text.

Also include sample lines from transport, virtual, generic, that are relevant 
to the problem at hand.  If you obfuscate addresses, make sure that each 
original domain becomes a distinct obfuscated domain and each original email 
address localpart becomes a distinct obfuscated localpart.

> Postfix Log:
> postfix/smtp[15949]: 08F37AE307: to=<[email protected]>, 
> orig_to=<[email protected]>, relay=10.0.0.8[10.0.0.8]:25, delay=0.4, 
> delays=0.04/0.02/0.04/0.3, dsn=2.6.0, status=sent (250 2.6.0 
> <[email protected]> [InternalId=someid] 
> Queued mail for delivery)

The log entry above shows the opposite of what you say.  The message came in 
addressed to (orig_to=) <[email protected]> and was delivered to (to=) 
<[email protected]>.  Exactly as you asked.  

However, what this does not show is any generic(5) rewriting performed by the 
SMTP delivery agent on the fly while delivering the message.  Perhaps you did 
not manage to hand the message off to the right ("relay") transport, or to 
configure that transport to not perform the generic(5) rewriting you want for 
outbound mail.

> Exchange Queue:
> Last Error: A local loop was detected.
> Queue ID: SRV-EXCH01\Submission
> Recipients:  [email protected];2;0;;0;

> On the way outgoing everything looks fine, the "From" Field and "Return-To"
> are rewritten by generic and the mail is delivered fine, only the way 
> incoming won't work.
> 
> Any idea on what I am doing wrong?

Either a problem within Exchange, or failure to fully implement the recipe.  
Another possibility is that you've not explained what you're asking for clearly 
enough.  Perhaps the envelope recipient you want to hand to Exchange is not the 
<[email protected]> form.

-- 
        Viktor.

Attachment: generic_rewrite_outgoing
Description: generic_rewrite_outgoing

smtp       inet  n       -       n       -       -       smtpd -v
pickup     unix  n       -       n       60      1       pickup
cleanup    unix  n       -       n       -       0       cleanup
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       n       1000?   1       tlsmgr
rewrite    unix  -       -       n       -       -       trivial-rewrite -v
bounce     unix  -       -       n       -       0       bounce
defer      unix  -       -       n       -       0       bounce
trace      unix  -       -       n       -       0       bounce
verify     unix  -       -       n       -       1       verify
flush      unix  n       -       n       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       n       -       -       smtp
relay      unix  -       -       n       -       -       smtp
    -o smtp_generic_maps=$relay_generic_maps
showq      unix  n       -       n       -       -       showq
error      unix  -       -       n       -       -       error
retry      unix  -       -       n       -       -       error
discard    unix  -       -       n       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       n       -       -       lmtp
anvil      unix  -       -       n       -       1       anvil
scache     unix  -       -       n       -       1       scache

biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd 
$daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = all
inet_protocols = ipv4
local_recipient_maps =
local_transport = error:local mail delivery is disabled
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination =
myhostname = mail.newcorp.com
mynetworks = 127.0.0.0/8 10.0.0.0/24
myorigin = newcorp.com
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
recipient_canonical_classes = envelope_recipient, header_recipient
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
relay_domains = oldcorp1.com oldcorp2.com newcorp.com
relay_generic_maps =
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_generic_maps = hash:/etc/postfix/generic_rewrite_outgoing
smtp_tls_cert_file = /etc/postfix/tls/chain.pem
smtp_tls_key_file = /etc/postfix/tls/priv2.pem
smtp_tls_loglevel = 1
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_timeout = 3600s
smtp_use_tls = yes
smtpd_banner = $myhostname
smtpd_tls_cert_file = /etc/postfix/tls/chain.pem
smtpd_tls_eecdh_grade = ultra
smtpd_tls_key_file = /etc/postfix/tls/priv2.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_high_cipherlist = 
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
tls_random_prng_update_period = 3600s
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport_rules
virtual_alias_maps = hash:/etc/postfix/virtual_aliases

Attachment: recipient_canonical
Description: recipient_canonical

Attachment: transport_rules
Description: transport_rules

Reply via email to