On Wed, 15 Jan 2020 at 17:43, Jaroslaw Rafa <[email protected]> wrote: > > Dnia 15.01.2020 o godz. 17:26:48 Simon B pisze: > > > > Amavis listens on 10024, and postfix listens on 10025 > > > > That means mail comes in on 587, it goes to amavis on 10024 and comes > > back on 10025 before going out. > [...] > > and mail is flowing. I am not happy since the solution to the > > original problem has been to make smtpd_helo_restrictions=permit and > > even though it's internal we operate a zero-trust policy, and "permit" > > is not that. > > Does Amavis actually connect to 127.0.0.1 when injecting mail back to > Postfix? If yes, then maybe you don't have 127.0.0.1 in $mynetworks > > It can also be that Amavis doesn't connect to 127.0.0.1, but to some other > IP on your server - then you need to put that IP in $mynetworks too, or > reconfigure Amavis so that it connects to 127.0.0.1
I don't know where else it could connect... In master.cf it is defined 119 #The amavis reciever 120 127.0.0.1:10025 inet n - - - - smtpd > If it works with "permit", it should also work with "permit_mynetworks", > provided that the value of $mynetworks includes the actual IP Amavis is > connecting to. it should, but it isn't - hence the reason I have asked here for help. # postconf -n | grep -n mynetworks 36:mynetworks = 127.0.0.0/8, [::1]/128 37:mynetworks_style = host Regards Simon
