On Thu, Apr 16, 2020 at 3:12 AM Viktor Dukhovni
<[email protected]> wrote:
>
> On Thu, Apr 16, 2020 at 02:58:44AM +0200, Vieri Di Paola wrote:
>
> > > > The collate script seems to confirm that the non-delivery
> > > > notifications have been sent out. I rest assured.
> > >
> > > And what is the output of:
> > >
> > > getent hosts $(
> > > postconf -hx inet_interfaces proxy_interfaces |
> > > tr '\t ,' '[\n*]' |
> > > egrep -v '^all$'
> > > )
> >
> > postconf: warning: /etc/postfix/main.cf: unused parameter:
> > parent_domain_matches_subdomain=debug_peer_list smtpd_access_maps
> > 10.0.0.2 mail1.mydomain.org
> > 10.0.0.1 mail2.mydomain.org
>
> Well, I don't see 10.0.0.10 in that list, is your smtp delivery agent
> chrooted? What is the output of "postconf -Mf"? Perhaps settings in
> the chroot jail are different.
Not chrooted.
# postconf -Mf
smtp inet n - n - - smtpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
policyd-spf unix - n n - 0 spawn user=nobody
argv=/usr/bin/policyd-spf
So I decided to change the destination SMTP server in "transport".
Instead of 10.0.0.10 I used 10.0.200.50.
Here's the result:
postfix/smtpd[22926]: AB3AB12404F: client=unknown[10.2.0.1]
postfix/cleanup[23782]: AB3AB12404F:
message-id=<[email protected]>
postfix/qmgr[22889]: AB3AB12404F: from=<[email protected]>,
size=2855, nrcpt=1 (queue active)
postfix/smtp[22953]: AB3AB12404F: to=<[email protected]>,
relay=10.0.200.50[10.0.200.50]:25, delay=0.09, delays=0.09/0/0/0,
dsn=5.4.6, status=bounced (mail for [10.0.200.50] loops back to
myself)
postfix/cleanup[23783]: C10F0124164:
message-id=<[email protected]>
postfix/bounce[23799]: AB3AB12404F: sender non-delivery notification:
C10F0124164
postfix/qmgr[22889]: C10F0124164: from=<>, size=4837, nrcpt=1 (queue active)
postfix/qmgr[22889]: AB3AB12404F: removed
postfix/smtpd[22926]: disconnect from unknown[10.2.0.1] ehlo=2
starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
postfix/smtp[22897]: C10F0124164: to=<[email protected]>,
relay=mail.external2.org[10.2.0.4]:25, delay=0.49,
delays=0/0/0.04/0.46, dsn=2.6.0, status=sent (250 2.6.0
<[email protected]> [InternalId=49805562]
Queued mail for delivery)
postfix/qmgr[22889]: C10F0124164: removed
Of course, 10.0.200.50 is nowhere to be found on the Postfix system
directly or indirectly (via host name lookups) except of course for
the transport file.
So it seems to me that no matter which IP addr. or host name/FQDN I
put in the transport file for mydomain.org, Postfix *always* thinks
that mail will loop back to itself.
It occurs to me that I might try to send messages to a mailbox server
with a different network mask to see what happens.
This is now starting to look more like a bug to me. Strange though,
since this system has been running smoothly for a long time. I have a
hunch it's a network-related issue, but I don't know the details as to
how Postfix decides if the mail can loop back to itself, apart from
looking up proxy_interfaces and inet_interfaces. But how does it do
that *exactly*, step by step? Is there an option somewhere to make
Postfix more verbose regarding this particular aspect? I might take a
peek at the source code, but I presume I'd get lost pretty soon.
Vieri
