Hi Eric 'shubes', Thanks for the detailed explaination! It gives me more knowledge about the flow of messages in QT!
The QT installation is from end 2009, with an update in 2010. I give the details this evening (Amsterdam time). <shame mode on> No updates sinds 2010 <shame mode off> I will dig into your recommendations this evening! Richard. > Congrats on finding this out on your own, Richard. I'm afraid though, > that this isn't a very good solution to the problem. What you've done is > to make yourself available as an open relay to all of the IP addresses > included in the 'part of ip of transmitter'. This is great for spammers, > and bad for you. If a spammer in that address range were to exploit the > relay, you would soon find your IP address blacklisted, preventing you > to send emails to many destinations. This is not a pleasant situation > for anyone to be in. While the likelihood of someone actually exploiting > your host may be low, it's best to simply eliminate the possibility. As > a result, I recommend undoing your change to the tcp.smtp file, followed > by doing a > # service qmail cdb > to make the change effective. > > Now the question is, why/how did that cure your delivery problem? Adding > the RELAYCLIENT variable does a few things, but not all that much. It > causes simscan to bypass SpamAssassin scanning (clamav scanning is still > done), and it allows the sender to send to absolutely any domain (the > Relay part) as opposed to sending only to the domains which are local to > your host (domains listed in your rcpthosts file). > > As you'll notice in the smtp log, the next thing that typically follows > the chkuser sender message is the chkuser rcpt (recipient) message. So > it's a good guess that something is amiss with the message recipient(s), > which is consistent with what we've observed with RELAYCLIENT. It's > unfortunate in this case that qmail or chkuser doesn't give us any kind > of message as to what exactly the problem is. That's not acceptable in > my mind, but we'll have to work around it in the meantime. > > Speaking of log messages, qmail/SPF used to reject incoming messages > with no log message, but that's been subsequently fixed. I also don't > know if RELAYCLIENT bypasses the SPF check or not. I suppose it's > possible that this is the problem you're experiencing. You might try > changing your /var/qmail/control/spfbehavior from 3 to 1, then > restarting qmail, and see if perhaps that remedies your problem. > > How old is your qmail-toaster package? > # rpm -qa | grep toaster | sort > will show us what versions you're running. Also, > # qtp-whatami > would be helpful. > > Let us know if this remedies your problem or not. If it doesn't I would > install spamdyke (definitely do this regardless), then use spamdyke's > detailed logging facility to see exactly what's going on with this. That > would be the easiest way to see exactly where the smtp session fails. > > -- > -Eric 'shubes' > > > On 07/30/2012 07:27 AM, Richard Vinke wrote: >> Self-study is good........ >> I added the next line to /etc/tcprules.d/tcp.smtp: >> 'part of ip of transmitter':allow,RELAYCLIENT="",<more text> >> (Here i added the relayclient). >> >> Now the mails of that domain is dripping in! >> >> >> >> On 07/30/2012 06:21 AM, Richard Vinke wrote: >>> Hi all, >>> >>> I set up a qmail toaster several years ago, but only used it with an >>> external smtp server (my provider). >>> Several weeks ago, I had to use the Toaster also as smtp server, so >>> people can send mail to me directly. I changes the MX records, opened >>> port 25 and... voilĂ , it works! >>> >>> But one sender cannot deliver mail. With =/usr/sbin/qmlog smtp=, I see >>> (real sender domain is replaced with 'domain')" >>> 07-27 15:21:24 CHKUSER accepted sender: from <i...@domain.nl::> remote >>> <relay.domain.nl:unknown:195.78.85.133> rcpt <> : sender accepted >>> 07-27 15:21:24 tcpserver: end 3644 status 0 >>> >>> But no mail is delivered. >>> When I send a test mail to the same email address, it arrives OK. >>> I think, it has something to do with the 'relay', but I am not sure. >>> >>> How can I solve this? >>> >>> Richard >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >>> For additional commands, e-mail: >>> qmailtoaster-list-h...@qmailtoaster.com >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >> >> > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > > --------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
