-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I think I have an idea on why sometimes amavisd issues a "Open relay? Nonlocal recips but not originating" warning.
Consider this scenario. I have many external servers of my customer. Each one of them has an alias table that remaps local administrative accounts (root, logwatch...) to [email protected], a local account on my mail server. When I receive a message of this kind, amavisd issues a warning "Open relay? Nonlocal recips but not originating: [email protected]" Those are the headers of one of such messages: Return-Path: <[email protected]> Delivered-To: <[email protected]> Received: from mail.luigirosa.com by mail.luigirosa.com (Dovecot) with LMTP id KUlkEZm2C1BKDwAAP6OfHg for <[email protected]>; Sun, 22 Jul 2012 10:15:21 +0200 Received: from localhost (mail.luigirosa.com [127.0.0.1]) by mail.luigirosa.com (HyperTrek-Postfix) with ESMTP id 3WfzCs1wBYz1fhYw for <[email protected]>; Sun, 22 Jul 2012 10:15:21 +0200 (CEST) X-Virus-Scanned: amavisd-new at luigirosa.com Received: from mail.luigirosa.com ([127.0.0.1]) by localhost (mail.luigirosa.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id IL9ybQuEF0EB for <[email protected]>; Sun, 22 Jul 2012 10:15:20 +0200 (CEST) Received: from free.dsl.vodafone.it (free.dsl.vodafone.it [91.80.36.31]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.luigirosa.com (HyperTrek-Postfix) with ESMTPS id 3WfzCr4fn0z1fhYv for <[email protected]>; Sun, 22 Jul 2012 10:15:20 +0200 (CEST) Received: from mail.saldflux.net (net-188-219-236-122.cust.dsl.vodafone.it [188.219.236.122]) by free.dsl.vodafone.it with ESMTP id q6M8FJM0023844-q6M8FJM1023844 for <[email protected]>; Sun, 22 Jul 2012 10:15:19 +0200 Received: from localhost (mail.saldflux.net [127.0.0.1]) by mail.saldflux.net (Postfix) with ESMTP id 3WfzCq4v1Wz1Gh6d for <[email protected]>; Sun, 22 Jul 2012 10:15:19 +0200 (CEST) X-Virus-Scanned: amavisd-new at saldflux.net Received: from mail.saldflux.net ([127.0.0.1]) by localhost (mail.saldflux.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id T7Pm8XaSs93z for <[email protected]>; Sun, 22 Jul 2012 10:15:19 +0200 (CEST) Received: by mail.saldflux.net (Postfix, from userid 0) id 3WfzCq1KSPz1Gh6c; Sun, 22 Jul 2012 10:15:19 +0200 (CEST) From: [email protected] (Cron Daemon) To: [email protected] Subject: Cron <root@mail> Content-Type: text/plain; charset=UTF-8 Auto-Submitted: auto-generated X-Cron-Env: <SHELL=/bin/sh> X-Cron-Env: <HOME=/root> X-Cron-Env: <PATH=/usr/bin:/bin> X-Cron-Env: <LOGNAME=root> X-Cron-Env: <USER=root> Message-Id: <[email protected]> Date: Sun, 22 Jul 2012 10:15:18 +0200 (CEST) I think that the problem is that the finel recipient of the email translated with sender alias table ([email protected]) is not listed in the headers of the message. For reference here's the @local_domains_maps and @mynetworks @local_domains_maps = ( [".$mydomain", "luigirosa.com", "hypertrek.info", ".hypertrek.info", ".mail.hypertrek.info", ".hypertrek.org", ".luigi.rosa.name", ".insconsulting.biz"] ); # list of all local domains @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); Ciao, luigi - -- / +--[Luigi Rosa]-- \ Life would be so much easier if we could just look at the source code. --Dave Olson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlALuLEACgkQ3kWu7Tfl6ZRJwwCePPeOYJS2Qz4jI/JB8/EFhY1m N+UAmgIofpYp1jW7kZBW0MpFE7O3H1i2 =kv5j -----END PGP SIGNATURE-----
