On Jun 6, 2010, at 1:15 AM, Mark Edwards wrote: > On Jun 5, 2010, at 4:12 PM, Mark Edwards wrote: > >> I rebuilt our ASSP setup (done by someone who is long gone), upgrading it >> from 1.2.6 running on Windows Server to 2.0.1 running on Ubuntu 10.4 LTS. >> >> The ASSP sits in front of an Exchange 2007 server connecting through >> SMTPListenPort to SMTP Destination, and it relays outgoing mail from >> Exchange's send connector via Relay Port on a separate IP to Postfix running >> as Relay Host on port 125. >> >> This is a similar to the previous setup, and as far as I can tell its the >> standard way to do this. >> >> The old server would log both incoming mail as well as outgoing relayed mail >> to logs/maillog.txt, whereas the new one only logs incoming. Outgoing mail >> is clearly passing through the ASSP, as headers are being added and there's >> no other way for it to hit postfix. Is it normal for relay connections to >> not get logged? >> >> In addition, I was under the impression that recipients in outgoing relayed >> mail would be added to the whitelist. I have the Exchange server listed in >> Accept All Mail, as well as in Allow Relay Connections From. It appears >> that only successful senders are added to the whitelist, however. Is this >> the normal behavior? >> >> I'm wondering if outgoing relayed mail is somehow not being processed at all. >> >> Thanks. > > > I made an interesting discovery. If I conduct a telnet session to the > relayport of the ASSP from the Exchange server, the mail is logged in the > ASSP maillog.txt. So, it would seem to be something about how Exchange is > sending via its Send Connector that is preventing the mail from being > processed by the ASSP. > > However, when I watch both an Exchange connection and a hand-made telnet > connection in the SMTP Connections viewer of the ASSP web interface, they > appear identical. Both are coming from the same address (10.10.11.5), and > all the other fields are the same. > > Why would one be logged and processed and the other not?
I sorted it out. Exchange and Postfix were negotiating a TLS connection, which was cutting ASSP out of the loop. Its cool that ASSP happily continued transmitting the dialogue, as at least users' mail was being sent successfully. Setting smtpd_use_tls=no in /etc/postfix/main.cf cleared up the problem, and now outgoing mail is logged and contributes to the whitelist. I'm curious if this is a potential problem with incoming mail on the listenPort? Will ASSP not allow a TLS negotiation on that port, and will this cut ASSP out of the conversation? -- Mark Edwards Audiovisual Coordinator & IT Assistant Contemporary Jewish Museum 736 Mission Street San Francisco, CA 94103 direct line: 415.655.7802 fax: 415.655.7815 ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
