On Thu, May 29, 2014 at 11:10:10PM +0200, Denis Fondras wrote: > Hi, >
Hi, > I'd like some explanation on how opensmtpd works as a backup mx. I use > opensmtpd-201405202105p1 compiled myself on Debian7. > Can you share the configuration file ? I'm not sure I understand what happens. > First I had "accept from any for domain "dom.fr" relay backup" in my > config file. But after a few minutes I get a message back complaining > that there is a loop. > > No, this can't be. mx1 (weight 5) isn't the same as mx2 (weight 10). > Without the log it's tricky to debug but I'll throw a guess here: Is your machine named "mx2.backdom.fr" ? If you use: accept [...] relay backup OpenSMTPD will do a MX lookup and try to find a MX that matches its own hostname to determine its own weight. If your local hostname isn't in the list of entries returned, it will assume a very very low weight and will assume any of the results in the MX lookup are ok to deliver to. > So I went with "accept from any for domain "dom.fr" relay backup > mx2.backdom.fr" so it never tries to deliver to mx2 again (if I get the > man right). > Actually, that's not exactly what it means. It means "Nevermind my real hostname, I'm the backup mx2.backdom.fr" and so it'll pickup the weight of mx2.backdom.fr. This is equivalent to having: accept [...] relay backup if your hostname is mx2.backdom.fr > Why do I have to specify the mx, what is the point ? From my point of > view, a backup mx MUST (as in RFC MUST) always try to deliver to a lower > pref mx thank itself and keep it until it can deliver (or timeout). > You are right about what a backup MX must do and this is what it does as far as no bug is concerned. As for why you must specify the MX, this is simple: OpenSMTPD cannot guess what backup MX it is supposed to be unless it has the name it operates under. So it has two strategies: 1- either use its own local name (`hostname`) 2- or use a name you declare in the configuration file You're not required to declare a name in the configuration file but then your system must be configured so that 1- is valid. > So after adding the mx to backup, I don't have the loop-error but > opensmtpd tries to deliver not to mx1.domain.tld but to domain.tld > (which doesn't exist). I had to add a A record to have mails delivered. > That's strange, it typically attempts domain.tld if it fails to find any valid MX to handle the mail. > > $ host dom.fr > dom.fr mail is handled by 5 mx1.dom.fr. > dom.fr mail is handled by 10 mx2.backdom.fr. > dom.fr mail is handled by 15 mx3.backdom2.fr. > The configuration file and logs are very important to debug this, there is so much we can guess :-p -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org