On Thu, May 29, 2014 at 11:10:10PM +0200, Denis Fondras wrote:
> Hi,
>
Hi,
> I'd like some explanation on how opensmtpd works as a backup mx. I use
> opensmtpd-201405202105p1 compiled myself on Debian7.
>
Can you share the configuration file ?
I'm not sure I understand what happens.
> First I had "accept from any for domain "dom.fr" relay backup" in my
> config file. But after a few minutes I get a message back complaining
> that there is a loop.
>
> No, this can't be. mx1 (weight 5) isn't the same as mx2 (weight 10).
>
Without the log it's tricky to debug but I'll throw a guess here:
Is your machine named "mx2.backdom.fr" ?
If you use:
accept [...] relay backup
OpenSMTPD will do a MX lookup and try to find a MX that matches its own
hostname to determine its own weight. If your local hostname isn't in
the list of entries returned, it will assume a very very low weight and
will assume any of the results in the MX lookup are ok to deliver to.
> So I went with "accept from any for domain "dom.fr" relay backup
> mx2.backdom.fr" so it never tries to deliver to mx2 again (if I get the
> man right).
>
Actually, that's not exactly what it means.
It means "Nevermind my real hostname, I'm the backup mx2.backdom.fr" and
so it'll pickup the weight of mx2.backdom.fr.
This is equivalent to having:
accept [...] relay backup
if your hostname is mx2.backdom.fr
> Why do I have to specify the mx, what is the point ? From my point of
> view, a backup mx MUST (as in RFC MUST) always try to deliver to a lower
> pref mx thank itself and keep it until it can deliver (or timeout).
>
You are right about what a backup MX must do and this is what it does as
far as no bug is concerned.
As for why you must specify the MX, this is simple:
OpenSMTPD cannot guess what backup MX it is supposed to be unless it has
the name it operates under. So it has two strategies:
1- either use its own local name (`hostname`)
2- or use a name you declare in the configuration file
You're not required to declare a name in the configuration file but then
your system must be configured so that 1- is valid.
> So after adding the mx to backup, I don't have the loop-error but
> opensmtpd tries to deliver not to mx1.domain.tld but to domain.tld
> (which doesn't exist). I had to add a A record to have mails delivered.
>
That's strange, it typically attempts domain.tld if it fails to find any
valid MX to handle the mail.
>
> $ host dom.fr
> dom.fr mail is handled by 5 mx1.dom.fr.
> dom.fr mail is handled by 10 mx2.backdom.fr.
> dom.fr mail is handled by 15 mx3.backdom2.fr.
>
The configuration file and logs are very important to debug this, there
is so much we can guess :-p
--
Gilles Chehade
https://www.poolp.org @poolpOrg
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
