On Tue, Jan 29, 2019 at 12:41:17PM +0100, Mischa wrote: > > > > On 29 Jan 2019, at 12:30, Gilles Chehade <[email protected]> wrote: > > > > On Fri, Jan 25, 2019 at 02:08:41PM +0100, Mischa wrote: > >> Hi All, > >> > > > > Hi, > > > > > >> ### smtpd.conf > >> pki mx1.domain1.nl cert "/etc/ssl/mx1.domain1.nl.fullchain.pem" > >> pki mx1.domain1.nl key "/etc/ssl/private/mx1.domain1.nl.key" > >> > >> table names file:/etc/mail/hostnames > >> table aliases file:/etc/mail/aliases > >> table www-relays file:/etc/mail/www-relays > >> table www-senders file:/etc/mail/www-senders > >> table relay-domains file:/etc/mail/relay-domains > >> table reject-email file:/etc/mail/reject-email > >> > >> table domains sqlite:/etc/mail/sqlite.conf > >> table virtuals sqlite:/etc/mail/sqlite.conf > >> table credentials sqlite:/etc/mail/sqlite.conf > >> > >> filter check-fcrdns builtin connect fcrdns disconnect "550 fc-rDNS" > >> > >> listen on mx1.domain1.nl port 25 tls pki mx1.domain1.nl hostnames <names> > >> filter check-fcrdns > >> > >> action "local" mbox alias <aliases> > >> action "maildir" maildir "/var/mail/virtual/%{dest:lowercase}/" virtual > >> <virtuals> > >> action "relay" relay > >> action "smartrelay" relay host smtp://mail.domain1.nl > >> > >> match from any rcpt-to <reject-email> for any reject > >> match from src <www-relays> !mail-from <www-senders> for any reject > >> match from src <www-relays> mail-from <www-senders> action "relay" > >> match from any for domain <relay-domains> action "smartrelay" > >> match from any for domain <domains> action "maildir" > >> match from local action "smartrelay" > >> match for any action "relay" > >> ### > >> > >> # cat www-relays > >> 46.23.xx.yy > >> > >> # cat www-senders > >> [email protected] > >> > >> As soon as an email is send from one of the www-relays with the > >> sender that is in www-senders I am getting the following error on > >> the sending mail server (FreeBSD w/ dma): > >> > >> Jan 18 15:56:12 www dma[2eb801]: new mail from user=www uid=80 > >> envelope_from=<[email protected]> > >> Jan 18 15:56:12 www dma[2eb801]: mail to=<[email protected]> queued as > >> 2eb801.801a2d0a0 > >> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying delivery > >> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: using smarthost > >> (mx1.domain1.nl:25) > >> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying remote delivery to > >> mx1.domain1.nl [46.23.xx.zz] pref 0 > >> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: remote delivery to > >> mx1.domain1.nl [46.23.xx.zz] failed after RCPT TO: 550 Invalid recipient > >> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: delivery failed, bouncing as > >> 2eb803 > >> > >> > >> OpenSMTPD is saying (grep "00a1b263550db3c7" /var/log/maillog): > >> > >> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected > >> address=46.23.xx.yy host=46-23-xx-yy.domain1.nl > >> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command > >> command="RCPT TO:<[email protected]>" result="550 Invalid recipient" > >> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp disconnected > >> reason=disconnect > >> > >> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected > >> address=46.23.xx.xx host=www.domain2.nl > >> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command > >> command="RCPT TO:<[email protected]>" result="550 Invalid recipient" > >> > >> > >> Anybody have an idea? > >> > > > > can you run smtpd with -dv -T rules and provide log of which rule is > > matched ? > > It says no rules are matched. Which makes sense from a failure perspective, > as it's unable to deliver the email locally. > But the content in the files hasn't changed since the upgrade to the new > syntax. > > debug: lka: helo names:46.23.88.60 > ed537f31142afcea smtp connected address=46.23.xx.xx host=46-23-xx.xx.high5.nl > no rule matched > ed537f31142afcea smtp failed-command command="RCPT TO:<[email protected]>" > result="550 Invalid recipient" > ed537f31142afcea smtp disconnected reason=disconnect > > Is there a way to get the sender information in the debug? >
well, providing the full session log from connect to disconnect without altering it would be a good start to troubleshoot. I think you are missing a "for any" on some rules which causes them to not be matched. -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
