On Tue, Jan 29, 2019 at 12:41:17PM +0100, Mischa wrote:
> 
> 
> > On 29 Jan 2019, at 12:30, Gilles Chehade <gil...@poolp.org> wrote:
> > 
> > On Fri, Jan 25, 2019 at 02:08:41PM +0100, Mischa wrote:
> >> Hi All,
> >> 
> > 
> > Hi,
> > 
> > 
> >> ### smtpd.conf
> >> pki mx1.domain1.nl cert "/etc/ssl/mx1.domain1.nl.fullchain.pem"
> >> pki mx1.domain1.nl key "/etc/ssl/private/mx1.domain1.nl.key"
> >> 
> >> table names file:/etc/mail/hostnames
> >> table aliases file:/etc/mail/aliases
> >> table www-relays file:/etc/mail/www-relays
> >> table www-senders file:/etc/mail/www-senders
> >> table relay-domains file:/etc/mail/relay-domains
> >> table reject-email file:/etc/mail/reject-email
> >> 
> >> table domains sqlite:/etc/mail/sqlite.conf
> >> table virtuals sqlite:/etc/mail/sqlite.conf
> >> table credentials sqlite:/etc/mail/sqlite.conf
> >> 
> >> filter check-fcrdns builtin connect fcrdns disconnect "550 fc-rDNS"
> >> 
> >> listen on mx1.domain1.nl port 25 tls pki mx1.domain1.nl hostnames <names> 
> >> filter check-fcrdns
> >> 
> >> action "local" mbox alias <aliases>
> >> action "maildir" maildir "/var/mail/virtual/%{dest:lowercase}/" virtual 
> >> <virtuals>
> >> action "relay" relay
> >> action "smartrelay" relay host smtp://mail.domain1.nl
> >> 
> >> match from any rcpt-to <reject-email> for any reject
> >> match from src <www-relays> !mail-from <www-senders> for any reject
> >> match from src <www-relays> mail-from <www-senders> action "relay"
> >> match from any for domain <relay-domains> action "smartrelay"
> >> match from any for domain <domains> action "maildir"
> >> match from local action "smartrelay"
> >> match for any action "relay"
> >> ###
> >> 
> >> # cat www-relays 
> >> 46.23.xx.yy
> >> 
> >> # cat www-senders 
> >> w...@www.domain2.nl
> >> 
> >> As soon as an email is send from one of the www-relays with the
> >> sender that is in www-senders I am getting the following error on
> >> the sending mail server (FreeBSD w/ dma):
> >> 
> >> Jan 18 15:56:12 www dma[2eb801]: new mail from user=www uid=80 
> >> envelope_from=<w...@www.domain2.nl>
> >> Jan 18 15:56:12 www dma[2eb801]: mail to=<user.n...@domain2.nl> queued as 
> >> 2eb801.801a2d0a0
> >> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying delivery
> >> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: using smarthost 
> >> (mx1.domain1.nl:25)
> >> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying remote delivery to 
> >> mx1.domain1.nl [46.23.xx.zz] pref 0
> >> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: remote delivery to 
> >> mx1.domain1.nl [46.23.xx.zz] failed after RCPT TO: 550 Invalid recipient
> >> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: delivery failed, bouncing as 
> >> 2eb803
> >> 
> >> 
> >> OpenSMTPD is saying (grep "00a1b263550db3c7" /var/log/maillog):
> >> 
> >> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected 
> >> address=46.23.xx.yy host=46-23-xx-yy.domain1.nl
> >> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command 
> >> command="RCPT TO:<user.n...@domain2.nl>" result="550 Invalid recipient"
> >> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp disconnected 
> >> reason=disconnect
> >> 
> >> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected 
> >> address=46.23.xx.xx host=www.domain2.nl
> >> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command 
> >> command="RCPT TO:<i...@domain2.nl>" result="550 Invalid recipient"
> >> 
> >> 
> >> Anybody have an idea?
> >> 
> > 
> > can you run smtpd with -dv -T rules and provide log of which rule is
> > matched ?
> 
> It says no rules are matched. Which makes sense from a failure perspective, 
> as it's unable to deliver the email locally.
> But the content in the files hasn't changed since the upgrade to the new 
> syntax.
> 
> debug: lka: helo names:46.23.88.60
> ed537f31142afcea smtp connected address=46.23.xx.xx host=46-23-xx.xx.high5.nl
> no rule matched
> ed537f31142afcea smtp failed-command command="RCPT TO:<user.n...@domain2.nl>" 
> result="550 Invalid recipient"
> ed537f31142afcea smtp disconnected reason=disconnect
> 
> Is there a way to get the sender information in the debug?
> 

well, providing the full session log from connect to disconnect without
altering it would be a good start to troubleshoot.

I think you are missing a "for any" on some rules which causes them to
not be matched.


-- 
Gilles Chehade                                                 @poolpOrg

https://www.poolp.org                 tip me: https://paypal.me/poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Reply via email to