Hi Gilles,

> On 29 Jan 2019, at 12:58, Gilles Chehade <gil...@poolp.org> wrote:
> 
> On Tue, Jan 29, 2019 at 12:41:17PM +0100, Mischa wrote:
>> 
>> 
>>> On 29 Jan 2019, at 12:30, Gilles Chehade <gil...@poolp.org> wrote:
>>> 
>>> On Fri, Jan 25, 2019 at 02:08:41PM +0100, Mischa wrote:
>>>> Hi All,
>>>> 
>>> 
>>> Hi,
>>> 
>>> 
>>>> ### smtpd.conf
>>>> pki mx1.domain1.nl cert "/etc/ssl/mx1.domain1.nl.fullchain.pem"
>>>> pki mx1.domain1.nl key "/etc/ssl/private/mx1.domain1.nl.key"
>>>> 
>>>> table names file:/etc/mail/hostnames
>>>> table aliases file:/etc/mail/aliases
>>>> table www-relays file:/etc/mail/www-relays
>>>> table www-senders file:/etc/mail/www-senders
>>>> table relay-domains file:/etc/mail/relay-domains
>>>> table reject-email file:/etc/mail/reject-email
>>>> 
>>>> table domains sqlite:/etc/mail/sqlite.conf
>>>> table virtuals sqlite:/etc/mail/sqlite.conf
>>>> table credentials sqlite:/etc/mail/sqlite.conf
>>>> 
>>>> filter check-fcrdns builtin connect fcrdns disconnect "550 fc-rDNS"
>>>> 
>>>> listen on mx1.domain1.nl port 25 tls pki mx1.domain1.nl hostnames <names> 
>>>> filter check-fcrdns
>>>> 
>>>> action "local" mbox alias <aliases>
>>>> action "maildir" maildir "/var/mail/virtual/%{dest:lowercase}/" virtual 
>>>> <virtuals>
>>>> action "relay" relay
>>>> action "smartrelay" relay host smtp://mail.domain1.nl
>>>> 
>>>> match from any rcpt-to <reject-email> for any reject
>>>> match from src <www-relays> !mail-from <www-senders> for any reject
>>>> match from src <www-relays> mail-from <www-senders> action "relay"
>>>> match from any for domain <relay-domains> action "smartrelay"
>>>> match from any for domain <domains> action "maildir"
>>>> match from local action "smartrelay"
>>>> match for any action "relay"
>>>> ###
>>>> 
>>>> # cat www-relays 
>>>> 46.23.xx.yy
>>>> 
>>>> # cat www-senders 
>>>> w...@www.domain2.nl
>>>> 
>>>> As soon as an email is send from one of the www-relays with the
>>>> sender that is in www-senders I am getting the following error on
>>>> the sending mail server (FreeBSD w/ dma):
>>>> 
>>>> Jan 18 15:56:12 www dma[2eb801]: new mail from user=www uid=80 
>>>> envelope_from=<w...@www.domain2.nl>
>>>> Jan 18 15:56:12 www dma[2eb801]: mail to=<user.n...@domain2.nl> queued as 
>>>> 2eb801.801a2d0a0
>>>> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying delivery
>>>> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: using smarthost 
>>>> (mx1.domain1.nl:25)
>>>> Jan 18 15:56:12 www dma[2eb801.801a2d0a0]: trying remote delivery to 
>>>> mx1.domain1.nl [46.23.xx.zz] pref 0
>>>> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: remote delivery to 
>>>> mx1.domain1.nl [46.23.xx.zz] failed after RCPT TO: 550 Invalid recipient
>>>> Jan 18 15:56:13 www dma[2eb801.801a2d0a0]: delivery failed, bouncing as 
>>>> 2eb803
>>>> 
>>>> 
>>>> OpenSMTPD is saying (grep "00a1b263550db3c7" /var/log/maillog):
>>>> 
>>>> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected 
>>>> address=46.23.xx.yy host=46-23-xx-yy.domain1.nl
>>>> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command 
>>>> command="RCPT TO:<user.n...@domain2.nl>" result="550 Invalid recipient"
>>>> Jan 18 15:56:13 mx1 smtpd[36743]: 00a1b263550db3c7 smtp disconnected 
>>>> reason=disconnect
>>>> 
>>>> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp connected 
>>>> address=46.23.xx.xx host=www.domain2.nl
>>>> Jan 18 14:10:04 mx1 smtpd[36743]: 00a1b263550db3c7 smtp failed-command 
>>>> command="RCPT TO:<i...@domain2.nl>" result="550 Invalid recipient"
>>>> 
>>>> 
>>>> Anybody have an idea?
>>>> 
>>> 
>>> can you run smtpd with -dv -T rules and provide log of which rule is
>>> matched ?
>> 
>> It says no rules are matched. Which makes sense from a failure perspective, 
>> as it's unable to deliver the email locally.
>> But the content in the files hasn't changed since the upgrade to the new 
>> syntax.
>> 
>> debug: lka: helo names:46.23.88.60
>> ed537f31142afcea smtp connected address=46.23.xx.xx host=46-23-xx.xx.high5.nl
>> no rule matched
>> ed537f31142afcea smtp failed-command command="RCPT 
>> TO:<user.n...@domain2.nl>" result="550 Invalid recipient"
>> ed537f31142afcea smtp disconnected reason=disconnect
>> 
>> Is there a way to get the sender information in the debug?
>> 
> 
> well, providing the full session log from connect to disconnect without
> altering it would be a good start to troubleshoot.

Yeah... not really going to happen on public mailinglist. :/
It has the email address of one of my customers and there isn't anything I want 
to do with the rcpt-to.

The IP address is part of src (www-relays), which I checked and double checked. 
:)

The only thing I can think of is that the mail-from is not matched in 
www-senders file.
Just saw I missed one IP, but that is ok, so you get the drift. 

> I think you are missing a "for any" on some rules which causes them to
> not be matched.

I would like this email to match the following rule:

match from src <www-relays> mail-from <www-senders> action "relay"
action "relay" relay

Mischa


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Reply via email to