On Fri, Jun 18, 2010 at 10:30:35AM -0400, Phil Howard wrote:
> > I am fine with the workarounds supplied and can see your point of view,
> > although I can't agree with a loop detected that is not a loop, I see
> > that it happens because inet addresses are mixed between instances and I
> > have my view about wasting more public ip addresses to do this as I told
> > before. That's all. Thank you all for your answers and comments. :)
>
> The original principle of the loop detection is based on where DNS MX
> records would point to. That points to hostnames which point to IP
> addresses. Port numbers are not part of it and are assumed to be the
> SMTP port. How the detection is actually implemented could vary.
Not really, for loop detection to be effective, it must detect
cases in which remote domains specify unexpected MX records (even
127.0.0.1) or local transport tables are incomplete. When MX records
are bogus our transport tables are incomplete, the traffic will go
to port 25, so all port 25 connections must be tested.
The supported way to avoid loop detection false-positives on with
internal forwarding between Postfix instances is to:
- Ensure that each Postfix instance uses a separate set of
IP addresses.
and/or
- Not use port 25 as an internal forwarding destination when
IP address sharing is unavoidable.
This is robust and easy to document. The work-arounds I posted
also work, but are less elegant and should be avoided. If the
OP wants to use them, fine, he is fully informed...
--
Viktor.
