On Thu, Dec 15, 2022 at 03:54:38PM -0600, Richard Raether <rraet...@cct.lsu.edu> wrote:
> Dear users wiser than me (probably everyone), > > We have a legitimate domain, einsteintoolkit.org, but I'm getting mail for > einsteintoolkit.org.s9b1.psmtp.com, which postfix doesn't allow through > because it doesn't recognize it as a legitimate domain. What am I > misunderstanding about psmtp and how it works, and does anyone know how I > can get these emails properly delivered? > > Any advice is welcome. > > Thanks, > > Richard Raether > Sysadmin > Center for Computation and Technology > Louisiana State University [Warning: Rhetorical questions ahead] Why do you want them to be delivered? They are not for your domain. How are they getting to your server? There is no MX record for that domain. psmtp.com has NS/SOA/TXT(spf) records, but that's it (I think). None of the subdomains seem to have any records at all. So no remote server should be sending such emails to your server. Are those emails generated locally on your server? If not, it could be a malicious server targetting your server (bcause it's not following the normal protocols for working out where to send an email). And sorry, I have no idea how psmtp.com works or what it's supposed to do. Googling shows these: The Science behind Mail Delivery https://litmus.com/community/discussions/46-the-science-behind-mail-delivery Which mentions something called postini and: MX records explained https://help.salesforce.com/s/articleView?id=000385607&type=1 Which shows an example where a similar domain is the name used in salesforce.com's MX records, but in that case, the similar domains had IP addresses (at the time). The domain you mentioned doesn't. It looks like maybe postini (or your organisation's instance) is defunct. Actually, googling postini shows that it is probably globally dead: Why Postini is Moving to the Google Graveyard https://sendgrid.com/blog/postini-moving-google-graveyard/ https://en.wikipedia.org/wiki/Postini So it looks like it's been dead since 2015. Perhaps that means that some server somewhere is using seven year old cached DNS records. But that doesn't sound possible. It might not be worth worrying about, unless it is, in which case you should probably try to contact whoever is sending them and get them to stop using seven year old MX records. But you really shouldn't have to ask someone to do that. Just letting the emails bounce should server that purpose adequately. Whoever is sending them will know that it's not working and can contact their email administrator for help. Your logs should show the IP address or hostname of the server that connected to your server and tried to send those emails. Perhaps you can contact its postmaster and alert them to the problem. cheers, raf
