Forward from to another MTA
Hello,
I have some difficulties to create rule sets for a specific use case.
I use an OpenSMPTD/Dovecot as main mail server and Sympa (
https://www.sympa.org/index) running on an other server to manage
mailing list.
On the main mail server, I have two sets of aliases:
table aliases db:/etc/aliases.db
table sympa db:/etc/mail/sympa/aliases.db
The first one contain list of aliases for local accounts.
e.g. anAlias: account
The second one is a list of alias which point to another MTA dedicated
to a mailing list.
e.g. list: l...@list.domain.tld
I want to forward all incoming emails targeting the Sympa table to the
mailing list server.
Unfortunately when I send an email to, let's say, l...@list.domain.tld,
I got this result :
Aug 16 09:56:36 mx-01 smtpd[16029]: 624b10db2fc80050 smtp failed-command
command="RCPT TO:" result="550 Invalid recipient:
"
Here the smtpd.conf:
pki mx-01.domain.tld cert
"/etc/letsencrypt/live/mx-01.domain.tld/cert.pem"
pki mx-01.domain.tld key
"/etc/letsencrypt/live/mx-01.domain.tld/privkey.pem"
table aliases db:/etc/aliases.db
table sympa db:/etc/mail/sympa/aliases.db
table ldap ldap:/etc/mail/ldap.conf
filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*',
'.*\.dsl\..*' } \
disconnect "550 no residential connections"
filter check_rdns phase connect match !rdns \
disconnect "550 no rDNS"
filter check_fcrdns phase connect match !fcrdns \
disconnect "550 no FCrDNS"
filter "rspamd" proc-exec "filter-rspamd"
smtp max-message-size "20M"
listen on enp1s0 tls pki mx-01.domain.tld auth-optional filter {
check_dyndns, check_rdns, check_fcrdns, rspamd }
listen on enp1s0 port submission tls-require pki mx-01.domain.tld auth
filter rspamd
# Maybe I misunderstand the `forward-only` in my use case.
action "mailinglist" forward-only alias
action "inbound" maildir junk userbase alias
action "outbound" relay
match for rcpt-to action "mailinglist"
match from any for domain "domain.tld" action "inbound"
match from auth for any action "outbound"
Any ideas ?
Have a nice day,
Yan
Re: Forward from to another MTA
I might misunderstand your question, but I noticed that your line:
match for rcpt-to action "mailinglist"
does not specify a "from" option, so it defaults to "from local". This
means it won't match for non-local IPs. Maybe that's the culprit?
hth
On Tue, Aug 16, 2022 at 10:07:02AM +0200, thiery wrote:
Hello,
I have some difficulties to create rule sets for a specific use case.
I use an OpenSMPTD/Dovecot as main mail server and Sympa (
https://www.sympa.org/index) running on an other server to manage
mailing list.
On the main mail server, I have two sets of aliases:
table aliases db:/etc/aliases.db
table sympa db:/etc/mail/sympa/aliases.db
The first one contain list of aliases for local accounts.
e.g. anAlias: account
The second one is a list of alias which point to another MTA dedicated
to a mailing list.
e.g. list: l...@list.domain.tld
I want to forward all incoming emails targeting the Sympa table to the
mailing list server.
Unfortunately when I send an email to, let's say,
l...@list.domain.tld, I got this result :
Aug 16 09:56:36 mx-01 smtpd[16029]: 624b10db2fc80050 smtp
failed-command command="RCPT TO:" result="550
Invalid recipient: "
Here the smtpd.conf:
pki mx-01.domain.tld cert
"/etc/letsencrypt/live/mx-01.domain.tld/cert.pem"
pki mx-01.domain.tld key
"/etc/letsencrypt/live/mx-01.domain.tld/privkey.pem"
table aliases db:/etc/aliases.db
table sympa db:/etc/mail/sympa/aliases.db
table ldap ldap:/etc/mail/ldap.conf
filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*',
'.*\.dsl\..*' } \
disconnect "550 no residential connections"
filter check_rdns phase connect match !rdns \
disconnect "550 no rDNS"
filter check_fcrdns phase connect match !fcrdns \
disconnect "550 no FCrDNS"
filter "rspamd" proc-exec "filter-rspamd"
smtp max-message-size "20M"
listen on enp1s0 tls pki mx-01.domain.tld auth-optional filter {
check_dyndns, check_rdns, check_fcrdns, rspamd }
listen on enp1s0 port submission tls-require pki mx-01.domain.tld auth
filter rspamd
# Maybe I misunderstand the `forward-only` in my use case.
action "mailinglist" forward-only alias
action "inbound" maildir junk userbase alias
action "outbound" relay
match for rcpt-to action "mailinglist"
match from any for domain "domain.tld" action "inbound"
match from auth for any action "outbound"
Any ideas ?
Have a nice day,
Yan
Re: Forward from to another MTA
On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re: Forward from to another MTA
On 2022-08-16 11:30, Tassilo Philipp wrote: I'm not sure, I'm afraid I cannot help you further with this. I guess the forward seems to match and work now, as your new problem seems to be related to theor "RCPT TO:" stuff, which isn't list.domain.tld..., glad we got that sorted at least. In order to further debug this, I would recommend you start smtpd with -v and enable some of the traces (either through -T options or smtpctl(8)). IIRC, you need -v in order for any of the tracing to work. Then you'll get a detailed output of what match rule is used, what action is triggered, etc.. Good luck Thanks, I will follow your suggestion and continue to dig in. Have a nice day, Yan
Re: Forward from to another MTA
Good thinking Reio! Indeed, there's only a relay line for auth'ed mail, but none for this type of forwarded, local mail. You probably need a further, specific match line. The debug output should help you spot this and write a rule accordingly. Thanks Reio On Tue, Aug 16, 2022 at 12:39:34PM +0300, Reio Remma wrote: Hello! I may be wrong, but list.domain.tld might be routed back to the same server (domain.tld)? Maybe you should be relaying to the Sympa server? Good luck Reio On 16.08.2022 12:16, thiery wrote: On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re: Forward from to another MTA
I'm not sure, I'm afraid I cannot help you further with this. I guess the forward seems to match and work now, as your new problem seems to be related to theor "RCPT TO:" stuff, which isn't list.domain.tld..., glad we got that sorted at least. In order to further debug this, I would recommend you start smtpd with -v and enable some of the traces (either through -T options or smtpctl(8)). IIRC, you need -v in order for any of the tracing to work. Then you'll get a detailed output of what match rule is used, what action is triggered, etc.. Good luck On Tue, Aug 16, 2022 at 11:16:00AM +0200, thiery wrote: On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re: Forward from to another MTA
Hello! I may be wrong, but list.domain.tld might be routed back to the same server (domain.tld)? Maybe you should be relaying to the Sympa server? Good luck Reio On 16.08.2022 12:16, thiery wrote: On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re:[Solved] Forward from to another MTA
On 2022-08-16 12:05, Tassilo Philipp wrote: Good thinking Reio! Indeed, there's only a relay line for auth'ed mail, but none for this type of forwarded, local mail. You probably need a further, specific match line. The debug output should help you spot this and write a rule accordingly. Thanks Reio Thanks for you help ! Here the rules I use after following your suggestions : action "relaysympa" relay host list.domain.tld action "mailinglist" forward-only alias match from any for domain "list.domain.tld" action "relaysympa" match from any for rcpt-to action "mailinglist Have a nice day :) Yan
