Forward from to another MTA
Hello, I have some difficulties to create rule sets for a specific use case. I use an OpenSMPTD/Dovecot as main mail server and Sympa ( https://www.sympa.org/index) running on an other server to manage mailing list. On the main mail server, I have two sets of aliases: table aliases db:/etc/aliases.db table sympa db:/etc/mail/sympa/aliases.db The first one contain list of aliases for local accounts. e.g. anAlias: account The second one is a list of alias which point to another MTA dedicated to a mailing list. e.g. list: l...@list.domain.tld I want to forward all incoming emails targeting the Sympa table to the mailing list server. Unfortunately when I send an email to, let's say, l...@list.domain.tld, I got this result : Aug 16 09:56:36 mx-01 smtpd[16029]: 624b10db2fc80050 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " Here the smtpd.conf: pki mx-01.domain.tld cert "/etc/letsencrypt/live/mx-01.domain.tld/cert.pem" pki mx-01.domain.tld key "/etc/letsencrypt/live/mx-01.domain.tld/privkey.pem" table aliases db:/etc/aliases.db table sympa db:/etc/mail/sympa/aliases.db table ldap ldap:/etc/mail/ldap.conf filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } \ disconnect "550 no residential connections" filter check_rdns phase connect match !rdns \ disconnect "550 no rDNS" filter check_fcrdns phase connect match !fcrdns \ disconnect "550 no FCrDNS" filter "rspamd" proc-exec "filter-rspamd" smtp max-message-size "20M" listen on enp1s0 tls pki mx-01.domain.tld auth-optional filter { check_dyndns, check_rdns, check_fcrdns, rspamd } listen on enp1s0 port submission tls-require pki mx-01.domain.tld auth filter rspamd # Maybe I misunderstand the `forward-only` in my use case. action "mailinglist" forward-only alias action "inbound" maildir junk userbase alias action "outbound" relay match for rcpt-to action "mailinglist" match from any for domain "domain.tld" action "inbound" match from auth for any action "outbound" Any ideas ? Have a nice day, Yan
Re: Forward from to another MTA
I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth On Tue, Aug 16, 2022 at 10:07:02AM +0200, thiery wrote: Hello, I have some difficulties to create rule sets for a specific use case. I use an OpenSMPTD/Dovecot as main mail server and Sympa ( https://www.sympa.org/index) running on an other server to manage mailing list. On the main mail server, I have two sets of aliases: table aliases db:/etc/aliases.db table sympa db:/etc/mail/sympa/aliases.db The first one contain list of aliases for local accounts. e.g. anAlias: account The second one is a list of alias which point to another MTA dedicated to a mailing list. e.g. list: l...@list.domain.tld I want to forward all incoming emails targeting the Sympa table to the mailing list server. Unfortunately when I send an email to, let's say, l...@list.domain.tld, I got this result : Aug 16 09:56:36 mx-01 smtpd[16029]: 624b10db2fc80050 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " Here the smtpd.conf: pki mx-01.domain.tld cert "/etc/letsencrypt/live/mx-01.domain.tld/cert.pem" pki mx-01.domain.tld key "/etc/letsencrypt/live/mx-01.domain.tld/privkey.pem" table aliases db:/etc/aliases.db table sympa db:/etc/mail/sympa/aliases.db table ldap ldap:/etc/mail/ldap.conf filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } \ disconnect "550 no residential connections" filter check_rdns phase connect match !rdns \ disconnect "550 no rDNS" filter check_fcrdns phase connect match !fcrdns \ disconnect "550 no FCrDNS" filter "rspamd" proc-exec "filter-rspamd" smtp max-message-size "20M" listen on enp1s0 tls pki mx-01.domain.tld auth-optional filter { check_dyndns, check_rdns, check_fcrdns, rspamd } listen on enp1s0 port submission tls-require pki mx-01.domain.tld auth filter rspamd # Maybe I misunderstand the `forward-only` in my use case. action "mailinglist" forward-only alias action "inbound" maildir junk userbase alias action "outbound" relay match for rcpt-to action "mailinglist" match from any for domain "domain.tld" action "inbound" match from auth for any action "outbound" Any ideas ? Have a nice day, Yan
Re: Forward from to another MTA
On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re: Forward from to another MTA
On 2022-08-16 11:30, Tassilo Philipp wrote: I'm not sure, I'm afraid I cannot help you further with this. I guess the forward seems to match and work now, as your new problem seems to be related to theor "RCPT TO:" stuff, which isn't list.domain.tld..., glad we got that sorted at least. In order to further debug this, I would recommend you start smtpd with -v and enable some of the traces (either through -T options or smtpctl(8)). IIRC, you need -v in order for any of the tracing to work. Then you'll get a detailed output of what match rule is used, what action is triggered, etc.. Good luck Thanks, I will follow your suggestion and continue to dig in. Have a nice day, Yan
Re: Forward from to another MTA
Good thinking Reio! Indeed, there's only a relay line for auth'ed mail, but none for this type of forwarded, local mail. You probably need a further, specific match line. The debug output should help you spot this and write a rule accordingly. Thanks Reio On Tue, Aug 16, 2022 at 12:39:34PM +0300, Reio Remma wrote: Hello! I may be wrong, but list.domain.tld might be routed back to the same server (domain.tld)? Maybe you should be relaying to the Sympa server? Good luck Reio On 16.08.2022 12:16, thiery wrote: On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re: Forward from to another MTA
I'm not sure, I'm afraid I cannot help you further with this. I guess the forward seems to match and work now, as your new problem seems to be related to theor "RCPT TO:" stuff, which isn't list.domain.tld..., glad we got that sorted at least. In order to further debug this, I would recommend you start smtpd with -v and enable some of the traces (either through -T options or smtpctl(8)). IIRC, you need -v in order for any of the tracing to work. Then you'll get a detailed output of what match rule is used, what action is triggered, etc.. Good luck On Tue, Aug 16, 2022 at 11:16:00AM +0200, thiery wrote: On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re: Forward from to another MTA
Hello! I may be wrong, but list.domain.tld might be routed back to the same server (domain.tld)? Maybe you should be relaying to the Sympa server? Good luck Reio On 16.08.2022 12:16, thiery wrote: On 2022-08-16 10:13, Tassilo Philipp wrote: I might misunderstand your question, but I noticed that your line: match for rcpt-to action "mailinglist" does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit? hth Hello, Oh you right now I have another problem : --- Aug 16 10:34:13 leeds smtpd[17062]: 039b2f6018e9c7ea smtp failed-command command="RCPT TO:" result="524 5.2.4 Mailing list expansion problem: " --- Errata: --- My previous error was : Aug 15 17:50:00 leeds smtpd[5281]: 7dae3f5b0d6ff768 smtp failed-command command="RCPT TO:" result="550 Invalid recipient: " --- Let me try to rephrase my question : I have two server, one with OpenSMTPd who manage email for my end users, another manage mailing lists with Sympa. All incoming emails on OpenSMTPd are in @domain.tld. The mailing list software expect something in @list.domain.tld but they are aliased on the OpenSMTPd server as @domain.tld. The aliases in contain value like this : mailinglist1: mailinglist1 @list.domain.tld (Without the space before @) When my users send emails to mailinglist1 @domain.tld, I want OpenSMTPd to forward/relay them as mailinglist1 @list.domain.tld to the mailing list server and to do the same for all aliases in table. How can I achieve that ? :) Let me know if you need more clarity. Best regards, Yan
Re:[Solved] Forward from to another MTA
On 2022-08-16 12:05, Tassilo Philipp wrote: Good thinking Reio! Indeed, there's only a relay line for auth'ed mail, but none for this type of forwarded, local mail. You probably need a further, specific match line. The debug output should help you spot this and write a rule accordingly. Thanks Reio Thanks for you help ! Here the rules I use after following your suggestions : action "relaysympa" relay host list.domain.tld action "mailinglist" forward-only alias match from any for domain "list.domain.tld" action "relaysympa" match from any for rcpt-to action "mailinglist Have a nice day :) Yan