Need help with configuration using DNS aliases

Mon, 08 Feb 2016 15:50:49 -0800 

Hello,


We have a departmental server that serves as a simple mail hub mostly to
keep track of internal mailing lists. The /etc/mail/aliases file expands
names to our corporate emails or things like mail-SMS gateways. We've used
sendmail for years, but I want to switch to OpenSMTPD.

The following configuration works fine as long as I use the server's actual
name in the destination:


listen on lo0
listen on em0

table aliases db:/etc/mail/aliases.db

pki selenium.abc.example.com certificate "/etc/ssl/selenium.pem"
pki selenium.abc.example.com key "/etc/ssl/private/selenium.key"
pki selenium.abc.example.com ca "/etc/ssl/abcchain2.pem"

accept for local alias <aliases> deliver to mbox
accept from any for any relay


Example successful session (translates my first name to my corporate email
address):

Feb  8 16:12:17 selenium smtpd[30548]: smtp-in: New session
4b0dece7604e2ab4 from host ytterbium.abc.example.com[10.1.217.70]
Feb  8 16:12:17 selenium smtpd[30548]: smtp-in: Accepted message a4d2ba61
on session 4b0dece7604e2ab4: from=<bu...@ytterbium.abc.example.com>, to=<
mich...@selenium.abc.example.com>, size=488, ndest=1, proto=ESMTP
Feb  8 16:12:17 selenium smtpd[30548]: smtp-in: Closing session
4b0dece7604e2ab4
Feb  8 16:12:17 selenium smtpd[30548]: smtp-out: Connecting to smtp+tls://
10.1.217.34:25 (selenium.abc.example.com) on session 4b0decea9465f088...
Feb  8 16:12:17 selenium smtpd[30548]: smtp-out: Connected on session
4b0decea9465f088
Feb  8 16:12:17 selenium smtpd[30548]: smtp-in: New session
4b0deceb7185e55e from host selenium.abc.example.com[10.1.217.34]
Feb  8 16:12:17 selenium smtpd[30548]: smtp-in: Accepted message 63dd05ac
on session 4b0deceb7185e55e: from=<bu...@ytterbium.abc.example.com>, to=<
mich...@selenium.abc.example.com>, size=719, ndest=1, proto=ESMTP
Feb  8 16:12:17 selenium smtpd[30548]: relay: Ok for a4d2ba611f5d69f3:
session=4b0decea9465f088, from=<bu...@ytterbium.abc.example.com>, to=<
mich...@selenium.abc.example.com>, rcpt=<->, source=10.1.217.34,
relay=10.1.217.34 (selenium.abc.example.com), delay=0s, stat=250 2.0.0:
63dd05ac Message accepted for delivery
Feb  8 16:12:17 selenium smtpd[30548]: smtp-out: Connecting to smtp+tls://
10.2.33.34:25 (mailhost.example.com) on session 4b0deceed4ae1a78...
Feb  8 16:12:17 selenium smtpd[30548]: smtp-out: Connected on session
4b0deceed4ae1a78
Feb  8 16:12:17 selenium smtpd[30548]: smtp-out: Started TLS on session
4b0deceed4ae1a78: version=TLSv1/SSLv3, cipher=DHE-RSA-AES256-SHA, bits=256
Feb  8 16:12:17 selenium smtpd[30548]: smtp-out: Server certificate
verification succeeded on session 4b0deceed4ae1a78
Feb  8 16:12:17 selenium smtpd[30548]: relay: Ok for 63dd05ac3126ba1f:
session=4b0deceed4ae1a78, from=<bu...@ytterbium.abc.example.com>, to=<
michael.b...@example.com>, rcpt=<mich...@selenium.abc.example.com>,
source=10.1.217.34, relay=10.2.33.34 (mailhost.example.com), delay=0s,
stat=250 2.0.0 Ok: queued as AC2FBCA1FE
Feb  8 16:12:27 selenium smtpd[30548]: smtp-in: Closing session
4b0deceb7185e55e
Feb  8 16:12:27 selenium smtpd[30548]: smtp-out: Closing session
4b0decea9465f088: 1 message sent.
Feb  8 16:12:27 selenium smtpd[30548]: smtp-out: Closing session
4b0deceed4ae1a78: 1 message sent.


If I send a message to the server's CNAME, it goes into a loop which is
eventually detected and shut down:

...
Feb  8 16:14:17 selenium smtpd[30548]: warn: loop detected
Feb  8 16:14:17 selenium smtpd[30548]: smtp-in: Failed command on session
4b0decf39bd54111: "DATA" => 500 5.4.6 Routing loop detected: Loop detected
Feb  8 16:14:17 selenium smtpd[30548]: relay: PermFail for
63bffc06b4c44cec: session=4b0decf2a712e432, from=<
bu...@ytterbium.abc.example.com>, to=<mich...@se.abc.example.com>,
rcpt=<->, source=10.1.217.34, relay=10.1.217.34 (selenium.abc.example.com),
delay=1s, stat=500 5.4.6 Routing loop detected: Loop detected
Feb  8 16:14:18 selenium smtpd[30548]: smtp-in: New session
4b0decf71e1730a5 from host selenium.abc.example.com [local]
Feb  8 16:14:18 selenium smtpd[30548]: smtp-in: Accepted message 293cbf9d
on session 4b0decf71e1730a5: from=<>, to=<bu...@ytterbium.abc.example.com>,
size=23050, ndest=1, proto=ESMTP
Feb  8 16:14:18 selenium smtpd[30548]: smtp-in: Closing session
4b0decf71e1730a5
Feb  8 16:14:27 selenium smtpd[30548]: smtp-in: Closing session
4b0decf39bd54111
Feb  8 16:14:27 selenium smtpd[30548]: smtp-out: Closing session
4b0decf2a712e432: 98 messages sent.
Feb  8 16:14:45 selenium smtpd[30548]: smtp-out: Error on session
4b0decf6733a5e76: IO Error: No route to host
Feb  8 16:14:45 selenium smtpd[30548]: smtp-out: Disabling route [] <->
10.1.217.70 (ytterbium.abc.example.com) for 800s
Feb  8 16:14:45 selenium smtpd[30548]: smtp-out: No valid route for
[connector:[]->[relay:ytterbium.abc.example.com],0x0]
Feb  8 16:14:51 selenium smtpd[30548]: relay: TempFail for
195cd84d2faa71d4: session=0000000000000000, from=<>, to=<
bu...@ytterbium.abc.example.com>, rcpt=<->, source=-, relay=
ytterbium.abc.example.com, delay=8m1s, stat=Network error on destination MXs
Feb  8 16:14:51 selenium smtpd[30548]: relay: TempFail for
293cbf9db63406a8: session=0000000000000000, from=<>, to=<
bu...@ytterbium.abc.example.com>, rcpt=<->, source=-, relay=
ytterbium.abc.example.com, delay=33s, stat=Network error on destination MXs


I've tried lots of things, including adding a table and using the virtual
keyword:

listen on lo0
listen on em0

table aliases db:/etc/mail/aliases.db

pki selenium.abc.example.com certificate "/etc/ssl/selenium.pem"
pki selenium.abc.example.com key "/etc/ssl/private/selenium.key"
pki selenium.abc.example.com ca "/etc/ssl/abcchain2.pem"

table vhost {se=selenium.abc.example.com, se.abc.example.com=
selenium.abc.example.com, fismail2=selenium.abc.example.com,
fismail2.abc.example.com=selenium.abc.example.com}

accept for local alias <aliases> deliver to mbox
accept from any for local virtual <vhost>

accept from any for any relay



When I do this, mail to the hostname fails with invalid recipient, and mail
to the CNAME still loops:


Feb  8 16:36:03 selenium smtpd[18798]: smtp-in: New session
08c95e08536690c5 from host ytterbium.abc.example.com[10.1.217.70]
Feb  8 16:36:03 selenium smtpd[18798]: smtp-in: Failed command on session
08c95e08536690c5: "RCPT TO:<mich...@selenium.abc.example.com>
ORCPT=rfc822;michael@selenium" => 550 Invalid recipient
Feb  8 16:36:03 selenium smtpd[18798]: smtp-in: Closing session
08c95e08536690c5



I'm confused about lots of things, though I've read all the documentation I
could find.
Can anyone point me in the right direction?

Thanks,
Michael

Reply via email to