On Thu, 2022-04-28 at 15:09 +0000, Andi via Users wrote: > Zitat von Martijn Brinkers <[email protected]>: > > > On Thu, 2022-04-28 at 14:55 +0000, Andi via Users wrote: > > > Hello, > > > > > > we have made the first catch-up-the-release step from stable > > > working > > > Ciphermail 4.6.2 to the latest 4.x version 4.11. After that all > > > looks > > > well but we get the following warning all the time: > > > > > > WARN XFORWARD error code: 550 > > > (org.apache.james.transport.mailets.RemoteDelivery) [Remote > > > delivery > > > thread (0)] > > > > > > The only thing we have found in the release notes which might be > > > related is from version 4.9.1: > > > > > > "X-Forward-For header is now by default removed unless the IP > > > address > > > comes from a trusted proxy (see /etc/httpd/conf.d/x-forward- > > > for.xml) > > > [PRO/ENT]." > > > > > > Any idea what Ciphermail actually is complaining about? > > > > The most likely reason for this error is that Postfix does not > > allow > > the XFORWARD for command from the back-end to postfix. > > > > Check whether postfix main config contains the following line: > > > > smtpd_authorized_xforward_hosts = 127.0.0.1/32 > > > > See https://www.postfix.org/postconf.5.html for more information on > > smt > > pd_authorized_xforward_hosts > > > > > > Kind regards, > > > > Martijn Brinkers > > Hm, ok > > we have a custom forward from ciphermail to AV-Scanner. It could be > the problem that the SMTP engine for this product does not support > XFORWARD at all. I will check it. > Do we have a possibility to not use XFORWARD from ciphermail side?
You can try to (XML) comment the following line in the file config.xml (I haven't tested it though): <xForward> true </xForward> Then restart the back-end. Please note that this might be overwritten on an update Alternatively you might try to configure the postfix reinjection port to forward the email to the AV-scanner after the back-end sent the mail back to postfix. Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF Messenger and Webmail Messenger
smime.p7s
Description: S/MIME Cryptographic Signature
