[Postfixbuch-users] unerklärliche bounces
soeren at mindorf-it.de
soeren at mindorf-it.de
Di Jun 14 11:53:16 CEST 2011
Hallo zusammen,
ich habe hier folgendes phänomen, dass ich bounces von Postfix bekomme,
die ich mir nicht erklären kann.
Folgendes Scenario habe ich hier:
2 Firewalls, die als SMTP-Proxy konfiguriert sind
(mail.meine1-domain.de und mail2.meine1-domain.de),
diese arbeiten auch schon jahrelang einwandfrei. Sie nehmen die Mails
von extern an und leiten diese dann
an mx1.meine1-domain.de intern weiter. So weit so gut.
Ich habe eine 2. Maildomain (meine2-domain.de), für die ein anderer
Mailserver zuständig ist.
Jetzt mein Problem:
Wenn ich von mx1.meine1-domain.de eine Mail an soeren at meine2-domain.de
schicken möchte, wird diese gebounced.
Im Log sehe ich:
-----%<-----
Jun 14 08:05:54 mx1 postfix/smtp[9571]: 0B4304593B:
to=<soeren at meine2-domain.de>, relay=127.0.0.1[127.0.0.1]:10026,
delay=1.2, delays=0.01/0.01/0.01/1.2, dsn=2.0.0, status=sent (250 2.0.0
from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued
as 35C7745938)
Jun 14 08:05:54 mx1 postfix/qmgr[9482]: 0B4304593B: removed
Jun 14 08:05:54 mx1 postfix/smtp[9581]: 35C7745938:
to=<soeren at meine2-domain.de>, relay=none, delay=0.03,
delays=0.01/0.01/0/0, dsn=5.4.6, status=bounced (mail for
meine2-domain.de loops back to myself)
----->%-----
Aber ich verstehe nicht warum.
Hier meine Konfigs:
postconf -n:
============
alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
always_bcc = archiv at meine1-Domain.de
biff = no
body_checks = pcre:/etc/postfix/body_checks
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter =
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
defer_transports =
delay_warning_time = 1h
disable_dns_lookups = no
disable_mime_output_conversion = no
header_checks = pcre:/etc/postfix/header_checks
html_directory = /usr/share/doc/packages/postfix-doc/html
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_command =
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 20480000
message_strip_characters = \0
mydestination = $myhostname, localhost.$mydomain
myhostname = mx1.meine1-Domain.de
mynetworks = 172.16.0.0/12, 127.0.0.0/8, 192.168.0.0/24, 10.0.32.0/24
mynetworks_style = subnet
newaliases_path = /usr/bin/newaliases
proxy_interfaces = 85.10.222.251
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/packages/postfix-doc/README_FILES
relay_clientcerts = hash:/etc/postfix/relay_ccerts
relay_domains = $mydestination, hash:/etc/postfix/relay_domains
relayhost =
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix-doc/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_enforce_tls = no
smtp_sasl_auth_enable = no
smtp_tls_session_cache_database =
btree:/var/lib/postfix/smtpd_tls_session_cache
smtp_tls_session_cache_timeout = 3600s
smtp_use_tls = yes
smtpd_authorized_xforward_hosts = 127.0.0.0/8 [::1]/128
smtpd_client_restrictions =
smtpd_helo_required = no
smtpd_helo_restrictions =
smtpd_recipient_restrictions = check_client_access
cidr:/etc/postfix/access-client, check_helo_access
hash:/etc/postfix/access-helo, check_sender_access
hash:/etc/postfix/access-sender, check_recipient_access
hash:/etc/postfix/access-recipient, reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_non_fqdn_sender,
reject_non_fqdn_recipient, permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/postfix/ssl/mx1.meine1-Domain.de.pem
smtpd_tls_key_file = /etc/postfix/ssl/mx1.meine1-Domain.de.pem
smtpd_tls_received_header = yes
smtpd_use_tls = yes
strict_8bitmime = no
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport,
hash:/etc/postfix/relay_domains
unknown_local_recipient_reject_code = 550
virtual_alias_domains = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual,
hash:/var/lib/mailman/data/virtual-mailman
master.cf:
==========
192.168.20.8:smtp inet n - y - -
smtpd
-o content_filter=smtp-amavis:[127.0.0.1]:10024
-o receive_override_options=no_address_mappings
192.168.20.9:smtp inet n - y - -
smtpd
-o content_filter=smtp-amavis:[127.0.0.1]:10026
-o receive_override_options=no_address_mappings
localhost:10025 inet n - y - - smtpd
-o content_filter=
-o smtpd_proxy_filter=
localhost:10035 inet n - y - - smtpd
-o content_filter=
-o smtpd_proxy_filter=
smtp-amavis unix - - n - 9 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
pickup fifo n - y 60 1 pickup
-o content_filter=smtp-amavis:[127.0.0.1]:10026
-o receive_override_options=no_address_mappings
cleanup unix n - y - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
-o fallback_relay=
showq unix n - y - - showq
error unix - - y - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
cyrus unix - n n - -
pipe
user=cyrus argv=/usr/lib/cyrus/bin/deliver -e -r ${sender} -m
${extension} ${user}
uucp unix - n n - -
pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient
procmail unix - n n - - pipe
flags=R user=nobody argv=/usr/bin/procmail -t -m /etc/procmailrc
${sender} ${recipient}
retry unix - - n - - error
proxywrite unix - - n - 1 proxymap
relay_domains:
==============
meine1-Domain.de lmtp:unix:public/lmtp
dig meine1-Domain.de MX
========================
; <<>> DiG 9.7.3 <<>> meine1-Domain.de @8.8.8.8 MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48658
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;meine1-Domain.de. IN MX
;; ANSWER SECTION:
meine1-Domain.de. 86400 IN MX 10
mail2.meine1-Domain.de.
meine1-Domain.de. 86400 IN MX 5
mail.meine1-Domain.de.
;; Query time: 392 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Jun 14 11:28:06 2011
;; MSG SIZE rcvd: 85
dig meine2-domain.de MX
========================
; <<>> DiG 9.7.3 <<>> meine2-domain.de @8.8.8.8 MX
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28111
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;meine2-domain.de. IN MX
;; ANSWER SECTION:
meine2-domain.de. 180 IN MX 10 mail.meine1-domain.de.
;; Query time: 85 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Jun 14 11:29:08 2011
;; MSG SIZE rcvd: 69
/etc/hosts:
===========
127.0.0.1 localhost
192.168.20.8 mx1.meine1.domain.de mx1
127.0.0.2 mx1.meine1.domain.de mx1
Wenn ich jetzt im DNS mail2.meine1-domain.de mit der niegdrigsten
Priorität eintrage, geht es.
Wo liegt denn hier mein Denkfehler?
Danke und Gruß
Sören Mindorf
Mehr Informationen über die Mailingliste Postfixbuch-users