relay access denied - die 25.ste
sebastian at debianfan.de
sebastian at debianfan.de
Do Jan 30 22:08:43 CET 2020
Guten Abend,
ich spiele grade etwas mit einem Mailserver - debian buster als Grundsystem.
Postfix, Dovecot, die User kommen aus einer Mysql-Datenbank.
mail.zielserver.de ist der Hostname der Zielmaschine
mail.absenderserver.de der Hostname meines Mailservers
ich versuche von sebastian at absenderserver.de an sebastian at zielserver.de
etwas zu senden
Irgendeine restriction scheint zuzuschlagen - ich finde den Fehler aber
nicht - für Hinweise bin ich dankbar :-)
main.cf:
mynetworks = 127.0.0.0/8
inet_interfaces = all
myhostname = mail.zielserver.de
maximal_queue_lifetime = 1h
bounce_queue_lifetime = 1h
maximal_backoff_time = 15m
minimal_backoff_time = 5m
queue_run_delay = 5m
tls_preempt_cipherlist = yes
tls_ssl_options = NO_COMPRESSION
tls_high_cipherlist =
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
### Ausgehende SMTP-Verbindungen (Postfix als Sender)
smtp_tls_security_level = dane
smtp_dns_support_level = dnssec
smtp_tls_policy_maps = mysql:/etc/postfix/sql/tls-policy.cf
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
### Eingehende SMTP-Verbindungen
smtpd_tls_security_level = may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_ciphers = high
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_cert_file=/etc/letsencrypt/live/mail.zielserver.de/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/mail.zielserver.de/privkey.pem
##
## Lokale Mailzustellung an Dovecot
##
virtual_transport = lmtp:unix:private/dovecot-lmtp
postscreen_access_list = permit_mynetworks
cidr:/etc/postfix/postscreen_access
postscreen_blacklist_action = drop
# Verbindungen beenden, wenn der fremde Server es zu eilig hat
postscreen_greet_action = drop
### DNS blocklists
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_sites = ix.dnsbl.manitu.net*2
zen.spamhaus.org*2
postscreen_dnsbl_action = drop
##
## MySQL Abfragen
##
virtual_alias_maps = mysql:/etc/postfix/sql/aliases.cf
virtual_mailbox_maps = mysql:/etc/postfix/sql/accounts.cf
virtual_mailbox_domains = mysql:/etc/postfix/sql/domains.cf
local_recipient_maps = $virtual_mailbox_maps
### Maximale Größe der gesamten Mailbox (soll von Dovecot festgelegt
werden, 0 = unbegrenzt)
mailbox_size_limit = 0
### Maximale Größe eingehender E-Mails in Bytes (50 MB)
message_size_limit = 52428800
### Keine System-Benachrichtigung für Benutzer bei neuer E-Mail
biff = no
### Nutzer müssen immer volle E-Mail Adresse angeben - nicht nur Hostname
append_dot_mydomain = no
### Trenn-Zeichen für "Address Tagging"
recipient_delimiter = +
smtpd_relay_restrictions = reject_non_fqdn_recipient
reject_unknown_recipient_domain
reject_unauth_destination
permit_mynetworks
### Bedingungen, damit Postfix ankommende E-Mails als Empfängerserver
entgegennimmt (zusätzlich zu relay-Bedingungen)
### check_recipient_access prüft, ob ein account sendonly ist
smtpd_recipient_restrictions = check_recipient_access
mysql:/etc/postfix/sql/recipient-access.cf,
### Bedingungen, die SMTP-Clients erfüllen müssen (sendende Server)
smtpd_client_restrictions = permit_mynetworks
check_client_access
hash:/etc/postfix/without_ptr
reject_unknown_client_hostname
### Wenn fremde Server eine Verbindung herstellen, müssen sie einen
gültigen Hostnamen im HELO haben.
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname
# Clients blockieren, wenn sie versuchen zu früh zu senden
# smtpd_data_restrictions = reject_unauth_pipelining
##
## Restrictions für MUAs (Mail user agents)
##
mua_relay_restrictions =
reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_mynetworks,permit_sasl_authenticated,reject
mua_sender_restrictions =
permit_mynetworks,reject_non_fqdn_sender,reject_sender_login_mismatch,permit_sasl_authenticated,reject
mua_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject
master.cf:
smtp inet n - y - 1 postscreen
-o smtpd_sasl_auth_enable=no
smtpd pass - - y - - smtpd -v
dnsblog unix - - y - 0 dnsblog
tlsproxy unix - - y - 0 tlsproxy
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_path=private/auth
-o smtpd_sasl_security_options=noanonymous
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_relay_restrictions=$mua_relay_restrictions
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_sender_login_maps=mysql:/etc/postfix/sql/sender-login-maps.cf
-o smtpd_helo_required=no
-o smtpd_helo_restrictions=
-o cleanup_service_name=submission-header-cleanup
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
submission-header-cleanup unix n - n - 0 cleanup
-o header_checks=regexp:/etc/postfix/submission_header_cleanup
CONNECT from [139.18.1.9]:37268 to [139.18.1.8]:25
PASS OLD [139.18.1.9]:37268
name_mask: all
inet_addr_local: configured 2 IPv4 addresses
inet_addr_local: configured 3 IPv6 addresses
process generation: 21 (21)
match_string: parent_domain_matches_subdomains:
smtpd_client_event_limit_exceptions ~? debug_peer_list
match_string: parent_domain_matches_subdomains:
smtpd_client_event_limit_exceptions ~? fast_flush_domains
match_string: parent_domain_matches_subdomains:
smtpd_client_event_limit_exceptions ~? mynetworks
match_string: parent_domain_matches_subdomains:
smtpd_client_event_limit_exceptions ~? permit_mx_backup_networks
match_string: parent_domain_matches_subdomains:
smtpd_client_event_limit_exceptions ~? qmqpd_authorized_clients
match_string: parent_domain_matches_subdomains:
smtpd_client_event_limit_exceptions ~? relay_domains
match_string: parent_domain_matches_subdomains:
smtpd_client_event_limit_exceptions ~? smtpd_access_maps
match_list_match: smtpd_client_event_limit_exceptions: no match
match_string: parent_domain_matches_subdomains: mynetworks ~?
debug_peer_list
match_string: parent_domain_matches_subdomains: mynetworks ~?
fast_flush_domains
match_string: parent_domain_matches_subdomains: mynetworks ~? mynetworks
name_mask: host
been_here: 127.0.0.1/32: 0
been_here: 139.18.1.8/32: 0
been_here: [::1]/128: 0
been_here: [2001:1af8:1244:eabd:e83d:3dff:fea8:70df]/128: 0
been_here: [ea80::a12b:3dff:fea8:70df]/128: 0
mynetworks_core: 127.0.0.1/32 139.18.1.8/32 [::1]/128
[2001:1af8:1244:eabd:e83d:3dff:fea8:70df]/128
[ea80::a12b:3dff:fea8:70df]/128
match_string: parent_domain_matches_subdomains: mynetworks ~?
debug_peer_list
match_string: parent_domain_matches_subdomains: mynetworks ~?
fast_flush_domains
match_string: parent_domain_matches_subdomains: mynetworks ~? mynetworks
match_string: parent_domain_matches_subdomains: relay_domains ~?
debug_peer_list
match_string: parent_domain_matches_subdomains: relay_domains ~?
fast_flush_domains
match_string: parent_domain_matches_subdomains: relay_domains ~? mynetworks
match_string: parent_domain_matches_subdomains: relay_domains ~?
permit_mx_backup_networks
match_string: parent_domain_matches_subdomains: relay_domains ~?
qmqpd_authorized_clients
match_string: parent_domain_matches_subdomains: relay_domains ~?
relay_domains
match_string: parent_domain_matches_subdomains:
permit_mx_backup_networks ~? debug_peer_list
match_string: parent_domain_matches_subdomains:
permit_mx_backup_networks ~? fast_flush_domains
match_string: parent_domain_matches_subdomains:
permit_mx_backup_networks ~? mynetworks
match_string: parent_domain_matches_subdomains:
permit_mx_backup_networks ~? permit_mx_backup_networks
cfg_get_str: /etc/postfix/sql/accounts.cf: user = vmail
cfg_get_str: /etc/postfix/sql/accounts.cf: password = mailpasswort
cfg_get_str: /etc/postfix/sql/accounts.cf: dbname = vmail
cfg_get_str: /etc/postfix/sql/accounts.cf: result_format = %s
cfg_get_str: /etc/postfix/sql/accounts.cf: option_file = <NULL>
cfg_get_str: /etc/postfix/sql/accounts.cf: option_group = client
cfg_get_str: /etc/postfix/sql/accounts.cf: tls_key_file = <NULL>
cfg_get_str: /etc/postfix/sql/accounts.cf: tls_cert_file = <NULL>
cfg_get_str: /etc/postfix/sql/accounts.cf: tls_CAfile = <NULL>
cfg_get_str: /etc/postfix/sql/accounts.cf: tls_CApath = <NULL>
cfg_get_str: /etc/postfix/sql/accounts.cf: tls_ciphers = <NULL>
cfg_get_bool: /etc/postfix/sql/accounts.cf: tls_verify_cert = on
cfg_get_bool: /etc/postfix/sql/accounts.cf: require_result_set = on
cfg_get_int: /etc/postfix/sql/accounts.cf: expansion_limit = 0
cfg_get_str: /etc/postfix/sql/accounts.cf: query = select 1 as found
from accounts where username = '%u' and domain = '%d' and enabled = true
LIMIT 1;
cfg_get_str: /etc/postfix/sql/accounts.cf: domain =
cfg_get_str: /etc/postfix/sql/accounts.cf: hosts = 127.0.0.1
dict_open: mysql:/etc/postfix/sql/accounts.cf
cfg_get_str: /etc/postfix/sql/aliases.cf: user = vmail
cfg_get_str: /etc/postfix/sql/aliases.cf: password = mailpasswort
cfg_get_str: /etc/postfix/sql/aliases.cf: dbname = vmail
cfg_get_str: /etc/postfix/sql/aliases.cf: result_format = %s
cfg_get_str: /etc/postfix/sql/aliases.cf: option_file = <NULL>
cfg_get_str: /etc/postfix/sql/aliases.cf: option_group = client
cfg_get_str: /etc/postfix/sql/aliases.cf: tls_key_file = <NULL>
cfg_get_str: /etc/postfix/sql/aliases.cf: tls_cert_file = <NULL>
cfg_get_str: /etc/postfix/sql/aliases.cf: tls_CAfile = <NULL>
cfg_get_str: /etc/postfix/sql/aliases.cf: tls_CApath = <NULL>
cfg_get_str: /etc/postfix/sql/aliases.cf: tls_ciphers = <NULL>
cfg_get_bool: /etc/postfix/sql/aliases.cf: tls_verify_cert = on
cfg_get_bool: /etc/postfix/sql/aliases.cf: require_result_set = on
cfg_get_int: /etc/postfix/sql/aliases.cf: expansion_limit = 0
cfg_get_str: /etc/postfix/sql/aliases.cf: query = select
concat(destination_username, '@', destination_domain) as destinations
from aliases where source_username = '%u' and source_domain = '%d' and
enabled = true;
cfg_get_str: /etc/postfix/sql/aliases.cf: domain =
cfg_get_str: /etc/postfix/sql/aliases.cf: hosts = 127.0.0.1
dict_open: mysql:/etc/postfix/sql/aliases.cf
match_string: parent_domain_matches_subdomains: smtpd_access_maps ~?
debug_peer_list
match_string: parent_domain_matches_subdomains: smtpd_access_maps ~?
fast_flush_domains
match_string: parent_domain_matches_subdomains: smtpd_access_maps ~?
mynetworks
match_string: parent_domain_matches_subdomains: smtpd_access_maps ~?
permit_mx_backup_networks
match_string: parent_domain_matches_subdomains: smtpd_access_maps ~?
qmqpd_authorized_clients
match_string: parent_domain_matches_subdomains: smtpd_access_maps ~?
relay_domains
match_string: parent_domain_matches_subdomains: smtpd_access_maps ~?
smtpd_access_maps
Compiled against Berkeley DB: 5.3.28?
Run-time linked against Berkeley DB: 5.3.28?
dict_open: hash:/etc/postfix/without_ptr
cfg_get_str: /etc/postfix/sql/recipient-access.cf: user = vmail
cfg_get_str: /etc/postfix/sql/recipient-access.cf: password = mailpasswort
cfg_get_str: /etc/postfix/sql/recipient-access.cf: dbname = vmail
cfg_get_str: /etc/postfix/sql/recipient-access.cf: result_format = %s
cfg_get_str: /etc/postfix/sql/recipient-access.cf: option_file = <NULL>
cfg_get_str: /etc/postfix/sql/recipient-access.cf: option_group = client
cfg_get_str: /etc/postfix/sql/recipient-access.cf: tls_key_file = <NULL>
cfg_get_str: /etc/postfix/sql/recipient-access.cf: tls_cert_file = <NULL>
cfg_get_str: /etc/postfix/sql/recipient-access.cf: tls_CAfile = <NULL>
cfg_get_str: /etc/postfix/sql/recipient-access.cf: tls_CApath = <NULL>
cfg_get_str: /etc/postfix/sql/recipient-access.cf: tls_ciphers = <NULL>
cfg_get_bool: /etc/postfix/sql/recipient-access.cf: tls_verify_cert = on
cfg_get_bool: /etc/postfix/sql/recipient-access.cf: require_result_set = on
cfg_get_int: /etc/postfix/sql/recipient-access.cf: expansion_limit = 0
cfg_get_str: /etc/postfix/sql/recipient-access.cf: query = select
if(sendonly = true, 'REJECT', 'OK') AS access from accounts where
username = '%u' and domain = '%d' and enabled = true LIMIT 1;
cfg_get_str: /etc/postfix/sql/recipient-access.cf: domain =
cfg_get_str: /etc/postfix/sql/recipient-access.cf: hosts = 127.0.0.1
dict_open: mysql:/etc/postfix/sql/recipient-access.cf
unknown_helo_hostname_tempfail_action = defer_if_permit
unknown_address_tempfail_action = defer_if_permit
unverified_recipient_tempfail_action = defer_if_permit
unverified_sender_tempfail_action = defer_if_permit
name_mask: 0
auto_clnt_create: transport=local endpoint=private/tlsmgr
auto_clnt_open: connected to private/tlsmgr
send attr request = seed
send attr size = 32
private/tlsmgr: wanted attribute: status
input attribute name: status
input attribute value: 0
private/tlsmgr: wanted attribute: seed
input attribute name: seed
input attribute value: F09GxSrWzA0Ujwp4uBHi8Xhhc+iRRssc9ntjt4rXnuw=
private/tlsmgr: wanted attribute: (list terminator)
input attribute name: (end)
send attr request = policy
send attr cache_type = smtpd
private/tlsmgr: wanted attribute: status
input attribute name: status
input attribute value: 0
private/tlsmgr: wanted attribute: cachable
input attribute name: cachable
input attribute value: 1
private/tlsmgr: wanted attribute: timeout
input attribute name: timeout
input attribute value: 3600
private/tlsmgr: wanted attribute: (list terminator)
input attribute name: (end)
name_mask: NO_COMPRESSION
match_string: parent_domain_matches_subdomains: fast_flush_domains ~?
debug_peer_list
match_string: parent_domain_matches_subdomains: fast_flush_domains ~?
fast_flush_domains
auto_clnt_create: transport=local endpoint=private/anvil
unknown_stream: wanted attribute: (any attribute name or list terminator)
input attribute name: client_address
input attribute value: 139.18.1.9
unknown_stream: wanted attribute: (any attribute name or list terminator)
input attribute name: client_port
input attribute value: 37268
unknown_stream: wanted attribute: (any attribute name or list terminator)
input attribute name: server_address
input attribute value: 139.18.1.8
unknown_stream: wanted attribute: (any attribute name or list terminator)
input attribute name: server_port
input attribute value: 25
unknown_stream: wanted attribute: (any attribute name or list terminator)
input attribute name: (end)
connection established
master_notify: status 0
name_mask: resource
name_mask: software
connect from absendermailserver.de[139.18.1.9]
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
smtp_stream_setup: maxtime=300 enable_deadline=0
match_hostname: smtpd_client_event_limit_exceptions:
absendermailserver.de ~? 127.0.0.0/8
match_hostaddr: smtpd_client_event_limit_exceptions: 139.18.1.9 ~?
127.0.0.0/8
match_hostname: smtpd_client_event_limit_exceptions:
absendermailserver.de ~? [::ffff:127.0.0.0]/104
match_hostaddr: smtpd_client_event_limit_exceptions: 139.18.1.9 ~?
[::ffff:127.0.0.0]/104
match_hostname: smtpd_client_event_limit_exceptions:
absendermailserver.de ~? [::1]/128
match_hostaddr: smtpd_client_event_limit_exceptions: 139.18.1.9 ~? [::1]/128
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
auto_clnt_open: connected to private/anvil
send attr request = connect
send attr ident = smtpd:139.18.1.9
private/anvil: wanted attribute: status
input attribute name: status
input attribute value: 0
private/anvil: wanted attribute: count
input attribute name: count
input attribute value: 1
private/anvil: wanted attribute: rate
input attribute name: rate
input attribute value: 1
private/anvil: wanted attribute: (list terminator)
input attribute name: (end)
> absendermailserver.de[139.18.1.9]: 220 mail.zieldomain.de ESMTP Postfix
< absendermailserver.de[139.18.1.9]: EHLO absendermailserver.de
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
> absendermailserver.de[139.18.1.9]: 250-mail.zieldomain.de
> absendermailserver.de[139.18.1.9]: 250-PIPELINING
> absendermailserver.de[139.18.1.9]: 250-SIZE 52428800
> absendermailserver.de[139.18.1.9]: 250-VRFY
> absendermailserver.de[139.18.1.9]: 250-ETRN
> absendermailserver.de[139.18.1.9]: 250-STARTTLS
> absendermailserver.de[139.18.1.9]: 250-ENHANCEDSTATUSCODES
> absendermailserver.de[139.18.1.9]: 250-8BITMIME
> absendermailserver.de[139.18.1.9]: 250-DSN
> absendermailserver.de[139.18.1.9]: 250 CHUNKING
< absendermailserver.de[139.18.1.9]: STARTTLS
> absendermailserver.de[139.18.1.9]: 220 2.0.0 Ready to start TLS
send attr request = seed
send attr size = 32
private/tlsmgr: wanted attribute: status
input attribute name: status
input attribute value: 0
private/tlsmgr: wanted attribute: seed
input attribute name: seed
input attribute value: rleoJ4yGveVpDGfMaSUnpjd9zBXuzp8hvf4UDvgDLZY=
private/tlsmgr: wanted attribute: (list terminator)
input attribute name: (end)
send attr request = update
send attr cache_type = smtpd
send attr cache_id =
1A668740F8E241DDD1A1726ADE096C6FA6D4EA0F4E0FE379E831CB64BA7E8452&s=smtpd&l=269488207
send attr session = [data 127 bytes]
private/tlsmgr: wanted attribute: status
input attribute name: status
input attribute value: 0
private/tlsmgr: wanted attribute: (list terminator)
input attribute name: (end)
< absendermailserver.de[139.18.1.9]: EHLO absendermailserver.de
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
> absendermailserver.de[139.18.1.9]: 250-mail.zieldomain.de
> absendermailserver.de[139.18.1.9]: 250-PIPELINING
> absendermailserver.de[139.18.1.9]: 250-SIZE 52428800
> absendermailserver.de[139.18.1.9]: 250-VRFY
> absendermailserver.de[139.18.1.9]: 250-ETRN
> absendermailserver.de[139.18.1.9]: 250-ENHANCEDSTATUSCODES
> absendermailserver.de[139.18.1.9]: 250-8BITMIME
> absendermailserver.de[139.18.1.9]: 250-DSN
> absendermailserver.de[139.18.1.9]: 250 CHUNKING
< absendermailserver.de[139.18.1.9]: MAIL
FROM:<sebastian at absenderdomain.de> SIZE=891 BODY=8BITMIME
extract_addr: input: <sebastian at absenderdomain.de>
smtpd_check_addr: addr=sebastian at absenderdomain.de
connect to subsystem private/rewrite
send attr request = rewrite
send attr rule = local
send attr address = ""
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 0
private/rewrite socket: wanted attribute: address
input attribute name: address
input attribute value: ""
private/rewrite socket: wanted attribute: (list terminator)
input attribute name: (end)
rewrite_clnt: local: "" -> ""
send attr request = rewrite
send attr rule = local
send attr address = sebastian at absenderdomain.de
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 0
private/rewrite socket: wanted attribute: address
input attribute name: address
input attribute value: sebastian at absenderdomain.de
private/rewrite socket: wanted attribute: (list terminator)
input attribute name: (end)
rewrite_clnt: local: sebastian at absenderdomain.de ->
sebastian at absenderdomain.de
send attr request = resolve
send attr sender =
send attr address = sebastian at absenderdomain.de
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 0
private/rewrite socket: wanted attribute: transport
input attribute name: transport
input attribute value: smtp
private/rewrite socket: wanted attribute: nexthop
input attribute name: nexthop
input attribute value: absenderdomain.de
private/rewrite socket: wanted attribute: recipient
input attribute name: recipient
input attribute value: sebastian at absenderdomain.de
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 4096
private/rewrite socket: wanted attribute: (list terminator)
input attribute name: (end)
resolve_clnt: `' -> `sebastian at absenderdomain.de' -> transp=`smtp'
host=`absenderdomain.de' rcpt=`sebastian at absenderdomain.de' flags=
class=default
ctable_locate: install entry key ?sebastian at absenderdomain.de
extract_addr: in: <sebastian at absenderdomain.de>, result:
sebastian at absenderdomain.de
send attr request = rewrite
send attr rule = local
send attr address = double-bounce
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 0
private/rewrite socket: wanted attribute: address
input attribute name: address
input attribute value: double-bounce at mail.zieldomain.de
private/rewrite socket: wanted attribute: (list terminator)
input attribute name: (end)
rewrite_clnt: local: double-bounce -> double-bounce at mail.zieldomain.de
smtpd_check_rewrite: trying: permit_inet_interfaces
permit_inet_interfaces: absendermailserver.de 139.18.1.9
fsspace: .: block size 4096, blocks free 4167952
smtpd_check_queue: blocks 4096 avail 4167952 min_free 0 msg_size_limit
52428800
> absendermailserver.de[139.18.1.9]: 250 2.1.0 Ok
< absendermailserver.de[139.18.1.9]: RCPT TO:<sebastian at zieldomain.de>
ORCPT=rfc822;sebastian at zieldomain.de
extract_addr: input: <sebastian at zieldomain.de>
smtpd_check_addr: addr=sebastian at zieldomain.de
send attr request = rewrite
send attr rule = local
send attr address = sebastian at absenderdomain.de
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 0
private/rewrite socket: wanted attribute: address
input attribute name: address
input attribute value: sebastian at absenderdomain.de
private/rewrite socket: wanted attribute: (list terminator)
input attribute name: (end)
rewrite_clnt: local: sebastian at absenderdomain.de ->
sebastian at absenderdomain.de
send attr request = rewrite
send attr rule = local
send attr address = sebastian at zieldomain.de
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 0
private/rewrite socket: wanted attribute: address
input attribute name: address
input attribute value: sebastian at zieldomain.de
private/rewrite socket: wanted attribute: (list terminator)
input attribute name: (end)
rewrite_clnt: local: sebastian at zieldomain.de -> sebastian at zieldomain.de
send attr request = resolve
send attr sender = sebastian at absenderdomain.de
send attr address = sebastian at zieldomain.de
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 0
private/rewrite socket: wanted attribute: transport
input attribute name: transport
input attribute value: smtp
private/rewrite socket: wanted attribute: nexthop
input attribute name: nexthop
input attribute value: zieldomain.de
private/rewrite socket: wanted attribute: recipient
input attribute name: recipient
input attribute value: sebastian at zieldomain.de
private/rewrite socket: wanted attribute: flags
input attribute name: flags
input attribute value: 4096
private/rewrite socket: wanted attribute: (list terminator)
input attribute name: (end)
resolve_clnt: `sebastian at absenderdomain.de' -> `sebastian at zieldomain.de'
-> transp=`smtp' host=`zieldomain.de' rcpt=`sebastian at zieldomain.de'
flags= class=default
ctable_locate: install entry key
sebastian at absenderdomain.de?sebastian at zieldomain.de
extract_addr: in: <sebastian at zieldomain.de>, result: sebastian at zieldomain.de
>>> START Client host RESTRICTIONS <<<
generic_checks: name=permit_mynetworks
permit_mynetworks: absendermailserver.de 139.18.1.9
match_hostname: mynetworks: absendermailserver.de ~? 127.0.0.0/8
match_hostaddr: mynetworks: 139.18.1.9 ~? 127.0.0.0/8
match_hostname: mynetworks: absendermailserver.de ~? [::ffff:127.0.0.0]/104
match_hostaddr: mynetworks: 139.18.1.9 ~? [::ffff:127.0.0.0]/104
match_hostname: mynetworks: absendermailserver.de ~? [::1]/128
match_hostaddr: mynetworks: 139.18.1.9 ~? [::1]/128
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
generic_checks: name=permit_mynetworks status=0
generic_checks: name=check_client_access
check_namadr_access: name absendermailserver.de addr 139.18.1.9
check_domain_access: absendermailserver.de
maps_find: hash:/etc/postfix/without_ptr: absendermailserver.de: not found
maps_find: hash:/etc/postfix/without_ptr: xn--deiner-dta.de: not found
maps_find: hash:/etc/postfix/without_ptr: de: not found
check_addr_access: 139.18.1.9
maps_find: hash:/etc/postfix/without_ptr: 139.18.1.9: not found
maps_find: hash:/etc/postfix/without_ptr: 139.18.1: not found
maps_find: hash:/etc/postfix/without_ptr: 83.149: not found
maps_find: hash:/etc/postfix/without_ptr: 83: not found
generic_checks: name=check_client_access status=0
generic_checks: name=reject_unknown_client_hostname
reject_unknown_client: absendermailserver.de 139.18.1.9
generic_checks: name=reject_unknown_client_hostname status=0
>>> END Client host RESTRICTIONS <<<
>>> START Helo command RESTRICTIONS <<<
generic_checks: name=permit_mynetworks
permit_mynetworks: absendermailserver.de 139.18.1.9
match_hostname: mynetworks: absendermailserver.de ~? 127.0.0.0/8
match_hostaddr: mynetworks: 139.18.1.9 ~? 127.0.0.0/8
match_hostname: mynetworks: absendermailserver.de ~? [::ffff:127.0.0.0]/104
match_hostaddr: mynetworks: 139.18.1.9 ~? [::ffff:127.0.0.0]/104
match_hostname: mynetworks: absendermailserver.de ~? [::1]/128
match_hostaddr: mynetworks: 139.18.1.9 ~? [::1]/128
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
generic_checks: name=permit_mynetworks status=0
generic_checks: name=reject_invalid_helo_hostname
reject_invalid_hostname: absendermailserver.de
generic_checks: name=reject_invalid_helo_hostname status=0
generic_checks: name=reject_non_fqdn_helo_hostname
reject_non_fqdn_hostname: absendermailserver.de
generic_checks: name=reject_non_fqdn_helo_hostname status=0
generic_checks: name=reject_unknown_helo_hostname
reject_unknown_hostname: absendermailserver.de
lookup absendermailserver.de type A flags
dns_query: absendermailserver.de (A): OK
dns_get_answer: type A for absendermailserver.de
generic_checks: name=reject_unknown_helo_hostname status=0
>>> END Helo command RESTRICTIONS <<<
>>> START Recipient address RESTRICTIONS <<<
generic_checks: name=check_recipient_access
check_mail_access: sebastian at zieldomain.de
ctable_locate: leave existing entry key
sebastian at absenderdomain.de?sebastian at zieldomain.de
dict_mysql_get_active: attempting to connect to host 127.0.0.1
dict_mysql: successful connection to host 127.0.0.1
mysql:/etc/postfix/sql/recipient-access.cf: successful query result from
host 127.0.0.1
dict_mysql_lookup: retrieved 1 rows
maps_find: mysql:/etc/postfix/sql/recipient-access.cf:
mysql:/etc/postfix/sql/recipient-access.cf(0,lock|fold_fix|utf8_request):
sebastian at zieldomain.de = OK
mail_addr_find: sebastian at zieldomain.de -> OK
check_table_result: mysql:/etc/postfix/sql/recipient-access.cf OK
sebastian at zieldomain.de
smtpd_acl_permit: checking smtpd_log_access_permit_actions settings
match_list_match: OK: no match
smtpd_acl_permit: smtpd_log_access_permit_actions: no match
generic_checks: name=check_recipient_access status=1
>>> END Recipient address RESTRICTIONS <<<
>>> START Recipient address RESTRICTIONS <<<
generic_checks: name=reject_non_fqdn_recipient
reject_non_fqdn_address: sebastian at zieldomain.de
generic_checks: name=reject_non_fqdn_recipient status=0
generic_checks: name=reject_unknown_recipient_domain
reject_unknown_address: sebastian at zieldomain.de
ctable_locate: leave existing entry key
sebastian at absenderdomain.de?sebastian at zieldomain.de
reject_unknown_mailhost: zieldomain.de
lookup zieldomain.de type MX flags
dns_query: zieldomain.de (MX): OK
dns_get_answer: type MX for zieldomain.de
generic_checks: name=reject_unknown_recipient_domain status=0
generic_checks: name=reject_unauth_destination
reject_unauth_destination: sebastian at zieldomain.de
permit_auth_destination: sebastian at zieldomain.de
ctable_locate: leave existing entry key
sebastian at absenderdomain.de?sebastian at zieldomain.de
NOQUEUE: reject: RCPT from absendermailserver.de[139.18.1.9]: 554 5.7.1
<sebastian at zieldomain.de>: Relay access denied;
from=<sebastian at absenderdomain.de> to=<sebastian at zieldomain.de>
proto=ESMTP helo=<absendermailserver.de>
generic_checks: name=reject_unauth_destination status=2
>>> END Recipient address RESTRICTIONS <<<
> absendermailserver.de[139.18.1.9]: 554 5.7.1
<sebastian at zieldomain.de>: Relay access denied
< absendermailserver.de[139.18.1.9]: DATA
> absendermailserver.de[139.18.1.9]: 554 5.5.1 Error: no valid recipients
< absendermailserver.de[139.18.1.9]: RSET
> absendermailserver.de[139.18.1.9]: 250 2.0.0 Ok
< absendermailserver.de[139.18.1.9]: QUIT
> absendermailserver.de[139.18.1.9]: 221 2.0.0 Bye
match_hostname: smtpd_client_event_limit_exceptions:
absendermailserver.de ~? 127.0.0.0/8
match_hostaddr: smtpd_client_event_limit_exceptions: 139.18.1.9 ~?
127.0.0.0/8
match_hostname: smtpd_client_event_limit_exceptions:
absendermailserver.de ~? [::ffff:127.0.0.0]/104
match_hostaddr: smtpd_client_event_limit_exceptions: 139.18.1.9 ~?
[::ffff:127.0.0.0]/104
match_hostname: smtpd_client_event_limit_exceptions:
absendermailserver.de ~? [::1]/128
match_hostaddr: smtpd_client_event_limit_exceptions: 139.18.1.9 ~? [::1]/128
match_list_match: absendermailserver.de: no match
match_list_match: 139.18.1.9: no match
send attr request = disconnect
send attr ident = smtpd:139.18.1.9
private/anvil: wanted attribute: status
input attribute name: status
input attribute value: 0
private/anvil: wanted attribute: (list terminator)
input attribute name: (end)
disconnect from absendermailserver.de[139.18.1.9] ehlo=2 starttls=1
mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8
master_notify: status 1
connection closed
Mehr Informationen über die Mailingliste Postfixbuch-users