Quantcast

Domain loops to itself

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Domain loops to itself

Nikolaos Milas
Hello,

I have been using the following config without problems, but after I
added the domain: hesperia-space.eu, mail to the new domain becomes
undelivered with the error (example from one attempt to send mail):

Feb 17 15:21:38 mailgw3 postfix/smtpd[17664]: NOQUEUE: reject: RCPT from
mail-wr0-x242.google.com[2a00:1450:400c:c0c::242]: 450 4.1.1
<[hidden email]>: Recipient address rejected: unverified
address: mail for hesperia-space.eu loops back to myself;
from=<[hidden email]> to=<[hidden email]> proto=ESMTP
helo=<mail-wr0-x242.google.com>

The sent email never makes it to the final (relayed) destination.

I have added the domain in the relay_domains setting and in the
/etc/postfix/transportmap file, as you can see below.

Can you please notice what is wrong? I have spent quite some time, but I
can't tell where the problem is.

I post the config, as is, including the new domain:

# postconf -n
allowed_list1 = check_client_access cidr:/etc/postfix/vmail.cidr,reject
allowed_list2 = check_client_access
cidr:/etc/postfix/internalnetworks.cidr,reject
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
default_process_limit = 50
disable_vrfy_command = yes
enable_long_queue_ids = yes
header_checks = pcre:/etc/postfix/blacklisted_maillists
html_directory = no
inet_interfaces = all
inet_protocols = ipv4, ipv6
local_recipient_maps =
local_transport = error:local mail delivery is disabled
mail_name = NOA Mail Srv XAPITI XPICTOY
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 15728640
mydestination =
mynetworks = 127.0.0.1/32 [::1]/128
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
postscreen_access_list = permit_mynetworks,
cidr:/etc/postfix/postscreen_exceptions.cidr
postscreen_blacklist_action = enforce
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = b.barracudacentral.org*2, zen.spamhaus.org*2,
psbl.surriel.com*2
postscreen_dnsbl_threshold = 2
postscreen_greet_action = enforce
queue_directory = /var/spool/postfix
relay_domains = noa.gr, astro.noa.gr, admin.noa.gr, nestor.noa.gr,
space.noa.gr, meteo.noa.gr, gein.noa.gr, technet.noa.gr, hesperia-space.eu
relay_recipient_maps =
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_helo_required = yes
smtpd_recipient_restrictions = check_client_access
hash:/etc/postfix/amavis_bypass check_sender_access
hash:/etc/postfix/blacklisted_senders check_sender_access
pcre:/etc/postfix/blacklisted_maillists reject_unverified_recipient
reject_unauth_destination check_recipient_access
hash:/etc/postfix/protected_destinations
check_reverse_client_hostname_access pcre:/etc/postfix/fqrdns.pcre
permit_mynetworks reject_invalid_hostname reject_unauth_pipelining
reject_non_fqdn_sender reject_unknown_sender_domain
reject_non_fqdn_recipient reject_unknown_recipient_domain
reject_rbl_client b.barracudacentral.org reject_rbl_client
zen.spamhaus.org reject_rbl_client psbl.surriel.com reject_rbl_client
bl.spamcop.net reject_rbl_client dnsbl.sorbs.net reject_rhsbl_client
dbl.spamhaus.org reject_rhsbl_sender dbl.spamhaus.org reject_rhsbl_helo
dbl.spamhaus.org check_policy_service unix:postgrey/socket permit
smtpd_restriction_classes = allowed_list1,allowed_list2
transport_maps = hash:/etc/postfix/transportmap
unknown_local_recipient_reject_code = 550
unverified_sender_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtualmap

# cat /etc/postfix/transportmap
noa.gr              relay:[vmail.noa.gr]
admin.noa.gr        relay:[vmail.noa.gr]
nestor.noa.gr       relay:[vmail.noa.gr]
space.noa.gr        relay:[vmail.noa.gr]
meteo.noa.gr        relay:[vmail.noa.gr]
gein.noa.gr         relay:[vmail.noa.gr]
technet.noa.gr      relay:[vmail.noa.gr]
astro.noa.gr        relay:[vmail.noa.gr]
hesperia-space.eu   relay:[vmail.noa.gr]

Thanks in advance,
Nick


Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Domain loops to itself

Wietse Venema
Nikolaos Milas:

> Hello,
>
> I have been using the following config without problems, but after I
> added the domain: hesperia-space.eu, mail to the new domain becomes
> undelivered with the error (example from one attempt to send mail):
>
> Feb 17 15:21:38 mailgw3 postfix/smtpd[17664]: NOQUEUE: reject: RCPT from
> mail-wr0-x242.google.com[2a00:1450:400c:c0c::242]: 450 4.1.1
> <[hidden email]>: Recipient address rejected: unverified
> address: mail for hesperia-space.eu loops back to myself;

You missed the preceding warning that says why.

- The server greets with the same hostname (in the 220 line)
as the client wants to use (in the EHLO cdommand).

- The server IP address matches $mydestination or $proxy_interfaces.

        Wietse
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Domain loops to itself

Nikolaos Milas
On 17/2/2017 4:12 μμ, Wietse Venema wrote:

> You missed the preceding warning that says why.
>
> - The server greets with the same hostname (in the 220 line)
> as the client wants to use (in the EHLO cdommand).
>
> - The server IP address matches $mydestination or $proxy_interfaces.

Thanks Wietse,

I didn't change anything, but it has now started working properly.

I am also getting all those test emails I sent earlier and had not been
delivered until now (and they were obviously in the sending servers'
queues).

I can't tell for sure what the problem may have been.

Could it be due to transport_maps caching (or something like that)? I
had initially forgotten to add the

    hesperia-space.eu   relay:[vmail.noa.gr]

line, but even when I added it and restarted postfix (service postfix
restart), it wouldn't work.

Thanks anyway,
Nick

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Domain loops to itself

Thomas Leuxner
* Nikolaos Milas <[hidden email]> 2017.02.17 15:59:

>    hesperia-space.eu   relay:[vmail.noa.gr]
>
> line, but even when I added it and restarted postfix (service postfix
> restart), it wouldn't work.

transport_maps = hash:/etc/postfix/transportmap

You need to run postmap on a hashed map for it to take effect.

Regards
Thomas

signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Domain loops to itself

Wietse Venema
In reply to this post by Nikolaos Milas
Nikolaos Milas:

> On 17/2/2017 4:12 ??, Wietse Venema wrote:
>
> > You missed the preceding warning that says why.
> >
> > - The server greets with the same hostname (in the 220 line)
> > as the client wants to use (in the EHLO cdommand).
> >
> > - The server IP address matches $mydestination or $proxy_interfaces.
>
> Thanks Wietse,
>
> I didn't change anything, but it has now started working properly.

Again, please look for Postfix warnings that say "host greeted me
with my own name" or similar. If there are none then there was a
problem where DNS resolved a destination to a hostname with an IP
address that matches the mydestination or proxy_interfaces setting
of the sending MTA.

        Wietse
Loading...