Sender domain problems

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Sender domain problems

Tony Yarusso-2
Okay, so I'm getting some messages in my mail log that include lines like this:
(host mail.something.commercial said: 450 <[hidden email]>:
Sender address rejected: Domain not found (in reply to RCPT TO
command))

However, while spcompsci.org is the main domain we're using here, it's
not set up to have mail yet.  Rather, the mail component should only
be servicing virtualnorthstar.org.  Both the PHP-mailing machine
sending the mail originally and the main mail server that's relaying
it to the outside have myorigin = /etc/mailname (Debian-style), and
/etc/mailname contains virtualnorthstar.org.  So, what I'm wondering
is what else might be setting the from domain as spcompsci.org still,
so I can change it to be the right one (as only virtualnorthstar.org
has a valid MX DNS record) ?

--
Tony Yarusso
http://tonyyarusso.com/
Reply | Threaded
Open this post in threaded view
|

Re: Sender domain problems

Victoriano Giralt-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Tony Yarusso wrote:
| Okay, so I'm getting some messages in my mail log that include lines
like this:
| (host mail.something.commercial said: 450 <[hidden email]>:
8<----8<
| is what else might be setting the from domain as spcompsci.org still,
| so I can change it to be the right one (as only virtualnorthstar.org
| has a valid MX DNS record) ?
|
That www-data part makes me think yu should investigate what the Apache
in the PHP machine thinks of itself. You will probably need to configure
its Postfix to masquerade everything to virtualnorthstar.org

- --
Victoriano Giralt
Systems Manager
Central Computing Facility
University of Malaga
SPAIN
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIdSvIV6+mDjj1PTgRA5f7AJ4lWq8824cmXJ7BCqkt5dlkAwrxnACguiiO
vhNTuh0b+gLkkSgmtqx8evo=
=rdAY
-----END PGP SIGNATURE-----
Reply | Threaded
Open this post in threaded view
|

Re: Sender domain problems

Wietse Venema
In reply to this post by Tony Yarusso-2
Tony Yarusso:
> Okay, so I'm getting some messages in my mail log that include lines like this:
> (host mail.something.commercial said: 450 <[hidden email]>:
> Sender address rejected: Domain not found (in reply to RCPT TO
> command))

Indeed, spcompsci.org has no MX or A record. Many sites will be
extremely suspicious about mail from a non-existent origin.

> However, while spcompsci.org is the main domain we're using here, it's
> not set up to have mail yet.  Rather, the mail component should only
> be servicing virtualnorthstar.org.  Both the PHP-mailing machine
> sending the mail originally and the main mail server that's relaying
> it to the outside have myorigin = /etc/mailname (Debian-style), and
> /etc/mailname contains virtualnorthstar.org.  So, what I'm wondering
> is what else might be setting the from domain as spcompsci.org still,
> so I can change it to be the right one (as only virtualnorthstar.org
> has a valid MX DNS record) ?

Postfix does not make up these names, so it is either already
specified in the mail before it enters Postfix, it is set in a
Postfix configuration file, or something else modifies the address
in transit.

The Postfix logfiles should be able to tell you a lot already.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Sender domain problems

Tony Yarusso-2
On Wed, Jul 9, 2008 at 4:25 PM, Wietse Venema <[hidden email]> wrote:
> Postfix does not make up these names, so it is either already
> specified in the mail before it enters Postfix, it is set in a
> Postfix configuration file, or something else modifies the address
> in transit.
>
> The Postfix logfiles should be able to tell you a lot already.
>
>        Wietse

I'm leaning towards "something else modifies the address in transit",
based on the fact that /var/log/mail.info on the Drupal/Apache/PHP
machine has the proper address when sending, but then the same file on
the standalone mail server is saying it's receiving from the other
domain.  The question then becomes what else could be modifying it?  A
router, gateway, or our internal DNS?  These machines are on the same
network - they actually have neighboring IPs - so it doesn't go very
far between the two.

--
Tony Yarusso
http://tonyyarusso.com/
Reply | Threaded
Open this post in threaded view
|

Re: Sender domain problems

Wietse Venema
Tony Yarusso:

> On Wed, Jul 9, 2008 at 4:25 PM, Wietse Venema <[hidden email]> wrote:
> > Postfix does not make up these names, so it is either already
> > specified in the mail before it enters Postfix, it is set in a
> > Postfix configuration file, or something else modifies the address
> > in transit.
> >
> > The Postfix logfiles should be able to tell you a lot already.
> >
> >        Wietse
>
> I'm leaning towards "something else modifies the address in transit",
> based on the fact that /var/log/mail.info on the Drupal/Apache/PHP
> machine has the proper address when sending, but then the same file on
> the standalone mail server is saying it's receiving from the other
> domain.  The question then becomes what else could be modifying it?  A
> router, gateway, or our internal DNS?  These machines are on the same
> network - they actually have neighboring IPs - so it doesn't go very
> far between the two.

It would be most helpful if you could reveal actually concrete and
complete logfile entries for mail submission on the first machine,
mail delivery form the first machine to the second machine, mail
arrival on the second machine and then the logging as the second
machine attempts to deliver the mail.

Replace the "good" domain by good.example.com and the other by
wrong.example.com.

Do NOT turn on verbose logging.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Sender domain problems

Tony Yarusso-2
In reply to this post by Tony Yarusso-2
Wait a minute, I think I may have figured it out.  I had the mailname
wrong earlier in the week, and had already changed that, initially
thinking that fixed the problem but then second-guessing myself today
looking at the logs.  Now I'm thinking that what's actually going on
is that those entries were actually old messages from before that
change that the server was still trying to send.  (I forgot that they
were just being deferred, not deleted.)  I got the queue cleared out
and am watching to see if anything new shows up.  Anyway, thanks for
the responses, as always!


--
Tony Yarusso
http://tonyyarusso.com/