Something is altering Postfix's main.cf without my interaction.

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Something is altering Postfix's main.cf without my interaction.

Robert Senger-2
Hi all,

I've seen some really strange things happening these days.

Recently I asked my ISP to set the PTR records for my ipv4 address
from the default (something like host-1-2-3-4.provider.net) to my own
domains (mydomain.de and myotherdomain.net). Fine.

Then I changed
   myhostname = host-1-2-3-4.provider.net
to
   myhostname = mydomain.de
and Postfix used that for it's helo greeting. Fine.

Two days ago, I suddenly received emails from local services originating
from [hidden email] rather than from [hidden email] or
root@host as usual, which confused me. I looked into Postfix
configuration and saw this:

Before (what I configured):
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
myhostname = mydomain.de

Suddenly (whoever did that):
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
myhostname = host-1-2-3-4-provider.net

Then I realized that my provider accidentially changed the PTR back to
the default, which was fixed a couple of hours later. I changed main.cf
back to myhostname = mydomain. Emails from local services continued to
come from [hidden email] for another couple of hours,
until everything went back to normal.

Just a few minutes ago I got an email from
[hidden email] again, and looked at Postfix's main.cf.
Yes, again myhostname was changed to host-1-2-3-4-provider.net, this
time the PTRs were okay (but may have been reverted to default and back
just before I checked).

I am running my own DNS (bind9) on the same machine as Postfix.
All local DNS queries are processed by this server. This server is also
authoritative for the forward zones of both domains, and the ipv6
reverse zones, but not for ipv4 reverse zones, of course.

What the hell happens here? Why is main.cf changed, and who's doing
that? Would it change back if I just wait? How do local services using
the mail command know about the PTRs?

Confused,

Robert


--
Robert Senger


Reply | Threaded
Open this post in threaded view
|

Re: Something is altering Postfix's main.cf without my interaction.

Viktor Dukhovni
On Sat, Jun 06, 2015 at 10:25:10PM +0200, Robert Senger wrote:

> Suddenly (whoever did that):
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> myhostname = host-1-2-3-4-provider.net

Complain to your Debian maintainer.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Something is altering Postfix's main.cf without my interaction.

Robert Senger-2
Hi Viktor,

I don't complain, I just want to know what happens, and if it makes
sense at all. ;)

How do you know it's Debian? Yes, it's something between Wheezy and
Jessie. Is that a known issue with Debian?

As far as I can see, there's no cron job or something like that that
could alter Postfix config files. I know that it's a good thing to have
reverse lookup matching forward lookup matching helo, but besides Sieve
failing to sort messages into the right folder if sender address alters,
I've also seen other emails being rejected.

So, is it okay to leave it like it is, or is it better to find out more
about what's going on and stop this?

Cheers,

Robert



Am Samstag, den 06.06.2015, 23:05 +0000 schrieb Viktor Dukhovni:
> On Sat, Jun 06, 2015 at 10:25:10PM +0200, Robert Senger wrote:
>
> > Suddenly (whoever did that):
> > smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> > myhostname = host-1-2-3-4-provider.net
>
> Complain to your Debian maintainer.
>

--
Robert Senger


Reply | Threaded
Open this post in threaded view
|

Re: Something is altering Postfix's main.cf without my interaction.

Viktor Dukhovni
On Sun, Jun 07, 2015 at 03:16:22AM +0200, Robert Senger wrote:
> Hi Viktor,
>
> I don't complain, I just want to know what happens, and if it makes
> sense at all. ;)
>
> How do you know it's Debian? Yes, it's something between Wheezy and
> Jessie. Is that a known issue with Debian?

Debian modifies Postfix to dynamically set the system name at boot
time.

> So, is it okay to leave it like it is, or is it better to find out more
> about what's going on and stop this?

Find out how to stop Debian from doing this.  Some interface up/down
script or somewhere in /etc/network/ is a first place to
look.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Something is altering Postfix's main.cf without my interaction.

Scott Kitterman-4
On Monday, June 08, 2015 02:20:40 AM Viktor Dukhovni wrote:

> On Sun, Jun 07, 2015 at 03:16:22AM +0200, Robert Senger wrote:
> > Hi Viktor,
> >
> > I don't complain, I just want to know what happens, and if it makes
> > sense at all. ;)
> >
> > How do you know it's Debian? Yes, it's something between Wheezy and
> > Jessie. Is that a known issue with Debian?
>
> Debian modifies Postfix to dynamically set the system name at boot
> time.
>
> > So, is it okay to leave it like it is, or is it better to find out more
> > about what's going on and stop this?
>
> Find out how to stop Debian from doing this.  Some interface up/down
> script or somewhere in /etc/network/ is a first place to
> look.

This is from the Debian /etc/postfix/main.cf:

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

if you don't want it to be set to /etc/mailname, uncomment that entry and set
myorigin to the desired name.

Scott K
Reply | Threaded
Open this post in threaded view
|

Re: Something is altering Postfix's main.cf without my interaction.

Patrick Ben Koetter-2
In reply to this post by Robert Senger-2
Robert,

Am 07.06.2015 um 03:16 schrieb Robert Senger:
> Hi Viktor,
>
> I don't complain, I just want to know what happens, and if it makes
> sense at all. ;)
>
> How do you know it's Debian? Yes, it's something between Wheezy and
> Jessie. Is that a known issue with Debian?

it certainly isn't Postfix altering its own configuration automatically.
So it is either something you programmed yourself or something the
OS/distribution dragged in.

If it is the OS, you should probably ask on an OS related mailing list.

p@rick


>
> As far as I can see, there's no cron job or something like that that
> could alter Postfix config files. I know that it's a good thing to have
> reverse lookup matching forward lookup matching helo, but besides Sieve
> failing to sort messages into the right folder if sender address alters,
> I've also seen other emails being rejected.
>
> So, is it okay to leave it like it is, or is it better to find out more
> about what's going on and stop this?
>
> Cheers,
>
> Robert
>
>
>
> Am Samstag, den 06.06.2015, 23:05 +0000 schrieb Viktor Dukhovni:
>> On Sat, Jun 06, 2015 at 10:25:10PM +0200, Robert Senger wrote:
>>
>>> Suddenly (whoever did that):
>>> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
>>> myhostname = host-1-2-3-4-provider.net
>> Complain to your Debian maintainer.
>>
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein



smime.p7s (5K) Download Attachment