Prev: Howto install Postfix based on OpenVZ
Next: proxymap(8), number of connections, detecting altered tables
From: Ben Munat on 19 Jun 2010 18:20
I have a colo server running a few websites and using postfix for a few
domains. The server came with a few IP addresses, but I'm using the main
address only and hanging on to the other for when we need HTTPS.

A while back I noticed some mails in my deferred queue that had messages
saying that the mail was held because the sending IP was in a block
list. However, the IP it listed was *not* the main IP I use, the one
that I intend for postfix to do it's work on.

I have this in my main.cf:

main.cf:inet_interfaces = 64.69.38.41,127.0.0.1

and I hook up the main smtp process in master.cf like this:

master.cf: -o smtp_bind_address=64.69.38.41

And yet, I still occasionally see mail sitting in the deferred queue
saying that 64.69.38.45 is on a block list.

What am I missing? How are these servers seeing my mail connection as
coming from the .45 address instead of the .41?

Thanks,

Ben

From: Stan Hoeppner on 19 Jun 2010 18:33
Ben Munat put forth on 6/19/2010 5:20 PM:

> What am I missing?

You are missing the required evidence that would allow us to help you. We
need actual error messages, log entries, postconf -n output, etc. The list
welcome message told you what to provide.

Based on what you've provided so far, we can only _speculate_ as to the cause
of the problem. We need evidence to actually identify the cause.

--
Stan

From: Wietse Venema on 19 Jun 2010 18:51
Ben Munat:
[ Charset ISO-8859-1 unsupported, converting... ]
> I have a colo server running a few websites and using postfix for a few
> domains. The server came with a few IP addresses, but I'm using the main
> address only and hanging on to the other for when we need HTTPS.
>
> A while back I noticed some mails in my deferred queue that had messages
> saying that the mail was held because the sending IP was in a block
> list. However, the IP it listed was *not* the main IP I use, the one
> that I intend for postfix to do it's work on.
>
> I have this in my main.cf:
>
> main.cf:inet_interfaces = 64.69.38.41,127.0.0.1
>
> and I hook up the main smtp process in master.cf like this:
>
> master.cf: -o smtp_bind_address=64.69.38.41

This works only on the SMTP CLIENT. Not the SMTP SERVER.

Wietse

> And yet, I still occasionally see mail sitting in the deferred queue
> saying that 64.69.38.45 is on a block list.
>
> What am I missing? How are these servers seeing my mail connection as
> coming from the .45 address instead of the .41?
>
> Thanks,
>
> Ben
>
>

From: Ben Munat on 19 Jun 2010 18:52
On 6/19/10 3:33 PM, Stan Hoeppner wrote:
> Ben Munat put forth on 6/19/2010 5:20 PM:
>
>> What am I missing?
>
> You are missing the required evidence that would allow us to help
you. We
> need actual error messages, log entries, postconf -n output, etc.
The list
> welcome message told you what to provide.
>
> Based on what you've provided so far, we can only _speculate_ as to
the cause
> of the problem. We need evidence to actually identify the cause.
>

Hi, thanks for the quick reply... and good point.

Here is an example from the mail log:

Jun 17 20:45:26 munat postfix/smtp[17934]: E533B4432C:
to=<mrodbard(a)metromix.com>, relay=mx1.emailsrvr.com[72.4.117.7]:25,
delay=0.84, delays=0.13/0.19/0.29/0.24, dsn=5.7.1, status=bounced (host
mx1.emailsrvr.com[72.4.117.7] said: 554 5.7.1 ACL dns_rbl; Client host
[64.69.38.45] blocked using pf-ip4tset.blagr.emailsrvr.com=127.22.0.2
Please visit http://bounce.emailsrvr.com/?a0 for more information on why
this message could not be delivered (in reply to RCPT TO command))


Here is the output of postconf -n:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib/postfix
data_directory = /var/lib/postfix
debug_peer_level = 1
home_mailbox = .maildir/
html_directory = /usr/share/doc/postfix-2.5.2-documentation/html
inet_interfaces = 64.69.38.41,127.0.0.1
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 20480000
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = munat.net
myhostname = munat.net
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.5.5/README_FILES
sample_directory = /usr/share/doc/postfix-2.5.5/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = munat.net
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_sasl_authenticated,
permit_mynetworks, reject_unauth_destination,
reject_unknown_sender_domain
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtp.munat.com.pem
smtpd_tls_key_file = /etc/postfix/ssl/smtp.munat.com.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_alias_maps = pgsql:/etc/postfix/pgsql/pgsql-virtual.cf
virtual_gid_maps = static:1000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = pgsql:/etc/postfix/pgsql/pgsql-virtual-domains.cf
virtual_mailbox_limit = 10000000000
virtual_mailbox_maps = pgsql:/etc/postfix/pgsql/pgsql-virtual-maps.cf
virtual_uid_maps = static:1000

Thanks very much for your help!

Ben

From: Ben Munat on 19 Jun 2010 18:54
On 6/19/10 3:51 PM, Wietse Venema wrote:
> Ben Munat:
> [ Charset ISO-8859-1 unsupported, converting... ]
>> I have a colo server running a few websites and using postfix for a few
>> domains. The server came with a few IP addresses, but I'm using the main
>> address only and hanging on to the other for when we need HTTPS.
>>
>> A while back I noticed some mails in my deferred queue that had messages
>> saying that the mail was held because the sending IP was in a block
>> list. However, the IP it listed was *not* the main IP I use, the one
>> that I intend for postfix to do it's work on.
>>
>> I have this in my main.cf:
>>
>> main.cf:inet_interfaces = 64.69.38.41,127.0.0.1
>>
>> and I hook up the main smtp process in master.cf like this:
>>
>> master.cf: -o smtp_bind_address=64.69.38.41
>
> This works only on the SMTP CLIENT. Not the SMTP SERVER.
>
> Wietse
>

Ah, ok.. I'll remove that.

Thanks,

b


>> And yet, I still occasionally see mail sitting in the deferred queue
>> saying that 64.69.38.45 is on a block list.
>>
>> What am I missing? How are these servers seeing my mail connection as
>> coming from the .45 address instead of the .41?
>>
>> Thanks,
>>
>> Ben
>>
>>
>

 |  Next  |  Last
Pages: 1 2
Prev: Howto install Postfix based on OpenVZ
Next: proxymap(8), number of connections, detecting altered tables