Edit: Please note that unlike many other similar questions, this configuration works perfectly when the message is received via smtp. The problem is only when its sent via the
I'm running Postfix 3.1.1, and I have just discovered that Postfix fails to delivery any local messages sent via the mail
command on the server, but works fine via smtpd.
Here is a log transcript if the message arrives via smtp:
2020-02-02 23:06:34.048389+1000 0x72d3b Info 25056 smtpd: 0BB1614AB18E: client=office.sendingdomain.com.au[203.2.2.2]
2020-02-02 23:06:34.066985+1000 0x72ee4 Info 25072 cleanup: 0BB1614AB18E: message-id=<B9FBCED6-6345-4355-BD9E-89721E3BCA64@sendingdomain.com.au>
2020-02-02 23:06:34.068755+1000 0x722f6 Info 24886 qmgr: 0BB1614AB18E: from=<jay@sendingdomain.com.au>, size=889, nrcpt=1 (queue active)
2020-02-02 23:06:34.084680+1000 0x72d3b Info 25056 smtpd: disconnect from office.sendingdomain.com.au[203.2.2.2] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
2020-02-02 23:06:36.482250+1000 0x72f12 Info 25079 smtpd: connect from localhost[127.0.0.1]
2020-02-02 23:06:36.489399+1000 0x72f12 Info 25079 smtpd: 774C714AB19C: client=localhost[127.0.0.1]
2020-02-02 23:06:36.492067+1000 0x72ee4 Info 25072 cleanup: 774C714AB19C: message-id=<B9FBCED6-6345-4355-BD9E-89721E3BCA64@sendingdomain.com.au>
2020-02-02 23:06:36.493066+1000 0x72f12 Info 25079 smtpd: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
2020-02-02 23:06:36.493595+1000 0x722f6 Info 24886 qmgr: 774C714AB19C: from=<jay@sendingdomain.com.au>, size=1585, nrcpt=1 (queue active)
2020-02-02 23:06:36.531628+1000 0x72ee7 Info 25073 smtp: 0BB1614AB18E: to=<jay@home.mydomain.com>, orig_to=<jay@mydomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.9, delays=0.45/0.09/0.04/2.3, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 774C714AB19C)
And here is the log transcript if I do mail jay@mydomain.com
from the command-line on the mail server while logged in as root:
2020-02-02 23:08:56.102815+1000 0x732a3 Info 0x0 25116 cleanup: 118E214AB263: message-id=<20200202130856.118E214AB263@home.mydomain.com>
2020-02-02 23:08:56.103991+1000 0x732a1 Info 0x0 25115 qmgr: 118E214AB263: from=<root@home.mydomain.com>, size=338, nrcpt=1 (queue active)
2020-02-02 23:08:56.155341+1000 0x72d3b Info 0x0 25056 smtpd: connect from home.mydomain.com[10.0.5.201]
2020-02-02 23:08:56.156441+1000 0x732a7 Default 0x0 25118 smtp: warning: host home.mydomain.com[10.0.5.201]:25 greeted me with my own hostname home.mydomain.com
2020-02-02 23:08:56.157154+1000 0x732a7 Default 0x0 25118 smtp: warning: host home.mydomain.com[10.0.5.201]:25 replied to HELO/EHLO with my own hostname home.mydomain.com
2020-02-02 23:08:56.186791+1000 0x732a7 Info 0x0 25118 smtp: 118E214AB263: to=<jay@mydomain.com>, relay=home.mydomain.com[10.0.5.201]:25, delay=0.76, delays=0.7/0.03/0.02/0, dsn=5.4.6, status=bounced (mail for mydomain.com loops back to myself)
2020-02-02 23:08:56.187402+1000 0x72d3b Info 0x0 25056 smtpd: disconnect from home.mydomain.com[10.0.5.201] ehlo=1 quit=1 commands=2
2020-02-02 23:08:56.189190+1000 0x732a3 Info 0x0 25116 cleanup: 2DF3614AB265: message-id=<20200202130856.2DF3614AB265@home.mydomain.com>
2020-02-02 23:08:56.190087+1000 0x732a1 Info 0x0 25115 qmgr: 2DF3614AB265: from=<>, size=2383, nrcpt=1 (queue active)
2020-02-02 23:08:56.190987+1000 0x732a1 Info 0x0 25115 qmgr: 118E214AB263: removed
2020-02-02 23:08:56.221747+1000 0x732a3 Info 0x0 25116 cleanup: 35E4B14AB266: message-id=<20200202130856.2DF3614AB265@home.mydomain.com>
2020-02-02 23:08:56.222627+1000 0x732b0 Info 0x0 25120 local: 2DF3614AB265: to=<root@home.mydomain.com>, relay=local, delay=0.03, delays=0/0.03/0/0, dsn=2.0.0, status=sent (forwarded as 35E4B14AB266)
2020-02-02 23:08:56.222654+1000 0x732a1 Info 0x0 25115 qmgr: 35E4B14AB266: from=<>, size=2533, nrcpt=1 (queue active)
2020-02-02 23:08:56.223659+1000 0x732a1 Info 0x0 25115 qmgr: 2DF3614AB265: removed
2020-02-02 23:08:56.237912+1000 0x72d3b Info 0x0 25056 smtpd: connect from home.mydomain.com[10.0.5.201]
2020-02-02 23:08:56.238780+1000 0x732a7 Default 0x0 25118 smtp: warning: host home.mydomain.com[10.0.5.201]:25 greeted me with my own hostname home.mydomain.com
2020-02-02 23:08:56.239572+1000 0x732a7 Default 0x0 25118 smtp: warning: host home.mydomain.com[10.0.5.201]:25 replied to HELO/EHLO with my own hostname home.mydomain.com
2020-02-02 23:08:56.240770+1000 0x732a7 Info 0x0 25118 smtp: 35E4B14AB266: to=<home.mydomain.com@mydomain.com>, orig_to=<root@home.mydomain.com>, relay=home.mydomain.com[10.0.5.201]:25, delay=0.02, delays=0/0/0.02/0, dsn=5.4.6, status=bounced (mail for mydomain.com loops back to myself)
2020-02-02 23:08:56.241401+1000 0x72d3b Info 0x0 25056 smtpd: disconnect from home.mydomain.com[10.0.5.201] ehlo=1 quit=1 commands=2
2020-02-02 23:08:56.242120+1000 0x732a1 Info 0x0 25115 qmgr: 35E4B14AB266: removed
The server's ONLY IP address is 10.0.5.201, so I do not understand why it is opening up an SMTP connection to itself. When I query the DNS, it all correctly resolves to that IP:
Here is the DNS resolution config
# cat /etc/resolv.conf
search home.mydomain.com mydomain.com
nameserver 10.0.5.1
Here is a query to that nameserver for the MX hosts:
# host -t mx mydomain.com 10.0.5.1
Using domain server:
Name: 10.0.5.1
Address: 10.0.5.1#53
Aliases:
mydomain.com mail is handled by 50 internet.mydomain.com.
mydomain.com mail is handled by 10 home.mydomain.com.
Finally, here is a query for the A record for that host.
# host home.mydomain.com 10.0.5.1
Using domain server:
Name: 10.0.5.1
Address: 10.0.5.1#53
Aliases:
home.mydomain.com has address 10.0.5.201
So, the DNS looks pretty clean to me.
Since the problem is only occurring when using the mail
command, is the problem somewhere in master.cf?
smtp inet n - n - 1 postscreen
smtpd pass - - n - - smtpd
dnsblog unix - - n - 0 dnsblog
tlsproxy unix - - n - 0 tlsproxy
submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o content_filter=
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
smtp unix - - n - - smtp
proxywrite unix - - n - 1 proxymap
pickup fifo n - n 60 1 pickup
-o content_filter=smtp-amavis:[127.0.0.1]:10024
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
sacl-cache unix - - n - 1 sacl-cache
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o smtp_fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
dovecot unix - n n - 25 pipe
flags=DRhu user=_dovecot:mail argv=/Applications/Server.app/Contents/ServerRoot/usr/libexec/dovecot/dovecot-lda -d ${user}
policy unix - n n - - spawn
user=nobody:mail argv=/usr/bin/perl /Applications/Server.app/Contents/ServerRoot/usr/libexec/postfix/greylist.pl
smtp-amavis unix - - y - 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o max_use=20
127.0.0.1:10025 inet n - y - - smtpd
-o content_filter=
-o smtpd_tls_security_level=none
-o smtpd_delay_reject=no
-o smtpd_client_restrictions=permit_mynetworks,reject
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o smtpd_data_restrictions=reject_unauth_pipelining
-o smtpd_end_of_data_restrictions=
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients=
-o smtpd_milters=
-o local_recipient_maps=
-o relay_recipient_maps=
And here are is the output of postconf -n
:
alias_maps = hash:/Library/Server/Mail/Config/postfix/aliases hash:/Library/Server/Mail/Data/listserver/aliases/list_server_aliases
biff = no
command_directory = /Applications/Server.app/Contents/ServerRoot/usr/sbin
compatibility_level = 2
config_directory = /Library/Server/Mail/Config/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /Applications/Server.app/Contents/ServerRoot/usr/libexec/postfix
data_directory = /Library/Server/Mail/Data/mta
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_server_options = yes
header_checks = pcre:/Library/Server/Mail/Config/postfix/custom_header_checks
html_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/doc/postfix/html
imap_submit_cred_file = /Library/Server/Mail/Config/postfix/submit.cred
inet_interfaces = all
inet_protocols = ipv4
mail_owner = _postfix
mailbox_size_limit = 0
mailbox_transport = dovecot
mailq_path = /Applications/Server.app/Contents/ServerRoot/usr/bin/mailq
manpage_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/man
message_size_limit = 31457280
mydestination = home.mydomain.com, localhost
mydomain = home.mydomain.com
mydomain_fallback = localhost
myhostname = home.mydomain.com
mynetworks = 127.0.0.0/8, 10.0.5.1/32, 10.0.5.31/32, [::1]/128
newaliases_path = /Applications/Server.app/Contents/ServerRoot/usr/bin/newaliases
proxy_interfaces = 124.148.20.193
queue_directory = /Library/Server/Mail/Data/spool
readme_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/doc/postfix
recipient_canonical_maps = hash:/Library/Server/Mail/Config/postfix/system_user_maps
recipient_delimiter = +
relayhost =
sample_directory = /Applications/Server.app/Contents/ServerRoot/usr/share/doc/postfix/examples
sendmail_path = /Applications/Server.app/Contents/ServerRoot/usr/sbin/sendmail
setgid_group = _postdrop
smtp_tls_CAfile = /Library/Server/Mail/Config/postfix/ca-certificates.pem
smtp_tls_loglevel = 1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_pw_server_security_options = cram-md5,digest-md5,gssapi,login,plain
smtpd_recipient_restrictions = permit_sasl_authenticated reject_non_fqdn_recipient check_recipient_access hash:/Library/Server/Mail/Config/postfix/access permit_mynetworks reject_unauth_destination reject_non_fqdn_sender check_sender_access hash:/Library/Server/Mail/Config/postfix/sender_access check_sender_access regexp:/Library/Server/Mail/Config/postfix/regexp_sender reject_non_fqdn_hostname reject_invalid_helo_hostname check_helo_access regexp:/Library/Server/Mail/Config/postfix/helo_access reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net permit
smtpd_require_virtual_map = yes
smtpd_sasl_auth_enable = yes
smtpd_tls_CAfile = /etc/certificates/home.mydomain.com.A892E14870AED314279463AACA7B5424BDA1C1D0.chain.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/certificates/home.mydomain.com.A892E14870AED314279463AACA7B5424BDA1C1D0.cert.pem
smtpd_tls_ciphers = medium
smtpd_tls_exclude_ciphers = SSLv2, 3DES, aNULL, ADH, eNULL, EXPORT
smtpd_tls_key_file = /etc/certificates/home.mydomain.com.A892E14870AED314279463AACA7B5424BDA1C1D0.key.pem
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_use_pw_server = yes
smtpd_use_tls = yes
soft_bounce = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
use_sacl_cache = yes
virtual_alias_domains = $virtual_alias_maps hash:/Library/Server/Mail/Config/postfix/virtual_domains
virtual_alias_maps = $virtual_maps hash:/Library/Server/Mail/Config/postfix/virtual regexp:/Library/Server/Mail/Config/postfix/regexp_virtual hash:/Library/Server/Mail/Config/postfix/virtual_users hash:/Library/Server/Mail/Data/listserver/aliases/list_server_virtual
mydomain.com is defined in virtual_domains:
mydomain.com allow
jay@mydomain.com is defined in virtual_users:
jay@mydomain.com jay
Why doesn't postfix realise that the message dropped off via mail
is for local delivery and hand it off to dovecot like it does when the message is received via smtp?