0

I know there is a bunch of questions like that. But no one has the same scenario as described here. Here is the scenario.

I have a static IP. I am setting my postfix mail server in a virtual machine. My static IP is defined in one interface of my server. My server is my host for virtual machine also. I have a MASQUERADE jump in my iptables for traffic between the 2 interfaces of my server. To sum up, my server has 2 interfaces. One of them with the static public IP and the other with a static internal IP(192.168.1.0/24).

My postfix mail server is identified by the IP 192.168.1.4. I am able to receive emails from outside and send emails internally. But, all my emails send to external mail providers(yahoo, hotmal,gmail..) are returning back as undelivered. It seems the email is going out. It is not been refused(I think). It is been bounced after have been sent.

What is making me thinking like that is the mail log. as you can see in the log below, the line with ** is indicating the email was sent.

Jun 16 14:39:28 mail postfix/smtpd[2740]: connect from unknown[192.168.1.22]
Jun 16 14:39:29 mail postfix/smtpd[2740]: CD845120353: client=unknown[192.168.1.22], sasl_method=PLAIN, sasl_username=jareas@thegeekbeaver.ca
Jun 16 14:39:29 mail postfix/cleanup[2746]: CD845120353: message-id=<012B97FE-D855-43F6-BF7A-E2BAB1532C3A@thegeekbeaver.ca>
Jun 16 14:39:29 mail postfix/qmgr[2739]: CD845120353: from=<jareas@thegeekbeaver.ca>, size=1926, nrcpt=1 (queue active)
Jun 16 14:39:29 mail amavis[1278]: (01278-01) ESMTP::10024 /var/lib/amavis/tmp/amavis-20130616T143929-01278-S08QTJqD: <jareas@thegeekbeaver.ca> -> <jrareas@ig.com.br> SIZE=1926 Received: from mail.thegeekbeaver.ca ([127.0.0.1]) by localhost (mail.thegeekbeaver.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <jrareas@ig.com.br>; Sun, 16 Jun 2013 14:39:29 -0400 (EDT)
Jun 16 14:39:29 mail amavis[1278]: (01278-01) Checking: xqb7Jpib5ubO [192.168.1.22] <jareas@thegeekbeaver.ca> -> <jrareas@ig.com.br>
Jun 16 14:39:32 mail postfix/smtpd[2750]: connect from localhost[127.0.0.1]
Jun 16 14:39:32 mail postfix/smtpd[2750]: D1F5612039C: client=localhost[127.0.0.1]
Jun 16 14:39:32 mail postfix/cleanup[2746]: D1F5612039C: message-id=<012B97FE-D855-43F6-BF7A-E2BAB1532C3A@thegeekbeaver.ca>
Jun 16 14:39:32 mail postfix/qmgr[2739]: D1F5612039C: from=<jareas@thegeekbeaver.ca>, size=2384, nrcpt=1 (queue active)
Jun 16 14:39:32 mail amavis[1278]: (01278-01) FWD from <jareas@thegeekbeaver.ca> -> <jrareas@ig.com.br>,BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as D1F5612039C
Jun 16 14:39:32 mail postfix/smtp[2752]: name_mask: ipv4
Jun 16 14:39:32 mail postfix/smtp[2752]: inet_addr_local: configured 2 IPv4 addresses
Jun 16 14:39:32 mail postfix/smtp[2752]: process generation: 12 (12)
Jun 16 14:39:32 mail postfix/smtp[2752]: name_mask: 0
Jun 16 14:39:32 mail postfix/smtp[2752]: auto_clnt_create: transport=local endpoint=private/tlsmgr
Jun 16 14:39:32 mail postfix/smtp[2752]: auto_clnt_open: connected to private/tlsmgr
Jun 16 14:39:32 mail postfix/smtp[2752]: send attr request = seed
Jun 16 14:39:32 mail postfix/smtp[2752]: send attr size = 32
Jun 16 14:39:32 mail postfix/smtp[2752]: private/tlsmgr: wanted attribute: status
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: status
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 0
Jun 16 14:39:32 mail postfix/smtp[2752]: private/tlsmgr: wanted attribute: seed
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: seed
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: rhc/7qzeS6ovv1yxELZ2Ild7yLTt4rpDpcyonn0Iaqw=
Jun 16 14:39:32 mail postfix/smtp[2752]: private/tlsmgr: wanted attribute: (list terminator)
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: send attr request = policy
Jun 16 14:39:32 mail postfix/smtp[2752]: send attr cache_type = smtp
Jun 16 14:39:32 mail postfix/smtp[2752]: private/tlsmgr: wanted attribute: status
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: status
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 0
Jun 16 14:39:32 mail postfix/smtp[2752]: private/tlsmgr: wanted attribute: cachable
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: cachable
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 1
Jun 16 14:39:32 mail postfix/smtp[2752]: private/tlsmgr: wanted attribute: (list terminator)
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: match_string: fast_flush_domains ~? debug_peer_list
Jun 16 14:39:32 mail postfix/smtp[2752]: match_string: fast_flush_domains ~? fast_flush_domains
Jun 16 14:39:32 mail postfix/smtp[2752]: name_mask: canonical
Jun 16 14:39:32 mail postfix/smtp[2752]: name_mask: virtual
Jun 16 14:39:32 mail postfix/smtp[2752]: name_mask: dns
Jun 16 14:39:32 mail postfix/smtp[2752]: host name lookup methods: dns
Jun 16 14:39:32 mail postfix/smtp[2752]: auto_clnt_create: transport=local endpoint=private/scache
Jun 16 14:39:32 mail postfix/smtp[2752]: connection established
Jun 16 14:39:32 mail postfix/smtp[2752]: master_notify: status 0
Jun 16 14:39:32 mail postfix/smtp[2752]: deliver_request_initial: send initial status
Jun 16 14:39:32 mail postfix/smtp[2752]: send attr status = 0
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: flags
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: flags
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 3
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: queue_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: queue_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: active
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: queue_id
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: queue_id
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: D1F5612039C
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: offset
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: offset
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 625
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: size
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: size
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 2384
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: nexthop
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: nexthop
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: ig.com.br
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: encoding
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: encoding
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 7bit
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: sender
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: sender
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: jareas@thegeekbeaver.ca
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: envelope_id
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: envelope_id
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: ret_flags
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: ret_flags
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 0
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: time
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: time
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: ZAa+UQAAAADSGA0AAAAAAGQGvlEAAAAAQzYNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: log_client_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: log_client_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: localhost
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: log_client_address
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: log_client_address
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 127.0.0.1
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: log_client_port
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: log_client_port
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 46310
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: log_protocol_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: log_protocol_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: ESMTP
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: log_helo_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: log_helo_name
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: localhost
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: sasl_method
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: sasl_method
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: sasl_username
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: sasl_username
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: sasl_sender
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: sasl_sender
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: log_ident
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: log_ident
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: D1F5612039C
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: rewrite_context
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: rewrite_context
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: local
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: recipient_count
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: recipient_count
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 1
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: (list terminator)
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: original_recipient
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: original_recipient
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: jrareas@ig.com.br
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: recipient
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: recipient
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: jrareas@ig.com.br
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: offset
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: offset
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 604
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: dsn_orig_rcpt
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: dsn_orig_rcpt
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: rfc822;jrareas@ig.com.br
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: notify_flags
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: notify_flags
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute value: 0
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp socket: wanted attribute: (list terminator)
Jun 16 14:39:32 mail postfix/smtp[2752]: input attribute name: (end)
Jun 16 14:39:32 mail postfix/smtp[2752]: deliver_request_get: file active/D1F5612039C
Jun 16 14:39:32 mail postfix/smtp[2752]: deliver_message: from jareas@thegeekbeaver.ca
Jun 16 14:39:32 mail postfix/smtp[2752]: smtp_parse_destination: ig.com.br smtp
Jun 16 14:39:32 mail postfix/smtp[2752]: connecting to ig.com.br port 25
Jun 16 14:39:32 mail amavis[1278]: (01278-01) Passed CLEAN {RelayedInternal}, LOCAL [192.168.1.22]:64368 [192.168.1.22] <jareas@thegeekbeaver.ca> -> <jrareas@ig.com.br>, Queue-ID: CD845120353, Message-ID: <012B97FE-D855-43F6-BF7A-E2BAB1532C3A@thegeekbeaver.ca>, mail_id: xqb7Jpib5ubO, Hits: -0.999, size: 1924, queued_as: D1F5612039C, 3019 ms
**Jun 16 14:39:32 mail postfix/smtp[2747]: CD845120353: to=<jrareas@ig.com.br>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.1, delays=0.02/0.01/0.01/3, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as D1F5612039C)**
Jun 16 14:39:32 mail postfix/qmgr[2739]: CD845120353: removed

Jun 16 14:39:32 mail amavis[1278]: (01278-01) extra modules loaded: unicore/lib/Nt/De.pl, unicore/lib/Perl/SpacePer.pl
Jun 16 14:39:34 mail postfix/smtp[2752]: dns_query: ig.com.br (MX): OK
Jun 16 14:39:34 mail postfix/smtp[2752]: dns_get_answer: type MX for ig.com.br
Jun 16 14:39:34  postfix/smtp[2752]: last message repeated 6 times
Jun 16 14:39:34 mail postfix/smtp[2752]: smtp_addr_one: host ALT1.ASPMX.L.GOOGLE.COM
Jun 16 14:39:34 mail postfix/smtp[2752]: lookup ALT1.ASPMX.L.GOOGLE.COM type A flags 0
Jun 16 14:39:34 mail postfix/smtp[2752]: dns_query: ALT1.ASPMX.L.GOOGLE.COM (A): OK
Jun 16 14:39:34 mail postfix/smtp[2752]: dns_get_answer: type A for ALT1.ASPMX.L.GOOGLE.COM
Jun 16 14:39:34 mail postfix/smtp[2752]: smtp_addr_one: host ALT2.ASPMX.L.GOOGLE.COM
Jun 16 14:39:34 mail postfix/smtp[2752]: lookup ALT2.ASPMX.L.GOOGLE.COM type A flags 0
Jun 16 14:39:34 mail postfix/smtp[2752]: dns_query: ALT2.ASPMX.L.GOOGLE.COM (A): OK
Jun 16 14:39:34 mail postfix/smtp[2752]: dns_get_answer: type A for ALT2.ASPMX.L.GOOGLE.COM
Jun 16 14:39:34 mail postfix/smtp[2752]: smtp_addr_one: host ASPMX5.GOOGLEMAIL.COM
Jun 16 14:39:34 mail postfix/smtp[2752]: lookup ASPMX5.GOOGLEMAIL.COM type A flags 0
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_query: ASPMX5.GOOGLEMAIL.COM (A): OK
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_get_answer: type A for ASPMX5.GOOGLEMAIL.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: smtp_addr_one: host ASPMX2.GOOGLEMAIL.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: lookup ASPMX2.GOOGLEMAIL.COM type A flags 0
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_query: ASPMX2.GOOGLEMAIL.COM (A): OK
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_get_answer: type A for ASPMX2.GOOGLEMAIL.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: smtp_addr_one: host ASPMX3.GOOGLEMAIL.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: lookup ASPMX3.GOOGLEMAIL.COM type A flags 0
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_query: ASPMX3.GOOGLEMAIL.COM (A): OK
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_get_answer: type A for ASPMX3.GOOGLEMAIL.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: smtp_addr_one: host ASPMX4.GOOGLEMAIL.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: lookup ASPMX4.GOOGLEMAIL.COM type A flags 0
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_query: ASPMX4.GOOGLEMAIL.COM (A): OK
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_get_answer: type A for ASPMX4.GOOGLEMAIL.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: smtp_addr_one: host ASPMX.L.GOOGLE.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: lookup ASPMX.L.GOOGLE.COM type A flags 0
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_query: ASPMX.L.GOOGLE.COM (A): OK
Jun 16 14:39:35 mail postfix/smtp[2752]: dns_get_answer: type A for ASPMX.L.GOOGLE.COM
Jun 16 14:39:35 mail postfix/smtp[2752]: begin ig.com.br address list
Jun 16 14:39:35 mail postfix/smtp[2752]: pref    5 host ALT1.ASPMX.L.GOOGLE.COM/173.194.74.26
Jun 16 14:39:35 mail postfix/smtp[2752]: pref    5 host ALT2.ASPMX.L.GOOGLE.COM/173.194.75.26
Jun 16 14:39:35 mail postfix/smtp[2752]: pref   10 host ASPMX5.GOOGLEMAIL.COM/74.125.136.26
Jun 16 14:39:35 mail postfix/smtp[2752]: pref   10 host ASPMX2.GOOGLEMAIL.COM/173.194.74.27
Jun 16 14:39:35 mail postfix/smtp[2752]: pref   10 host ASPMX3.GOOGLEMAIL.COM/173.194.75.27
Jun 16 14:39:35 mail postfix/smtp[2752]: pref   10 host ASPMX4.GOOGLEMAIL.COM/173.194.66.27
Jun 16 14:39:35 mail postfix/smtp[2752]: pref   20 host ASPMX.L.GOOGLE.COM/74.125.142.27
Jun 16 14:39:35 mail postfix/smtp[2752]: end ig.com.br address list
Jun 16 14:39:35 mail postfix/smtp[2752]: smtp_find_self: not found
Jun 16 14:39:35 mail postfix/smtp[2752]: smtp_connect_addr: trying: ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26] port 25...
Jun 16 14:39:35 mail postfix/smtp[2752]: vstream_tweak_tcp: TCP_MAXSEG 1448
Jun 16 14:39:35 mail postfix/smtp[2752]: global TLS level: may
Jun 16 14:39:35 mail postfix/smtp[2752]: smtp_stream_setup: maxtime=300 enable_deadline=0
Jun 16 14:39:35 mail postfix/smtpd[2753]: connect from unknown[192.168.1.2]
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 220 mail.thegeekbeaver.ca ESMTP Postfix
Jun 16 14:39:35 mail postfix/smtp[2752]: warning: host ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25 greeted me with my own hostname mail.thegeekbeaver.ca
Jun 16 14:39:35 mail postfix/smtp[2752]: > ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: EHLO mail.thegeekbeaver.ca
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-mail.thegeekbeaver.ca
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-PIPELINING
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-SIZE
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-ETRN
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-STARTTLS
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-AUTH PLAIN LOGIN
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-AUTH=PLAIN LOGIN
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-ENHANCEDSTATUSCODES
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250-8BITMIME
Jun 16 14:39:35 mail postfix/smtp[2752]: < ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25: 250 DSN
Jun 16 14:39:35 mail postfix/smtp[2752]: warning: host ALT1.ASPMX.L.GOOGLE.COM[173.194.74.26]:25 replied to HELO/EHLO with my own hostname mail.thegeekbeaver.ca
Jun 16 14:39:35 mail postfix/smtp[2752]: connect to subsystem private/bounce
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr nrequest = 0
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr flags = 0
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr queue_id = D1F5612039C
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr original_recipient = jrareas@ig.com.br
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr recipient = jrareas@ig.com.br
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr offset = 604
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr dsn_orig_rcpt = rfc822;jrareas@ig.com.br
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr notify_flags = 0
Jun 16 14:39:35 mail postfix/smtp[2752]: send attr status = 5.4.6
Jun 16 14:39:35 mail postfix/smtpd[2753]: disconnect from unknown[192.168.1.2]
Jun 16 14:39:35 mail postfix/cleanup[2746]: 31D0212039E: message-id=<20130616183935.31D0212039E@mail.thegeekbeaver.ca>
Jun 16 14:39:35 mail postfix/bounce[2754]: D1F5612039C: sender non-delivery notification: 31D0212039E
Jun 16 14:39:35 mail postfix/qmgr[2739]: 31D0212039E: from=<>, size=4315, nrcpt=1 (queue active)
Jun 16 14:39:35 mail postfix/qmgr[2739]: D1F5612039C: removed
Jun 16 14:39:35 mail postfix/virtual[2755]: 31D0212039E: to=<jareas@thegeekbeaver.ca>, relay=virtual, delay=0.02, delays=0/0.01/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
Jun 16 14:39:35 mail postfix/qmgr[2739]: 31D0212039E: removed

After get the status sent and the removed line in the log, the system start to get the loop back email.

Here is my main.cf

proxy_interfaces=24.137.51.30
myorigin = /etc/mailname
mydomain = thegeekbeaver.ca
smtpd_banner = $myhostname ESMTP $mail_name
biff = no
append_dot_mydomain = no
readme_directory = no
mydestination =
relayhost =
mynetworks = 192.168.1.0/24 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mynetworks_style = host
mailbox_size_limit = 0
virtual_mailbox_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
message_size_limit = 0

# SMTP Authentication (SASL)

smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $mydomain

# Encrypted transfer (SSL/TLS)

smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/ssl/private/mail.thegeekbeaver.ca.crt
smtpd_tls_key_file = /etc/ssl/private/mail.thegeekbeaver.ca.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# Basic SPAM prevention

#smtpd_helo_required = yes
#smtpd_delay_reject = yes
disable_vrfy_command = yes
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_unauth_destination
smtpd_recipient_restrictions =  permit_sasl_authenticated, permit_mynetworks, reject_unknown_sender_domain, reject_unauth_destination

# Force incoming mail to go through Amavis

content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

# Virtual user mappings

alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
virtual_mailbox_base = /var/spool/mail/virtual
virtual_mailbox_maps = mysql:/etc/postfix/maps/user.cf
virtual_uid_maps = static:5000
virtual_gid_maps =  static:5000
virtual_alias_maps = mysql:/etc/postfix/maps/alias.cf
virtual_mailbox_domains = mysql:/etc/postfix/maps/domain.cf

The domains are configured in mysql database. For domains I have the following lines:

+-----------------------+-----------+---------+
| domain                | transport | enabled |
+-----------------------+-----------+---------+
| mail.thegeekbeaver.ca | virtual:  |       1 |
| thegeekbeaver.ca      | virtual:  |       1 |
+-----------------------+-----------+---------+

I have a internal DNS also. The DNS server is other virtual machine hosted by my server. The ip for my dns server is 192.168.1.3. It is responsible to translate internal names. If do not able to translate, it forward to my ISP DNS.

Here is the message I am getting back from gmail as example

     This is the mail system at host mail.localdomain.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                  The mail system

<jrareas@gmail.com>: mail for gmail.com loops back to myself
Reporting-MTA: dns; mail.localdomain
X-Postfix-Queue-ID: 7199212037D
X-Postfix-Sender: rfc822; jareas@thegeekbeaver.ca
Arrival-Date: Sun, 16 Jun 2013 11:00:35 -0400 (EDT)

Final-Recipient: rfc822; jrareas@gmail.com
Original-Recipient: rfc822;jrareas@gmail.com
Action: failed
Status: 5.4.6
Diagnostic-Code: X-Postfix; mail for gmail.com loops back to myself

Take a look at Diagnostic-Code: X-Postfix;. It is not telling an internal email. Is telling me that gmail loops back my email.

These are my iptables rules:

#Allowing Established Sessions
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
#connections from inside network
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i p3p1 -j ACCEPT
iptables -I INPUT -p tcp --dport 25 -j ACCEPT
iptables -I INPUT -p tcp --dport 143 -j ACCEPT
iptables -I INPUT -p tcp --dport 110 -j ACCEPT
iptables -I OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -I OUTPUT -p udp --dport 53 -j ACCEPT

iptables -A OUTPUT -p tcp --sport 25 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 143 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 110 -m state --state ESTABLISHED -j ACCEPT

#PREROUTING

iptables -t nat -A POSTROUTING -j MASQUERADE

iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to 192.168.1.4:25
iptables -t nat -A PREROUTING -p tcp --dport 143 -j DNAT --to 192.168.1.4:143
iptables -t nat -A PREROUTING -p tcp --dport 110 -j DNAT --to 192.168.1.4:110

iptables -A FORWARD -i p2p1 -p tcp --dport 25 -d 192.168.1.4
iptables -A FORWARD -i p2p1 -p tcp --dport 143 -d 192.168.1.4
iptables -A FORWARD -i p2p1 -p tcp --dport 110 -d 192.168.1.4
iptables -A FORWARD -i p2p1 -p tcp --dport 53 -d 192.168.1.3
iptables -A FORWARD -i p2p1 -p udp --dport 53 -d 192.168.1.3

#iptables -A FORWARD -j DROP
iptables -A INPUT -j DROP

I believe it is all details I have. I am sure you will try to help me. But, please, I am sure it is not a mydestination issue. Please, do not answer me telling I have to work with mydestination values. The problem is not that. I am sure. When the error is with mydestination values, the postfix Diagnostic code shows an internal domain. Beside, this is not a backup email. It is not a relay server. It is a master mail server. The same configuration was working fine when I had a dynamic IP. It stop working when I migrate it to a static solution.

My question is, why external emails are been sent, but the providers is refusing it and looping back to my mail server?

Jose Areas
  • 103
  • 5
  • What does your route table look like.. and your iptables rules? Seems to me like you're intercepting your own traffic on the outgoing mail, the line `25 replied to HELO/EHLO with my own hostname mail.thegeekbeaver.ca` being the primary clue.. – NickW Jun 17 '13 at 14:55
  • I just added in my post – Jose Areas Jun 17 '13 at 15:11
  • `iptables -t nat -A PREROUTING -p tcp --dport 25 -j DNAT --to 192.168.1.4:25` That's gonna get you every time.. – NickW Jun 17 '13 at 15:24
  • Sorry @NickW. I did not follow you. Is that wrong? – Jose Areas Jun 17 '13 at 15:30
  • It is if you want to send mail anywhere outside your machine. – NickW Jun 17 '13 at 15:30
  • Great!!!! I really believe you. But I am not sure how to fix it. – Jose Areas Jun 17 '13 at 15:33
  • It's a good question, but basically you're going to want to exclude traffic from 192.168.1.4 from the iptables rules. – NickW Jun 17 '13 at 15:40
  • I'm not an iptables genius, but `iptables -t nat -A PREROUTING -s ! 192.168.1.4 -p tcp --dport 25 -j DNAT --to 192.168.1.4:25` may do what you need. – NickW Jun 17 '13 at 15:45
  • @NickW, I spent all my weekend trying to figure it out. With one simple clue you open a sky for me. Thank you very much. I get rid of this rule and the mail goes out. I have to figure out how to create rules to goes out and come in. Thank you again – Jose Areas Jun 17 '13 at 15:51
  • Not a problem, a second pair of eyes has fixed things that I completely overlooked 100 times myself :) – NickW Jun 17 '13 at 15:54

2 Answers2

4

The problem is not external providers refusing your mail, but the fact that you are using iptables to intercept ALL outgoing traffic on port 25 and then redirecting that traffic back to 192.168.1.4:25 which is of course your postfix installation.

That is why you are getting the error mail loops back to itself, because it is literally looping back to itself.

NickW
  • 10,183
  • 1
  • 18
  • 26
0

I managed to settle here by doing the following:

iptables -t nat -A PREROUTING -p tcp -i eth0 -d 177.53.80.39 -dport 25 -j DNAT -to-destination 192.168.0.111:25
kofemann
  • 4,308
  • 1
  • 21
  • 27
user202513
  • 1