Ubuntu Postfix: Mail loops back to myself and host greeted me with my own hostname

Question

my main.cf:

smtpd_banner = $myhostname ESMTP
biff = no
append_dot_mydomain = no
readme_directory = no
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_relay_restrictions = permit_mynetworks,
    permit_sasl_authenticated,
    reject_unauth_destination,
    permit
myhostname = mail.neonnuke.tech
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost, localhost.neonnuke.tech, mail.neonnuke.tech
relayhost =
mynetworks = 127.0.0.0/8 192.168.0.0/24 209.85.220.0/24 209.85.216.0/24 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_authenticated_header = yes 
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}"
smtp_use_tls = yes
smtpd_tls_received_header = yes
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_auth_only = yes
tls_random_source = dev:/dev/urandom
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
    reject_non_fqdn_helo_hostname,
    reject_invalid_helo_hostname,
    reject_unknown_helo_hostname,
    permit
smtpd_recipient_restrictions = permit_mynetworks,
    permit_sasl_authenticated,
    reject_unknown_client_hostname,
    reject_unknown_sender_domain,
    reject_unknown_recipient_domain,
    reject_invalid_hostname,
    reject_non_fqdn_sender,
    permit
smtpd_sender_restrictions =
    reject_unknown_sender_domain,
    reject_sender_login_mismatch
 smtpd_sender_login_maps = $virtual_mailbox_maps
unknown_address_reject_code = 550 
unknown_hostname_reject_code = 550
unknown_client_reject_code = 550
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/ssl/private/ssl-chain-mail-yourdomain.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-key-decrypted-mail-yourdomain.key
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_tls_ciphers = high
smptd_tls_loglevel = 1
smtpd_tls_security_level = may
smtpd_tls_session_cache_timeout = 3600s
canonical_maps =  hash:/etc/postfix/canonical
message_size_limit = 104857600
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_mailbox_domains =  hash:/etc/postfix/virtual-mailbox-domains
virtual_mailbox_maps = hash:/etc/postfix/virtual-mailbox-users
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
default_destination_concurrency_limit = 5
disable_vrfy_command = yes
relay_destination_concurrency_limit = 1
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
milter_default_action = accept
milter_connect_macros = j {daemon_name} v {if_name} _
non_smtpd_milters = $smtpd_milters
smtpd_milters = unix:/spamass/spamass.sock unix:/clamav/clamav-milter.ctl unix:/opendkim/opendkim.sock
postscreen_greet_action = enforce
postscreen_dnsbl_action = enforce
postscreen_access_list = permit_mynetworks
postscreen_dnsbl_sites = zen.spamhaus.org, b.barracudacentral.org,bl.spamcop.net
virtual_maps = hash:/etc/postfix/virtusertable

my mail.log:

Jan  1 20:38:48 ubuntu-standard postfix/postscreen[18881]: CONNECT from [86.6.181.24]:38535 to [192.168.0.13]:25
Jan  1 20:38:48 ubuntu-standard postfix/dnsblog[18883]: addr 86.6.181.24 listed by domain zen.spamhaus.org as 127.0.0.11
Jan  1 20:38:49 ubuntu-standard postfix/postscreen[18881]: DNSBL rank 1 for [86.6.181.24]:38535
Jan  1 20:38:49 ubuntu-standard postfix/smtp[18879]: warning: host mail.neonnuke.tech[86.6.181.24]:25 greeted me with my own hostname mail.neonnuke.tech
Jan  1 20:38:49 ubuntu-standard postfix/smtp[18879]: warning: host mail.neonnuke.tech[86.6.181.24]:25 replied to HELO/EHLO with my own hostname mail.neonnuke.tech
Jan  1 20:38:49 ubuntu-standard postfix/smtp[18879]: B6E7741DEF: to=<spam@neonnuke.tech>, relay=mail.neonnuke.tech[86.6.181.24]:25, delay=0.61, delays=0.02/0/0.59/0, dsn=5.4.6, status=bounced (mail for neonnuke.tech loops back to myself)
Jan  1 20:38:49 ubuntu-standard postfix/postscreen[18881]: DISCONNECT [86.6.181.24]:38535
Jan  1 20:38:49 ubuntu-standard postfix/qmgr[18439]: B6E7741DEF: removed

Even if I add my public ip to my networks so it isn't checked by zenhaus, it still is the same. This is being sent from another computer on the same network but even if s send it from google it gets sent but then it doesnt get sent to 192.168.0.13.

For example:

Jan  1 20:47:11 ubuntu-standard postfix/postscreen[19621]: CONNECT from [209.85.220.175]:35280 to [192.168.0.13]:25
Jan  1 20:47:11 ubuntu-standard postfix/postscreen[19621]: WHITELISTED [209.85.220.175]:35280
 Jan  1 20:47:12 ubuntu-standard postfix/smtpd[19622]: connect from mail-qk0-f175.google.com[209.85.220.175]
Jan  1 20:47:12 ubuntu-standard postfix/smtpd[19622]: warning: connect to Milter service unix:/opendkim/opendkim.sock: No such file or directory
Jan  1 20:47:13 ubuntu-standard postfix/smtpd[19622]: E9FC24192A: client=mail-qk0-f175.google.com[209.85.220.175]
Jan  1 20:47:14 ubuntu-standard postfix/cleanup[19630]: E9FC24192A: message-id=<CAPppPrR=WOnYTUCDSDt2kz6QeN9d93QGr2H_+OeSxgQs4N_8sQ@mail.gmail.com>
Jan  1 20:47:14 ubuntu-standard spamc[19631]: connect(AF_UNIX) to spamd using --socket='/var/spool/postfix/spamassassin/spamd.sock' failed: Connection refused
Jan  1 20:47:14 ubuntu-standard postfix/qmgr[18439]: E9FC24192A: from=<unrahulbeatable@gmail.com>, size=2624, nrcpt=1 (queue active)
Jan  1 20:47:14 ubuntu-standard postfix/smtpd[19622]: disconnect from mail-qk0-f175.google.com[209.85.220.175] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Jan  1 20:47:14 ubuntu-standard postfix/postscreen[19621]: CONNECT from [86.6.181.24]:38536 to [192.168.0.13]:25
Jan  1 20:47:14 ubuntu-standard postfix/dnsblog[19636]: addr 86.6.181.24 listed by domain zen.spamhaus.org as 127.0.0.11
 Jan  1 20:47:17 ubuntu-standard postfix/postscreen[19621]: DNSBL rank 1 for [86.6.181.24]:38536
Jan  1 20:47:17 ubuntu-standard postfix/smtp[19633]: warning: host mail.neonnuke.tech[86.6.181.24]:25 greeted me with my own hostname mail.neonnuke.tech
Jan  1 20:47:17 ubuntu-standard postfix/smtp[19633]: warning: host mail.neonnuke.tech[86.6.181.24]:25 replied to HELO/EHLO with my own hostname mail.neonnuke.tech
Jan  1 20:47:17 ubuntu-standard postfix/smtp[19633]: E9FC24192A: to=<lol@neonnuke.tech>, relay=mail.neonnuke.tech[86.6.181.24]:25, delay=3.7, delays=0.5/0.06/3.1/0, dsn=5.4.6, status=bounced (mail for neonnuke.tech loops back to myself)
Jan  1 20:47:17 ubuntu-standard postfix/postscreen[19621]: DISCONNECT [86.6.181.24]:38536
Jan  1 20:47:17 ubuntu-standard postfix/cleanup[19630]: 7E7C941DEE: message-id=<20170101204717.7E7C941DEE@mail.neonnuke.tech>
Jan  1 20:47:17 ubuntu-standard postfix/qmgr[18439]: 7E7C941DEE: from=<>, size=4551, nrcpt=1 (queue active)
Jan  1 20:47:17 ubuntu-standard postfix/bounce[19643]: E9FC24192A: sender non-delivery notification: 7E7C941DEE
Jan  1 20:47:17 ubuntu-standard postfix/qmgr[18439]: E9FC24192A: removed

score 2 · Accepted Answer · answered Jan 01 '17 at 23:28

You have not configured Postfix to accept mail destined for the neonnuke.tech domain, but you have configured the MX record to point to this mail server. Postfix has no idea what to do with this mail upon finding that it has received the very mail it is trying to send.

To resolve the problem, you need to tell Postfix to accept mail for neonnuke.tech, for instance by adding it to mydestination or virtual_alias_domains.

For bonus points, you are getting the message about the host greeting me with your own hostname, because the server is behind a NAT of some kind, and thus does not know it is reachable on its global IP address. This also will go away once the mail server knows it is authoritative for mail for the domain.

Then you also need to fix that problem, e.g., by adding the user. — Michael Hampton, Jan 02 '17 at 17:23

score 0 · Answer 2 · answered Jan 04 '17 at 11:48

So, the problem stems from the fact that postfix is sending out mail using SMTP and another host greeted it with it's own hostname:

   mail.neonnuke.tech[86.6.181.24]:25 replied to HELO/EHLO with my own hostname mail.neonnuke.tech

But why is that? According to the logs, 86.6.181.24 already tried to send the mail to the machine the log comes from (192.168.0.13). Why is that?

    E9FC24192A: to=<lol@neonnuke.tech>, relay=mail.neonnuke.tech[86.6.181.24]:25,

Seems to indicate that 86.6.181.24 doesn't consider itself as final destination for "neonnuke.tech" and thus passes the mail on to us.

But our machine also doesn't consider itself final destination -- alas, neonnuke.tech is not in mydestination:

   mydestination = localhost, localhost.neonnuke.tech, mail.neonnuke.tech

Solution: Change mydestination:

   mydestination = localhost, localhost.$mydomain, $myhostname, $mydomain

Then try again.

   Jan  1 20:47:12 ubuntu-standard postfix/smtpd[19622]: warning: connect to Milter service unix:/opendkim/opendkim.sock: No such file or directory

indicates that the opendkim milter is not running or created it's socket in the wrong directory.

Ubuntu Postfix: Mail loops back to myself and host greeted me with my own hostname

2 Answers2

Linked