[SOLVED] Postfix relaying out wrong interface

Started by utahbmxer, January 17, 2021, 06:59:27 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 17, 2021, 06:59:27 AM Last Edit: January 17, 2021, 08:16:05 AM by utahbmxer
Hi

20.7.7_1 and running postfix to relay external email to my internal Zimbra server (in case it's unavailable, etc.).  I have my only domain configured with the internal IP address (192.168.1.X).  I can see email getting deferred in the log:

Code Select
status=deferred (connect to 192.168.1.X[192.168.1.X]:25: Operation timed out)

I am able to Port-Probe and ping the host just fine from both the GUI and SSH.  So I start a packet capture and the traffic is heading out the pppoe0 interface, when it should be going out the igb0 interface which is the LAN!

Code Select
# route get 192.168.1.X
   route to: mail
destination: 192.168.1.0
       mask: 255.255.255.0
        fib: 0
  interface: [color=red]igb0[/color]
      flags: <UP,DONE,PINNED>

I'm scratching my head.
January 17, 2021, 07:41:16 AM #1
Firewall:Settings:Adcanced .. disable force gateway
January 17, 2021, 07:50:53 AM #2
any custom settings in "Listen IPs"\"Bind SMTP Client Address"?
January 17, 2021, 07:53:24 AM #3
I actually just figured this issue out, I had changed the interfaces that postfix was listening on, to the public IP that is my MX record.  I guess since it was only bound to the WAN, it wasn't able to route out the internal IP.

Now I have a new issue.  Test emails from Gmail are coming through, but I'm seeing "250 2.0.0 OK DMARC:Quarantine" in the postfix logs, and the email is not in my inbox (even though I am seeing the connections in tcpdump on my mail server).  Trying to figure out where messages are being quarantined to in Zimbra, but I'm wondering if postfix is modifying the message or something that is causing this?  Never had delivery issues.
January 17, 2021, 08:16:03 AM #4 Last Edit: January 17, 2021, 08:39:49 AM by Fright
Quotebut I'm seeing "250 2.0.0 OK DMARC:Quarantine" in the postfix logs
in which part? from gmail to postfix or from postfix to zimbra?
i think its DMARC policy on zimbra tagging message as spam and placing it to quarantine.
January 17, 2021, 08:21:36 AM #5
Yeah, it appears that my Zimbra server is rejecting it.  I think it's because I have postfix configured with the same name as my mail server as I was trying to avoid MX record changes.  I've backed out all my changes and will work on this another time.  Need to update my reverse DNS on another public IP and configure postfix with a different name.  Thanks for the help!
January 17, 2021, 08:27:45 AM #6 Last Edit: January 17, 2021, 08:37:27 AM by Fright
Quoteit appears that my Zimbra server is rejecting it
since now the postfix is the first to receive the mail, the spf\dmark checks will fail on zimbra, because zimbra will receive mail not from the servers of the sending domain, but from the postfix. Zimbra must trust the postfix decisions about passing the SPF\DMARK checks (quarantine, reject, pass or add headers on postfix)
Print
Go Up Pages1
User actions