Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#3 closed Problem (Fixed)

postfix is inconsistant in the way it handles the main servers.

Reported by: D Delmar Davis Owned by: D Delmar Davis
Priority: Minor PITA Milestone: Server Modernization Phase I
Component: Infrastructure Keywords: postfix
Cc: Joe

Description

Since re-installing the os on bs2020 I have not been able to get either of the main servers to masquerade outgoing mail (which is required for mail to get to gmail). Even though afik the servers are set up the same, one sends mail as kb2018 and one as bs2020.suspectdevices.com both of which needed to be added to naomi's destinations before it would relay their mail.

Change History (3)

comment:1 Changed 3 years ago by D Delmar Davis

Milestone: Server Modernization Phase 1Server Modernization Phase I

Milestone renamed

comment:2 Changed 3 years ago by D Delmar Davis

Resolution: Fixed
Status: newclosed

Fixed rewrite rules on bs2020, kb2018, and new serverdocs (herbert). All three send consistent emails which are signed using dkim.

  • last stanza of /etc/postfix/main.cf looks like this on all three hosts
    smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
    myhostname = suspectdevices.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination =
    relayhost = naomi.suspectdevices.com
    mailbox_size_limit = 0
    inet_interfaces = loopback-only
    inet_protocols = ipv4
    masquerade_domains = suspectdevices.com
    sender_canonical_maps = hash:/etc/postfix/canonical
    recipient_canonical_maps = hash:/etc/postfix/canonical
    
  • /etc/postfix/canonical looks like this
    root root@suspectdevices.com
    root@bs2020 root@suspectdevices.com
    
  • postmap /etc/postfix/canonical
  • service postfix reload
  • add herberts ip to /etc/opendkim/trusted.hosts on naomi

comment:3 Changed 3 years ago by D Delmar Davis

Also.
Apticron takes the first entry in /etc/hosts for 127.0.0.1 and uses that in its report.

z.b. 127.0.0.1

< localhost.localdomain localhost bs2020 bs2020.suspectdevices.com
> bs2020 bs2020.suspectdevices.com localhost localhost.localdomain
Last edited 3 years ago by D Delmar Davis (previous) (diff)
Note: See TracTickets for help on using tickets.