[Gelöst] Rückfrage bei Smarthost bei eingehender Verbindung?

Debian macht sich hervorragend als Web- und Mailserver. Schau auch in den " Tipps und Tricks"-Bereich.
Antworten
Benutzeravatar
Knorkator
Beiträge: 55
Registriert: 11.10.2004 13:00:19

[Gelöst] Rückfrage bei Smarthost bei eingehender Verbindung?

Beitrag von Knorkator » 11.03.2024 08:00:52

Hallo zusammen,

während der Verarbeitung von >>> Start Client Host Restrictions <<< scheint mein Server eine Rückfrage bei dem Smarthost meines Providers zu stellen.
Es sieht ja so aus, als ob Postfix eine Absenderprüfung durchführen würde.
Eine Prüfung, ob xing.com existiert, würde ich ja noch verstehen, aber dafür muss er doch nicht den Smarthost kontaktieren, oder?
Ich finde die Ursache dafür nicht und habe Sorge, dass ich hier einen Fehler in der Konfiguration habe.

Wäre schön, wenn hier jemand einen Hinweis für mich hätte.

--- EDIT---
Ich hatte hier Fehler im Bereich smtpd_client_restrictions.
Diese habe ich korrigiert und einen neuen Auszug von main.cf und mail.log in meiner (gleich kommenden) Antwort unten
Bitte zum nächsten Beitrag springen.
:)
-----------


Hier ist ein Auszug aus meiner main.cf

Code: Alles auswählen

smtpd_client_restrictions = permit_mynetworks,
 reject_unauth_pipelining,
 reject_non_fqdn_helo_hostname,
 reject_invalid_helo_hostname,
 reject_non_fqdn_recipient,
 reject_non_fqdn_sender,
 reject_invalid_hostname,
 reject_unknown_client,
 reject_unknown_client_hostname,
 reject_unknown_hostname,
 reject_unknown_sender_domain,
 reject_unknown_recipient_domain,
 check_client_access hash:/etc/postfix/pf_rbl_override,
 reject_rbl_client 1234567890.zen.dq.spamhaus.net=127.0.0.[2..11],
 reject_rhsbl_sender 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99],
 reject_rhsbl_helo 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99],
 reject_rhsbl_reverse_client 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99],
 reject_rhsbl_sender 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24],
 reject_rhsbl_helo 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24],
 reject_rhsbl_reverse_client 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24]
Hier der Auszug aus der Logdatei den ich meine:

Code: Alles auswählen

2024-03-11T07:34:51.056658+01:00 postfixserver postfix/smtpd[476169]: resolve_clnt: `max.mustermann@musterdomain.tld' -> `mailrobot@mail.xing.com' -> transp=`smtp' host=`[smtp.strato.de]:587' rcpt=`mailrobot@mail.xing.com' flags= class=default
Der Komplette Client Host Restrictions Auszug:

Code: Alles auswählen

2024-03-11T07:34:51.051288+01:00 postfixserver postfix/smtpd[476169]: >>> START Client host RESTRICTIONS <<<
2024-03-11T07:34:51.051333+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=permit_mynetworks
2024-03-11T07:34:51.051379+01:00 postfixserver postfix/smtpd[476169]: permit_mynetworks: mailout1-109.xing.com 109.233.158.109
2024-03-11T07:34:51.051425+01:00 postfixserver postfix/smtpd[476169]: match_hostname: mynetworks: mailout1-109.xing.com ~? 127.0.0.1/32
2024-03-11T07:34:51.051538+01:00 postfixserver postfix/smtpd[476169]: match_hostaddr: mynetworks: 109.233.158.109 ~? 127.0.0.1/32
2024-03-11T07:34:51.051677+01:00 postfixserver postfix/smtpd[476169]: match_hostname: mynetworks: mailout1-109.xing.com ~? 192.168.250.13/32
2024-03-11T07:34:51.051750+01:00 postfixserver postfix/smtpd[476169]: match_hostaddr: mynetworks: 109.233.158.109 ~? 192.168.250.13/32
2024-03-11T07:34:51.051853+01:00 postfixserver postfix/smtpd[476169]: match_list_match: mailout1-109.xing.com: no match
2024-03-11T07:34:51.051915+01:00 postfixserver postfix/smtpd[476169]: match_list_match: 109.233.158.109: no match
2024-03-11T07:34:51.051971+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=permit_mynetworks status=0
2024-03-11T07:34:51.052077+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unauth_pipelining
2024-03-11T07:34:51.052169+01:00 postfixserver postfix/smtpd[476169]: reject_unauth_pipelining: RCPT
2024-03-11T07:34:51.052283+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unauth_pipelining status=0
2024-03-11T07:34:51.052362+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_non_fqdn_helo_hostname
2024-03-11T07:34:51.052442+01:00 postfixserver postfix/smtpd[476169]: reject_non_fqdn_hostname: mailout1-109.xing.com
2024-03-11T07:34:51.052560+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_non_fqdn_helo_hostname status=0
2024-03-11T07:34:51.052637+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_invalid_helo_hostname
2024-03-11T07:34:51.052704+01:00 postfixserver postfix/smtpd[476169]: reject_invalid_hostname: mailout1-109.xing.com
2024-03-11T07:34:51.052765+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_invalid_helo_hostname status=0
2024-03-11T07:34:51.052822+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_non_fqdn_recipient
2024-03-11T07:34:51.052898+01:00 postfixserver postfix/smtpd[476169]: reject_non_fqdn_address: max.mustermann@musterdomain.tld
2024-03-11T07:34:51.052966+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_non_fqdn_recipient status=0
2024-03-11T07:34:51.053053+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_non_fqdn_sender
2024-03-11T07:34:51.053110+01:00 postfixserver postfix/smtpd[476169]: reject_non_fqdn_address: mailrobot@mail.xing.com
2024-03-11T07:34:51.053195+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_non_fqdn_sender status=0
2024-03-11T07:34:51.053260+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_invalid_hostname
2024-03-11T07:34:51.053310+01:00 postfixserver postfix/smtpd[476169]: reject_invalid_hostname: mailout1-109.xing.com
2024-03-11T07:34:51.053350+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_invalid_hostname status=0
2024-03-11T07:34:51.053392+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_client
2024-03-11T07:34:51.053438+01:00 postfixserver postfix/smtpd[476169]: reject_unknown_client: mailout1-109.xing.com 109.233.158.109
2024-03-11T07:34:51.053495+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_client status=0
2024-03-11T07:34:51.053544+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_client_hostname
2024-03-11T07:34:51.053591+01:00 postfixserver postfix/smtpd[476169]: reject_unknown_client: mailout1-109.xing.com 109.233.158.109
2024-03-11T07:34:51.053744+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_client_hostname status=0
2024-03-11T07:34:51.053794+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_hostname
2024-03-11T07:34:51.053839+01:00 postfixserver postfix/smtpd[476169]: reject_unknown_hostname: mailout1-109.xing.com
2024-03-11T07:34:51.053931+01:00 postfixserver postfix/smtpd[476169]: lookup mailout1-109.xing.com type A flags
2024-03-11T07:34:51.053990+01:00 postfixserver postfix/smtpd[476169]: dns_query: mailout1-109.xing.com (A): OK
2024-03-11T07:34:51.054033+01:00 postfixserver postfix/smtpd[476169]: dns_query: reply len=55 ancount=1 nscount=0
2024-03-11T07:34:51.054083+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type A for mailout1-109.xing.com
2024-03-11T07:34:51.054130+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_hostname status=0
2024-03-11T07:34:51.054176+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_sender_domain
2024-03-11T07:34:51.054217+01:00 postfixserver postfix/smtpd[476169]: reject_unknown_address: mailrobot@mail.xing.com
2024-03-11T07:34:51.054266+01:00 postfixserver postfix/smtpd[476169]: rewrite_clnt: cached: local: max.mustermann@musterdomain.tld -> max.mustermann@musterdomain.tld
2024-03-11T07:34:51.054400+01:00 postfixserver postfix/smtpd[476169]: send attr request = rewrite
2024-03-11T07:34:51.054505+01:00 postfixserver postfix/smtpd[476169]: send attr rule = local
2024-03-11T07:34:51.054558+01:00 postfixserver postfix/smtpd[476169]: send attr address = mailrobot@mail.xing.com
2024-03-11T07:34:51.054623+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: flags
2024-03-11T07:34:51.054708+01:00 postfixserver postfix/smtpd[476169]: input attribute name: flags
2024-03-11T07:34:51.054768+01:00 postfixserver postfix/smtpd[476169]: input attribute value: 0
2024-03-11T07:34:51.054840+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: address
2024-03-11T07:34:51.054891+01:00 postfixserver postfix/smtpd[476169]: input attribute name: address
2024-03-11T07:34:51.054976+01:00 postfixserver postfix/smtpd[476169]: input attribute value: mailrobot@mail.xing.com
2024-03-11T07:34:51.055026+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: (list terminator)
2024-03-11T07:34:51.055070+01:00 postfixserver postfix/smtpd[476169]: input attribute name: (end)
2024-03-11T07:34:51.055106+01:00 postfixserver postfix/smtpd[476169]: rewrite_clnt: local: mailrobot@mail.xing.com -> mailrobot@mail.xing.com
2024-03-11T07:34:51.055153+01:00 postfixserver postfix/smtpd[476169]: send attr request = resolve
2024-03-11T07:34:51.055194+01:00 postfixserver postfix/smtpd[476169]: send attr sender = max.mustermann@musterdomain.tld
2024-03-11T07:34:51.055243+01:00 postfixserver postfix/smtpd[476169]: send attr address = mailrobot@mail.xing.com
2024-03-11T07:34:51.055344+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: flags
2024-03-11T07:34:51.055394+01:00 postfixserver postfix/smtpd[476169]: input attribute name: flags
2024-03-11T07:34:51.055476+01:00 postfixserver postfix/smtpd[476169]: input attribute value: 0
2024-03-11T07:34:51.055527+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: transport
2024-03-11T07:34:51.055621+01:00 postfixserver postfix/smtpd[476169]: input attribute name: transport
2024-03-11T07:34:51.055687+01:00 postfixserver postfix/smtpd[476169]: input attribute value: smtp
2024-03-11T07:34:51.055785+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: nexthop
2024-03-11T07:34:51.055918+01:00 postfixserver postfix/smtpd[476169]: input attribute name: nexthop
2024-03-11T07:34:51.055975+01:00 postfixserver postfix/smtpd[476169]: input attribute value: [smtp.strato.de]:587
2024-03-11T07:34:51.056103+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: recipient
2024-03-11T07:34:51.056174+01:00 postfixserver postfix/smtpd[476169]: input attribute name: recipient
2024-03-11T07:34:51.056235+01:00 postfixserver postfix/smtpd[476169]: input attribute value: mailrobot@mail.xing.com
2024-03-11T07:34:51.056297+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: flags
2024-03-11T07:34:51.056356+01:00 postfixserver postfix/smtpd[476169]: input attribute name: flags
2024-03-11T07:34:51.056435+01:00 postfixserver postfix/smtpd[476169]: input attribute value: 4096
2024-03-11T07:34:51.056507+01:00 postfixserver postfix/smtpd[476169]: private/rewrite socket: wanted attribute: (list terminator)
2024-03-11T07:34:51.056577+01:00 postfixserver postfix/smtpd[476169]: input attribute name: (end)
2024-03-11T07:34:51.056658+01:00 postfixserver postfix/smtpd[476169]: resolve_clnt: `max.mustermann@musterdomain.tld' -> `mailrobot@mail.xing.com' -> transp=`smtp' host=`[smtp.strato.de]:587' rcpt=`mailrobot@mail.xing.com' flags= class=default
2024-03-11T07:34:51.056744+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key max.mustermann@musterdomain.tld?mailrobot@mail.xing.com
2024-03-11T07:34:51.056842+01:00 postfixserver postfix/smtpd[476169]: reject_unknown_mailhost: mail.xing.com
2024-03-11T07:34:51.056926+01:00 postfixserver postfix/smtpd[476169]: lookup mail.xing.com type MX flags
2024-03-11T07:34:51.180822+01:00 postfixserver postfix/smtpd[476169]: dns_query: mail.xing.com (MX): OK
2024-03-11T07:34:51.180951+01:00 postfixserver postfix/smtpd[476169]: dns_query: reply len=289 ancount=6 nscount=0
2024-03-11T07:34:51.181053+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type MX for mail.xing.com
2024-03-11T07:34:51.181160+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type MX for mail.xing.com
2024-03-11T07:34:51.181229+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type MX for mail.xing.com
2024-03-11T07:34:51.181302+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type MX for mail.xing.com
2024-03-11T07:34:51.181487+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type MX for mail.xing.com
2024-03-11T07:34:51.181531+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type MX for mail.xing.com
2024-03-11T07:34:51.181574+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_sender_domain status=0
2024-03-11T07:34:51.181621+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_recipient_domain
2024-03-11T07:34:51.181665+01:00 postfixserver postfix/smtpd[476169]: reject_unknown_address: max.mustermann@musterdomain.tld
2024-03-11T07:34:51.181770+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: move existing entry key mailrobot@mail.xing.com?max.mustermann@musterdomain.tld
2024-03-11T07:34:51.181861+01:00 postfixserver postfix/smtpd[476169]: reject_unknown_mailhost: boelling.eu
2024-03-11T07:34:51.181951+01:00 postfixserver postfix/smtpd[476169]: lookup boelling.eu type MX flags
2024-03-11T07:34:51.182017+01:00 postfixserver postfix/smtpd[476169]: dns_query: boelling.eu (MX): OK
2024-03-11T07:34:51.182104+01:00 postfixserver postfix/smtpd[476169]: dns_query: reply len=64 ancount=1 nscount=0
2024-03-11T07:34:51.182196+01:00 postfixserver postfix/smtpd[476169]: dns_get_answer: type MX for boelling.eu
2024-03-11T07:34:51.182276+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_unknown_recipient_domain status=0
2024-03-11T07:34:51.182355+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=check_client_access
2024-03-11T07:34:51.182410+01:00 postfixserver postfix/smtpd[476169]: check_namadr_access: name mailout1-109.xing.com addr 109.233.158.109
2024-03-11T07:34:51.182511+01:00 postfixserver postfix/smtpd[476169]: check_domain_access: mailout1-109.xing.com
2024-03-11T07:34:51.182590+01:00 postfixserver postfix/smtpd[476169]: maps_find: hash:/etc/postfix/pf_rbl_override: mailout1-109.xing.com: not found
2024-03-11T07:34:51.182640+01:00 postfixserver postfix/smtpd[476169]: maps_find: hash:/etc/postfix/pf_rbl_override: xing.com: not found
2024-03-11T07:34:51.182718+01:00 postfixserver postfix/smtpd[476169]: maps_find: hash:/etc/postfix/pf_rbl_override: com: not found
2024-03-11T07:34:51.182783+01:00 postfixserver postfix/smtpd[476169]: check_addr_access: 109.233.158.109
2024-03-11T07:34:51.182831+01:00 postfixserver postfix/smtpd[476169]: maps_find: hash:/etc/postfix/pf_rbl_override: 109.233.158.109: not found
2024-03-11T07:34:51.182878+01:00 postfixserver postfix/smtpd[476169]: maps_find: hash:/etc/postfix/pf_rbl_override: 109.233.158: not found
2024-03-11T07:34:51.182920+01:00 postfixserver postfix/smtpd[476169]: maps_find: hash:/etc/postfix/pf_rbl_override: 109.233: not found
2024-03-11T07:34:51.182969+01:00 postfixserver postfix/smtpd[476169]: maps_find: hash:/etc/postfix/pf_rbl_override: 109: not found
2024-03-11T07:34:51.183007+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=check_client_access status=0
2024-03-11T07:34:51.183055+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rbl_client
2024-03-11T07:34:51.183103+01:00 postfixserver postfix/smtpd[476169]: reject_rbl_addr: Client host 109.233.158.109
2024-03-11T07:34:51.200001+01:00 postfixserver postfix/smtpd[476169]: dns_query: 109.158.233.109.rcizrxd5vdop3havjtsvuhwray.zen.dq.spamhaus.net (A): Host not found
2024-03-11T07:34:51.200138+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key 109.158.233.109.rcizrxd5vdop3havjtsvuhwray.zen.dq.spamhaus.net
2024-03-11T07:34:51.200237+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key 127.0.0.[2..11]
2024-03-11T07:34:51.200339+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rbl_client status=0
2024-03-11T07:34:51.200463+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_sender
2024-03-11T07:34:51.200566+01:00 postfixserver postfix/smtpd[476169]: reject_rbl_domain: 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99] mailrobot@mail.xing.com
2024-03-11T07:34:51.225115+01:00 postfixserver postfix/smtpd[476169]: dns_query: mail.xing.com.1234567890.dbl.dq.spamhaus.net (A): Host not found
2024-03-11T07:34:51.225281+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key mail.xing.com.1234567890.dbl.dq.spamhaus.net
2024-03-11T07:34:51.225330+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key 127.0.1.[2..99]
2024-03-11T07:34:51.225422+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_sender status=0
2024-03-11T07:34:51.225491+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_helo
2024-03-11T07:34:51.225577+01:00 postfixserver postfix/smtpd[476169]: reject_rbl_domain: 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99] mailout1-109.xing.com
2024-03-11T07:34:51.237881+01:00 postfixserver postfix/smtpd[476169]: dns_query: mailout1-109.xing.com.1234567890.dbl.dq.spamhaus.net (A): Host not found
2024-03-11T07:34:51.238058+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key mailout1-109.xing.com.1234567890.dbl.dq.spamhaus.net
2024-03-11T07:34:51.238164+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: leave existing entry key 127.0.1.[2..99]
2024-03-11T07:34:51.238279+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_helo status=0
2024-03-11T07:34:51.238391+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_reverse_client
2024-03-11T07:34:51.238506+01:00 postfixserver postfix/smtpd[476169]: reject_rbl_domain: 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99] mailout1-109.xing.com
2024-03-11T07:34:51.238612+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: leave existing entry key mailout1-109.xing.com.1234567890.dbl.dq.spamhaus.net
2024-03-11T07:34:51.238677+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: leave existing entry key 127.0.1.[2..99]
2024-03-11T07:34:51.238760+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_reverse_client status=0
2024-03-11T07:34:51.238904+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_sender
2024-03-11T07:34:51.238995+01:00 postfixserver postfix/smtpd[476169]: reject_rbl_domain: 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24] mailrobot@mail.xing.com
2024-03-11T07:34:51.257902+01:00 postfixserver postfix/smtpd[476169]: dns_query: mail.xing.com.1234567890.zrd.dq.spamhaus.net (A): Host not found
2024-03-11T07:34:51.258045+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key mail.xing.com.1234567890.zrd.dq.spamhaus.net
2024-03-11T07:34:51.258106+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key 127.0.2.[2..24]
2024-03-11T07:34:51.258208+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_sender status=0
2024-03-11T07:34:51.258273+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_helo
2024-03-11T07:34:51.258427+01:00 postfixserver postfix/smtpd[476169]: reject_rbl_domain: 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24] mailout1-109.xing.com
2024-03-11T07:34:51.272396+01:00 postfixserver postfix/smtpd[476169]: dns_query: mailout1-109.xing.com.1234567890.zrd.dq.spamhaus.net (A): Host not found
2024-03-11T07:34:51.272490+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: install entry key mailout1-109.xing.com.1234567890.zrd.dq.spamhaus.net
2024-03-11T07:34:51.272560+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: leave existing entry key 127.0.2.[2..24]
2024-03-11T07:34:51.272606+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_helo status=0
2024-03-11T07:34:51.272728+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_reverse_client
2024-03-11T07:34:51.272806+01:00 postfixserver postfix/smtpd[476169]: reject_rbl_domain: 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24] mailout1-109.xing.com
2024-03-11T07:34:51.272851+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: leave existing entry key mailout1-109.xing.com.1234567890.zrd.dq.spamhaus.net
2024-03-11T07:34:51.273008+01:00 postfixserver postfix/smtpd[476169]: ctable_locate: leave existing entry key 127.0.2.[2..24]
2024-03-11T07:34:51.273057+01:00 postfixserver postfix/smtpd[476169]: generic_checks: name=reject_rhsbl_reverse_client status=0
2024-03-11T07:34:51.273099+01:00 postfixserver postfix/smtpd[476169]: >>> END Client host RESTRICTIONS <<<
Vielen Dank!
Zuletzt geändert von Knorkator am 11.03.2024 16:52:59, insgesamt 1-mal geändert.
Nach oben
Benutzeravatar
Knorkator
Beiträge: 55
Registriert: 11.10.2004 13:00:19

Re: Rückfrage bei Smarthost bei eingehender Verbindung?

Beitrag von Knorkator » 11.03.2024 09:42:25

So, nachdem die Einträge in den Restrictions zu den Bereichen passen, sieht das Log schon etwas besser aus (denke ich).

Zur Vervollständigung habe ich hier einen Auszug aus der main.cf.
Freue mich über jeden Kommentar dazu.

Code: Alles auswählen

smtpd_client_restrictions = permit_mynetworks,
 sleep 1,
 reject_unauth_pipelining,
 reject_unknown_client_hostname,
 reject_unknown_reverse_client_hostname,
 check_client_access hash:/etc/postfix/pf_rbl_override,
 reject_rbl_client 1234567890.zen.dq.spamhaus.net=127.0.0.[2..11],
 reject_rhsbl_reverse_client 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24]
 
 
 smtpd_helo_restrictions = permit_mynetworks,
 check_helo_access hash:/etc/postfix/pf_helo_access,
 check_helo_a_access hash:/etc/postfix/pf_helo_a_access,
 reject_invalid_helo_hostname,
 reject_non_fqdn_helo_hostname,
 reject_unknown_helo_hostname,
 reject_rhsbl_helo 1234567890.zrd.dq.spamhaus.net=127.0.2.[2..24],
 reject_rhsbl_helo 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99]

smtpd_sender_restrictions = permit_mynetworks,
 check_sender_access hash:/etc/postfix/pf_sender_access,
 check_sender_a_access hash:/etc/postfix/pf_sender_a_access,
 reject_non_fqdn_sender,
 reject_unknown_sender_domain,
 reject_rhsbl_sender 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99]

smtpd_recipient_restrictions = permit_mynetworks,
 check_recipient_access hash:/etc/postfix/pf_relay_blocked_recipients,
 reject_non_fqdn_recipient,
 reject_unauth_destination,
 reject_unknown_recipient_domain
Im Log erscheint Strato nun vor den Client Host Restrictions.
Ich gehe nicht davon aus, dass hier schon aktiv in Richtung Strato gefragt wird.
Aber der Punkt nexthop verwirrt mich etwas.
Nexthop sollte hier eher das System hinter dem Postfix sein (Exchange)

Code: Alles auswählen

2024-03-11T08:41:31.056013+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: nexthop
2024-03-11T08:41:31.056061+01:00 postfixserver postfix/smtpd[488278]: input attribute name: nexthop
2024-03-11T08:41:31.056104+01:00 postfixserver postfix/smtpd[488278]: input attribute value: [smtp.strato.de]:587
2024-03-11T08:41:31.056148+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: recipient
2024-03-11T08:41:31.056199+01:00 postfixserver postfix/smtpd[488278]: input attribute name: recipient
2024-03-11T08:41:31.056245+01:00 postfixserver postfix/smtpd[488278]: input attribute value: sender.address@domain.tld
2024-03-11T08:41:31.056288+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: flags
2024-03-11T08:41:31.056330+01:00 postfixserver postfix/smtpd[488278]: input attribute name: flags
2024-03-11T08:41:31.056374+01:00 postfixserver postfix/smtpd[488278]: input attribute value: 4096
2024-03-11T08:41:31.056419+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: (list terminator)
2024-03-11T08:41:31.056465+01:00 postfixserver postfix/smtpd[488278]: input attribute name: (end)
2024-03-11T08:41:31.056507+01:00 postfixserver postfix/smtpd[488278]: resolve_clnt: `' -> `sender.address@domain.tld' -> transp=`smtp' host=`[smtp.strato.de]:587' rcpt=`sender.address@domain.tld' flags= class=default
2024-03-11T08:41:31.056554+01:00 postfixserver postfix/smtpd[488278]: ctable_locate: install entry key ?sender.address@domain.tld
2024-03-11T08:41:31.056604+01:00 postfixserver postfix/smtpd[488278]: extract_addr: in: <sender.address@domain.tld>, result: sender.address@domain.tld
2024-03-11T08:41:31.056651+01:00 postfixserver postfix/smtpd[488278]: send attr request = rewrite
2024-03-11T08:41:31.056696+01:00 postfixserver postfix/smtpd[488278]: send attr rule = local
Das nächste mal erscheint smtp.strato.de im Bereich der Sender Restrictions.
Warum erscheint stmp.strato.de dort?
Fragt der Server dort wirklich an?

Code: Alles auswählen

2024-03-11T08:41:32.152472+01:00 postfixserver postfix/smtpd[488278]: >>> START Sender address RESTRICTIONS <<<
2024-03-11T08:41:32.152519+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=permit_mynetworks
2024-03-11T08:41:32.152560+01:00 postfixserver postfix/smtpd[488278]: permit_mynetworks: sende-ip.outlook.com 40.107.135.120
2024-03-11T08:41:32.152608+01:00 postfixserver postfix/smtpd[488278]: match_hostname: mynetworks: sende-ip.outlook.com ~? 127.0.0.1/32
2024-03-11T08:41:32.152650+01:00 postfixserver postfix/smtpd[488278]: match_hostaddr: mynetworks: 40.107.135.120 ~? 127.0.0.1/32
2024-03-11T08:41:32.152689+01:00 postfixserver postfix/smtpd[488278]: match_hostname: mynetworks: sende-ip.outlook.com ~? 192.168.250.13/32
2024-03-11T08:41:32.152732+01:00 postfixserver postfix/smtpd[488278]: match_hostaddr: mynetworks: 40.107.135.120 ~? 192.168.250.13/32
2024-03-11T08:41:32.152776+01:00 postfixserver postfix/smtpd[488278]: match_list_match: sende-ip.outlook.com: no match
2024-03-11T08:41:32.152825+01:00 postfixserver postfix/smtpd[488278]: match_list_match: 40.107.135.120: no match
2024-03-11T08:41:32.152877+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=permit_mynetworks status=0
2024-03-11T08:41:32.152922+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=check_sender_access
2024-03-11T08:41:32.152977+01:00 postfixserver postfix/smtpd[488278]: check_mail_access: sender.address@domain.tld
2024-03-11T08:41:32.153026+01:00 postfixserver postfix/smtpd[488278]: rewrite_clnt: cached: local: max.mustermann@empfaenger.tld -> max.mustermann@empfaenger.tld
2024-03-11T08:41:32.153113+01:00 postfixserver postfix/smtpd[488278]: send attr request = rewrite
2024-03-11T08:41:32.153173+01:00 postfixserver postfix/smtpd[488278]: send attr rule = local
2024-03-11T08:41:32.153216+01:00 postfixserver postfix/smtpd[488278]: send attr address = sender.address@domain.tld
2024-03-11T08:41:32.153261+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: flags
2024-03-11T08:41:32.153309+01:00 postfixserver postfix/smtpd[488278]: input attribute name: flags
2024-03-11T08:41:32.153352+01:00 postfixserver postfix/smtpd[488278]: input attribute value: 0
2024-03-11T08:41:32.153398+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: address
2024-03-11T08:41:32.153440+01:00 postfixserver postfix/smtpd[488278]: input attribute name: address
2024-03-11T08:41:32.153480+01:00 postfixserver postfix/smtpd[488278]: input attribute value: sender.address@domain.tld
2024-03-11T08:41:32.153525+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: (list terminator)
2024-03-11T08:41:32.153570+01:00 postfixserver postfix/smtpd[488278]: input attribute name: (end)
2024-03-11T08:41:32.153609+01:00 postfixserver postfix/smtpd[488278]: rewrite_clnt: local: sender.address@domain.tld -> sender.address@domain.tld
2024-03-11T08:41:32.153648+01:00 postfixserver postfix/smtpd[488278]: send attr request = resolve
2024-03-11T08:41:32.153693+01:00 postfixserver postfix/smtpd[488278]: send attr sender = max.mustermann@empfaenger.tld
2024-03-11T08:41:32.153740+01:00 postfixserver postfix/smtpd[488278]: send attr address = sender.address@domain.tld
2024-03-11T08:41:32.153787+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: flags
2024-03-11T08:41:32.153829+01:00 postfixserver postfix/smtpd[488278]: input attribute name: flags
2024-03-11T08:41:32.153874+01:00 postfixserver postfix/smtpd[488278]: input attribute value: 0
2024-03-11T08:41:32.153917+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: transport
2024-03-11T08:41:32.153962+01:00 postfixserver postfix/smtpd[488278]: input attribute name: transport
2024-03-11T08:41:32.154005+01:00 postfixserver postfix/smtpd[488278]: input attribute value: smtp
2024-03-11T08:41:32.154052+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: nexthop
2024-03-11T08:41:32.154096+01:00 postfixserver postfix/smtpd[488278]: input attribute name: nexthop
2024-03-11T08:41:32.154141+01:00 postfixserver postfix/smtpd[488278]: input attribute value: [smtp.strato.de]:587
2024-03-11T08:41:32.154184+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: recipient
2024-03-11T08:41:32.154228+01:00 postfixserver postfix/smtpd[488278]: input attribute name: recipient
2024-03-11T08:41:32.154267+01:00 postfixserver postfix/smtpd[488278]: input attribute value: sender.address@domain.tld
2024-03-11T08:41:32.154316+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: flags
2024-03-11T08:41:32.154364+01:00 postfixserver postfix/smtpd[488278]: input attribute name: flags
2024-03-11T08:41:32.154407+01:00 postfixserver postfix/smtpd[488278]: input attribute value: 4096
2024-03-11T08:41:32.154450+01:00 postfixserver postfix/smtpd[488278]: private/rewrite socket: wanted attribute: (list terminator)
2024-03-11T08:41:32.154492+01:00 postfixserver postfix/smtpd[488278]: input attribute name: (end)
2024-03-11T08:41:32.154537+01:00 postfixserver postfix/smtpd[488278]: resolve_clnt: `max.mustermann@empfaenger.tld' -> `sender.address@domain.tld' -> transp=`smtp' host=`[smtp.strato.de]:587' rcpt=`sender.address@domain.tld' flags= class=default
2024-03-11T08:41:32.154581+01:00 postfixserver postfix/smtpd[488278]: ctable_locate: install entry key max.mustermann@empfaenger.tld?sender.address@domain.tld
2024-03-11T08:41:32.154625+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_access: sender.address@domain.tld: not found
2024-03-11T08:41:32.154675+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_access: domain.tld: not found
2024-03-11T08:41:32.154725+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_access: de: not found
2024-03-11T08:41:32.154773+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_access: sender.address@: not found
2024-03-11T08:41:32.154819+01:00 postfixserver postfix/smtpd[488278]: mail_addr_find: sender.address@domain.tld -> (not found)
2024-03-11T08:41:32.154864+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=check_sender_access status=0
2024-03-11T08:41:32.154909+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=check_sender_a_access
2024-03-11T08:41:32.154953+01:00 postfixserver postfix/smtpd[488278]: check_server_access: A sender.address@domain.tld
2024-03-11T08:41:32.155002+01:00 postfixserver postfix/smtpd[488278]: check_server_access: A hostname check: domain.tld
2024-03-11T08:41:32.168976+01:00 postfixserver postfix/smtpd[488278]: check_server_access: A host address check: domain.tld
2024-03-11T08:41:32.169098+01:00 postfixserver postfix/smtpd[488278]: check_addr_access: 151.106.64.103
2024-03-11T08:41:32.169150+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_a_access: 151.106.64.103: not found
2024-03-11T08:41:32.169201+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_a_access: 151.106.64: not found
2024-03-11T08:41:32.169261+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_a_access: 151.106: not found
2024-03-11T08:41:32.169326+01:00 postfixserver postfix/smtpd[488278]: maps_find: hash:/etc/postfix/pf_sender_a_access: 151: not found
2024-03-11T08:41:32.169382+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=check_sender_a_access status=0
2024-03-11T08:41:32.169436+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=reject_non_fqdn_sender
2024-03-11T08:41:32.169493+01:00 postfixserver postfix/smtpd[488278]: reject_non_fqdn_address: sender.address@domain.tld
2024-03-11T08:41:32.169541+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=reject_non_fqdn_sender status=0
2024-03-11T08:41:32.169591+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=reject_unknown_sender_domain
2024-03-11T08:41:32.169643+01:00 postfixserver postfix/smtpd[488278]: reject_unknown_address: sender.address@domain.tld
2024-03-11T08:41:32.169696+01:00 postfixserver postfix/smtpd[488278]: ctable_locate: leave existing entry key max.mustermann@empfaenger.tld?sender.address@domain.tld
2024-03-11T08:41:32.169745+01:00 postfixserver postfix/smtpd[488278]: reject_unknown_mailhost: domain.tld
2024-03-11T08:41:32.169804+01:00 postfixserver postfix/smtpd[488278]: lookup domain.tld type MX flags
2024-03-11T08:41:32.229022+01:00 postfixserver postfix/smtpd[488278]: dns_query: domain.tld (MX): OK
2024-03-11T08:41:32.229144+01:00 postfixserver postfix/smtpd[488278]: dns_query: reply len=162 ancount=1 nscount=0
2024-03-11T08:41:32.229257+01:00 postfixserver postfix/smtpd[488278]: dns_get_answer: type MX for domain.tld
2024-03-11T08:41:32.229312+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=reject_unknown_sender_domain status=0
2024-03-11T08:41:32.229367+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=reject_rhsbl_sender
2024-03-11T08:41:32.229419+01:00 postfixserver postfix/smtpd[488278]: reject_rbl_domain: 1234567890.dbl.dq.spamhaus.net=127.0.1.[2..99] sender.address@domain.tld
2024-03-11T08:41:32.245084+01:00 postfixserver postfix/smtpd[488278]: dns_query: domain.tld.1234567890.dbl.dq.spamhaus.net (A): Host not found
2024-03-11T08:41:32.245211+01:00 postfixserver postfix/smtpd[488278]: ctable_locate: install entry key domain.tld.1234567890.dbl.dq.spamhaus.net
2024-03-11T08:41:32.245262+01:00 postfixserver postfix/smtpd[488278]: ctable_locate: leave existing entry key 127.0.1.[2..99]
2024-03-11T08:41:32.245322+01:00 postfixserver postfix/smtpd[488278]: generic_checks: name=reject_rhsbl_sender status=0
2024-03-11T08:41:32.245364+01:00 postfixserver postfix/smtpd[488278]: >>> END Sender address RESTRICTIONS <<<
Vielen Dank!
Nach oben
mat6937
Beiträge: 3372
Registriert: 09.12.2014 10:44:00

Re: Rückfrage bei Smarthost bei eingehender Verbindung?

Beitrag von mat6937 » 11.03.2024 10:27:08

Knorkator hat geschrieben: ↑ zum Beitrag ↑
11.03.2024 09:42:25
 Warum erscheint stmp.strato.de dort?
Fragt der Server dort wirklich an?
Kannst ja danach sniffen mit z. B.:

Code: Alles auswählen

host smtp.strato.de
tcpdump -c 200 -vvveni eth0 dst host 81.169.145.133 and dst port 587
eth0 evtl. anpassen.
Debian 12.8 mit LXDE, OpenBSD 7.6 mit i3wm, FreeBSD 14.1 mit Xfce
Nach oben
Benutzeravatar
Knorkator
Beiträge: 55
Registriert: 11.10.2004 13:00:19

Re: Rückfrage bei Smarthost bei eingehender Verbindung?

Beitrag von Knorkator » 11.03.2024 16:47:32

mat6937 hat geschrieben: ↑ zum Beitrag ↑
11.03.2024 10:27:08
 Kannst ja danach sniffen mit z. B.:

Code: Alles auswählen

host smtp.strato.de
tcpdump -c 200 -vvveni eth0 dst host 81.169.145.133 and dst port 587
eth0 evtl. anpassen.
Gute Idee!
Der Postfix baut scheinbar keine Verbindung zu Strato auf.
Warum der das trotzdem in das Log schreibt.. bleibt ein Rätsel.

Antwort ich auf eine Testmail, füllt sich die Anzeige -> tcpdump macht also, was es soll.

Vielen Dank!
Nach oben
Antworten

Zurück zu „Web- und Mailserver“