[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SMTP policy problems
I am in the process of updating my mail server. Rather than affect the
production
machine, I have been building a new machine from scratch (x86, OpenBSD
2.6 -- the
old machine is running OpenBSD 2.5).
The old machine is running zmailer-from-cvs, 31 Dec 99. The new one is
zmailer-
from-cvs, 24 Mar 99. Both the old and new machines sit on
192.168.50.0/24.
The problem is that, despite what I believe to be a correct policy
configuration,
the new zmailer will not accept inbound email:
arisia# telnet arisia smtp
Trying 192.168.50.3...
Connected to arisia.gno.org.
Escape character is '^]'.
220 arisia.gno.org ESMTP (NO UCE)(NO UBE) our local time is now Sat, 25
Mar 2000 08:49:57 -0700
helo arisia.gno.org
250 arisia.gno.org Hello arisia.gno.org
mail from:<gdr@arisia.gno.org>
553 5.4.3 For MAIL FROM address <gdr@arisia.gno.org> the policy
analysis reports DNS error with your source domain.
The same behavior is seen from another machine (eddore) on the local
network.
I know that problems can arise when files are copied from one zmailer
version
to another, so the new machine was installed from scratch, then the
following
config files edited:
smtpserver.conf ('PARAM help' changed and 'some.user.domain' line
commented)
db/aliases (identical to old server)
db/localnames (see end of this email)
db/smtppolicy.relay (see end of this email)
db/smtppolicy.src (see end of this email)
One difference between the two machines is that the new one is not yet
listed
as an MX host in the DNS, but I don't think that should matter given the
smtppolicy.relay file.
At first I thought that this might just be a problem with the current
CVS version,
so I wiped the install and reverted to zmailer 2.99.52p1, but the
behavior was
still broken.
What puzzles me is that there seems to be no real differences in
configuration
between the old machine and the new one, yet the new one rejects email.
I see
that the way the RBL is handled changed in that time period, but as far
as I
can tell, I've got it turned off (and it should be irrelevent, anyway).
Any assistance would be appreciated.
-- Devin
=========================================
Stripped of comments, the following is my smtp-policy.src file:
. relaycustomer - relaytarget -
[0.0.0.0]/0 relaycustomer - relaytarget -
_RBL0
_RBL1
_private_address message "We reject your network" rejectnet +
message "We don't accept email from this source address" rejectsource +
relaycustomer - relaytarget -
[172.16.0.0]/12 = _private_address
[192.168.0.0]/16 = _private_address
[10.0.0.0]/8 = _private_address
[192.168.50.0]/24 rejectnet - = _private_address
_our_network = _full_rights
_full_rights rejectnet - relaycustnet + relaytarget
+ = _RBL1
_localnames rejectnet - relaycustnet - localdomain + relaytarget + =
_RBL1
_relaytarget relaytarget
+ = _RBL1
_bulk_mail message "Your domain is not liked source for email"
rejectsource + message "Your IP address is not liked source for email"
rejectnet + message "This is not accepted relay target" relaytarget -
The smtp-policy.relay file:
[192.168.50.0]/24
localnames:
arisia arisia.gno.org
arisia.gno.org arisia.gno.org
eddore arisia.gno.org
eddore.gno.org arisia.gno.org
localhost arisia.gno.org
[other names snipped for brevity]
And /etc/mail.conf:
orgdomain=gno.org
hostname=arisia.$orgdomain
mydomain=arisia.gno.org
The /etc/zmailer.conf file was unmodified from the install.
--
His troops only follow him out of a sense of curiosity.