MTA (postfix) falhando em uma retransmissão de domínio de uma configuração de domínio duplo

1

Eu quero que o MTA envie e-mails de dois domínios, problemas do mesmo servidor. O e-mail está enviando de um domínio, mas falhando do outro.

Meu servidor de aplicativos gera um e-mail smtp como mydomain.com ou mydomainother.com

O servidor de aplicativos vive em

ipv4: 1.1.1.1 ipv6: 1111:1111:...0001

e exibe páginas como mydomainother.com

De qualquer forma, ele envia para o mesmo MTA no servidor 2

mta mora em

ipv4: 1.1.1.2 ipv6: 1111:1111:...0002

Site de brochura para mydomain.com vive em ipv4: 1.1.1.3

O Mailserver para mydomain.com é outlook (não minta, eu não escolhi)

O MTA é postfix, com add-on opendkim. Ele recebe e retransmite os emails corretamente para mydomainother.com Ele falha ao retransmitir e-mails de mydomain.com com falhas no Google SPF, devolvendo-as de volta

mydomainother.com tem estas entradas de DNS:

inventryanywhere.co.uk. 14400   IN  TXT v=spf1 mx a ip4:1.1.1.1/32 ip4:1.1.1.2 ip6:1111:1111:...0002/128 ?all
dkim._domainkey.mydomainother.com.  600 IN  TXT v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt79QysuOC7QU2h0w7eKSZyptVkZkPD/zqTqmzq3ZNpqz5YmunBatGhESYea5RX51CpQHbcH0gmAN0tXvz7jCIi+2xyDyVe+Ay/EW4D72DNU+a0Ckr6lPdsS0lpNg7A8/RzDO4+m2n1E7ZrImFp+3MZz6q5pQPm5DzqOoDCTTRnQIDAQAB; s=email

(lembre-se, estes saem grandes - heres syslog:)

nginxstaff postfix/smtpd[3388]: connect from mydomainother.com[1.1.1.1]
nginxstaff postfix/smtpd[3388]: B723B3F875: client=mydomainother.com[1.1.1.1]
nginxstaff postfix/cleanup[3390]: B723B3F875: message-id=<[email protected]>
nginxstaff opendkim[3595]: B723B3F875: DKIM-Signature field added (s=mail, d=mydomainother.com)
nginxstaff postfix/qmgr[17564]: B723B3F875: from=<[email protected]>, size=602, nrcpt=1 (queue active)
nginxstaff postfix/smtpd[3388]: disconnect from mydomainother.com[1.1.1.1] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
nginxstaff postfix/smtp[3292]: B723B3F875: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[108.177.96.27]:25, delay=0.61, delays=0.11/0/0.06/0.44, dsn=2.0.0, status=sent (250 2.0.0 OK 1487950134 h61si10727491wrh.186 - gsmtp)
nginxstaff postfix/qmgr[17564]: B723B3F875: removed

o outro domínio está falhando no SPF, e aqui está o DNS que eu configurei para o domínio:

mydomain.com.   14400   IN  TXT v=spf1 ip4:181.224.128.60 mx a ip4:1.1.1.1/32 ip4:1.1.1.2 ip6:1111:1111:...0002/128 include:outlook.com ~all
mail._domainkey.mydomain.com.   600 IN  TXT v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt79QysuOC7QU2h0w7eKSZyptVkZkPD/zqTqmzq3ZNpqz5YmunBatGhESYea5RX51CpQHbcH0gmAN0tXvz7jCIi+2xyDyVe+Ay/EW4D72DNU+a0Ckr6lPdsS0lpNg7A8/RzDO4+m2n1E7ZrImFp+3MZz6q5pQPm5DzqOoDCTTRnQIDAQAB; s=email

Então, basicamente, as entradas de SPF e DNS são duplicadas para ambos os domínios, pois os e-mails serão emitidos do mesmo MTA e servidor de aplicativos. Então, por que o envio de mydomain.com faz isso:

nginxstaff postfix/smtpd[4905]: connect from mydomainother.com[1.1.1.1]
nginxstaff postfix/smtpd[4905]: 8E1C53F875: client=mydomainother.com[1.1.1.1]
nginxstaff postfix/cleanup[4908]: 8E1C53F875: message-id=<[email protected]>
nginxstaff opendkim[3595]: 8E1C53F875: DKIM-Signature field added (s=mail, d=mydomain.com)
nginxstaff postfix/qmgr[17564]: 8E1C53F875: from=<[email protected]>, size=594, nrcpt=1 (queue active)
nginxstaff postfix/smtpd[4905]: disconnect from mydomainother.com[1.1.1.1] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
nginxstaff postfix/smtp[4909]: 8E1C53F875: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[2a00:1450:4013:c03::1b]:25, 
delay=0.61, delays=0.09/0.01/0.08/0.43, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[2a00:1450:4013:c03::1b] said: 
550-5.7.1 [1111:1111:...0002] Our system has detected that 550-5.7.1 this message does not meet IPv6 sending guidelines regarding 
PTR 550-5.7.1 records and authentication. Please review 550-5.7.1  https://support.google.com/mail/?p=IPv6AuthError 
for more information 550 5.7.1 . r30si10098207wrc.146 - gsmtp (in reply to end of DATA command))
nginxstaff postfix/cleanup[4908]: 304423F878: message-id=<20170224154810.304423F878@servername>
nginxstaff postfix/qmgr[17564]: 304423F878: from=<>, size=3511, nrcpt=1 (queue active)
nginxstaff postfix/bounce[4910]: 8E1C53F875: sender non-delivery notification: 304423F878
nginxstaff postfix/qmgr[17564]: 8E1C53F875: removed
    
por David Shields 27.02.2017 / 09:51

0 respostas