Marco Shmerykowsky PE
2019-Feb-25 21:39 UTC
[Samba] Samba AD Internal DNS, Postfix & Email Relay
On 2/25/2019 3:36 AM, L.P.H. van Belle via samba wrote:> Hai Marco, > > For you own domains, dont point postfix to your internal DNS only, > if done wrong you might miss dns info on the wan side and thats mostlikely your error .Likely. Here is the error (ignore the ip's - messed them up for this response): Feb 25 16:22:10 sce252 postfix/smtp[3114]: 0D1E86E3A6D: to=<marco at sce-engineers.com>, orig_to=<root>, relay=mail.panix.com[1 6.8.1.8]:587, delay=317791, delays=317743/0.02/48/0.1, dsn=4.1.8, status=deferred (host mail.xxxx.com[6.4.1.9] said: 450 4.1.8 <root at sce252.internal.company.com>: Sender address rejected: Domain not found (in reply to RCPT TO comm and))> > Setup a caching DNS and setup a forward zone to internal.domain.tld and domain.tld. ( internet dns ) > That makes sure that you dont break DKIM/DMARC/SPF/TLSA on the internet side.UGH..... Another thing to learn :(> > > Greetz, > > Louis > > >> -----Oorspronkelijk bericht----- >> Van: samba [mailto:samba-bounces at lists.samba.org] Namens >> Marco Shmerykowsky via samba >> Verzonden: zondag 24 februari 2019 23:59 >> Aan: samba at lists.samba.org >> Onderwerp: [Samba] Samba AD Internal DNS, Postfix & Email Relay >> >> >> Is there an extra step which must be taken to get postfix >> to deliver email via a relay host when the postfix machine >> is pointing to an samba internal DNS? >> >> I did a test setup using a public DNS server and it worked. >> Same setup where the machine (Debian 9) is pointing to a >> samba DNS doesn't work. The errors in the postfix log >> seem to be DNS related. >> >> Thanks, >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> >> > >
Am 25.02.19 um 22:39 schrieb Marco Shmerykowsky PE via samba:> On 2/25/2019 3:36 AM, L.P.H. van Belle via samba wrote: >> Hai Marco, >> >> For you own domains, dont point postfix to your internal DNS only, >> if done wrong you might miss dns info on the wan side and thats >> mostlikely your error . > > Likely. Here is the error (ignore the ip's - messed them > up for this response): > > Feb 25 16:22:10 sce252 postfix/smtp[3114]: 0D1E86E3A6D: > to=<marco at sce-engineers.com>, orig_to=<root>, relay=mail.panix.com[1 > 6.8.1.8]:587, delay=317791, delays=317743/0.02/48/0.1, dsn=4.1.8, > status=deferred (host mail.xxxx.com[6.4.1.9] said: > 450 4.1.8 <root at sce252.internal.company.com>: Sender address > rejected: Domain not found (in reply to RCPT TO comm > andthere is no error when you configure http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain you get what you asked for and since at this point @sce252.internal.company.com is not found the message is *temporary* rejected with 450 either order postfix to get started later so that dns lookups are working or remove that option
Marco Shmerykowsky PE
2019-Feb-26 16:15 UTC
[Samba] Samba AD Internal DNS, Postfix & Email Relay
That parameter isn't defined in my main.cf file. Is I add it and leave it blank. It still doesn't work. On 2/25/2019 11:41 PM, Reindl Harald wrote:> > > Am 25.02.19 um 22:39 schrieb Marco Shmerykowsky PE via samba: >> On 2/25/2019 3:36 AM, L.P.H. van Belle via samba wrote: >>> Hai Marco, >>> >>> For you own domains, dont point postfix to your internal DNS only, >>> if done wrong you might miss dns info on the wan side and thats >>> mostlikely your error . >> >> Likely. Here is the error (ignore the ip's - messed them >> up for this response): >> >> Feb 25 16:22:10 sce252 postfix/smtp[3114]: 0D1E86E3A6D: >> to=<marco at sce-engineers.com>, orig_to=<root>, relay=mail.panix.com[1 >> 6.8.1.8]:587, delay=317791, delays=317743/0.02/48/0.1, dsn=4.1.8, >> status=deferred (host mail.xxxx.com[6.4.1.9] said: >> 450 4.1.8 <root at sce252.internal.company.com>: Sender address >> rejected: Domain not found (in reply to RCPT TO comm >> and > there is no error > > when you configure > http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain you > get what you asked for and since at this point > @sce252.internal.company.com is not found the message is *temporary* > rejected with 450 > > either order postfix to get started later so that dns lookups are > working or remove that option >