Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Qmail>
  3. users
message is looping
powerman at powerman
Nov 25, 2015, 5:58 AM
Post #1 of 5 (1854 views)
Permalink
Hi!

I've issue with secondary MX server: when primary MX is not available all
emails bounced in a couple of seconds because of sending them again and
again from that secondary MX to itself.

I suppose problem is qmail don't understand this is it's own (local) IP
and tries to deliver email to (as it thinks) another MX.

This server has many (8) network interfaces (lo, 4 network cards, 3
openvpn tun devices). First network card has about 122 IP addresses
assigned. Qmail is running on just one of these 122 IP addresses, but
it's not the first one - this IP is actually somewhere in the middle.
I'm using netqmail-1.06 with extra outgoingips patch.

The setup is like this (problem is when sending to user@target.domain.host):

# dnsmx target.domain.host
1 b.mx.target.domain.host
0 a.mx.target.domain.host

# dnsip a.mx.target.domain.host
(some other IP, not reachable right now)

# dnsip b.mx.target.domain.host
1.2.3.66

# grep TCPSERVER_HOST conf-common
TCPSERVER_HOST=1.2.3.66

# cat locals
localhost
127.0.0.1
this.secondary.mx.host

# cat me
this.secondary.mx.host

# cat outgoingips
:1.2.3.66
this.secondary.mx.host:1.2.3.66

# cat rcpthosts
localhost
127.0.0.1
this.secondary.mx.host
target.domain.host

I've found this thread
http://www.gossamer-threads.com/lists/qmail/users/73878 - is it make sense
to try qmail-1.03-moreipme.patch (btw, it's url is not available)?

--
WBR, Alex.
Re: message is looping [ In reply to ]
feh at fehcom
Nov 25, 2015, 6:30 AM
Post #2 of 5 (1824 views)
Permalink
Hi Alex,

you do have a complex setting ....

When you say : "qmail ist running on just one ..." you refer to qmail-smtpd ??

Did you check /var/qmail/bin/ipmeprint ? What does it say ?

The moripme patch deals with those situations, qmail initially does not recognize all IP addresses; which seems not to be your case.

However, I can send you the patch if you wish.

regards.
--eh.


Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de <http://www.fehcom.de/> | PGP Key-Id: EE00CF65





> Am 25.11.2015 um 14:58 schrieb Alex Efros <powerman@powerman.name>:
>
> Hi!
>
> I've issue with secondary MX server: when primary MX is not available all
> emails bounced in a couple of seconds because of sending them again and
> again from that secondary MX to itself.
>
> I suppose problem is qmail don't understand this is it's own (local) IP
> and tries to deliver email to (as it thinks) another MX.
>
> This server has many (8) network interfaces (lo, 4 network cards, 3
> openvpn tun devices). First network card has about 122 IP addresses
> assigned. Qmail is running on just one of these 122 IP addresses, but
> it's not the first one - this IP is actually somewhere in the middle.
> I'm using netqmail-1.06 with extra outgoingips patch.
>
> The setup is like this (problem is when sending to user@target.domain.host):
>
> # dnsmx target.domain.host
> 1 b.mx.target.domain.host
> 0 a.mx.target.domain.host
>
> # dnsip a.mx.target.domain.host
> (some other IP, not reachable right now)
>
> # dnsip b.mx.target.domain.host
> 1.2.3.66
>
> # grep TCPSERVER_HOST conf-common
> TCPSERVER_HOST=1.2.3.66
>
> # cat locals
> localhost
> 127.0.0.1
> this.secondary.mx.host
>
> # cat me
> this.secondary.mx.host
>
> # cat outgoingips
> :1.2.3.66
> this.secondary.mx.host:1.2.3.66
>
> # cat rcpthosts
> localhost
> 127.0.0.1
> this.secondary.mx.host
> target.domain.host
>
> I've found this thread
> http://www.gossamer-threads.com/lists/qmail/users/73878 - is it make sense
> to try qmail-1.03-moreipme.patch (btw, it's url is not available)?
>
> --
> WBR, Alex.
>

Attached Files:

Re: message is looping [ In reply to ]
powerman at powerman
Nov 25, 2015, 6:41 AM
Post #3 of 5 (1821 views)
Permalink
Hi!

On Wed, Nov 25, 2015 at 03:30:48PM +0100, Erwin Hoffmann wrote:
> When you say : "qmail ist running on just one ..." you refer to qmail-smtpd ??

I've set TCPSERVER_HOST in conf-common, so I suppose it affects
everything, not just qmail-smtpd (netstat show qmail-pop3d over ssl also
bind to this IP).

> Did you check /var/qmail/bin/ipmeprint ? What does it say ?

I don't have this tool, somehow it wasn't installed (I'll report this to
Gentoo maintainers). Anyway, I've built it from source, and it prints this:

/var/tmp/portage/mail-mta/netqmail-1.06-r2/work/netqmail-1.06 # ./ipmeprint

0.0.0.0
127.0.0.1
1.2.3.4
1.2.3.4
1.2.3.4
...
1.2.3.4
1.2.3.4
1.2.3.4 (122 times same _FIRST_ IP on 1st network card)
10.10.20.1 (this is IP on 2nd network card)
10.100.200.102 (this is IP on tun2)
10.100.200.100 (this is IP on tun0)
10.100.200.101 (this is IP on tun1)

So looks like instead of IPs 1.2.3.4-1.2.3.126 on 1st network card qmail
thinks all these IP are the same IP 1.2.3.4. Is it possible to fix this?

--
WBR, Alex.
Re: message is looping [ In reply to ]
feh at fehcom
Nov 25, 2015, 7:00 AM
Post #4 of 5 (1823 views)
Permalink
Hi once more,



> Am 25.11.2015 um 15:41 schrieb Alex Efros <powerman@powerman.name>:
>
> Hi!
>
> On Wed, Nov 25, 2015 at 03:30:48PM +0100, Erwin Hoffmann wrote:
>> When you say : "qmail ist running on just one ..." you refer to qmail-smtpd ??
>
> I've set TCPSERVER_HOST in conf-common, so I suppose it affects
> everything, not just qmail-smtpd (netstat show qmail-pop3d over ssl also
> bind to this IP).

I'm not familiar with 'conf-common' but this effects only the servers.

>
>> Did you check /var/qmail/bin/ipmeprint ? What does it say ?
>
> I don't have this tool, somehow it wasn't installed (I'll report this to
> Gentoo maintainers). Anyway, I've built it from source, and it prints this:
>

Yupp. ipmeprint is largely outdated. I fixed it in my s/qmail....

> /var/tmp/portage/mail-mta/netqmail-1.06-r2/work/netqmail-1.06 # ./ipmeprint
>
> 0.0.0.0
> 127.0.0.1
> 1.2.3.4
> 1.2.3.4
> 1.2.3.4
> ...
> 1.2.3.4
> 1.2.3.4
> 1.2.3.4 (122 times same _FIRST_ IP on 1st network card)

Hm. This may be a case of the problem. But I'm not sure whether this is an artifact of ipmeprint.


> 10.10.20.1 (this is IP on 2nd network card)
> 10.100.200.102 (this is IP on tun2)
> 10.100.200.100 (this is IP on tun0)
> 10.100.200.101 (this is IP on tun1)
>
> So looks like instead of IPs 1.2.3.4-1.2.3.126 on 1st network card qmail
> thinks all these IP are the same IP 1.2.3.4. Is it possible to fix this?

Dunno know. Do you have some firewall iprules in effect ? First check this.

May it's time to check for my s/qmail.

regards.
--eh.

>
> --
> WBR, Alex.
>

Dr. Erwin Hoffmann | FEHCom | http://www.fehcom.de <http://www.fehcom.de/> | PGP Key-Id: EE00CF65

Attached Files:

Re: message is looping [ In reply to ]
powerman at powerman
Nov 26, 2015, 6:15 AM
Post #5 of 5 (1810 views)
Permalink
Hi!

On Wed, Nov 25, 2015 at 04:00:07PM +0100, Erwin Hoffmann wrote:
> Dunno know. Do you have some firewall iprules in effect ? First check this.

A lot, but I don't think my firewall rules may prevent qmail detecting
local IP addresses on interfaces.

The qmail-1.03-moreipme.patch solved (actually, worked around) this issue.

--
WBR, Alex.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal