Mail Gateway flooding Mail Server with Emails from Root

pietroaretino

Active Member
Nov 15, 2019
32
4
28
39
I have a postfix/dovecot mail server setup in a container.

In front I have installed and configured Proxmox Mail Gateway as the proxy.

I am able to send & receive emails successfully to all my hosted domains and mailboxes.

My concern is that everyday my mailserver gets flooded with hundreds upon hundreds of emails between the the Proxmox Mail Gateway and the postfix mail server.

As soon as I stop and restart postfix, within minutes the server gets flooded by emails from root; I've sanitized the logs.

mailgate.mysecondomain = My Proxmox Mail Gateway (xxx.xxx.xxx.51).

I cannot find the root cause of this. Any tips, tricks or help would be much appreciated.

When I ssh as root to my mailserver and run the "mail" command it always tells me theres no emails for root and yet, look at the logs.

Code:
Nov 15 11:58:06 mail postfix/smtpd[7783]: connect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:06 mail postfix/smtpd[7783]: Anonymous TLS connection established from mailgate.myseconddomain[xxx.xxx.xxx.51]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 15 11:58:06 mail postfix/smtpd[7783]: E8A84A00F9: client=mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:06 mail postfix/cleanup[7784]: E8A84A00F9: message-id=<20191115145108.A7893A005B@mail.myprimarydomain>
Nov 15 11:58:07 mail postfix/qmgr[7755]: E8A84A00F9: from=<root@mail.myprimarydomain>, size=70225, nrcpt=1 (queue active)
Nov 15 11:58:07 mail postfix/smtpd[7783]: disconnect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/smtp[7785]: Host offered STARTTLS: [mailgate.myseconddomain]
Nov 15 11:58:07 mail postfix/smtp[7785]: E8A84A00F9: to=<root@mail.myprimarydomain>, relay=mailgate.myseconddomain[xxx.xxx.xxx.51]:26, delay=0.1, delays=0.08/0/0.01/0.01, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 063DD440C7)
Nov 15 11:58:07 mail postfix/qmgr[7755]: E8A84A00F9: removed
Nov 15 11:58:07 mail postfix/smtpd[7783]: connect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/smtpd[7783]: Anonymous TLS connection established from mailgate.myseconddomain[xxx.xxx.xxx.51]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 15 11:58:07 mail postfix/smtpd[7783]: 199B5A00F9: client=mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/cleanup[7784]: 199B5A00F9: message-id=<20191115145108.A7893A005B@mail.myprimarydomain>
Nov 15 11:58:07 mail postfix/qmgr[7755]: 199B5A00F9: from=<root@mail.myprimarydomain>, size=70189, nrcpt=1 (queue active)
Nov 15 11:58:07 mail postfix/smtpd[7783]: disconnect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/smtp[7785]: Host offered STARTTLS: [mailgate.myseconddomain]
Nov 15 11:58:07 mail postfix/smtp[7785]: 199B5A00F9: to=<root@mail.myprimarydomain>, relay=mailgate.myseconddomain[xxx.xxx.xxx.51]:26, delay=0.03, delays=0.01/0/0/0.01, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 1A1A943F0A)
Nov 15 11:58:07 mail postfix/qmgr[7755]: 199B5A00F9: removed
Nov 15 11:58:07 mail postfix/smtpd[7783]: connect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/smtpd[7783]: Anonymous TLS connection established from mailgate.myseconddomain[xxx.xxx.xxx.51]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 15 11:58:07 mail postfix/smtpd[7783]: 89F07A00F9: client=mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/cleanup[7784]: 89F07A00F9: message-id=<20191115145108.A7893A005B@mail.myprimarydomain>
Nov 15 11:58:07 mail postfix/qmgr[7755]: 89F07A00F9: from=<root@mail.myprimarydomain>, size=70227, nrcpt=1 (queue active)
Nov 15 11:58:07 mail postfix/smtpd[7783]: disconnect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/smtpd[7783]: connect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/smtpd[7783]: Anonymous TLS connection established from mailgate.myseconddomain[xxx.xxx.xxx.51]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 15 11:58:07 mail postfix/smtp[7785]: Host offered STARTTLS: [mailgate.myseconddomain]
Nov 15 11:58:07 mail postfix/smtp[7785]: 89F07A00F9: to=<root@mail.myprimarydomain>, relay=mailgate.myseconddomain[xxx.xxx.xxx.51]:26, delay=0.03, delays=0.01/0/0.01/0.01, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 8AF56440C6)
Nov 15 11:58:07 mail postfix/qmgr[7755]: 89F07A00F9: removed
Nov 15 11:58:07 mail postfix/smtpd[7783]: 97989A00F9: client=mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/cleanup[7784]: 97989A00F9: message-id=<20191115145108.A7893A005B@mail.myprimarydomain>
Nov 15 11:58:07 mail postfix/qmgr[7755]: 97989A00F9: from=<root@mail.myprimarydomain>, size=70191, nrcpt=1 (queue active)
Nov 15 11:58:07 mail postfix/smtpd[7783]: disconnect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:07 mail postfix/smtp[7785]: Host offered STARTTLS: [mailgate.myseconddomain]
Nov 15 11:58:07 mail postfix/smtp[7785]: 97989A00F9: to=<root@mail.myprimarydomain>, relay=mailgate.myseconddomain[xxx.xxx.xxx.51]:26, delay=0.03, delays=0.01/0/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9882543F0A)
Nov 15 11:58:07 mail postfix/qmgr[7755]: 97989A00F9: removed
Nov 15 11:58:08 mail postfix/smtpd[7786]: connect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:08 mail postfix/smtpd[7786]: Anonymous TLS connection established from mailgate.myseconddomain[xxx.xxx.xxx.51]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 15 11:58:08 mail postfix/smtpd[7786]: 0A50FA00F9: client=mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:08 mail postfix/cleanup[7784]: 0A50FA00F9: message-id=<20191115145108.A7893A005B@mail.myprimarydomain>
Nov 15 11:58:08 mail postfix/qmgr[7755]: 0A50FA00F9: from=<root@mail.myprimarydomain>, size=70229, nrcpt=1 (queue active)
Nov 15 11:58:08 mail postfix/smtpd[7786]: disconnect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:08 mail postfix/smtp[7785]: Host offered STARTTLS: [mailgate.myseconddomain]
Nov 15 11:58:08 mail postfix/smtp[7785]: 0A50FA00F9: to=<root@mail.myprimarydomain>, relay=mailgate.myseconddomain[xxx.xxx.xxx.51]:26, delay=0.03, delays=0.01/0/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 0B33E440C7)
Nov 15 11:58:08 mail postfix/qmgr[7755]: 0A50FA00F9: removed
Nov 15 11:58:08 mail postfix/smtpd[7783]: connect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:08 mail postfix/smtpd[7783]: Anonymous TLS connection established from mailgate.myseconddomain[xxx.xxx.xxx.51]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 15 11:58:08 mail postfix/smtpd[7783]: 17B85A00F9: client=mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:08 mail postfix/cleanup[7784]: 17B85A00F9: message-id=<20191115145108.A7893A005B@mail.myprimarydomain>
Nov 15 11:58:08 mail postfix/qmgr[7755]: 17B85A00F9: from=<root@mail.myprimarydomain>, size=70193, nrcpt=1 (queue active)
Nov 15 11:58:08 mail postfix/smtpd[7783]: disconnect from mailgate.myseconddomain[xxx.xxx.xxx.51]
Nov 15 11:58:08 mail postfix/smtp[7785]: Host offered STARTTLS: [mailgate.myseconddomain]
Nov 15 11:58:08 mail postfix/smtp[7785]: 17B85A00F9: to=<root@mail.myprimarydomain>, relay=mailgate.myseconddomain[xxx.xxx.xxx.51]:26, delay=0.03, delays=0.01/0/0.01/0.01, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 18F3643F0A)
Nov 15 11:58:08 mail postfix/qmgr[7755]: 17B85A00F9: removed
 
hm - what do you have in the mailq ? (`mailq` on both servers)
 
I believe there was a loop occurring between the proxy and the mailserver itself due to spamassassin and clamav being installed on the mailserver as well.

After removing spamassassin, clamd, clam-smtp, freshclam and clamav-milter from my postfix mailserver and re-configuring it respectively the root mail dump ceased.
 
Glad you found a solution!

Please mark the thread as 'SOLVED' it can help others in a similar situation.

Thanks!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!