Mailserver and PMG same FQDN - :25 loops back to myself

L

lebenshilfe-hpz

New Member
Proxmox Subscriber
Nov 27, 2023
2
0
1
Hello,

we setup a new mail gateway with PMG. The old mail gateway only receivied E-Mails. The mail server send direkt.

Now, PMG receive and send E-Mail. Sending with DMARC works fine.

But receiving fail:

mail for [192.168.2.2]:25 loops back to myself.

Mail Server and PMG has the same FQDN. Is that wrong?

Diffrent FQDN means, DNS MX for reciving E-Mails for PMG and something else for mailserver, but with other certificat for client connection.

Is that right?

Best regards

Matthias Schmidt
 
you probably should configure a transport for your domain in Configuration -> Mail Proxy -> transport, so it does not do a mx lookup when trying to forward the mails
 
Hello,

our configuration: 192.168.2.2 PMG and 192.168.2.3 mailserver
public dns mx record for two domains (example.com, example2.com) to mx.example.com and mx.example2.com public IP Address Port 25 to 192.168.2.2

Configuration - Mail Proxy - Relaying:

Default Relay 192.168.2.3
Relay Port 25
Relay Protocol smtp
Disable MX lookup (SMTP) no
Smarthost nono

Configuration - Mail Proxy - Relay Domains
example.com
example2.com

Configuration - Mail Proxy -
External SMTP Port 25
Internal SMTP Port 26

Configuration - Mail Proxy - Transports
Relay Domain example.com host 192.168.2.3 Protocol smtp Port 25 Use MX No
Relay Domain example2.com host 192.168.2.3 Protocol smtp Port 25 Use MX No

Sending with DMARC works fine. Only recived faild:

Log on PMG

2024-02-21T09:38:34.887314+01:00 mx postfix/smtp[1034428]: C57372134A: to=<n.name@example.com>, relay=192.168.2.3[192.168.2.3]:25, delay=0.05, delays=0.05/0/0/0, dsn=5.4.6, status=bounced (mail for [192.168.2.3]:25 loops back to myself)

On mailserver log is nothing.

Chanching Disable MX lookup (SMTP) no to Disable MX lookup (SMTP) yes
has no effect.

Other people say, FQDN should be different, or in poxfix relay port should somthing else than 25, or in etc host should set to example.com 192.168.2.3. Im not sure if this is right.

I hope to get an working answere.

Best regardes

Matthias Schmidt
 
+1
i need to set
Code: 
mydomain = mydoamin.org
myhostname = mail.mydoamin.org
into /etc/pmg/templates/main.cf.in for correct HELO message like in PTR
but after that server stops relay incoming messages with
to=<root@mydomain.org>, relay=192.168.202.200[192.168.202.200]:25, delay=0.16, delays=0.04/0.05/0.06/0, dsn=5.4.6, status=bounced (mail for [192.168.202.200]:25 loops back to myself
Click to expand...
 
Same here. Anyone with a solution when the mail server and PMG have the same FQDN, e.g. mail.mydomain.com?
 
I also couldn’t solve this issue, so I just gave the mail server the name mail.mydomain.local and PMG – mail.mydomain.com
 
I was finally able to solve the issue. As I am using the Synology Mail Server (not Synology MailPlus Server!) package I would like to add my two cents here on how I was able to resolve this issue when PMG and mail server are relying on the same FQDN:

Basically, what I did, was:

  • Change the Synology Mail Server's Hostname (FQDN) setting to:
    mail.mydomain.local
  • For Additional Domain SMTP settings on the Synology Mail Server I added:
    mydomain.com
  • Disable (uncheck) the Enable SPF verification security setting on Synology Mail Server.
  • As the Synology Mail Server seems to do a DNS lookup for mail.mydomain.com whenever receiving an incoming e-mail, it was necessary to set my local DNS server as the primary DNS server in the network settings of the Synology DSM operating system. On that local DNS server I had to point the mail.mydomain.com to the PMG's private IP address.
After that, I was finally able to receive the e-mails from PMG to Synology Mail Server successfully. However, as all of my local e-mail clients (e.g. Mozilla Thunderbird clients, web mail clients, ...) are resolving the mail.mydomain.com domain via the same DNS server too, this solution was not acceptable to me, so I set the DNS entry poining back to the Synology Mail Server's IP address. As a workaround, to be DNS resolver independent, what I did, was to create a bash script on Synology DSM that is being triggered on system bootup, which adds the according required entry to the /etc/hosts file in case the entry does not exist yet. I have attached the file for download, just unzip it and copy it to your Synology DSM system (e.g. /var/services/homes/<myUser>/<Scripts>/add_line_if_not_exists.sh) and make it executable (chmod +x). After that create the according automated task in your Synolgy DSM system as follows:

Control Panel --> Task Scheduler --> Create --> Triggered Tasks --> User-defined script
Task: Give it a random task name
User: DSM admin-user that can access and run the script file and has permission to write to /etc/hosts
Event: Boot-up
Task Settings --> Run command (replace <myUser>, <Scripts>, <PMG_IP_address> and <mydomain>.<com> without the brackets with your required specific values):
Bash: 
bash /var/services/homes/<myUser>/<Scripts>/add_line_if_not_exists.sh "<PMG_IP_address> mail.<mydomain>.<com>" /etc/hosts

Run the task once an check if the according line has been added to the /etc/hosts file. If so, everything should work (you don't have to reboot the Synology DSM operating system, the hostfile change takes effect immediately).

Sounds very complicated but it's an easy and reliable task to workaround.

Hope this helps someone.
 

Attachments

Last edited:
You must log in or register to reply here.
Top Bottom