PMG not able to deliver to itself.

[teward]

The Proxmox gateway has a... issue... when trying to deliver to itself on a public IP.

This is not a NAT reflection issue, actually. In fact, the system is configured via /etc/hosts to *know* to deliver to itself with certain delivery destinations.

Yet, it is still getting things stuck in deferred when the origin is also itself.

Does anyone know a solution to make it recognize the URL / MX record it's trying to deliver to as *itself* and not try to use its own hostname/FQDN via the Internet?

 

[Stoiko Ivanov]

I'm not sure I get what you try to accomplish - could you please provide the logs of such a mail that cannot get delivered?

 

[teward]

Logs are below. Be advised that in the `/etc/hosts` of the system itself, there is a line for its own IP address and localhost for mgw.mydomain.llc to point to itself, and NAT reflection is already configured at the firewall to properly reflect NAT back into the network (though, it seems this isn't working here for some reason) Note that both domain.tld and otherdomain.tld (which are placeholders here) are configured in the mail filter as valid destination domains in the mail gateway system. Therefore, if it can't even recognize delivery to itself it sounds like either I broke the configuration OR the system is ignorant of /etc/hosts when it takes into account mail deliveries, and I'll have to make some revisions to DNS stuff.

Dec 2 09:09:05 mgw postfix/qmgr[2614]: A163BA81585: from=<teward@domain.tld>, size=2136, nrcpt=1 (queue active)
Dec 2 09:09:35 mgw postfix/smtp[941]: A163BA81585: to=<admin@otherdomain.tld>, relay=none, delay=60877, delays=60847/0.13/30/0, dsn=4.4.1, status=deferred (connect to mgw.mydomain.llc[173.167.254.35]:25: Connection timed out)

 

[Stoiko Ivanov]

hmm - my guess is that you have entered otherdomain.tld in your relay domains, but have not setup a transport for it (GUI->Configuration->Mail Proxy-> Transports) - In that case PMG (or rather the postfix server dealing with relaying mail to outside) simply does an ordinary mail-lookup:
* it checks for the MX of otherdomain.tld in DNS - unless you have explicitly changed that to resolve internally to the correct internal server PMG gets the answer any global lookup would get (your firewall's IP which NATs port 25 to PMG)

-> setup an appropriate Transport for otherdomain.tld

You can check the output of `pmgconfig dump` to see where the templating system gets its values from

I hope this helps!

 

[teward]

hmm - my guess is that you have entered otherdomain.tld in your relay domains, but have not setup a transport for it (GUI->Configuration->Mail Proxy-> Transports) - In that case PMG (or rather the postfix server dealing with relaying mail to outside) simply does an ordinary mail-lookup:
* it checks for the MX of otherdomain.tld in DNS - unless you have explicitly changed that to resolve internally to the correct internal server PMG gets the answer any global lookup would get (your firewall's IP which NATs port 25 to PMG)

-> setup an appropriate Transport for otherdomain.tld

You can check the output of `pmgconfig dump` to see where the templating system gets its values from

I hope this helps!

Partially solves this, however it's ignoring my rules when it delivers to itself now, which say to rewrite the "To" address to somewhere else (which would then be in the transport rules).

I'll have to dig to see if I can build a solution that circumvents PMG right now due to these configuration headaches, should be easy since I control the internal server delivering to PMG anyways.