PMG on Plesk with internal IP as SMTP relay (domain-based)

T

tanjix

Member
May 12, 2021
15
3
8
41
Hi Guys,

I am currently struggling with the following on Plesk Plesk server with version 18.0.35.2 (up2date) on Debian 9 (where I guess it is OS independent).

I set up a Mail-Gateway (Proxmox Mail-Gateway, called PMG from now on). The plan is, that all incoming mails are first being handled by the PMG to be checked for spam, virus eetc. and, if all checks are okay, are then forwarded to the Plesk server and dealt with further.
Additionally, I want to handle the PMG the outgoing mails instead of using Plesks' postfix instance.

The PMG is not accessible from the public internet, hence it has a private IP, which is 192.168.1.104
However, for testing reasons, I did make it available to the public internet with a public ip, which is A.B.C.D

As on my Plesk server there are multiple domains running, where not for all domains a relaying should be done, I modified my main.cf of Postfix by adding:

Code: 
# Sender-based relaying
sender_dependent_relayhost_maps = hash:/etc/postfix/sdr_custom_transport
smtp_connect_timeout = 5

The file /etc/postfix/sdr_custom_transport contains

Code: 
@domain.org [192.168.1.104]:26

Port 26 in this case is correct, as that's the relaying port from PMG for trusted internal connections.

By doing a

Code: 
postmap /etc/postfix/sdr_custom_transport

I let the mapping to create.

Now comes the weird thing.

The mapping itself works, however, Postfix is unable to reach 192.168.1.104 and results in a "connection timed out":

Code: 
May 9 22:21:21 myserver postfix/qmgr[14724]: B5771300958: from=<sender@domain.org>, size=6815, nrcpt=1 (queue active)
May 9 22:21:26 myserver postfix/smtp[17290]: B5771300958: to=<anyrecipient@icloud.com>, relay=none, delay=3360, delays=3355/0.01/5/0, dsn=4.4.1, status=deferred (connect to 192.168.1.104[192.168.1.104]:26: Connection timed out)

However, when I try to connect to this internal IP on port 26 with telnet, it works:

Code: 
root@myserver:~# telnet 192.168.1.104 26
Trying 192.168.1.104...
Connected to 192.168.1.104.
Escape character is '^]'.
220 securemail1.domain.org

The connection itself works fine according to this. So, I am out of ideas, why postfix ends in a timeout, whereas on the linux shell itself I can connect to there.

For curiosity, when I modify the file /etc/postfix/sdr_custom_transport and change [192.168.1.104]:26 to [A.B.C.D]:26, recreate the map-file, restart postfix and send another email, it is being relayed to PMG, as it should be.

Does anyone here have an idea, why the internal IP does not work where the external one does?

Any help here is highly appreciated! Thanks a lot!
 
Is postfix set to listen on a specific IP or all IPs on the system? If a specific one and that one is the public iP, it might not be able to use the private network IP as it can't route the public to the private. Where as the telnet works because the system routes it properly since you don't indicate an interface / ip to bind to.
 
Just to keep it for the records here, what I were referring to:

Code: 
root@myserver:~# postconf -n | grep all
inet_interfaces = all
inet_protocols = all
root@myserver:~#
 
I do assume/hope that PMG and Plesk are separate systems?

in any case - any particular reason not to specify a relayhost parameter in plesk's postfix config?
else - check the manpage for the transport-table (`man 5 transport`) - I think it should read smtp:[192.168.1.104]:26

If this does not help - check out the postfix debugging howto - and add '-v' to the relevant services in master.cf:
http://www.postfix.org/DEBUG_README.html#verbose

I hope this helps!
 
  • Like
Reactions: DerDanilo
Hello @tanjix,
I also had some trouble with these settings.
I found out that sender_dependent_relayhost_maps is the wrong parameter to do this.

relay=none this is the reason why he is doing nothing.

This post helped me figure this out.
https://serverfault.com/questions/7...t-maps-do-not-relay-a-specific-address/770041

With the parameter sender_dependent_default_transport_maps there were no problems afterwards and a correct assignment was made.

Code: 
# /etc/postfix/main.cf
sender_dependent_default_transport_maps = hash:/etc/postfix/relay_by_sender

# /etc/postfix/relay_by_sender
no-relay@mydomain.com   smtp
@mydomain.com           smtp:[ses.amazon.com]
 
  • Like
Reactions: Stoiko Ivanov
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom