There is a problem with one of my jails. All Jails sending their mails for root to root, except one jail (nginx). This jail sends mails to root@jailname.domain.tld. My Postfix is configured to accept those mails but I don't find the reason why only this jail is sending to the relay. (Strange thing: If I send a mail from jail nginx the mail will be signed with DKIM. If I use ~./forward in another jail than nginx to reach my Postfix, the mail will not be DKIM-signed.)
Using ~/.forward in the jail nginx will be ignored.
The jail is sending every mail to the external relay (even for users that don't exist!)
In all Jails I set sendmail_enable=NO and sendmail isn't running. Also pkg info don't list any 3rd-party mailer.
Test from this Jail (Jailname: nginx):
mail -v root
Subject: test
test
.
EOT
root... Connecting to [127.0.0.1] via relay...
220 mail.domain.tld ESMTP TheTardis
>>> EHLO nginx.domain.tld
250-mail.domain.tld
250-PIPELINING
250-SIZE 52428800
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
>>> STARTTLS
220 2.0.0 Ready to start TLS
>>> EHLO nginx.domain.tld
250-mail.domain.tld
250-PIPELINING
250-SIZE 52428800
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
>>> MAIL From: SIZE=29
250 2.1.0 Ok
>>> RCPT To:
>>> DATA
250 2.1.5 Ok
354 End data with .
>>> .
250 2.0.0 Ok: queued as 52FAC2BDC6E8
root... Sent (Ok: queued as 52FAC2BDC6E8)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 Bye
Test from any other Jail:
# mail -v root
Subject: test
test
.
EOT
root... Connecting to [127.0.0.1] via relay...
220 mysql.domain.tld ESMTP Sendmail 8.15.2/8.15.2; Tue, 7 May 2019 17:05:05 +0200 (CEST)
>>> EHLO mysql.domain.tld
250-mysql.domain.tld Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-STARTTLS
250-DELIVERBY
250 HELP
>>> STARTTLS
220 2.0.0 Ready to start TLS
>>> EHLO mysql.domain.tld
250-mysql.domain.tld Hello localhost [127.0.0.1], pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-DELIVERBY
250 HELP
>>> MAIL From: SIZE=29
250 2.1.0 ... Sender ok
>>> RCPT To:
>>> DATA
250 2.1.5 ... Recipient ok
354 Enter mail, end with "." on a line by itself
>>> .
250 2.0.0 x47F55hU031641 Message accepted for delivery
root... Sent (x47F55hU031641 Message accepted for delivery)
Closing connection to [127.0.0.1]
>>> QUIT
221 2.0.0 mysql.domain.tld closing connection
So, you see that the jail nginx is relaying his mails to the mailserver while other jails don't.
I don't know why.
I tryed several ideas to find the cause of relaying:
# cat ~/.forward
cat: /root/.forward: No such file or directory
# cat ~/.mailrc
cat: /root/.mailrc: No such file or directory
# mail -d root say: user = root, homedir = /root Sendmail arguments: "send-mail" "-i" "root"
/etc/mail/ is untouched. The timestamps points to the time, the jail was build. Also there is no .mc-file except the initially existend freebsd.mc and freebsd.submit.mc. Because of this there is also no special directive in /etc/mail/aliases.
The directive to relay mails to the external mailserver must come from outside /etc/mail but I don't have any clues where to search any more...
Any ideas?
edit1: I did grep -rl 10.23.102.251 / (the mailserver-IP) and grep -rl mail.domain.tld / last night. Each ran for about four hours and found nothing.
edit2: sendmail is served by:
# cat /etc/mail/mailer.conf
# $FreeBSD: releng/11.1/etc/mail/mailer.conf 93858 2002-04-05 04:25:14Z gshapiro $
#
# Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail
#
sendmail /usr/libexec/sendmail/sendmail
send-mail /usr/libexec/sendmail/sendmail
mailq /usr/libexec/sendmail/sendmail
newaliases /usr/libexec/sendmail/sendmail
hoststat /usr/libexec/sendmail/sendmail
purgestat /usr/libexec/sendmail/sendmail
No comments:
Post a Comment