Postfix DSN=5.0.0 (domain.com) status=bounced

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
kaiszza
Posts: 9
Joined: Fri Apr 20, 2018 3:46 pm

Postfix DSN=5.0.0 (domain.com) status=bounced

Postby kaiszza » Tue May 15, 2018 12:15 pm

Hi folks,

I installed and configured ZIMBRA on an Ubuntu 16.04 machine. The mails between our company's network (@abc.de) and ZIMBRA (@123.de) works fine. Since we wanted to test ZIMBRA, we dug up an old domain (@123.de) which was used some time ago. To make sure that ALL e-mails with the @123.de domain dont get lost, i created a mail address where all the @123.de mails would be collected.

So I connected to the ZIMBRA host via telnet to test if I can send emails - without success. I include the maillog and the postfix postconf:

Code: Select all

May 15 12:39:35 ubuntuvm postfix/postscreen[22013]: CONNECT from [192.168.0.XXX]:50168 to [192.168.0.XXX]:25
May 15 12:39:35 ubuntuvm postfix/postscreen[22013]: WHITELISTED [192.168.0.XXX]:50168
May 15 12:39:35 ubuntuvm postfix/smtpd[22014]: connect from ubuntuvm.123.de[192.168.0.XXX]
May 15 12:40:00 ubuntuvm postfix/smtpd[22014]: NOQUEUE: filter: RCPT from ubuntuvm.123.de[192.168.0.XXX]: <user@abc.de>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<user@abc.de> to=<aaabbb@123.de> proto=ESMTP helo=<123.de>
May 15 12:40:00 ubuntuvm postfix/smtpd[22014]: 2C7A5101E93: client=ubuntuvm.123.de[192.168.0.XXX]
May 15 12:40:09 ubuntuvm postfix/cleanup[22024]: 2C7A5101E93: message-id=<20180515104000.2C7A5101E93@ubuntuvm.123.de>
May 15 12:40:09 ubuntuvm postfix/qmgr[19016]: 2C7A5101E93: from=<user@abc.de>, size=353, nrcpt=1 (queue active)
May 15 12:40:09 ubuntuvm postfix/dkimmilter/smtpd[22562]: connect from localhost.123.de[127.0.0.1]
May 15 12:40:09 ubuntuvm postfix/dkimmilter/smtpd[22562]: 750D8101E95: client=localhost.123.de[127.0.0.1]
May 15 12:40:09 ubuntuvm postfix/cleanup[22024]: 750D8101E95: message-id=<20180515104000.2C7A5101E93@ubuntuvm.123.de>
May 15 12:40:09 ubuntuvm postfix/qmgr[19016]: 750D8101E95: from=<user@abc.de>, size=839, nrcpt=1 (queue active)
May 15 12:40:09 ubuntuvm postfix/smtp[22560]: 2C7A5101E93: to=<aaabbb@123.de>, relay=127.0.0.1[127.0.0.1]:10026, delay=19, delays=19/0/0.01/0.12, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10030): 250 2.0.0 Ok: queued as 750D8101E95)
May 15 12:40:09 ubuntuvm postfix/qmgr[19016]: 2C7A5101E93: removed
May 15 12:40:09 ubuntuvm postfix/amavisd/smtpd[22565]: connect from localhost.123.de[127.0.0.1]
May 15 12:40:09 ubuntuvm postfix/amavisd/smtpd[22565]: 9E6A5101E93: client=localhost.123.de[127.0.0.1]
May 15 12:40:09 ubuntuvm postfix/cleanup[22024]: 9E6A5101E93: message-id=<20180515104000.2C7A5101E93@ubuntuvm.123.de>
May 15 12:40:09 ubuntuvm postfix/qmgr[19016]: 9E6A5101E93: from=<user@abc.de>, size=1418, nrcpt=1 (queue active)
May 15 12:40:09 ubuntuvm postfix/smtp[22564]: 750D8101E95: to=<aaabbb@123.de>, relay=127.0.0.1[127.0.0.1]:10032, delay=0.18, delays=0.05/0/0.01/0.12, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9E6A5101E93)
May 15 12:40:09 ubuntuvm postfix/qmgr[19016]: 750D8101E95: removed
May 15 12:40:09 ubuntuvm postfix/error[22566]: 9E6A5101E93: to=<aaabbb@123.de>, relay=none, delay=0.03, delays=0/0.02/0/0.02, dsn=5.0.0, status=bounced (123.de)
May 15 12:40:09 ubuntuvm postfix/cleanup[22024]: A6614101E96: message-id=<20180515104009.A6614101E96@ubuntuvm.123.de>
May 15 12:40:09 ubuntuvm postfix/bounce[22567]: 9E6A5101E93: sender non-delivery notification: A6614101E96
May 15 12:40:09 ubuntuvm postfix/qmgr[19016]: A6614101E96: from=<>, size=3219, nrcpt=1 (queue active)
May 15 12:40:09 ubuntuvm postfix/qmgr[19016]: 9E6A5101E93: removed
May 15 12:40:17 ubuntuvm postfix/smtp[22568]: A6614101E96: to=<user@abc.de>, relay=mail.abc.de[192.168.0.X]:25, delay=7.4, delays=0/0.01/0.02/7.3, dsn=2.0.0, status=sent (250 2.0.0 w4FAeB8o029287 Message accepted for delivery)
May 15 12:40:17 ubuntuvm postfix/qmgr[19016]: A6614101E96: removed
May 15 12:41:43 ubuntuvm postfix/amavisd/smtpd[19862]: timeout after END-OF-MESSAGE from localhost.123.de[127.0.0.1]



Code: Select all

address_verify_negative_refresh_time = 10m
address_verify_poll_count = ${stress?3}${stress:5}
address_verify_poll_delay = 3s
address_verify_positive_refresh_time = 12h
alias_maps = lmdb:/etc/aliases
allow_mail_to_commands =
allow_mail_to_files =
always_add_missing_headers = yes
bounce_notice_recipient = postmaster
bounce_queue_lifetime = 5d
broken_sasl_auth_clients = yes
canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-canonical.cf
command_directory = /opt/zimbra/common/sbin
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /opt/zimbra/common/libexec
data_directory = /opt/zimbra/data/postfix/data
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
default_process_limit = 100
delay_warning_time = 0h
header_checks =
hopcount_limit = 50
html_directory = no
import_environment =
in_flow_delay = 1s
inet_interfaces = all
inet_protocols = ipv4
lmdb_map_size = 16777216
lmtp_connection_cache_destinations =
lmtp_connection_cache_time_limit = 4s
lmtp_host_lookup = dns
lmtp_tls_CAfile =
lmtp_tls_CApath =
lmtp_tls_ciphers = export
lmtp_tls_exclude_ciphers =
lmtp_tls_loglevel = 0
lmtp_tls_mandatory_ciphers = medium
lmtp_tls_mandatory_protocols = !SSLv2, !SSLv3
lmtp_tls_protocols = !SSLv2, !SSLv3
lmtp_tls_security_level = may
local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
local_recipient_maps =
luser_relay = igor@123.de
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /opt/zimbra/common/sbin/mailq
manpage_directory = /opt/zimbra/common/share/man
max_use = 100
maximal_backoff_time = 4000s
maximal_queue_lifetime = 5d
message_size_limit = 10240000
meta_directory = /opt/zimbra/common/conf
milter_command_timeout = 30s
milter_connect_timeout = 30s
milter_content_timeout = 300s
milter_default_action = tempfail
minimal_backoff_time = 300s
mydestination = localhost
mydomain = 123.de
myhostname = ubuntuvm.123.de
mynetworks = 127.0.0.0/8 [::1]/128 192.168.0.0/24
mynetworks_style = subnet
newaliases_path = /opt/zimbra/common/sbin/newaliases
non_smtpd_milters =
notify_classes = resource, software
postscreen_access_list = permit_mynetworks
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = ignore
postscreen_cache_cleanup_interval = 12h
postscreen_cache_retention_time = 7d
postscreen_command_count_limit = 20
postscreen_dnsbl_action = ignore
postscreen_dnsbl_max_ttl = ${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h
postscreen_dnsbl_min_ttl = 60s
postscreen_dnsbl_reply_map =
postscreen_dnsbl_sites =
postscreen_dnsbl_threshold = 1
postscreen_dnsbl_ttl = 1h
postscreen_dnsbl_whitelist_threshold = 0
postscreen_greet_action = ignore
postscreen_greet_ttl = 1d
postscreen_non_smtp_command_action = drop
postscreen_non_smtp_command_enable = no
postscreen_non_smtp_command_ttl = 30d
postscreen_pipelining_action = enforce
postscreen_pipelining_enable = no
postscreen_pipelining_ttl = 30d
postscreen_upstream_proxy_protocol =
postscreen_watchdog_timeout = 10s
postscreen_whitelist_interfaces = static:all
propagate_unmatched_extensions = canonical
queue_directory = /opt/zimbra/data/postfix/spool
queue_run_delay = 300s
readme_directory = no
recipient_delimiter =
relayhost =
sample_directory = /opt/zimbra/common/conf
sender_canonical_maps =
sendmail_path = /opt/zimbra/common/sbin/sendmail
setgid_group = postdrop
shlib_directory = no
smtp_cname_overrides_servername = no
smtp_dns_support_level = enabled
smtp_fallback_relay =
smtp_generic_maps =
smtp_helo_name = $myhostname
smtp_sasl_auth_enable = no
smtp_sasl_mechanism_filter =
smtp_sasl_password_maps =
smtp_sasl_security_options = noplaintext,noanonymous
smtp_tls_CAfile =
smtp_tls_CApath =
smtp_tls_ciphers = export
smtp_tls_dane_insecure_mx_policy = dane
smtp_tls_loglevel = 0
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_protocols =
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtp_transport_rate_delay = $default_transport_rate_delay
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_auth_rate_limit = 0
smtpd_client_port_logging = no
smtpd_client_restrictions = reject_unauth_pipelining
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_end_of_data_restrictions =
smtpd_error_sleep_time = 1s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_milters =
smtpd_proxy_timeout = 100s
smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unlisted_recipient, reject_invalid_helo_hostname, reject_non_fqdn_sender, reject_unknown_client_hostname, permit
smtpd_reject_unlisted_recipient = no
smtpd_reject_unlisted_sender = no
smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sender_login_maps =
smtpd_sender_restrictions = check_sender_access regexp:/opt/zimbra/common/conf/tag_as_originating.re, permit_mynetworks, permit_sasl_authenticated, permit_tls_clientcerts, check_sender_access regexp:/opt/zimbra/common/conf/tag_as_foreign.re
smtpd_soft_error_limit = 10
smtpd_tls_CAfile =
smtpd_tls_CApath =
smtpd_tls_ask_ccert = no
smtpd_tls_auth_only = yes
smtpd_tls_ccert_verifydepth = 9
smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
smtpd_tls_ciphers = export
smtpd_tls_dh1024_param_file = /opt/zimbra/conf/dhparam.pem
smtpd_tls_exclude_ciphers =
smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = no
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtputf8_enable = no
tls_append_default_CA = no
transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf
unknown_local_recipient_reject_code = 550
unverified_recipient_defer_code = 250
virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf
virtual_alias_expansion_limit = 10000
virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf
virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf
virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf
virtual_transport = error


I also used the luser_relay option, because all mails with the @123.de domain should be guided towards a static address and the local_recipient_maps =option so that all mails are accepted. Somehow, my relayhostalways gets overwritten after I reboot the VM. I think this is intended and must be kept empty. right?

Thanks in advance and please, guide me!!


User avatar
DualBoot
Outstanding Member
Outstanding Member
Posts: 719
Joined: Mon Apr 18, 2016 8:18 pm
Location: Earth
ZCS/ZD Version: ZCS FLOSS - 8.7.11 Mutli servers

Re: Postfix DSN=5.0.0 (domain.com) status=bounced

Postby DualBoot » Tue May 15, 2018 10:04 pm

Hello,

according to zmconfigd, the settings you have changed should not have been reset.
How did you make the change ?

Regards,
kaiszza
Posts: 9
Joined: Fri Apr 20, 2018 3:46 pm

Re: Postfix DSN=5.0.0 (domain.com) status=bounced

Postby kaiszza » Thu May 17, 2018 8:09 am

Hey,

I modified the main.cf in the /opt/zimbra/common/conf folder since there is the path to ZIMBRA's postfix MTA. After some days of testing, restoring snapshots and shedding many tears, I had the idea to do a clean reinstall of ZIMBRA and leave out the MTA (postfix) when the setup asks which parts of ZIMBRA should be installed. Is it possible to somehow "link" a standalone postfix installation with ZIMBRA? For example, before I do the clean reinstall, I install postfix and after that ZIMBRA itself. Will this work?

Kind regards!
User avatar
DualBoot
Outstanding Member
Outstanding Member
Posts: 719
Joined: Mon Apr 18, 2016 8:18 pm
Location: Earth
ZCS/ZD Version: ZCS FLOSS - 8.7.11 Mutli servers

Re: Postfix DSN=5.0.0 (domain.com) status=bounced

Postby DualBoot » Thu May 17, 2018 12:05 pm

Hello,

with Zimbra you can split the roles through different service but If you need to install an other stand alone Postfix,
you should do it on a server without Zimbra. Then after that you can use your Stand alone Postfix as a relay host.
To modify the Postfix configuration file when there is no equivalent attribute in the Zimbra LDAP, you should use
postconf -e postfix_attribut='value'
and if needs restart the MTA.

Regards
kaiszza
Posts: 9
Joined: Fri Apr 20, 2018 3:46 pm

Re: Postfix DSN=5.0.0 (domain.com) status=bounced

Postby kaiszza » Thu May 17, 2018 2:05 pm

Hey,

what do you mean by "splitting the roles through different services"? Please elaborate :)
My main aim is to avoid the bounced status while trying to catch all incoming mails with the @123.de domain for a static mail address I created in the ZIMBRA admin zone (lets call it dump@123.de). To be more precise: our company has around 100 mail addresses with the @123.de domain. Since we cannot say which one is being used to this day and which not, we want to make sure that if there are still some active ones "floating" around, they won't get lost in the WWW when for example the ZIMBRA test persons write a mail.

For this, I used the luser_relay = dump@123.de option and added the local_recipient_maps = option (left it blank so that nothing is blocked, but all is accepted) in the main.cf so that ALL mails with the @123.de domain will land at dump@123.de. Plus, I have to correct myself. In the current configuration, no relayhost is needed since the VM on which ZIMBRA is installed acts as the host itself.

Unfortunately, the standalone postfix installation on a relayhost is not possible, because when we integrate the testing system to our network for mails being able to be sent to the WWW, we would have a second relay and thus postfix wouldn't know where to get the userdata from (we are using openldap currently). ZIMBRA has its own LDAP which would collide with the second relay if I understand this whole thing right.

TL;DR: Why does my mail get bounced? :( I'll post an excerpt from the maillog and from a telnet attempt from today:

Code: Select all

root@zimbravm:/opt/zimbra/common/conf# telnet zimbravm.123.de 25
Trying 192.168.0.XXX...
Connected to zimbravm.123.de.
Escape character is '^]'.
220 zimbravm.123.de ESMTP Postfix
EHLO 123.de
250-zimbravm.123.de
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: kaiszza@companydomain.de
250 2.1.0 Ok
rcpt to: xyz@123.de
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
SUBJECT=YO
TEST
.
250 2.0.0 Ok: queued as 92B36180FAD


Code: Select all

May 17 15:46:35 zimbravm postfix/amavisd/smtpd[24592]: connect from localhost.123.de[127.0.0.1]
May 17 15:46:35 zimbravm postfix/amavisd/smtpd[24592]: C7168180FAD: client=localhost.123.de[127.0.0.1]
May 17 15:46:35 zimbravm postfix/cleanup[24230]: C7168180FAD: message-id=<20180517134626.92B36180FAD@zimbravm.123.de>
May 17 15:46:35 zimbravm postfix/amavisd/smtpd[24592]: disconnect from localhost.123.de[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
May 17 15:46:35 zimbravm postfix/qmgr[12108]: C7168180FAD: from=<kaiszza@companydomain.de>, size=1442, nrcpt=1 (queue active)
May 17 15:46:35 zimbravm postfix/smtp[24587]: A2D351818B5: to=<xyz@123.de>, relay=127.0.0.1[127.0.0.1]:10032, delay=0.16, delays=0.05/0.01/0/0.1, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as C7168180FAD)
May 17 15:46:35 zimbravm postfix/qmgr[12108]: A2D351818B5: removed
May 17 15:46:35 zimbravm postfix/error[24593]: C7168180FAD: to=<xyz@123.de>, relay=none, delay=0.01, delays=0/0/0/0, dsn=5.0.0, status=bounced (123.de)
May 17 15:46:35 zimbravm postfix/cleanup[24230]: C9D7E1818B7: message-id=<20180517134635.C9D7E1818B7@zimbravm.123.de>
May 17 15:46:35 zimbravm postfix/bounce[24594]: C7168180FAD: sender non-delivery notification: C9D7E1818B7
May 17 15:46:35 zimbravm postfix/qmgr[12108]: C9D7E1818B7: from=<>, size=3264, nrcpt=1 (queue active)
May 17 15:46:35 zimbravm postfix/qmgr[12108]: C7168180FAD: removed
May 17 15:46:38 zimbravm postfix/smtp[24595]: C9D7E1818B7: to=<kaiszza@companydomain.de>, relay=mail.companydomain.de[192.168.0.XXX]:25, delay=2.6, delays=0/0.01/0.02/2.6, dsn=2.0.0, status=sent (250 2.0.0 w4HDkcrA012935 Message accepted for delivery)
May 17 15:46:38 zimbravm postfix/qmgr[12108]: C9D7E1818B7: removed
May 17 15:48:42 zimbravm postfix/smtpd[23819]: disconnect from zimbravm.123.de[192.168.0.XXX] ehlo=1 mail=1 rcpt=1 data=1 quit=1 unknown=0/1 commands=5/6

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 21 guests