MailScanner archive breaks postfix smarthost

Remco Barendse mailscanner at barendse.to
Sun Jun 13 10:58:08 UTC 2021 

I use the archive function of MailScanner to send a copy 
of inbound/outbound email  to an email address on an external server.
Postfix is also serving as a backup for that same domain/server to store 
mail (should the server go down).

When I do not use SmartHost, mail goes out as expected :
Jun 13 12:49:10 gw2 postfix/smtp[5226]: BBFD882A34: 
to=<outbound at archive.com>, relay=mail.my2nddomain.com[--.---.--.--]:25, 
delay=0.76, delays=0.5/0.02/0.13/0.11, dsn=2.0.0, status=sent (250 2.0.0 
15DAnAAT016589 Message accepted for delivery)
Jun 13 12:49:10 gw2 MailScanner[5228]: Read 5624 hostnames from the 
phishing blacklists
Jun 13 12:49:11 gw2 postfix/smtp[5227]: BBFD882A34: 
to=<someone at gmail.com>, 
relay=gmail-smtp-in.l.google.com[108.177.119.26]:25, delay=0.92, 
delays=0.5/0.03/0.15/0.23, dsn=2.0.0, status=sent (250 2.0.0 OK 
1623581351 a13si5024937edy.153 - gsmtp)
Jun 13 12:49:11 gw2 postfix/qmgr[5207]: BBFD882A34: removed


When I enable SmartHost, it seems as if postfix doesn't use the 
smarthost byt bants to do authentication on the remote mail server to 
deliver the archive copy of the mail, which fails.

Jun 13 12:11:20 gw2 postfix/qmgr[3600]: 88F9882A30: 
from=<test at mydomin.com>, size=339, nrcpt=2 (queue active)
Jun 13 12:11:23 gw2 postfix/smtp[3966]: 88F9882A30: 
to=<remco at mytest.com>, relay=smtp.xs4all.nl[194.109.6.51]:587, 
delay=3.3, delays=1/0.09/2.2/0.06, dsn=2.0.0, status=sent (250 2.0.0 
smtp-cloud8.xs4all.net accepted mail sN5MlU4tIhqltsN
5Pliy28 for delivery)
Jun 13 12:11:23 gw2 postfix/smtp[3964]: 88F9882A30: 
to=<outbound at archive.com>, relay=mail.my2nddomain.com[--.---.--.--]:25, 
delay=3.1, delays=1/0.08/2/0, dsn=4.7.0, status=deferred (SASL 
authentication failed; server mail.my2nddomain.com[--.---.--.---] said: 
535 5.7.0 authentication failed)
Jun 13 12:19:30 gw2 postfix/qmgr[3600]: 88F9882A30: 
from=<test at mydomain.com>, size=339, nrcpt=2 (queue active)


In my /etc/postfix/transport I have :
archive.com     smtp:[mail.archive.com]

To enable smarthost I added this to main.cf :
# Enable auth
smtp_sasl_auth_enable = yes
# Set username and password
smtp_sasl_password_maps = 
static:YOUR-SMTP-USER-NAME-HERE:YOUR-SMTP-SERVER-PASSWORD-HERE
smtp_sasl_security_options = noanonymous
# Turn on tls encryption
smtp_tls_security_level = encrypt
header_size_limit = 4096000
# Set external SMTP relay host here IP or hostname accepted along with a 
port number.
relayhost = [YOUR-SMTP-SERVER-IP-HERE]:587


Where am I going wrong?

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list