originating flag not working - critical bug - RelayedOpenRelay / DKIM signing not working
Alexander Hoogerhuis
alexh at boxed.no
Sun May 27 14:12:28 CEST 2018
On 27/05/2018 08:01, Alexander Hoogerhuis wrote:
>
> I just wanted to add feedback to this one. I've had this issue for some
> time, but haven't had time to track it down untill now. I started
> digging and ended with the same conclusions as the two above contributors.
>
> I have had debug turned on, and I am positive that the following holds:
> - my client IP is in @mynetworks.
> - the recipient is not local.
> - the sending domain is in @local_domains_maps.
> - Postfix uses xforward and amavis sees the proper client IP.
> - the log from amavisd shows the policy bank has originating set.
>
> And yet my log from amavis says RelayedOpenRelay.
>
> My setup is simple; all the possible clients are on private IPs, the
> world is on public
>
> Adding the posted one line patch to 2.11.0 seems to make it all work
> well for me, my logs now show RelayedOutbound for email going out via
> the correct policy bank.
>
Another datapoint on this.
Another case where I get RelayedOpenRelay is when Exchange generates out
of office replies for users. Then it gets triggered because the sender
is blank:
> Return-Path: <>
> X-Envelope-From: <>
> X-Envelope-To: <user at external.com>
Since the sending user is not recognised as a local user.
mvh,
A
--
Alexander Hoogerhuis | http://no.linkedin.com/in/alexh
Boxed Solutions AS | +47 908 21 485 - alexh at boxed.no
"Given enough eyeballs, all bugs are shallow." -Eric S. Raymond
More information about the amavis-users
mailing list