[postfix-users] Falsche NIC bei 2 Postfix-Instanzen

Michael Peter Michael.Peter at unitedplanet.com
Di Jul 29 12:56:16 CEST 2008 

Hallo zusammen,

 

ich betreibe zwei Postfix Server, welche als Mailrelays dienen - einer für eingehende, einer für ausgehende E-Mails.

Nun würde ich gern beide Server auf einem vereinen. Dazu habe ich zwei Postfix-Instanzen erstellt.

 

Sobald ich Postfix-out (2. Instanz) starte funktioniert auch alles. Über Instanz 1 (eth0) kommen die Mails rein, werden an Amavis (Spamassassin + Clamd) übergeben und kommen wieder zurück an Instanz 1. Instanz 2 nimmt auch die Mails an und versendet sie nach draußen.

Nach einiger Zeit (mal 1-2 Minuten, mal erst nach 30 Minuten) hängen aber Mails in der Queue (Timeout). Grund ist, dass Postfix-in die zweite NIC eth1 zum Versenden der Mails an den internen Exchange-Server nutzt statt eth0. Die Firewall lässt nur von eth0 eine Verbindung nach intern zu. Netstat zeigt an, dass eben eth1 versucht den Exchangeserver zu kontaktieren.

 

Ich habe schon jede Menge mit smtp_bind_address und inet_interfaces herumprobiert. Ohne Erfolg.

 

Hat jemand eine Idee, wo ich noch drehen kann?

 

 

Hier noch die Configs:

 

Postconf -n:

alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

alternate_config_directories = /etc/postfix-out

append_dot_mydomain = no

biff = no

canonical_maps = hash:/etc/postfix/canonical

command_directory = /usr/sbin

config_directory = /etc/postfix

content_filter = smtp-amavis:[127.0.0.1]:10024

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

defer_transports = 

disable_dns_lookups = no

disable_mime_output_conversion = no

header_checks = regexp:/etc/postfix/header_checks

home_mailbox = Maildir/

html_directory = /usr/share/doc/packages/postfix/html

inet_interfaces = <dnsname1.mydomain.com>, localhost, 127.0.0.1

inet_protocols = all

mail_owner = postfix

mail_spool_directory = /var/mail-in

mailbox_command = /usr/bin/procmail

mailbox_size_limit = 0

mailbox_transport = 

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

masquerade_classes = envelope_sender, header_sender, header_recipient

masquerade_domains = 

masquerade_exceptions = root

message_size_limit = 4000000

mydestination = <dnsname1.mydomain.com>, localhost

mydomain = <mydomain.com>

myhostname = <dnsname1.mydomain.com>

mynetworks = <IP-eth0>

mynetworks_style = subnet

myorigin = /etc/mailname

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix-in

readme_directory = /usr/share/doc/packages/postfix/README_FILES

recipient_delimiter = +

relay_domains = <mydomain.com>

relay_recipient_maps = hash:/etc/postfix/relay_recipients

relayhost = <interne IP Exchange>

relocated_maps = hash:/etc/postfix/relocated

sample_directory = /usr/share/doc/packages/postfix/samples

sender_canonical_maps = hash:/etc/postfix/sender_canonical

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtp_sasl_auth_enable = no

smtp_use_tls = no

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)

smtpd_client_restrictions = 

smtpd_helo_restrictions = 

smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination,reject_rbl_client zen.spamhaus.org

smtpd_sasl_auth_enable = no

smtpd_sender_restrictions = hash:/etc/postfix/access

smtpd_use_tls = no

strict_8bitmime = no

strict_rfc821_envelopes = no

transport_maps = hash:/etc/postfix/transport

unknown_local_recipient_reject_code = 450

virtual_alias_domains = hash:/etc/postfix/virtual

virtual_alias_maps = hash:/etc/postfix/virtual

 

Postconf -c /etc/postfix-out/ -n:

alias_database = hash:/etc/aliases

alias_maps = hash:/etc/aliases

alternate_config_directories = /etc/postfix

append_dot_mydomain = no

biff = no

canonical_maps = hash:/etc/postfix-out/canonical

command_directory = /usr/sbin

config_directory = /etc/postfix-out/

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

defer_transports = 

disable_dns_lookups = no

disable_mime_output_conversion = no

home_mailbox = Maildir/

html_directory = /usr/share/doc/packages/postfix/html

inet_interfaces = <dnsname2.mydomain.com>

inet_protocols = all

mail_owner = postfix

mail_spool_directory = /var/mail-out

mailbox_command = /usr/bin/procmail

mailbox_size_limit = 0

mailbox_transport = 

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

masquerade_classes = envelope_sender, header_sender, header_recipient

masquerade_domains = 

masquerade_exceptions = root

message_size_limit = 4000000

mydestination = <dnsname2.mydomain.com>

mydomain = <mydomain.com>

myhostname = <dnsname2.mydomain.com>

mynetworks = <interne IPs, DMZ-IPs, nicht eht0!>

mynetworks_style = subnet

myorigin = /etc/mailname-out

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix-out

readme_directory = /usr/share/doc/packages/postfix/README_FILES

recipient_delimiter = +

relayhost = 

relocated_maps = hash:/etc/postfix-out/relocated

sample_directory = /usr/share/doc/packages/postfix/samples

sender_canonical_maps = hash:/etc/postfix-out/sender_canonical

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtp_bind_address = <IP eth1>

smtp_sasl_auth_enable = no

smtp_use_tls = no

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)

smtpd_client_restrictions = 

smtpd_helo_restrictions = 

smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination

smtpd_sasl_auth_enable = no

smtpd_sender_restrictions = hash:/etc/postfix-out/access

smtpd_use_tls = no

strict_8bitmime = no

strict_rfc821_envelopes = no

syslog_name = mailout

transport_maps = hash:/etc/postfix-out/transport

unknown_local_recipient_reject_code = 450

virtual_alias_domains = hash:/etc/postfix-out/virtual

virtual_alias_maps = hash:/etc/postfix-out/virtual

 

 

Gruß Michael Peter

 

-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: http://de.postfix.org/pipermail/postfix-users/attachments/20080729/bc64b966/attachment.htm

More information about the postfix-users mailing list