Mail-Toaster-6 icon indicating copy to clipboard operation
Mail-Toaster-6 copied to clipboard
verified publisher icon msimerson

When sending an email to both external and local domains, only the external email is delivered, and the email to the local domain disappears

Open johannes73 opened this issue 1 year ago • 4 comments

Describe the bug When a user sends an email only to a local domain, or only to an external domain, the email is delivered fine. But when sending an email to both a local and an external domain, only the copy to the external domain is delivered. The copy to the internal domain disappears without error message to the client.

To Reproduce

From: Test User <[email protected]>
Subject: To local AND external domain - this will be delivered ONLY to the external domain
To: Test User <[email protected]>,
 Test User Gmail <[email protected]>
(...)

Expected behavior Delivery to both the local and external domain recipients of a sent email.

Server (please complete the following information):

uname -a
FreeBSD mail.smartnet.se 13.2-RELEASE-p4 FreeBSD 13.2-RELEASE-p4 GENERIC amd64

MT6 version: 20231004

Additional context This server uses split horizon DNS.

I have tried but not managed to solve this. Very thankful for your opinions.

johannes73 avatar Aug 06 '24 12:08 johannes73

Check the local Haraka queue, is the copy to the internal domain sitting there? (I've seen this, and I did something to fix it when it happened, but exactly what hasn't popped into my brain.)

msimerson avatar Sep 21 '24 04:09 msimerson

Great thanks, Matt. Your tip led me to get it working. I am not sure I did it the correct way. But it works fine, and both local and external copies are delivered. I think my split horizon DNS was to blame.

Maybe it helps someone else. Here is what I did. Thanks again.

The split horizon DNS is at 192.168.0.1, and the mail server is at 192.168.0.24. The DNS answers with 192.168.0.x addresses to requests from the LAN, and with external addresses when asked externally.

Commented out two lines in /data/dns/mt6-local.conf:

#          local-data: "mail.smartnet.se A 172.16.15.8"
#          local-data: "mail.smartnet.se AAAA fd7a:e5cd:1fc1:8c34:dead:beef:cafe:0008"

Added an include in /jails/dns/usr/local/etc/unbound/unbound.conf:

include: "/data/forward_dns.conf"

A new file /data/dns/forward_dns.conf:

forward-zone:
    name: "."
    forward-addr: 192.168.0.1
    forward-first: yes
    forward-no-cache: no

johannes73 avatar Oct 29 '24 00:10 johannes73

I faced the same problem today I have my setup as:

#less /data/haraka/config/qmail-deliverable.ini

check_outbound=true
host=172.16.15.8
queue=smtp_forward


[mydomain.nu]
next_hop=lmtp://172.16.15.15

Now when writing a single user mail to [email protected] it works:

Jun  2 15:30:45 haraka haraka[31975]: [INFO] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [mail_from.is_resolvable] pass:has_fwd_dns
Jun  2 15:30:45 haraka haraka[31975]: [INFO] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [spf] identity=mfrom ip=149.210.213.35 domain="lensen.nu" mfrom=<[email protected]> result=Pass
Jun  2 15:30:45 haraka haraka[31975]: [INFO] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [spf] scope: mfrom, result: Pass, domain: lensen.nu
Jun  2 15:30:45 haraka haraka[31975]: [NOTICE] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [core] sender <[email protected]> code=CONT msg=""
Jun  2 15:30:45 haraka haraka[31975]: [INFO] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [qmail-deliverable] pass:mail_from.vpopmail alias, rcpt.vpopmail dir, msg:queue.wants=lmtp, next_hop=lmtp://172.16.15.15
Jun  2 15:30:45 haraka haraka[31975]: [NOTICE] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [core] recipient <[email protected]> code=OK msg="" [email protected]
Jun  2 15:30:45 haraka haraka[31975]: [INFO] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [core]  hook=rcpt plugin=qmail-deliverable function=hook_rcpt params=<[email protected]> retval=OK msg=""
Jun  2 15:30:45 haraka haraka[31975]: [NOTICE] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [core] message mid=<[email protected]> size=818 rcpts=1/0/0 delay=0.005 code=CONT msg=""
Jun  2 15:30:45 haraka haraka[31975]: [NOTICE] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [core] queue code=CONT msg="Message Queued (27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1)"
Jun  2 15:30:45 haraka haraka[31975]: [INFO] [-] [outbound] Transaction delivery for domain: mydomain.nu
Jun  2 15:30:45 haraka haraka[31975]: [NOTICE] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [core] queue code=OK msg="Message Queued (27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1)"
Jun  2 15:30:45 haraka haraka[31975]: [INFO] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1.1] [outbound]  hook=get_mx plugin=qmail-deliverable function=hook_get_mx params=mydomain.nu retval=OK msg="{\"using_lmtp\":true,\"priority\":0,\"port\":24,\"exchange\":\"172.16.15.15\"}"
Jun  2 15:30:45 haraka haraka[31975]: [NOTICE] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1] [core] disconnect ip=172.16.15.33 rdns=roundcube helo=roundcube relay=Y early=N esmtp=Y tls=Y pipe=N errors=0 txns=1 rcpts=1/0/0 msgs=1/0/0 bytes=818 lr="" time=0.563
Jun  2 15:30:45 haraka haraka[31975]: [INFO] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1.1] [outbound] secured verified=false cipher=TLS_AES_256_GCM_SHA384 version=TLSv1.3 error=ERR_TLS_CERT_ALTNAME_INVALID cn=bsdfreaks.nl organization="" issuer="Let's Encrypt" expires="Jul 27 21:54:59 2025 GMT" fingerprint=BC:7A:FF:AD:58:7C:66:96:24:1F:B6:C6:12:46:4B:58:4D:1E:BF:74
Jun  2 15:30:45 haraka haraka[31975]: [NOTICE] [27697A1E-1820-4A6F-AA86-8280AF0F3EEF.1.1] [outbound]  delivered file=1748871045584_1748871045584_0_31975_uxh3IL_756_haraka domain=mydomain.nu host=172.16.15.15 ip=172.16.15.15 port=24 mode=LMTP tls=Y auth=N response="<[email protected]> oDxfI4WnPWiCPQAAkzG9Ng Saved" delay=0.114 fails=0 rcpts=1/0/0

Now with a mail which fails:

Jun  2 14:12:44 haraka haraka[14712]: [NOTICE] [DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1] [core] recipient <[email protected]> code=OK msg="" [email protected]
Jun  2 14:12:45 haraka haraka[14712]: [NOTICE] [DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1] [core] message mid=<[email protected]> size=2218 rcpts=2/0/0 delay=0.017 code=CONT msg=""
Jun  2 14:12:45 haraka haraka[14712]: [INFO] [-] [outbound] Transaction delivery for domain: external.com
Jun  2 14:12:45 haraka haraka[14712]: [NOTICE] [DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1] [core] queue code=CONT msg="Message Queued (DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1)"
Jun  2 14:12:45 haraka haraka[14712]: [INFO] [-] [outbound] Transaction delivery for domain: mydomain.nu
Jun  2 14:12:45 haraka haraka[14712]: [NOTICE] [DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1] [core] queue code=OK msg="Message Queued (DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1)"
Jun  2 14:12:45 haraka haraka[14712]: [NOTICE] [DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1] [core] disconnect ip=172.16.15.33 rdns=roundcube helo=roundcube relay=Y early=N esmtp=Y tls=Y pipe=N errors=0 txns=1 rcpts=2/0/0 msgs=1/0/0 bytes=2218 lr="" time=0.278
Jun  2 14:12:45 haraka haraka[14712]: [NOTICE] [DC03A49F-4FE5-48A0-9779-D8FF927F92FD.1.2] [outbound] Failed to get socket: connect ECONNREFUSED 149.210.213.35:25

I tries to connect to my external address

Infern1 avatar Jun 02 '25 13:06 Infern1

That's expected @Infern1. When an email has differing delivery routes, it gets sent to outbound for delivery. Once you fix the DNS resolution for domains behind your NAT to resolve to the correct local/private IPs, it will work properly.

msimerson avatar Jun 02 '25 16:06 msimerson