Yeah I'll set up some advanced debugging in Postfix on the relays to see whats' coming in and out. Will take time though 'cause we have a TON of messaging going through that smtpproxy out to the 'net so it'll take a bit for me to dissect the message logs.
Give me a bit since it's EOD for me now.
Thomas
On 12/6/23 15:44, Mark Sapiro wrote:
On 12/6/23 11:11, Thomas Ward via Mailman-users wrote:
See, that's the oddness. There appears to be SOME weird mail loop here where $ORIGIN (MS365/Exchange) hands it once, then there's back-and-forth between SMTPPROXY and Mailman. IT's really odd how it behaves, and I have no explanation for it.
Right now I'm away from the office where this happens, but when I'm back there I'll grab logs from both sides.
Thomas
On 12/5/23 17:54, Mark Sapiro wrote:
On 12/5/23 10:08, Thomas Ward via Mailman-users wrote:
We use a multi-hop SMTP system to go from the inside of our network out to the Internet at the domain test.lists.example.com.
The setup is this way for ingress:
{EXTERNAL} -> MS365 (relay/antispam) -> MS On-Prem (via 365 Connector) -> Mailman for delivery to listserv
Presumably the EXTERNAL to MS365 SMTP transaction includes
MAIL FROM: <user@example.com> RCPT TO: <invalid@test.lists.example.com>
It seems that somewhere in the path to Mailman this is getting changed to
MAIL FROM: <invalid@test.lists.example.com>
so the outbound DSN is sent to invalid@test.lists.example.com instead of user@example.com. The question is which one of the MTAs in the path is doing this and why.
But even more mysterious is the fact that the DSN from Mailman should be sent with
MAIL FROM: <>
so when it's undeliverable, no further DSN is sent.