[postfix-users] Falsche NIC bei 2 Postfix-Instanzen

29 Jul 2008


      Hallo zusammen,
ich betreibe zwei Postfix Server, welche als Mailrelays dienen - einer für eingehende, einer für ausgehende E-Mails.
Nun würde ich gern beide Server auf einem vereinen. Dazu habe ich zwei Postfix-Instanzen erstellt.
Sobald ich Postfix-out (2. Instanz) starte funktioniert auch alles. Über Instanz 1 (eth0) kommen die Mails rein, werden an Amavis (Spamassassin + Clamd) übergeben und kommen wieder zurück an Instanz 1. Instanz 2 nimmt auch die Mails an und versendet sie nach draußen.
Nach einiger Zeit (mal 1-2 Minuten, mal erst nach 30 Minuten) hängen aber Mails in der Queue (Timeout). Grund ist, dass Postfix-in die zweite NIC eth1 zum Versenden der Mails an den internen Exchange-Server nutzt statt eth0. Die Firewall lässt nur von eth0 eine Verbindung nach intern zu. Netstat zeigt an, dass eben eth1 versucht den Exchangeserver zu kontaktieren.
Ich habe schon jede Menge mit smtp_bind_address und inet_interfaces herumprobiert. Ohne Erfolg.
Hat jemand eine Idee, wo ich noch drehen kann?
Hier noch die Configs:
Postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
alternate_config_directories = /etc/postfix-out
append_dot_mydomain = no
biff = no
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports =
disable_dns_lookups = no
disable_mime_output_conversion = no
header_checks = regexp:/etc/postfix/header_checks
home_mailbox = Maildir/
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = <dnsname1.mydomain.com>, localhost, 127.0.0.1
inet_protocols = all
mail_owner = postfix
mail_spool_directory = /var/mail-in
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 4000000
mydestination = <dnsname1.mydomain.com>, localhost
mydomain = <mydomain.com>
myhostname = <dnsname1.mydomain.com>
mynetworks = <IP-eth0>
mynetworks_style = subnet
myorigin = /etc/mailname
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix-in
readme_directory = /usr/share/doc/packages/postfix/README_FILES
recipient_delimiter = +
relay_domains = <mydomain.com>
relay_recipient_maps = hash:/etc/postfix/relay_recipients
relayhost = <interne IP Exchange>
relocated_maps = hash:/etc/postfix/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_sasl_auth_enable = no
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination,reject_rbl_client zen.spamhaus.org
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_use_tls = no
strict_8bitmime = no
strict_rfc821_envelopes = no
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 450
virtual_alias_domains = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual
Postconf -c /etc/postfix-out/ -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
alternate_config_directories = /etc/postfix
append_dot_mydomain = no
biff = no
canonical_maps = hash:/etc/postfix-out/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix-out/
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
defer_transports =
disable_dns_lookups = no
disable_mime_output_conversion = no
home_mailbox = Maildir/
html_directory = /usr/share/doc/packages/postfix/html
inet_interfaces = <dnsname2.mydomain.com>
inet_protocols = all
mail_owner = postfix
mail_spool_directory = /var/mail-out
mailbox_command = /usr/bin/procmail
mailbox_size_limit = 0
mailbox_transport =
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 4000000
mydestination = <dnsname2.mydomain.com>
mydomain = <mydomain.com>
myhostname = <dnsname2.mydomain.com>
mynetworks = <interne IPs, DMZ-IPs, nicht eht0!>
mynetworks_style = subnet
myorigin = /etc/mailname-out
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix-out
readme_directory = /usr/share/doc/packages/postfix/README_FILES
recipient_delimiter = +
relayhost =
relocated_maps = hash:/etc/postfix-out/relocated
sample_directory = /usr/share/doc/packages/postfix/samples
sender_canonical_maps = hash:/etc/postfix-out/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtp_bind_address = <IP eth1>
smtp_sasl_auth_enable = no
smtp_use_tls = no
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = no
smtpd_sender_restrictions = hash:/etc/postfix-out/access
smtpd_use_tls = no
strict_8bitmime = no
strict_rfc821_envelopes = no
syslog_name = mailout
transport_maps = hash:/etc/postfix-out/transport
unknown_local_recipient_reject_code = 450
virtual_alias_domains = hash:/etc/postfix-out/virtual
virtual_alias_maps = hash:/etc/postfix-out/virtual
Gruß Michael Peter

Michael Peter

Stefan Förster

Michael Peter

nighthawk

nighthawk

Michael Peter

Stefan Förster

tags (0)

participants (3)