DevHeads.net

Header change

Switching to dovecot LMTP appears to have changed the information in the received header:

Here’s what the received header used to look like:

Received: from [10.0.5.3] (c-71-229-144-93.hsd1.co.comcast.net [71.229.144.93])
by mail.covisp.net (Postfix) with ESMTPS id B67B8118AD59
for < ... at kreme dot com>; Sun, 16 Aug 2009 22:19:02 -0600 (MDT)

As opposed to now:

Received: from darth.lan (c-73-14.161.160.hsd1.co.comcast.net [73.14.161.160])
by mail.covisp.net(Postfix 3.4.5/8.13.0) with SMTP id unknown;
Sun, 16 Jun 2019 15:26:32 -0600
(envelope-from < ... at kreme dot com>)

The first has an ESMTPS id and the other has SMTP id unknown.

Any ideas why this might have changed?

(In both cases the email is sent via an authentication submission on port 587 (or possibly 465 in the latter case).

submission inet n - n - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_path=private/auth
-o syslog_name=postfix/submit
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_data_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
-o smtpd_helo_restrictions=
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject

smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_sasl_type=dovecot
-o smtpd_sasl_security_options=noanonymous
-o smtpd_sasl_path=private/auth
-o smtpd_data_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
-o smtpd_helo_restrictions=
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject_unauth_destination,reject
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes

Comments

Re: Header change

By Viktor Dukhovni at 06/17/2019 - 14:54

The reported symptoms are unrelated to Dovecot LMTP.

This may be produced by a milter, especially the "8.13.0" suggests
a Sendmail milter library. The "Postfix 3.4.5" may be due to a
non-default setting of "mail_name". As for "unknown" the milter
(if that's what it is) may have memoized absence of a queue-id
before Postfix assigned one (at RCPT TO).

Re: Header change

By Wietse Venema at 06/17/2019 - 14:07

As far as I know, Postfix does not have "with ... id unknown", and
the "(envelope-from ...)" text is disabled by default.

Wietse

Re: Header change

By LuKreme at 06/17/2019 - 15:53

On Jun 17, 2019, at 12:07 PM, Wietse Venema < ... at porcupine dot org> wrote:
From what I am hearing not he SA list, this header is added by spamass-milter which is not seeing the message as having been submitted with authentication.

I have not changed milter_mail_macros from the default value of

i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer}

So I am not sure why the milter is not seeing that the message was authenticated.

Logs:
Jun 16 15:26:32 mail postfix/submit/smtpd[52711]: 45RnTh0J8KzdrvJ: client=c-73-14-161-160.hsd1.co.comcast.net[73.14.161.160], sasl_method=PLAIN, sasl_username= ... at kreme dot com
Jun 16 15:26:32 mail postfix/cleanup[52845]: 45RnTh0J8KzdrvJ: message-id=<0C3BE5F6-C5B4-4B07-853D- ... at kreme dot com>
Jun 16 15:26:33 mail postfix/qmgr[27634]: 45RnTh0J8KzdrvJ: from=< ... at kreme dot com>, size=3259, nrcpt=2 (queue active)
Jun 16 15:26:33 mail postfix/lmtp[53026]: 45RnTh0J8KzdrvJ: to=<mumble>, orig_to=<mumble>, relay=mail.covisp.net[private/dovecot-lmtp], delay=1.9, delays=1.7/0.01/0.19/0.01, dsn=2.0.0, status=sent (250 2.0.0 <mumble> 1QOYNQm0Bl1fzwAAIdGjjQ:2 Saved)
Jun 16 15:26:33 mail postfix/qmgr[27634]: 45RnTh0J8KzdrvJ: removed

Header:
Received: from darth.lan (c-73-14.161.160.hsd1.co.comcast.net [73.14.161.160])
by mail.covisp.net(Postfix 3.4.5/8.13.0) with SMTP id unknown;
Sun, 16 Jun 2019 15:26:32 -0600
(envelope-from < ... at kreme dot com>)