[prev in list] [next in list] [prev in thread] [next in thread]
List: bacula-users
Subject: Re: [Bacula-users] bsmtp from within a container
From: Justin Case <jus7incase () gmail ! com>
Date: 2022-08-05 21:50:17
Message-ID: 144D40AA-62C3-419E-9CA8-1F79A10FE43B () gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Thank you Josh, I got it now.
I had to relax 2 SPAM settings, but didn't need to ignore authentication for local \
machines. If someone later on needs details, let me know.
Thanks again!
J/C
> On 4. Aug 2022, at 16:24, Josh Fisher <jfisher@jaybus.com> wrote:
>
>
> On 8/2/22 16:46, Justin Case wrote:
> > The container uses the container ID as hostname. nothing I can do about it with \
> > DNS. I will retire the Synology mail server at somepoint but that is months in \
> > the future.
> > I disabled authentication for local networks, but still:
> > 504 5.5.2 <3422f1072002>: Helo command rejected: need fully-qualified hostname
>
>
> Fix the Synology mail server instead of the container. Look at advanced security \
> rules (Mail Delivery > Security > Advanced) for the 'Reject HELO hostnames without \
> fully qualified domain name (FQDN)' and 'Reject unknown HELO hostnames' rule \
> settings.
>
> >
> > > On 2. Aug 2022, at 22:29, dmitri maziuk <dmitri.maziuk@gmail.com> wrote:
> > >
> > > On 2022-08-02 2:16 PM, Justin Case wrote:
> > > > I run the mailserver put its basically a tightly baked postfix dovecot under \
> > > > Synology DSM UI. So I won't manually change config files. But "Ignore \
> > > > authorization for LAN connections" sounds reasonable, I have activated that \
> > > > now. Lets see if that helps.
> > > It has to know 172.x is a "LAN" connection... if they don't have a way to set \
> > > $mynetworks, I think you might want to add a raspi to your home lab to run a \
> > > proper postfix instance. ;)
> > > > This does, however, not solve the problem that the hostname is not an FQDN \
> > > > and that it cannot be overridden with bsmtp. So I am still 100% away from a \
> > > > working solution :(
> > > It's common enough, half of them get "localhost" from the resolver anyway and \
> > > happily stick it in the mail header. I tend to specify From: addresses like \
> > > "win-acme-on-server-X@mydomain" to know where it came from -- and if anyone \
> > > decides to reply, they can keep the bounce.
> > > As far as mail delivery goes, FQDN is not needed for anything. It's only there \
> > > for that UCE check which should be disabled for "LAN connections".
> > > PS. if bsmtp gets its hostname from the resolver, you might be able to fool it \
> > > by setting up a nameserver for docker ips. Or maybe get names from docker \
> > > network -- but I never looked into that.
> > > Dima
> > >
> > >
> > > _______________________________________________
> > > Bacula-users mailing list
> > > Bacula-users@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/bacula-users
> >
> >
> > _______________________________________________
> > Bacula-users mailing list
> > Bacula-users@lists.sourceforge.net <mailto:Bacula-users@lists.sourceforge.net>
> > https://lists.sourceforge.net/lists/listinfo/bacula-users \
> > <https://lists.sourceforge.net/lists/listinfo/bacula-users>
>
>
> _______________________________________________
> Bacula-users mailing list
> Bacula-users@lists.sourceforge.net <mailto:Bacula-users@lists.sourceforge.net>
> https://lists.sourceforge.net/lists/listinfo/bacula-users \
> <https://lists.sourceforge.net/lists/listinfo/bacula-users>
[Attachment #5 (unknown)]
<html><head><meta http-equiv="Content-Type" content="text/html; \
charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; \
line-break: after-white-space;" class="">Thank you Josh, I got it now.<div class="">I \
had to relax 2 SPAM settings, but didn't need to ignore authentication for local \
machines.</div><div class="">If someone later on needs details, let me \
know.</div><div class="">Thanks again!</div><div class=""> J/C<br \
class=""><div><br class=""><blockquote type="cite" class=""><div class="">On 4. Aug \
2022, at 16:24, Josh Fisher <<a href="mailto:jfisher@jaybus.com" \
class="">jfisher@jaybus.com</a>> wrote:</div><br \
class="Apple-interchange-newline"><div class=""><br style="caret-color: rgb(0, 0, 0); \
font-family: Helvetica; font-size: 18px; font-style: normal; font-variant-caps: \
normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: \
0px; text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""><span \
style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 18px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; text-align: start; text-indent: 0px; text-transform: none; white-space: \
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; \
float: none; display: inline !important;" class="">On 8/2/22 16:46, Justin Case \
wrote:</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: \
18px; font-style: normal; font-variant-caps: normal; font-weight: normal; \
letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; \
text-decoration: none;" class=""><blockquote type="cite" style="font-family: \
Helvetica; font-size: 18px; font-style: normal; font-variant-caps: normal; \
font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; \
text-indent: 0px; text-transform: none; white-space: normal; widows: auto; \
word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; \
text-decoration: none;" class="">The container uses the container ID as hostname. \
nothing I can do about it with DNS.<br class="">I will retire the Synology mail \
server at somepoint but that is months in the future.<br class=""><br class="">I \
disabled authentication for local networks, but still:<br class="">504 5.5.2 \
<3422f1072002>: Helo command rejected: need fully-qualified hostname<br \
class=""></blockquote><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; \
font-size: 18px; font-style: normal; font-variant-caps: normal; font-weight: normal; \
letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; \
text-decoration: none;" class=""><br style="caret-color: rgb(0, 0, 0); font-family: \
Helvetica; font-size: 18px; font-style: normal; font-variant-caps: normal; \
font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""><span \
style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 18px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; text-align: start; text-indent: 0px; text-transform: none; white-space: \
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; \
float: none; display: inline !important;" class="">Fix the Synology mail server \
instead of the container. Look at advanced security rules (Mail Delivery > \
Security > Advanced) for the 'Reject HELO hostnames without fully qualified domain \
name (FQDN)' and 'Reject unknown HELO hostnames' rule settings.</span><br \
style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 18px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; text-align: start; text-indent: 0px; text-transform: none; white-space: \
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" \
class=""><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: \
18px; font-style: normal; font-variant-caps: normal; font-weight: normal; \
letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; \
text-decoration: none;" class=""><br style="caret-color: rgb(0, 0, 0); font-family: \
Helvetica; font-size: 18px; font-style: normal; font-variant-caps: normal; \
font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""><blockquote \
type="cite" style="font-family: Helvetica; font-size: 18px; font-style: normal; \
font-variant-caps: normal; font-weight: normal; letter-spacing: normal; orphans: \
auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; \
widows: auto; word-spacing: 0px; -webkit-text-size-adjust: auto; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""><br \
class=""><blockquote type="cite" class="">On 2. Aug 2022, at 22:29, dmitri maziuk \
<<a href="mailto:dmitri.maziuk@gmail.com" class="">dmitri.maziuk@gmail.com</a>> \
wrote:<br class=""><br class="">On 2022-08-02 2:16 PM, Justin Case wrote:<br \
class=""><blockquote type="cite" class="">I run the mailserver put its basically a \
tightly baked postfix dovecot under Synology DSM UI. So I won't manually change \
config files. But "Ignore authorization for LAN connections" sounds reasonable, I \
have activated that now. Lets see if that helps.<br class=""></blockquote>It has to \
know 172.x is a "LAN" connection... if they don't have a way to set $mynetworks, I \
think you might want to add a raspi to your home lab to run a proper postfix \
instance. ;)<br class=""><br class=""><blockquote type="cite" class="">This does, \
however, not solve the problem that the hostname is not an FQDN and that it cannot be \
overridden with bsmtp. So I am still 100% away from a working solution :(<br \
class=""></blockquote>It's common enough, half of them get "localhost" from the \
resolver anyway and happily stick it in the mail header. I tend to specify From: \
addresses like "win-acme-on-server-X@mydomain" to know where it came from -- and if \
anyone decides to reply, they can keep the bounce.<br class=""><br class="">As far as \
mail delivery goes, FQDN is not needed for anything. It's only there for that UCE \
check which should be disabled for "LAN connections".<br class=""><br class="">PS. if \
bsmtp gets its hostname from the resolver, you might be able to fool it by setting up \
a nameserver for docker ips. Or maybe get names from docker network -- but I never \
looked into that.<br class=""><br class="">Dima<br class=""><br class=""><br \
class="">_______________________________________________<br class="">Bacula-users \
mailing list<br class=""><a href="mailto:Bacula-users@lists.sourceforge.net" \
class="">Bacula-users@lists.sourceforge.net</a><br \
class="">https://lists.sourceforge.net/lists/listinfo/bacula-users<br \
class=""></blockquote><br class=""><br \
class="">_______________________________________________<br class="">Bacula-users \
mailing list<br class=""><a href="mailto:Bacula-users@lists.sourceforge.net" \
class="">Bacula-users@lists.sourceforge.net</a><br class=""><a \
href="https://lists.sourceforge.net/lists/listinfo/bacula-users" \
class="">https://lists.sourceforge.net/lists/listinfo/bacula-users</a><br \
class=""></blockquote><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; \
font-size: 18px; font-style: normal; font-variant-caps: normal; font-weight: normal; \
letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; \
text-decoration: none;" class=""><br style="caret-color: rgb(0, 0, 0); font-family: \
Helvetica; font-size: 18px; font-style: normal; font-variant-caps: normal; \
font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""><span \
style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 18px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; text-align: start; text-indent: 0px; text-transform: none; white-space: \
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; \
float: none; display: inline !important;" \
class="">_______________________________________________</span><br \
style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 18px; \
font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: \
normal; text-align: start; text-indent: 0px; text-transform: none; white-space: \
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" \
class=""><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: \
18px; font-style: normal; font-variant-caps: normal; font-weight: normal; \
letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; \
white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; \
text-decoration: none; float: none; display: inline !important;" \
class="">Bacula-users mailing list</span><br style="caret-color: rgb(0, 0, 0); \
font-family: Helvetica; font-size: 18px; font-style: normal; font-variant-caps: \
normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: \
0px; text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""><a \
href="mailto:Bacula-users@lists.sourceforge.net" style="font-family: Helvetica; \
font-size: 18px; font-style: normal; font-variant-caps: normal; font-weight: normal; \
letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; \
text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; \
-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" \
class="">Bacula-users@lists.sourceforge.net</a><br style="caret-color: rgb(0, 0, 0); \
font-family: Helvetica; font-size: 18px; font-style: normal; font-variant-caps: \
normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: \
0px; text-transform: none; white-space: normal; word-spacing: 0px; \
-webkit-text-stroke-width: 0px; text-decoration: none;" class=""><a \
href="https://lists.sourceforge.net/lists/listinfo/bacula-users" style="font-family: \
Helvetica; font-size: 18px; font-style: normal; font-variant-caps: normal; \
font-weight: normal; letter-spacing: normal; orphans: auto; text-align: start; \
text-indent: 0px; text-transform: none; white-space: normal; widows: auto; \
word-spacing: 0px; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px;" \
class="">https://lists.sourceforge.net/lists/listinfo/bacula-users</a></div></blockquote></div><br \
class=""></div></body></html>
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic