For a while now, I’ve been wondering why I had so many mails (mostly from mailchimp) quarantined.
I have decided to look into it again and I have found that the reason seems to be that they are:
- greylisted by the primary mx, then
- accepted by the secondary mx, then
- forwarded back to the primary mx
However, the primary mx now runs SPAM checks again and determines (rightfully so) that the sending MTA is not matching SPF records.
Example (I have obfuscated both the primary and secondary MX domains as well as the user’s email):
Received: from primary.mx.tld ([172.22.1.253])
by bfee985ab488 with LMTP
id qDskAk001GIyAgAACdSATg
(envelope-from <bounce-mc.us10_139973217.11821513-aa43031c00@mail178.suw101.mcdlv.net>)
for <user@domain.tld>; Sun, 17 Jul 2022 18:09:49 +0200
Received: from quarantine (mailcowdockerized-php-fpm-mailcow-1.mailcowdockerized_mailcow-network [172.22.1.9])
by primary.mx.tld (Postcow) with SMTP id E9DC830050B
for <user@domain.tld>; Sun, 17 Jul 2022 18:09:48 +0200 (CEST)
Received: from mail178.suw101.mcdlv.net (mail178.suw101.mcdlv.net [198.2.184.178])
by secondary.mx.tld (Postfix) with ESMTPS id E3F8EC0167
for <user@domain.tld>; Thu, 14 Jul 2022 11:14:58 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
by mail178.suw101.mcdlv.net (Mailchimp) with ESMTP id 4Lk82b14kSz367gtb
for <user@domain.tld>; Thu, 14 Jul 2022 09:14:47 +0000 (GMT)
I realize I can disable Spam filtering for forwarding hosts on the primary mx, but that doesn’t feel like a great solution to me because it means maintaining Spam filters on two hosts and loosing all the bayes data that has already been accumulated on the primary mx.
I’m curious as to how others are solving this.