Here’s the updated version with the replacements you requested:
Hi everyone,
I’ve recently encountered an issue and I’m hoping to get some advice here.
I run a Mailcow mail server, and a friend uses my server as a relay for his Exchange Server, which unfortunately only has a dynamic IP. To handle this, I have a script that regularly checks the DynDNS of the Exchange Server and updates the address in Postfix’s extra.cf file:
extra.cf:
myhostname = mail.mydomain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 [fe80::]/10 172.22.1.0/24 [fd4d:6169:6c63:6f77::]/64 185.xx.xx.227/32
This setup has worked flawlessly until yesterday. In rspamd, I used to get logs like this:
HFILTER_HOSTNAME_UNKNOWN (8.5)
IP_REPUTATION_SPAM (5.553349) [asn: 9063(0.40), country: DE(-0.01), ip: 185.xx.xx.227(1.00)]
BAYES_HAM (-5.5) [99.99%]
MIME_BASE64_TEXT (0.1)
MIME_GOOD (-0.1) [multipart/mixed,multipart/alternative,text/plain]
MX_GOOD (-0.01) []
FROM_EQ_ENVFROM (0)
MAILCOW_DOMAIN_HEADER_FROM (0) [friendsdomain.com]
Emails were delivered without any issues.
However, starting today, I’m getting errors like these:
SPOOFED_UNAUTH (50)
HFILTER_HOSTNAME_UNKNOWN (8.5)
R_SPF_FAIL (8) [-all]
DMARC_POLICY_QUARANTINE (8) [friendsdomain.com : No valid SPF, No valid DKIM,quarantine]
IP_REPUTATION_SPAM (5.55427) [asn: 9063(0.40), country: DE(-0.01), ip: 185.xx.xx.227(1.00)]
BAYES_HAM (-5.5) [99.99%]
I haven’t changed anything in the setup, including the SPF/DKIM settings, and my friend also hasn’t made any changes on the Exchange Server.
Additionally, here’s the relevant part of the Postfix log:
17.09.2024, 15:57:52 info disconnect from unknown[185.xx.xx.227] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 quit=1 commands=6/7
17.09.2024, 15:57:52 info 8688B32006A: milter-reject: END-OF-MESSAGE from unknown[185.xx.xx.227]: 5.7.1 This message does not meet our delivery requirements; from=<hofmann@friendsdomain.com> to=<jonathan@mydomain.de> proto=ESMTP helo=<mail.mydomain.de>
17.09.2024, 15:57:51 info 8688B32006A: message-id=<86f54384578249db88248043c7391ea6@friendsdomain.com>
17.09.2024, 15:57:51 info 8688B32006A: client=unknown[185.xx.xx.227]
17.09.2024, 15:57:51 info Anonymous TLS connection established from unknown[185.xx.xx.227]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
17.09.2024, 15:57:48 info connect from unknown[185.xx.xx.227]
17.09.2024, 15:57:48 warning warning: hostname 227-xxx-xxx-185.ip-addr.ewr.de does not resolve to address 185.xx.xx.227: Name or service not known
17.09.2024, 15:57:48 info ALLOWLISTED [185.xx.xx.227]:14729
17.09.2024, 15:57:48 info CONNECT from [185.xx.xx.227]:14729 to [172.22.1.253]:25
Does anyone have an idea what could be causing this or what I should check?
Thanks in advance for your help!