Mailcow update broke MX backup

Carlotronics

Hello,

First of all, thank you to the whole community of developers and testers for this project, which I appreciate very much.

[In the rest of the post, my domain name will be replaced by domain.tld, the IP of the main MX server with 1.1.1.1 and that of the MX 2 by 2.2.2.2].

I installed in early June 2020 a Mailcow instance on a server with a dedicated IPv4, and a correctly defined PTR record on it.
Then, following this guide, I configured a 2nd server as a secondary MX for my domain, so that it keeps cached emails when the main server encounters problems. However, I didn’t configure relay_recipients on this second server, preferring to let Mailcow take care of this part.

I had not, since these two installations, made any update on these two servers (yes it’s bad).
I updated Mailcow yesterday, and, since then, the secondary server seems not to be able to relay incoming mails anymore: they remain in queue, with the status mail for domain.tld loops back to myself.
From what I understood, this error could be caused by an identical hostname on both servers; however this is not the case, the Mailcow server having as name mail.domain.tld, and the MX 2, mx2.domain.tld.

Translated with www.DeepL.com/Translator (free version)

State of the queue on MX 2 (obtained with postqueue -p):

-Queue ID-  --Size-- ----Arrival Time---- -Sender/Recipient-------
1A0AD23F08B     3174 Mon Dec  7 11:39:57  some_gmail_user@gmail.com
                                    (mail for domain.tld loops back to myself)
                                         existing_user@domain.tld

Logs on mail.domain.tld when running postqueue -i 1A0AD23F08B on MX 2:

postfix-mailcow_1    | Dec  7 15:10:57 mail postfix/postscreen[1517]: CONNECT from [2.2.2.2]:45902 to [172.22.1.11]:25
php-fpm-mailcow_1    | fd4d:6169:6c63:6f77::d -  07/Dec/2020:15:10:57 +0100 "GET /forwardinghosts.php" 200
nginx-mailcow_1      | fd4d:6169:6c63:6f77::f - - [07/Dec/2020:15:10:57 +0100] "GET /forwardinghosts.php?host=2.2.2.2 HTTP/1.1" 200 20 "-" "curl/7.64.0"
postfix-mailcow_1    | Dec  7 15:10:57 mail whitelist_forwardinghosts: Look up 2.2.2.2 on whitelist, result 200 PERMIT
postfix-mailcow_1    | Dec  7 15:10:57 mail postfix/postscreen[1517]: WHITELISTED [2.2.2.2]:45902
postfix-mailcow_1    | Dec  7 15:10:57 mail postfix/smtpd[1525]: connect from mx2.domain.tld[2.2.2.2]
postfix-mailcow_1    | Dec  7 15:10:58 mail postfix/smtpd[1525]: Anonymous TLS connection established from mx2.domain.tld[2.2.2.2]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
postfix-mailcow_1    | Dec  7 15:10:58 mail postfix/smtpd[1525]: disconnect from mx2.domain.tld[2.2.2.2] ehlo=1 starttls=1 quit=1 commands=3

I attach main.cf of both MX1 (Mailcow server) and MX2 (SImple postfix backup server), if needed.

mx1-main.cf

8kB

mx2-main.cf

2kB

Thanks in advance for your precious help !!

Regards,

Charles

Carlotronics

Finally, the problem had nothing to do with Mailcow…
The secondary server doesn’t know directly its public IP, it goes through a router with a NAT mechanism, so it was trying to forward the mail to itself, hence the message mail for domain.tld loops back to myself.

I solved the problem by adding a line proxy_interfaces = 2.2.2 in his main.cf file.