Hello,
we have made the first catch-up-the-release step from stable working
Ciphermail 4.6.2 to the latest 4.x version 4.11. After that all looks
well but we get the following warning all the time:
WARN XFORWARD error code: 550
(org.apache.james.transport.mailets.RemoteDelivery) [Remote delivery
thread (0)]
The only thing we have found in the release notes which might be
related is from version 4.9.1:
"X-Forward-For header is now by default removed unless the IP address
comes from a trusted proxy (see /etc/httpd/conf.d/x-forward-for.xml)
[PRO/ENT]."
Any idea what Ciphermail actually is complaining about?
Thanks
Andreas
The most likely reason for this error is that Postfix does not allow
the XFORWARD for command from the back-end to postfix.
Check whether postfix main config contains the following line:
smtpd_authorized_xforward_hosts = 127.0.0.1/32
See Postfix Configuration Parameters for more information on smt
pd_authorized_xforward_hosts
Kind regards,
Martijn Brinkers
···
On Thu, 2022-04-28 at 14:55 +0000, Andi via Users wrote:
Hello,
we have made the first catch-up-the-release step from stable
working
Ciphermail 4.6.2 to the latest 4.x version 4.11. After that all
looks
well but we get the following warning all the time:
WARN XFORWARD error code: 550
(org.apache.james.transport.mailets.RemoteDelivery) [Remote
delivery
thread (0)]
The only thing we have found in the release notes which might be
related is from version 4.9.1:
"X-Forward-For header is now by default removed unless the IP
address
comes from a trusted proxy (see /etc/httpd/conf.d/x-forward-
for.xml)
[PRO/ENT]."
Any idea what Ciphermail actually is complaining about?
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger
Zitat von Martijn Brinkers <martijn(a)ciphermail.com>:
Hello,
we have made the first catch-up-the-release step from stable
working
Ciphermail 4.6.2 to the latest 4.x version 4.11. After that all
looks
well but we get the following warning all the time:
WARN XFORWARD error code: 550
(org.apache.james.transport.mailets.RemoteDelivery) [Remote
delivery
thread (0)]
The only thing we have found in the release notes which might be
related is from version 4.9.1:
"X-Forward-For header is now by default removed unless the IP
address
comes from a trusted proxy (see /etc/httpd/conf.d/x-forward-
for.xml)
[PRO/ENT]."
Any idea what Ciphermail actually is complaining about?
The most likely reason for this error is that Postfix does not allow
the XFORWARD for command from the back-end to postfix.
Check whether postfix main config contains the following line:
smtpd_authorized_xforward_hosts = 127.0.0.1/32
See Postfix Configuration Parameters for more information on smt
pd_authorized_xforward_hosts
Kind regards,
Martijn Brinkers
Hm, ok
we have a custom forward from ciphermail to AV-Scanner. It could be
the problem that the SMTP engine for this product does not support
XFORWARD at all. I will check it.
Do we have a possibility to not use XFORWARD from ciphermail side?
Regards
Andreas
···
On Thu, 2022-04-28 at 14:55 +0000, Andi via Users wrote:
You can try to (XML) comment the following line in the file config.xml
(I haven't tested it though):
<xForward> true </xForward>
Then restart the back-end.
Please note that this might be overwritten on an update
Alternatively you might try to configure the postfix reinjection port
to forward the email to the AV-scanner after the back-end sent the mail
back to postfix.
Kind regards,
Martijn Brinkers
···
On Thu, 2022-04-28 at 15:09 +0000, Andi via Users wrote:
Zitat von Martijn Brinkers <martijn(a)ciphermail.com>:
> On Thu, 2022-04-28 at 14:55 +0000, Andi via Users wrote:
> > Hello,
> >
> > we have made the first catch-up-the-release step from stable
> > working
> > Ciphermail 4.6.2 to the latest 4.x version 4.11. After that all
> > looks
> > well but we get the following warning all the time:
> >
> > WARN XFORWARD error code: 550
> > (org.apache.james.transport.mailets.RemoteDelivery) [Remote
> > delivery
> > thread (0)]
> >
> > The only thing we have found in the release notes which might be
> > related is from version 4.9.1:
> >
> > "X-Forward-For header is now by default removed unless the IP
> > address
> > comes from a trusted proxy (see /etc/httpd/conf.d/x-forward-
> > for.xml)
> > [PRO/ENT]."
> >
> > Any idea what Ciphermail actually is complaining about?
>
> The most likely reason for this error is that Postfix does not
> allow
> the XFORWARD for command from the back-end to postfix.
>
> Check whether postfix main config contains the following line:
>
> smtpd_authorized_xforward_hosts = 127.0.0.1/32
>
> See Postfix Configuration Parameters for more information on
> smt
> pd_authorized_xforward_hosts
>
>
> Kind regards,
>
> Martijn Brinkers
Hm, ok
we have a custom forward from ciphermail to AV-Scanner. It could be
the problem that the SMTP engine for this product does not support
XFORWARD at all. I will check it.
Do we have a possibility to not use XFORWARD from ciphermail side?
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger