[Dovecot] Received header only showing localhost
Hi all,
Im a new dovecot user and a first-time poster so please forgive me if this is a stupid question, or even (as I suspect it might be) not really a Dovecot question.
My system is the fairly typical mix of postfix, amavis-new, and Dovecot. For some reason Ive noticed that when I look at the mail headers for delivered messages the Received header is missing the detail of any external servers that the mail went through, and additionally the tag appears twice; for example the Welcome to the dovecot mailing list email has:
Received: from localhost (localhost [127.0.0.1]) by droplet.the-wyvern.net (Postfix) with ESMTP id DDDD163F73 for <myname@mydomain.net>; Mon, 26 Aug 2013 16:40:19 +0000 (UTC)
Received: from droplet.the-wyvern.net ([127.0.0.1]) by localhost (droplet.the-wyvern.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6AFMiG0TAHUv for <myname@mydomain.net>; Mon, 26 Aug 2013 16:40:17 +0000 (UTC)
Searching through the dovecot.markmail archive I can see this doesnt seem to be too unusual in that there are other examples where folk have posted message headers with the above format, however Im wondering if theres a good reason for it and if I can turn it off? I quite like being able to see where my mail came from :)
If theres a man / wiki page to read somewhere that explains it then please feel free to tell me to RTM (.. long as you also point me in the right direction :p )
Thanks, Matt
Apologies for giving this a gentle nudge, but still confused as to where the headers are going / what's causing them to be removed and hoping someone may have some insight.
Thanks, Matt
-----Original Message----- From: dovecot-bounces@dovecot.org [mailto:dovecot-bounces@dovecot.org] On Behalf Of Matt Devaney Sent: 26 August 2013 17:51 To: dovecot@dovecot.org Subject: [Dovecot] Received header only showing localhost
Hi all,
Im a new dovecot user and a first-time poster so please forgive me if this is a stupid question, or even (as I suspect it might be) not really a Dovecot question.
My system is the fairly typical mix of postfix, amavis-new, and Dovecot. For some reason Ive noticed that when I look at the mail headers for delivered messages the Received header is missing the detail of any external servers that the mail went through, and additionally the tag appears twice; for example the Welcome to the dovecot mailing list email has:
Received: from localhost (localhost [127.0.0.1]) by droplet.the-wyvern.net (Postfix) with ESMTP id DDDD163F73 for <myname@mydomain.net>; Mon, 26 Aug 2013 16:40:19 +0000 (UTC)
Received: from droplet.the-wyvern.net ([127.0.0.1]) by localhost (droplet.the-wyvern.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6AFMiG0TAHUv for <myname@mydomain.net>; Mon, 26 Aug 2013 16:40:17 +0000 (UTC)
Searching through the dovecot.markmail archive I can see this doesnt seem to be too unusual in that there are other examples where folk have posted message headers with the above format, however Im wondering if theres a good reason for it and if I can turn it off? I quite like being able to see where my mail came from :)
If theres a man / wiki page to read somewhere that explains it then please feel free to tell me to RTM (.. long as you also point me in the right direction :p )
Thanks, Matt
On Thu, 29 Aug 2013, Matt Devaney wrote:
Apologies for giving this a gentle nudge, but still confused as to where the headers are going / what's causing them to be removed and hoping someone may have some insight.
Thanks, Matt
I don't know why the mailserver at wyvern.net is stripping stuff, but the reason the two at the top of the list are localhost and the name of the local box is that you have your mailserver set up that way. Mine is the same way. I'm a sendmail guy, not a postfix guy, but notice what happens when I walk through the handshake when sending mail. In this case I'm logged on to my mailserver (hope.billoblog.com) and am sending mail. What does my mailserver do? It talks to itself -- as localhost!
See below:
EHLO hope.billoblog.com 250-hope.billoblog.com Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN 250-STARTTLS 250-DELIVERBY 250 HELP STARTTLS 220 2.0.0 Ready to start TLS EHLO hope.billoblog.com 250-hope.billoblog.com Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN 250-DELIVERBY 250 HELP MAIL From:<vendor@hope.billoblog.com> AUTH=vendor@hope.billoblog.com 250 2.1.0 <vendor@hope.billoblog.com>... Sender ok RCPT To:<oliver@hope.billoblog.com> DATA 250 2.1.5 <oliver@hope.billoblog.com>... Recipient ok 354 Enter mail, end with "." on a line by itself . 250 2.0.0 r7TLVont002782 Message accepted for delivery
/usr/lib/sendmail -v oliver@billoblog.com < /dev/null oliver@billoblog.com... Connecting to [127.0.0.1] via relay... 220 hope.billoblog.com ESMTP Sendmail 8.14.4/8.14.4; Thu, 29 Aug 2013 16:31:50 -0500 oliver@billoblog.com... Sent (r7TLVont002782 Message accepted for delivery) Closing connection to [127.0.0.1]
QUIT 221 2.0.0 hope.billoblog.com closing connection
For me as a sendmail user, the reason it does this (as far as I can tell) is that localhost appears before hope.billoblog.com in the file /etc/access. My /etc/access file looks like:
Connect:localhost.localdomain RELAY Connect:localhost RELAY Connect:127.0.0.1 RELAY Connect:billoblog.com RELAY
If I change that to:
Connect:localhost.localdomain DISCARD Connect:localhost DISCARD Connect:127.0.0.1 DISCARD Connect:billoblog.com RELAY
Then my handshake looks like this. Note that localhost has dropped from the picture.
EHLO hope.billoblog.com 250-hope.billoblog.com Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN 250-STARTTLS 250-DELIVERBY 250 HELP STARTTLS 220 2.0.0 Ready to start TLS EHLO hope.billoblog.com 250-hope.billoblog.com Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN 250-DELIVERBY 250 HELP MAIL From:<oliver@hope.billoblog.com> AUTH=oliver@hope.billoblog.com 250 2.1.0 <oliver@hope.billoblog.com>... Sender ok RCPT To:<oliver@hope.billoblog.com> DATA 250 2.1.5 <oliver@hope.billoblog.com>... Recipient ok 354 Enter mail, end with "." on a line by itself . 250 2.0.0 r7TLn6q4002959 Message accepted for delivery
/usr/lib/sendmail -v oliver@billoblog.com < /dev/null oliver@billoblog.com... Connecting to [127.0.0.1] via relay... 220 hope.billoblog.com ESMTP Sendmail 8.14.4/8.14.4; Thu, 29 Aug 2013 16:49:06 -0500 oliver@billoblog.com... Sent (r7TLn6q4002959 Message accepted for delivery) Closing connection to [127.0.0.1]
QUIT 221 2.0.0 hope.billoblog.com closing connection
Bill / Richard,
Many thanks to both of you for your answers, they helped me take a step back and look at this again - and when I did that I found the problem in under 5 minutes :)
Turns out my first guess (and indeed second guess) was wrong; it had nothing to do with Dovecot (as you'd both said). It was actually Postfix, which is configured to filter headers using the 'headers_check' functionality. I'd noticed this before, but when I saw the following:
/^Received:/ IGNORE
I initially assumed (incorrectly) that 'ignore' meant 'don't try check this header'. It doesn't, it means 'please remove it from the message'
Remove that line and all is well with the world.
Matt
-----Original Message----- From: Bill Oliver [mailto:vendor@billoblog.com] Sent: 29 August 2013 23:01 To: Matt Devaney Cc: dovecot@dovecot.org Subject: Re: [Dovecot] Received header only showing localhost
On Thu, 29 Aug 2013, Bill Oliver wrote:
nonsense
Sorry, belay that -- I misread my own output. Doh. Headsmack. I thought I had fixed that issue but did not.
billo
participants (2)
-
Bill Oliver
-
Matt Devaney