Recipient BCC map not working when ext. mailserver is listed in "Forwarding Hosts" #6020

bodeme · 2024-08-16T17:38:15Z

Contribution guidelines

I've read the contribution guidelines and wholeheartedly agree

I've found a bug and checked that ...

... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
... I have understood that answers are voluntary and community-driven, and not commercial support.
... I have verified that my issue has not been already answered in the past. I also checked previous issues.

Description

I've added a "recipient bcc map" entry for a local mailaddress ([email protected]) to another local mailaddress ([email protected]). Incoming mails from external servers are correctly placed as a copy in [email protected], except when the external server is marked as a "forwarding host" with an inactive spamfilter. 

It works for all other hosts and it also works, when the spamfilter is active for a forwarding-host.

Logs:

For a forwarding host with inactive spamfilter:

rspamd_task_write_log: id: <XXX>, qid: <24EDAA8C2C>, ip: XX.XX.XX.XX, from: <[email protected]>, (default: F (no action): [0.00/15.00] []), len: 1396, time: 2.609ms, dns req: 0, digest: <4b4363fd963c2b652ee044181df1d3d1>, rcpts: <[email protected]>, mime_rcpts: <[email protected]>, forced: no action "ip matched with forward hosts"; score=nan (set by Unknown lua)

========

For a server not defined as a forwarding host:

rspamd_task_write_log: id: <XXX>, qid: <33055B09B1>, ip: XX.XX.XX.XX, from: <[email protected]>, (default: F (no action): [-2.41/15.00] [IP_REPUTATION_HAM(-1.40){asn: 15169...O_MATCH_ENVRCPT_ALL(0.00){}]), len: 2599, time: 578.629ms, dns req: 28, digest: <6b6729d9ed13da9d790981ab2b244cd1>, rcpts: <[email protected]>, mime_rcpts: <[email protected]>
[...]
postfix/lmtp[24563]: 8C5A1B09CB: to=<[email protected]>, relay=dovecot[fd4d:6169:6c63:6f77::c]:24, delay=0.12, delays=0.04/0.03/0.01/0.04, dsn=2.0.0, status=sent (250 2.0.0 <[email protected]> kL8NJUGKv2ZNawIAc7AXsA Saved)

Steps to reproduce:

1. Have the IPv4 and IPv6 of a third party mailserver
2. Add both addresses in Admin > Options > Forwarding Hosts with spamfilter inactive
3. Add a mailbox [email protected]
4. Add a mailbox [email protected]
5. Add a bcc map in "Address rewriting" 
* Local Destination: [email protected]
* BCC Type Recipient map
* BCC destination: [email protected]


6. Send a mail to [email protected]
7. No BCC-Mail found in [email protected]

8. Remove forwarding-host rules
9. Send a mail to [email protected]
10. BCC-Mail found in [email protected]

Which branch are you using?

master

Which architecture are you using?

x86

Operating System:

Ubuntu 22.04.4 LTS

Server/VM specifications:

8 GB RAM, 6 vCPUs

Is Apparmor, SELinux or similar active?

yes

Virtualization technology:

KVM

Docker version:

27.1.2

docker-compose version or docker compose version:

v2.29.1

mailcow version:

2024-07

Reverse proxy:

Logs of git diff:

empty

Logs of iptables -L -vn:

Chain INPUT (policy ACCEPT 1002 packets, 136K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 692K  322M MAILCOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* mailcow */
75464   18M ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           
 551K  302M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
 3901  315K ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
    0     0 ACCEPT     tcp  --  *      *       XXX       0.0.0.0/0            tcp dpt:22
    0     0 ACCEPT     tcp  --  *      *       XXX       0.0.0.0/0            tcp dpt:22
 8500  510K ACCEPT     tcp  --  *      *       XXX       0.0.0.0/0            tcp dpt:5666
  331 16892 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:22
52220 2183K DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
7326K 2525M MAILCOW    all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* mailcow */
7310K 2524M DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
6708K 2162M DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
5525K 1489M ACCEPT     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
 364K   23M DOCKER     all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0           
 818K  650M ACCEPT     all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0           
 364K   23M ACCEPT     all  --  br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 776K packets, 77M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.249         tcp dpt:6379
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.5           tcp dpt:8983
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.6           tcp dpt:3306
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:110
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:143
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:993
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:995
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:4190
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.9           tcp dpt:80
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.9           tcp dpt:443
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.250         tcp dpt:12345
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:25
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:465
    0     0 ACCEPT     tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            172.22.1.253         tcp dpt:587

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 818K  650M DOCKER-ISOLATION-STAGE-2  all  --  br-mailcow !br-mailcow  0.0.0.0/0            0.0.0.0/0           
    0     0 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0           
6708K 2162M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all  --  *      br-mailcow  0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0           
 818K  650M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 591K  362M ACCEPT     all  --  eth0   *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
  601 32092 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80
 4583  279K ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443
 2696  158K ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25
  116  6768 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:465
   40  2208 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:587
   37  2020 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:110
   69  3848 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:143
 2765  165K ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:993
  126  7368 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:995
   15   820 ACCEPT     tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            tcp dpt:4190
    0     0 DROP       all  --  eth0   *       0.0.0.0/0            0.0.0.0/0           
6708K 2162M RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain MAILCOW (2 references)
 pkts bytes target     prot opt in     out     source               destination         
   60  3487 DROP       all  --  *      *       181.117.164.96/28    0.0.0.0/0           
    3   187 DROP       all  --  *      *       181.117.164.96/28    0.0.0.0/0           
  389 23260 DROP       all  --  *      *       194.169.175.64/28    0.0.0.0/0           
    0     0 DROP       tcp  --  !br-mailcow br-mailcow  0.0.0.0/0            0.0.0.0/0            /* mailcow isolation */

Logs of ip6tables -L -vn:

Chain INPUT (policy ACCEPT 18873 packets, 1293K bytes)
 pkts bytes target     prot opt in     out     source               destination         
 160K   16M MAILCOW    all      *      *       ::/0                 ::/0                 /* mailcow */
    0     0 ACCEPT     all      lo     *       ::/0                 ::/0                
 128K   14M ACCEPT     all      eth0   *       ::/0                 ::/0                 state RELATED,ESTABLISHED
11854  913K ACCEPT     icmpv6    eth0   *       ::/0                 ::/0                
   69  5520 ACCEPT     tcp      eth0   *       XXX  ::/0                 tcp dpt:22
    4   320 ACCEPT     tcp      eth0   *       XXX  ::/0                 tcp dpt:22
    0     0 ACCEPT     tcp      eth0   *       XXX    ::/0                 tcp dpt:22
    9   628 DROP       tcp      eth0   *       ::/0                 ::/0                 tcp dpt:22
  838 56286 DROP       tcp      eth0   *       ::/0                 ::/0                

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
1848K 6572M MAILCOW    all      *      *       ::/0                 ::/0                 /* mailcow */
1848K 6572M DOCKER-USER  all      *      *       ::/0                 ::/0                
1660K 6533M DOCKER-ISOLATION-STAGE-1  all      *      *       ::/0                 ::/0                
1330K 6440M ACCEPT     all      *      br-mailcow  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
 146K   10M DOCKER     all      *      br-mailcow  ::/0                 ::/0                
 184K   83M ACCEPT     all      br-mailcow !br-mailcow  ::/0                 ::/0                
 146K   10M ACCEPT     all      br-mailcow br-mailcow  ::/0                 ::/0                
    0     0 ACCEPT     all      *      docker0  ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all      *      docker0  ::/0                 ::/0                
    0     0 ACCEPT     all      docker0 !docker0  ::/0                 ::/0                
    0     0 ACCEPT     all      docker0 docker0  ::/0                 ::/0                

Chain OUTPUT (policy ACCEPT 130K packets, 1049M bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::c  tcp dpt:110
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::c  tcp dpt:143
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::c  tcp dpt:993
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::c  tcp dpt:995
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::c  tcp dpt:4190
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::d  tcp dpt:80
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::d  tcp dpt:443
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::11  tcp dpt:25
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::11  tcp dpt:465
    0     0 ACCEPT     tcp      !br-mailcow br-mailcow  ::/0                 fd4d:6169:6c63:6f77::11  tcp dpt:587

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 184K   83M DOCKER-ISOLATION-STAGE-2  all      br-mailcow !br-mailcow  ::/0                 ::/0                
    0     0 DOCKER-ISOLATION-STAGE-2  all      docker0 !docker0  ::/0                 ::/0                
1660K 6533M RETURN     all      *      *       ::/0                 ::/0                

Chain DOCKER-ISOLATION-STAGE-2 (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       all      *      br-mailcow  ::/0                 ::/0                
    0     0 DROP       all      *      docker0  ::/0                 ::/0                
 184K   83M RETURN     all      *      *       ::/0                 ::/0                

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 179K   38M ACCEPT     all      eth0   *       ::/0                 ::/0                 ctstate RELATED,ESTABLISHED
   32  2352 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:80
 8724  732K ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:443
   34  2464 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:25
    6   408 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:465
    7   520 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:587
    5   324 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:110
   29  2082 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:143
  207 16524 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:993
   15  1148 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:995
    1    80 ACCEPT     tcp      eth0   *       ::/0                 ::/0                 tcp dpt:4190
    0     0 DROP       all      eth0   *       ::/0                 ::/0                
1660K 6533M RETURN     all      *      *       ::/0                 ::/0                

Chain MAILCOW (2 references)
 pkts bytes target     prot opt in     out     source               destination         
   95 13070 DROP       all      *      *       2803:9800:9095:7a2e::/64  ::/0

Logs of iptables -L -vn -t nat:

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
92090 4721K DOCKER     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DOCKER     all  --  *      *       0.0.0.0/0           !127.0.0.0/8          ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 159K   12M MASQUERADE  all  --  *      !br-mailcow  172.22.1.0/24        0.0.0.0/0           
    0     0 MASQUERADE  all  --  *      !docker0  172.17.0.0/16        0.0.0.0/0           
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.249         172.22.1.249         tcp dpt:6379
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.5           172.22.1.5           tcp dpt:8983
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.6           172.22.1.6           tcp dpt:3306
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:110
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:143
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:993
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:995
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:4190
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.9           172.22.1.9           tcp dpt:80
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.9           172.22.1.9           tcp dpt:443
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.250         172.22.1.250         tcp dpt:12345
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:25
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:465
    0     0 MASQUERADE  tcp  --  *      *       172.22.1.253         172.22.1.253         tcp dpt:587

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     all  --  br-mailcow *       0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     all  --  docker0 *       0.0.0.0/0            0.0.0.0/0           
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:18983 to:172.22.1.5:8983
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:7654 to:172.22.1.249:6379
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:13306 to:172.22.1.6:3306
   40  2176 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:110 to:172.22.1.250:110
   69  3848 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:143 to:172.22.1.250:143
 2773  166K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:993 to:172.22.1.250:993
  126  7368 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:995 to:172.22.1.250:995
   15   820 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:4190 to:172.22.1.250:4190
  601 32092 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:80 to:172.22.1.9:80
 4583  279K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:443 to:172.22.1.9:443
    0     0 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            127.0.0.1            tcp dpt:19991 to:172.22.1.250:12345
 2704  159K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:25 to:172.22.1.253:25
15536  932K DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:465 to:172.22.1.253:465
   57  3228 DNAT       tcp  --  !br-mailcow *       0.0.0.0/0            0.0.0.0/0            tcp dpt:587 to:172.22.1.253:587

Logs of ip6tables -L -vn -t nat:

Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
12792 1115K DOCKER     all      *      *       ::/0                 ::/0                 ADDRTYPE match dst-type LOCAL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    3   240 DOCKER     all      *      *       ::/0                !::1                  ADDRTYPE match dst-type LOCAL

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
35672 3487K MASQUERADE  all      *      !br-mailcow  fd4d:6169:6c63:6f77::/64  ::/0                
    0     0 MASQUERADE  all      *      !docker0  fd00:dead:beef:c0::/80  ::/0                
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::c  fd4d:6169:6c63:6f77::c  tcp dpt:110
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::c  fd4d:6169:6c63:6f77::c  tcp dpt:143
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::c  fd4d:6169:6c63:6f77::c  tcp dpt:993
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::c  fd4d:6169:6c63:6f77::c  tcp dpt:995
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::c  fd4d:6169:6c63:6f77::c  tcp dpt:4190
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::d  fd4d:6169:6c63:6f77::d  tcp dpt:80
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::d  fd4d:6169:6c63:6f77::d  tcp dpt:443
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::11  fd4d:6169:6c63:6f77::11  tcp dpt:25
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::11  fd4d:6169:6c63:6f77::11  tcp dpt:465
    0     0 MASQUERADE  tcp      *      *       fd4d:6169:6c63:6f77::11  fd4d:6169:6c63:6f77::11  tcp dpt:587

Chain DOCKER (2 references)
 pkts bytes target     prot opt in     out     source               destination         
   16  1280 RETURN     all      br-mailcow *       ::/0                 ::/0                
    0     0 RETURN     all      docker0 *       ::/0                 ::/0                
   10   684 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:110 to:[fd4d:6169:6c63:6f77::c]:110
   29  2082 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:143 to:[fd4d:6169:6c63:6f77::c]:143
  211 16812 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:993 to:[fd4d:6169:6c63:6f77::c]:993
   15  1148 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:995 to:[fd4d:6169:6c63:6f77::c]:995
    1    80 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:4190 to:[fd4d:6169:6c63:6f77::c]:4190
   32  2352 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:80 to:[fd4d:6169:6c63:6f77::d]:80
 8724  732K DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:443 to:[fd4d:6169:6c63:6f77::d]:443
   40  2896 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:25 to:[fd4d:6169:6c63:6f77::11]:25
    9   648 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:465 to:[fd4d:6169:6c63:6f77::11]:465
    9   664 DNAT       tcp      !br-mailcow *       ::/0                 ::/0                 tcp dpt:587 to:[fd4d:6169:6c63:6f77::11]:587

DNS check:

172.64.155.249
104.18.32.7

The text was updated successfully, but these errors were encountered:

DerLinkman · 2024-08-19T08:54:54Z

I think BCC Maps are handled by Rspamd too, which means if you set a Forward_Host Type it exclude it from any filtering, but why the BCC maps are not working is unclear tho... but i think it is related to it!

bodeme added the bug label Aug 16, 2024

bodeme changed the title ~~Recipient BCC map not working when sending service is listed in "Forwarding Hosts"~~ Recipient BCC map not working when ext. mailserver is listed in "Forwarding Hosts" Aug 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Recipient BCC map not working when ext. mailserver is listed in "Forwarding Hosts" #6020

Recipient BCC map not working when ext. mailserver is listed in "Forwarding Hosts" #6020

bodeme commented Aug 16, 2024 •

edited

Loading

DerLinkman commented Aug 19, 2024

Recipient BCC map not working when ext. mailserver is listed in "Forwarding Hosts" #6020

Recipient BCC map not working when ext. mailserver is listed in "Forwarding Hosts" #6020

Comments

bodeme commented Aug 16, 2024 • edited Loading

Contribution guidelines

I've found a bug and checked that ...

Description

Logs:

Steps to reproduce:

Which branch are you using?

Which architecture are you using?

Operating System:

Server/VM specifications:

Is Apparmor, SELinux or similar active?

Virtualization technology:

Docker version:

docker-compose version or docker compose version:

mailcow version:

Reverse proxy:

Logs of git diff:

Logs of iptables -L -vn:

Logs of ip6tables -L -vn:

Logs of iptables -L -vn -t nat:

Logs of ip6tables -L -vn -t nat:

DNS check:

DerLinkman commented Aug 19, 2024

bodeme commented Aug 16, 2024 •

edited

Loading