Hi, folks,
I'm trying to understand why an error is sending mail to our
quarantine server.
Our routing is a little odd: In this specific case, mail goes from the
user to Google SMTP, where it is routed back to our inbound SMTP server.
Normally that server would route it to our LISTSERV server, which would
then process the mail. However, what I'm actually seeing happen in the logs
is mail being routed to our quarantine server:
2022-04-25 08:49:02 1niz5K-0003V5-8b <= <> H=mail-pf1-f199.google.com
[209.85.210.199] P=esmtps X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no K
S=131877 id=6266A6CA.0A40BC.01172@???
2022-04-25 08:49:02 1niz5K-0003V5-8b [our mail quarantine node's IP
address] SSL verify error: depth=0 error=self signed certificate
cert=/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=
quarantinenode.ualr.edu/emailAddress=root@???
2022-04-25 08:49:02 1niz5K-0003V5-8b [our mail quarantine node's IP
address] SSL verify error: depth=0 error=certificate has expired
cert=/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=
quarantinenode.ualr.edu/emailAddress=root@???
2022-04-25 08:49:02 1niz5K-0003V5-8b => a-local-address@???
R=quarantine T=remote_smtp H=quarantinenode.ualr.edu [our mail quarantine
node's IP address] X=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no K C="250-
130368 byte chunk, total 134166\\n250 OK id=1niz5K-000BpD-Dx"
2022-04-25 08:49:02 1niz5K-0003V5-8b Completed
I'm trying to understand this log excerpt. What exactly is triggering
the R=quarantine flag?
Thanks,
John A
--
John Adams
Senior Linux/Middleware Administrator | Information Technology Services
+1-501-916-3010 | jxadams@??? |
http://ualr.edu/itservices
*UA Little Rock*
Reminder: IT Services will never ask for your password over the phone or
in an email. Always be suspicious of requests for personal information that
come via email, even from known contacts. For more information or to
report suspicious email, visit IT Security
<
http://ualr.edu/itservices/security/>.
