Forwarding bounces to an alias' external email with postfix and a smarthost

1
votes

I'm setting up a web application in the AWS cloud to mail via SES. It's supposed to send out notifications using postfix with the AWS SES server configured as a smarthost. The app uses a postmaster account to send out mails. Sending out emails works fine, but I need to configure bounce handling.

The application sends out an email, if it's delivered, all is fine. But once in a while an email bounces, obvioudly.

As the web app does not include any kind of handling for incoming mail, and I do not just want to silently drop the bounce messages, I opted to forwarding the postmaster's account to an external email address via /etc/aliases. If I send an email directly to postmaster now, it's correctly send to that address. But if postfix receives a bounce, it will try to forward the bounce message and somehow the smarthost refuses the (now outgoing) bounce message with a 501 Invalid From command. If I remove the alias, the bounce is correctly delivered to the local account.

Any idea if this is solvable?

The relevant portions of the postfix log:

Outgoing mail:

postfix/pickup[1909]: 7619943922: uid=1000 from=<[email protected]>
postfix/cleanup[2164]: 7619943922: message-id=<[email protected]>
postfix/qmgr[565]: 7619943922: from=<[email protected]>, size=357, nrcpt=1 (queue active)
postfix/smtp[2166]: 7619943922: to=<[email protected]>, relay=email-smtp.eu-west-1.amazonaws.com[54.72.40.32]:25, status=sent (250 Ok ) #irrelevant things cut out
postfix/qmgr[565]: 7619943922: removed

Incoming bounce and the error when it's supposed to be forwared:

postfix/smtpd[2158]: connect from a3-182.smtp-out.eu-west-1.amazonses.com[54.240.3.182]
postfix/smtpd[2158]: 6B7E44385A: client=a3-182.smtp-out.eu-west-1.amazonses.com[54.240.3.182]
postfix/cleanup[2164]: 6B7E44385A: message-id=<[email protected]>
postfix/qmgr[565]: 6B7E44385A: from=<>, size=2305, nrcpt=1 (queue active)
postfix/cleanup[2164]: 6D93E43922: message-id=<[email protected]>
postfix/qmgr[565]: 6D93E43922: from=<>, size=2432, nrcpt=1 (queue active)
postfix/local[2167]: 6B7E44385A: to=<[email protected]>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (forwarded as 6D93E43922)
postfix/qmgr[565]: 6B7E44385A: removed
postfix/smtp[2166]: 6D93E43922: to=<[email protected]>, orig_to=<[email protected]>, relay=email-smtp.eu-west-1.amazonaws.com[52.213.60.48]:25, delay=0.09, delays=0/0/0.09/0, dsn=5.0.0, status=bounced (host email-smtp.eu-west-1.amazonaws.com[52.213.60.48] said: 501 Invalid MAIL FROM address provided (in reply to MAIL FROM command))
postfix/qmgr[565]: 6D93E43922: removed
1
amazon-web-servicespostfix-mta

1 Answers

1
votes

Instead of handling bounces on the sending host I suggest you use the bounce handling integrated into Amazon SES, which offers the ability to forward all bounces to an email address (or SNS topic) of your choosing. For more information have a look at the documentation: https://docs.aws.amazon.com/ses/latest/DeveloperGuide/monitor-sending-using-notifications.html

One advantage of that approach is that you don't have to rely on your own infrastructure to forward the bounces, while another is that you can handle complaints from ISPs the same way.