Some postfix questions/issues.

planetinse

Running:
2.2.6-RELEASE (amd64)
built on Mon Dec 21 14:50:08 CST 2015
FreeBSD 10.1-RELEASE-p25

With Postfix package 2.4.6
and mailscanner 0.2.13 8 (not enabled)

got a few questions - OK - lets start with this one

warning: not owned by root: /var/spool/postfix - something I need to care about?

2.
Messages from "internet" - arrives at the postfix server perfectly ok and are queued up - but then it fails to route it inwards, - outgoing mails route just fine.

Sep 9 09:25:53 postfix/qmgr[41741]: 59E8CB111A: from=somone@external.com, size=18858, nrcpt=1 (queue active)
postfix/smtp[63074]: connect to 192.168.1.171[192.168.1.171]:25: Operation timed out
postfix/smtp[63074]: C79A4B1190: to=me@some-interally-hosted-domain.com, relay=none, delay=35, delays=5.4/0.01/30/0, dsn=4.4.1, status=deferred (connect to 192.168.1.171[192.168.1.171]:25: Operation timed out)

Test port results are;
From LAN to internal SMTP server - OK
from 192.168.1.5 to internal SMTP server - OK
from loopback to internal SMTP server - FAIL
from WAN to internal SMTP - FAIL (should fail :-))

postfix has the WAN,LAN, and loopback selected and looks like this in main.cf; (public ip masked)
inet_interfaces = 192.168.1.5,88.88.88.115,127.0.0.1

192.168.1.5 is a LAN CARP ip,  and is the one receiving outgoing mails from internal SMTP
88.88.88.115 is a WAN CARP, ans is the one used for "smtp_bind_address =" and where the MX record is pointing.

I suspect postfix uses WAN interface trying to reach the internal server, need assistance to fix or debug the problem

thanks in advance :-)/me@some-interally-hosted-domain.com/somone@external.com

planetinse

ok issue #2 workaround (not fix in IMO)

1. was to set postfix to listen on LAN address only (192.168.1.5) a CARP address
2. NAT the external IP port 25 to the LAN IP

tried to set postfix to listen on 127.0.0.1 only and NAT both the LAN and WAN ip's to it - but
then i still could not route the mails to LAN.