MajorLinux
9c62e7f804
Documents three more patterns surfaced in the 2026-05-10 fleet-mail investigation, all hitting hosts derived from cloud images or cross-provider migrations: - Packer/snapshot-leftover myhostname (postfix EHLO + message-id identifies the build artifact, not the production hostname; remote spam scorers hate it) - Empty relayhost silently routes mail via the public MX instead of the Tailscale-internal path, exposing it to spamchk that internal traffic bypasses - Stale SASL passwd map referencing a missing file from a previous external-SMTP relay setup, deferring every send with "local data error" Each looks benign in isolation. Together they made dcaprod's Logwatch disappear into spamchk for weeks while showing 250 OK on the source. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| cloud | ||
| dns-networking | ||
| docker | ||
| monitoring | ||
| reverse-proxy | ||
| security | ||
| services | ||
| storage-backup | ||
| index.md | ||