{"id":"c0986","filename":"c0986_smtp_relay_eu_new.dok.json","weise3_id":"4679fc47a2418df2e2108230ab77e6ebb76a4dc86f0ce65493458220abe79dd2","tip":"infrastruktura","naziv":"SMTP relay lanac EU:25 → nginx:2525 → SSH_tunel:2526 → NEW:25 → genesis_mail","kreator":"genesis","datum":"","snippet":"","status":"","prev_weise3":"","bunker_l":"#4484ff","full":{"tip":"infrastruktura","naziv":"SMTP relay lanac EU:25 → nginx:2525 → SSH_tunel:2526 → NEW:25 → genesis_mail","sto_treba":"Postavljanje SMTP relay lanca između EU i NEW servera za Genesis Email Vault redundanciju","faze":{"1_korak":"DONE — provjera portova: IONOS blokira SVE SMTP portove (25/587/465/2525) između EU (Hetzner) i NEW (IONOS) na mrežnoj razini","2_korak":"DONE — NEW Postfix konfiguriran: submission port 587 dodan, virtual_mailbox_maps=regexp:/etc/postfix/genesis_virtual, mydestination konfiguiran bez genesis.limit-connect.com konflikta","3_korak":"DONE — EU nginx stream modul instaliran (libnginx-mod-stream), stream blok dodan u nginx.conf, stream.conf.d/smtp_relay.conf kreiran","4_korak":"DONE — SSH persistent tunel servis: /etc/systemd/system/genesis-smtp-tunnel.service (EU:2526 → root@31.70.90.84:25 via bunker_hetzner_key). nginx relay: EU:2525 → localhost:2526","5_korak":"DONE — End-to-end test uspješan: mail poslan kroz EU:2525→SSH_tunel→NEW:25→genesis_mail, upisan u genesis_inbox (id=2, weise3_abc123def456789a)"},"zakon":"ZAKON 3 trojna pohrana, ZAKON 17 BORG pull-only, ZAKON 40 GenesisLogin identity","arhitektura":{"primarni_tok":"vanjski MX → EU:25 (A zapis = 217.160.71.124) → inbox_pipe.py → genesis_inbox na EU","relay_tok":"lokalni sendmail na EU → EU:2525 → nginx stream → SSH tunel EU:2526 → NEW:25 → inbox_pipe.py → genesis_inbox na NEW","ssh_tunel_servis":"/etc/systemd/system/genesis-smtp-tunnel.service (enabled, active)","nginx_stream":"/etc/nginx/stream.conf.d/smtp_relay.conf (EU:2525 → 127.0.0.1:2526)","new_postfix":"submission port 587 aktivan, regexp virtual_mailbox_maps, myhostname=smtp.genesis.limit-connect.com"},"napomene":["IONOS blokira inter-server SMTP — jedini prolaz je SSH tunel","EU je primarni mail server (MX/A zapis → EU), NEW je backup relay","NEW mydestination bio u konfliktu s virtual_mailbox_domains — popravljeno","nginx stream modul bio dynamic — trebalo je instalirati libnginx-mod-stream"],"svjedok":"CC_agent, 2026-05-18T18:50:00Z","weise3_id":"4679fc47a2418df2e2108230ab77e6ebb76a4dc86f0ce65493458220abe79dd2"}}