Hi Magnus,
On Mon, 30 Mar 2009, Magnus Bäck wrote:
On Monday, March 30, 2009 at 17:07 CEST,
Tom Diehl <tdi...@rogueind.com> wrote:
I have a machine running postfix 2.2.8. I recently noticed that it is
putting messages in the queue for non-existent users and then trying
to send bounce messages. Can someone please look at the following
postconf -n output and tell me what I have screwed up? I really want
to stop this but I am not seeing the problem.
"postconf -n" output is good, but without logs we can only guess what
the problem is.
Ok, here are the logs produced by me telnetting to port 25 from a machine
outside my local network and sending a message:
Mar 30 17:30:13 foghorn postfix/smtpd[8574]: D34AFF244:
client=shell4.sea5.speakeasy.net[69.17.116.5]
Mar 30 17:30:33 foghorn postfix/cleanup[8602]: D34AFF244:
message-id=<20090330213013.d34aff...@mail.tntechs.com>
Mar 30 17:30:33 foghorn postfix/qmgr[15503]: D34AFF244:
from=<f...@tntechs.com>, size=374, nrcpt=1 (queue active)
Mar 30 17:30:33 foghorn postfix/smtpd[8605]: connect from unknown[127.0.0.1]
Mar 30 17:30:33 foghorn postfix/smtpd[8605]: D2D8AF247:
client=unknown[127.0.0.1]
Mar 30 17:30:33 foghorn postfix/cleanup[8602]: D2D8AF247:
message-id=<20090330213013.d34aff...@mail.tntechs.com>
Mar 30 17:30:33 foghorn postfix/qmgr[15503]: D2D8AF247:
from=<f...@tntechs.com>, size=917, nrcpt=1 (queue active)
Mar 30 17:30:33 foghorn postfix/smtpd[8605]: disconnect from unknown[127.0.0.1]
Mar 30 17:30:33 foghorn amavis[7197]: (07197-08) Passed, <f...@tntechs.com> ->
<r...@rogueind.com>, Message-ID: <20090330213013.d34aff...@mail.tntechs.com>, Hits:
-0.725
Mar 30 17:30:33 foghorn postfix/smtp[8603]: D34AFF244: to=<r...@rogueind.com>,
relay=127.0.0.1[127.0.0.1], delay=46, status=sent (250 2.6.0 Ok, id=07197-08, from
MTA: 250 Ok: queued as D2D8AF247)
Mar 30 17:30:33 foghorn postfix/qmgr[15503]: D34AFF244: removed
Mar 30 17:30:33 foghorn postfix/local[8606]: D2D8AF247: to=<r...@rogueind.com>,
relay=local, delay=0, status=bounced (unknown user: "rice")
Mar 30 17:30:33 foghorn postfix/cleanup[8602]: E8723F249:
message-id=<20090330213033.e8723f...@mail.tntechs.com>
Mar 30 17:30:33 foghorn postfix/qmgr[15503]: E8723F249: from=<>, size=2527,
nrcpt=1 (queue active)
Mar 30 17:30:34 foghorn postfix/qmgr[15503]: D2D8AF247: removed
Mar 30 17:30:34 foghorn postfix/local[8606]: E8723F249: to=<f...@tntechs.com>,
relay=local, delay=1, status=sent (delivered to command: /usr/bin/procmail -t)
Mar 30 17:30:34 foghorn postfix/qmgr[15503]: E8723F249: removed
Mar 30 17:30:37 foghorn postfix/smtpd[8574]: disconnect from
shell4.sea5.speakeasy.net[69.17.116.5]
As you can see, the user "rice" does not exist.
(foghorn pts2) # postconf -n alias_database = hash:/etc/postfix/aliases
hash:/etc/postfix/local.maps/local.aliases
alias_maps = hash:/etc/postfix/aliases
hash:/etc/postfix/local.maps/local.aliases biff = no body_checks =
pcre:/etc/postfix/common.maps/body_checks bounce_queue_lifetime = 6h
I suppose it was your mail client that screwed up these lines?
Sorry, I should have paid better attention.
content_filter = smtp-amavis:[127.0.0.1]:10024
debug_peer_level = 2
disable_vrfy_command = yes
header_checks = pcre:/etc/postfix/common.maps/header_checks
local_recipient_maps =
This explicitly disables recipient address validation for local domains
(i.e. domains listed in mydestination). This may or may not be the
reason for your bounces.
That was it!! Thank You!! After switching this back to the default
my smtp transaction now looks like this:
Mar 30 17:41:07 foghorn postfix/smtpd[9735]: connect from
shell4.sea5.speakeasy.net[69.17.116.5]
Mar 30 17:41:30 foghorn postfix/smtpd[9735]: NOQUEUE: reject: RCPT from
shell4.sea5.speakeasy.net[69.17.116.5]: 550 <r...@rogueind.com>: Recipient address rejected: User
unknown in local recipient table; from=<f...@tntechs.com> to=<r...@rogueind.com> proto=SMTP
helo=<mail.foo.com>
Mar 30 17:41:50 foghorn postfix/smtpd[9735]: disconnect from
shell4.sea5.speakeasy.net[69.17.116.5]
I wish I remembered why I set "local_recipient_maps =" in the first place.
I will have to see what else breaks. :-( Initial testing says everything
is still OK.
mime_header_checks = regexp:/etc/postfix/common.maps/mime_header_checks
mydestination = $myhostname localhost.$mydomain $mydomain mail.$mydomain
myhostname = mail.tntechs.com
mynetworks = 192.168.0.0/24 127.0.0.0/8
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.2.8-documentation/readme
relay_domains = $mydestination
/etc/postfix/stnhbr.maps/relay_domains.stnhbr
Drop $mydestination from relay_domains. Currently harmless but also
quite useless.
Done!!
Where's relay_recipient_maps? Lack of recipient address validation for
relay domains may or may not be the reason for your bounces.
This is deliberate. The domains that I am backup mx for filter their
email through an external service that also does recipient validation.
As a result we have agreed to accept anything from them.
To be sure we are only doing this for those domains, we use the following
in main.cf:
"smtpd_restriction_classes = must_come_from_hosted_email"
"must_come_from_hosted_email =
check_client_access cidr:/etc/postfix/common.maps/hosted_email_addresses"
With things like the following:
216.44.46.9/32 DUNNO
...
0.0.0.0/0 REJECT Mail must come from MX only
in the hosted_email_addresses file, then
"mydomain.com must_come_from_hosted_email", in the hosted_email_domains file
and "check_recipient_access hash:/etc/postfix/common.maps/hosted_email_domains"
in main.cf. This allows us to force mail for the filtered domains to only be
accepted by this machine if it comes from the scanning providers ip address
blocks.
I think this is OK. If you see a problem with it, please let me know.
Thanks again for the help.
--
Tom Diehl tdi...@rogueind.com Spamtrap address
mtd...@rogueind.com
