Hello Noel, On Thu, Feb 23, 2012, at 03:31 PM, Noel Jones wrote: > > (sorry, had to work for a while)
No worries. Nice to have someone reasonable to chat with. Bit of a dry spell on that. It's appreciated. > On 2/23/2012 2:58 PM, rg86...@airpost.net wrote: > Ah, a different server. Important infomation (or maybe I missed it...). Easy to miss. Fwiw, as originally @ http://marc.info/?l=postfix-users&m=133002076514425&w=2 my sendmail 'send' was sent from 192.168.1.13 to postfix listening @ "inet_interfaces = 192.168.1.10 192.168.1.11". Clearly mistakenly having presumed that that's clear enough, I called it out specifically only recently in response to the lashings. > > Feb 23 11:51:52 desk postfix/smtp[20627]: 986C040083: > > to=<s...@mail.rogermail.lan>, > > relay=mail.rogermail.lan[192.168.1.10]:25, delay=0.3, > > delays=0.21/0/0.03/0.06, dsn=5.1.1, status=bounced (host > > mail.rogermail.lan[192.168.1.10] said: 550 5.1.1 > > <s...@mail.rogermail.lan>: Recipient address rejected: User > > unknown in virtual mailbox table (in reply to RCPT TO command)) > > This is the error you need to get rid of. The spamtrap user must be > accepted for the downstream listener to use it to trigger the DISCARD. > > If you add the spam@ user to your local storage all will be well. Aha, I think ... So IIUC, I need to RE-add the list of spamtraps in the has table as valid users (removed as valid after known to be compromised ...) so that, rather than being off-hand rejected as an unkonw/non-existent user@domain, the multiple-recipient message gets carried through far enought to get to where that DISCARD check+action is valid? Is that approaching correct? If so, then I assume that I leave only postscreen listening at the 'real' external address, and the spamtrap address check shoud remaing associated with the 127.0.0.1:10026 reinjection listener, as you'd previously advised? Or, per this, > > > then you need to implement the spamtrap check at 192.168.1.10. > > Happy to. Where and how? *Specifically*, at which stage? > > 1) To reject mail to the spamtrap address > 2) In an SMTP session > 3) With the SMTP server at 192.168.1.10 > 4) Configure the spamtrap reject rule with the Postfix SMTP daemon that > listens on 192.168.1.10. do I need to move the check BACK to the postscreen's "private smtpd" daemon listening on 19.168.1.10 ? My understanding was that that was too early in the process. Thanks again for the help. Cheers, Roger
