On 1/9/2014 5:01 PM, Noel Jones wrote: > On 1/9/2014 4:41 PM, Alexandre Ellert wrote: >> Hi, >> >> I relay transactional mail for my customer's web sites. >> Each website has it's own SASL authenticated account and mail are >> sent via submission or smtps. >> >> But, some website doesn't verify email existence when a user submit >> a web form or 'create an account'. >> That's why I often see my postfix relay trying to send to >> non-existing email. >> Sending again and again to non-existing mail can lowering my IP >> reputation and waste ressources that's why I need a solution. >> >> I can't force my customer to use some kind of email verification but >> I strongly encouraged them to do it. Most of them don't care or have >> no time/money/knowlegde to do it. >> >> Fisrt, I need to have some stats about outgoing mail. >> - What percentage of error 'User unknown' per account ? (Can you >> confirm that every SMTP software bounce with error '550 5.1.1' ?) >> If someone can advice any script, I will be very grateful. >> Otherwise, i will write it myself. >> With these stats, I can then take necessary actions (lock account, …) > > There are several log analysis tools listed here: > http://www.postfix.org/addon.html#logfile > > And also the excellent postfix-logwatch module, which works fine > without the logwatch framework. I don't know why this isn't listed > on the postfix site; probably because the author never requested it. > http://www.postfix.org/addon.html#logfile
Wrong link. Copy/Paste failure. http://logreporters.sourceforge.net/ -- Noel Jones > >> >> Second, maybe additional, I think about maintain a list of 'User >> unknown' address. >> Maybe, I could implement this (example with plain text file but it >> could be SQL): >> >> # master.cf >> submission inet n - - - - smtpd >> -o >> smtpd_recipient_restrictions=check_recipient_access,hash:/etc/postfix/unknonwn_recipients,permit_sasl_authenticated,permit_mynetworks,reject >> smtps inet n - - - - smtpd >> -o smtpd_tls_wrappermode=yes >> -o >> smtpd_recipient_restrictions=check_recipient_access,hash:/etc/postfix/unknonwn_recipients,permit_sasl_authenticated,permit_mynetworks,reject >> >> $ cat /etc/postfix/unknonwn_recipients >> bad_us...@example.com <mailto:bad_us...@example.com> REJECT Unknown user >> bad_us...@example.com <mailto:bad_us...@example.com> REJECT Unknown user > > Consider how the website might react when mail is rejected. I don't > suppose they'll all show the end user a helpful message about a bad > address. Probably need to work with your customers on this so there > are no surprises. > >> >> And write a cron job to parse postfix logs and add 'Unknown user' >> email to /etc/postfix/unknonwn_recipients. > > You'll also need to have some method to "expire" addresses > periodically that become good at a later date, and limits to how > often an address is "probed". > > Or use the built-in postfix reject_unverified_recipient function, > where those particular problems are already solved. > http://www.postfix.org/ADDRESS_VERIFICATION_README.html > > > -- Noel Jones >
