Noel Jones-2 wrote
> On 10/20/2016 11:52 AM, Doobster wrote:
>> Noel Jones-2 wrote
>>> On 10/20/2016 12:57 AM, Ross Naheedy wrote:
>>>> I am having a peculiar issue in not being able to lock down my
>>>> postfix 2.10. This is on a server that is on the Internet and must
>>>> receive emails and relay email for authenticated users. My main.cf
>>>> <http://main.cf> relevant portions look like this:
>>>>
>>>
>>> show "postconf -n" rather than random snippings.
>>
>> Here's the output of "postconf -n":
>
> Thanks. No obvious errors.
>
>> And here's what I see in the logs:
>>
>> Oct 15 06:54:49 example postfix/smtpd[29114]: warning: hostname
>> 185-163-46-244.mivocloud.com does not resolve to address 185.163.46.244
>> Oct 15 06:54:49 example postfix/smtpd[29114]: connect from
>> unknown[185.163.46.244]
>> Oct 15 06:54:49 example postfix/smtpd[29114]: 7F31B1805EFD9:
>> client=unknown[185.163.46.244]
>> Oct 15 06:54:50 example postfix/cleanup[29115]: 7F31B1805EFD9:
>> message-id=<
> 0.0.6900600747.evkrtb19b4ecfabsowkik540927.0@
>>
>> Oct 15 06:54:50 example postfix/qmgr[24064]: 7F31B1805EFD9:
>> from=<8467-6900600747-824-sales=
> example.com@.gretofrr
>>, size=6461,
>> nrcpt=1 (queue active)
>> Oct 15 06:54:51 example postfix/smtpd[29114]: disconnect from
>> unknown[185.163.46.244]
>
> Fairly normal mail reception. Probably spam, but that's not
> significant.
>
>
>>
>> Some delay here because I didn't have amavisd configured properly
>>
>> Oct 15 07:11:02 example amavis[29000]: (29000-05) Blocked BAD-HEADER-0
>> {BouncedInbound,Quarantined}, [185.163.46.244]:54047 [185.163.46.244]
>> <8467-69006
>> 00747-824-sales=
> example.com@.gretofrr
>> -> <
> sales@
> >,
>> Queue-ID: 7F31B1805EFD9, Message-ID:
>> <0.0.6900600747.evkrtb19b4ecfabsowkik540927.0@gr
>> etofrr.us>, mail_id: zmu4ScvmJWiZ, Hits: -, size: 6455, 297800 ms
>> Oct 15 07:11:02 example postfix/lmtp[29094]: 7F31B1805EFD9:
>> to=<
> sales@
> >, relay=127.0.0.1[127.0.0.1]:10024, delay=973,
>> delays=1.3/397/277/298, dsn=2.5.0, status=sent (250 2.5.0 Ok
>> <
> sales@
> >, DSN was sent (554 5.6.0 Bounce, id=29000-05 - BAD
>> HEADER))
>
> Yikes! You've configured amavisd to send DSN notice to the sender.
> Don't do that.
>
>> Oct 15 07:11:02 example postfix/qmgr[24064]: 7F31B1805EFD9: removed
>>
>>
>> And there's a bunch of the following (one every hour), trying to deliver
>> the
>> mail:
>>
>> Oct 20 01:12:10 example postfix/smtp[31538]: connect to
>> mail.cancrrtrtmnt.us[104.18.54.81]:25: Connection timed out
>> Oct 20 01:12:10 example postfix/smtp[31537]: connect to
>> mail.gretofrr.us[2400:cb00:2048:1::681b:8fb4]:25: Connection timed out
>> Oct 20 01:12:10 example postfix/smtp[31538]: DCFD01805EFD2:
>> to=<8569-6900600747-621-sales=
> example.com@.cancrrtrtmnt
>>, relay=none,
>> delay=150425, dela
>> ys=150305/0.02/120/0, dsn=4.4.1, status=deferred (connect to
>> mail.cancrrtrtmnt.us[104.18.54.81]:25: Connection timed out)
>> Oct 20 01:12:10 example postfix/smtp[31537]: 8715B18321C38:
>> to=<8467-6900600747-824-sales=
> example.com@.gretofrr
>>, relay=none,
>> delay=410468, delays=410348/0.02/120/0, dsn=4.4.1, status=deferred
>> (connect
>> to mail.gretofrr.us[2400:cb00:2048:1::681b:8fb4]:25: Connection timed
>> out)
>
>
> This is postfix trying to deliver the undeliverable DSN's you've
> configured in amavisd. Turn those off.
>
>
>
> -- Noel Jones
Thanks. This was my issue. Disabled DSN for postfix in main.cf via
"smtpd_discard_ehlo_keywords=silent-discard,dsn" and for amavisd in
amavisd.conf via "@smtpd_discard_ehlo_keywords=('8BITMIME','DSN');"
Clearing the mail queue has got me to a clean mail log now.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Hardening-relay-and-sender-specified-routing-tp86772p86815.html
Sent from the Postfix Users mailing list archive at Nabble.com.
