On Tue, Sep 01, 2020 at 12:28:33PM +0100, Nick wrote:
> On 2020-08-30 22:33 BST, Wietse Venema wrote:
> > Well almost: it needs a custom SMTP client to avoid loop detection.
> >
> > /etc/postfix/master.cf:
> > pickup unix .. .. .. .. .. pickup
> > -o { content_filter = local-smtp:[localhost]:25 }
> >
> > local-smtp unix .. .. .. .. .. smtp
> > -o { inet_interfaces = }
> > -o { myhostname = localhost }
> >
> > Let me know if that does the job.
>
> Yes I believe it does, thank you. Though I have used a new smtpd
> service because the one on port 25 checks mail from the internet but I
> want one that checks mail from the mail server.
I hope you also saw my note re various legitimate use-cases for
"unexpected" "From:" addresses in local submission.
> smtp-sndmail
> unix - - y - - smtp
> -o { inet_interfaces = }
> -o { myhostname = smtp-sndmail }
> -o { bounce_service_name = bounce-discard }
Setting the bounce service here does not work the way you'd expect.
Delivery agents append messages to the bounce log, but it is the queue
manager that ultimately requests for the failed recipients (from
multiple delivery attempts by one or more delivery agents) to be
bounced.
> # This is shared with the submission service.
> cleanup-outbound
> unix n - y - 0 cleanup
> -o header_checks=regexp:/etc/postfix/header-checks-outbound
> -o mime_header_checks=
> -o nested_header_checks=
> -o syslog_name=smtp-sndmaild
> -o bounce_service_name=bounce-discard
See above, this does not work.
> # Discards non-delivery notifications so they can't go to forged addresses.
> bounce-discard
> unix - - y - 0 discard
> -o syslog_name=bounce-discard
This is really broken. The bounce(8) service is an internal component
that is NOT a delivery agent. It does not speak the same protocol as
discard(8) which is a delivery agent.
> Sep 1 10:35:36 rolly bounce-discard/discard[11387]: warning: unexpected
> attribute nrequest from bounce-discard socket (expecting: flags)
> Sep 1 10:35:36 rolly bounce-discard/discard[11387]: warning:
> deliver_request_get: error receiving common attributes
These are symptoms of the breakage. If you want to prevent bounces from
leaking out to forged sender addresses you need to accept and discard
messages, rather than reject them.
--
Viktor.
