On 7/7/2023 11:07 AM, Viktor Dukhovni via Postfix-users wrote:
On Fri, Jul 07, 2023 at 11:54:44AM -0400, Viktor Dukhovni via Postfix-users
wrote:
If the client uses PIPELINING, the pipelined "RCPT TO" after the rejected
"MAIL FROM" will presumably be logged.
Turns out that's not the case. Postfix does not log client "syntax"
errors and sending "RCPT TO" once "MAIL FROM" is rejected "RCPT TO"
is a "50x" syntax error:
MAIL FROM:<...> SIZE=1234567890
552 5.3.4 Message size exceeds fixed limit
RCPT TO:<...>
503 5.5.1 Error: need MAIL command
Logs:
Jul 7 12:00:36 amnesiac postfix/smtpd[5728]:
connect from localhost[127.0.0.1]
Jul 7 12:00:58 amnesiac postfix/smtpd[5728]:
NOQUEUE: reject: MAIL from localhost[127.0.0.1]:
552 5.3.4 Message size exceeds fixed limit; ...
Jul 7 12:01:13 amnesiac postfix/smtpd[5728]:
disconnect from localhost[127.0.0.1]
ehlo=1 mail=0/1 rcpt=0/1 quit=1 commands=2/4
It gets worse...
Some client will see the 250-SIZE XXXXX in the EHLO response, and
give up immediately, without ever sending a MAIL FROM that it knows
will fail. All postfix is able to log is a connect, quickly followed
by a disconnect. This is not really postfix's fault, but it's near
impossible to debug from the postfix side.
Blame SMTP.
And no, you can't use a body_checks hack to get around this;
body_checks are evaluated one line at a time, not on the whole message.
You could probably use a milter, or a policy_service that rejects
based on size. Set the main.cf size value to something big, and
reject after the client sends all the data. This is inefficient, but
would work.
-- Noel Jones
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
