[pfx] Re: Getting Recipient when Message size limit is exceeded

Sat, 08 Jul 2023 05:16:37 -0700 

On Fri, Jul 07, 2023 at 11:54:44AM -0400, Viktor Dukhovni via Postfix-users 
wrote:

If the client uses PIPELINING, the pipelined "RCPT TO" after the rejected
"MAIL FROM" will presumably be logged.



On 7/7/2023 11:07 AM, Viktor Dukhovni via Postfix-users wrote:

Turns out that's not the case.  Postfix does not log client "syntax"
errors and sending "RCPT TO" once "MAIL FROM" is rejected "RCPT TO"
is a "50x" syntax error:

    MAIL FROM:<...> SIZE=1234567890
    552 5.3.4 Message size exceeds fixed limit
    RCPT TO:<...>
    503 5.5.1 Error: need MAIL command

Logs:

    Jul  7 12:00:36 amnesiac postfix/smtpd[5728]:
        connect from localhost[127.0.0.1]
    Jul  7 12:00:58 amnesiac postfix/smtpd[5728]:
        NOQUEUE: reject: MAIL from localhost[127.0.0.1]:
        552 5.3.4 Message size exceeds fixed limit; ...
    Jul  7 12:01:13 amnesiac postfix/smtpd[5728]:
        disconnect from localhost[127.0.0.1]
        ehlo=1 mail=0/1 rcpt=0/1 quit=1 commands=2/4


On 07.07.23 11:58, Noel Jones via Postfix-users wrote:

It gets worse...

Some client will see the 250-SIZE XXXXX in the EHLO response, and give 
up immediately, without ever sending a MAIL FROM that it knows will 
fail. All postfix is able to log is a connect, quickly followed by a 
disconnect. This is not really postfix's fault, but it's near 
impossible to debug from the postfix side.


Blame SMTP.



I guess The point was to reject mail ASAP, avoiding useless delays (e.g when 
listing tens or hundreds of recipients) and useless checks (when validating 
tens or hundreds of recipients).



Hypotetically, server could accept/validate recipients just to reject the 
DATA command with EFBIG message, but that would require patching postfix and 
the measures above (not send and ignore SIZE).



You could probably use a milter, or a policy_service that rejects 
based on size. Set the main.cf size value to something big, and reject 
after the client sends all the data. This is inefficient, but would 
work.



Very inefficient - would need to receive all huge e-mail just to say it 
can't accept it. Depending on size, you could run out of space on mail spool 
partitions (risky).



--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depression is merely anger without enthusiasm.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org






















					Reply via email to