E-mail sending prevention
Hi, I've been getting the below messages for quite some time now, and I also get them on postqueue -p. What can I do about it? When I look at postqueue -p, the ID is 44C5E220E91 and when I do a grep, I get 44C5E220E91: to=, relay=alt1.gmail-smtp-in.l.google.com[173.194.70.27]:25, delay=96931, delays=96931/0.01/0.3/0.04, dsn=4.2.1, status=deferred (host alt1.gmail-smtp-in.l.google.com[173.194.70.27] said: 450-4.2.1 The user you are trying to contact is receiving mail at a rate that 450-4.2.1 prevents additional messages from being delivered. Please resend your 450-4.2.1 message at a later time. If the user is able to receive mail at that 450-4.2.1 time, your message will be delivered. For more information, please 450 4.2.1 visit http://support.google.com/mail/bin/answer.py?answer=6592 5si7550289eei.39 - gsmtp (in reply to RCPT TO command)) The google search and the above link says it's on gmail side, but my domain (webciniz.im) is not on google apps. Did it bounce back and hence this message? If so, how can I prevent it? My postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix html_directory = /usr/share/doc/postfix/html inet_interfaces = all mail_owner = postfix mailbox_size_limit = 0 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man mydestination = localhost myhostname = webciniz.im mynetworks = 127.0.0.0/8 127.0.0.2/32 109.232.0.0/16 newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES recipient_delimiter = + relayhost = sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_pipelining, reject_invalid_hostname, reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 100 virtual_transport = virtual virtual_uid_maps = static:5000 Regards and thanks, mto
Re: E-mail sending prevention
Hi, > [...] The user you are trying to contact is receiving mail at a rate > that prevents additional messages from being delivered. [...] I do not see what's so unclear about that? Google thinks that the recipient receives an unusual amount of mail. It's either the recipient's or Google's fault (then again, it's probably Google's fault, after all we've learnt). But it has nothing to do with your sender domain. -nik -- * mirabilos is handling my post-1990 smartphone * Aaah, it vibrates! Wherefore art thou, demonic device?? PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296 signature.asc Description: Digital signature
Re: E-mail sending prevention
Muzaffer Tolga Ozses: > Hi, > > I've been getting the below messages for quite some time now, and I > also get them on postqueue -p. What can I do about it? > > When I look at postqueue -p, the ID is 44C5E220E91 and when I do a grep, I get ... > The google search and the above link says it's on gmail side, but my > domain (webciniz.im) is not on google apps. Did it bounce back and > hence this message? If so, how can I prevent it? Look at the FIRST logfile record. It says how the mail was received (SMTP or local submission or bounce). Wietse
Re: after-queue filter and authentication
18.12.2013 15:03, Vladimir Kozlov wrote: I've tryig to use after-queue content filter as described in FILTER_README. How could I pass the authentication information (i.e. was initial message sent by authenticated user or not) when re-injecting message using sendmail? The problem is that further I'd like to skip some checks in amavis for mails sent by authenticated users (using MYUSERS policy bank), so I need to keep this information intact. Kind regards, Vladimir. It seems that there is no way to pass auth information through after-queue filter... OK, is there any way to send message using postfix from command line as authenticated user? Or it could be done only using third-party tools? smime.p7s Description: Криптографическая подпись S/MIME
Re: after-queue filter and authentication
On Fri, Dec 20, 2013 at 04:54:02PM +0400, Vladimir Kozlov wrote: > 18.12.2013 15:03, Vladimir Kozlov wrote: > >I've tryig to use after-queue content filter as described in > >FILTER_README. I'd recommend that you take a look at amavisd-new. > >How could I pass the authentication information (i.e. was initial > >message sent by authenticated user or not) when re-injecting > >message using sendmail? The problem is that further I'd like to > >skip some checks in amavis for mails sent by authenticated users > >(using MYUSERS policy bank), so I need to keep this information > >intact. Aha, you already did, good. :) Have amavisd reinject to a special smtpd, as shown in amavisd-new documentation. > It seems that there is no way to pass auth information through > after-queue filter... I don't understand the problem. The user authenticated, and was passed through your MYUSERS policy bank, filtering done or bypassed as you configured it. Why do you need the authentication after the filter? > OK, is there any way to send message using postfix from command > line as authenticated user? sendmail(1) has no concept of authentication, that is exclusively a matter of SMTP. > Or it could be done only using third-party tools? Sure, a null client in place of sendmail, but why? -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Use of smtpd_reject_unlisted_sender
On these days where theft of credentials of legitimate e-mail server users in order to send spam checking the MAIL FROM: using smtpd_reject_unlisted_sender would be a helping Postfix feature. Perhaps it is a misunderstanding from my side about the actual meaning of parameter smtpd_reject_unlisted_sender but if "smtpd_reject_unlisted_sender = yes" is present on main.cf... How is it possible for an user to send an mail from an unknown sender addresses neither listed in virtual nor canonical? The user is connecting to the smtp server and authenticates itself correctly but he's sending e-mails from an absolutely alien e-mail address (both user and domain part of the e-mail address) If the authenticated user tries to send e-mail from a non-existent e-mail address (user part) of a local domain the e-mail is rejected but if he/she uses a non-existent e-mail address of an alien domain the e-mail message is accepted by smtpd server. Shouldn't ALL those mails be rejected by smtpd? -- Bernardo Pons
Re: Use of smtpd_reject_unlisted_sender
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 20-12-13 20:54, Bernardo Pons wrote: > On these days where theft of credentials of legitimate e-mail > server users in order to send spam checking the MAIL FROM: using > smtpd_reject_unlisted_sender would be a helping Postfix feature. > > Perhaps it is a misunderstanding from my side about the actual > meaning of parameter smtpd_reject_unlisted_sender but if > "smtpd_reject_unlisted_sender = yes" is present on main.cf... > > How is it possible for an user to send an mail from an unknown > sender addresses neither listed in virtual nor canonical? > > The user is connecting to the smtp server and authenticates itself > correctly but he's sending e-mails from an absolutely alien e-mail > address (both user and domain part of the e-mail address) > > If the authenticated user tries to send e-mail from a non-existent > e-mail address (user part) of a local domain the e-mail is rejected > but if he/she uses a non-existent e-mail address of an alien domain > the e-mail message is accepted by smtpd server. > > Shouldn't ALL those mails be rejected by smtpd? > The problem is that postfix cannot look up localparts for domains that are not hosted locally. For domains that the server is configured to handle using local/virtual/etc, the localparts are also available (i.e. 'listed'). For random offsite domains, the localpart cannot be verified other than using a VRFY call, which is disable at most sites because it enabled spammers to verify existance of addresses, and usage is considered abusive by many admins. In order to force authenticated senders to use a limited set of MAIL FROM addresses, you'll probably need to use reject_sender_login_mismatch in smtpd_mumble_restrictions. Regards, Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJStKTaAAoJEJPfMZ19VO/1o5sQAJZlWimP2XWy6Ion5NvZtn3v BIxvWuHQSvaytAeL6NyrjjL3eA+p9z8WpOqj1IUZGjL2Egvag8vU34HM8a64gRCF Js8WlE5vop6yLDyDgmo8BdTDLmy00YI67jXCEWFn/H9ivTp8fbRL8QjWw+tDFWNB bPJmWVRx43Qbf5TTl/H2idi/ZTftMIYDaL7cZ7pgG1w2o69r2bzj/uv/bKL7/Mvr niKM4Rcw+zkvOVS9DmEfge8Eh7ZTHPL2nsQm4+pTkk1tgxgjW602i9mgfvjVK/CV o073sF1lbfvMV/77Wm+dSoi4i7nC0A/A7sS4HXpRku9KNoSVfj+gJV2cb1ft5/6F QnyRi/m33654SyzWvChC4UZWg3NleoAnwHTxfIYnoTCiEwdRzk7PczINuXkIZfDC fpZmtu4DSs9jHMCuEA7On0lgDOxdwBCJz3guk3rxOcWvC+2m38vXW9txcjNgfeoE QimyLC1d2sAQV7PVvPpquHmgJQyiiD536WDMwT2V05W13jXSZ7fwEUuXDb29/EIS 2O7dpYe/BiWut7gCwgdbU5jfVxgaJESIPp3kmsI4Zn/nViJH5cR2HaScLSWBjCdz Bf3bVc3FYSZrXCRZyp6bc6ZFNJGCcIo4jmvawZEBSl2ToFTMUSDyG01NFHwu1csN Oll9fk0E/wxupS2/TJKM =OH5l -END PGP SIGNATURE-
Re: Use of smtpd_reject_unlisted_sender
Bernardo Pons: > On these days where theft of credentials of legitimate e-mail server users > in order to send spam checking the MAIL FROM: using > smtpd_reject_unlisted_sender would be a helping Postfix feature. > > Perhaps it is a misunderstanding from my side about the actual meaning of > parameter smtpd_reject_unlisted_sender but if "smtpd_reject_unlisted_sender > = yes" is present on main.cf... > > How is it possible for an user to send an mail from an unknown sender > addresses neither listed in virtual nor canonical? It can happen on mail hubs, when an inside system sends mail through the mail hub, with a sender address that is not properly registered at the mail hub. Ideally the mail hub would block such mail. For now, I leave it up to you to decide if you want to fight that battle. 5-10 years ago it certainly would break a lot of things in the real world. Wietse
