Re: Corrupt message
On Wed, Feb 12, 2020 at 07:43:59PM -0800, Doug Hardie wrote: > I seem to have a couple corrupt messages. Restarting postfix gives: > > service postfix restart > postfix/postfix-script: stopping the Postfix mail system > postfix/postfix-script: warning: damaged message: corrupt/44t83n4KNbz2fjQV > postfix/postfix-script: warning: damaged message: corrupt/46jP9V452yz2fjRb > postfix/postfix-script: starting the Postfix mail system 1. Use "postcat" to check that the partially collected content has no value: # postcat /var/spool/postfix/corrupt/$qid SYNOPSIS postsuper [-psSv] [-c config_dir] [-d queue_id] [-h queue_id] [-H queue_id] [-r queue_id] [directory ...] ... -d queue_id Delete one message with the named queue ID from the named mail queue(s) (default: hold, incoming, active and deferred). ... So postsuper(1) does not look in the "corrupt" directory, but even if you explicitly try: # postsuper -d $qid corrupt you'll get an error message, because "corrupt" is not a message queue, it is just a directory, with detritus, that may or may not be safe to remove. Therefore, once you're sure you want to remove it: 2. # /bin/rm /var/spool/postfix/corrupt/$qid -- Viktor.
DISCORD from a user to noreply
Folks, I am trying to configure discord when supp...@company.com sends to noreply@ / no-reply@. The smtp recipient/header checks seems to parse line by line so I can discord to noreply, but how do add a condition. I looked if.. endif, but I am unsure how to get this done with from and to lines in one regex. any help would be appreciated.
Re: DISCORD from a user to noreply
Linux Addict:
> Folks, I am trying to configure discord when supp...@company.com sends to
> noreply@ / no-reply@.
Did you mean "discard"?
> The smtp recipient/header checks seems to parse line by line so I can
> discord to noreply, but how do add a condition. I looked if.. endif, but I
> am unsure how to get this done with from and to lines in one regex.
Headers are not a good way to determine where email is being sent
to. The recipient is part of the envelope. It is sent with the RCPT
TO command.
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
...
reject_unauth_destination
check_recipient_access inline:{{nore...@example.com = discard}}
...
Wietse
Re: DISCORD from a user to noreply
Sorry.. yeah discard.
though there are headers checks already on this system, I can do recipient
check for this one. But is it possible to discard noreply email for just
only one sender? I am clear on how to discard when everything sent to
noreply@.*.
check_recipient_access inline:{{nore...@example.com = discard}}
On Thu, Feb 13, 2020 at 2:57 PM Wietse Venema wrote:
> Linux Addict:
> > Folks, I am trying to configure discord when supp...@company.com sends
> to
> > noreply@ / no-reply@.
>
> Did you mean "discard"?
>
> > The smtp recipient/header checks seems to parse line by line so I can
> > discord to noreply, but how do add a condition. I looked if.. endif, but
> I
> > am unsure how to get this done with from and to lines in one regex.
>
> Headers are not a good way to determine where email is being sent
> to. The recipient is part of the envelope. It is sent with the RCPT
> TO command.
>
> /etc/postfix/main.cf:
> smtpd_recipient_restrictions =
> ...
> reject_unauth_destination
> check_recipient_access inline:{{nore...@example.com = discard}}
> ...
>
> Wietse
>
Re: DISCORD from a user to noreply
On Thu, Feb 13, 2020 at 02:56:32PM -0500, Wietse Venema wrote:
> Linux Addict:
>
> > The smtp recipient/header checks seems to parse line by line so I can
> > discord to noreply, but how do add a condition. I looked if.. endif, but I
> > am unsure how to get this done with from and to lines in one regex.
>
> Headers are not a good way to determine where email is being sent
> to. The recipient is part of the envelope. It is sent with the RCPT
> TO command.
>
> /etc/postfix/main.cf:
> smtpd_recipient_restrictions =
> ...
> reject_unauth_destination
> check_recipient_access inline:{{nore...@example.com = discard}}
> ...
Note that "discard" is a "message-level" action, so the mail would
also not be delivered to any other Cc'd/Bcc'd recipients.
To discard email addressed to just one recipient:
virtual:
lu...@example.org luser=example.com@discard.invalid
transport:
discard.invalid discard:silently
There isn't yet an access(5) primitive that discards just the *current*
recipient, that can be selected on a combination of criteria via nested
restriction classes. So I'd use the access(5) "DISCARD" action with
great caution, basically for malware or an unusual flood of mail, ...
In most other cases, deliver or reject.
But delivery to the discard(8) transport of a *particular* recipient that
is advertised to not receive mail is fine. That's what the avoid
rewrite and transport rules do.
--
Viktor.
Re: DISCORD from a user to noreply
On Thu, Feb 13, 2020 at 03:06:37PM -0500, Linux Addict wrote: > Sorry.. yeah discard. > > But is it possible to discard noreply email for just > only one sender? I am clear on how to discard when everything sent to > noreply@.*. Nothing built into Postfix will discard just the one recipient in a multi-recipient mail based on the sender. In a single-recipient message (unsafe assumption), discarding the whole message is possible via restriction classes. Now it turns out that "recipient_restrictions" configured via: smtpd_data_restrictions = ... only run on single-recipient messages, if the message had two or more recipients, the restriction is skipped. Thus it would be safe to use a sender-based rule that resolves to a restriction class that processes the recipient, and run that sender rule in the data restrictions, and be sure to discard just single-recipient mail. -- Viktor.
Re: DISCORD from a user to noreply
I have no reason to use DISCARD. I also dont want sender to receive anything back. Is reject silently is an option? /^From:.?(no|No)(reply|-reply)@.*/ REJECT:silently On Thu, Feb 13, 2020 at 3:12 PM Viktor Dukhovni wrote: > On Thu, Feb 13, 2020 at 03:06:37PM -0500, Linux Addict wrote: > > > Sorry.. yeah discard. > > > > But is it possible to discard noreply email for just > > only one sender? I am clear on how to discard when everything sent to > > noreply@.*. > > Nothing built into Postfix will discard just the one recipient > in a multi-recipient mail based on the sender. > > In a single-recipient message (unsafe assumption), discarding > the whole message is possible via restriction classes. > > Now it turns out that "recipient_restrictions" configured via: > > smtpd_data_restrictions = ... > > only run on single-recipient messages, if the message had two or more > recipients, the restriction is skipped. Thus it would be safe to > use a sender-based rule that resolves to a restriction class that > processes the recipient, and run that sender rule in the data > restrictions, and be sure to discard just single-recipient mail. > > -- > Viktor. >
Re: DISCORD from a user to noreply
On Thu, Feb 13, 2020 at 03:33:42PM -0500, Linux Addict wrote: > I have no reason to use DISCARD. I also dont want sender to receive > anything back. Is reject silently is an option? > > /^From:.?(no|No)(reply|-reply)@.*/ REJECT:silently First of all, as you've already been told, header checks are entirely the wrong tool for this. You need to use either access(5) restrictions or else rewriting to an address which is dropped on delivery. You're also randomly making up syntax. The "discard:silently" example was transport table example and only makes sense in that context. Lastly, and sadly, you may need better command of English to get help on this list. There's no such thing as a silent "REJECT", that's a contradiction. Mail is either accepted or rejected (the sender is told which), delivered or discarded (after the message is accepted). -- Viktor.
Re: DISCORD from a user to noreply
Well.. I should have checked but assumed the action statements are similar
whether its transport or access.. obviously that does not seem to be the
case.
*Mail is either accepted or rejected (the sender is **told which) *- this
is my I wished or made up silent with reject. I don't want sender to know
about the rejects.
I guess I am going to go with below which will silently drop the email and
wont notify the sender.
check_recipient_access inline:{{nore...@example.com = discard}}
On Thu, Feb 13, 2020 at 3:43 PM Viktor Dukhovni
wrote:
> On Thu, Feb 13, 2020 at 03:33:42PM -0500, Linux Addict wrote:
>
> > I have no reason to use DISCARD. I also dont want sender to receive
> > anything back. Is reject silently is an option?
> >
> > /^From:.?(no|No)(reply|-reply)@.*/ REJECT:silently
>
> First of all, as you've already been told, header checks are entirely
> the wrong tool for this. You need to use either access(5) restrictions
> or else rewriting to an address which is dropped on delivery.
>
> You're also randomly making up syntax. The "discard:silently" example
> was transport table example and only makes sense in that context.
>
> Lastly, and sadly, you may need better command of English to get help on
> this list. There's no such thing as a silent "REJECT", that's a
> contradiction. Mail is either accepted or rejected (the sender is
> told which), delivered or discarded (after the message is accepted).
>
> --
> Viktor.
>
Re: Corrupt message
On 13 February 2020, at 03:28, Viktor Dukhovni wrote: > > On Wed, Feb 12, 2020 at 07:43:59PM -0800, Doug Hardie wrote: > >> I seem to have a couple corrupt messages. Restarting postfix gives: >> >> service postfix restart >> postfix/postfix-script: stopping the Postfix mail system >> postfix/postfix-script: warning: damaged message: corrupt/44t83n4KNbz2fjQV >> postfix/postfix-script: warning: damaged message: corrupt/46jP9V452yz2fjRb >> postfix/postfix-script: starting the Postfix mail system > >1. Use "postcat" to check that the partially collected content has > no value: > > # postcat /var/spool/postfix/corrupt/$qid > >SYNOPSIS > postsuper > [-psSv] [-c config_dir] [-d queue_id] > [-h queue_id] [-H queue_id] > > [-r queue_id] [directory ...] > ... > > -d queue_id > Delete one message with the named queue ID from the named mail > queue(s) (default: hold, incoming, active and deferred). > ... > > So postsuper(1) does not look in the "corrupt" directory, but even if > you explicitly try: > ># postsuper -d $qid corrupt > > you'll get an error message, because "corrupt" is not a message queue, > it is just a directory, with detritus, that may or may not be safe to > remove. Therefore, once you're sure you want to remove it: > >2. # /bin/rm /var/spool/postfix/corrupt/$qid > > -- >Viktor. Thanks. I finally understand it. Interestingly enough, both of the corrupt/* files had zero length. -- Doug
Re: Corrupt message
Doug Hardie: > Thanks. I finally understand it. Interestingly enough, both of > the corrupt/* files had zero length. Did the files have permissions rwx? Then at some point they contained an email message, before the file system lost the data. Wietse
Re: Corrupt message
> On Feb 13, 2020, at 16:05, Wietse Venema wrote: > > Doug Hardie: >> Thanks. I finally understand it. Interestingly enough, both of >> the corrupt/* files had zero length. > > Did the files have permissions rwx? Then at some point they contained > an email message, before the file system lost the data. > >Wietse Don’t recall. I already deleted them
