DAve wrote:
Ken Jones wrote:
tonix (Antonio Nati) wrote:
At 22.53 22/05/2006, you wrote:
Has anyone else run into this?
A microsoft smtp service is sending an email with a list
of rcpt's. Some of the rcpt's are invalid. The microsoft
keeps reporting rejection of almost all the email addresses
including valid ones.
We are using fixcrio on the smtp server, so it's not
a bare line feed problem.
Using chkuser v.2.0.8.
Everything works fine when a qmail server sends the
same list of emails. All the good rcpts get the email
and all the invalid rcpts are rejected.
Any ideas?
I am looking into disabling the chk user for the
senders static IP address but wonder if there is
possibly something in the qmail/chkuser code that
needs looking into.
What do chkuser logs say about these rejected rcpt?
For the rejected addresses seeing:
CHKUSER rejected .... not existing recipient
For the accepted addresses
CHKUSER accepted .... found existing recipient
We ran some other tests. If all the recipients are accepted the email
comes through to all the users.
If any one of the recipients are rejected then the sender says they
get a bounce message with valid and invalid recipients listed with
the regular qmail failure status of the form:
There was a SMTP communication problem with the recipient's
email server. Please contact your system administrator.
<HOST_SENDER #5.5.0 smtp;511 sorry, no mailbox
here by that name (#5.1.1 - chkuser)>
Thier email system returns a bounce message containing those
types of status for valid and invalid accounts.
And the chkuser log shows the correct information, reporting
invalid for invalid accounts and valid for existing accounts.
I'm going to run a test when I telnet to port 25 and walk
through the conversation by hand. Then check the logs and
received emails.
Ken
I have been looking into the same issue since last week. I am waiting to
confirm the client is using an exchange server at their location. The
issue I am seeing is that the client has a distribution list with 22
recipients in it. Once ten recipients fail, the message is bounced as
per my chkuser setup.
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`head -1 /var/qmail/control/concurrencyincoming`
# CHKUSER values
CHKUSER_MBXQUOTA="90"
export CHKUSER_MBXQUOTA
CHKUSER_RCPTLIMIT="150"
export CHKUSER_RCPTLIMIT
CHKUSER_WRONGRCPTLIMIT="10"
export CHKUSER_WRONGRCPTLIMIT
if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" ]; then
echo QMAILDUID, NOFILESGID, or MAXSMTPD is unset in
echo $0
exit 1
fi
exec /usr/local/bin/softlimit -m 2000000 \
/usr/local/bin/tcpserver -v -P -R -h -l ecluster4.tls.net -x
/var/qmail/control/tcp.smtp.
cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 10.0.241.134 25 \
/usr/local/bin/fixcrio /var/qmail/bin/qmail-smtpd 2>&1
Addresses that are valid are rejected until the rejection count goes
over the intrusion threshold, even though the user exists and still
receives mail otherwise.
<snip>
26-196-65.tls.net:65.196.226.41> rcpt <[EMAIL PROTECTED]> : not existing
recipient
2006-05-10 17:30:32.579064500 CHKUSER rejected rcpt: from
<[EMAIL PROTECTED]::> remote <JHexamerGardner:wls-41-2
26-196-65.tls.net:65.196.226.41> rcpt <[EMAIL PROTECTED]> : not existing
recipient
2006-05-10 17:30:36.283696500 CHKUSER intrusion threshold: from
<[EMAIL PROTECTED]::> remote <JHexamerGardner:wl
s-41-226-196-65.tls.net:65.196.226.41> rcpt <[EMAIL PROTECTED]> : max
number of allowed invalid rcpt
2006-05-10 17:30:36.543197500 CHKUSER rejected intrusion: from
<[EMAIL PROTECTED]::> remote <JHexamerGardner:wls
bash-2.05b# ./vuserinfo [EMAIL PROTECTED]
name: lisah
passwd: xxxxx
clear passwd: xxxxx
comment/gecos: lisah
uid: 0
gid: 0
flags: 0
gecos: lisah
limits: No user limits set.
dir: /home/vpopmail/domains/1/xxxxx.com/lisah
quota: NOQUOTA
usage: NOQUOTA
last auth: Mon Mar 27 15:22:13 2006
last auth ip: 10.0.241.134
I see no issues with the MySQL backend, but I am updating the MySQL
install tonight so I can use query caching. Not sure if that will make a
difference or not but I wanted the advantage of caching to reduce load
on my SQL server.
I am seeing this with one client only, and the issue is intermittent at
that. Using chkuser-2.0.8b-release. Anything else I can offer?
DAve
There is no Exchange server involved.
Looking closer I see that the user was in her office, so I am not sure
why she even hit chkuser! She should have been on smpt-auth from her IP
and I don't use chkuser for smpt-auth clients.
The message has failed twice in two weeks and worked three times. Last
attempt worked perfectly.
Still looking.
DAve
--
This message was checked by forty monkeys and
found to not contain any SPAM whatsoever.
Your monkeys may vary
