[Bounce Handling] Searching information

[no_spam]

Hello postfix users
First I’ll say that it’s about 10 days I read Mailing list history, and I
that I Google around in order to understand Bounce Handling in postfix. (I’m
a former Exim user)

I’ve found with Google several sites explaining how to set up bounce
handling, but up to now all methods tested do not work for me…

Let me explain first what we want to do and what is done up to now : 

- We have approx 150 customers that wish to do marketing email with their
customers, and we have had these customers knowing former spam listing,
because they / we did not cope feedback loops, list retrieval and all the
‘quality service’ recommendations. These customers are mostly Automotive
software users that use our integrated mailing service in the software,
using simple outlook  mailing dll’s (software is made under windev, and uses
all Windows dll’s).
- We want to offer our customers a service that will allow them by using
their software, to mail their customers, through a mailing platform,
independent of their outlook / email software and that will cope : Mailing
unsubscription, feedback loops with webmail / ISP, bounce handling to bring
their mailing lists to quality….

What we have setup : 
- Postfix mailing servers (5), (servers A – E) with authorized (login /
password) account set in our software, and ID control of our users sending
their marketing mail. These servers are only purposed to mail sending, all
web and bounce treatment is done on 2 other servers (F/G) loadbalanced, that
cope bounces (return path sends to these 2 servers domain name, it is set to
send bounce emails to @F.net). These five servers work to our needs with no
problem.
- Mailing List unsubscription, feedback loops, online data handling, mysql
mailing statistics, on servers F/G
- Bounce Handling php script, checking bounces and coping in databases all
post-bounce treatements on servers F / G
- Bounce Handling administrative script allowing us to learn new Bounce
codes not already treated automatically by system on servers F/G.

What we haven’t managed to setup.
- On servers F/G, postfix is not able to send bounced email received to php
script.
- Postfix answers to all bounces received on these servers : 
bounce.kiuk0xhqtmkr-jf3t8kmh-mfs8q6qvq5s...@bounces.f.net: unknown user
    bounce.kiuk0xhqtmkr-jf3t8kmh-mfs8q6qvq5s5cq

I know I haven’t setup things correctly on these servers, and I would
appreciate your help to identify my errors.

Here is master.cf  which I think meets most websites indications in term of
bounce handling to php scripts : 

#
# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd
#submission inet n       -       -       -       -       smtpd
#  -o smtpd_enforce_tls=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#smtps     inet  n       -       -       -       -       smtpd
#  -o smtpd_tls_wrappermode=yes
#  -o smtpd_sasl_auth_enable=yes
#  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
#628      inet  n       -       -       -       -       qmqpd
pickup    fifo  n       -       -       60      1       pickup
cleanup   unix  n       -       -       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
#qmgr     fifo  n       -       -       300     1       oqmgr
tlsmgr    unix  -       -       -       1000?   1       tlsmgr
rewrite   unix  -       -       -       -       -       trivial-rewrite
bounce    unix  -       -       -       -       0       bounce
defer     unix  -       -       -       -       0       bounce
trace     unix  -       -       -       -       0       bounce
verify    unix  -       -       -       -       1       verify
flush     unix  n       -       -       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
smtp      unix  -       -       -       -       -       smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay     unix  -       -       -       -       -       smtp
       -o smtp_fallback_relay=
#       -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq     unix  n       -       -       -       -       showq
error     unix  -       -       -       -       -       error
retry     unix  -       -       -       -       -       error
discard   unix  -       -       -       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       -       -       -       lmtp
anvil     unix  -       -       -       -       1       anvil
scache   unix -      -      -      -      1      scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# Many of the following services use the Postfix pipe(8) delivery
# agent.  See the pipe(8) man page for information about ${recipient}
# and other message envelope options.
# ====================================================================
#
# maildrop. See the Postfix MAILDROP_README file for details.
# Also specify in main.cf: maildrop_destination_recipient_limit=1
#
maildrop  unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
#
# See the Postfix UUCP_README file for configuration details.
#
uucp      unix  -       n       n       -       -       pipe
  flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
#
# Other external delivery methods.
#
ifmail    unix  -       n       n       -       -       pipe
  flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp     unix  -       n       n       -       -       pipe
  flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix      -      n      n      -      2      pipe
  flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman   unix  -       n       n       -       -       pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}
bounceh   unix  -       n       n       -       -      pipe
  user=mailadmin argv=/srv/F/www/F.net/htdocs/get_bounces.php $sender
$recipient

Here is main.cf, as installed by default by host : 
unknown_local_recipient_reject_code = 550
unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
smtp-filter_destination_concurrency_limit = 2
lmtp-filter_destination_concurrency_limit = 2
inet_interfaces = all
mynetworks_style = host
mynetworks = 127.0.0.0/8
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydomain = bounces.F.net
myorigin = $mydomain
myhostname = $mydomain
mydestination = $mydomain, mail.$domain, localhost, localhost.$mydomain
masquerade_exceptions = root
masquerade_domains = $mydomain
mail_spool_directory = /var/spool/mail
recipient_delimiter = +
local_destination_concurrency_limit = 2
default_destination_concurrency_limit = 10
smtpd_banner = $myhostname ESMTP
mailbox_delivery_lock = fcntl
debug_peer_level = 1
relay_recipient_maps = hash:/etc/postfix/relay_recipients
local_recipient_maps = hash:/etc/postfix/local_recipient_maps
relay_domains = hash:/etc/postfix/relay_domains

smtpd_client_restrictions = 
   reject_rbl_client,
   permit_tls_clientcerts,
   reject_invalid_hostname,
   permit_mynetworks

smtpd_helo_restrictions = 
   reject_rbl_client,
   permit_mynetworks,
   permit_tls_clientcerts,
   reject_non_fqdn_hostname

smtpd_sender_restrictions = 
   reject_rbl_client,
   reject_non_fqdn_sender,
   reject_unknown_address

smtpd_recipient_restrictions =
   reject_rbl_client,
   permit_mynetworks,
   permit_sasl_authenticated,
   reject_invalid_hostname,
   reject_unauth_pipelining,
   check_relay_domains

delay_warning_time = 12h
queue_run_delay = 500
maximal_queue_lifetime = 2d
bounce_queue_lifetime = 8h
smtpd_helo_required = yes
line_length_limit = 2048
bounce_size_limit = 50000
notify_classes= resource,software
soft_bounce=no
message_size_limit = 10000000
queue_minfree = 0
default_destination_recipient_limit = 20
command_time_limit = 240

maps_rbl_reject_code = 550
maps_rbl_domains = 
        relays.ordb.org, 
        relays.visi.com, 
        ipwhos.rfc-ignorant.org, 
        list.dsbl.org, 
        bl.spamcop.net, 
        opm.blitzed.org, 
        list.dsbl.org, 
        sbl.spamhaus.org, 
        blackholes.easynet.nl, 
        cbl.abuseat.org


Final Things : Here are some conf files I added : 
local_recipient_maps 
@bounces.F.net       OK
@F.net       OK

transport.map 
bounces.F.net bounceh:

relay_recipients 
127.0.0.1       OK
XX.XX.XX.XX  OK    (ip of F.net server)

Relays_domains 
bounces.F.net        OK
F.net         OK
A.net         OK
mailing.client1.fr   OK
mailing.client2.fr   OK


Where am I wrong, and what is necessary to setup bounce handling knowing
that : 
1- Bounces return addresses are constructed dynamically, and there is no
real user account corresponding to bounce.xxxx-xxxx-x...@bounces.f.net
2- All bounces received on bounces.f.net must go to php script with no
exception, and must be treated by the script ….

In Any case, thanks for any help that can allow me to understand and set up
bounce handling under postfix…

T. de LASSAT