Re: Mail forwarding loop

Thu, 08 Nov 2012 14:20:43 -0800 

On 11/08/2012 11:12 PM, Jeroen Geilman wrote:

On 11/08/2012 05:25 PM, Daniele Nicolodi wrote:

Hello,

I think I have a problem with my simple mail server. I noticed several
bounce mails in the queue, which postfix in unable to deliver.


C0B0160EC     12730 Thu Nov  8 12:35:47 MAILER-DAEMON
(lost connection with eforward5.registrar-servers.com[38.101.213.202] while receiving the initial server greeting) 
[email protected]

All of them destined to what look to be fake addresses. The original
mails that originate the bounce are indeed spam.

On this server I use spamassassin as content filter, which re-injects
the mail into postfix after scanning it via local delivery. Spam is then
discarded via a sieve rule (not bounced).

It looks like postfix detects a mail forwarding loop when the mail is
re-injected by spamassassin via local delivery. Why isn't the loop
detected when the mail is received by the smtpd?





And now without thick-fingering CTRL-Enter:

Postfix cannot detect a mail loop if it has never seen the message before.
You are not re-injecting the filtered message, you are (or, rather, SA is) calling sendmail(1), which in turn invokes pickup(8):
Nov 8 12:35:47 zed postfix/pickup[2485]: BCDF560EF: uid=65534 from=<[email protected]>
This means a different path is followed from the original submission over SMTP; sendmail-submitted mail generally lacks features that allow such loops to be detected. In this case, you are using the "nobody" user to re-submit the message, which will throw postfix off further, since it has no MAIL FROM: to match it with.
Re-inject the message over a separate smtpd(8) instance instead; the content filter loopback will not alter the envelope, thus enabling postfix to detect a loop.
smtpd(8): MAIL FROM: joe@home, RCPT TO: jim@work -> Spamassassin -> SMTP re-inject: MAIL FROM: joe@home, RCPT TO: jim@work. sendmail(1): MAIL FROM: joe@home, RCPT TO: jim@work -> Spamassassin -> sendmail: MAIL FROM: nobody (uid=65534), RCPT TO: jim@work. 

Note the "nobody" above.


  I do not like to
generate unnecessary bounce mails. Is this a real problem? How can I fix it? 

Here is what I think is a relevant log excerpt:
# egrep 2ABF060A6\|BCDF560EF\|C0B0160EC\|FD01D4DD-1DEF-1BC3-9A2A-5EDE8F9DD6C5 /var/log/mail.log Nov 8 12:35:46 zed postfix/smtpd[2515]: 2ABF060A6: client=designakeackson.info[176.126.174.9] Nov 8 12:35:46 zed postfix/cleanup[2517]: 2ABF060A6: message-id=<[email protected]> Nov 8 12:35:46 zed postfix/qmgr[3850]: 2ABF060A6: from=<[email protected]>, size=9793, nrcpt=1 (queue active) Nov 8 12:35:46 zed spamd[2282]: spamd: processing message <[email protected]> for daniele:1000 Nov 8 12:35:47 zed spamd[2282]: spamd: result: Y 5 - BAYES_50,HTML_MESSAGE,RP_MATCHES_RCVD,SPF_SOFTFAIL,T_FILL_THIS_FORM_SHORT,URIBL_DBL_SPAM,URIBL_JP_SURBL,URIBL_WS_SURBL scantime=1.4,size=9786,user=daniele,uid=1000,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=60966,mid=<[email protected]>,bayes=0.500000,autolearn=no Nov 8 12:35:47 zed postfix/pickup[2485]: BCDF560EF: uid=65534 from=<[email protected]> Nov 8 12:35:47 zed postfix/cleanup[2517]: BCDF560EF: message-id=<[email protected]> Nov 8 12:35:47 zed postfix/pipe[2518]: 2ABF060A6: to=<[email protected]>, relay=spamassassin, delay=1.7, delays=0.24/0.01/0/1.4, dsn=2.0.0, status=sent (delivered via spamassassin service) Nov 8 12:35:47 zed postfix/qmgr[3850]: BCDF560EF: from=<[email protected]>, size=10941, nrcpt=1 (queue active) 
Nov  8 12:35:47 zed postfix/qmgr[3850]: 2ABF060A6: removed
Nov 8 12:35:47 zed postfix/local[2522]: BCDF560EF: to=<[email protected]>, relay=local, delay=0.02, delays=0/0.01/0/0.01, dsn=5.4.6, status=bounced (mail forwarding loop for [email protected]) Nov 8 12:35:47 zed postfix/cleanup[2517]: C0B0160EC: message-id=<[email protected]> Nov 8 12:35:47 zed postfix/bounce[2523]: BCDF560EF: sender non-delivery notification: C0B0160EC Nov 8 12:35:47 zed postfix/qmgr[3850]: C0B0160EC: from=<>, size=12730, nrcpt=1 (queue active) 
Nov  8 12:35:47 zed postfix/qmgr[3850]: BCDF560EF: removed
Nov 8 12:35:52 zed postfix/smtp[2512]: C0B0160EC: host eforward3.registrar-servers.com[209.105.246.196] said: 450 4.1.1 <[email protected]>: Recipient address rejected: unverified address: unknown user: "[email protected]" (in reply to RCPT TO command) Nov 8 12:35:52 zed postfix/smtp[2512]: C0B0160EC: host eforward1.registrar-servers.com[69.160.33.82] refused to talk to me: 421 4.3.2 All server ports are busy Nov 8 12:35:54 zed postfix/smtp[2512]: C0B0160EC: to=<[email protected]>, relay=eforward2.registrar-servers.com[209.105.246.195]:25, delay=7.2, delays=0/0/7/0.17, dsn=4.1.1, status=deferred (host eforward2.registrar-servers.com[209.105.246.195] said: 450 4.1.1 <[email protected]>: Recipient address rejected: unverified address: unknown user: "[email protected]" (in reply to RCPT TO command)) Nov 8 12:45:42 zed postfix/qmgr[3850]: C0B0160EC: from=<>, size=12730, nrcpt=1 (queue active) Nov 8 12:45:43 zed postfix/smtp[2566]: C0B0160EC: host eforward3.registrar-servers.com[209.105.246.196] refused to talk to me: 421 4.3.2 All server ports are busy Nov 8 12:46:05 zed postfix/smtp[2566]: C0B0160EC: host eforward2.registrar-servers.com[209.105.246.195] said: 450 4.1.1 <[email protected]>: Recipient address rejected: unverified address: unknown user: "[email protected]" (in reply to RCPT TO command) Nov 8 12:46:06 zed postfix/smtp[2566]: C0B0160EC: host eforward1.registrar-servers.com[69.160.33.82] refused to talk to me: 421 4.3.2 All server ports are busy Nov 8 12:46:06 zed postfix/smtp[2566]: C0B0160EC: host eforward4.registrar-servers.com[69.160.33.74] refused to talk to me: 421 4.3.2 All server ports are busy Nov 8 12:46:06 zed postfix/smtp[2566]: C0B0160EC: to=<[email protected]>, relay=eforward5.registrar-servers.com[38.101.213.202]:25, delay=619, delays=595/0.04/24/0, dsn=4.3.2, status=deferred (host eforward5.registrar-servers.com[38.101.213.202] refused to talk to me: 421 4.3.2 All server ports are busy) 
My configuration:

# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_min_user = no
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
disable_vrfy_command = yes
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4
mailbox_command = /usr/lib/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" 
mailbox_size_limit = 0
message_size_limit = 0
mydestination = grinta.net, zed, zed.grinta.net, localhost
myhostname = zed.grinta.net
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
owner_request_special = no
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_sasl_authenticated
reject_invalid_hostname reject_non_fqdn_hostname reject_non_fqdn_sender
reject_non_fqdn_recipient reject_unknown_sender_domain
reject_unknown_recipient_domain permit_mynetworks
reject_unauth_destination reject_rbl_client zen.spamhaus.org
reject_rbl_client bhnc.njabl.org reject_rbl_client dul.dnsbl.sorbs.net
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/postfix.cert
smtpd_tls_key_file = /etc/postfix/postfix.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
unknown_local_recipient_reject_code = 550


Thanks in advance for your help.

Cheers,
Daniele







--
J.

Reply via email to