Oct 23 10:53:00 rv-smtpext-201 postfix/pickup[11413]: [ID 947731
mail.warning] warning: maildrop/6B8F696F6: error writing 2737698C0: no
recipients specified
The Postfix sendmail command awas invoked with no recipients on the
command line, and (with -t) with no recipients in the message header.
> I suppose some software creates mailformed email messages because it
fails to detect some errors up-stream.
To be honest. I don't understand this yet. The machine acts as a relay
which takes mails from the internet (here: gmail) and forwards them to
the next station (here: smail1.mailintern.local). There is no content
filtering, no reinjection or such - nothing that should invoke sendmail.
The configuration is quite trivial (please see below). I even do not
understand what happened after queueid 6B8F696F6 has been delivered.
# egrep "6B8F696F6|2737698C0" /var/log/maillog
Oct 23 10:46:58 rv-smtpext-201 postfix/smtpd[1020]: [ID 197553
mail.info] 6B8F696F6: client=mail-la0-f45.google.com[209.85.215.45]
Oct 23 10:46:58 rv-smtpext-201 postfix/cleanup[27791]: [ID 197553
mail.info] 6B8F696F6:
message-id=<jsfcy39dev1kncus40xhttb6.1414053900...@email.android.com>
Oct 23 10:46:59 rv-smtpext-201 postfix/qmgr[16441]: [ID 197553
mail.info] 6B8F696F6: from=<anonsen...@gmail.com>, size=129401, nrcpt=1
(queue active)
Oct 23 10:50:19 rv-smtpext-201 postfix/qmgr[10619]: [ID 197553
mail.info] 6B8F696F6: from=<anonsen...@gmail.com>, size=129401, nrcpt=1
(queue active)
- Why do we see this line twice?
Oct 23 10:51:21 rv-smtpext-201 postfix/qmgr[11414]: [ID 197553
mail.info] 6B8F696F6: skipped, still being delivered
Oct 23 10:51:26 rv-smtpext-201 postfix/smtp[10823]: [ID 197553
mail.info] 6B8F696F6: to=<ANONRCPT@local>,
relay=smail1.mailintern.local[10.1.1.1]:25, delay=270,
delays=203/57/10/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as
B489018F20B5)
- Here it got delivered. Why is the rest happening?
Oct 23 10:53:00 rv-smtpext-201 postfix/pickup[11413]: [ID 197553
mail.info] 2737698C0: uid=12345 from=<anonsen...@gmail.com>
orig_id=6B8F696F6
Oct 23 10:53:00 rv-smtpext-201 postfix/cleanup[12657]: [ID 197553
mail.info] 2737698C0:
message-id=<jsfcy39dev1kncus40xhttb6.1414053900...@email.android.com>
Oct 23 10:53:00 rv-smtpext-201 postfix/pickup[11413]: [ID 947731
mail.warning] warning: maildrop/6B8F696F6: error writing 2737698C0: no
recipients specified
- UID 12345 is the postfix user:
# grep 12345 /etc/passwd
postfix:x:12345:12345:Postfix:/var/empty:/bin/false
Postconf -n follows. Let me know if anything else is needed:
address_verify_map = btree:$data_directory/VERIFY_ADDRESS
address_verify_negative_cache = yes
address_verify_negative_expire_time = 3d
address_verify_negative_refresh_time = 3h
address_verify_poll_count = 3
address_verify_poll_delay = 6
address_verify_positive_expire_time = 31d
address_verify_positive_refresh_time = 7d
address_verify_sender = postmaster@local
address_verify_transport_maps = btree:/etc/postfix/verify_transport
alias_database = hash:/etc/postfix/aliases
alias_maps = $alias_database
alternate_config_directories = /etc/postfix/OUT, /etc/postfix/TLSONLY
body_checks = pcre:/etc/postfix/body_checks
body_checks_size_limit = 512000
bounce_queue_lifetime = 3d
bounce_template_file = /etc/postfix/bounce.cf
command_directory = /opt/vrnetze/postfix/sbin
config_directory = /etc/postfix
daemon_directory = /opt/vrnetze/postfix/libexec
data_directory = /var/spool/postfix/DATA
debug_peer_level = 2
default_privs = nobody
delay_warning_time = 12h
disable_vrfy_command = yes
fast_flush_domains = $relay_domains
header_checks = pcre:/etc/postfix/header_checks
html_directory = no
inet_interfaces = all
luser_relay = g_vrnetze_cna_fw@local
mail_name = Mailservice
mail_owner = postfix
mailbox_size_limit = 56000001
mailq_path = /usr/bin/mailq
manpage_directory = /opt/vrnetze/postfix/man
maximal_queue_lifetime = 3d
message_size_limit = 56000000
mime_header_checks = pcre:/etc/postfix/mime_header_checks
mydestination = $myhostname, localhost.$mydomain
mydomain = local
myhostname = mail2.local
mynetworks = /etc/postfix/relay_from_networks
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases
plaintext_reject_code = 554
proxy_interfaces = 195.145.180.23, 195.145.180.24, 195.145.180.25,
195.145.180.26, 195.145.180.27, 195.145.180.28, 195.145.180.29,
195.145.180.30
queue_directory = /var/spool/postfix
readme_directory = /opt/vrnetze/postfix/doc
relay_domains = $config_directory/relay_to_domains
remote_header_rewrite_domain = domain.invalid
sample_directory = /etc/postfix
sender_canonical_maps = btree:/etc/postfix/sender_canonical
sendmail_path = /usr/lib/sendmail
setgid_group = postdrop
smtp_data_done_timeout = 660s
smtp_data_init_timeout = 240s
smtp_data_xfer_timeout = 360s
smtp_enforce_tls = no
smtp_tls_CAfile = /etc/postfix/CERTS/CAcert.pem
smtp_tls_cert_file = /etc/postfix/CERTS/cert.pem
smtp_tls_key_file = /etc/postfix/CERTS/key.pem
smtp_tls_loglevel = 1
smtp_tls_policy_maps = btree:/etc/postfix/TLS_EMPFAENGER
smtp_tls_scert_verifydepth = 8
smtp_tls_session_cache_database = btree:$data_directory/smtp_scache
smtp_tls_session_cache_timeout = 3600s
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP Mailservice
smtpd_data_restrictions = reject_unauth_pipelining,
reject_multi_recipient_bounce
smtpd_end_of_data_restrictions = check_recipient_access
btree:/etc/postfix/GROESSENBESCHRAENKUNG, check_sender_access
pcre:/etc/postfix/NO_SMAIL_SENDER
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_policy_service_max_idle = 700s
smtpd_policy_service_max_ttl = 1800s
smtpd_policy_service_timeout = 600s
smtpd_proxy_timeout = 600s
smtpd_recipient_restrictions = reject_non_fqdn_recipient,
permit_mynetworks, reject_unauth_destination, check_ccert_access
btree:/etc/postfix/tls_ccerts, check_client_access
cidr:/etc/postfix/CLIENT_WHITELIST, check_sender_access
btree:/etc/postfix/ABSENDER_WHITELIST, check_client_access
pcre:/etc/postfix/TLS_VERSENDER_CLIENTS, check_sender_access
btree:/etc/postfix/TLS_VERSENDER, check_client_access
pcre:/etc/postfix/CLIENT_BLACKLIST, check_recipient_access
pcre:/etc/postfix/EMPFAENGER_BLACKLIST, check_helo_access
pcre:/etc/postfix/HELOCHECK, check_sender_access
btree:/etc/postfix/INTERNE_DOMAINS, check_sender_access
pcre:/etc/postfix/ABSENDER_BLACKLIST, reject_invalid_helo_hostname,
reject_non_fqdn_sender, reject_unknown_sender_domain,
check_sender_mx_access cidr:/etc/postfix/PRIVATE_NETZE,
reject_rbl_client zen.spamhaus.org, check_recipient_access
btree:/etc/postfix/POLICYCHECK, check_recipient_access
btree:/etc/postfix/VERIFY_EMPFAENGER, permit
smtpd_restriction_classes = hapolicycheck, hagroessencheck,
hagreylistcheck, pfwpolicycheck, greylistcheck, absenderverifizierung,
empfaengerverifizierung, groessencheck
smtpd_tls_CAfile = /etc/postfix/CERTS/CAcert.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_ccert_verifydepth = 8
smtpd_tls_cert_file = /etc/postfix/CERTS/cert.pem
smtpd_tls_ciphers = medium
smtpd_tls_dh1024_param_file = /etc/postfix/CERTS/dh2048.pem
smtpd_tls_dh512_param_file = /etc/postfix/CERTS/dh512.pem
smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers = EDH-RSA-DES-CBC3-SHA, DES-CBC3-SHA
smtpd_tls_key_file = /etc/postfix/CERTS/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_exclude_ciphers = EDH-RSA-DES-CBC3-SHA, DES-CBC3-SHA
smtpd_tls_mandatory_protocols = !SSLv2
smtpd_tls_protocols = !SSLv2
smtpd_tls_received_header = yes
smtpd_tls_req_ccert = no
smtpd_tls_session_cache_database = btree:$data_directory/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
tls_preempt_cipherlist = yes
transport_maps = btree:/etc/postfix/fehlerdomains,
btree:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
unverified_recipient_reject_reason = User unknown -- Empfaenger nicht
gefunden
