Re: [Dovecot] Auto Vacation replies again
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Stephan, Thank you. I understand what you are saying in trying to keep a vicious cycle of auto-replies responding to each other. But in our environment I don't have any choice as our central virus/spam email gateway will can any message without a valid from address in the headers. I will forward this on to our central IT guys that maintain the email gateway, but I don't hold much hope that they will listen ;). Stephan Bosch wrote: CJ Keist schreef: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Fixed it!! In the file src/sieve_cmu.c line 744: smtp_client = smtp_client_open(src-addr, NULL, f); change to: smtp_client = smtp_client_open(src-addr, src-fromaddr, f); First of all, this does not control the content of the From: header line, but rather the FROM SMTP envelope field. This behavior is implemented as such on purpose. From RFC5230 (http://www.ietf.org/rfc/rfc5230.txt): 5.1. SMTP MAIL FROM Address The SMTP MAIL FROM address of the message envelope SHOULD be set to . [...] This is primarily recommended to prevent other (more stupid) auto-responders to generate a response to your vacation response (see also RFC3834 - 3.3. Message envelope). In general I would recommend adjusting the filter accordingly, because vacation replies are likely not going to be the only thing it will chew on when it is configured to bite things that have an empty return path (e.g. mailer daemon status reports and the like). Regards, Stephan. - -- C. J. Keist Email: [EMAIL PROTECTED] UNIX/Network ManagerPhone: 970-491-0630 Engineering Network ServicesFax: 970-491-5569 College of Engineering, CSU Ft. Collins, CO 80523-1301 All I want is a chance to prove 'Money can't buy happiness' -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIoZ0yA29OFr7C6jcRAt3TAJ4iQyaHtd7lMcm4g9Gp7ezcJQvrNACfT7JU Z1OFdj2ZZHRuQgc+HhaxdTM= =6G+3 -END PGP SIGNATURE-
Re: [Dovecot] Auto Vacation replies again
CJ Keist escreveu: Stephan, Thank you. I understand what you are saying in trying to keep a vicious cycle of auto-replies responding to each other. But in our environment I don't have any choice as our central virus/spam email gateway will can any message without a valid from address in the headers The messages do have a valid from address in the headers - but their Envelope From address is empty, as the RFC recommends. These are two different things.
Re: [Dovecot] Auto Vacation replies again
On 8/12/2008, CJ Keist ([EMAIL PROTECTED]) wrote: I understand what you are saying in trying to keep a vicious cycle of auto-replies responding to each other. But in our environment I don't have any choice as our central virus/spam email gateway will can any message without a valid from address in the headers. I will forward this on to our central IT guys that maintain the email gateway, but I don't hold much hope that they will listen ;) . My advice? Throw away the gateway and find one that works correctly. Doing this results in your users NOT getting 99.99% of valid/legitimate DSN notifications (since they all use the NULL sender, as prescribed by the RFCs). Blocking all messages with a NULL sender is not only violating the RFCs, and will possibly result in your getting on certain blacklists, like dsn.rfc-ignorant.org, it is lazy and dumb. But, to each his own... -- Best regards, Charles
Re: [Dovecot] Auto Vacation replies again
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thank you all for the input and the rfc url. To my surprise the central IT dept. is going to make the change to allow the envelope from to be empty! I'm pretty sure it was the rfc url I gave them to help my cause. So I'm reverting the code back to the original state. Charles Marcus wrote: On 8/12/2008, CJ Keist ([EMAIL PROTECTED]) wrote: I understand what you are saying in trying to keep a vicious cycle of auto-replies responding to each other. But in our environment I don't have any choice as our central virus/spam email gateway will can any message without a valid from address in the headers. I will forward this on to our central IT guys that maintain the email gateway, but I don't hold much hope that they will listen ;) . My advice? Throw away the gateway and find one that works correctly. Doing this results in your users NOT getting 99.99% of valid/legitimate DSN notifications (since they all use the NULL sender, as prescribed by the RFCs). Blocking all messages with a NULL sender is not only violating the RFCs, and will possibly result in your getting on certain blacklists, like dsn.rfc-ignorant.org, it is lazy and dumb. But, to each his own... - -- C. J. Keist Email: [EMAIL PROTECTED] UNIX/Network ManagerPhone: 970-491-0630 Engineering Network ServicesFax: 970-491-5569 College of Engineering, CSU Ft. Collins, CO 80523-1301 All I want is a chance to prove 'Money can't buy happiness' -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIohcFA29OFr7C6jcRAhotAKDH0tZz/zVL/z7VLMHhKAG+mTvTVgCg3XwR n8jdXJOrZk0biQt04cUUkWI= =Bhdt -END PGP SIGNATURE-
[Dovecot] Auto Vacation replies again
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sorry to bring this up again. I have now configured my test server to pass all email messages off to our central campus email filter gateway. This gateway scans all email traffic for viruses/spam before being delivered to any local mail servers. Once I did this my auto vacation replies are getting canned due to the fact the from header line is empty in the reply message. You can see that it is empty from my mail logs (soon after the line where is executes my .dovecot.sievec file): Aug 11 13:24:51 mail2.engr.colostate.edu dovecot: [ID 107833 mail.info] auth(default): new auth connection: pid=15539 Aug 11 13:24:51 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] connect from akron.colostate.edu[129.82.103.160] Aug 11 13:24:52 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] setting up TLS connection from akron.colostate.edu[129.82.103.160] Aug 11 13:24:52 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] Anonymous TLS connection established from akron.colostate.edu[129.82.103.160]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Aug 11 13:24:53 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] 44DEC599C3: client=akron.colostate.edu[129.82.103.160] Aug 11 13:24:53 mail2.engr.colostate.edu postfix/cleanup[15547]: [ID 197553 mail.info] 44DEC599C3: message-id=[EMAIL PROTECTED] Aug 11 13:24:53 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] disconnect from akron.colostate.edu[129.82.103.160] Aug 11 13:24:53 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] 44DEC599C3: from=[EMAIL PROTECTED], size=1875, nrcpt=1 (queue active) Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 315030 mail.info] Loading modules from directory: /userM/mail-services/dovecot/lib/dovecot/lda Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 619685 mail.info] Module loaded: /userM/mail-services/dovecot/lib/dovecot/lda/lib90_cmusieve_plugin.so Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 848615 mail.info] mbox: data=/top/admin/ENS/people/cjay/home/:INBOX=/userM/mail/cjay Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 885103 mail.info] fs: root=/top/admin/ENS/people/cjay/home, index=, control=, inbox=/userM/mail/cjay Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 223526 mail.info] cmusieve: Using sieve path: /top/admin/ENS/people/cjay/home/.dovecot.sieve Aug 11 13:24:54 mail2.engr.colostate.edu deliver(cjay): [ID 507699 mail.info] cmusieve: Executing script /top/admin/ENS/people/cjay/home/.dovecot.sievec Aug 11 13:24:54 mail2.engr.colostate.edu deliver(cjay): [ID 725890 mail.info] msgid=[EMAIL PROTECTED]: sent vacation response to [EMAIL PROTECTED] Aug 11 13:24:54 mail2.engr.colostate.edu postfix/pickup[13201]: [ID 197553 mail.info] B9798599C5: uid=10946 from= Aug 11 13:24:54 mail2.engr.colostate.edu postfix/cleanup[15547]: [ID 197553 mail.info] B9798599C5: message-id=[EMAIL PROTECTED] Aug 11 13:24:54 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] B9798599C5: from=, size=772, nrcpt=1 (queue active) Aug 11 13:24:55 mail2.engr.colostate.edu deliver(cjay): [ID 702911 mail.info] msgid=[EMAIL PROTECTED]: saved mail to INBOX Aug 11 13:24:55 mail2.engr.colostate.edu postfix/smtp[1]: [ID 197553 mail.info] B9798599C5: to=[EMAIL PROTECTED], relay=parker.colostate.edu[129.82.103.125]:25, delay=0.89, delays=0.09/0.51/0.03/0.25, dsn=2.0.0, status=sent (250 2.0.0 m7BJOur1516324 Message accepted for delivery) Aug 11 13:24:55 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] B9798599C5: removed Aug 11 13:24:55 mail2.engr.colostate.edu postfix/local[15549]: [ID 197553 mail.info] 44DEC599C3: to=[EMAIL PROTECTED], relay=local, delay=2.7, delays=0.26/0.19/0/2.2, dsn=2.0.0, status=sent (delivered to command: /userM/mail-services/dovecot/libexec/dovecot/deliver) Aug 11 13:24:55 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] 44DEC599C3: removed Again, my info: OS: Solaris 10 sparc on T2000 postfix: 2.5.2 dovecot: 1.1.2 sieve plug: 1.1.5 dovecot -n: # 1.1.2: /userM/mail-services/dovecot/etc/dovecot.conf Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 3072). Either grow the limit or change login_max_processes_count and max_mail_processes settings base_dir: /userM/mail-services/dovecot/var/run/dovecot/ protocols: imap imaps pop3 pop3s ssl_cert_file: /userM/mail-services/dovecot/etc/ssl/dovecot.pem ssl_key_file: /userM/mail-services/dovecot/etc/ssl/privkey.pem ssl_parameters_regenerate: 0 ssl_cipher_list: MEDIUM:!LOW disable_plaintext_auth: no login_dir: /userM/mail-services/dovecot/var/run/dovecot/login login_executable(default): /userM/mail-services/dovecot/libexec/dovecot/imap-login login_executable(imap): /userM/mail-services/dovecot/libexec/dovecot/imap-login login_executable(pop3):
Re: [Dovecot] Auto Vacation replies again
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Fixed it!! In the file src/sieve_cmu.c line 744: smtp_client = smtp_client_open(src-addr, NULL, f); change to: smtp_client = smtp_client_open(src-addr, src-fromaddr, f); CJ Keist wrote: Sorry to bring this up again. I have now configured my test server to pass all email messages off to our central campus email filter gateway. This gateway scans all email traffic for viruses/spam before being delivered to any local mail servers. Once I did this my auto vacation replies are getting canned due to the fact the from header line is empty in the reply message. You can see that it is empty from my mail logs (soon after the line where is executes my .dovecot.sievec file): Aug 11 13:24:51 mail2.engr.colostate.edu dovecot: [ID 107833 mail.info] auth(default): new auth connection: pid=15539 Aug 11 13:24:51 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] connect from akron.colostate.edu[129.82.103.160] Aug 11 13:24:52 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] setting up TLS connection from akron.colostate.edu[129.82.103.160] Aug 11 13:24:52 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] Anonymous TLS connection established from akron.colostate.edu[129.82.103.160]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits) Aug 11 13:24:53 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] 44DEC599C3: client=akron.colostate.edu[129.82.103.160] Aug 11 13:24:53 mail2.engr.colostate.edu postfix/cleanup[15547]: [ID 197553 mail.info] 44DEC599C3: message-id=[EMAIL PROTECTED] Aug 11 13:24:53 mail2.engr.colostate.edu postfix/smtpd[15539]: [ID 197553 mail.info] disconnect from akron.colostate.edu[129.82.103.160] Aug 11 13:24:53 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] 44DEC599C3: from=[EMAIL PROTECTED], size=1875, nrcpt=1 (queue active) Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 315030 mail.info] Loading modules from directory: /userM/mail-services/dovecot/lib/dovecot/lda Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 619685 mail.info] Module loaded: /userM/mail-services/dovecot/lib/dovecot/lda/lib90_cmusieve_plugin.so Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 848615 mail.info] mbox: data=/top/admin/ENS/people/cjay/home/:INBOX=/userM/mail/cjay Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 885103 mail.info] fs: root=/top/admin/ENS/people/cjay/home, index=, control=, inbox=/userM/mail/cjay Aug 11 13:24:53 mail2.engr.colostate.edu deliver(cjay): [ID 223526 mail.info] cmusieve: Using sieve path: /top/admin/ENS/people/cjay/home/.dovecot.sieve Aug 11 13:24:54 mail2.engr.colostate.edu deliver(cjay): [ID 507699 mail.info] cmusieve: Executing script /top/admin/ENS/people/cjay/home/.dovecot.sievec Aug 11 13:24:54 mail2.engr.colostate.edu deliver(cjay): [ID 725890 mail.info] msgid=[EMAIL PROTECTED]: sent vacation response to [EMAIL PROTECTED] Aug 11 13:24:54 mail2.engr.colostate.edu postfix/pickup[13201]: [ID 197553 mail.info] B9798599C5: uid=10946 from= Aug 11 13:24:54 mail2.engr.colostate.edu postfix/cleanup[15547]: [ID 197553 mail.info] B9798599C5: message-id=[EMAIL PROTECTED] Aug 11 13:24:54 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] B9798599C5: from=, size=772, nrcpt=1 (queue active) Aug 11 13:24:55 mail2.engr.colostate.edu deliver(cjay): [ID 702911 mail.info] msgid=[EMAIL PROTECTED]: saved mail to INBOX Aug 11 13:24:55 mail2.engr.colostate.edu postfix/smtp[1]: [ID 197553 mail.info] B9798599C5: to=[EMAIL PROTECTED], relay=parker.colostate.edu[129.82.103.125]:25, delay=0.89, delays=0.09/0.51/0.03/0.25, dsn=2.0.0, status=sent (250 2.0.0 m7BJOur1516324 Message accepted for delivery) Aug 11 13:24:55 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] B9798599C5: removed Aug 11 13:24:55 mail2.engr.colostate.edu postfix/local[15549]: [ID 197553 mail.info] 44DEC599C3: to=[EMAIL PROTECTED], relay=local, delay=2.7, delays=0.26/0.19/0/2.2, dsn=2.0.0, status=sent (delivered to command: /userM/mail-services/dovecot/libexec/dovecot/deliver) Aug 11 13:24:55 mail2.engr.colostate.edu postfix/qmgr[15988]: [ID 197553 mail.info] 44DEC599C3: removed Again, my info: OS: Solaris 10 sparc on T2000 postfix: 2.5.2 dovecot: 1.1.2 sieve plug: 1.1.5 dovecot -n: # 1.1.2: /userM/mail-services/dovecot/etc/dovecot.conf Warning: fd limit 256 is lower than what Dovecot can use under full load (more than 3072). Either grow the limit or change login_max_processes_count and max_mail_processes settings base_dir: /userM/mail-services/dovecot/var/run/dovecot/ protocols: imap imaps pop3 pop3s ssl_cert_file: /userM/mail-services/dovecot/etc/ssl/dovecot.pem ssl_key_file: /userM/mail-services/dovecot/etc/ssl/privkey.pem ssl_parameters_regenerate: 0 ssl_cipher_list: MEDIUM:!LOW disable_plaintext_auth: no
Re: [Dovecot] Auto Vacation replies again
CJ Keist schreef: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Fixed it!! In the file src/sieve_cmu.c line 744: smtp_client = smtp_client_open(src-addr, NULL, f); change to: smtp_client = smtp_client_open(src-addr, src-fromaddr, f); First of all, this does not control the content of the From: header line, but rather the FROM SMTP envelope field. This behavior is implemented as such on purpose. From RFC5230 (http://www.ietf.org/rfc/rfc5230.txt): 5.1. SMTP MAIL FROM Address The SMTP MAIL FROM address of the message envelope SHOULD be set to . [...] This is primarily recommended to prevent other (more stupid) auto-responders to generate a response to your vacation response (see also RFC3834 - 3.3. Message envelope). In general I would recommend adjusting the filter accordingly, because vacation replies are likely not going to be the only thing it will chew on when it is configured to bite things that have an empty return path (e.g. mailer daemon status reports and the like). Regards, Stephan.