REJECT and "optional text" question...

2016-07-25 Thread Pedro David Marco 


Hello,

I have a sender restriction like this:

smtpd_sender_restrictions =
permit_mynetworks
check_client_access hash:/etc/postfix/special_clients

and in special_clients file:

205.201.128.108REJECT You are blacklisted



What i see is that it works and the client gets rejected BUT with the message 
"Access denied" and not "You are blacklisted".. 

example log:

2016 Jul 23 04:11:05 host1 postfix/smtpd[10484]: NOQUEUE: reject: RCPT from 
mail108.us4.mcsv.net[205.201.128.108]: 554 5.7.1

Re: postfix sends but does not receive

2016-07-25 Thread Viktor Dukhovni 
On Mon, Jul 25, 2016 at 05:04:15PM -0600, Bob wrote:

> >>lists.faithwalk.ca  mailman:
> >>faithwalk.camailman:
> >
> >There's your mistake, you can't deliver non-list mail via mailman, it only
> >handles mailing lists.  Only the "lists" subdomain should be routed to 
> >"mailman".
> >If you want lists of the form "listn...@faithwalk.ca" you'll need to alias 
> >them
> >to "l...@lists.faithwalk.ca".
>
> I understand, but don't know how to make this happen.

You'll need to find a sufficiently detailed HOW-TO.  Or perhaps
someone else on the list can walk you through this step-by-step.

> >>As I look this up, what I find is changing the line "faithwalk.ca mailman"
> >> to "faithwalk.ca smtp:faithwalk.ca" but it seems wrong to me as I look at
> >> it. Do I need to change to virtual domains to use mailman?
> >
> >Local domains should, and by default do, get delivered by local(8) not 
> >smtp(8).
>
> So, should I take out "faithwalk.ca mailman" if it works by default?

Yes, but if you host lists at that domain, you'll need some aliases,
if all the lists are in the "lists." subdomain, then it might be
sufficient, provided there are no other issues.

-- 
Viktor.

Re: postfix sends but does not receive

2016-07-25 Thread Bob 

Please excuse my questions, I am just learning this. More response below

On 2016-07-25 04:33 PM, Viktor Dukhovni wrote:

On Jul 25, 2016, at 6:28 PM, Bob  wrote:


transport_maps = hash:/etc/postfix/transport


Here is the file, which explains why mail is going to mailman as well, but I am 
not sure how to change it. I want mail coming in to go to the 
u...@faithwalk.ca, as well as listn...@faithwalk.ca rather than using 
listn...@lists.faithwalk.ca.


/etc/postfix/transport
lists.faithwalk.ca  mailman:
faithwalk.camailman:

There's your mistake, you can't deliver non-list mail via mailman, it only
handles mailing lists.  Only the "lists" subdomain should be routed to 
"mailman".
If you want lists of the form "listn...@faithwalk.ca" you'll need to alias them
to "l...@lists.faithwalk.ca".

I understand, but don't know how to make this happen.


As I look this up, what I find is changing the line "faithwalk.ca mailman" to 
"faithwalk.ca smtp:faithwalk.ca" but it seems wrong to me as I look at it. Do I need to 
change to virtual domains to use mailman?

Local domains should, and by default do, get delivered by local(8) not smtp(8).


So, should I take out "faithwalk.ca mailman" if it works by default?

Re: postfix sends but does not receive

2016-07-25 Thread Viktor Dukhovni 

> On Jul 25, 2016, at 6:28 PM, Bob  wrote:
> 
>>>transport_maps = hash:/etc/postfix/transport
>>> 
> 
> Here is the file, which explains why mail is going to mailman as well, but I 
> am not sure how to change it. I want mail coming in to go to the 
> u...@faithwalk.ca, as well as listn...@faithwalk.ca rather than using 
> listn...@lists.faithwalk.ca.
> 
> 
> /etc/postfix/transport
> lists.faithwalk.ca  mailman:
> faithwalk.camailman:

There's your mistake, you can't deliver non-list mail via mailman, it only
handles mailing lists.  Only the "lists" subdomain should be routed to 
"mailman".
If you want lists of the form "listn...@faithwalk.ca" you'll need to alias them
to "l...@lists.faithwalk.ca".

> As I look this up, what I find is changing the line "faithwalk.ca mailman" to 
> "faithwalk.ca smtp:faithwalk.ca" but it seems wrong to me as I look at it. Do 
> I need to change to virtual domains to use mailman?

Local domains should, and by default do, get delivered by local(8) not smtp(8).

-- 
Viktor.

Re: postfix sends but does not receive

2016-07-25 Thread Bob 

On 2016-07-25 11:54 AM, Viktor Dukhovni wrote:

On Mon, Jul 25, 2016 at 11:30:55AM -0600, Bob wrote:


evidence in the form of "postconf -n" command out and logfile records,
perhaps anonymized, and never with verbose logging turned on.

So, I now know what you need to see and will send it.

bob@server:~$ postconf -n
mydestination = server, localhost.faithwalk.ca, mail.faithwalk.ca, 
faithwalk.ca, localhost
mydomain = mydomain

I hope that "mydomain" setting is an obfuscation attempt, and not
the actual value.


relay_domains = faithwalk.ca, lists.faithwalk.ca

You probably want these in mydestination (the first is there
already), with "relay_domains" set empty.


smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unknown_client_hostname

The last of these is generally much too strict.


smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated

These do nothing, because there is an implicit "permit" when the
end of the restrictions is reached without a reject or defer, so
just empty does the same thing more efficiently.


smtpd_relay_restrictions = permit_mynetworks
permit_sasl_authenticated defer_unauth_destination

Here "reject_unauth_destination" is much better than
"defer_unauth_destination".


smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

With sufficiently recent Postfix versions (>= 2.11) server-side
caches are no longer recommended, as session tickets work better.


Ok, so I changed all of the above. They all came out of a set up postfix 
how to.

transport_maps = hash:/etc/postfix/transport


Here is the file, which explains why mail is going to mailman as well, 
but I am not sure how to change it. I want mail coming in to go to the 
u...@faithwalk.ca, as well as listn...@faithwalk.ca rather than using 
listn...@lists.faithwalk.ca.



   /etc/postfix/transport
   lists.faithwalk.ca  mailman:
   faithwalk.camailman:


As I look this up, what I find is changing the line "faithwalk.ca 
mailman" to "faithwalk.ca smtp:faithwalk.ca" but it seems wrong to me as 
I look at it. Do I need to change to virtual domains to use mailman?



You probably have unwanted entries in the transport table that
route all local mail to the "mailman" transport.


Jul 25 10:01:47 server postfix/pipe[5182]: A8DC012800A9:
to=, relay=mailman, delay=0.69,
delays=0.4/0.01/0/0.27, dsn=5.1.1, status=bounced (user unknown)

Which is unable to deliver the mail when the recipient address is
not that of a mailman mailing list.

Re: order of execution - transport vs local vs virtual user?

2016-07-25 Thread Viktor Dukhovni 
On Mon, Jul 25, 2016 at 04:28:54PM -0500, Noel Jones wrote:

> > What gets carried out first? transport maps, local or virtual users?
> > I'd like to over-ride some, but am not sure of the order that they
> > get carried out.  Can anyone here point me at the relevant doco?
> > I've not been able to find it.  Postfix 2.11
> 
> http://www.postfix.org/transport.5.html
> 
> The transport_maps parameter overrides all other default routing
> decisions, which are listed in the man page.

A more complete answer is in

http://www.postfix.org/ADDRESS_REWRITING_README.html#overview

Canonical rewriting, masquerading and virtual alias rewrites happen
just once while the message is being received and are "frozen" in
the queue file.  Transport lookups happen on every delivery attempt,
local(8) aliases(5) rewriting and smtp(8) generic(5) mapping happen
during delivery.  Local delivery will requeue mail to remote
recipients, or when expanding an alias with an "owner-" address,
or when delivering a ":include:" recipient list.

-- 
Viktor.

Re: postfix sends but does not receive

2016-07-25 Thread Bob 

If you are asking what is in the master.cf


mailman   unix  -   n   n -   -   pipe
  flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
  ${nexthop} ${user}


If you are asking what is Mailman, it is a mailing list manager.


On 2016-07-25 11:41 AM, Wietse Venema wrote:

Bob:

 Receive mail to main user /var/log/mail.log
 Jul 25 10:01:47 server postfix/qmgr[1870]: A8DC012800A9:
 from=,
 size=45253, nrcpt=1 (queue active)
 Jul 25 10:01:47 server postfix/pipe[5182]: A8DC012800A9:
 to=, relay=mailman, delay=0.69,
 delays=0.4/0.01/0/0.27, dsn=5.1.1, status=bounced (user unknown)

What is the 'mailman' service in master.cf?

Wietse

Re: order of execution - transport vs local vs virtual user?

2016-07-25 Thread Noel Jones 
On 7/25/2016 3:37 PM, Carl Brewer wrote:
> 
> G'day,
> Quick one, while I migrate a bunch of users from an old sendmail
> server to a new postfix one.
> 
> What gets carried out first? transport maps, local or virtual users?
> I'd like to over-ride some, but am not sure of the order that they
> get carried out.  Can anyone here point me at the relevant doco?
> I've not been able to find it.  Postfix 2.11
> 
> thank you,
> Carl

http://www.postfix.org/transport.5.html

The transport_maps parameter overrides all other default routing
decisions, which are listed in the man page.



  -- Noel Jones

Re: postscreen contantly deferring mail

2016-07-25 Thread Wietse Venema 
Viktor Dukhovni:
> On Mon, Jul 25, 2016 at 01:05:00PM +0200, Ralf Hildebrandt wrote:
> 
> > The complete log for 106.10.151.33:
> > 
> > > Jul 23 03:58:49 mail-cbf postfix/postscreen[36326]: CONNECT from 
> > > [106.10.151.33]:58305 to [193.175.73.208]:25
> > > Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: CONNECT from 
> > > [106.10.151.33]:47500 to [193.175.73.208]:25
> > > Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> > > from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable; 
> > > from=, to=, 
> > > proto=ESMTP, helo=
> > > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> > > from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable; 
> > > from=, to=, proto=ESMTP, 
> > > helo=
> > > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: PASS NEW 
> > > [106.10.151.33]:58305
> > > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> > > [106.10.151.33]:58305
> > > Jul 23 03:58:54 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> > > [106.10.151.33]:47500
> 
> What's odd here, is that the host always makes two parallel TLS
> connections (you must have some "late" tests enabled to get all
> the way to STARTTLS), with the first connection logging tempfailed
> recipients and logging "PASS NEW", and soon after the second seems
> to just disconnect without logging either.  Don't know what if
> anything that second connection does to the cached state.

First the client passes all tests in the session from
[106.10.151.33]:58305, and postscreen caches that result.

However, the other session ends without passing deep protocol
tests, and when that session ends, postscreen caches only the tests
that were passed in that session, i.e. no deep protocol tests.

I'll see if it is possible to handle this without keeping too much
state in postscreen for too much time.

Wietse

order of execution - transport vs local vs virtual user?

2016-07-25 Thread Carl Brewer 


G'day,
Quick one, while I migrate a bunch of users from an old sendmail server 
to a new postfix one.


What gets carried out first? transport maps, local or virtual users? 
I'd like to over-ride some, but am not sure of the order that they get 
carried out.  Can anyone here point me at the relevant doco? I've not 
been able to find it.  Postfix 2.11


thank you,
Carl

Re: postfix sends but does not receive

2016-07-25 Thread Viktor Dukhovni 
On Mon, Jul 25, 2016 at 11:30:55AM -0600, Bob wrote:

> >evidence in the form of "postconf -n" command out and logfile records,
> >perhaps anonymized, and never with verbose logging turned on.
> 
> So, I now know what you need to see and will send it.
> 
>bob@server:~$ postconf -n
>mydestination = server, localhost.faithwalk.ca, mail.faithwalk.ca, 
> faithwalk.ca, localhost
>mydomain = mydomain

I hope that "mydomain" setting is an obfuscation attempt, and not
the actual value.

>relay_domains = faithwalk.ca, lists.faithwalk.ca

You probably want these in mydestination (the first is there
already), with "relay_domains" set empty.

>smtpd_client_restrictions = permit_mynetworks,
>permit_sasl_authenticated, reject_unknown_client_hostname

The last of these is generally much too strict.

>smtpd_recipient_restrictions = permit_mynetworks,
>permit_sasl_authenticated

These do nothing, because there is an implicit "permit" when the
end of the restrictions is reached without a reject or defer, so
just empty does the same thing more efficiently.

>smtpd_relay_restrictions = permit_mynetworks
>permit_sasl_authenticated defer_unauth_destination

Here "reject_unauth_destination" is much better than
"defer_unauth_destination".

>smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

With sufficiently recent Postfix versions (>= 2.11) server-side
caches are no longer recommended, as session tickets work better.

>transport_maps = hash:/etc/postfix/transport

You probably have unwanted entries in the transport table that
route all local mail to the "mailman" transport.

>Jul 25 10:01:47 server postfix/pipe[5182]: A8DC012800A9:
>to=, relay=mailman, delay=0.69,
>delays=0.4/0.01/0/0.27, dsn=5.1.1, status=bounced (user unknown)

Which is unable to deliver the mail when the recipient address is
not that of a mailman mailing list.

-- 
Viktor.

Re: postfix sends but does not receive

2016-07-25 Thread Wietse Venema 
Bob:
> Receive mail to main user /var/log/mail.log
> Jul 25 10:01:47 server postfix/qmgr[1870]: A8DC012800A9:
> from=,
> size=45253, nrcpt=1 (queue active)
> Jul 25 10:01:47 server postfix/pipe[5182]: A8DC012800A9:
> to=, relay=mailman, delay=0.69,
> delays=0.4/0.01/0/0.27, dsn=5.1.1, status=bounced (user unknown)

What is the 'mailman' service in master.cf? 

Wietse

Re: postfix sends but does not receive

2016-07-25 Thread Bob 



On 2016-07-25 10:22 AM, Wietse Venema wrote:

Bob:

I am using postfix on an Ubuntu 16.04 system. I have also installed
dovecot as my mail server. I am able to send mail, I am also able to
check my mx setup from outside my domain (mxtoolbox) and it tells me
there is only one issue with a banner mismatch in my reverse dns. The
problem is I cannot receive mail. The system returns a "user not found"
or "user unknown" message in the logs. I checked my home directory and
there is a Maildir in that directory. I do not have virtual mailboxes
set up. Any help would be appreciated.

On this list, in addition to your opinions, we also want to see hard
evidence in the form of "postconf -n" command out and logfile records,
perhaps anonymized, and never with verbose logging turned on.


So, I now know what you need to see and will send it.

   postconf -n
   bob@server:~$ postconf -n
   alias_database = hash:/etc/aliases
   alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
   append_dot_mydomain = no
   biff = no
   broken_sasl_auth_clients = yes
   home_mailbox = Maildir/
   inet_interfaces = all
   inet_protocols = ipv4
   mailbox_size_limit = 0
   mailman_destination_recipient_limit = 1
   mydestination = server, localhost.faithwalk.ca, mail.faithwalk.ca,
   faithwalk.ca, localhost
   mydomain = mydomain
   myhostname = faithwalk.ca
   mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 192.168.0.0/24
   myorigin = /etc/mailname
   readme_directory = no
   recipient_delimiter = +
   relay_domains = faithwalk.ca, lists.faithwalk.ca
   relayhost =
   smtp_tls_note_starttls_offer = yes
   smtp_tls_security_level = may
   smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
   smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
   smtpd_client_restrictions = permit_mynetworks,
   permit_sasl_authenticated, reject_unknown_client_hostname
   smtpd_recipient_restrictions = permit_mynetworks,
   permit_sasl_authenticated
   smtpd_relay_restrictions = permit_mynetworks
   permit_sasl_authenticated defer_unauth_destination
   smtpd_sasl_auth_enable = yes
   smtpd_sasl_local_domain = faithwalk.ca
   smtpd_sasl_path = private/auth
   smtpd_sasl_security_options = noanonymous
   smtpd_sasl_type = dovecot
   smtpd_tls_cert_file = /etc/ssl/certs/server.crt
   smtpd_tls_key_file = /etc/ssl/private/server.key
   smtpd_tls_loglevel = 1
   smtpd_tls_received_header = yes
   smtpd_tls_security_level = may
   smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
   smtpd_use_tls = yes
   transport_maps = hash:/etc/postfix/transport

   Send test mail /var/logs/mail.log
   Jul 25 10:14:12 server postfix/submission/smtpd[5387]: connect from
   www.faithwalk.ca[24.72.66.135]
   Jul 25 10:14:12 server postfix/submission/smtpd[5387]: Anonymous TLS
   connection established from www.faithwalk.ca[24.72.66.135]: TLSv1.2
   with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
   Jul 25 10:14:12 server postfix/submission/smtpd[5387]: DA38012800A7:
   client=www.faithwalk.ca[24.72.66.135], sasl_method=PLAIN,
   sasl_username=bob
   Jul 25 10:14:12 server postfix/cleanup[5395]: DA38012800A7:
   message-id=
   Jul 25 10:14:12 server postfix/qmgr[1870]: DA38012800A7:
   from=, size=688, nrcpt=1 (queue active)
   Jul 25 10:14:13 server postfix/submission/smtpd[5387]: disconnect
   from www.faithwalk.ca[24.72.66.135] ehlo=2 starttls=1 auth=1 mail=1
   rcpt=1 data=1 quit=1 commands=8
   Jul 25 10:14:13 server postfix/smtp[5396]: DA38012800A7:
   to=,
   relay=gmail-smtp-in.l.google.com[74.125.28.26]:25, delay=0.94,
   delays=0.06/0.13/0.44/0.31, dsn=2.0.0, status=sent (250 2.0.0 OK
   1469463253 i1si34342138pfe.149 - gsmtp)
   Jul 25 10:14:13 server postfix/qmgr[1870]: DA38012800A7: removed

   Receive mail to main user /var/log/mail.log
   Jul 25 10:01:47 server postfix/qmgr[1870]: A8DC012800A9:
   from=,
   size=45253, nrcpt=1 (queue active)
   Jul 25 10:01:47 server postfix/pipe[5182]: A8DC012800A9:
   to=, relay=mailman, delay=0.69,
   delays=0.4/0.01/0/0.27, dsn=5.1.1, status=bounced (user unknown)
   Jul 25 10:01:47 server postfix/cleanup[5181]: 467ED12800AB:
   message-id=<20160725160147.467ed1280...@faithwalk.ca>
   Jul 25 10:01:47 server postfix/bounce[5184]: A8DC012800A9: sender
   non-delivery notification: 467ED12800AB
   Jul 25 10:01:47 server postfix/qmgr[1870]: 467ED12800AB: from=<>,
   size=47185, nrcpt=1 (queue active)
   Jul 25 10:01:47 server postfix/qmgr[1870]: A8DC012800A9: removed
   Jul 25 10:01:48 server postfix/smtp[5185]: 467ED12800AB:
   to=,
   relay=aspmx.l.google.com[74.125.199.26]:25, delay=0.98,
   delays=0.03/0.15/0.71/0.09, dsn=5.2.1, status=bounced (host
   aspmx.l.google.com[74.125.199.26] said: 550-5.2.1 The user you are
   trying to contact

Re: postfix sends but does not receive

2016-07-25 Thread Wietse Venema 
Bob:
> I am using postfix on an Ubuntu 16.04 system. I have also installed 
> dovecot as my mail server. I am able to send mail, I am also able to 
> check my mx setup from outside my domain (mxtoolbox) and it tells me 
> there is only one issue with a banner mismatch in my reverse dns. The 
> problem is I cannot receive mail. The system returns a "user not found" 
> or "user unknown" message in the logs. I checked my home directory and 
> there is a Maildir in that directory. I do not have virtual mailboxes 
> set up. Any help would be appreciated.

On this list, in addition to your opinions, we also want to see hard
evidence in the form of "postconf -n" command out and logfile records,
perhaps anonymized, and never with verbose logging turned on.

 text below is from the mailing list welcome message 
TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail

TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html

Thank you for using Postfix.
 text above is from the mailing list welcome message 

Wietse

postfix sends but does not receive

2016-07-25 Thread Bob 
I am using postfix on an Ubuntu 16.04 system. I have also installed 
dovecot as my mail server. I am able to send mail, I am also able to 
check my mx setup from outside my domain (mxtoolbox) and it tells me 
there is only one issue with a banner mismatch in my reverse dns. The 
problem is I cannot receive mail. The system returns a "user not found" 
or "user unknown" message in the logs. I checked my home directory and 
there is a Maildir in that directory. I do not have virtual mailboxes 
set up. Any help would be appreciated.


Bob

Re: postscreen contantly deferring mail

2016-07-25 Thread Viktor Dukhovni 
On Mon, Jul 25, 2016 at 01:05:00PM +0200, Ralf Hildebrandt wrote:

> The complete log for 106.10.151.33:
> 
> > Jul 23 03:58:49 mail-cbf postfix/postscreen[36326]: CONNECT from 
> > [106.10.151.33]:58305 to [193.175.73.208]:25
> > Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: CONNECT from 
> > [106.10.151.33]:47500 to [193.175.73.208]:25
> > Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> > from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable; 
> > from=, to=, 
> > proto=ESMTP, helo=
> > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> > from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable; 
> > from=, to=, proto=ESMTP, 
> > helo=
> > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: PASS NEW 
> > [106.10.151.33]:58305
> > Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> > [106.10.151.33]:58305
> > Jul 23 03:58:54 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> > [106.10.151.33]:47500

What's odd here, is that the host always makes two parallel TLS
connections (you must have some "late" tests enabled to get all
the way to STARTTLS), with the first connection logging tempfailed
recipients and logging "PASS NEW", and soon after the second seems
to just disconnect without logging either.  Don't know what if
anything that second connection does to the cached state.

-- 
Viktor.

Re: postscreen contantly deferring mail

2016-07-25 Thread Viktor Dukhovni 
On Mon, Jul 25, 2016 at 11:25:08AM +0200, Ralf Hildebrandt wrote:

> Jul 23 16:02:55 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject:
>   RCPT from [106.10.151.33]:55805: 450 4.3.2 Service currently unavailable;
>   from=, to=, proto=ESMTP,
>   helo=
> 
> Why would postscreen repeatedly TEMPFAIL these delivery attempts?
> 
> They come from the same IP (106.10.151.33), go to the same two
> recipients and are sent from the same sender.

You should know this by now:

http://www.postfix.org/DEBUG_README.html#mail

You should also check and report any relevant content from the
postscreen cache.

-- 
Viktor.

Re: postscreen contantly deferring mail

2016-07-25 Thread Ralf Hildebrandt 
The complete log for 106.10.151.33:

> Jul 23 03:58:49 mail-cbf postfix/postscreen[36326]: CONNECT from 
> [106.10.151.33]:58305 to [193.175.73.208]:25
> Jul 23 03:58:50 mail-cbf postfix/tlsproxy[56082]: CONNECT from 
> [106.10.151.33]:58305
> Jul 23 03:58:51 mail-cbf postfix/tlsproxy[56082]: Anonymous TLS connection 
> established from [106.10.151.33]:58305: TLSv1.2 with cipher 
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
> Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: CONNECT from 
> [106.10.151.33]:47500 to [193.175.73.208]:25
> Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable; 
> from=, to=, 
> proto=ESMTP, helo=
> Jul 23 03:58:53 mail-cbf postfix/tlsproxy[56082]: CONNECT from 
> [106.10.151.33]:47500
> Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:58305: 450 4.3.2 Service currently unavailable; 
> from=, to=, proto=ESMTP, 
> helo=
> Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: PASS NEW 
> [106.10.151.33]:58305
> Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> [106.10.151.33]:58305
> Jul 23 03:58:53 mail-cbf postfix/tlsproxy[56082]: DISCONNECT 
> [106.10.151.33]:58305
> Jul 23 03:58:54 mail-cbf postfix/tlsproxy[56082]: Anonymous TLS connection 
> established from [106.10.151.33]:47500: TLSv1.2 with cipher 
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
> Jul 23 03:58:54 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> [106.10.151.33]:47500
> Jul 23 03:58:54 mail-cbf postfix/tlsproxy[56082]: DISCONNECT 
> [106.10.151.33]:47500
> Jul 23 07:59:55 mail-cbf postfix/postscreen[36326]: CONNECT from 
> [106.10.151.33]:42935 to [193.175.73.208]:25
> Jul 23 07:59:55 mail-cbf postfix/tlsproxy[30940]: CONNECT from 
> [106.10.151.33]:42935
> Jul 23 07:59:56 mail-cbf postfix/tlsproxy[30940]: Anonymous TLS connection 
> established from [106.10.151.33]:42935: TLSv1.2 with cipher 
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
> Jul 23 07:59:57 mail-cbf postfix/postscreen[36326]: CONNECT from 
> [106.10.151.33]:58359 to [193.175.73.208]:25
> Jul 23 07:59:57 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:42935: 450 4.3.2 Service currently unavailable; 
> from=, to=, 
> proto=ESMTP, helo=
> Jul 23 07:59:58 mail-cbf postfix/tlsproxy[30940]: CONNECT from 
> [106.10.151.33]:58359
> Jul 23 07:59:58 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:42935: 450 4.3.2 Service currently unavailable; 
> from=, to=, proto=ESMTP, 
> helo=
> Jul 23 07:59:59 mail-cbf postfix/tlsproxy[30940]: Anonymous TLS connection 
> established from [106.10.151.33]:58359: TLSv1.2 with cipher 
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
> Jul 23 07:59:59 mail-cbf postfix/postscreen[36326]: PASS NEW 
> [106.10.151.33]:42935
> Jul 23 07:59:59 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> [106.10.151.33]:42935
> Jul 23 07:59:59 mail-cbf postfix/tlsproxy[30940]: DISCONNECT 
> [106.10.151.33]:42935
> Jul 23 08:00:00 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> [106.10.151.33]:58359
> Jul 23 08:00:00 mail-cbf postfix/tlsproxy[30940]: DISCONNECT 
> [106.10.151.33]:58359
> Jul 23 12:00:41 mail-cbf postfix/postscreen[36326]: CONNECT from 
> [106.10.151.33]:60516 to [193.175.73.208]:25
> Jul 23 12:00:42 mail-cbf postfix/tlsproxy[11310]: CONNECT from 
> [106.10.151.33]:60516
> Jul 23 12:00:43 mail-cbf postfix/tlsproxy[11310]: Anonymous TLS connection 
> established from [106.10.151.33]:60516: TLSv1.2 with cipher 
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
> Jul 23 12:00:43 mail-cbf postfix/postscreen[36326]: CONNECT from 
> [106.10.151.33]:58359 to [193.175.73.208]:25
> Jul 23 12:00:43 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:60516: 450 4.3.2 Service currently unavailable; 
> from=, to=, 
> proto=ESMTP, helo=
> Jul 23 12:00:44 mail-cbf postfix/tlsproxy[11310]: CONNECT from 
> [106.10.151.33]:58359
> Jul 23 12:00:44 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:60516: 450 4.3.2 Service currently unavailable; 
> from=, to=, proto=ESMTP, 
> helo=
> Jul 23 12:00:45 mail-cbf postfix/postscreen[36326]: PASS NEW 
> [106.10.151.33]:60516
> Jul 23 12:00:45 mail-cbf postfix/postscreen[36326]: DISCONNECT 
> [106.10.151.33]:60516
> Jul 23 12:00:45 mail-cbf postfix/tlsproxy[11310]: DISCONNECT 
> [106.10.151.33]:60516
> Jul 23 12:00:45 mail-cbf postfix/tlsproxy[11310]: Anonymous TLS connection 
> established from [106.10.151.33]:58359: TLSv1.2 with cipher 
> ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
> Jul 23 12:00:46 mail-cbf

Re: postscreen contantly deferring mail

2016-07-25 Thread Wietse Venema 
Ralf Hildebrandt:
> >From my log:
> 
> Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:58305: 450 4.3.2 Service currently
> unavailable; from=, 
> to=, proto=ESMTP, 
> helo=
> Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:58305: 450 4.3.2 Service currently
> unavailable; from=, to=, 
> proto=ESMTP, helo=

That's multiple RCPT TO commands in the same SMTP session. Doesn't
postscreen log BLACKLISTED, PREGREET, DNSBL, or some other error
for that session?

> Jul 23 07:59:57 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:42935: 450 4.3.2 Service currently
> unavailable; from=, 
> to=, proto=ESMTP, 
> helo=
> Jul 23 07:59:58 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:42935: 450 4.3.2 Service currently
> unavailable; from=, to=, 
> proto=ESMTP, helo=

Ditto. 

Wietse

Re: postscreen contantly deferring mail

2016-07-25 Thread Erwan David 
Le 25/07/2016 à 11:25, Ralf Hildebrandt a écrit :
> From my log:
>
> Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:58305: 450 4.3.2 Service currently
> unavailable; from=, 
> to=, proto=ESMTP, 
> helo=
> Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:58305: 450 4.3.2 Service currently
> unavailable; from=, to=, 
> proto=ESMTP, helo=
>
> Jul 23 07:59:57 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:42935: 450 4.3.2 Service currently
> unavailable; from=, 
> to=, proto=ESMTP, 
> helo=
> Jul 23 07:59:58 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:42935: 450 4.3.2 Service currently
> unavailable; from=, to=, 
> proto=ESMTP, helo=
>
> Jul 23 12:00:43 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:60516: 450 4.3.2 Service currently
> unavailable; from=, 
> to=, proto=ESMTP, 
> helo=
> Jul 23 12:00:44 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:60516: 450 4.3.2 Service currently
> unavailable; from=, to=, 
> proto=ESMTP, helo=
>
> Jul 23 16:02:54 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:55805: 450 4.3.2 Service currently
> unavailable; from=, 
> to=, proto=ESMTP, 
> helo=
> Jul 23 16:02:55 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT 
> from [106.10.151.33]:55805: 450 4.3.2 Service currently
> unavailable; from=, to=, 
> proto=ESMTP, helo=
>
> Why would postscreen repeatedly TEMPFAIL these delivery attempts?
>
> They come from the same IP (106.10.151.33), go to the same two
> recipients and are sent from the same sender.
>

Maybe the sending server does not wait enough before sending command ?

postscreen contantly deferring mail

2016-07-25 Thread Ralf Hildebrandt 
>From my log:

Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:58305: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=
Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:58305: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=

Jul 23 07:59:57 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:42935: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=
Jul 23 07:59:58 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:42935: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=

Jul 23 12:00:43 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:60516: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=
Jul 23 12:00:44 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:60516: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=

Jul 23 16:02:54 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:55805: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=
Jul 23 16:02:55 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from 
[106.10.151.33]:55805: 450 4.3.2 Service currently
unavailable; from=, to=, 
proto=ESMTP, helo=

Why would postscreen repeatedly TEMPFAIL these delivery attempts?

They come from the same IP (106.10.151.33), go to the same two
recipients and are sent from the same sender.

-- 
[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
   
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein