Loading ...
Sorry, an error occurred while loading the content.

Re: Invalid address and bounce from Exchange

Expand Messages
  • Ralf Hildebrandt
    ... It can be used in smtpd_recipient_restrictions as well -- Ralf Hildebrandt (Ralf.Hildebrandt@charite.de) plonk@charite.de Postfix -
    Message 1 of 12 , Feb 1, 2007
    • 0 Attachment
      * Michael Wang <postfix-user@...>:

      > >smtpd_recipient_restrictions =
      > > reject_non_fqdn_sender
      > > reject_non_fqdn_recipient
      > > reject_unlisted_recipient
      > > reject_unlisted_sender
      > > permit_sasl_authenticated
      > > permit_mynetworks
      > > reject_unauth_destination
      > > check_helo_access cidr:/etc/postfix/helo_checks_ip
      > > check_helo_access hash:/etc/postfix/helo_checks
      > > check_recipient_access hash:/etc/postfix/recipient_checks
      > > reject_invalid_helo_hostname
      > > check_sender_access pcre:/etc/postfix/valid_sender.pcre
      > > check_sender_access hash:/etc/postfix/sender_access
      > > reject_rbl_client zen.spamhaus.org
      > > check_sender_access regexp:/etc/postfix/filter_10024_catchall
      >
      > reject_non_fqdn_sender is a smtpd_sender_restrictions restriction not a
      > smtpd_recipient_restrictions one.

      It can be used in smtpd_recipient_restrictions as well

      --
      Ralf Hildebrandt (Ralf.Hildebrandt@...) plonk@...
      Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155
      http://www.arschkrebs.de
      Disclaimer:
      By sending an email to ANY of my addresses you are agreeing that:
      1. I am by definition, "the intended recipient"
      2. All information in the email is mine to do with as I see fit and
      make such financial profit, political mileage, or good joke as it
      lends itself to. In particular, I may quote it on usenet.
      3. I may take the contents as representing the views of your company.
      4. This overrides any disclaimer or statement of confidentiality that
      may be included on your message.
    • Michael Wang
      ... Ah ha, I missed that in the docs, thanks for the correction. -- Michael Wang
      Message 2 of 12 , Feb 1, 2007
      • 0 Attachment
        Ralf Hildebrandt wrote:
        > * Michael Wang <postfix-user@...>:
        >> reject_non_fqdn_sender is a smtpd_sender_restrictions restriction not a
        >> smtpd_recipient_restrictions one.
        >
        > It can be used in smtpd_recipient_restrictions as well

        Ah ha, I missed that in the docs, thanks for the correction.

        --
        Michael Wang
      • Eray Aslan
        ... As far as I can tell, RFCs allow empty local part as quoted null string. Even if it is technically correct, should we allow empty local parts in email
        Message 3 of 12 , Feb 1, 2007
        • 0 Attachment
          Eray Aslan wrote:
          > Postfix acts as a relay for our internal exchange server. The following
          > message generates a bounce from exchange. Shouldn't
          > reject_non_fqdn_sender catch these addresses?
          >
          > mail ~ # zgrep 503242E4DC /var/log/mail.log.1.gz
          > Jan 29 16:50:46 mail postfix/smtpd[30273]: 503242E4DC:
          > client=unknown[201.76.232.39]
          > Jan 29 16:50:47 mail postfix/cleanup[30290]: 503242E4DC:
          > message-id=<1d9701c743b4$034438c1$27e84cc9@kawanna>
          > Jan 29 16:50:50 mail postfix/qmgr[7027]: 503242E4DC: from=<@...>,
          > size=7570, nrcpt=1 (queue active)
          > Jan 29 16:50:58 mail postfix/smtp[30291]: 503242E4DC:
          > to=<user2@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=13,
          > delays=5.1/0/0.01/7.6, dsn=2.6.0, status=sent (250 2.6.0 Ok,
          > id=29009-20, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
          > E85E09148D)
          > Jan 29 16:50:58 mail postfix/qmgr[7027]: 503242E4DC: removed

          As far as I can tell, RFCs allow empty local part as quoted null string.
          Even if it is technically correct, should we allow empty local parts in
          email address in the form of @...? Certainly, it not
          deliverable. Or is Exchange at fault here and I should solve this by a
          regexp in check_sender_access?

          --
          Eray
        • Eray Aslan
          ... For the record, I added the following to the main.cf: smtpd_recipient_restrictions = ... check_sender_access regexp:/etc/postfix/empty_local ...
          Message 4 of 12 , Feb 1, 2007
          • 0 Attachment
            Eray Aslan wrote:
            > As far as I can tell, RFCs allow empty local part as quoted null string.
            > Even if it is technically correct, should we allow empty local parts in
            > email address in the form of @...? Certainly, it not
            > deliverable. Or is Exchange at fault here and I should solve this by a
            > regexp in check_sender_access?

            For the record, I added the following to the main.cf:

            smtpd_recipient_restrictions =
            ...
            check_sender_access regexp:/etc/postfix/empty_local
            ...

            /etc/postfix/empty_local:
            /^@.+/ REJECT No empty local part in email addresses please

            Any caveats I should be aware of?

            --
            Eray
          • Mark Martinec
            Eray, ... With: strict_rfc821_envelopes = yes mail from: 501 5.1.7 Bad sender address syntax We have the strict_rfc821_envelopes turned on since
            Message 5 of 12 , Feb 1, 2007
            • 0 Attachment
              Eray,

              > As far as I can tell, RFCs allow empty local part as quoted null string.
              > Even if it is technically correct, should we allow empty local parts in
              > email address in the form of @...? Certainly, it not
              > deliverable. Or is Exchange at fault here and I should solve this by a
              > regexp in check_sender_access?

              With:
              strict_rfc821_envelopes = yes

              mail from:<@...>
              501 5.1.7 Bad sender address syntax


              We have the strict_rfc821_envelopes turned on since forever
              for precisely this reason. There were no cases here
              of legitimate mail that were turned down by this setting.

              Mark
            • mouss
              ... .+ at the end or beginning of regular expressions is useless. so /^@/ should do. Mark s suggestion (strict_rfc821_envelopes) is a better solution.
              Message 6 of 12 , Feb 1, 2007
              • 0 Attachment
                Eray Aslan wrote:
                >
                >
                > For the record, I added the following to the main.cf:
                >
                > smtpd_recipient_restrictions =
                > ...
                > check_sender_access regexp:/etc/postfix/empty_local
                > ...
                >
                > /etc/postfix/empty_local:
                > /^@.+/ REJECT No empty local part in email addresses please
                >
                > Any caveats I should be aware of?
                >
                >

                .+ at the end or beginning of regular expressions is useless. so /^@/
                should do.

                Mark's suggestion (strict_rfc821_envelopes) is a better solution.
              Your message has been successfully submitted and would be delivered to recipients shortly.