Loading ...
Sorry, an error occurred while loading the content.
 

450 response code instead of 550

Expand Messages
  • Raal Goff
    Hi everyone, I have a spam filter machine setup to check all incoming mail. It comes into postfix, which checks valid email addresses against a mysql database,
    Message 1 of 2 , Feb 28, 2007
      Hi everyone,

      I have a spam filter machine setup to check all incoming mail. It comes into postfix, which checks valid email addresses against a mysql database, then filters the spam and looks up which server it should forward the mail on via mysql again. The problem is that when external servers enter a bad email address, the server returns a 450 status code and complains that the transport is unavailable, instead of a 550 fatal status code.  The behaviour i want is if the mysql lookup fails, it returns 550. If I connect via sasl or from a host in $mynetworks it gives to correct 550 error code. My recipient restrictions are like so:

      smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unverified_recipient

      And i have also set

      unverified_recipient_reject_code = 550

      I'm not sure why it is not giving 550 status messages to external clients. Below are my changes to main.cf

      Any help is appreciated,

      --Raal



      myhostname = mail2.xxxx.com.au
      inet_interfaces = all
      mynetworks = 192.168.0.0/16, 127.0.0.0/8
      relay_domains = $mydestination, sms.xxxx.com.au
      transport_maps = mysql:nexthopsql, hash:/etc/postfix/transport

      smtpd_helo_required = yes
      disable_vrfy_command = yes
      unverified_recipient_reject_code = 550

      alias_maps = hash:/etc/postfix/aliases
      smtpd_sasl_auth_enable = yes
      smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_unverified_recipient
      content_filter = smtp-amavis:[localhost]:10024
      smtpd_client_restrictions = permit_sasl_authenticated, check_client_access hash:/etc/postfix/client_access, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl.spamhaus.org, reject_rbl_client list.dsbl.org,reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net

      virtual_mailbox_domains = xxxx.com.au, xxxx2.com.au
      virtual_alias_domains =  staff.xxxx.com.au, emailtofax.xxxx.com.au, xxxx.com.sg, xxxx.co.nz
      virtual_alias_maps = hash:/etc/postfix/virtual
      virtual_mailbox_maps = mysql:normalsql
      virtual_transport = mysql:nexthopsql

      normalsql_user = user
      normalsql_password = pass
      normalsql_hosts = db.xxxx.com.au
      normalsql_dbname = db
      normalsql_query = SELECT Username FROM table WHERE table.email = '%s' AND table.Mailbox = 1
      normalsql_result_format = %s

      nexthopsql_user = user
      nexthopsql_password = pass
      nexthopsql_hosts = db.xxxx.com.au
      nexthopsql_dbname = db
      nexthopsql_query = SELECT table.MailHost FROM table WHERE table.Email = '%s' AND xxxx.Mailbox = 1
      nexthopsql_result_format = smtp:[%s]


      mail_name = xxxx Mail

      #TLS Stuff
      smtp_use_tls = yes
      smtpd_use_tls = yes
      smtp_tls_note_starttls_offer = yes
      smtpd_tls_key_file = /etc/postfix/ssl.key/mail.xxxx.com.au.key
      smtpd_tls_cert_file = /etc/postfix/ssl.crt/mail.xxxx.com.au.crt
      smtpd_tls_CAfile = /etc/postfix/ssl.crt/sf_issuing.crt
      smtpd_tls_loglevel = 1
      smtpd_tls_received_header = yes
      smtpd_tls_session_cache_timeout = 3600s
      tls_random_source = dev:/dev/urandom
    • Noel Jones
      ... We greatly prefer to see output of postconf -n and log entries demonstrating the problem rather than random main.cf snippings and vague descriptions.
      Message 2 of 2 , Mar 1, 2007
        At 10:09 PM 2/28/2007, Raal Goff wrote:
        >I have a spam filter machine setup to check all incoming mail. It
        >comes into postfix, which checks valid email addresses against a
        >mysql database, then filters the spam and looks up which server it
        >should forward the mail on via mysql again. The problem is that when
        >external servers enter a bad email address, the server returns a 450
        >status code and complains that the transport is unavailable, instead
        >of a 550 fatal status code. The behaviour i want is if the mysql
        >lookup fails, it returns 550. If I connect via sasl or from a host
        >in $mynetworks it gives to correct 550 error code. My recipient
        >restrictions are like so:
        >
        >smtpd_recipient_restrictions = permit_mynetworks,
        >permit_sasl_authenticated, reject_unauth_destination,
        >reject_unverified_recipient
        >
        >And i have also set
        >
        >unverified_recipient_reject_code = 550
        >
        >I'm not sure why it is not giving 550 status messages to external
        >clients. Below are my changes to main.cf

        We greatly prefer to see output of "postconf -n" and log entries
        demonstrating the problem rather than random main.cf snippings and
        vague descriptions.

        Your main.cf is configured with "reject_unverified_recipient" to
        query a downstream mail server to see if a recipient is valid. The
        transport to do this is apparently unavailable. The full log message
        will give more clues what the problem is.

        --
        Noel Jones
      Your message has been successfully submitted and would be delivered to recipients shortly.