Loading ...
Sorry, an error occurred while loading the content.

MAILER-DAEMON bounces - Can parse them to a specific user.

Expand Messages
  • Chuck Amadi
    Hi List I have a issue with MAILER-DAEMON bounces I need to investigate further is there a parameter in the main.cf that I can use to parse bounces to spefic
    Message 1 of 9 , Mar 1 8:54 AM
    • 0 Attachment
      Hi List

      I have a issue with MAILER-DAEMON bounces I need to investigate further
      is there a parameter in the main.cf
      that I can use to parse bounces to spefic user i.e bouncedmail that I
      have created.

      Cheers

      --
      Chuck Amadi
      ROK Corporation Limited
      Ty ROK,
      Dyffryn Business Park,
      Llantwit Major Road,
      Llandow,
      Vale Of Glamorgan.
      CF71 7PY

      Tel: 01446 795 839
      Fax: 01446 794 994
      International Tel: +44 1446 795 839

      email: chuck.amadi@...

      This email is confidential to the addressee only. If you do not believe
      that you are the intended recipient, do not pass it on or copy it in any
      way. Please delete it immediately.
    • Wietse Venema
      ... With the notify_classes parameter you can specify that Postfix sends an extra copy when it creates a bounce message. Wietse
      Message 2 of 9 , Mar 1 9:35 AM
      • 0 Attachment
        Chuck Amadi:
        > Hi List
        >
        > I have a issue with MAILER-DAEMON bounces I need to investigate further
        > is there a parameter in the main.cf
        > that I can use to parse bounces to spefic user i.e bouncedmail that I
        > have created.

        With the notify_classes parameter you can specify that
        Postfix sends an extra copy when it creates a bounce message.

        Wietse

        http://www.postfix.org/postonf.5.html#notify_classes
        http://www.postfix.org/postonf.5.html#bounce_notice_recipient
      • Chuck Amadi
        Hi Wietse Venema Cheers for clearing that issue up. Cheers Chuck ... -- Chuck Amadi ROK Corporation Limited Ty ROK, Dyffryn Business Park, Llantwit Major Road,
        Message 3 of 9 , Mar 1 9:40 AM
        • 0 Attachment
          Hi Wietse Venema

          Cheers for clearing that issue up.

          Cheers

          Chuck

          wrote:
          > Chuck Amadi:
          >
          >> Hi List
          >>
          >> I have a issue with MAILER-DAEMON bounces I need to investigate further
          >> is there a parameter in the main.cf
          >> that I can use to parse bounces to spefic user i.e bouncedmail that I
          >> have created.
          >>
          >
          > With the notify_classes parameter you can specify that
          > Postfix sends an extra copy when it creates a bounce message.
          >
          > Wietse
          >
          > http://www.postfix.org/postonf.5.html#notify_classes
          > http://www.postfix.org/postonf.5.html#bounce_notice_recipient
          >
          >


          --
          Chuck Amadi
          ROK Corporation Limited
          Ty ROK,
          Dyffryn Business Park,
          Llantwit Major Road,
          Llandow,
          Vale Of Glamorgan.
          CF71 7PY

          Tel: 01446 795 839
          Fax: 01446 794 994
          International Tel: +44 1446 795 839

          email: chuck.amadi@...

          This email is confidential to the addressee only. If you do not believe
          that you are the intended recipient, do not pass it on or copy it in any
          way. Please delete it immediately.
        • Juan Pablo Calomino
          Hi people, I have one question for you. How do you do to avoid this kind of thing? 220 -Empresa de Servicios - XXXXXXX helo mundo 250 SERVER02.xxxxxxxx.com.ar
          Message 4 of 9 , Mar 1 9:56 AM
          • 0 Attachment
            Hi people,

            I have one question for you.

            How do you do to avoid this kind of thing?

            220 -Empresa de Servicios - XXXXXXX
            helo mundo
            250 SERVER02.xxxxxxxx.com.ar
            mail from: <nobody@...>
            250 Ok
            rcpt to: <john.user@...>
            250 Ok
            data
            354 End data with <CR><LF>.<CR><LF>
            FROM: John User <john.user@...>
            TO: <john.user@...>
            SUBJECT: Nada

            Muerte!
            .
            250 Ok: queued as 972C55865D

            I think that it's too difficult to get rid of this
            type of mails, filtering may reject valid emails...

            I hear any suggestions!

            Thanks!
            Juan Pablo.






            __________________________________________________
            Preguntá. Respondé. Descubrí.
            Todo lo que querías saber, y lo que ni imaginabas,
            está en Yahoo! Respuestas (Beta).
            ¡Probalo ya!
            http://www.yahoo.com.ar/respuestas
          • MrC
            ... What specifically is this kind of thing ? The mundo HELO parameter? The nobody@hotmail.com MAIL FROM envelope? Please be more specific about what
            Message 5 of 9 , Mar 1 10:11 AM
            • 0 Attachment
              > I have one question for you.
              >
              > How do you do to avoid this kind of thing?
              >
              > 220 -Empresa de Servicios - XXXXXXX
              > helo mundo
              > 250 SERVER02.xxxxxxxx.com.ar
              > mail from: <nobody@...>
              > 250 Ok
              > rcpt to: <john.user@...>
              > 250 Ok
              > data
              > 354 End data with <CR><LF>.<CR><LF>
              > FROM: John User <john.user@...>
              > TO: <john.user@...>
              > SUBJECT: Nada
              >
              > Muerte!
              > .
              > 250 Ok: queued as 972C55865D
              >
              > I think that it's too difficult to get rid of this type of
              > mails, filtering may reject valid emails...
              >
              > I hear any suggestions!

              What specifically is "this kind of thing" ? The "mundo" HELO parameter?
              The "nobody@..." MAIL FROM envelope?

              Please be more specific about what you are trying to reject.

              MrC
            • Juan Pablo Calomino
              ... Sorry, I m talking about the DATA part: data FROM: John User TO: SUBJECT: Nada. John User may think
              Message 6 of 9 , Mar 1 10:30 AM
              • 0 Attachment
                --- MrC <lists-postfix@...> escribió:

                >
                > > I have one question for you.
                > >
                > > How do you do to avoid this kind of thing?
                > >
                > > 220 -Empresa de Servicios - XXXXXXX
                > > helo mundo
                > > 250 SERVER02.xxxxxxxx.com.ar
                > > mail from: <nobody@...>
                > > 250 Ok
                > > rcpt to: <john.user@...>
                > > 250 Ok
                > > data
                > > 354 End data with <CR><LF>.<CR><LF>
                > > FROM: John User <john.user@...>
                > > TO: <john.user@...>
                > > SUBJECT: Nada
                > >
                > > Muerte!
                > > .
                > > 250 Ok: queued as 972C55865D
                > >
                > > I think that it's too difficult to get rid of this
                > type of
                > > mails, filtering may reject valid emails...
                > >
                > > I hear any suggestions!
                >
                > What specifically is "this kind of thing" ? The
                > "mundo" HELO parameter?
                > The "nobody@..." MAIL FROM envelope?
                >
                > Please be more specific about what you are trying to
                > reject.
                >
                > MrC
                >
                >

                Sorry, I'm talking about the DATA part:

                data
                FROM: John User <john.user@...>
                TO: <john.user@...>
                SUBJECT: Nada.

                John User may think that his mailbox is being used,
                because in the mail he sees that the sender is
                himself, and he doesn't know about MIME.
                I explain that it is fake, so he asks me to try to
                stop this "spoofed" emails.
                And here I am, trying to find ways to stop these
                mails, without stopping valid mails.

                Thanks!
                Juan Pablo.







                __________________________________________________
                Preguntá. Respondé. Descubrí.
                Todo lo que querías saber, y lo que ni imaginabas,
                está en Yahoo! Respuestas (Beta).
                ¡Probalo ya!
                http://www.yahoo.com.ar/respuestas
              • Chris St. Pierre
                ... You really _can t_ stop these. Rejecting messages where envelope sender != from header is a Very Bad Idea that will get you mostly FPs. SPF is an effort
                Message 7 of 9 , Mar 1 12:19 PM
                • 0 Attachment
                  On Thu, 1 Mar 2007, Juan Pablo Calomino wrote:

                  > John User may think that his mailbox is being used,
                  > because in the mail he sees that the sender is
                  > himself, and he doesn't know about MIME.
                  > I explain that it is fake, so he asks me to try to
                  > stop this "spoofed" emails.
                  > And here I am, trying to find ways to stop these
                  > mails, without stopping valid mails.

                  You really _can't_ stop these. Rejecting messages where envelope
                  sender != from header is a Very Bad Idea that will get you mostly
                  FPs. SPF is an effort to limit sender spoofing, but its effectiveness
                  is limited by its adoption rate. (It's still worth publishing and
                  checking SPF records, IMHO.)

                  This generally only becomes an issue when clueless admins are
                  producing backscatter, so helping eliminate backscatter will help.
                  You can also read http://www.postfix.org/BACKSCATTER_README.html for
                  tips on reducing bounce messages to forged senders.

                  (Aside: I dearly hope that Dr. Ken Olum gets joe-jobbed:
                  http://www.cio.com/technology/infrastructure/security/spam/five_things_about_fighting_spam.html?CID=28830)

                  When you've implemented SPF records and eliminated any backscatter you
                  might be sending, you're left with user training and that's about it.

                  Chris St. Pierre
                  Unix Systems Administrator
                  Nebraska Wesleyan University
                  -------------------
                  Never send mail to thobrux@...
                • MrC
                  ... Don t bother going this route. Consider instead beefing up your other UCE controls; you will find the majority of these just disappear. MrC
                  Message 8 of 9 , Mar 1 12:40 PM
                  • 0 Attachment
                    > Sorry, I'm talking about the DATA part:
                    >
                    > data
                    > FROM: John User <john.user@...>
                    > TO: <john.user@...>
                    > SUBJECT: Nada.
                    >
                    > John User may think that his mailbox is being used, because
                    > in the mail he sees that the sender is himself, and he
                    > doesn't know about MIME.
                    > I explain that it is fake, so he asks me to try to stop this
                    > "spoofed" emails.
                    > And here I am, trying to find ways to stop these mails,
                    > without stopping valid mails.
                    >
                    > Thanks!
                    > Juan Pablo.

                    Don't bother going this route. Consider instead beefing up your other UCE
                    controls; you will find the majority of these just disappear.

                    MrC
                  • mouss
                    ... to make him happy, use maildrop to replace the From header... ... to stop (reduce the number of) spam, use a spam filter together with (safe) smtpd checks.
                    Message 9 of 9 , Mar 1 2:01 PM
                    • 0 Attachment
                      Juan Pablo Calomino wrote:
                      > --- MrC <lists-postfix@...> escribió:
                      >
                      >
                      >>> I have one question for you.
                      >>>
                      >>> How do you do to avoid this kind of thing?
                      >>>
                      >>> 220 -Empresa de Servicios - XXXXXXX
                      >>> helo mundo
                      >>> 250 SERVER02.xxxxxxxx.com.ar
                      >>> mail from: <nobody@...>
                      >>> 250 Ok
                      >>> rcpt to: <john.user@...>
                      >>> 250 Ok
                      >>> data
                      >>> 354 End data with <CR><LF>.<CR><LF>
                      >>> FROM: John User <john.user@...>
                      >>> TO: <john.user@...>
                      >>> SUBJECT: Nada
                      >>>
                      >>> Muerte!
                      >>> .
                      >>> 250 Ok: queued as 972C55865D
                      >>>
                      >>> I think that it's too difficult to get rid of this
                      >>>
                      >> type of
                      >>
                      >>> mails, filtering may reject valid emails...
                      >>>
                      >>> I hear any suggestions!
                      >>>
                      >> What specifically is "this kind of thing" ? The
                      >> "mundo" HELO parameter?
                      >> The "nobody@..." MAIL FROM envelope?
                      >>
                      >> Please be more specific about what you are trying to
                      >> reject.
                      >>
                      >> MrC
                      >>
                      >>
                      >>
                      >
                      > Sorry, I'm talking about the DATA part:
                      >
                      > data
                      > FROM: John User <john.user@...>
                      > TO: <john.user@...>
                      > SUBJECT: Nada.
                      >
                      > John User may think that his mailbox is being used,
                      > because in the mail he sees that the sender is
                      > himself, and he doesn't know about MIME.
                      > I explain that it is fake, so he asks me to try to
                      > stop this "spoofed" emails.
                      >

                      to make him happy, use maildrop to replace the From header...


                      > And here I am, trying to find ways to stop these
                      > mails, without stopping valid mails.
                      >

                      to stop (reduce the number of) spam, use a spam filter together with
                      (safe) smtpd checks. only when you get a satisfactory level of spam
                      filtering should you look for improvement or for "hard" (unsafe) checks.
                    Your message has been successfully submitted and would be delivered to recipients shortly.