Loading ...
Sorry, an error occurred while loading the content.

Virtual Alias Rejection issues

Expand Messages
  • Dave Buchanan (Abo Ltd)
    Dear postfix users I have problems with virtual domains and bouncing of messages which has put our servers on the www.backscatterer.org blacklist I have
    Message 1 of 8 , Nov 2, 2008
    • 0 Attachment
      Dear postfix users

      I have problems with virtual domains and bouncing of messages
      which has put our servers on the www.backscatterer.org blacklist

      I have tsearched high and low for an answer but have not found the specific issue I have anywhere


      The set up can be cut down to the following example

      virtual_alias_domains = domain_one.tld domain_two.tld
      virtual_alias_maps = hash:/etc/postfix/virtual

      /etc/postfix/virtual contains
      dave@domain_one.tld dave@...
      @domain_two.tld domain_one.tld


      Mail to dave@domain_one.tld is accepted and delivered as expected
      Mail to other@domain_one.tld is rejected in the original conversation as expected

      However
      Mail to other@domain_two.tld is accepted in the original conversation but then later bounced

      It appears the the conversion from other@domain_two.tld -> other@domain_one.tld is not runnign during the original conversation -
      which would be (in my humble opinion) a better way to reject the message

      Am I missing something

      Is there a way to
      a. Ensure the virtual conversion is done in the original conversation
      b. Stop the bounce - ie discard the mail rather than bouncing it back to the sender



      Also I would like to know how to stop all Non-delivery messages.


      Thanks in advance for help





      Rgds Dave








      ------------------------------
      Dave Buchanan Abo Ltd
      E-mail DaveBuchanan@...
      Phone Spain +34 950 439 389
      Fax UK +44 870 052 7619
      Registration in England and Wales No 2736778
      Registered Office: The Lodge, Little Drove, Steyning, West Sussex BN44 3PD.
    • Jorey Bump
      ... From virtual(5): @domain address, address, ... Redirect mail for other users in domain to address. This form has the lowest precedence. Note: @domain is
      Message 2 of 8 , Nov 2, 2008
      • 0 Attachment
        Dave Buchanan (Abo Ltd) wrote, at 11/02/2008 02:03 PM:

        > virtual_alias_domains = domain_one.tld domain_two.tld
        > virtual_alias_maps = hash:/etc/postfix/virtual
        >
        > /etc/postfix/virtual contains
        > dave@domain_one.tld dave@...
        > @domain_two.tld domain_one.tld
        >
        > Mail to dave@domain_one.tld is accepted and delivered as expected
        > Mail to other@domain_one.tld is rejected in the original conversation as expected
        >
        > However
        > Mail to other@domain_two.tld is accepted in the original conversation but then later bounced
        >
        > It appears the the conversion from other@domain_two.tld -> other@domain_one.tld is not runnign during the original conversation -
        > which would be (in my humble opinion) a better way to reject the message
        >
        > Am I missing something

        From virtual(5):

        @domain address, address, ...
        Redirect mail for other users in domain to address.
        This form has the lowest precedence.

        Note: @domain is a wild-card. With this form, the
        Postfix SMTP server accepts mail for any recipient
        in domain, regardless of whether that recipient
        exists. This may turn your mail system into a
        backscatter source: Postfix first accepts mail for
        non-existent recipients and then tries to return
        that mail as "undeliverable" to the often forged
        sender address.

        Don't implement wild-cards unless you can assure the message will be
        delivered to a valid recipient (who will then receive a lot of spam).
      • Dave Buchanan (Abo Ltd)
        Dear postfix users I have re-configured our postfix mailservers to remove catch all aliases to remove the ammount of mail accepted. I know have one more issue
        Message 3 of 8 , Nov 3, 2008
        • 0 Attachment
          Dear postfix users

          I have re-configured our postfix mailservers to remove catch all aliases to remove the ammount of mail accepted.

          I know have one more issue to resolve with respect to non delivery notifications - backscatter

          the setup is as follows

          dave@... -> dave@... (demon.net is an uk isp)

          This is what happens to an e-mail that has spam / virus etc from

          Mail is accepted by our servers for delivery and then passed on to dave@...
          The demon.net mailserver rejects this mail with a 550 error
          our mailserver then sends a non-delivery notification to the sender

          If the sender has been dreamed up by the spammer etc then they receive unwanted mail

          I would like to know how to turn these non-delivery e-mails off in postfix

          Rgds Dave


          ------------------------------
          Dave Buchanan Abo Ltd
          E-mail DaveBuchanan@...
          Phone Spain +34 950 439 389
          Fax UK +44 870 052 7619
          Registration in England and Wales No 2736778
          Registered Office: The Lodge, Little Drove, Steyning, West Sussex BN44 3PD.
        • Terry Carmen
          ... Don t accept undeliverable mail, then you won t have to bounce it. abo.co.uk needs to have a list of valid users and simply not accept mail it won t be
          Message 4 of 8 , Nov 3, 2008
          • 0 Attachment
            Dave Buchanan (Abo Ltd) wrote:
            > Dear postfix users
            >
            > I have re-configured our postfix mailservers to remove catch all aliases to remove the ammount of mail accepted.
            >
            > I know have one more issue to resolve with respect to non delivery notifications - backscatter
            >
            > the setup is as follows
            >
            > dave@... -> dave@... (demon.net is an uk isp)
            >
            > This is what happens to an e-mail that has spam / virus etc from
            >
            > Mail is accepted by our servers for delivery and then passed on to dave@...
            > The demon.net mailserver rejects this mail with a 550 error
            > our mailserver then sends a non-delivery notification to the sender
            >
            > If the sender has been dreamed up by the spammer etc then they receive unwanted mail
            >
            > I would like to know how to turn these non-delivery e-mails off in postfix
            >
            >
            Don't accept undeliverable mail, then you won't have to bounce it.

            abo.co.uk needs to have a list of valid users and simply not accept mail
            it won't be able to deliver.

            Terry
          • Stefan Förster
            ... Recommended documentation: http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient
            Message 5 of 8 , Nov 3, 2008
            • 0 Attachment
              * "Dave Buchanan (Abo Ltd)" <dave@...> wrote:
              > This is what happens to an e-mail that has spam / virus etc from
              >
              > Mail is accepted by our servers for delivery and then passed on to dave@...
              > The demon.net mailserver rejects this mail with a 550 error
              > our mailserver then sends a non-delivery notification to the sender
              >
              > If the sender has been dreamed up by the spammer etc then they receive unwanted mail
              >
              > I would like to know how to turn these non-delivery e-mails off in postfix

              Recommended documentation:
              http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient
              http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup
              http://www.postfix.org/postconf.5.html#relay_recipient_maps


              Cheers
              Stefan
              --
              Stefan Förster http://www.incertum.net/ Public Key: 0xBBE2A9E9
            • Jorey Bump
              ... Forwarding is a particularly sticky issue, because it was once a relatively useful feature. These days it s a lot more trouble than it s worth, so avoid it
              Message 6 of 8 , Nov 3, 2008
              • 0 Attachment
                Dave Buchanan (Abo Ltd) wrote, at 11/03/2008 10:32 AM:
                > Dear postfix users
                >
                > I have re-configured our postfix mailservers to remove catch all aliases to remove the ammount of mail accepted.
                >
                > I know have one more issue to resolve with respect to non delivery notifications - backscatter
                >
                > the setup is as follows
                >
                > dave@... -> dave@... (demon.net is an uk isp)
                >
                > This is what happens to an e-mail that has spam / virus etc from
                >
                > Mail is accepted by our servers for delivery and then passed on to dave@...
                > The demon.net mailserver rejects this mail with a 550 error
                > our mailserver then sends a non-delivery notification to the sender
                >
                > If the sender has been dreamed up by the spammer etc then they receive unwanted mail
                >
                > I would like to know how to turn these non-delivery e-mails off in postfix

                Forwarding is a particularly sticky issue, because it was once a
                relatively useful feature. These days it's a lot more trouble than it's
                worth, so avoid it whenever possible. If you can't do that, then you
                need to improve your own antispam defenses so your server is the one
                rejecting the message during the SMTP session. This will have more
                benefits in the long run than trying to selectively disable bounce
                notifications. The rule of thumb is to try not to accept messages that
                can't/won't ultimately be delivered.

                Also keep in mind that there are alternatives to forwarding. There are
                many client side solutions that enable you to automatically move mail
                from one account to another.
              • MailingListe
                ... Never forward mail to destinations which don t accept it. Force the users to get a clean forward target eg whitelist your server or cancel the forwarding.
                Message 7 of 8 , Nov 3, 2008
                • 0 Attachment
                  Zitat von "Dave Buchanan (Abo Ltd)" <dave@...>:

                  > Dear postfix users
                  >
                  > I have re-configured our postfix mailservers to remove catch all
                  > aliases to remove the ammount of mail accepted.
                  >
                  > I know have one more issue to resolve with respect to non delivery
                  > notifications - backscatter
                  >
                  > the setup is as follows
                  >
                  > dave@... -> dave@... (demon.net is an uk isp)
                  >
                  > This is what happens to an e-mail that has spam / virus etc from
                  >
                  > Mail is accepted by our servers for delivery and then passed on to
                  > dave@...
                  > The demon.net mailserver rejects this mail with a 550 error
                  > our mailserver then sends a non-delivery notification to the sender

                  Never forward mail to destinations which don't accept it. Force the
                  users to get a clean forward target eg whitelist your server or cancel
                  the forwarding.

                  Regards

                  Andreas


                  --
                  All your trash belong to us ;-) www.spamschlucker.org
                  To: stephan@...
                • mouss
                  ... Please do not hijack threads. compose a new message instead of replying to an unrelated one. changing the subject is not enough. if you must forward mail,
                  Message 8 of 8 , Nov 3, 2008
                  • 0 Attachment
                    Dave Buchanan (Abo Ltd) wrote:
                    > Dear postfix users
                    >
                    > I have re-configured our postfix mailservers to remove catch all aliases to remove the ammount of mail accepted.
                    >
                    > I know have one more issue to resolve with respect to non delivery notifications - backscatter
                    >
                    > the setup is as follows
                    >
                    > dave@... -> dave@... (demon.net is an uk isp)
                    >
                    > This is what happens to an e-mail that has spam / virus etc from
                    >
                    > Mail is accepted by our servers for delivery and then passed on to dave@...
                    > The demon.net mailserver rejects this mail with a 550 error
                    > our mailserver then sends a non-delivery notification to the sender
                    >
                    > If the sender has been dreamed up by the spammer etc then they receive unwanted mail
                    >
                    > I would like to know how to turn these non-delivery e-mails off in postfix
                    >


                    Please do not hijack threads. compose a new message instead of replying
                    to an unrelated one. changing the subject is not enough.

                    if you must forward mail, then you need one of two things:

                    - get the final server to accept your mail (without tagging your server
                    as a spam source). this is hard to impossible.
                    - avoid forwarding spam as much as you can. you may be more aggressive
                    here ("hold" mail that "may be spam").

                    you can also implement rate limits and the like so that you don't become
                    a spam tunnel in case of a spam run targetting the forwarded users.

                    yes, As Joery said, forwarding has become harder than it was...
                  Your message has been successfully submitted and would be delivered to recipients shortly.