Loading ...
Sorry, an error occurred while loading the content.

Bounce a particular recipient address with specified reject message

Expand Messages
  • techlist06
    Greetings: I have what I expect is a simple question for you guys. Thanks to Ralphs book and the help here I have a many-year stable postfix configuration,
    Message 1 of 12 , Nov 24, 2009
    • 0 Attachment
      Greetings:

      I have what I expect is a simple question for you guys. Thanks to Ralphs
      book and the help here I have a many-year stable postfix configuration, love
      it, don't mess with it.

      I have a very small hobby-based mailing list I maintain manually in Outlook.
      Although all maillist messages I send out include a footer asking the
      recipients to not reply to that maillist messages, the users will reply to
      the maillist messages occasionally and I would prefer they only reply to my
      other addresses. I can change the reply to address in Outlook to an invalid
      one, and it will reject it back to the sender with "not in virtual user
      table" but I don't wan that bounce message for this particular case.

      Instead, I would like to setup postfix so it has a more friendly reject for
      mail sent to (via replys to my messages) "maillist@..." with a
      particular reject message that instructs the user on what address(es) to use
      to better contact me. Something similar to :

      550 reject The email address maillist@... does not accept inbound
      mail. Please use one of these addresses for contacting us: maillist
      unsubsubscribe: remove@..., support issues: support@...,
      other info@..., etc.

      I thought maybe adding the address maillist@... to the
      recipient_checks.pcre? But I don't know how to write the re if that's the
      right place to do this.

      Can someone help and tell me where is the best place to set this up?

      Thanks as always,
      Scott


      postconf -n:

      alias_database = hash:/etc/aliases
      alias_maps = hash:/etc/aliases
      broken_sasl_auth_clients = yes
      command_directory = /usr/sbin
      config_directory = /etc/postfix
      content_filter = smtp-amavis:[127.0.0.1]:10024
      daemon_directory = /usr/libexec/postfix
      debug_peer_level = 2
      disable_vrfy_command = yes
      html_directory = no
      inet_interfaces = $myhostname, localhost
      local_recipient_maps = hash:/etc/postfix/local_recipient
      mail_owner = postfix
      mail_spool_directory = /var/spool/mail
      mailbox_size_limit = 483886080
      mailq_path = /usr/bin/mailq.postfix
      manpage_directory = /usr/share/man
      message_size_limit = 10485760
      mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
      mydomain = companypostoffice.com
      myhostname = tn1.companypostoffice.com
      mynetworks = localhost,$localdomain, xx.xx.xx.xx/32, xx.xx.xx.xx/32
      myorigin = $myhostname
      newaliases_path = /usr/bin/newaliases.postfix
      parent_domain_matches_subdomains = smtpd_access_maps
      queue_directory = /var/spool/postfix
      readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
      recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
      relay_domains = differentdomain.com
      relay_recipient_maps = hash:/etc/postfix/relay_recipients
      sample_directory = /usr/share/doc/postfix-2.2.10/samples
      sendmail_path = /usr/sbin/sendmail.postfix
      setgid_group = postdrop
      smtpd_data_restrictions = reject_unauth_pipelining, permit
      smtpd_helo_required = yes
      smtpd_recipient_limit = 1500
      smtpd_recipient_restrictions = reject_invalid_hostname,
      reject_non_fqdn_hostname, reject_non_fqdn_sender,
      reject_non_fqdn_recipient, permit_mynetworks, reject_unauth_destination,
      check_recipient_mx_access hash:/etc/postfix/mx_access,
      check_sender_mx_access hash:/etc/postfix/mx_access,
      reject_unknown_sender_domain, check_recipient_access
      pcre:/etc/postfix/recipient_checks.pcre, check_helo_access
      hash:/etc/postfix/helo_checks, check_sender_access
      hash:/etc/postfix/sender_checks, check_client_access
      hash:/etc/postfix/client_checks, check_client_access
      pcre:/etc/postfix/client_checks.pcre, reject_rbl_client list.dsbl.org,
      reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net,
      reject_rbl_client psbl.surriel.com, reject_rbl_client bl.spamcop.net,
      check_policy_service unix:postgrey/socket, permit
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_local_domain = $myhostname
      smtpd_sasl_security_options = noanonymous
      smtpd_tls_CAfile = /etc/postfix/certs/cacert.pem
      smtpd_tls_auth_only = yes
      smtpd_tls_cert_file = /etc/postfix/certs/postfix_public_cert.pem
      smtpd_tls_key_file = /etc/postfix/certs/postfix_private_key.pem
      smtpd_tls_loglevel = 1
      smtpd_tls_received_header = yes
      smtpd_tls_session_cache_timeout = 3600s
      smtpd_use_tls = yes
      soft_bounce = no
      tls_random_source = dev:/dev/urandom
      transport_maps = hash:/etc/postfix/transport
      unknown_local_recipient_reject_code = 550
      virtual_alias_domains = hash:/etc/postfix/virtual_domains
      virtual_alias_maps = hash:/etc/postfix/virtual_users
    • Sahil Tandon
      ... Use an access(5) or transport(5) map: http://www.postfix.org/access.5.html http://www.postfix.org/transport.5.html -- Sahil Tandon
      Message 2 of 12 , Nov 24, 2009
      • 0 Attachment
        On Tue, 24 Nov 2009, techlist06 wrote:

        > I would like to setup postfix so it has a more friendly reject for
        > mail sent to (via replys to my messages) "maillist@..." with
        > a particular reject message that instructs the user on what
        > address(es) to use to better contact me. Something similar to :
        >
        > 550 reject The email address maillist@... does not accept inbound
        > mail. Please use one of these addresses for contacting us: maillist
        > unsubsubscribe: remove@..., support issues: support@...,
        > other info@..., etc.
        >
        > Can someone help and tell me where is the best place to set this up?

        Use an access(5) or transport(5) map:

        http://www.postfix.org/access.5.html
        http://www.postfix.org/transport.5.html

        --
        Sahil Tandon <sahil@...>
      • techlist06
        ... It appears that using an access map would best meet my need. I do not currently use an access map. Can you/anyone assist me with the proper placement of
        Message 3 of 12 , Nov 30, 2009
        • 0 Attachment
          Sahil, et.al:

          >Use an access(5) or transport(5) map:

          It appears that using an access map would best meet my need. I do not
          currently use an access map. Can you/anyone assist me with the proper
          placement of
          check_client_access hash:/etc/postfix/access
          in my setup? I don't want to screw up my restrictions which otherwise work
          properly.

          I *think* putting it last, after my greylisting line (see comment in
          postconf output below) would be appropriate. I think I'd want them to pass
          all other spam checks before rejecting semi-legitimate mail to this
          particular address with my specific reject message.

          Thanks,
          Scott


          postconf -n:

          alias_database = hash:/etc/aliases
          alias_maps = hash:/etc/aliases
          broken_sasl_auth_clients = yes
          command_directory = /usr/sbin
          config_directory = /etc/postfix
          content_filter = smtp-amavis:[127.0.0.1]:10024
          daemon_directory = /usr/libexec/postfix
          debug_peer_level = 2
          disable_vrfy_command = yes
          html_directory = no
          inet_interfaces = $myhostname, localhost
          local_recipient_maps = hash:/etc/postfix/local_recipient
          mail_owner = postfix
          mail_spool_directory = /var/spool/mail
          mailbox_size_limit = 483886080
          mailq_path = /usr/bin/mailq.postfix
          manpage_directory = /usr/share/man
          message_size_limit = 10485760
          mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
          mydomain = companypostoffice.com
          myhostname = tn1.companypostoffice.com
          mynetworks = localhost,$localdomain, xx.xx.xx.xx/32, xx.xx.xx.xx/32
          myorigin = $myhostname
          newaliases_path = /usr/bin/newaliases.postfix
          parent_domain_matches_subdomains = smtpd_access_maps
          queue_directory = /var/spool/postfix
          readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
          recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
          relay_domains = differentdomain.com
          relay_recipient_maps = hash:/etc/postfix/relay_recipients
          sample_directory = /usr/share/doc/postfix-2.2.10/samples
          sendmail_path = /usr/sbin/sendmail.postfix
          setgid_group = postdrop
          smtpd_data_restrictions = reject_unauth_pipelining, permit
          smtpd_helo_required = yes
          smtpd_recipient_limit = 1500
          smtpd_recipient_restrictions = reject_invalid_hostname,
          reject_non_fqdn_hostname, reject_non_fqdn_sender,
          reject_non_fqdn_recipient, permit_mynetworks, reject_unauth_destination,
          check_recipient_mx_access hash:/etc/postfix/mx_access,
          check_sender_mx_access hash:/etc/postfix/mx_access,
          reject_unknown_sender_domain, check_recipient_access
          pcre:/etc/postfix/recipient_checks.pcre, check_helo_access
          hash:/etc/postfix/helo_checks, check_sender_access
          hash:/etc/postfix/sender_checks, check_client_access
          hash:/etc/postfix/client_checks, check_client_access
          pcre:/etc/postfix/client_checks.pcre, reject_rbl_client list.dsbl.org,
          reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net,
          reject_rbl_client psbl.surriel.com, reject_rbl_client bl.spamcop.net,
          check_policy_service unix:postgrey/socket, permit

          ## access map check here ??

          smtpd_sasl_auth_enable = yes
          smtpd_sasl_local_domain = $myhostname
          smtpd_sasl_security_options = noanonymous
          smtpd_tls_CAfile = /etc/postfix/certs/cacert.pem
          smtpd_tls_auth_only = yes
          smtpd_tls_cert_file = /etc/postfix/certs/postfix_public_cert.pem
          smtpd_tls_key_file = /etc/postfix/certs/postfix_private_key.pem
          smtpd_tls_loglevel = 1
          smtpd_tls_received_header = yes
          smtpd_tls_session_cache_timeout = 3600s
          smtpd_use_tls = yes
          soft_bounce = no
          tls_random_source = dev:/dev/urandom
          transport_maps = hash:/etc/postfix/transport
          unknown_local_recipient_reject_code = 550
          virtual_alias_domains = hash:/etc/postfix/virtual_domains
          virtual_alias_maps = hash:/etc/postfix/virtual_users
        • techlist06
          I tried to setup an access map and reject a specific user. But the mails to that user are not rejected. I tried adding the access map in a few different
          Message 4 of 12 , Nov 30, 2009
          • 0 Attachment
            I tried to setup an access map and reject a specific user. But the mails to
            that user are not rejected. I tried adding the access map in a few
            different places in the configuration, so far none worked. It shows up in
            the smtpd_recipient_restrictions line below. Can anyone see what I did
            wrong?:

            My access map file has:
            maillist2@... 550 REJECT

            The corresponding access.db file is built and fresh

            But mails to maillist2@... get through without issue.


            postconf -n:

            alias_database = hash:/etc/aliases
            alias_maps = hash:/etc/aliases
            broken_sasl_auth_clients = yes
            command_directory = /usr/sbin
            config_directory = /etc/postfix
            content_filter = smtp-amavis:[127.0.0.1]:10024
            daemon_directory = /usr/libexec/postfix
            debug_peer_level = 2
            disable_vrfy_command = yes
            html_directory = no
            inet_interfaces = $myhostname, localhost
            local_recipient_maps = hash:/etc/postfix/local_recipient
            mail_owner = postfix
            mail_spool_directory = /var/spool/mail
            mailbox_size_limit = xxxxxxx
            mailq_path = /usr/bin/mailq.postfix
            manpage_directory = /usr/share/man
            message_size_limit = xxxxxxxxx
            mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
            mydomain = companypostoffice.com
            myhostname = tn1.companypostoffice.com
            mynetworks = localhost,$localdomain, xx.xx.xx.xx/32, xx.xx.xx.xx/32
            myorigin = $myhostname
            newaliases_path = /usr/bin/newaliases.postfix
            parent_domain_matches_subdomains = smtpd_access_maps
            queue_directory = /var/spool/postfix
            readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
            recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
            relay_domains = differentdomain.com
            relay_recipient_maps = hash:/etc/postfix/relay_recipients
            sample_directory = /usr/share/doc/postfix-2.2.10/samples
            sendmail_path = /usr/sbin/sendmail.postfix
            setgid_group = postdrop
            smtpd_data_restrictions = reject_unauth_pipelining, permit
            smtpd_helo_required = yes
            smtpd_recipient_limit = 1500
            smtpd_recipient_restrictions = reject_invalid_hostname,
            reject_non_fqdn_hostname, reject_non_fqdn_sender,
            reject_non_fqdn_recipient, permit_mynetworks, reject_unauth_destination,
            check_recipient_mx_access hash:/etc/postfix/mx_access,
            check_sender_mx_access hash:/etc/postfix/mx_access,
            reject_unknown_sender_domain, check_recipient_access
            pcre:/etc/postfix/recipient_checks.pcre, check_helo_access
            hash:/etc/postfix/helo_checks, check_sender_access
            hash:/etc/postfix/sender_checks, check_client_access
            hash:/etc/postfix/client_checks, check_client_access
            pcre:/etc/postfix/client_checks.pcre, check_client_access
            hash:/etc/postfix/access reject_rbl_client list.dsbl.org,
            reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net,
            reject_rbl_client psbl.surriel.com, reject_rbl_client bl.spamcop.net,
            check_policy_service unix:postgrey/socket, permit
            smtpd_sasl_auth_enable = yes
            smtpd_sasl_local_domain = $myhostname
            smtpd_sasl_security_options = noanonymous
            smtpd_tls_CAfile = /etc/postfix/certs/cacert.pem
            smtpd_tls_auth_only = yes
            smtpd_tls_cert_file = /etc/postfix/certs/postfix_public_cert.pem
            smtpd_tls_key_file = /etc/postfix/certs/postfix_private_key.pem
            smtpd_tls_loglevel = 1
            smtpd_tls_received_header = yes
            smtpd_tls_session_cache_timeout = 3600s
            smtpd_use_tls = yes
            soft_bounce = no
            tls_random_source = dev:/dev/urandom
            transport_maps = hash:/etc/postfix/transport
            unknown_local_recipient_reject_code = 550
            virtual_alias_domains = hash:/etc/postfix/virtual_domains
            virtual_alias_maps = hash:/etc/postfix/virtual_users





            >-----Original Message-----
            >From: owner-postfix-users@...
            >[mailto:owner-postfix-users@...] On Behalf Of techlist06
            >Sent: Tuesday, November 24, 2009 8:14 AM
            >To: postfix-users@...
            >Subject: Bounce a particular recipient address with specified
            >reject message
            >
            >Greetings:
            >
            >I have what I expect is a simple question for you guys.
            >Thanks to Ralphs
            >book and the help here I have a many-year stable postfix
            >configuration, love
            >it, don't mess with it.
            >
            >I have a very small hobby-based mailing list I maintain
            >manually in Outlook.
            >Although all maillist messages I send out include a footer asking the
            >recipients to not reply to that maillist messages, the users
            >will reply to
            >the maillist messages occasionally and I would prefer they
            >only reply to my
            >other addresses. I can change the reply to address in Outlook
            >to an invalid
            >one, and it will reject it back to the sender with "not in virtual user
            >table" but I don't wan that bounce message for this particular case.
            >
            >Instead, I would like to setup postfix so it has a more
            >friendly reject for
            >mail sent to (via replys to my messages) "maillist@..." with a
            >particular reject message that instructs the user on what
            >address(es) to use
            >to better contact me. Something similar to :
            >
            >550 reject The email address maillist@... does not
            >accept inbound
            >mail. Please use one of these addresses for contacting us: maillist
            >unsubsubscribe: remove@..., support issues:
            >support@...,
            >other info@..., etc.
            >
            >I thought maybe adding the address maillist@... to the
            >recipient_checks.pcre? But I don't know how to write the re
            >if that's the
            >right place to do this.
            >
            >Can someone help and tell me where is the best place to set this up?
            >
            >Thanks as always,
            >Scott
            >
            >
            >postconf -n:
            >
            >alias_database = hash:/etc/aliases
            >alias_maps = hash:/etc/aliases
            >broken_sasl_auth_clients = yes
            >command_directory = /usr/sbin
            >config_directory = /etc/postfix
            >content_filter = smtp-amavis:[127.0.0.1]:10024
            >daemon_directory = /usr/libexec/postfix
            >debug_peer_level = 2
            >disable_vrfy_command = yes
            >html_directory = no
            >inet_interfaces = $myhostname, localhost
            >local_recipient_maps = hash:/etc/postfix/local_recipient
            >mail_owner = postfix
            >mail_spool_directory = /var/spool/mail
            >mailbox_size_limit = 483886080
            >mailq_path = /usr/bin/mailq.postfix
            >manpage_directory = /usr/share/man
            >message_size_limit = 10485760
            >mydestination = $myhostname, localhost.$mydomain, localhost,
            > $mydomain
            >mydomain = companypostoffice.com
            >myhostname = tn1.companypostoffice.com
            >mynetworks = localhost,$localdomain, xx.xx.xx.xx/32, xx.xx.xx.xx/32
            >myorigin = $myhostname
            >newaliases_path = /usr/bin/newaliases.postfix
            >parent_domain_matches_subdomains = smtpd_access_maps
            >queue_directory = /var/spool/postfix
            >readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES
            >recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
            >relay_domains = differentdomain.com
            >relay_recipient_maps = hash:/etc/postfix/relay_recipients
            >sample_directory = /usr/share/doc/postfix-2.2.10/samples
            >sendmail_path = /usr/sbin/sendmail.postfix
            >setgid_group = postdrop
            >smtpd_data_restrictions = reject_unauth_pipelining, permit
            >smtpd_helo_required = yes
            >smtpd_recipient_limit = 1500
            >smtpd_recipient_restrictions = reject_invalid_hostname,
            >reject_non_fqdn_hostname, reject_non_fqdn_sender,
            >reject_non_fqdn_recipient, permit_mynetworks,
            >reject_unauth_destination,
            >check_recipient_mx_access hash:/etc/postfix/mx_access,
            >check_sender_mx_access hash:/etc/postfix/mx_access,
            >reject_unknown_sender_domain, check_recipient_access
            >pcre:/etc/postfix/recipient_checks.pcre, check_helo_access
            >hash:/etc/postfix/helo_checks, check_sender_access
            >hash:/etc/postfix/sender_checks, check_client_access
            >hash:/etc/postfix/client_checks, check_client_access
            >pcre:/etc/postfix/client_checks.pcre, reject_rbl_client list.dsbl.org,
            >reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net,
            >reject_rbl_client psbl.surriel.com, reject_rbl_client bl.spamcop.net,
            >check_policy_service unix:postgrey/socket, permit
            >smtpd_sasl_auth_enable = yes
            >smtpd_sasl_local_domain = $myhostname
            >smtpd_sasl_security_options = noanonymous
            >smtpd_tls_CAfile = /etc/postfix/certs/cacert.pem
            >smtpd_tls_auth_only = yes
            >smtpd_tls_cert_file = /etc/postfix/certs/postfix_public_cert.pem
            >smtpd_tls_key_file = /etc/postfix/certs/postfix_private_key.pem
            >smtpd_tls_loglevel = 1
            >smtpd_tls_received_header = yes
            >smtpd_tls_session_cache_timeout = 3600s
            >smtpd_use_tls = yes
            >soft_bounce = no
            >tls_random_source = dev:/dev/urandom
            >transport_maps = hash:/etc/postfix/transport
            >unknown_local_recipient_reject_code = 550
            >virtual_alias_domains = hash:/etc/postfix/virtual_domains
            >virtual_alias_maps = hash:/etc/postfix/virtual_users
            >
            >
            >
          • Stan Hoeppner
            ... Yes, you have: check_client_access hash:/etc/postfix/access which is wrong for matching email addresses: check_client_access type:table Search the
            Message 5 of 12 , Nov 30, 2009
            • 0 Attachment
              techlist06 put forth on 11/30/2009 1:59 PM:
              > I tried to setup an access map and reject a specific user. But the mails to
              > that user are not rejected. I tried adding the access map in a few
              > different places in the configuration, so far none worked. It shows up in
              > the smtpd_recipient_restrictions line below. Can anyone see what I did
              > wrong?:

              Yes, you have:

              check_client_access hash:/etc/postfix/access

              which is wrong for matching email addresses:

              check_client_access type:table
              Search the specified access database for the client hostname, parent
              domains, client IP address, or networks obtained by stripping least
              significant octets. See the access(5) manual page for details.


              You need check_recipient_access type:table

              check_recipient_access type:table
              Search the specified access(5) database for the resolved RCPT TO
              address, domain, parent domains, or localpart@, and execute the
              corresponding action.

              Example:

              smtpd_recipient_restrictions =
              check_recipient_access hash:/etc/postfix/access

              /etc/postfix/access
              maillist2@... 550 REJECT

              Also, postmap /etc/postfix/access every time you make changes to it. If
              you did not reload postfix after creating the access file and adding it
              to main.cf, you also need to restart postfix.

              > My access map file has:
              > maillist2@... 550 REJECT
              >
              > The corresponding access.db file is built and fresh
              >
              > But mails to maillist2@... get through without issue.

              BTW, if you are trying to block all access to this email address, why
              not just remove it from your list(s) of valid recipients? Did I miss
              something earlier in the thread?

              --
              Stan
            • techlist06
              ... Thanks, that fixed my error. ... I was wanting to give a specific reject message for a particular address. It s a small, manually maintained maillist. I
              Message 6 of 12 , Nov 30, 2009
              • 0 Attachment
                > You have:
                >check_client_access hash:/etc/postfix/access
                >which is wrong for matching email addresses:

                Thanks, that fixed my error.

                >check_recipient_access hash:/etc/postfix/access
                >BTW, if you are trying to block all access to this email address, why
                >not just remove it from your list(s) of valid recipients? Did I miss
                >something earlier in the thread?

                I was wanting to give a specific reject message for a particular address.
                It's a small, manually maintained maillist. I don't want the subscribers to
                reply to the "reply to" address, but I didn't want to reject mails without a
                friendlier explanation of where they should reply. An auto-reply with
                reject I guess.

                I expect there is a better way to do same, this seems to work OK.
              • Stan Hoeppner
                ... So, lemme get this straight. You changed the list address, but instead of just sending an email to the list addresses telling all users of the list
                Message 7 of 12 , Nov 30, 2009
                • 0 Attachment
                  techlist06 put forth on 11/30/2009 3:14 PM:
                  >> You have:
                  >> check_client_access hash:/etc/postfix/access
                  >> which is wrong for matching email addresses:
                  >
                  > Thanks, that fixed my error.
                  >
                  >> check_recipient_access hash:/etc/postfix/access
                  >> BTW, if you are trying to block all access to this email address, why
                  >> not just remove it from your list(s) of valid recipients? Did I miss
                  >> something earlier in the thread?
                  >
                  > I was wanting to give a specific reject message for a particular address.
                  > It's a small, manually maintained maillist. I don't want the subscribers to
                  > reply to the "reply to" address, but I didn't want to reject mails without a
                  > friendlier explanation of where they should reply. An auto-reply with
                  > reject I guess.
                  >
                  > I expect there is a better way to do same, this seems to work OK.

                  So, lemme get this straight. You changed the list address, but instead
                  of just sending an email to the list addresses telling all users of the
                  list address change, you just decided to, in essence, inform them via an
                  NDR when they send mail to the list? There have got to be at least 1000
                  list management how-to's on the web, and not a one would recommend you
                  do this in this way, and probably all 1000 would say _never_ manage a
                  list this way...yikes.

                  --
                  Stan
                • techlist06
                  ... No I didn t change the list address. It is not a mail list like this one, more of an announcement list . It is not a 2-way mailing list. The
                  Message 8 of 12 , Nov 30, 2009
                  • 0 Attachment
                    >So, lemme get this straight. You changed the list address, but instead
                    >of just sending an email to the list addresses telling all users of the
                    >list address change, you just decided to, in essence, inform
                    >them via an
                    >NDR when they send mail to the list? There have got to be at
                    >least 1000
                    >list management how-to's on the web, and not a one would recommend you
                    >do this in this way, and probably all 1000 would say _never_ manage a
                    >list this way...yikes.

                    No I didn't change the list address. It is not a "mail list" like this one,
                    more of an "announcement list". It is not a 2-way mailing list. The
                    subscribers don't send anything to it for other subscribers to see. It's
                    used rarely to send announcements of event cancellations, etc. About 1000
                    subscribers manually maintained. But, the users tend to start a (unrelated)
                    communication with us via replying to that announcement list's "reply to"
                    address since that is where they last received a message from us. And so
                    their message does not go to the right person, it goes to the source address
                    of the announcement and we have to sort through them and direct the message
                    to where it should have gone to start with. We just want to let subscriber
                    who incorrectly sends to the announcement list address to use one of the
                    "correct" addresses to communicate with us, not via replying to the
                    announcement list. See? FWIW, we tell them not to do it with a footer and
                    header on every announcement email, but they do it anyway. I'm sure there
                    is a better way, this seemed easy enough to implement. Perhaps and
                    auto-reply type setup to that particular address. I looked at those and
                    they looked more difficult to set up. I'd be grateful for better
                    suggestions. I'll look for a better way to notify them.

                    Thanks very much for the help.
                  • Noel Jones
                    ... The envelope sender where delivery problems are reported can be different from the From: header displayed in most email clients, which can also be
                    Message 9 of 12 , Nov 30, 2009
                    • 0 Attachment
                      On 11/30/2009 3:52 PM, techlist06 wrote:
                      >> So, lemme get this straight. You changed the list address, but instead
                      >> of just sending an email to the list addresses telling all users of the
                      >> list address change, you just decided to, in essence, inform
                      >> them via an
                      >> NDR when they send mail to the list? There have got to be at
                      >> least 1000
                      >> list management how-to's on the web, and not a one would recommend you
                      >> do this in this way, and probably all 1000 would say _never_ manage a
                      >> list this way...yikes.
                      >
                      > No I didn't change the list address. It is not a "mail list" like this one,
                      > more of an "announcement list". It is not a 2-way mailing list. The
                      > subscribers don't send anything to it for other subscribers to see. It's
                      > used rarely to send announcements of event cancellations, etc. About 1000
                      > subscribers manually maintained. But, the users tend to start a (unrelated)
                      > communication with us via replying to that announcement list's "reply to"
                      > address since that is where they last received a message from us. And so
                      > their message does not go to the right person, it goes to the source address
                      > of the announcement and we have to sort through them and direct the message
                      > to where it should have gone to start with. We just want to let subscriber
                      > who incorrectly sends to the announcement list address to use one of the
                      > "correct" addresses to communicate with us, not via replying to the
                      > announcement list. See? FWIW, we tell them not to do it with a footer and
                      > header on every announcement email, but they do it anyway. I'm sure there
                      > is a better way, this seemed easy enough to implement. Perhaps and
                      > auto-reply type setup to that particular address. I looked at those and
                      > they looked more difficult to set up. I'd be grateful for better
                      > suggestions. I'll look for a better way to notify them.
                      >
                      > Thanks very much for the help.
                      >
                      >
                      >

                      The envelope sender where delivery problems are reported can
                      be different from the From: header displayed in most email
                      clients, which can also be different from the Reply-To: header
                      where most mail clients will send if you hit the "Reply" button.

                      You mustn't block the mail list's envelope sender address; you
                      must be able to receive non-delivery notifications.

                      There's nothing wrong with rejecting incoming mail addressed
                      to the mail list "From:" address for an announce-only list.

                      In your case, it would be a nice touch to add a Reply-To:
                      header that points to the human contact or help desk as a
                      convenience for your recipients.

                      Look at this message -- the envelope is
                      "owner-postfix-users@..." the From: displayed by your mail
                      client is "Noel Jones", but if you hit your reply button it
                      will be addressed to "postfix-users@..." since I want replies
                      to go to the list.


                      -- Noel Jones
                    • techlist06
                      Noel: Thank you. ... I believe I understand and that was exactly what I was setting up, I think. This is what I had setup to do: The original message is
                      Message 10 of 12 , Nov 30, 2009
                      • 0 Attachment
                        Noel:

                        Thank you.

                        >The envelope sender where delivery problems are reported can
                        >be different from the From: header displayed in most email
                        >clients, which can also be different from the Reply-To: header
                        >where most mail clients will send if you hit the "Reply" button.
                        >
                        >You mustn't block the mail list's envelope sender address; you
                        >must be able to receive non-delivery notifications.

                        >There's nothing wrong with rejecting incoming mail addressed
                        >to the mail list "From:" address for an announce-only list.

                        I believe I understand and that was exactly what I was setting up, I think.
                        This is what I had setup to do:
                        The original message is actually sent from maillist@.... The
                        envelope sender as I understand it.

                        I NEED to know when a announcement message bounces, because that is how I
                        maintain the list manually, and remove any invalid entries. When they
                        bounce, I know they are bad, or I can decide if they've had too many
                        "mailbox full" replies, etc. and I then I remove the bounced address from
                        the distribution list. So I have not blocked the envelope sender.

                        For announcements I send, I have the "Reply to" set to a different, but
                        similar address which is: maillist_noreply@... (still trying to get
                        their attention to not reply to the address). This is the address I have
                        blocked in my new access table.

                        So, if they click on "reply" in their client, the reply message should be
                        sent to maillist_noreply@.... My end accepts it (through spam
                        filters), but then rejects the address with my custom reject message via my
                        new access table with:
                        maillist_noreply@... 550 Do not reply to this address, instead do
                        this.....

                        I did not add all that detail in my original post to avoid confusing my
                        original question. Thanks for the detailed reply and helping me be sure I
                        wasn't doing something wrong/improper.

                        Best,
                        Scott
                      • Charles Marcus
                        ... You are NOT rejecting , you are ACCEPTING, then BOUNCING, which you should never do if you can possibly help it. Reject it at smtp time. Why waste system
                        Message 11 of 12 , Dec 1, 2009
                        • 0 Attachment
                          On 11/30/2009, techlist06 (techlist06@...) wrote:
                          > So, if they click on "reply" in their client, the reply message should be
                          > sent to maillist_noreply@.... My end accepts it (through spam
                          > filters), but then rejects the address with my custom reject message via my
                          > new access table with:

                          You are NOT 'rejecting', you are ACCEPTING, then BOUNCING, which you
                          should never do if you can possibly help it. Reject it at smtp time.

                          Why waste system resources scanning messages you will later bounce?
                        • techlist06
                          ... I understand your point. Thank you for correcting my syntax. FWIW, this will only happen to a relatively minuscule number of inbound messages. I don t
                          Message 12 of 12 , Dec 1, 2009
                          • 0 Attachment
                            >You are NOT 'rejecting', you are ACCEPTING, then BOUNCING, which you
                            >should never do if you can possibly help it. Reject it at smtp time.
                            >
                            >Why waste system resources scanning messages you will later bounce?

                            I understand your point. Thank you for correcting my syntax. FWIW, this
                            will only happen to a relatively minuscule number of inbound messages. I
                            don't *think* it will take much in the way of resources. For my specific
                            purpose, this check is to deal with the occasional, but fairly regular
                            incorrect replies to the announcement list. The access map check is likely
                            to only have to deal with such an "accept, then bounce" a few times a week.
                            So I figured instead of testing thousands per day of unrelated inbound
                            messages against this access check that I know will get "hit" rarely, I
                            figured it would be better to put the check nearer the end of my UCE checks.
                            Which will cause the occasional accept then bounce.

                            Mainly I was apprehensive about moving the restriction on my main.cf. I
                            have tried to carefully select respected authorities books and one
                            particular UCE "guide" to build my main.cf. And it works very, very well
                            (thanks Ralf). Not being an expert, I don't want to accidentally break
                            anything that is there and screw it up. If you have a suggestion on where
                            to put the access map restriction in my setup, I'm all ears.

                            Thanks!
                          Your message has been successfully submitted and would be delivered to recipients shortly.