Loading ...
Sorry, an error occurred while loading the content.
 

Persistent mails being received

Expand Messages
  • Sharma, Ashish
    Hi, I have a postfix mail server configured as mail receiving server. The problem that I am facing is that I am receiving same email every 15 second from same
    Message 1 of 16 , Oct 27, 2010
      Hi,

      I have a postfix mail server configured as mail receiving server.

      The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@...' with same message-ID on my production mail servers, following are my postfix logs:

      "Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: connect from webmail.warwick.net[204.255.24.104]
      Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: 2EAAF23004C: client=webmail.warwick.net[204.255.24.104]
      Oct 25 01:11:02 g2t0433g postfix/cleanup[6579]: 2EAAF23004C: message-id=<CE130ED7-D498-4461-B076-E3B8AB55B462@...>
      Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): webmail.warwick.net [204.255.24.104] not internal Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): not authenticated Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing domain match for `warwick.net'
      Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing subdomain match for `warwick.net'
      Oct 25 01:11:02 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: from=<peter**@...>, size=1987, nrcpt=1 (queue active) Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: disconnect from webmail.warwick.net[204.255.24.104]
      Oct 25 01:11:03 g2t0433g amavis[6492]: (06492-09) Passed CLEAN, [204.255.24.104] [204.255.24.104] <peter**@...> -> <775eejom36ebi@...>, Message-ID: <CE130ED7-D498-4461-B076-E3B8AB55B462@...>, mail_id: rJ8M8oQHBzWt, Hits: 1.104, size: 2234, queued_as: 250 Ok, 946 ms Oct 25 01:11:03 g2t0433g postfix/lmtp[6585]: 2EAAF23004C: to=<775eejom36ebi@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.6/0/0.01/0.95, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=06492-09, from MTA([127.0.0.1]:10030): 250 Ok) Oct 25 01:11:03 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: removed"


      Right now I have added 'peter**@...' in my postfix 'main.cf' restriction list as follows:

      content_filter=amavisfeed:[127.0.0.1]:10024

      #Milter support for smtpd mail
      smtpd_milters =
      inet:localhost:10028 #Custom java mail filter

      milter_default_action = reject

      # Postfix . 2.6
      milter_protocol = 2

      smtpd_recipient_restrictions =
      check_recipient_access hash:/etc/postfix/recipientRestrictionList,
      reject_unauth_destination,
      reject_rbl_client zen.spamhaus.org,
      reject_rbl_client bl.spamcop.net
      permit

      Is it the right approach?

      If not, kindly suggest me correct approach that I can use on Postfix conf files or mail filters to deal with such persistent emails.

      Please help

      Thanks in advance
      Ashish Sharma
    • Jeroen Geilman
      ... ... ... No. You want to stop that *sender* - so use the correct restriction. -- J.
      Message 2 of 16 , Oct 27, 2010
        On 10/27/2010 11:21 AM, Sharma, Ashish wrote:
        > Hi,
        >
        > I have a postfix mail server configured as mail receiving server.
        >
        > The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@...' with same message-ID on my production mail servers, following are my postfix logs:
        >
        >
        >
        <snip irrelevant>

        > Right now I have added 'peter**@...' in my postfix 'main.cf' restriction list as follows:
        >
        <snip irrelevant>


        > smtpd_recipient_restrictions =
        > check_recipient_access hash:/etc/postfix/recipientRestrictionList,
        > reject_unauth_destination,
        > reject_rbl_client zen.spamhaus.org,
        > reject_rbl_client bl.spamcop.net
        > permit
        >
        > Is it the right approach?
        >

        No.

        You want to stop that *sender* - so use the correct restriction.


        --
        J.
      • Sharma, Ashish
        There s a correction in my Postfix main.cf settings in the mail below. ... From: owner-postfix-users@postfix.org [mailto:owner-postfix-users@postfix.org] On
        Message 3 of 16 , Oct 27, 2010
          There's a correction in my Postfix 'main.cf' settings in the mail below.

          -----Original Message-----
          From: owner-postfix-users@... [mailto:owner-postfix-users@...] On Behalf Of Sharma, Ashish
          Sent: Wednesday, October 27, 2010 2:52 PM
          To: postfix users
          Subject: Persistent mails being received

          Hi,

          I have a postfix mail server configured as mail receiving server.

          The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@...' with same message-ID on my production mail servers, following are my postfix logs:

          "Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: connect from webmail.warwick.net[204.255.24.104]
          Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: 2EAAF23004C: client=webmail.warwick.net[204.255.24.104]
          Oct 25 01:11:02 g2t0433g postfix/cleanup[6579]: 2EAAF23004C: message-id=<CE130ED7-D498-4461-B076-E3B8AB55B462@...>
          Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): webmail.warwick.net [204.255.24.104] not internal Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): not authenticated Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing domain match for `warwick.net'
          Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing subdomain match for `warwick.net'
          Oct 25 01:11:02 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: from=<peter**@...>, size=1987, nrcpt=1 (queue active) Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: disconnect from webmail.warwick.net[204.255.24.104]
          Oct 25 01:11:03 g2t0433g amavis[6492]: (06492-09) Passed CLEAN, [204.255.24.104] [204.255.24.104] <peter**@...> -> <775eejom36ebi@...>, Message-ID: <CE130ED7-D498-4461-B076-E3B8AB55B462@...>, mail_id: rJ8M8oQHBzWt, Hits: 1.104, size: 2234, queued_as: 250 Ok, 946 ms Oct 25 01:11:03 g2t0433g postfix/lmtp[6585]: 2EAAF23004C: to=<775eejom36ebi@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.6/0/0.01/0.95, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=06492-09, from MTA([127.0.0.1]:10030): 250 Ok) Oct 25 01:11:03 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: removed"


          Right now I have added 'peter**@...' in my postfix 'main.cf' restriction list as follows:

          content_filter=amavisfeed:[127.0.0.1]:10024

          #Milter support for smtpd mail
          smtpd_milters =
          inet:localhost:10028 #Custom java mail filter

          milter_default_action = reject

          # Postfix . 2.6
          milter_protocol = 2

          smtpd_recipient_restrictions =
          check_recipient_access hash:/etc/postfix/recipientRestrictionList,
          check_sender_access hash:/etc/postfix/senderRestrictionList,
          reject_unauth_destination,
          reject_rbl_client zen.spamhaus.org,
          reject_rbl_client bl.spamcop.net
          permit

          Is it the right approach?

          If not, kindly suggest me correct approach that I can use on Postfix conf files or mail filters to deal with such persistent emails.

          Please help

          Thanks in advance
          Ashish Sharma
        • Noel Jones
          ... We don t care about random snippings from main.cf. If you want to show your config, show postconf -n output. ... Typically this should look like:
          Message 4 of 16 , Oct 27, 2010
            On 10/27/2010 6:19 AM, Sharma, Ashish wrote:
            > There's a correction in my Postfix 'main.cf' settings in the mail below.

            We don't care about random snippings from main.cf. If you
            want to show your config, show "postconf -n" output.


            > smtpd_recipient_restrictions =
            > check_recipient_access hash:/etc/postfix/recipientRestrictionList,
            > check_sender_access hash:/etc/postfix/senderRestrictionList,
            > reject_unauth_destination,
            > reject_rbl_client zen.spamhaus.org,
            > reject_rbl_client bl.spamcop.net
            > permit


            Typically this should look like:

            smtpd_recipient_restrictions =
            permit_mynetworks
            reject_unauth_destination
            ... access maps ...
            ... RBL checks ...


            Is something not working as expected?



            -- Noel Jones
          • Sharma, Ashish
            Attached is the output: # postconf -n to use for recipients that are not found in the UNIX passwd database. alias_maps = hash:/etc/aliases command_directory =
            Message 5 of 16 , Oct 27, 2010
              Attached is the output:
              # postconf -n
              to use for recipients that are not found in the UNIX passwd database.
              alias_maps = hash:/etc/aliases
              command_directory = /usr/sbin
              config_directory = /etc/postfix
              content_filter = amavisfeed:[127.0.0.1]:10024
              daemon_directory = /usr/libexec/postfix
              data_directory = /var/lib/postfix
              debug_peer_level = 2
              html_directory = no
              inet_interfaces = all
              local_recipient_maps =
              mail_owner = postfix
              mailq_path = /usr/bin/mailq.postfix
              manpage_directory = /usr/share/man
              message_size_limit = 15728640
              milter_default_action = reject
              milter_protocol = 2
              mydestination = $myhostname, $mydomain
              mydomain = dev1.cpgtest.ostinet.net
              myhostname = dev1.cpgtest.ostinet.net
              mynetworks_style = class
              newaliases_path = /usr/bin/newaliases.postfix
              queue_directory = /var/spool/postfix
              readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
              receive_override_options = no_address_mappings
              relayhost = mail.ostinet.net:25
              sample_directory = /usr/share/doc/postfix-2.3.3/samples
              sendmail_path = /usr/bin/sendmail.postfix
              setgid_group = postdrop
              inet:localhost:10028,calhost:10026,
              permit_rbl_client bl.spamcop.netrg,ix/senderRestrictionList, reject_unauth_destination,onList,
              smtpd_tls_ask_ccert = yes
              smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
              smtpd_tls_key_file = $smtpd_tls_cert_file
              smtpd_tls_loglevel = 1
              smtpd_tls_security_level = may
              unknown_local_recipient_reject_code = 550

              Thanks in advance
              Ashish

              -----Original Message-----
              From: owner-postfix-users@... [mailto:owner-postfix-users@...] On Behalf Of Sharma, Ashish
              Sent: Wednesday, October 27, 2010 4:50 PM
              To: postfix users
              Subject: Correction: Persistent mails being received

              There's a correction in my Postfix 'main.cf' settings in the mail below.

              -----Original Message-----
              From: owner-postfix-users@... [mailto:owner-postfix-users@...] On Behalf Of Sharma, Ashish
              Sent: Wednesday, October 27, 2010 2:52 PM
              To: postfix users
              Subject: Persistent mails being received

              Hi,

              I have a postfix mail server configured as mail receiving server.

              The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@...' with same message-ID on my production mail servers, following are my postfix logs:

              "Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: connect from webmail.warwick.net[204.255.24.104]
              Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: 2EAAF23004C: client=webmail.warwick.net[204.255.24.104]
              Oct 25 01:11:02 g2t0433g postfix/cleanup[6579]: 2EAAF23004C: message-id=<CE130ED7-D498-4461-B076-E3B8AB55B462@...>
              Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): webmail.warwick.net [204.255.24.104] not internal Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): not authenticated Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing domain match for `warwick.net'
              Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing subdomain match for `warwick.net'
              Oct 25 01:11:02 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: from=<peter**@...>, size=1987, nrcpt=1 (queue active) Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: disconnect from webmail.warwick.net[204.255.24.104]
              Oct 25 01:11:03 g2t0433g amavis[6492]: (06492-09) Passed CLEAN, [204.255.24.104] [204.255.24.104] <peter**@...> -> <775eejom36ebi@...>, Message-ID: <CE130ED7-D498-4461-B076-E3B8AB55B462@...>, mail_id: rJ8M8oQHBzWt, Hits: 1.104, size: 2234, queued_as: 250 Ok, 946 ms Oct 25 01:11:03 g2t0433g postfix/lmtp[6585]: 2EAAF23004C: to=<775eejom36ebi@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.6/0/0.01/0.95, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=06492-09, from MTA([127.0.0.1]:10030): 250 Ok) Oct 25 01:11:03 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: removed"


              Right now I have added 'peter**@...' in my postfix 'main.cf' restriction list as follows:

              content_filter=amavisfeed:[127.0.0.1]:10024

              #Milter support for smtpd mail
              smtpd_milters =
              inet:localhost:10028 #Custom java mail filter

              milter_default_action = reject

              # Postfix . 2.6
              milter_protocol = 2

              smtpd_recipient_restrictions =
              check_recipient_access hash:/etc/postfix/recipientRestrictionList,
              check_sender_access hash:/etc/postfix/senderRestrictionList,
              reject_unauth_destination,
              reject_rbl_client zen.spamhaus.org,
              reject_rbl_client bl.spamcop.net
              permit

              Is it the right approach?

              If not, kindly suggest me correct approach that I can use on Postfix conf files or mail filters to deal with such persistent emails.

              Please help

              Thanks in advance
              Ashish Sharma
            • Sharma, Ashish
              Attached is the output: # postconf -n to use for recipients that are not found in the UNIX passwd database. alias_maps = hash:/etc/aliases command_directory =
              Message 6 of 16 , Oct 27, 2010
                Attached is the output:
                # postconf -n

                to use for recipients that are not found in the UNIX passwd database.
                alias_maps = hash:/etc/aliases
                command_directory = /usr/sbin
                config_directory = /etc/postfix
                content_filter = amavisfeed:[127.0.0.1]:10024
                daemon_directory = /usr/libexec/postfix
                data_directory = /var/lib/postfix
                debug_peer_level = 2
                html_directory = no
                inet_interfaces = all
                local_recipient_maps =
                mail_owner = postfix
                mailq_path = /usr/bin/mailq.postfix
                manpage_directory = /usr/share/man
                message_size_limit = 15728640
                milter_default_action = reject
                milter_protocol = 2
                mydestination = $myhostname, $mydomain
                mydomain = dev1.cpgtest.ostinet.net
                myhostname = dev1.cpgtest.ostinet.net
                mynetworks_style = class
                newaliases_path = /usr/bin/newaliases.postfix
                queue_directory = /var/spool/postfix
                readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
                receive_override_options = no_address_mappings
                relayhost = mail.ostinet.net:25
                sample_directory = /usr/share/doc/postfix-2.3.3/samples
                sendmail_path = /usr/bin/sendmail.postfix
                setgid_group = postdrop
                inet:localhost:10028,calhost:10026,
                permit_rbl_client bl.spamcop.netrg,recipient_access hash:/etc/postfix/recipientRestrictionList,
                smtpd_tls_ask_ccert = yes
                smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
                smtpd_tls_key_file = $smtpd_tls_cert_file
                smtpd_tls_loglevel = 1
                smtpd_tls_security_level = may
                unknown_local_recipient_reject_code = 550

                Thanks
                Ashish Sharma

                -----Original Message-----
                From: owner-postfix-users@... [mailto:owner-postfix-users@...] On Behalf Of Noel Jones
                Sent: Wednesday, October 27, 2010 5:01 PM
                To: postfix-users@...
                Subject: Re: Correction: Persistent mails being received

                On 10/27/2010 6:19 AM, Sharma, Ashish wrote:
                > There's a correction in my Postfix 'main.cf' settings in the mail below.

                We don't care about random snippings from main.cf. If you
                want to show your config, show "postconf -n" output.


                > smtpd_recipient_restrictions =
                > check_recipient_access hash:/etc/postfix/recipientRestrictionList,
                > check_sender_access hash:/etc/postfix/senderRestrictionList,
                > reject_unauth_destination,
                > reject_rbl_client zen.spamhaus.org,
                > reject_rbl_client bl.spamcop.net
                > permit


                Typically this should look like:

                smtpd_recipient_restrictions =
                permit_mynetworks
                reject_unauth_destination
                ... access maps ...
                ... RBL checks ...


                Is something not working as expected?



                -- Noel Jones
              • Ralf Hildebrandt
                ... ... doesn t list smtpd_recipient_restritions! ... ... See? You produced garbage. SOmething is wrong in either the line setgid_group = postdrop or someplace
                Message 7 of 16 , Oct 27, 2010
                  * Sharma, Ashish <ashish.sharma3@...>:
                  > Attached is the output:
                  > # postconf -n
                  ... doesn't list smtpd_recipient_restritions!

                  ...
                  > setgid_group = postdrop
                  > inet:localhost:10028,calhost:10026,
                  > permit_rbl_client bl.spamcop.netrg,ix/senderRestrictionList, reject_unauth_destination,onList,
                  > smtpd_tls_ask_ccert = yes
                  ...

                  See? You produced garbage. SOmething is wrong in either the line

                  setgid_group = postdrop
                  or someplace else.

                  --
                  Ralf Hildebrandt
                  Geschäftsbereich IT | Abteilung Netzwerk
                  Charité - Universitätsmedizin Berlin
                  Campus Benjamin Franklin
                  Hindenburgdamm 30 | D-12203 Berlin
                  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
                  ralf.hildebrandt@... | http://www.charite.de
                • Jeroen Geilman
                  ... That s either a completely corrupt (and hence non-functional) main.cf, or you slaughtered a text copy and paste. ... -- J.
                  Message 8 of 16 , Oct 27, 2010
                    On 10/27/2010 08:47 PM, Sharma, Ashish wrote:
                    > Attached is the output:
                    > # postconf -n
                    >
                    > to use for recipients that are not found in the UNIX passwd database.
                    > alias_maps = hash:/etc/aliases
                    > command_directory = /usr/sbin
                    > config_directory = /etc/postfix
                    > content_filter = amavisfeed:[127.0.0.1]:10024
                    > daemon_directory = /usr/libexec/postfix
                    > data_directory = /var/lib/postfix
                    > debug_peer_level = 2
                    > html_directory = no
                    > inet_interfaces = all
                    > local_recipient_maps =
                    > mail_owner = postfix
                    > mailq_path = /usr/bin/mailq.postfix
                    > manpage_directory = /usr/share/man
                    > message_size_limit = 15728640
                    > milter_default_action = reject
                    > milter_protocol = 2
                    > mydestination = $myhostname, $mydomain
                    > mydomain = dev1.cpgtest.ostinet.net
                    > myhostname = dev1.cpgtest.ostinet.net
                    > mynetworks_style = class
                    > newaliases_path = /usr/bin/newaliases.postfix
                    > queue_directory = /var/spool/postfix
                    > readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
                    > receive_override_options = no_address_mappings
                    > relayhost = mail.ostinet.net:25
                    > sample_directory = /usr/share/doc/postfix-2.3.3/samples
                    > sendmail_path = /usr/bin/sendmail.postfix
                    > setgid_group = postdrop
                    > inet:localhost:10028,calhost:10026,
                    > permit_rbl_client bl.spamcop.netrg,recipient_access hash:/etc/postfix/recipientRestrictionList,
                    >

                    That's either a completely corrupt (and hence non-functional) main.cf,
                    or you slaughtered a text copy and paste.

                    > Is something not working as expected?
                    >
                    >

                    --
                    J.
                  • Sharma, Ashish
                    Please find the corrected output for postconf on my postfix , and reply to my query. I need help. # /usr/sbin/postconf -n alias_database = hash:/etc/aliases
                    Message 9 of 16 , Oct 30, 2010
                      Please find the corrected output for postconf on my 'postfix', and reply to my query.

                      I need help.

                      # /usr/sbin/postconf -n
                      alias_database = hash:/etc/aliases to use for recipients that are not found in the UNIX passwd database.
                      alias_maps = hash:/etc/aliases
                      command_directory = /usr/sbin
                      config_directory = /etc/postfix
                      content_filter = amavisfeed:[127.0.0.1]:10024
                      daemon_directory = /usr/libexec/postfix
                      data_directory = /var/lib/postfix
                      debug_peer_level = 2
                      html_directory = no
                      inet_interfaces = all
                      local_recipient_maps =
                      mail_owner = postfix
                      mailq_path = /usr/bin/mailq.postfix
                      manpage_directory = /usr/share/man
                      message_size_limit = 15728640
                      milter_default_action = reject
                      milter_protocol = 2
                      mydestination = $myhostname, $mydomain
                      mydomain = dev1.test.****.net
                      myhostname = dev1.cpgtest.ostinet.net
                      mynetworks_style = class
                      newaliases_path = /usr/bin/newaliases.postfix
                      queue_directory = /var/spool/postfix
                      readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
                      receive_override_options = no_address_mappings
                      relayhost = mail.*****.net:25
                      sample_directory = /usr/share/doc/postfix-2.3.3/samples
                      sendmail_path = /usr/bin/sendmail.postfix
                      setgid_group = postdrop
                      smtpd_milters = inet:localhost:10026, inet:localhost:10027, inet:localhost:10028
                      smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/recipientRestrictionList, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net permit
                      smtpd_tls_ask_ccert = yes
                      smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
                      smtpd_tls_key_file = $smtpd_tls_cert_file
                      smtpd_tls_loglevel = 1
                      smtpd_tls_security_level = may
                      unknown_local_recipient_reject_code = 550


                      Thanks in advance
                      Ashish


                      -----Original Message-----
                      From: owner-postfix-users@... [mailto:owner-postfix-users@...] On Behalf Of Sharma, Ashish
                      Sent: Wednesday, October 27, 2010 2:52 PM
                      To: postfix users
                      Subject: Persistent mails being received

                      Hi,

                      I have a postfix mail server configured as mail receiving server.

                      The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@...' with same message-ID on my production mail servers, following are my postfix logs:

                      "Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: connect from webmail.warwick.net[204.255.24.104]
                      Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: 2EAAF23004C: client=webmail.warwick.net[204.255.24.104]
                      Oct 25 01:11:02 g2t0433g postfix/cleanup[6579]: 2EAAF23004C: message-id=<CE130ED7-D498-4461-B076-E3B8AB55B462@...>
                      Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): webmail.warwick.net [204.255.24.104] not internal Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): not authenticated Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing domain match for `warwick.net'
                      Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing subdomain match for `warwick.net'
                      Oct 25 01:11:02 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: from=<peter**@...>, size=1987, nrcpt=1 (queue active) Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: disconnect from webmail.warwick.net[204.255.24.104]
                      Oct 25 01:11:03 g2t0433g amavis[6492]: (06492-09) Passed CLEAN, [204.255.24.104] [204.255.24.104] <peter**@...> -> <775eejom36ebi@...>, Message-ID: <CE130ED7-D498-4461-B076-E3B8AB55B462@...>, mail_id: rJ8M8oQHBzWt, Hits: 1.104, size: 2234, queued_as: 250 Ok, 946 ms Oct 25 01:11:03 g2t0433g postfix/lmtp[6585]: 2EAAF23004C: to=<775eejom36ebi@...>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.6/0/0.01/0.95, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=06492-09, from MTA([127.0.0.1]:10030): 250 Ok) Oct 25 01:11:03 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: removed"


                      Right now I have added 'peter**@...' in my postfix 'main.cf' restriction list as follows:

                      content_filter=amavisfeed:[127.0.0.1]:10024

                      #Milter support for smtpd mail
                      smtpd_milters =
                      inet:localhost:10026,
                      inet:localhost:10027,
                      inet:localhost:10028 #Custom java mail filter

                      milter_default_action = reject

                      # Postfix . 2.6
                      milter_protocol = 2

                      smtpd_recipient_restrictions =
                      check_recipient_access hash:/etc/postfix/recipientRestrictionList,
                      check_sender_access hash:/etc/postfix/senderRestrictionList,
                      reject_unauth_destination,
                      reject_rbl_client zen.spamhaus.org,
                      reject_rbl_client bl.spamcop.net
                      permit

                      Is it the right approach?

                      If not, kindly suggest me correct approach that I can use on Postfix conf files or mail filters to deal with such persistent emails.

                      Please help

                      Thanks in advance
                      Ashish Sharma
                    • Wietse Venema
                      ... You are asking why the Postfix smtp SERVER is RECEIVING this message repeatedly. Instead, I sugggest that you find out why the remote smtp CLIENT is
                      Message 10 of 16 , Oct 30, 2010
                        Sharma, Ashish:
                        > The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@...' with same message-ID on my production mail servers, following are my postfix logs:
                        >
                        > "Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: connect from webmail.warwick.net[204.255.24.104]
                        > Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: 2EAAF23004C: client=webmail.warwick.net[204.255.24.104]
                        > Oct 25 01:11:02 g2t0433g postfix/cleanup[6579]: 2EAAF23004C: message-id=<CE130ED7-D498-4461-B076-E3B8AB55B462@...>
                        > Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): webmail.warwick.net [204.255.24.104] not internal Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): not authenticated Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing domain match for `warwick.net'
                        > Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing subdomain match for `warwick.net'
                        > Oct 25 01:11:02 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: from=<peter**@...>, size=1987, nrcpt=1 (queue active) Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: disconnect from webmail.warwick.net[204.255.24.104]

                        You are asking why the Postfix smtp SERVER is RECEIVING this message
                        repeatedly. Instead, I sugggest that you find out why the remote
                        smtp CLIENT is SENDING this message repeatedly.

                        Wietse
                      • Sharma, Ashish
                        Wietse, Thanks for the reply. The suggestion that you have given is already being worked out in the team. Meanwhile I am also trying to explore what other
                        Message 11 of 16 , Oct 30, 2010
                          Wietse,

                          Thanks for the reply. The suggestion that you have given is already being worked out in the team.

                          Meanwhile I am also trying to explore what other options I can have, maybe if every now and then I start facing such a situation/problem repeatedly.

                          Thanks
                          Ashish

                          -----Original Message-----
                          From: owner-postfix-users@... [mailto:owner-postfix-users@...] On Behalf Of Wietse Venema
                          Sent: Saturday, October 30, 2010 5:54 PM
                          To: Postfix users
                          Subject: Re: Correction in Postconf output: Persistent mails being received

                          Sharma, Ashish:
                          > The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@...' with same message-ID on my production mail servers, following are my postfix logs:
                          >
                          > "Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: connect from webmail.warwick.net[204.255.24.104]
                          > Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: 2EAAF23004C: client=webmail.warwick.net[204.255.24.104]
                          > Oct 25 01:11:02 g2t0433g postfix/cleanup[6579]: 2EAAF23004C: message-id=<CE130ED7-D498-4461-B076-E3B8AB55B462@...>
                          > Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): webmail.warwick.net [204.255.24.104] not internal Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): not authenticated Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing domain match for `warwick.net'
                          > Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing subdomain match for `warwick.net'
                          > Oct 25 01:11:02 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: from=<peter**@...>, size=1987, nrcpt=1 (queue active) Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: disconnect from webmail.warwick.net[204.255.24.104]

                          You are asking why the Postfix smtp SERVER is RECEIVING this message
                          repeatedly. Instead, I sugggest that you find out why the remote
                          smtp CLIENT is SENDING this message repeatedly.

                          Wietse
                        • Wietse Venema
                          ... In my simplistic view you can approach this in two ways. 1) If you are a technical person, you address the problem at the source (the system that sends the
                          Message 12 of 16 , Oct 30, 2010
                            Sharma, Ashish:
                            > Wietse,
                            >
                            > Thanks for the reply. The suggestion that you have given is already
                            > being worked out in the team.
                            >
                            > Meanwhile I am also trying to explore what other options I can
                            > have, maybe if every now and then I start facing such a
                            > situation/problem repeatedly.

                            In my simplistic view you can approach this in two ways.

                            1) If you are a technical person, you address the problem at the
                            source (the system that sends the same message repeatedly).

                            2) If you are a politician, it is more important that you create
                            the illusion that you are working on a solution (don't just
                            stand there, do something), and kiss enough babies.

                            I can't help you with the second approach.

                            Wietse
                          • sunhux G
                            On our Linux RHES4.x box, I ve seen a vendor issuing telnet localhost 25 helo ... subject... ... content ... quit (or exit or end?) to send out mails to say
                            Message 13 of 16 , Oct 31, 2010

                              On our Linux RHES4.x box, I've seen a vendor issuing
                              "telnet localhost 25"
                              helo ...
                              subject...
                              ... content ...
                              quit (or exit or end?)

                              to send out mails to say a yahoo addr from our Linux box.

                              I'll need the exact commands in a Shell script to send email
                               to xxxx@... & yyyy@... with a log file attached
                              to it.


                              Tks
                              U
                            • Jeroen Geilman
                              ... I have no idea what you mean. Also, do not respond to individual list subscribers. Reply to the list. -- J.
                              Message 14 of 16 , Oct 31, 2010
                                On 10/31/2010 03:21 PM, sunhux G wrote:
                                On our Linux RHES4.x box, I've seen a vendor issuing
                                "telnet localhost 25"
                                helo ...
                                subject...
                                ... content ...
                                quit (or exit or end?)

                                to send out mails to say a yahoo addr from our Linux box.

                                I'll need the exact commands in a Shell script to send email
                                 to xxxx@... & yyyy@... with a log file attached
                                to it.


                                I have no idea what you mean.

                                Also, do not respond to individual list subscribers. Reply to the list.

                                -- 
                                J.
                                
                              • Dieter Kluenter
                                ... I don t know what you are talking about, but you probably want to read RFC-2821, section 4 -Dieter -- Dieter Klünter | Systemberatung sip:
                                Message 15 of 16 , Oct 31, 2010
                                  sunhux G <sunhux@...> writes:

                                  > On our Linux RHES4.x box, I've seen a vendor issuing
                                  > "telnet localhost 25"
                                  > helo ...
                                  > subject...
                                  > ... content ...
                                  > quit (or exit or end?)
                                  >
                                  > to send out mails to say a yahoo addr from our Linux box.
                                  >
                                  > I'll need the exact commands in a Shell script to send email
                                  >  to xxxx@... & yyyy@... with a log file attached
                                  > to it.

                                  I don't know what you are talking about, but you probably want to read
                                  RFC-2821, section 4

                                  -Dieter

                                  --
                                  Dieter Klünter | Systemberatung
                                  sip: 7770535@...
                                  http://www.dpunkt.de/buecher/2104.html
                                  GPG Key ID:8EF7B6C6
                                • Michael Orlitzky
                                  ... I believe you re looking for the sendmail command.
                                  Message 16 of 16 , Nov 1, 2010
                                    On 10/31/2010 10:21 AM, sunhux G wrote:
                                    >
                                    > I'll need the exact commands in a Shell script to send email
                                    > to xxxx@... <mailto:xxxx@...> & yyyy@...
                                    > <mailto:yyyy@...> with a log file attached
                                    > to it.

                                    I believe you're looking for the 'sendmail' command.
                                  Your message has been successfully submitted and would be delivered to recipients shortly.