Loading ...
Sorry, an error occurred while loading the content.

Re: Is postfix misconfiguration to send to wrong domain?

Expand Messages
  • Robert Lopez
    That was a fast response Jan. Thanks. Is the overall situation suggestive of any misconfiguration here? ... -- Robert Lopez Unix Systems Administrator Central
    Message 1 of 9 , Apr 11, 2013
    • 0 Attachment
      That was a fast response Jan. Thanks. Is the overall situation suggestive of any misconfiguration here?


      On Thu, Apr 11, 2013 at 1:22 PM, Jan P. Kessler <postfix@...> wrote:
      Hi,


      And these are the logfile lines for our sending of the non-delivery notice we sent. One item in these log lines I do not understand at all is "relay=server50.appriver.com[204.232.236.138]:25". I do not understand where were that information is sourced. It looks to me that we sent the non-delivery to a wrong location.

      No, that is correct. Source of that routing information is the MX record for the target domain:

      # host -t mx ors-cpa.com
      ors-cpa.com mail is handled by 10 server50.appriver.com.
      ors-cpa.com mail is handled by 20 server51.appriver.com.




      --
      Robert Lopez
      Unix Systems Administrator
      Central New Mexico Community College (CNM)
      525 Buena Vista SE
      Albuquerque, New Mexico 87106
    • Noel Jones
      ... [please don t top-post] It appears you re generating a bounce for spam. Don t do that; the spam sender address is often forged causing your notice to go
      Message 2 of 9 , Apr 11, 2013
      • 0 Attachment
        On 4/11/2013 2:42 PM, Robert Lopez wrote:
        > That was a fast response Jan. Thanks. Is the overall situation
        > suggestive of any misconfiguration here?

        [please don't top-post]

        It appears you're generating a bounce for spam. Don't do that; the
        spam sender address is often forged causing your notice to go to
        some innocent third party.

        This makes you a backscatter source. As a backscatter source, your
        queue can become clogged with undeliverable bounces and your server
        may be blacklisted by others.

        With an after queue content filter, the only valid choice you have
        is to tag and deliver the message (or in some cases, discard it, but
        that's not legal some places and not good practice everywhere else).




        -- Noel Jones




        >
        >
        > On Thu, Apr 11, 2013 at 1:22 PM, Jan P. Kessler
        > <postfix@... <mailto:postfix@...>> wrote:
        >
        > Hi,
        >
        >
        >> And these are the logfile lines for our sending of the
        >> non-delivery notice we sent. One item in these log lines I do
        >> not understand at all is "relay=server50.appriver.com
        >> <http://server50.appriver.com>[204.232.236.138]:25". I do not
        >> understand where were that information is sourced. It looks to
        >> me that we sent the non-delivery to a wrong location.
        >
        > No, that is correct. Source of that routing information is the
        > MX record for the target domain:
        >
        > # host -t mx ors-cpa.com <http://ors-cpa.com>
        > ors-cpa.com <http://ors-cpa.com> mail is handled by 10
        > server50.appriver.com <http://server50.appriver.com>.
        > ors-cpa.com <http://ors-cpa.com> mail is handled by 20
        > server51.appriver.com <http://server51.appriver.com>.
        >
        >
        >
        >
        > --
        > Robert Lopez
        > Unix Systems Administrator
        > Central New Mexico Community College (CNM)
        > 525 Buena Vista SE
        > Albuquerque, New Mexico 87106
      • Robert Lopez
        ... Is postscreen able to identify email as spam to prevent bouncing it? Is there a way to alter my postfix configuration to prevent bouncing it? -- Robert
        Message 3 of 9 , Apr 11, 2013
        • 0 Attachment



          On Thu, Apr 11, 2013 at 2:23 PM, Noel Jones <njones@...> wrote:
          On 4/11/2013 2:42 PM, Robert Lopez wrote:
          > That was a fast response Jan. Thanks. Is the overall situation
          > suggestive of any misconfiguration here?

          [please don't top-post]

          It appears you're generating a bounce for spam.  Don't do that; the
          spam sender address is often forged causing your notice to go to
          some innocent third party.

          This makes you a backscatter source.  As a backscatter source, your
          queue can become clogged with undeliverable bounces and your server
          may be blacklisted by others.

          With an after queue content filter, the only valid choice you have
          is to tag and deliver the message (or in some cases, discard it, but
          that's not legal some places and not good practice everywhere else).




            -- Noel Jones




          >
          >
          > On Thu, Apr 11, 2013 at 1:22 PM, Jan P. Kessler
          > <postfix@... <mailto:postfix@...>> wrote:
          >
          >     Hi,
          >
          >
          >>     And these are the logfile lines for our sending of the
          >>     non-delivery notice we sent. One item in these log lines I do
          >>     not understand at all is "relay=server50.appriver.com
          >>     <http://server50.appriver.com>[204.232.236.138]:25". I do not
          >>     understand where were that information is sourced. It looks to
          >>     me that we sent the non-delivery to a wrong location.
          >
          >     No, that is correct. Source of that routing information is the
          >     MX record for the target domain:
          >
          >     # host -t mx ors-cpa.com <http://ors-cpa.com>
          >     ors-cpa.com <http://ors-cpa.com> mail is handled by 10
          >     server50.appriver.com <http://server50.appriver.com>.
          >     ors-cpa.com <http://ors-cpa.com> mail is handled by 20
          >     server51.appriver.com <http://server51.appriver.com>.
          >
          >
          >
          >
          > --
          > Robert Lopez
          > Unix Systems Administrator
          > Central New Mexico Community College (CNM)
          > 525 Buena Vista SE
          > Albuquerque, New Mexico 87106


          Is postscreen able to identify email as spam to prevent bouncing it? Is there a way to alter my postfix configuration to prevent bouncing it?

          --
          Robert Lopez
          Unix Systems Administrator
          Central New Mexico Community College (CNM)
          525 Buena Vista SE
          Albuquerque, New Mexico 87106
        • Jan P. Kessler
          ... This is not a matter of spam detection . You have to verify for valid (means existing) recipients *before* you accept mail. Look for
          Message 4 of 9 , Apr 11, 2013
          • 0 Attachment
            > Is postscreen able to identify email as spam to prevent bouncing it?
            > Is there a way to alter my postfix configuration to prevent bouncing it?

            This is not a matter of 'spam detection'. You have to verify for valid
            (means existing) recipients *before* you accept mail.

            Look for reject_unlisted_recipient or reject_unverified_recipients in
            the postfix docs.
          • Wietse Venema
            ... Both postscreen and a before-queue content filter block mail before it is allowed into the Postfix queue. Postfix will therefore not return such mail to
            Message 5 of 9 , Apr 11, 2013
            • 0 Attachment
              Robert Lopez:
              > Is postscreen able to identify email as spam to prevent bouncing it? Is
              > there a way to alter my postfix configuration to prevent bouncing it?

              Both postscreen and a before-queue content filter block mail before
              it is allowed into the Postfix queue.

              Postfix will therefore not return such mail to the (usually) forged
              sender.

              http://www.postfix.org/SMTPD_PROXY_README.html

              Wietse
            • Jan P. Kessler
              ... To be more precise: - verify your recipients - do not reject mails by content filters (as said: use prequeue filters or tag spam mails) - and most
              Message 6 of 9 , Apr 11, 2013
              • 0 Attachment
                >> Is postscreen able to identify email as spam to prevent bouncing it?
                >> Is there a way to alter my postfix configuration to prevent bouncing it?
                > This is not a matter of 'spam detection'. You have to verify for valid
                > (means existing) recipients *before* you accept mail.
                >
                > Look for reject_unlisted_recipient or reject_unverified_recipients in
                > the postfix docs.

                To be more precise:
                - verify your recipients
                - do not reject mails by content filters (as said: use prequeue filters
                or tag spam mails)
                - and most important: do not rewrite recipients to non existing
                third-party accounts (here: google)!

                Apr 11 05:15:23 mg04 postfix/smtp[28222]: 152B0661BC5:
                to=<mmoody7@...-google-a.com
                <mailto:mmoody7@...-google-a.com>>, orig_to=<mmoody7@...
                <mailto:mmoody7@...>>, relay=gmail-smtp-in.l.google.com
                <http://gmail-smtp-in.l.google.com>[173.194.76.26]:25, delay=13,
                delays=9.3/0/0.22/3.2, dsn=5.1.1, status=bounced (host
                gmail-smtp-in.l.google.com
                <http://gmail-smtp-in.l.google.com>[173.194.76.26] said: 550-5.1.1 The
                email account that you tried to reach does not exist. Please try
                550-5.1.1 double-checking the recipient's email address for typos or
                550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
                http://support.google.com/mail/bin/answer.py?answer=6596
                j8si3846254qaz.28 - gsmtp (in reply to RCPT TO command))
              • LuKreme
                ... to be clear, do not bounce emails based on content filters AFTER the SMTP transaction. You can certainly reject email based on any criteria you wish during
                Message 7 of 9 , Apr 11, 2013
                • 0 Attachment
                  On Apr 11, 2013, at 15:56, "Jan P. Kessler" <postfix@...> wrote:
                  > do not reject mails by content filters (as said: use prequeue filters
                  > or tag spam mails)

                  to be clear, do not bounce emails based on content filters AFTER the SMTP transaction. You can certainly reject email based on any criteria you wish during the SMTP phase.

                  In fact, anymore, bouncing mail at all is more trouble than it is worth. Any criteria that would cause an email to bounce should be checked before the SMTP phase closes and cause a reject instead.
                Your message has been successfully submitted and would be delivered to recipients shortly.