-----Original Message----- From: postfix-users-bounces@de.postfix.org [mailto:postfix-users-bounces@de.postfix.org] On Behalf Of Andres Gonzalez Pareja Sent: Saturday, April 25, 2009 11:27 PM To: Mailing-Liste der deutschsprachigen Postfix Gemeinschaft Subject: Re: [postfix-users] Postfix lasst mail ohne From zu.
Uwe Driessen wrote:
On Behalf Of Andres Gonzalez Pareja Hallo alle zusammen.
Ich verstehe nicht warum unser Mailgateway Mail mit lehren FROM in manchen fällen zulasst.
Das gehört zum Spiel. Sender non delivery usw. werden darüber ausgetauscht
Das hier ist mein postconf -n output:
Und nun folgt ein Ausschnitt vom postfix-debug-mail-log:
Fahr mal deine vvvv zurück so was macht man nur wenn man das wirklich braucht. Schickt mal einen normalen maillog auszug (von beginn des connect bis zum connection close) In der Regel kann man bei solchen "Fehlern" das ohne vvvv erkennen.
Die Beschreibung wo dein "wirkliches" Problem liegt wäre hilfreicher.
Hast du Probleme mit unerwünschten Mails? Dann sucht man evtl. mal in deinen
Restriktionen
ob da die eine oder andere Prüfung noch hilfreich ist.
Hallo Uwe, Danke für die Antwort.
Das Problem ist das diese Email nicht zugestellt werden darf weil die domain nicht existiert, das gelingt auch in 3 von 4 versuchten Sendungen in der gleichen conection nur eins davon nicht. Deshalb auch das debug-log. Du siehst "NOQUEUE: reject" aber in der 6en Linie wird trotzdem einmal zugestellt. Hofe kannst mir weiterhelfen.
Hier ein normales log:
Apr 19 00:25:06 mx53 postfix/smtpd[23734]: connect from 68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD] Apr 19 00:25:07 mx53 postfix/smtpd[23734]: NOQUEUE: reject: RCPT from 68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD]: 450 4.1.8 root@server.AAAAAA.org: Sender address rejected: Domain not found; from=root@server.AAAAAA.org to=hans@aaaaaaaaa.aa proto=ESMTP helo=<server.AAAAAA.org> Apr 19 00:25:07 mx53 postfix/smtpd[23734]: CC7AB400A1: client=68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD] Apr 19 00:25:08 mx53 postfix/cleanup[23856]: CC7AB400A1: message- id=200904150614.n3F6EbU0022638@server.AAAAAA.org Apr 19 00:25:08 mx53 postfix/qmgr[2864]: CC7AB400A1: from=<>, size=3262, nrcpt=1 (queue active) Apr 19 00:25:08 mx53 postfix/smtp[23857]: CC7AB400A1: to=hans@aaaaaaaaa.aa, relay=ddd.dd.ddd.d[ddd.dd.ddd.d]:25, delay=0.83, delays=0.8/0/0.01/0.03, dsn=2.0.0, status=sent (250 2.0.0 n3IMPGXT030509 Message accepted for delivery) Apr 19 00:25:08 mx53 postfix/qmgr[2864]: CC7AB400A1: removed Apr 19 00:25:08 mx53 postfix/smtpd[23734]: NOQUEUE: reject: RCPT from 68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD]: 450 4.1.8 root@server.AAAAAA.org: Sender address rejected: Domain not found; from=root@server.AAAAAA.org to=hans@aaaaaaaaa.aa proto=ESMTP helo=<server.AAAAAA.org> Apr 19 00:25:09 mx53 postfix/smtpd[23734]: NOQUEUE: reject: RCPT from 68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD]: 450 4.1.8 root@server.AAAAAA.org: Sender address rejected: Domain not found; from=root@server.AAAAAA.org to=hans@aaaaaaaaa.aa proto=ESMTP helo=<server.AAAAAA.org> Apr 19 00:25:09 mx53 postfix/smtpd[23734]: NOQUEUE: reject: RCPT from 68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD]: 450 4.1.8 root@server.AAAAAA.org: Sender address rejected: Domain not found; from=root@server.AAAAAA.org to=hans@aaaaaaaaa.aa proto=ESMTP helo=<server.AAAAAA.org> Apr 19 00:25:10 mx53 postfix/smtpd[23734]: NOQUEUE: reject: RCPT from 68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD]: 450 4.1.8 root@server.AAAAAA.org: Sender address rejected: Domain not found; from=root@server.AAAAAA.org to=hans@aaaaaaaaa.aa proto=ESMTP helo=<server.AAAAAA.org> Apr 19 00:25:10 mx53 postfix/smtpd[23734]: disconnect from 68.AAA-AAA-AAA- AAA.staticIP.AAAA.net[DDD.DD.DDD.DD]
Diese Maskierungen machen es ungleich schwerer das log zu lesen.
Wie viele Domains sind dahinter, gehören die alle zu Hauptdomain? Sind das virtualdomains oder Relaydomains zu denen da zugestellt werden soll/wird?
relay_domains (default: $mydestination) What destination domains (and subdomains thereof) this system will relay mail to. Subdomain matching is controlled with the parent_domain_matches_subdomains parameter. For details about how the relay_domains value is used, see the description of the permit_auth_destination and reject_unauth_destination SMTP recipient restrictions.
Domains that match $relay_domains are delivered with the $relay_transport mail delivery transport. The SMTP server validates recipient addresses with $relay_recipient_maps and rejects non-existent recipients. See also the relay domains address class in the ADDRESS_CLASS_README file.
Note: Postfix will not automatically forward mail for domains that list this system as their primary or backup MX host. See the permit_mx_backup restriction in the postconf(5) manual page.
Specify a list of host or domain names, "/file/name" patterns or "type:table" lookup tables, separated by commas and/or whitespace. Continue long lines by starting the next line with whitespace. A "/file/name" pattern is replaced by its contents; a "type:table" lookup table is matched when a (parent) domain appears as lookup key. Specify "!pattern" to exclude a domain from the list. The form "!/file/name" is supported only in Postfix version 2.4 and later.
Verwendest du irgendwo catchall oder Adressrewriting's? (master.cf, Amavis einträge überprüfen)
Du hast den Parameter unverified_recipient_reject_code noch auf dem default 450 stehen
Mit unverified_recipient_reject_code = 550 werden ungültige Adressen sofort abgewiesen
reject_unverified_recipient Reject the request when mail to the RCPT TO address is known to bounce, or when the recipient address destination is not reachable. Address verification information is managed by the verify(8) server; see the ADDRESS_VERIFICATION_README file for details.
The unverified_recipient_reject_code parameter specifies the numerical response code when an address is known to bounce (default: 450, change into 550 when you are confident that it is safe to do so). The unverified_recipient_defer_code parameter specifies the numerical response code when an address probe failed due to a temporary problem (default: 450). The unverified_recipient_tempfail_action parameter specifies the action after addres probe failure due to a temporary problem (default: defer_if_permit). This feature is available in Postfix 2.1 and later.
Schau die auch mal die Parameter smtpd_soft_error_limit = smtpd_hard_error_limit = smtpd_error_sleep_time = unknown_client_reject_code unknown_address_reject_code unknown_hostname_reject_code unknown_client_reject_code an
http://www.postfix.org/postconf.5.html
smtpd_sender_restrictions = reject_non_fqdn_sender, check_sender_access hash:/etc/postfix/sender_access, reject_unknown_sender_domain
die Sender restriktionen leeren und in den recipient_restriktionen einarbeiten.
z.B. smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_non_fqdn_recipient, reject_unknown_recipient_domain, check_sender_access hash:/etc/postfix/sender_access, reject_unknown_sender_domain, permit_mynetworks, reject_unauth_destination, check_sender_access hash:/etc/postfix/sender_access, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_rbl_client zen.spamhaus.org, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org
Mit freundlichen Grüßen
Drießen