| sean finney on 22 Oct 2003 08:14:02 -0400 |
|
hi jon, On Tue, Oct 21, 2003 at 10:54:39AM -0400, Jon Nelson wrote: > I get occasional relay attempts on my server, but they have all been > rejected. Today I noticed these entries and I am a little concerned. a passing attempt at using you as a relay results in failure: sativa[~]07:53:06$ nc linuxnotes.net 25 220 muffin.linuxnotes.net ESMTP Postfix helo sativa.seanius.net 250 muffin.linuxnotes.net mail from: seanius@seanius.net 250 Ok rcpt to: seanius@seanius.net 554 <seanius@seanius.net>: Recipient address rejected: Relay access denied data 554 Error: no valid recipients quit 221 Bye sativa[~]07:54:31$ nc linuxnotes.net 25 220 muffin.linuxnotes.net ESMTP Postfix helo sativa.seanius.net 250 muffin.linuxnotes.net mail from: nonexistant@linuxnotes.net 250 Ok rcpt to: seanius@seanius.net 554 <seanius@seanius.net>: Recipient address rejected: Relay access denied quit 221 Bye > Oct 20 17:02:54 muffin postfix/nqmgr[1080]: 1864324122: > from=<IIhBJUcUr@iris.seed.net.tw>, size=2654, nrcpt=2 (queue active) Oct > 20 17:02:54 muffin postfix/nqmgr[1080]: 1864324122: > to=<--quincy@linuxnotes.net>, relay=none, delay=2, status=bounced (invalid > recipient syntax: "--quincy@linuxnotes.net") > > **Above I get the email from seed.net.tw w/ 2 recipients and one gets > bounced. i believe this is because one may have been refused outright, and the other made it past your initial checks (something@linuxnotes.net). sativa[~]08:00:15$ nc linuxnotes.net 25 220 muffin.linuxnotes.net ESMTP Postfix helo sativa.seanius.net 250 muffin.linuxnotes.net mail from: seanius@seanius.net 250 Ok rcpt to: --quincy@linuxnotes.net 250 Ok rcpt to: seanius@seanius.net 554 <seanius@seanius.net>: Recipient address rejected: Relay access denied data 354 End data with <CR><LF>.<CR><LF> looks like this email got through the first check, but it will probably bounce because a bogus to address . 250 Ok: queued as 845C2244F2 quit 221 Bye so postfix is accepting emails for invalid users at linuxnotes.net, which may or may not be fixable depending on your setup, though not a horrible problem (just wastes some cpu cycles and bandwidth, noone gets spammed). does linuxnotes.net have a 1:1 relationship with unix accounts and email addresses? if so you can tell postfix to only accept emails for valid email addresses? i believe the setting is reject_unauth_destination assigned to one of the smtpd_foo_restrictions, you'll need to double check that. the true test would be if you recieved that email. did you? :) > > Oct 20 17:02:55 muffin postfix/pipe[26963]: 1864324122: > to=<quincy@linuxnotes.net>, relay=cyrus, delay=3, status=sent > (muffin.linuxnotes.net) > > **Then next one is recieved (probably spam) > > Oct 20 17:02:55 muffin postfix/cleanup[26959]: 0AA16244F5: > message-id=<20031020210255.0AA16244F5@muffin.linuxnotes.net> > > Oct 20 17:02:55 muffin postfix/nqmgr[1080]: 0AA16244F5: from=<>, > size=4322, nrcpt=1 (queue active) > > **Mail accepted from ? (seed.net.tw) w/ 1 recipient > > Oct 20 17:02:55 muffin postfix/smtpd[26958]: disconnect from > 218-172-206-249.HINET-IP.hinet.net[218.172.206.249] > > Oct 20 17:02:56 muffin postfix/smtp[26966]: 0AA16244F5: > to=<IIhBJUcUr@iris.seed.net.tw>, relay=mx.seed.net.tw[139.175.54.239], > delay=1, status=bounced (host mx.seed.net.tw[139.175.54.239] said: 55 0 > unknown user) > > **Relay attempted and bounced only because of unknown user at > mx.seed.net.tw. my take on this is that the mail itself wasn't relayed, but that the bounce email is bouncing. don't take my word for it though, i just woke up. postmaster should have gotten the bounce for message-id=<20031020210255.0AA16244F5@muffin.linuxnotes.net>. what's in it? sean Attachment:
pgpugIxM36ggD.pgp
|
|