Loading...

postfix-users@postfix.org

[Prev] Thread [Next]  |  [Prev] Date [Next]

Re: How do i stop DFN backscater Przemysław.Orzechowski Mon Feb 20 04:01:01 2012

On Mon, 20 Feb 2012 04:30:55 -0600, Stan Hoeppner <[EMAIL PROTECTED]>
wrote:
> On 2/20/2012 12:10 AM, Przemysław.Orzechowski wrote:
> 
>> One of my clients made a setup that all her mails are forwarded to
remote
>> ISP
>> Unfortunatly i noticed that sometimes i get 450 error from destination
>> ISP
>> this triggers Delivery Failure Notice wich is naturally sent to this
ISP
> 
> 450 is a temporary error return code telling the sending MTA to retry
> later.  A failure notice should only be generated after the sending MTA
> continues receiving the 450s and continues retrying, until the sending
> MTA exceeds its retry interval, at which point the failure notice is
> generated.  Is this what is occurring?
> 
>> Is there a way to stop this endless loop ?
> 
> There should be no loop.  Either you did a poor job of explaining the
> problem, or I'm doing a poor job deciphering your description.  Or your
> server is misconfigured.
> 
>> Im using postfix 2.5.8 
>> Im tryin to setup a prce filter that compares To: field with message
body
>> where is the info about Delayed mail to [EMAIL PROTECTED] and try to siscard
>> mail
>> if the email from body maches the email from To field but somehow i
cant
>> figure the right regexp
> 
> I don't think such a filter is the solution.  As always, it would be
> helpful if you posted relevant logging of the problem and your 'postconf
> -n' output so we can see the actual problem.

postconf -n bellow

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_size_limit = 85000
broken_sasl_auth_clients = yes
command_time_limit = 500s
config_directory = /etc/postfix
daemon_timeout = 900s
default_destination_concurrency_limit = 2
default_destination_recipient_limit = 3000
default_process_limit = 25
delay_warning_time = 4
deliver_lock_attempts = 15
deliver_lock_delay = 3s
disable_vrfy_command = yes
duplicate_filter_limit = 500
fork_attempts = 15
fork_delay = 3s
hash_queue_depth = 3
header_checks = regexp:/etc/postfix/header_checks
header_size_limit = 102400000
home_mailbox = Maildir/
html_directory = /usr/share/doc/postfix/html
initial_destination_concurrency = 2
ipc_idle = 60s
ipc_timeout = 900s
line_length_limit = 4092
local_destination_concurrency_limit = 12
mail_version = 2.X
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
max_idle = 65s
max_use = 50
maximal_backoff_time = 7200s
maximal_queue_lifetime = 2d
message_size_limit = 102400000
minimal_backoff_time = 600s
mydestination = panel2.net4u.pl, localhost
myhostname = panel2.net4u.pl
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 212.191.134.72
91.218.156.38
myorigin = /etc/mailname
qmgr_message_active_limit = 6000
qmgr_message_recipient_limit = 900
queue_minfree = 1024000000
queue_run_delay = 600s
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
sender_bcc_maps = hash:/etc/postfix/bcc
smtp_connect_timeout = 120s
smtp_data_done_timeout = 120s
smtp_data_init_timeout = 60s
smtp_data_xfer_timeout = 60s
smtp_destination_concurrency_limit = 3
smtp_destination_recipient_limit = 3500
smtp_helo_timeout = 120s
smtp_mail_timeout = 60s
smtp_pix_workaround_delay_time = 30s
smtp_quit_timeout = 60s
smtp_rcpt_timeout = 60s
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = send email not spam
smtpd_discard_ehlo_keywords = silent-discard, dsn
smtpd_error_sleep_time = 120s
smtpd_hard_error_limit = 40
smtpd_helo_required = yes
smtpd_recipient_limit = 3500
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated
reject_unauth_destination check_client_access
cidr:/etc/postfix/drop-ip-list check_policy_service inet:127.0.0.1:60000
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_soft_error_limit = 35
smtpd_timeout = 1800s
smtpd_tls_cert_file = /etc/ssl/makolab/star_makolab_pl.crt
smtpd_tls_key_file = /etc/ssl/makolab/star_makolab_pl.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
trigger_timeout = 30s
virtual_alias_maps = hash:/etc/postfix/virtual

The actual email redirect is done in procmail filter ie all mails going to
[EMAIL PROTECTED] are redirected to [EMAIL PROTECTED] and
[EMAIL PROTECTED]
Destinaton server responds as follows
Snippet from logs

Feb 19 10:47:27 panel2 postfix/smtp[10854]: 56F7A8ED0DC:
to=<[EMAIL PROTECTED]>, relay=mx.poczta.onet.pl[213.180.147.146]:25,
conn_use=7, delay=24703, delays=22811/1887/0.02/5.3, dsn=4.7.1,
status=deferred (host mx.poczta.onet.pl[213.180.147.146] said: 450 4.7.1
<[EMAIL PROTECTED]>: Recipient address rejected: Sender address
deferred by rule #CR-IN-DEF-2 (in reply to RCPT TO command))
Feb 19 10:47:27 panel2 dovecot: POP3([EMAIL PROTECTED]): Disconnected:
Logged out top=0/0, retr=0/0, del=0/999, size=614191410
Feb 19 10:47:27 panel2 postfix/smtp[12360]: 560128EC302:
to=<[EMAIL PROTECTED]>, relay=mx.poczta.onet.pl[213.180.147.146]:25,
conn_use=2, delay=3975, delays=2083/1887/0.02/5.3, dsn=4.7.1,
status=deferred (host mx.poczta.onet.pl[213.180.147.146] said: 450 4.7.1
<[EMAIL PROTECTED]>: Recipient address rejected: Sender address
deferred by rule #CR-IN-DEF-2 (in reply to RCPT TO command))

as this state continues longer than four hours a notice Delay info is
generated wich is sent to external host wich generates another 450 error
and so forth. 
I cant disable Delivery Delay notifications globally as other clients use
them so is there any way to disable them for this account or drop them
before they are sent out ?

Hope this explanation is clear enough.