Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: [SOLVED] smtpd_reject_unlisted_recipient ignored

  1. #1
    stl
    stl is offline Member
    Join Date
    Oct 2005
    Location
    West Hollywood, CA
    Posts
    10
    Rep Power
    9

    Default [SOLVED] smtpd_reject_unlisted_recipient ignored

    We're running the 5.0.8 NE Professional for reference. I've begun to run into the issue where NDR backscatter is to the volume that it gets us placed on blacklists. Looking at the Postfix config and the forum I found that smtpd_reject_unlisted_recipient is turned off by default. However after enabling the option and both reloading Postfix and restarting the full suite, it still isn't working as intended. Here's an example after having enabled the option:

    Code:
    Nov 18 16:00:56 mail postfix/smtpd[28210]: B5D995D70032: client=unwired.iowalab.com[192.168.xxx.xxx], sasl_method=PLAIN, sasl_username=xxxxx
    Nov 18 16:00:56 mail postfix/cleanup[30184]: B5D995D70032: message-id=<476513E7-2254-4A5F-B774-B5828B43ED5F@wiredrive.com>
    Nov 18 16:00:56 mail postfix/qmgr[27031]: B5D995D70032: from=<xxxxx@wiredrive.com>, size=2179, nrcpt=1 (queue active)
    Nov 18 16:00:56 mail postfix/smtp[4238]: B5D995D70032: to=<guh@mail.iowalab.com>, orig_to=<guh@iowalab.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.19, delays=0.01/0/0/0.18, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as E1D8D5D7004F)
    Nov 18 16:00:56 mail postfix/qmgr[27031]: B5D995D70032: removed
    
    Nov 18 16:00:56 mail postfix/smtpd[30206]: E1D8D5D7004F: client=localhost.localdomain[127.0.0.1]
    Nov 18 16:00:56 mail postfix/cleanup[30183]: E1D8D5D7004F: message-id=<476513E7-2254-4A5F-B774-B5828B43ED5F@wiredrive.com>
    Nov 18 16:00:56 mail postfix/qmgr[27031]: E1D8D5D7004F: from=<xxxxx@wiredrive.com>, size=2766, nrcpt=1 (queue active)
    Nov 18 16:00:56 mail postfix/error[705]: E1D8D5D7004F: to=<guh@mail.iowalab.com>, relay=none, delay=0.01, delays=0/0/0/0, dsn=5.0.0, status=bounced (mail.iowalab.com)
    Nov 18 16:00:56 mail postfix/bounce[4249]: E1D8D5D7004F: sender non-delivery notification: E392F5D70051
    Nov 18 16:00:56 mail postfix/qmgr[27031]: E1D8D5D7004F: removed
    Despite the setting in Postfix to reject on an unknown user ('guh' in this case) what appears to be happening is that the message is accepted anyway and then handed off to a second queue running on the localhost IP, which determines the user is non-existent and bounces back the NDR. Is there a known fix for this situation, or am I to just make a catchall and blackhole all invalids?

  2. #2
    bradb21's Avatar
    bradb21 is offline Advanced Member
    Join Date
    Aug 2007
    Location
    Chicago Area, USA
    Posts
    189
    Rep Power
    7

    Default

    I have my Zimbra server behind an another spam filter (I don't use the spam features in Zimbra). I've gone ahead and changed that setting to "YES" and have to do it everytime I do an upgrade. If I don't do this when my spam server ends up accepting emails for accounts that do not exist (which doesn't work for me).
    Release 6.0.2_GA_1912.UBUNTU8_64 UBUNTU8_64 NETWORK edition + Mobile Option
    Activesync with Moto Q9C, HTC Touch Pro, Palm Pro, & Palm Pre

  3. #3
    Paolo is offline Member
    Join Date
    Aug 2008
    Posts
    14
    Rep Power
    6

    Default

    Same problem with 5.0.10 NE.
    If I type
    postconf | grep smtpd_reject_unlisted_recipient
    I get:
    smtpd_reject_unlisted_recipient = yes

    But the "deferred list" is still full of emails coming from mailer-daemon.

    Paolo

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,505
    Rep Power
    57

    Default

    It works fine for me (and always has done):

    Code:
    Nov 19 12:01:37 chinook postfix/smtpd[14386]: NOQUEUE: reject: RCPT from 201-0-152-32.dial-up.telesp.net.br[201.0.152.32]: 550 5.1.1 <dlg@domain.com>: Recipient address rejected: domain.com; from=<dlg@popsound.com> to=<dlg@domain.com> proto=SMTP helo=<Compras>
    Do you, by any chance, have a catchall mail address specified? That set-up would, of course, override your 'reject' setting.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    Paolo is offline Member
    Join Date
    Aug 2008
    Posts
    14
    Rep Power
    6

    Default

    Yes I'm using few catchall mail address.
    I've added them using this command:
    zmprov cd alias.domian.com zimbraDomainType alias zimbraMailCatchAllAddress @alias.domian.com zimbraMailCatchAllForwardingAddress @domain.com

    Is there a way to use smtpd_reject_unlisted_recipient also with catchall mail address?

    Thanks in advance.

    Paolo

  6. #6
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,505
    Rep Power
    57

    Default

    Quote Originally Posted by Paolo View Post
    Is there a way to use smtpd_reject_unlisted_recipient also with catchall mail address?
    No, there's is no way to use both features. By definition a 'catchall' is a valid email address and will catch everything that doesn't have a 'valid' email address on your server - that's why spammers love them and they're not recommended. The only time to use a catchall address is during a migration using Split Domain set-up and then it should be removed once that's complete.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    stl
    stl is offline Member
    Join Date
    Oct 2005
    Location
    West Hollywood, CA
    Posts
    10
    Rep Power
    9

    Default

    In my case I am not using a catchall address and I'm trying to avoid doing so. I am however using a domain alias, could that be what is causing my enabling of smtpd_reject_unlisted_recipient to seemingly be ignored? iowalab.com is aliased to the configured domain of mail.iowalab.com which can be seen in the first portion of the delivery log in orig_to.

  8. #8
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,505
    Rep Power
    57

    Default

    Have you ever had a catchall on this server? Check if there's a domain one set with the following:

    Code:
    zmprov gd yourdomain.com | grep CatchAll
    Check all the domains on your server.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #9
    plan9 is offline Loyal Member
    Join Date
    Apr 2006
    Posts
    76
    Rep Power
    9

    Default

    I have a similar issue with a CatchAll. I have longdomainname.com, then I have a shortdomainname.com (much easier to type, spell, and remember) as a CatchAll. However, I still need to keep longdomainname.com.

    Is a CatchAll the wrong way to handle this?

  10. #10
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,505
    Rep Power
    57

    Default

    Quote Originally Posted by plan9 View Post
    I have a similar issue with a CatchAll. I have longdomainname.com, then I have a shortdomainname.com (much easier to type, spell, and remember) as a CatchAll. However, I still need to keep longdomainname.com.
    You have a similar situation to what? Are you trying to use the smtpd_reject_unlisted_recipient option?

    Quote Originally Posted by plan9 View Post
    Is a CatchAll the wrong way to handle this?
    Yes, if you're trying to reject unlisted recipients for the reason I've stated above - you can't have a catchall and accept mail for non-existent users because there's is no such thing with a catchall set. Perhaps if you explain what you're trying to achieve with the catchall I could understand you question better.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •