|
List Info
Thread: postfix -> amavis -> postfix (BOUNCE-why?)
|
|
| postfix -> amavis -> postfix
(BOUNCE-why?) |
 
Germany |
2007-04-19 06:34:06 |
This mail came in, was checked by amavis, and then bounced
by postfix. The
problem I have is finding out why.
It looks to me as though amavis has said the mail has not
been delivered
(why?), and then postfix said it has bounced it (why?).
Neither question is answered by the entire mail.log entries
below, (the
configured /var/log/amavis.log is _empty_), or am I missing
something obvious
here...?
Apr 14 10:01:13 blix postfix/smtpd[2311]: connect from
pf1.SoftPoint.de[195.30.164.129]
Apr 14 10:01:13 blix postfix/smtpd[2311]: C6E011417765:
client=pf1.SoftPoint.de[195.30.164.129]
Apr 14 10:01:13 blix postfix/cleanup[2329]: C6E011417765:
message-id=<200704140631.IAA12948 pf1.softpoint.de>
Apr 14 10:01:13 blix postfix/qmgr[2190]: C6E011417765:
from=<DorfBuchiiv.de>,
size=659, nrcpt=1 (queue active)
Apr 14 10:01:14 blix postfix/smtpd[2203]: connect from
unknown[80.73.90.210]
Apr 14 10:01:14 blix postfix/smtpd[2337]: connect from
localhost[127.0.0.1]
Apr 14 10:01:14 blix postfix/smtpd[2337]: 646D81419F3A:
client=localhost[127.0.0.1]
Apr 14 10:01:14 blix postfix/cleanup[2329]: 646D81419F3A:
message-id=<DSN01963-03blix.example.com>
Apr 14 10:01:14 blix postfix/qmgr[2190]: 646D81419F3A:
from=<>, size=3981,
nrcpt=1 (queue active)
Apr 14 10:01:14 blix postfix/smtpd[2337]: disconnect from
localhost[127.0.0.1]
Apr 14 10:01:14 blix amavis[1963]: (01963-03) Not-Delivered,
<DorfBuchiiv.de>
-> <catherinelocalhost>, Message-ID:
<200704140631.IAA12948pf1.softpoint.de>, Hits:
0.124
Apr 14 10:01:14 blix postfix/smtp[2330]: C6E011417765:
to=<catherinelocalhost>,
orig_to=<catherine.buchrfi.net>,
relay=127.0.0.1
[127.0.0.1], delay=1, status=sent (250 2.5.0 Ok,
id=01963-03, BOUNCE)
Apr 14 10:01:14 blix postfix/qmgr[2190]: C6E011417765:
removed
I get a lot of valid rejects, with the reason in the log
file, but this
undescribed bounce is a bit confusing.
TIA for any suggestions.
--
Richard Foley
Ciao - shorter than aufwiedersehen
http://www.rfi.net/
ps. Please resend any bounced or unanswered emails.
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
| Re: postfix -> amavis -> postfix
(BOUNCE-why?) |
 
United States |
2007-04-19 09:13:10 |
Richard wrote:
> This mail came in, was checked by amavis, and then
bounced by postfix. The
> problem I have is finding out why.
> It looks to me as though amavis has said the mail has
not been delivered
> (why?), and then postfix said it has bounced it (why?).
> Neither question is answered by the entire mail.log
entries below, (the
> configured /var/log/amavis.log is _empty_), or am I
missing something obvious
> here...?
> Apr 14 10:01:13 blix postfix/smtpd[2311]: connect from
> pf1.SoftPoint.de[195.30.164.129]
> Apr 14 10:01:13 blix postfix/smtpd[2311]: C6E011417765:
> client=pf1.SoftPoint.de[195.30.164.129]
> Apr 14 10:01:13 blix postfix/cleanup[2329]:
C6E011417765:
> message-id=<200704140631.IAA12948pf1.softpoint.de>
> Apr 14 10:01:13 blix postfix/qmgr[2190]: C6E011417765:
from=<DorfBuchiiv.de>,
> size=659, nrcpt=1 (queue active)
> Apr 14 10:01:14 blix postfix/smtpd[2203]: connect from
unknown[80.73.90.210]
> Apr 14 10:01:14 blix postfix/smtpd[2337]: connect from
localhost[127.0.0.1]
> Apr 14 10:01:14 blix postfix/smtpd[2337]: 646D81419F3A:
> client=localhost[127.0.0.1]
> Apr 14 10:01:14 blix postfix/cleanup[2329]:
646D81419F3A:
> message-id=<DSN01963-03blix.example.com>
> Apr 14 10:01:14 blix postfix/qmgr[2190]: 646D81419F3A:
from=<>, size=3981,
> nrcpt=1 (queue active)
> Apr 14 10:01:14 blix postfix/smtpd[2337]: disconnect
from localhost[127.0.0.1]
> Apr 14 10:01:14 blix amavis[1963]: (01963-03)
Not-Delivered, <DorfBuchiiv.de>
->> <catherinelocalhost>, Message-ID:
> <200704140631.IAA12948pf1.softpoint.de>, Hits:
0.124
> Apr 14 10:01:14 blix postfix/smtp[2330]: C6E011417765:
> to=<catherinelocalhost>,
orig_to=<catherine.buchrfi.net>,
relay=127.0.0.1
> [127.0.0.1], delay=1, status=sent (250 2.5.0 Ok,
id=01963-03, BOUNCE)
> Apr 14 10:01:14 blix postfix/qmgr[2190]: C6E011417765:
removed
> I get a lot of valid rejects, with the reason in the
log file, but this
> undescribed bounce is a bit confusing.
> TIA for any suggestions.
Off hand it looks like amavis bounced this. Do you bounce
bad headers?
What version of amavisd-new? What are these set to?:
$final_virus_destiny
$final_banned_destiny
$final_spam_destiny
$final_bad_header_destiny
Did DorfBuch(at)iiv.de receive a bounce notice and if so,
what did it
say? It's interesting that whatever this person sent is very
small:
size=659
Gary V
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
| Re: postfix -> amavis -> postfix
(BOUNCE-why?) |
 
Slovenia |
2007-04-19 10:16:37 |
> blix postfix/smtp[2330]: C6E011417765:
> to=<catherinelocalhost>,
orig_to=<catherine.buchrfi.net>,
> relay=127.0.0.1 [127.0.0.1], delay=1,
> status=sent (250 2.5.0 Ok, id=01963-03, BOUNCE)
> Off hand it looks like amavis bounced this.
Possibly, but not necessarily.
Bouncing was the *_destiny of choice (which results in
BOUNCE
in the SMTP response), but could have been suppressed by
either
of the two:
- spam score exceeding $sa_dsn_cutoff_level, or
- virus name matching the viruses_that_fake_sender_maps
(which implies all viruses by the default setting)
Mark
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
| Re: postfix -> amavis -> postfix
(BOUNCE-why?) |
Germany |
2007-04-19 11:04:41 |
On Thursday 19 April 2007 16:13, Gary V wrote:
>
> Off hand it looks like amavis bounced this. Do you
bounce bad headers?
>
No idea - I mean amavis looks like it has a
bad_header_destiny, but not a
bad_header_switch. You can tell I'm a newbie to amavis,
right ?-)
> What version of amavisd-new?
>
$> grep VERSION /usr/sbin/amavisd-new
use vars qw(ISA EXPORT EXPORT_OK %EXPORT_TAGS
$VERSION);
$VERSION = '1.15';
> What are these set to?:
>
> $final_virus_destiny
> $final_banned_destiny
> $final_spam_destiny
> $final_bad_header_destiny
>
$final_virus_destiny = D_DISCARD; # (defaults to
D_BOUNCE)
$final_banned_destiny = D_REJECT; # (defaults to
D_BOUNCE)
$final_spam_destiny = D_REJECT; # (defaults to
D_REJECT)
$final_bad_header_destiny = D_BOUNCE; # (defaults to
D_PASS), D_BOUNCE
suggested
Yep, looks like a 'bad_header', but surely there would be a
message something
like:
"bad header - BOUNCing from DorfBuch...."
or some such, somewhere? And I see nothing like that in the
logs, hence the
question 
> Did DorfBuch(at)iiv.de receive a bounce notice and if
so, what did it
> say? It's interesting that whatever this person sent is
very small:
> size=659
>
I'm waiting for a copy of the bounce.
--
Richard Foley
Ciao - shorter than aufwiedersehen
http://www.rfi.net/
ps. Please resend any bounced or unanswered emails.
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
| Re: postfix -> amavis -> postfix
(BOUNCE-why?) |
United States |
2007-04-19 11:25:25 |
Richard wrote:
> On Thursday 19 April 2007 16:13, Gary V wrote:
>>
>> Off hand it looks like amavis bounced this. Do you
bounce bad headers?
>>
> No idea - I mean amavis looks like it has a
bad_header_destiny, but not a
> bad_header_switch. You can tell I'm a newbie to
amavis, right ?-)
Yes, you do:
$final_bad_header_destiny = D_BOUNCE;
>> What version of amavisd-new?
>>
> $> grep VERSION /usr/sbin/amavisd-new
> use vars qw(ISA EXPORT EXPORT_OK
%EXPORT_TAGS $VERSION);
> $VERSION = '1.15';
This appears to be 20030616p10
>> What are these set to?:
>>
>> $final_virus_destiny
>> $final_banned_destiny
>> $final_spam_destiny
>> $final_bad_header_destiny
>>
> $final_virus_destiny = D_DISCARD; # (defaults to
D_BOUNCE)
> $final_banned_destiny = D_REJECT; # (defaults to
D_BOUNCE)
> $final_spam_destiny = D_REJECT; # (defaults to
D_REJECT)
> $final_bad_header_destiny = D_BOUNCE; # (defaults to
D_PASS), D_BOUNCE
> suggested
If you are using Postfix, I would suggest using D_BOUNCE
instead of
D_REJECT
I would suggest:
$final_bad_header_destiny = D_PASS;
> Yep, looks like a 'bad_header', but surely there would
be a message something
> like:
> "bad header - BOUNCing from
DorfBuch...."
> or some such, somewhere? And I see nothing like that
in the logs, hence the
> question
>> Did DorfBuch(at)iiv.de receive a bounce notice and
if so, what did it
>> say? It's interesting that whatever this person
sent is very small:
>> size=659
>>
> I'm waiting for a copy of the bounce.
Gary V
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
| Re: postfix -> amavis -> postfix
(BOUNCE-why?) |
Germany |
2007-04-19 12:47:33 |
On Thursday 19 April 2007 18:25, Gary V wrote:
>
> > $final_virus_destiny = D_DISCARD; # (defaults
to D_BOUNCE)
> > $final_banned_destiny = D_REJECT; # (defaults
to D_BOUNCE)
> > $final_spam_destiny = D_REJECT; # (defaults
to D_REJECT)
> > $final_bad_header_destiny = D_BOUNCE; # (defaults
to D_PASS), D_BOUNCE
> > suggested
>
> If you are using Postfix, I would suggest using
D_BOUNCE instead of
> D_REJECT
>
I am using postfix, but I'm not sure, whether you mean for
banned_destiny, or
spam_destiny?
> I would suggest:
> $final_bad_header_destiny = D_PASS;
>
Ok - will go with your suggestion here, and see what happens
next time, thanks
Gary.
I'm still a bit suspicious that there was so little info in
the logs, though.
--
Richard Foley
Ciao - shorter than aufwiedersehen
http://www.rfi.net/
ps. Please resend any bounced or unanswered emails.
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
| Re: postfix -> amavis -> postfix
(BOUNCE-why?) |
United States |
2007-04-19 13:41:52 |
Richard wrote:
> On Thursday 19 April 2007 18:25, Gary V wrote:
>>
>> > $final_virus_destiny = D_DISCARD; #
(defaults to D_BOUNCE)
>> > $final_banned_destiny = D_REJECT; #
(defaults to D_BOUNCE)
>> > $final_spam_destiny = D_REJECT; #
(defaults to D_REJECT)
>> > $final_bad_header_destiny = D_BOUNCE; #
(defaults to D_PASS), D_BOUNCE
>> > suggested
>>
>> If you are using Postfix, I would suggest using
D_BOUNCE instead of
>> D_REJECT
>>
> I am using postfix, but I'm not sure, whether you mean
for banned_destiny, or
> spam_destiny?
Both. With D_REJECT you are asking Postfix to create a
bounce
notification. With D_BOUNCE amavisd-new creates a much more
informative message. Personally however I would not bounce
spam. I D_DISCARD it to prevent creation of a bounce notice
(but I have a sufficiently high kill_level). If you *are*
bouncing
spam, then at least cut off bounces at some level (which you
may already be doing):
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN
is not sent,
# effectively turning D_BOUNCE
into D_DISCARD;
# undef disables this feature
and is a default;
>> I would suggest:
>> $final_bad_header_destiny = D_PASS;
>>
> Ok - will go with your suggestion here, and see what
happens next time, thanks
> Gary.
> I'm still a bit suspicious that there was so little
info in the logs, though.
You can raise $log_level for a little while. Try 2. Newer
versions of
amavisd-new are likely to be more informative too.
Gary V
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
| Re: postfix -> amavis -> postfix
(BOUNCE-why?) |
United States |
2007-04-20 08:57:48 |
Matthias wrote:
>>>>> $final_virus_destiny = D_DISCARD;
# (defaults to D_BOUNCE)
>>>>> $final_banned_destiny = D_REJECT;
# (defaults to D_BOUNCE)
>>>>> $final_spam_destiny = D_REJECT;
# (defaults to D_REJECT)
>>>>> $final_bad_header_destiny = D_BOUNCE;
# (defaults to D_PASS), D_BOUNCE
>>>>> suggested
>>>> If you are using Postfix, I would suggest
using D_BOUNCE instead of
>>>> D_REJECT
>>>>
>>> I am using postfix, but I'm not sure, whether
you mean for banned_destiny, or
>>> spam_destiny?
>>
>> Both. With D_REJECT you are asking Postfix to
create a bounce
>> notification. With D_BOUNCE amavisd-new creates a
much more
>> informative message. Personally however I would not
bounce
>> spam. I D_DISCARD it to prevent creation of a
bounce notice
>> (but I have a sufficiently high kill_level). If you
*are* bouncing
>> spam, then at least cut off bounces at some level
(which you may already be doing):
> Do i understand it?. Is it cause of amavis not seeing
the envelope,
> maybe producing backscatter, or i am missing
something.
> cmiiw.
I'm not sure exactly what you are asking. Amavis sees
envelope
sender and recipients but the envelope sender may be forged
and for
spam mail it almost always is forged. Bounce notices to
forged senders
is backscatter. Bounce notices to real senders is not.
Gary V
------------------------------------------------------------
-------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and
take
control of your XML. No limits. Just data. Click to get it
now.
http://sourcefor
ge.net/powerbar/db2/
_______________________________________________
AMaViS-user mailing list
AMaViS-userlists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amav
is.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/ho
wto/
|
|
[1-8]
|
|