HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   Undelivered Mail Returned to Sender (http://www.howtoforge.com/forums/showthread.php?t=46161)

djmixx07 27th May 2010 08:53

Undelivered Mail Returned to Sender
 
Hi,
I've been getting THOUSANDS of emails that says "Undelivered Mail Returned to Sender". Last weekend I got like 24k+ of mails of these things. Most of them has nothing inside it when I open it, it doesn't even have details on it's subject headers. I tried to do some research for prevention of spam emails for my Postfix's main.cf, but I still get these emails. Besides this, I also get emails mostly from a brazilian domain..some of them always mention "Bradesco" which I don't know what that is. And one last weird thing that happens to my mailbox..when I try to send a test mail to my email, I receive it and it seems to look normal in my inbox.. but when I open it, it's a whole different email which isn't the one I sent to myself.

My mailq also has been always filled with tons of these mails that delays receiving/sending of "real" emails aswell..

I hope you guys can help me on this..it's been a month and it's driving me crazy. I'm kindof a novice when it comes to this, but I'm willing to learn. My email has catchAll enabled because it's a 'postmaster' account. Thanks in advance.

Here's my main.cf
Code:

myhostname = mail.mydomain.ph
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mydestination = /etc/postfix/local-host-names
relayhost =
home_mailbox =
mynetworks = 127.0.0.0/8, 124.6.144.0/29
mailbox_command =
mailbox_size_limit = 0
message_size_limit = 104857600
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname, reject_non_fqdn_hostname, reject_rbl_client zen.spamhaus.org, reject_rbl_client multihop.dsbl.org, reject_rhsbl_sender dsn.fc-ignorant.org, check_policy_service inet:127.0.0.1:60000, permit
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
virtual_maps = hash:/etc/postfix/virtusertable
#virtual_alias_maps = hash:/etc/postfix/virtual
mydomain = immigration.gov.ph
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit
smtpd_helo_restrictions = reject_unknown_helo_hostname
smtpd_sender_restrictions = reject_unknown_address, reject_unknown_sender_domain
maximal_queue_lifetime = 1d
delay_warning_time = 0h
smtpd_helo_required = yes
disable_vrfy_command = yes

Kindly,
DJ Delos Santos

clucian 27th May 2010 13:31

What type of auth do you use ?

In your main.cf don't see this line:
Code:

smtpd_client_restrictions = check_client_access hash:/etc/postfix/access, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org

djmixx07 28th May 2010 05:13

Quote:

Originally Posted by clucian (Post 229375)
What type of auth do you use ?

In your main.cf don't see this line:
Code:

smtpd_client_restrictions = check_client_access hash:/etc/postfix/access, permit_mynetworks, permit_sasl_authenticated, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org

I have a quite long "smtpd_client_restrictions" line. Did you mean "check_client_access hash:/etc/postfix/access"? What does it do? I don't have a folder named "access" inside postfix, is that ok? Thanks for the response. :)

clucian 28th May 2010 05:43

check_client_access hash:/etc/postfix/access -- this option is used if you want to ban some ip or domain, insert one line like this in /etc/postfix/access

89.89.89.89 REJECT
84.84.84.84 OK

if some ip is blacklisted and you want to accept mail from this ip.
See this link http://www.postfix.com/RESTRICTION_CLASS_README.html

Can you paste some logs ?

djmixx07 28th May 2010 09:06

Quote:

Originally Posted by clucian (Post 229441)
check_client_access hash:/etc/postfix/access -- this option is used if you want to ban some ip or domain, insert one line like this in /etc/postfix/access

89.89.89.89 REJECT
84.84.84.84 OK

if some ip is blacklisted and you want to accept mail from this ip.
See this link http://www.postfix.com/RESTRICTION_CLASS_README.html

Can you paste some logs ?

Im sorry for being too novice about this, just to make it clearer for me. :)
..this is for me to block the .br domains that keep sending me stuff, right? Is /etc/postfix/access a file I can write on? I don't seem to have that under my /etc/postfix/ folder.

Anyway here's my mail.log after I put check_client_access hash:/etc/postfix/access..
Code:

May 28 14:47:43 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:48:43 mail postfix/smtpd[21373]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:48:43 mail postfix/smtpd[21373]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:48:44 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21373 exit status 1
May 28 14:48:44 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:49:44 mail postfix/smtpd[21388]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:49:44 mail postfix/smtpd[21388]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:49:45 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21388 exit status 1
May 28 14:49:45 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:50:45 mail postfix/smtpd[21403]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:50:45 mail postfix/smtpd[21403]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:50:46 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21403 exit status 1
May 28 14:50:46 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:51:46 mail postfix/smtpd[21433]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:51:46 mail postfix/smtpd[21433]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:51:47 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21433 exit status 1
May 28 14:51:47 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:52:47 mail postfix/smtpd[21448]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:52:47 mail postfix/smtpd[21448]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:52:48 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21448 exit status 1
May 28 14:52:48 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:53:48 mail postfix/smtpd[21465]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:53:48 mail postfix/smtpd[21465]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:53:49 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21465 exit status 1
May 28 14:53:49 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:54:49 mail postfix/smtpd[21487]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:54:49 mail postfix/smtpd[21487]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:54:50 mail pop3d: Connection, ip=[::ffff:119.111.72.126]
May 28 14:54:50 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21487 exit status 1
May 28 14:54:50 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:54:52 mail pop3d: LOGIN, user=web1_binoc, ip=[::ffff:119.111.72.126], port=[5022]
May 28 14:54:55 mail pop3d: LOGOUT, user=web1_binoc, ip=[::ffff:119.111.72.126], port=[5022], top=0, retr=0, rcvd=24, sent=2999, time=3
May 28 14:55:50 mail postfix/smtpd[21505]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:55:50 mail postfix/smtpd[21505]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:55:51 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21505 exit status 1
May 28 14:55:51 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:56:35 mail pop3d: Connection, ip=[::ffff:203.177.28.67]
May 28 14:56:35 mail pop3d: Connection, ip=[::ffff:203.177.28.67]
May 28 14:56:35 mail pop3d: LOGIN, user=web1_postmaster, ip=[::ffff:203.177.28.67], port=[46410]
May 28 14:56:35 mail pop3d: LOGIN, user=web1_anarciso, ip=[::ffff:203.177.28.67], port=[46411]
May 28 14:56:35 mail pop3d: LOGOUT, user=web1_anarciso, ip=[::ffff:203.177.28.67], port=[46411], top=0, retr=0, rcvd=12, sent=39, time=0
May 28 14:56:35 mail pop3d: LOGOUT, user=web1_postmaster, ip=[::ffff:203.177.28.67], port=[46410], top=0, retr=0, rcvd=12, sent=39, time=0
May 28 14:56:51 mail postfix/smtpd[21527]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:56:51 mail postfix/smtpd[21527]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:56:52 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21527 exit status 1
May 28 14:56:52 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling
May 28 14:57:52 mail postfix/smtpd[21546]: warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
May 28 14:57:52 mail postfix/smtpd[21546]: fatal: open database /etc/postfix/access.db: No such file or directory
May 28 14:57:53 mail postfix/master[16730]: warning: process /usr/lib/postfix/smtpd pid 21546 exit status 1
May 28 14:57:53 mail postfix/master[16730]: warning: /usr/lib/postfix/smtpd: bad command startup -- throttling

my log doesn't look good I know, hope we can fix this. Thanks

Btw, another problem, my domain seems to be blocked by Yahoo. It gives out this error:
Code:

May 28 11:16:49 mail postfix/smtp[5951]: 1F6F0D1BF4: to=<sakun_mgm@yahoo.co.in>, relay=in32.mxauth.yahoo.com[202.86.5.24]:25, delay=63162, delays=63162/0.01/0.61/0, dsn=4.7.1, status=deferred (host in32.mxauth.yahoo.com[202.86.5.24] refused to talk to me: 421 4.7.1 [TS03] All messages from 124.6.144.118 will be permanently deferred; Retrying will NOT succeed.
This maybe one of the reasons why I'm getting "Undelivered Mail Returned to Sender" emails.

Thanks again

clucian 28th May 2010 09:29

For this problem
Quote:

warning: database /etc/postfix/virtusertable.db is older than source file /etc/postfix/virtusertable
After you edit file /etc/postfix/virtusertable you MUST type the command
Code:

postmap /etc/postfix/virtusertable
with this command you will solve this problem.

You can create the file /etc/postfix/access, and after you will create this file or modify do NOT forget to run command:
Code:

postmap /etc/postfix/access
For problem with yahoo check if your port 25 in your server mail is filtred or DROP on chain FORWARD in iptables.
Check wich user send more mail, with you, or spam.
Check your ip if it's blacklisted, see this link: http://www.mxtoolbox.com/SuperTool.aspx

djmixx07 2nd June 2010 04:30

IP blacklisted?
 
I checked the link you gave me http://www.mxtoolbox.com/SuperTool.aspx and my IP is blocked on two(2) lists! Dunno how this happened because our email is a legit government email. So this is probably why our mails to yahoo is being deffered. Please help..thanks

falko 2nd June 2010 18:21

Make sure that you are no open relay ( http://www.spamhelp.org/shopenrelay/ ) and then contact the blacklist maintainers and ask them to remove your IP.

MxToolBox 4th June 2010 18:31

Dealing with Blacklists can be very frustrating, but that is where we can help!

If you are having problems sending to major ISPs, we would recommend checking:
Blacklists - Choose the Detail button next to any that you are listed on for more details. If you need more info on what a Blacklist is, read this blog post.
MX Records
Reverse DNS records
SMTP Diagnostics - this tool checks for Open Relay, HELO response and more.

This is a great start to make sure that your mail is being delivered accurately and on time. Keep in mind that while you may pass all of these tests each recipient server administrator can adjust their mail filters however they like, which might end up putting your mail in the Junk folder. It is really up to the users of the system to give feedback to their administrators so that filters can be adjusted accordingly.

@MxToolBox

djmixx07 7th June 2010 10:16

Blacklist
 
Hi,
The tests seem normal..no open relays as well. But my IP is still blacklisted on two lists, SORBS-SPAM and UCEPROTECTL1. SORBS-SPAM is even asking money for them to remove us from their list. I'm unable to determine now if what's still wrong or if there's still really a problem with my server. I'm completely lost now on what to do next. Hope you guys can help me on this.

I'm now considering changing the IP of my mail server if it will solve it. But if there is still a way to solve this, I will rather cross that path. Thanks guys.

Kindly,
DJ Delos Santos


All times are GMT +2. The time now is 15:56.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.