Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 12th May 2009, 12:53
maikcat maikcat is offline
Junior Member
 
Join Date: May 2009
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

the local_recipient_maps option in your
set the
local_recipient_maps =
this will accept mail for whatever user (exist or not)
combine it with
luser_relay = testaccount@yourdomain.com

this will stop bounced back messages...

the side effect is that if someone mistypes a valid mail account
he will never get notification back from you with his error.... :s


cheers,
Reply With Quote
Sponsored Links
  #12  
Old 12th May 2009, 22:41
bzzik bzzik is offline
Member
 
Join Date: Aug 2008
Posts: 67
Thanks: 1
Thanked 2 Times in 2 Posts
Default

maikcat sry - I have not provided all main.cf file. I have it like this at the moment:

Quote:
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
mydomain = mydomain.lv
inet_interfaces = all
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.3.3/samples
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
smtpd_sasl_local_domain = s2.mydomain.lv
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject _unauth_destination
mynetworks = 127.0.0.0/8
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
myhostname = s2.mydomain.lv
home_mailbox = Maildir/
mailbox_command =

virtual_maps = hash:/etc/postfix/virtusertable

mydestination = /etc/postfix/local-host-names

message_size_limit = 40960000
Do you really think I need to set local_recipient_maps to empty value? This will turn off local recipient checking
Reply With Quote
  #13  
Old 14th May 2009, 15:17
maikcat maikcat is offline
Junior Member
 
Join Date: May 2009
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

yes it will turn off local recipient check,

the reason i believe you need this is for avoiding spammers
to querie your mail server for valid users (they also use VRFY and EXPN commands as well).

the use of luser_relay is for creating a bucket ,so that your system
will never try to send back mail telling that the x mailbox doesnt exists,
the drawback of this approach is that if a valid user sends mail to one
of yours account but he mistyped his mail,he will never know that his
mail never reached the intended recipient, the advantage is that
your queue will never be full with postfix trying to send back notifications
to spammers (who will probably provided erroneous from: address..)

cheers,
Reply With Quote
  #14  
Old 25th June 2009, 13:46
matiasCU matiasCU is offline
Member
 
Join Date: Apr 2007
Posts: 57
Thanks: 5
Thanked 2 Times in 2 Posts
Default bzzik your problem was solved?

Hi bzzik:
Could you solve the bounce problem?

I'm having apparentry the same problem, that it is killing my server.

Hi maikcat:
The
Look this:

Quote:
Jun 25 07:28:08 server1 postfix/smtp[10056]: 072DF121DA3: to=<flint@sunbeach.net>, relay=mail1.sunbeach.net[64.119.192.31]:25, delay=130988, delays=130853/131/2.6/0.77, dsn=5.0.0, status=bounced (host mail1.sunbeach.net[64.119.192.31] said: 553 sorry, the recipient in not a valid user on this domain (#5.7.1) (in reply to RCPT TO command))
Jun 25 07:28:08 server1 postfix/smtp[10056]: 072DF121DA3: to=<flj4@sunbeach.net>, relay=mail1.sunbeach.net[64.119.192.31]:25, delay=130988, delays=130853/131/2.6/0.84, dsn=5.0.0, status=bounced (host mail1.sunbeach.net[64.119.192.31] said: 553 sorry, the recipient in not a valid user on this domain (#5.7.1) (in reply to RCPT TO command))
Jun 25 07:28:08 server1 postfix/smtp[10056]: 072DF121DA3: to=<flood@sunbeach.net>, relay=mail1.sunbeach.net[64.119.192.31]:25, delay=130988, delays=130853/131/2.6/0.93, dsn=5.0.0, status=bounced (host mail1.sunbeach.net[64.119.192.31] said: 553 sorry, the recipient in not a valid user on this domain (#5.7.1) (in reply to RCPT TO command))
Jun 25 07:28:07 server1 postfix/smtp[9324]: 0BA06120557: to=<jmoore@services.dese.state.mo.us>, relay=none, delay=143242, delays=143104/132/6.8/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=services.dese.state.mo.us type=MX: Host not found, try again)
Jun 25 07:28:07 server1 postfix/smtp[9330]: 081B0121669: host sunbeach.net.s6b2.psmtp.com[64.18.5.14] refused to talk to me: 451 not currently accepting mail from your ip - psmtp
Jun 25 07:33:22 server1 postfix/smtp[9010]: 363C5120060: to=<anitamraff@netscape.net>, relay=mailin-04.mx.aol.com[205.188.159.216]:25, delay=183943, delays=183880/0.88/26/36, dsn=4.0.0, status=deferred (host mailin-04.mx.aol.com[205.188.159.216] said: 421 SERVICE NOT AVAILABLE, TEMPORARY DNS FAILURE (in reply to MAIL FROM command))
Jun 25 07:33:23 server1 postfix/smtp[9010]: 363C5120060: to=<millielea@netscape.net>, relay=mailin-04.mx.aol.com[205.188.159.216]:25, delay=183943, delays=183880/0.88/26/36, dsn=4.0.0, status=deferred (host mailin-04.mx.aol.com[205.188.159.216] said: 421 SERVICE NOT AVAILABLE, TEMPORARY DNS FAILURE (in reply to MAIL FROM command))
Jun 25 07:33:24 server1 postfix/smtp[10108]: 363C5120060: host mail.ureach.com[63.150.151.36] said: 451 4.1.8 Domain of sender address info@mslottery.com does not resolve (in reply to MAIL FROM command)
Jun 25 07:33:24 server1 postfix/smtp[8853]: DCA07120026: host mail-in.freeserve.com[193.252.22.185] said: 450 4.1.8 <info@mslottery.com>: Sender address rejected: Domain not found (in reply to RCPT TO command)
Jun 25 07:33:24 server1 postfix/smtp[10035]: 972F0121C04: to=<rickdias.bbs@engbbs.ust.hk>, relay=mx2.ust.hk[143.89.14.128]:25, delay=123940, delays=123844/0.32/57/38, dsn=4.7.1, status=deferred (host mx2.ust.hk[143.89.14.128] said: 450 4.7.1 <rickdias.bbs@engbbs.ust.hk>... server [engbbs.ust.hk] for <rickdias.bbs@engbbs.ust.hk> not answering (in reply to RCPT TO command))
Jun 25 07:33:24 server1 postfix/smtp[9981]: 363C5120060: to=<jhenn29@wmconnect.com>, relay=mailin-02.mx.aol.com[64.12.138.120]:25, delay=183942, delays=183880/2.9/46/14, dsn=4.0.0, status=deferred (host mailin-02.mx.aol.com[64.12.138.120] said: 421 SERVICE NOT AVAILABLE, TEMPORARY DNS FAILURE (in reply to MAIL FROM command))
This would be the solution?
local_recipient_maps =
luser_relay = someuser@mydomain.tld

Thanks
Reply With Quote
  #15  
Old 26th June 2009, 14:04
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Are you trying to relay through another server? Take a look here: http://www.howtoforge.com/postfix_re...her_mailserver
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #16  
Old 26th June 2009, 16:41
matiasCU matiasCU is offline
Member
 
Join Date: Apr 2007
Posts: 57
Thanks: 5
Thanked 2 Times in 2 Posts
Default

Hi Falko:
No. I'm doing direct from my server, I'm not using relay. Why ask this?

I think the attack is Backscatter for the messages I have in the queue of deferred look this:
Quote:
T 5 10 20 40 80 160 320 640 1280 1280+
TOTAL 16908 0 0 1 0 0 0 184 4 7 16712
yahoo.com 3665 0 0 0 0 0 0 149 0 0 3516
emirates.net.ae 2982 0 0 0 0 0 0 1 0 0 2981
bellsouth.net 1729 0 0 0 0 0 0 3 0 0 1726
comcast.net 1469 0 0 0 0 0 0 0 0 0 1469
freenet.columbus.oh.us 294 0 0 0 0 0 0 1 0 0 293
sunbeach.net 270 0 0 0 0 0 0 2 0 0 268
adelphia.net 202 0 0 0 0 0 0 0 0 0 202
verizon.net 150 0 0 0 0 0 0 0 0 0 150
tampabay.rr.com 108 0 0 0 0 0 0 0 0 0 108
cfl.rr.com 88 0 0 0 0 0 0 0 0 0 88
knology.net 83 0 0 0 0 0 0 0 0 0 83
mslottery.com 74 0 0 1 0 0 0 1 4 7 61
scf.usc.edu 70 0 0 0 0 0 0 0 0 0 70
aludra.usc.edu 66 0 0 0 0 0 0 0 0 0 66
nc.rr.com 62 0 0 0 0 0 0 0 0 0 62
rochester.rr.com 62 0 0 0 0 0 0 0 0 0 62
engbbs.ust.hk 61 0 0 0 0 0 0 1 0 0 60
twcny.rr.com 60 0 0 0 0 0 0 0 0 0 60
aol.com 57 0 0 0 0 0 0 0 0 0 57

I've made the changes mentioned maikcat, also erased the deferred queue, with postsuper -d ALL deferred command.
Apparently now the queue is empty, but I have to continue to monitor the operation of the server.
Quote:
#qshape deferred
T 5 10 20 40 80 160 320 640 1280 1280+
TOTAL 25 0 0 0 0 0 0 0 0 0 25
comcast.net 5 0 0 0 0 0 0 0 0 0 5
cs.com 2 0 0 0 0 0 0 0 0 0 2
aol.com 1 0 0 0 0 0 0 0 0 0 1
....
Reply With Quote
  #17  
Old 27th June 2009, 19:41
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Do your domains have proper A and MX records? What about SPF and PTR records?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #18  
Old 3rd July 2009, 23:26
matiasCU matiasCU is offline
Member
 
Join Date: Apr 2007
Posts: 57
Thanks: 5
Thanked 2 Times in 2 Posts
Default

Sry for the delay... Yes I have A, MX, and txt SPF record for the domain.
The only thing I can get to be in the unusual configuration is that I have 2 MX records plus, that not responding "the concept of nolisting"

site.com. 86400 IN MX 5 dummy1.site.com.
site.com. 86400 IN MX 10 mail.site.com.
site.com. 86400 IN MX 20 dummy2.site.com.

dummy1.site.com. 86400 IN A 190.xx.yy.z1
mail.site.com. 86400 IN A 190.xx.yy.z2
dummy2.site.com. 86400 IN A 190.xx.yy.z3

site.com. 86400 IN TXT "v=spf1 ip4:190.xx.yy.z2 a mx ptr ~all"


Obviously in dummy1 and dummy2 I don't have mail server.
Reply With Quote
  #19  
Old 4th July 2009, 13:42
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Please delete the MX records for
site.com. 86400 IN MX 5 dummy1.site.com.
site.com. 86400 IN MX 20 dummy2.site.com.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #20  
Old 14th July 2009, 15:49
matiasCU matiasCU is offline
Member
 
Join Date: Apr 2007
Posts: 57
Thanks: 5
Thanked 2 Times in 2 Posts
 
Default

Please tell me why should I delete?

Tks
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Postfix not responding to telnet CarbonCopy Server Operation 6 8th May 2009 05:39
Undelivered Mail Returned to Sender Error202 General 5 7th May 2009 11:14
localhost postfix/master: fatal: bind 127.0.0.1 port 125: Permission denied g18c Installation/Configuration 4 24th March 2009 17:39
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 03:46.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.