LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page Postfix RBL Bounce Messages must die!
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
LinkBack Search this Thread
Old 08-02-2006, 12:06 PM   #1
thewonka
Member
 
Registered: Feb 2005
Location: Cambs UK/San Diego US/Tijuana MX
Distribution: Slackware/Debian!
Posts: 53

Rep: Reputation: 15
Unhappy Postfix RBL Bounce Messages must die!

Is there a way to stop those darn rbl postfix bounce messages, most spam gets blocked using them and postfix sends each and every FAKE sender a message, useless... i get emails from diferent postmasters asking me to turn it off but i cant figure out how.. y tried softbounce but that didn't do it.

Any body know of a way to do it, do i have to change the error code or something for those rejects.

Cheers
Allan
 
Old 08-02-2006, 03:11 PM   #2
Child of Wonder
Member
 
Registered: Jul 2004
Location: Sioux Falls, SD
Distribution: Debian, Ubuntu, Fedora, Red Hat
Posts: 69

Rep: Reputation: 16
What's your main.cf file look like?
 
Old 08-03-2006, 11:43 AM   #3
thewonka
Member
 
Registered: Feb 2005
Location: Cambs UK/San Diego US/Tijuana MX
Distribution: Slackware/Debian!
Posts: 53

Original Poster
Rep: Reputation: 15
Cool
Here it is ^_^ any help or any comment to optimize is welcome aswell
Quote:
## IDENTITY ##

mail_name = (CENSORED)

## ORIGIN ##

myorigin = /etc/mailname
mydomain = (CENSORED)
myhostname = (CENSORED)
mydestination = (CENSORED), localhost.localdomain, localhost
mynetworks = (CENSORED)

## INET ##

inet_interfaces = (CENSORED)
inet_protocols = all

## SMTP ##

smtpd_banner = (CENSORED) ( (CENSORED) [(CENSORED)] )
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = no
smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_email2email.cf

## MISC ##

append_dot_mydomain = no
biff = no
recipient_delimiter = +

## REJECT CODES ##

unknown_local_recipient_reject_code = 450

## LIMITS ##

mailbox_size_limit = 0

qmgr_message_recipient_limit = 35000
qmgr_message_active_limit = 35000

## LOCAL ##

alias_maps = hash:/etc/postfix/maps/alias

## VIRTUAL ##

virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_forwardings.cf mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_base = /home/vmail
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000

## VERIFY ##

address_verify_map = btree:/etc/postfix/maps/verify

## SASL ##

smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes

## TLS ##

smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key

## SECURITY ##

disable_vrfy_command = yes

## DEBUG ##

show_user_unknown_table_name = no

# always_bcc=ham@(CENSORED)

## CHECKS ##

header_checks = regexp:/etc/postfix/maps/header_checks
mime_header_checks = regexp:/etc/postfix/maps/mime_header_checks
body_checks = regexp:/etc/postfix/maps/body_checks

## CONTENT FILTERS ##

content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings

## RFC ##

strict_rfc821_envelopes = yes

## SMTPD RESTRICTIONS ##

smtpd_restriction_classes =

smtpd_client_restrictions =

smtpd_helo_restrictions =

smtpd_sender_restrictions =

smtpd_recipient_restrictions =

### CHECK FOR TRUSTED CONNECTION
###########################################################

permit_mynetworks,

### CHECK FOR TRUSTED USER
###########################################################

reject_authenticated_sender_login_mismatch,
permit_sasl_authenticated,

### DESTINATION CHECKS
###########################################################

reject_unauth_destination,
reject_unauth_pipelining,

check_recipient_maps,

### PRIMARY ACCESS CHECKS
###########################################################

check_client_access hash:/etc/postfix/maps/access_client,
check_helo_access hash:/etc/postfix/maps/access_helo,
check_sender_access hash:/etc/postfix/maps/access_sender,
check_recipient_access hash:/etc/postfix/maps/access_recipient,

### PRIMARY IDENTIFICATION FILTER CHECKS
###########################################################

reject_non_fqdn_sender,
reject_non_fqdn_recipient,

reject_unknown_sender_domain,
reject_unknown_recipient_domain,

warn_if_reject reject_unknown_address,

### MANUAL ACCESS CHECKS
###########################################################

check_client_access hash:/etc/postfix/maps/exception_client,
check_helo_access hash:/etc/postfix/maps/exception_helo,
check_sender_access mysql:/etc/postfix/mysql-access_sender.cf hash:/etc/postfix/maps/exception_sender,
check_recipient_access mysql:/etc/postfix/mysql-access_recipient.cf hash:/etc/postfix/maps/exception_recipient,

### RECIPIENT EXISTS
###########################################################

reject_unlisted_recipient,

### CLIENT BL CHECKS
###########################################################

### REVERSE CLIENT ADDRESS ###

reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client list.dsbl.org,
# reject_rbl_client relays.ordb.org,

### REVERSE HOSTS CLIENT ###

reject_rhsbl_client sbl-xbl.spamhaus.org,
reject_rhsbl_client bl.spamcop.net,
reject_rhsbl_client list.dsbl.org,
# reject_rhsbl_client relays.ordb.org,

### SENDER BL CHECKS
###########################################################

### REVERSE HOSTS SENDER ###

reject_rhsbl_sender sbl-xbl.spamhaus.org,
reject_rhsbl_sender bl.spamcop.net,
reject_rhsbl_sender list.dsbl.org,
# reject_rhsbl_sender relays.ordb.org,

###########################################################

check_sender_access hash:/etc/postfix/maps/no_verify_sender reject_unverified_sender,
check_recipient_access hash:/etc/postfix/maps/no_verify_recipient reject_unverified_recipient,

###########################################################

permit_auth_destination,

reject

smtpd_data_restrictions =

permit_mynetworks,

permit_sasl_authenticated,

reject_unauth_pipelining,

permit_auth_destination,

reject

smtpd_etrn_restrictions =

permit_mynetworks,

reject
 
Old 08-07-2006, 11:41 PM   #4
Berhanie
Senior Member
 
Registered: Dec 2003
Distribution: Fedora
Posts: 1,492

Rep: Reputation: 144Reputation: 144
Postfix isn't doing it; it's Amavis. Since you're using an after-queue content filter, it's too late to reject spam.

Here are your choices:

1. You can bounce it, as you're doing, and cause a lot of backscatter.
2. You can discard it, and risk losing valuable mail by virtue of a false-positive.
3. You can classify it and deliver it.

The third choice is recommended.
 
Old 08-08-2006, 11:59 AM   #5
thewonka
Member
 
Registered: Feb 2005
Location: Cambs UK/San Diego US/Tijuana MX
Distribution: Slackware/Debian!
Posts: 53

Original Poster
Rep: Reputation: 15
Well thats just nutty mate, lol amavis is set to differ it sends all spam and virii to a mail account, with no bouce ( i did find how to do it in amavis ) but the bounced messages that are getting sent are before they get to amavis with the tags like rbl your client blocked using blablabla blacklist. that postfix lets you customize. i only get bounces from the rbl's i have setup on postfix.

i just tested the server without amavis. i turned all content filters off but left rbl and i still get the bounces i told you about.

any thoughts?

all rbl's in SA/AMAVIS just lift up the score but they dont reject mail.

... can it be done at all?

cheers
 
Old 08-08-2006, 01:54 PM   #6
Berhanie
Senior Member
 
Registered: Dec 2003
Distribution: Fedora
Posts: 1,492

Rep: Reputation: 144Reputation: 144
Quote:
i turned all content filters off but left rbl and i still get the bounces i told you about.
Can you post your logs showing that mail is actually being bounced rather than rejected?
The reject_*_client rules reject mail; they don't bounce it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Bounce selected users in virtual domain with Postfix? annekaelber Linux - Software 5 10-18-2007 01:58 PM
Postfix: why is 'Return-Path' of bounce message empty Chowroc Linux - Networking 1 12-28-2005 03:52 AM
Postfix Bounce Mail To sender when error is found heero82 Linux - Software 1 10-14-2005 03:46 PM
Copies of bounce messages in sendmail ejacobs Linux - Software 0 06-29-2004 03:53 PM
I need RBL/DNS Server and RBL list cccc General 0 01-09-2004 03:57 PM


All times are GMT -5. The time now is 06:04 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration