Michael wrote:
> And just to be complete:
> Postfix is version 2.2.8
> master.cf has these changes:
> smtp inet n - n - - smtpd
> -o receive_override_options=no_address_mappings
> lmtp-amavis unix - - n - 4 lmtp
> -o lmtp_data_done_timeout=1200
> -o lmtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> -o header_checks=regexp:/usr/local/etc/postfix/remove_headers
> -o max_use=20
> 127.0.0.1:10025 inet n - n - - smtpd
> -o header_checks=regexp:/usr/local/etc/postfix/remove_headers
> -o content_filter=
> -o local_recipient_maps=
> -o relay_recipient_maps=
> -o smtpd_restriction_classes=
> -o smtpd_delay_reject=no
> -o smtpd_client_restrictions=permit_mynetworks,reject
> -o smtpd_helo_restrictions=
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o smtpd_data_restrictions=reject_unauth_pipelining
> -o smtpd_end_of_data_restrictions=
> -o mynetworks=127.0.0.0/8
> -o strict_rfc821_envelopes=yes
> -o smtpd_error_sleep_time=0
> -o smtpd_soft_error_limit=1001
> -o smtpd_hard_error_limit=1000
> -o smtpd_client_connection_count_limit=0
> -o smtpd_client_connection_rate_limit=0
> -o
> receive_override_options=no_header_body_checks,no_unknown_recipient_checks
> -o smtp_send_xforward_command=yes
> -o disable_dns_lookups=yes
> /usr/local/etc/postfix/remove_headers is empty.
> (but could be used to take out internal, rfc1918 received lines when
> used as a smarthost)
> Structure of conf:
> /usr/local/etc/amavisd.conf has this at end of file:
> require ("/usr/local/etc/amavisd.secnap") ;
> amavisd.secnap has MY 'defaults'.
> (so I don't have to mess with ./amavisd.conf each time it changes)
> Each smtp server has a /var/amavis/etc.amavisd.local also, which has
> site specific changes.
> (called by ./amavisd.secnap) in:
> require ("/var/amavis/etc/amavisd.local");
> Ok, I have to figure out why postfix (all of a sudden) is
> bouncing it
> back.
So, the DSNs are created by Postfix then?
Postfix is simply following RFCs. The downstream MTA
(amavisd-new) is rejecting the mail, so Postfix is required to create
and send a DSN. If amavisd-new new was bouncing mail instead of rejecting
it then Postfix would not be creating anything. It would just be sending
bounces amavisd-new created (spam below dsn_cutoff_level). The
remainder of the spam above dsn_cutoff_level would normally get
discarded. We have to figure out why amavisd-new is apparently using
D_REJECT instead of D_BOUNCE even though as far as we can tell your
config says differently.
> Mailq empty
This is curious. I would think if spam was getting rejected, at least
some of the DSNs would not be deliverable. Have you maybe set
bounce_queue_lifetime 0 ?
If so, that would explain.
In my tests:
With $final_spam_destiny = D_BOUNCE; and spam scores above
$dsn_cutoff_level (and above kill_level) amavisd-new reports
back to Postfix that the mail was received just fine (250) and
that it bounced it. It actually gets discarded.
Jul 4 11:11:28 sarge31 postfix/smtp[1565]: C59F0C5C: to=<[EMAIL PROTECTED]>,
relay=192.168.1.222[192.168.1.222], delay=19, status=sent (250 2.5.0 Ok,
id=02677-01, BOUNCE)
Jul 4 11:11:28 sarge31 postfix/qmgr[1328]: C59F0C5C: removed
With $final_spam_destiny = D_BOUNCE; and spam scores below
$dsn_cutoff_level (and above kill_level) amavisd-new reports
back to Postfix that the mail was received just fine (250) and
that it bounced it. This time we see another message is sent
(the bounce notice created by amavisd-new). I have amavisd-new
on a separate machine so you can see the bounce was created by
sfa.example.com
Jul 4 12:00:40 sarge31 postfix/cleanup[1696]: ECD0DC78:
message-id=<[EMAIL PROTECTED]>
Jul 4 12:00:40 sarge31 postfix/qmgr[1328]: ECD0DC78: from=<>,
size=3550, nrcpt=1 (queue active)
Jul 4 12:00:40 sarge31 postfix/smtpd[1698]: disconnect from
unknown[192.168.1.222]
Jul 4 12:00:40 sarge31 postfix/smtp[1697]: AC073C5C:
to=<[EMAIL PROTECTED]>, relay=192.168.1.222[192.168.1.222],
delay=19, status=sent (250 2.5.0 Ok, id=02807-01, BOUNCE)
Jul 4 12:00:40 sarge31 postfix/qmgr[1328]: AC073C5C: removed
Jul 4 12:00:40 sarge31 postfix/local[1699]: ECD0DC78:
to=<[EMAIL PROTECTED]>, relay=local, delay=1, status=sent
(delivered to maildir)
Jul 4 12:00:40 sarge31 postfix/qmgr[1328]: ECD0DC78: removed
With $final_spam_destiny = D_REJECT; and spam scores above
kill_level amavisd-new reports back to Postfix that the
mail is rejected. This time postfix creates and sends the DSN.
You can see it is was created by sarge31.example.com
Jul 4 12:09:48 sarge31 postfix/smtp[1718]: 3FD07C5C:
to=<[EMAIL PROTECTED]>, relay=192.168.1.222[192.168.1.222],
delay=17, status=bounced (host 192.168.1.222[192.168.1.222]
said: 554 5.7.1 Rejected, id=02814-01 - SPAM (in reply
to end of DATA command))
Jul 4 12:09:48 sarge31 postfix/cleanup[1717]: B6A30C79:
message-id=<[EMAIL PROTECTED]>
Jul 4 12:09:48 sarge31 postfix/qmgr[1328]: B6A30C79:
from=<>, size=5200, nrcpt=1 (queue active)
Jul 4 12:09:48 sarge31 postfix/qmgr[1328]: 3FD07C5C: removed
Jul 4 12:09:48 sarge31 postfix/local[1721]: B6A30C79:
to=<[EMAIL PROTECTED]>, relay=local, delay=0, status=sent
(delivered to maildir)
Jul 4 12:09:48 sarge31 postfix/qmgr[1328]: B6A30C79: removed
Gary V
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
