On 2026-03-23 at 15:23:03 UTC-0400 (Mon, 23 Mar 2026 20:23:03 +0100)
Randy Bush via Postfix-users <[email protected]>
is rumored to have said:
how can i unserstand what has caused this milter reject and thereby
how i might ameliorate?
What parts does your milter consist of? Presumably the setup was made
by you
yes, in general i can shoot myself in the foot without assistance :) i
should have given more data. apologies.
m1.rg.net:/etc/postfix# grep milter main.cf
milter_protocol = 6
milter_mail_macros = i {mail_addr} {client_addr} {client_name}
{auth_authen}
milter_default_action = accept
milter_header_checks = regexp:/etc/postfix/milter_header_checks
smtpd_milters = inet:127.0.0.1:11332
non_smtpd_milters = inet:127.0.0.1:11332
OK, but I don't see where you mentioned what this milter is and what it
is supposed to be doing. The above milter_header_checks implies that it
is a spam filter of some sort. Candidates might be spamass-milter (which
calls SpamAssassin,) AmavisD (which calls SpamAssassin among other
things,) rspamd (which does spam and virus detection,) or MIMEDefang
(Calls SA and any of a number of AVs, and can subject messages to
arbitrary Perl at each Milter call point,) and an unknowable collection
of others.
All a Milter doing spam filtering can send to a MTA is an action and a
reply string with numeric codes. If you want to know *why* a Milter said
"reject with this reply" you need it to be logging that somewhere.
m1.rg.net:/etc/postfix# cat milter_header_checks
/^X-Spam: YES/ REDIRECT [email protected]
and i monitor that mailbox. and the message was bounced, not passed
to
the REDIRECT
The milter_header_checks function is for checking headers produced by a
Milter. A Milter that rejects a message likely isn't adding any headers
and even if it somehow both adds headers AND rejects, I don't think
Postfix will examine headers on a message being rejected.
Perhaps your milter logs something more somewhere else than the
maillog
so you can understand _why_ it came to that decision. If not, it's
time
to up your debug level so the next time you won't be left wondering
why.
point
is their rdns spoofed by spammers?
198.2.141.97 appears to be announced by AS14782, The Rocket Science
Group - aka Mailchimp. It's definitely them, it's not a forgery.
what i meant was if i accept-listed mailchimp by dns name someone
could
666.42.7.11.in-addr.arpa. PTR mcsv.net
otherwise i would have to chase their ip addresses
Postfix understands the need to verify PTR values and HELO names. If the
PTR value does not resolve back to the client IP, Postfix uses the name
"unknown" instead of implying that the PTR result (or HELO/EHLO
argument) is somehow correct. You can accept or reject client machines
by name without worrying about trivial spoofing
--
Bill Cole
[email protected] or [email protected]
(AKA @[email protected] and many *@billmail.scconsult.com
addresses)
Please keep discussion mailing list replies *on-list*
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
