On 11/2/2009 8:38 AM, Peter Macko wrote:
> Date: Mon, 2 Nov 2009 07:57:01 -0600
> From: njo...@megan.vbhcs.org
> To: postfix-users@postfix.org
> Subject: Re: dns failure - postfix - avg - outlook
>
> On 11/2/2009 4:16 AM, Peter Macko wrote:
> > > On 10/28/2009 7:23 PM, Peter Macko wrote:
> > > > DNS that is used by postfix stopped working and consequently caused
> > > > postfix respond to:
> > > > 1. senders from outside: NOQUEUE: reject: RCPT from
> > > > unknown[194.168.1.66]: 450 4.1.8
> > > > 2. senders from inside (LAN): NOQUEUE: reject: RCPT from
> > > > unknown[172.16.125.115]: 450 4.1.2
> > > >
> > > > 1. case looks Ok, mailservers from outside keep trying to
deliver the
> > > > rejected messages.
> > > > 2. case is not that good. Email clients on LAN e.g. outlook
generate
> > > > failed delivery message 450 4.1.2.
> > > > The problem is that I use AVG antivirus to check emails and it
will not
> > > > generate any message in this case.
> > > > In case of DNS failure, can I configure postfix to construct
standard
> > > > message (failed delivery) for senders from LAN (local users of
postfix
> > > > server) and
> > > > for senders from outside (other email servers) to keep responding
> > 450 4.1.8?
> > > >
> > >
> > > Yes, don't subject internal or authenticated users to
> > > reject_unknown_client_hostname checks.
> > >
> > > Make sure the permit_mynetworks and/or
> > > permit_sasl_authenticated is listed first.
> > >
> > > If you need more help, refer to the list welcome message you
> > > received when you signed up, or see
> > > http://www.postfix.org/DEBUG_README.html#mail
> > >
> > >
> > > -- Noel Jones
> >
> > Thanks, your advice was helpful.
> > I still have one problem. When I send email from mynetworks to local
> > user that does not exist,
> > postfix does not construct error message.
> >
> > In maillog:
> >
> > Nov 2 11:01:05 mail postfix/smtpd[5083]: NOQUEUE: reject: RCPT from
unknown[A.A.A.A]: 550 5.1.1<u...@domain.eu>: Recipient address rejected:
User unknown in local recipient table; from=<us...@domain.eu>
to=<u...@domain.eu> proto=ESMTP helo=<oit03>
>
> You want postfix to generate a bounce back to the sender
> rather than correctly refusing the mail? Why?
>
>
Because the sender do not receive any notification, that he sent a
message to invalid user.
Comment to maillog I used few lines abov:
I as USER2 send email to USER that do not exist. DOMAIN.eu is my local
domain.
In log-file I can find the line I have stated, but my mail client MS
Outlook will not notify me, I do not receive anything.
To be exact, MS Outlook would notified me, but I use AVG antivirus to
check emails and the antivirus do not communicate
the message rejection.
So AVG just throws away mail it cannot deliver? Is that by
design or do you have some setting borked?
> > postconf -n
> >
> > smtpd_recipient_restrictions = permit_mynetworks,
> > permit_sasl_authenticated,
Try putting right here:
reject_unauth_destination
reject_unlisted_recipient
-- Noel Jones
> > reject_invalid_helo_hostname,
> > reject_non_fqdn_sender,
> > reject_non_fqdn_recipient,
> > reject_unknown_sender_domain,
> > reject_unknown_recipient_domain,
> > reject_unauth_destination,
> > reject_rbl_client sbl.spamhaus.org,
> > reject_rbl_client cbl.abuseat.org,
> > reject_rbl_client dul.dnsbl.sorbs.net
>
> Better to move "reject_unauth_destination" to just after
> "permit_sasl_authenticated". Rule of thumb is to put
> reject_unauth_destination as early as possible.
>
> Consider replacing sbl.spamhaus.org and cbl.abuseat.org with
> zen.spamhaus.org.
> http://www.spamhaus.org/zen/
>
> -- Noel Jones
------------------------------------------------------------------------
Windows Live: Make it easier for your friends to see what you’re up to
on Facebook.
<http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_2:092009>
