On 1/9/2014 4:41 PM, Alexandre Ellert wrote: > Hi, > > I relay transactional mail for my customer's web sites. > Each website has it's own SASL authenticated account and mail are > sent via submission or smtps. > > But, some website doesn't verify email existence when a user submit > a web form or 'create an account'. > That's why I often see my postfix relay trying to send to > non-existing email. > Sending again and again to non-existing mail can lowering my IP > reputation and waste ressources that's why I need a solution. > > I can't force my customer to use some kind of email verification but > I strongly encouraged them to do it. Most of them don't care or have > no time/money/knowlegde to do it. > > Fisrt, I need to have some stats about outgoing mail. > - What percentage of error 'User unknown' per account ? (Can you > confirm that every SMTP software bounce with error '550 5.1.1' ?) > If someone can advice any script, I will be very grateful. > Otherwise, i will write it myself. > With these stats, I can then take necessary actions (lock account, …)
There are several log analysis tools listed here: http://www.postfix.org/addon.html#logfile And also the excellent postfix-logwatch module, which works fine without the logwatch framework. I don't know why this isn't listed on the postfix site; probably because the author never requested it. http://www.postfix.org/addon.html#logfile > > Second, maybe additional, I think about maintain a list of 'User > unknown' address. > Maybe, I could implement this (example with plain text file but it > could be SQL): > > # master.cf > submission inet n - - - - smtpd > -o > smtpd_recipient_restrictions=check_recipient_access,hash:/etc/postfix/unknonwn_recipients,permit_sasl_authenticated,permit_mynetworks,reject > smtps inet n - - - - smtpd > -o smtpd_tls_wrappermode=yes > -o > smtpd_recipient_restrictions=check_recipient_access,hash:/etc/postfix/unknonwn_recipients,permit_sasl_authenticated,permit_mynetworks,reject > > $ cat /etc/postfix/unknonwn_recipients > bad_us...@example.com <mailto:bad_us...@example.com> REJECT Unknown user > bad_us...@example.com <mailto:bad_us...@example.com> REJECT Unknown user Consider how the website might react when mail is rejected. I don't suppose they'll all show the end user a helpful message about a bad address. Probably need to work with your customers on this so there are no surprises. > > And write a cron job to parse postfix logs and add 'Unknown user' > email to /etc/postfix/unknonwn_recipients. You'll also need to have some method to "expire" addresses periodically that become good at a later date, and limits to how often an address is "probed". Or use the built-in postfix reject_unverified_recipient function, where those particular problems are already solved. http://www.postfix.org/ADDRESS_VERIFICATION_README.html -- Noel Jones
