Re: [qmailtoaster] queue is flooding user

Fri, 09 Oct 2015 06:45:14 -0700

It's a personal and business question, and it depends a lot on customer needs.
From my point of view, emails are my business but are property of customers, and I must make my best in order to let them control their emails or have the best communication with their business partners using emails. 


Deleting messages to wrong recipients means to let senders believe their 
email has been delivered even if they mispelled the address, instead to 
advice them to correct the address.



We are working this way since 15 years, and we never had problems with 
this way of thinking.



Probably attacks may suggest temporary restrictions, but only in 
exceptional cases, not for normal usage.



Normal solution (for us) is to reject messages at SMTP level, as it is 
done with paper email (unknown recipient) and voice calls (sorry, I'm 
not the person you are looking for).


Regards,

Tonino


Il 09/10/2015 15:32, Dan McAllister ha scritto:

Rajesh:


I understand -- and if all the "players" in the email world were 
legitimate, kind, and thoughtful ... there wouldn't be QMail at all, 
because sendmail would still be doing a fine job and the 
configurations therein wouldn't be so hard after all.



But that is not the REAL world. In THIS world, people actively work to 
abuse mail servers -- and many seek little more than the "fun" of 
disabling or at least disrupting mail service... and we (as mail 
admins) need to be PROACTIVE (not just reactive) in mitigating the 
threats. If I wasn't clear in my initial response -- this is what 
brought you to ask the original question in the first place! (Your 
queues are filling up with invalid bounce messages).



That being said, the "bounce-no-mailbox" option is, in my opinion, the 
WORST of the 3 available options. It serves as an open invitation to:
 - shutdown your mail server at-will with bounce and double-bounce 
messages that will clog your queues for days
 - mine your system for valid email addresses (those that do not 
bounce) -- and sell the results to SPAM lists

 - multiple other "attacks" ... this isn't the point of this email...
Sadly, it is also the "default" for our vpopmail implementations.


But, _*there is another option*_ (other than "bounce-no-mailbox" or 
"delete").


    If you fear that you may lose or miss something important, then
    replace the last word with an _*email address*_ (preferably on
    your server so delivery is local). This way messages sent to
    non-existent mailboxes will arrive in a specified mailbox and NOT
    bounce. You can periodically check that mailbox for misaddressed
    messages -- but be prepared to get a LOT of SPAM!

    This has the same benefits as "delete" (from the outside world
    perspective, everything is accepted) but still gives you a place
    to go to check for misdirected messages.

    NOTE: When clients want this, I typically create a "mailbox" that
    is NOT a legitimate Internet mail address. While it may not stay
    that way forever, I use a "non-existent" (so far) *.mail* TLD for
    these "catchall" accounts. So, for example, my client *abc.com*
    wants a catchall account, I configure it as
    *catch...@abc.com./mail/*//-- vpopmail has no issue creating the
    accounts, and the client can access the mailbox just fine, but no
    outside mailer will ever succeed in deliberately sending mail to
    or from that account, and my client cannot accidentally send mail
    from that account.


If I have learned anything from the past 18 years of being an email 
admin it is that nothing is as easy as it seems. AKA: The devil is in 
the details.



If you insist on keeping the "bounce-no-mailbox" option, get yourself 
some qmail queue handling tools (like qmHandle or qmqtool), not to 
mention qfixq -- all of which can be found with a simple google search.


Good luck!

Dan McAllister
IT4SOHO





On 10/9/2015 5:45 AM, Rajesh M wrote:

dan

sorry to contradict but in my personal opinion this is not a good idea .... if 
a the sender makes a mistake then my customer will not receive the email and 
nobody will know.

rajesh

----- Original Message -----
From: Dan McAllister [mailto:q...@it4soho.com]
To:qmailtoaster-list@qmailtoaster.com
Sent: Thu, 8 Oct 2015 15:01:57 -0400
Subject: Re: [qmailtoaster] queue is flooding user

I suspect the queue messages that are stacking up are for the delivery
of the bounce -- which is also likely going to a non-existent user or
domain.

My STRONGEST suggestion is to NOT BOUNCE messages that are directed to
non-existent users!!!
To do this, cd to the top of the domain in vpopmail (e.g.:
/home/vpopmail/domains/<domain.com>)
Then examine the file .qmail-default.
You want the last word to be "delete" not "bounce-no-mailbox"

Dan


On 10/8/2015 2:51 PM, Eric Broch wrote:

No one should be able to get a message in your queue to a non-existent
user unless they're using an account that they've hacked.
Someone correct me if I'm wrong.

On 10/8/2015 12:37 PM, Eric Broch wrote:

Has someone hacked a password?

On 10/8/2015 11:59 AM, Rajesh M wrote:

spammer is emailing a non existent user on my server.

qmailtoaster is accepting the email and then trying to respond back

my queue is flooding because ot this

should'nt chkuser be directly bouncing the email during smtp transaction time 
when email id is not present on the server ?

pl see below the message trapped in my queue. kindly let me know how i could 
prevent these

thanks for your help

rajesh

log files

@400000005616a19e352eb154 info msg 1840641: bytes 60095 
from<bonnie.wes...@mjfirm.com>   qp 40028 uid 89
@400000005616a19e36a305bc starting delivery 1066: msg 1840641 
tolocalposeidonship.com-bandu_p-...@poseidonship.com
@400000005616a19e36a328e4 status: local 1/200 remote 60/60
@400000005616a19e374ed234 delivery 1066: failure: 
Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/


sample bounce message

Received: (qmail 5240 invoked for bounce); 8 Oct 2015 17:23:48 -0000
Date: 8 Oct 2015 17:23:48 -0000
From:mailer-dae...@ns1.bizmailserver.net
To:agulle...@redbrokerage.com
Subject: failure notice

Hi. This is the qmail-send program at ns1.bizmailserver.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<bandu_p-...@poseidonship.com>:
Sorry, no mailbox here by that name. (#5.1.1)

--- Below this line is a copy of the message.

Return-Path:<agulle...@redbrokerage.com>
Received: (qmail 3803 invoked by uid 89); 8 Oct 2015 17:19:29 -0000
Received: by simscan 1.4.0 ppid: 3636, pid: 3743, t: 2.9901s
           scanners: attach: 1.4.0 clamav: 0.98.6/m: spam: 3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
          ns1.bizmailserver.net
X-Spam-Level:
X-Spam-Status: No, score=0.0 required=5.0 tests=T_FROM_12LTRDOM
          autolearn=disabled version=3.3.2
Received: from unknown (HELO redbrokerage.com.inbound10.mxlogicmx.net) 
(187.234.134.4)
    by ns1.bizmailserver.net with SMTP; 8 Oct 2015 17:19:26 -0000
Received-SPF: unknown (ns1.bizmailserver.net: domain at listrak does not 
designate permitted sender hosts)
Received: from redbrokerage.com.inbound10.mxlogicmx.net 
(redbrokerage.com.inbound10.mxlogicmx.net [208.65.144.3])
          by redbrokerage.com (Outbound Mail Relay) with ESMTP id 
yZSt49AdKNeARht0
          for<bandu_p-...@poseidonship.com>; Thu, 08 Oct 2015 13:19:29 -0400 
(EDT)
MIME-Version: 1.0
Message-ID:<5616a5a1.3ff1f...@redbrokerage.com.inbound10.mxlogicmx.net>
Date: Thu, 08 Oct 2015 13:15:29 -0400
From: "Noemie Considine"<agulle...@redbrokerage.com>
To:bandu_p-...@poseidonship.com
Subject: contract
Content-Type: multipart/mixed;
   boundary="------------070709070301020805080405"
--------------070709070301020805080405
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit

Dear customer,

I'm sending you a new contract of the project (Private collateral statement of 
account)

--------------070709070301020805080405
Content-Type: application/zip; name="Private collateral statement of 
account.zip"
Content-Description: "Private collateral statement of account.doc"
Content-Disposition: attachment; filename="Private collateral statement of 
account.zip"; size=43024;
          creation-date="Thu, 08 Oct 2015 13:16:29 -0400";
          modification-date="Thu, 08 Oct 2015 13:17:29 -0400"
Content-Transfer-Encoding: base64





---------------------------------------------------------------------
To unsubscribe,e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands,e-mail:qmailtoaster-list-h...@qmailtoaster.com



---------------------------------------------------------------------
To unsubscribe, e-mail:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:qmailtoaster-list-h...@qmailtoaster.com





--
------------------------------------------------------------
        Inter@zioni            Interazioni di Antonio Nati
   http://www.interazioni.it      to...@interazioni.it
------------------------------------------------------------























					Reply via email to