Re: LMTP bounces with invalid chars in MAIL FROM adress
Hi, I've seen a growing number of bounced mails from Cyrus LMTP where Postfix logs 501 5.5.4 Syntax error in parameters (in reply to MAIL FROM command)) The problem is that those messages really have invalid from adresses, like RosaSánc...@something.com, but Postfix still accepts them. Later, Cyrus runs parseaddr() on it ans correctly refuses to accept the mail. Now, I'm interested to hear how others handle this case, if possible how they handle it with postfix. I know that enabling strict_rfc821_envelopes would possibly help but that seem to be a bad idea. I've searched the postfix-users list and as expected I'm not the only one to see this issue: http://marc.info/?l=postfix-usersm=120168533827364w=2 Since postfix (and I think also other MTA's) are a bit relaxed on what they accept as MAIL FROM: addresses, is there a very good reason for Cyrus to be so strict? I've just added this http://bugzilla.cyrusimap.org/bugzilla3/show_bug.cgi?id=3402 May I ask for a quick review of the attached patch? It works but I'm not sure what it breaks :) Thanks, Simon--- cyrus-imapd-2.4.6/imap/lmtpengine.c.orig 2010-12-20 14:15:49.0 +0100 +++ cyrus-imapd-2.4.6/imap/lmtpengine.c 2011-02-17 13:27:49.0 +0100 @@ -462,6 +462,7 @@ { char *p, *ret; int len; +int munge8bit = config_getswitch(IMAPOPT_MUNGE8BIT); p = s; @@ -500,6 +501,12 @@ if (!*++p) return 0; } else { + if (*p 128 munge8bit) { + /* this prevents us from becoming a backscatter + source because popular MTAs allow 8bit in + local-part of adresses. */ + *p = 'X'; + } if (*p = ' ' || (*p 128) || strchr(()[]\\,;:\, *p)) return 0; } Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: LMTP bounces with invalid chars in MAIL FROM adress
On Mon, 2011-02-14 at 17:11 +0100, Simon Matter wrote: On Mon, 2011-02-14 at 16:09 +0100, Simon Matter wrote: snip i have also seen this lately -- coming from LMTP as well -- running your 2.3.16 rpm ... is this related? Your mail contains another error but the problem is the same in the end, your MTA accepts a mail which is later refused by Cyrus-IMAPd. Both cases are bad because it creates backscatter. Would be nice to know what exactly is wrong with the mail in your case. hi simon, i never found the mail anywhere -- it passed amavis, so no traces there, and the mail couldn't be delivered via LMTP, so i think it just got discarded -- postfix didn't have an address to send a bounce to. the source of the mail (in my logging) is real -- it's HP's licensing department. i am going to tcpdump -s0 and capture to a file so as to watch the entire conversation. i'll send you a copy off list. thanks m Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: LMTP bounces with invalid chars in MAIL FROM adress
On Mon, 2011-02-14 at 17:11 +0100, Simon Matter wrote: snip is this related? Your mail contains another error but the problem is the same in the end, your MTA accepts a mail which is later refused by Cyrus-IMAPd. Both cases are bad because it creates backscatter. Would be nice to know what exactly is wrong with the mail in your case. hi simon, so -- i forgot that following the first error i upgraded to 2.3.16 and made no changes to the imapd.conf. need more sleep and less coffee :-) i have just successfully received a mail that had previously bounced (in a tcpdump file) would it be of use to you to see the message contents? If the mail is not too big, could you post it here? Simon Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: LMTP bounces with invalid chars in MAIL FROM adress
On Mon, 2011-02-14 at 16:09 +0100, Simon Matter wrote: Hi, I've seen a growing number of bounced mails from Cyrus LMTP where Postfix logs 501 5.5.4 Syntax error in parameters (in reply to MAIL FROM command)) The problem is that those messages really have invalid from adresses, like RosaSánc...@something.com, but Postfix still accepts them. Later, Cyrus runs parseaddr() on it ans correctly refuses to accept the mail. Now, I'm interested to hear how others handle this case, if possible how they handle it with postfix. I know that enabling strict_rfc821_envelopes would possibly help but that seem to be a bad idea. good day my lord, i have also seen this lately -- coming from LMTP as well -- running your 2.3.16 rpm ... is this related? thanks m Feb 3 15:03:25 DOMAIN postfix/qmgr[7263]: 906EE110F38: from=webware_lice...@ocs.com, size=13232, nrcpt=1 (queue active) Feb 3 15:03:26 DOMAIN postfix/smtpd[26815]: disconnect from ocsdcfw1-pat.ocs.com[66.151.185.166] Feb 3 15:03:31 DOMAIN postfix/smtpd[2949]: connect from DOMAIN.com[82.103.143.139] Feb 3 15:03:31 DOMAIN postfix/smtpd[2949]: 348A9110F39: client=DOMAIN.com[xxx.xxx.xxx.xxx] Feb 3 15:03:31 DOMAIN postfix/cleanup[2945]: 348A9110F39: message-id= Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 348A9110F39: from=webware_lice...@ocs.com, size=13898, nrcpt=1 (queue active) Feb 3 15:03:31 DOMAIN postfix/smtpd[2949]: disconnect from DOMAIN.com[xxx.xxx.xxx.xxx] Feb 3 15:03:31 DOMAIN lmtp[6430]: accepted connection Feb 3 15:03:31 DOMAIN lmtp[6430]: connection from DOMAIN.com [xxx.xxx.xxx.xxx] preauth'd as postman Feb 3 15:03:31 DOMAIN amavis[30491]: (30491-06) Passed CLEAN, [66.151.185.166] [66.151.185.166] webware_lice...@ocs.com - u...@domain.com, mail_id: xu-j3SOEehs8, Hits: -1.186, size: 13221, queued_as: 348A9110F39, 5337 ms Feb 3 15:03:31 DOMAIN amavis[30491]: (30491-06) Passed CLEAN, webware_lice...@ocs.com - u...@domain.com, Hits: -1.186, tag=-99, tag2=4, kill=6, queued_as: 348A9110F39, L/Y/0/0 Feb 3 15:03:31 DOMAIN postfix/smtp[2946]: 906EE110F38: to=u...@domain.com, orig_to=cc...@radius.fr, relay=amavis.DOMAIN.com[xxx.xxx.xxx.xxx]:10025, delay=5.9, delays=0.53/0/0/5.3, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=30491-06, from MTA([xxx.xxx.xxx.xxx]:10045): 250 2.0.0 Ok: queued as 348A9110F39) Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 906EE110F38: removed Feb 3 15:03:31 DOMAIN postfix/lmtp[3017]: 348A9110F39: to=u...@domain.com, relay=imap.DOMAIN.com[xxx.xxx.xxx.xxx]:24, delay=0.06, delays=0.01/0.01/0/0.04, dsn=5.6.0, status=bounced (host imap.DOMAIN.com[xxx.xxx.xxx.xxx] said: 554 5.6.0 Message contains invalid header (in reply to end of DATA command)) Feb 3 15:03:31 DOMAIN postfix/cleanup[2945]: 47D3E110F3A: message-id=20110203140331.47d3e110...@domain.com Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 47D3E110F3A: from=, size=15842, nrcpt=1 (queue active) Feb 3 15:03:31 DOMAIN postfix/bounce[3018]: 348A9110F39: sender non-delivery notification: 47D3E110F3A Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 348A9110F39: removed Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: LMTP bounces with invalid chars in MAIL FROM adress
On Mon, 2011-02-14 at 16:09 +0100, Simon Matter wrote: Hi, I've seen a growing number of bounced mails from Cyrus LMTP where Postfix logs 501 5.5.4 Syntax error in parameters (in reply to MAIL FROM command)) The problem is that those messages really have invalid from adresses, like RosaSánc...@something.com, but Postfix still accepts them. Later, Cyrus runs parseaddr() on it ans correctly refuses to accept the mail. Now, I'm interested to hear how others handle this case, if possible how they handle it with postfix. I know that enabling strict_rfc821_envelopes would possibly help but that seem to be a bad idea. good day my lord, i have also seen this lately -- coming from LMTP as well -- running your 2.3.16 rpm ... is this related? Your mail contains another error but the problem is the same in the end, your MTA accepts a mail which is later refused by Cyrus-IMAPd. Both cases are bad because it creates backscatter. Would be nice to know what exactly is wrong with the mail in your case. Simon thanks m Feb 3 15:03:25 DOMAIN postfix/qmgr[7263]: 906EE110F38: from=webware_lice...@ocs.com, size=13232, nrcpt=1 (queue active) Feb 3 15:03:26 DOMAIN postfix/smtpd[26815]: disconnect from ocsdcfw1-pat.ocs.com[66.151.185.166] Feb 3 15:03:31 DOMAIN postfix/smtpd[2949]: connect from DOMAIN.com[82.103.143.139] Feb 3 15:03:31 DOMAIN postfix/smtpd[2949]: 348A9110F39: client=DOMAIN.com[xxx.xxx.xxx.xxx] Feb 3 15:03:31 DOMAIN postfix/cleanup[2945]: 348A9110F39: message-id= Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 348A9110F39: from=webware_lice...@ocs.com, size=13898, nrcpt=1 (queue active) Feb 3 15:03:31 DOMAIN postfix/smtpd[2949]: disconnect from DOMAIN.com[xxx.xxx.xxx.xxx] Feb 3 15:03:31 DOMAIN lmtp[6430]: accepted connection Feb 3 15:03:31 DOMAIN lmtp[6430]: connection from DOMAIN.com [xxx.xxx.xxx.xxx] preauth'd as postman Feb 3 15:03:31 DOMAIN amavis[30491]: (30491-06) Passed CLEAN, [66.151.185.166] [66.151.185.166] webware_lice...@ocs.com - u...@domain.com, mail_id: xu-j3SOEehs8, Hits: -1.186, size: 13221, queued_as: 348A9110F39, 5337 ms Feb 3 15:03:31 DOMAIN amavis[30491]: (30491-06) Passed CLEAN, webware_lice...@ocs.com - u...@domain.com, Hits: -1.186, tag=-99, tag2=4, kill=6, queued_as: 348A9110F39, L/Y/0/0 Feb 3 15:03:31 DOMAIN postfix/smtp[2946]: 906EE110F38: to=u...@domain.com, orig_to=cc...@radius.fr, relay=amavis.DOMAIN.com[xxx.xxx.xxx.xxx]:10025, delay=5.9, delays=0.53/0/0/5.3, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=30491-06, from MTA([xxx.xxx.xxx.xxx]:10045): 250 2.0.0 Ok: queued as 348A9110F39) Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 906EE110F38: removed Feb 3 15:03:31 DOMAIN postfix/lmtp[3017]: 348A9110F39: to=u...@domain.com, relay=imap.DOMAIN.com[xxx.xxx.xxx.xxx]:24, delay=0.06, delays=0.01/0.01/0/0.04, dsn=5.6.0, status=bounced (host imap.DOMAIN.com[xxx.xxx.xxx.xxx] said: 554 5.6.0 Message contains invalid header (in reply to end of DATA command)) Feb 3 15:03:31 DOMAIN postfix/cleanup[2945]: 47D3E110F3A: message-id=20110203140331.47d3e110...@domain.com Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 47D3E110F3A: from=, size=15842, nrcpt=1 (queue active) Feb 3 15:03:31 DOMAIN postfix/bounce[3018]: 348A9110F39: sender non-delivery notification: 47D3E110F3A Feb 3 15:03:31 DOMAIN postfix/qmgr[7263]: 348A9110F39: removed Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
Re: LMTP bounces with invalid chars in MAIL FROM adress
On Mon, 14 Feb 2011, Simon Matter wrote: The problem is that those messages really have invalid from adresses, like RosaSánc...@something.com, but Postfix still accepts them. Later, Cyrus runs parseaddr() on it ans correctly refuses to accept the mail. Yeah, postfix really should reject that crap. Do you know which MUA is producing this braindamage? Now, I'm interested to hear how others handle this case, if possible how they handle it with postfix. I know that enabling strict_rfc821_envelopes would possibly help but that seem to be a bad idea. The problem with strict_rfc821_envelopes is that it also requires one to actually speak rfc2821, so MAIL FROM: whome...@example.com would cause a rejection. There is the heavy-handed smtpd_command_filter, though. It is certainly capable of doing what you need. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/