Re: Duplicate Emails Sent RESTATED

2013-03-20 Thread Ed 
Thanks for the insight  Larry.

I think that some work nee3ds to be done on the filter at 100026

Ed




>
> From: Larry Stone 
>To: "postfix-users@postfix.org Users"  
>Sent: Tuesday, March 19, 2013 1:10 PM
>Subject: Re: Duplicate Emails Sent RESTATED
> 
>On Tue, 19 Mar 2013, Ed wrote:
>
>> Hi All.
>> 
>> I am experiencing an issue with the following:
>> 
>> The scenario:
>>  
>> From: a...@site1.com
>> To:      b...@site2.com
>> CC:    m...@site3.com
>>  
>> After receiving the email CC at site 3, site 3 is sending out emails to
>> everyone on the original,
>> basically a duplicate email arrives to the sender and everyone in the
>> headers.
>
>You then include logs but it's hard to figure out what corresponds to site1, 
>site2, and site3.
>
>The logs appear to indicate that there are one or more content filters at 
>play. Noel pointed out what can happen if they're poorly designed.
>
>Postfix
>
>> Site 3 logs and postconf follows
>> Logs
>> --
>> Mar 14 10:27:41 mail postfix/cleanup[5265]: 
>> 10E7BE1C0A:message-id=> al>
>> Mar 14 10:27:41 mail postfix/smtpd[5269]: disconnect from
>> localhost[127.0.0.1]
>> Mar 14 10:27:41 mail postfix/smtp[5266]: 44D90E014D:
>> to=, relay=127.0.0.1[127.0.0.1]:10024, delay=6.5,
>> delays=1.7/0.02/0/4.7, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=03066-15,
>> from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 10E7BE1C0A)
>
>What's this. We see the queue ID reported by the recieving SMTP server in our 
>own logs. Is this just being handed off to our same Postfix instance on 
>another port?
>
>> Mar 14 10:27:41 mail postfix/qmgr[2179]: 44D90E014D: removed
>> Mar 14 10:27:41 mail postfix/smtp[5270]: 10E7BE1C0A:
>> to=, relay=127.0.0.1[127.0.0.1]:10026, delay=0.05,
>> delays=0.03/0.02/0/0, dsn=2.0.0, status=sent (250 Ok)
>
>Handed off to a content filter at port 10026.
>
>> Mar 14 10:27:41 mail postfix/qmgr[2179]: 10E7BE1C0A: removed
>
>> Mar 14 10:27:41 mail postfix/smtpd[5272]: connect from localhost[127.0.0.1]
>> Mar 14 10:27:41 mail postfix/smtpd[5272]: 4B9A3E1C0A:
>> client=localhost[127.0.0.1]
>> Mar 14 10:27:41 mail postfix/cleanup[5265]: 
>> 4B9A3E1C0A:message-id=> al>
>> Mar 14 10:27:41 mail postfix/qmgr[2179]: 4B9A3E1C0A:
>> from=, size=7049, nrcpt=3 (queue active)
>
>And comes back from a content filter with 3 recipients.
>
>Seeing your master.cf might help too. But it's most likely the content filter 
>listening to port 10026.
>
>-- Larry Stone
>  lston...@stonejongleux.com
>
>

Re: Duplicate Emails Sent RESTATED

2013-03-19 Thread Ed 
Thanks Noel,

I am going to set up a defined test and look into sendmail/procmail thoughts

Ed





>
> From: Noel Jones 
>To: postfix-users@postfix.org 
>Sent: Tuesday, March 19, 2013 12:41 PM
>Subject: Re: Duplicate Emails Sent RESTATED
> 
>On 3/19/2013 10:50 AM, Ed wrote:
>> Hi All.
>> 
>> I am experiencing an issue with the following:
>> 
>> The scenario:
>>  
>> From: a...@site1.com <mailto:a...@site1.com>
>> To:      b...@site2.com <mailto:b...@site2.com>
>> CC:    m...@site3.com <mailto:m...@site3.com>
>>  
>> After receiving the email CC at site 3, site 3 is sending out emails
>> to everyone on the original,
>> basically a duplicate email arrives to the sender and everyone in
>> the headers.
>
>The are basically two ways mail can be resent to header addresses.
>Either you're sending to a content_filter that feeds the mail into
>"sendmail -t"  (very bad! don't do that), or the recipient has a
>procmail or similar delivery filter that is resending the mail.
>
>
>It's not clear from the logs you've posted what is happening, but
>it's sure to be one of these.
>
>
>
>  -- Noel Jones
>
>
>

Re: Duplicate Emails Sent RESTATED

2013-03-19 Thread Larry Stone 

On Tue, 19 Mar 2013, Ed wrote:


Hi All.

I am experiencing an issue with the following:

The scenario:
 
From: a...@site1.com
To:      b...@site2.com
CC:    m...@site3.com
 
After receiving the email CC at site 3, site 3 is sending out emails to
everyone on the original,
basically a duplicate email arrives to the sender and everyone in the
headers.


You then include logs but it's hard to figure out what corresponds to 
site1, site2, and site3.


The logs appear to indicate that there are one or more content filters at 
play. Noel pointed out what can happen if they're poorly designed.


Postfix


Site 3 logs and postconf follows
Logs
--
Mar 14 10:27:41 mail postfix/cleanup[5265]: 
10E7BE1C0A:message-id=
Mar 14 10:27:41 mail postfix/smtpd[5269]: disconnect from
localhost[127.0.0.1]
Mar 14 10:27:41 mail postfix/smtp[5266]: 44D90E014D:
to=, relay=127.0.0.1[127.0.0.1]:10024, delay=6.5,
delays=1.7/0.02/0/4.7, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=03066-15,
from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 10E7BE1C0A)


What's this. We see the queue ID reported by the recieving SMTP server in 
our own logs. Is this just being handed off to our same Postfix instance 
on another port?



Mar 14 10:27:41 mail postfix/qmgr[2179]: 44D90E014D: removed
Mar 14 10:27:41 mail postfix/smtp[5270]: 10E7BE1C0A:
to=, relay=127.0.0.1[127.0.0.1]:10026, delay=0.05,
delays=0.03/0.02/0/0, dsn=2.0.0, status=sent (250 Ok)


Handed off to a content filter at port 10026.


Mar 14 10:27:41 mail postfix/qmgr[2179]: 10E7BE1C0A: removed



Mar 14 10:27:41 mail postfix/smtpd[5272]: connect from localhost[127.0.0.1]
Mar 14 10:27:41 mail postfix/smtpd[5272]: 4B9A3E1C0A:
client=localhost[127.0.0.1]
Mar 14 10:27:41 mail postfix/cleanup[5265]: 
4B9A3E1C0A:message-id=
Mar 14 10:27:41 mail postfix/qmgr[2179]: 4B9A3E1C0A:
from=, size=7049, nrcpt=3 (queue active)


And comes back from a content filter with 3 recipients.

Seeing your master.cf might help too. But it's most likely the content 
filter listening to port 10026.


-- Larry Stone
   lston...@stonejongleux.com

Re: Duplicate Emails Sent RESTATED

2013-03-19 Thread Noel Jones 
On 3/19/2013 10:50 AM, Ed wrote:
> Hi All.
> 
> I am experiencing an issue with the following:
> 
> The scenario:
>  
> From: a...@site1.com 
> To:  b...@site2.com 
> CC:m...@site3.com 
>  
> After receiving the email CC at site 3, site 3 is sending out emails
> to everyone on the original,
> basically a duplicate email arrives to the sender and everyone in
> the headers.

The are basically two ways mail can be resent to header addresses.
Either you're sending to a content_filter that feeds the mail into
"sendmail -t"  (very bad! don't do that), or the recipient has a
procmail or similar delivery filter that is resending the mail.


It's not clear from the logs you've posted what is happening, but
it's sure to be one of these.



  -- Noel Jones

Duplicate Emails Sent RESTATED

2013-03-19 Thread Ed 
Hi All.

I am experiencing an issue with the following:

The scenario:
 
From: a...@site1.com
To:      b...@site2.com
CC:    m...@site3.com
 
After receiving the email CC at site 3, site 3 is sending out emails to 
everyone on the original, 
basically a duplicate email arrives to the sender and everyone in the headers.

>>a sends mail to b with me in cc.
>>m...@site3.com sends mail out to everyone in the FROM and CC upon receipt of 
>>the mail



I am asking how to stop this behavior.?


Site 3 logs and postconf follows

Logs

--
Mar 14 10:27:41 mail postfix/cleanup[5265]: 10E7BE1C0A: 
message-id=
Mar 14 10:27:41 mail postfix/smtpd[5269]: disconnect from localhost[127.0.0.1]
Mar 14 10:27:41 mail postfix/smtp[5266]: 44D90E014D: 
to=, relay=127.0.0.1[127.0.0.1]:10024, delay=6.5, 
delays=1.7/0.02/0/4.7, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=03066-15, from 
MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 10E7BE1C0A)
Mar 14 10:27:41 mail postfix/qmgr[2179]: 44D90E014D: removed
Mar 14 10:27:41 mail postfix/smtp[5270]: 10E7BE1C0A: 
to=, relay=127.0.0.1[127.0.0.1]:10026, delay=0.05, 
delays=0.03/0.02/0/0, dsn=2.0.0, status=sent (250 Ok)
Mar 14 10:27:41 mail postfix/qmgr[2179]: 10E7BE1C0A: removed
Mar 14 10:27:41 mail postfix/smtpd[5272]: connect from localhost[127.0.0.1]
Mar 14 10:27:41 mail postfix/smtpd[5272]: 4B9A3E1C0A: 
client=localhost[127.0.0.1]
Mar 14 10:27:41 mail postfix/cleanup[5265]: 4B9A3E1C0A: 
message-id=
Mar 14 10:27:41 mail postfix/qmgr[2179]: 4B9A3E1C0A: 
from=, size=7049, nrcpt=3 (queue active)
Mar 14 10:27:41 mail postfix/smtpd[5272]: disconnect from localhost[127.0.0.1]
Mar 14 10:27:41 mail lmtpunix[5164]: accepted connection
Mar 14 10:27:41 mail lmtpunix[5164]: lmtp connection preauth'd as postman
Mar 14 10:27:41 mail master[5276]: about to exec /usr/lib/cyrus-imapd/lmtpd
Mar 14 10:27:41 mail lmtpunix[5276]: executed
Mar 14 10:27:41 mail lmtpunix[5164]: ptload(): fetched cache record 
(edl...@cybered-corp.com)(mark 1363263746, current 1363271261, limit 1363260461)
Mar 14 10:27:41 mail lmtpunix[5164]: ptload returning data
Mar 14 10:27:41 mail lmtpunix[5164]: using ptloaded value of: 
edl...@cybered-corp.com
Mar 14 10:27:41 mail lmtpunix[5164]: ptload(): fetched cache record 
(edl...@cybered-corp.com)(mark 1363263746, current 1363271261, limit 1363260461)
Mar 14 10:27:41 mail lmtpunix[5164]: ptload returning data
Mar 14 10:27:41 mail lmtpunix[5164]: using ptloaded value of: 
edl...@cybered-corp.com
Mar 14 10:27:41 mail lmtpunix[5164]: Delivered: 
 to mailbox: 
cybered-corp.com!user.edlang
Mar 14 10:27:41 mail lmtpunix[5164]: USAGE edlang user: 0.011998 sys: 0.016997
Mar 14 10:27:41 mail postfix/lmtp[5273]: 4B9A3E1C0A: 
to=, relay=mail.avnoc.com[/var/lib/imap/socket/lmtp], 
delay=0.15, delays=0.04/0.03/0/0.08, dsn=2.1.5, status=sent (250 2.1.5 Ok 
SESSIONID=)

Here is where it looks like upon receipt of the original email we are sending 
mail back out

Mar 14 10:27:41 mail postfix/smtp[5274]: 4B9A3E1C0A: enabling PIX workarounds: 
disable_esmtp delay_dotcrlf for spamtrap1a.nps.k12.va.us[216.54.48.8]:25
Mar 14 10:27:41 mail postfix/smtp[5275]: 4B9A3E1C0A: 
to=, relay=mail.secep.net[216.54.45.133]:25, 
delay=0.42, delays=0.04/0.06/0.1/0.23, dsn=2.0.0, status=sent (250 Ok: queued 
as AD9CA2B8C073)
Mar 14 10:27:43 mail postfix/smtp[5274]: 4B9A3E1C0A: to=, 
relay=spamtrap1a.nps.k12.va.us[216.54.48.8]:25, delay=2, 
delays=0.04/0.03/0.23/1.7, dsn=2.0.0, status=sent (250 2.0.0 r2EERf48009708 
Message accepted for delivery)
Mar 14 10:27:43 mail postfix/qmgr[2179]: 4B9A3E1C0A: removed


PostConf Output


alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
inet_protocols = all
local_recipient_maps = ldap:/etc/postfix/ldap/local_recipient_maps.cf
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = ldap:/etc/postfix/ldap/mydestination.cf
mynetworks = 127.0.0.0/8, 10.0.0.0/8
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_pipelining, 
reject_rbl_client zen.spamhaus.org, reject_non_fqdn_recipient, 
reject_invalid_helo_hostname, reject_unknown_recipient_domain, 
reject_unauth_destination, check_policy_service 
unix:private/recipient_policy_incoming, permit
smtpd_sender_restrictions = permit_mynetworks, check_policy_service 
unix:private/sender_policy_incoming
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/pki/tls/private/localhost.pem
smtpd_tls_key_file = /etc/pki/tls/private/loc