Re: Bounced messages
If you can send me more information off-list, I will ask Infra to look into this. -- Kevin A. McGrail Member, Apache Software Foundation Chair Emeritus Apache SpamAssassin Project https://www.linkedin.com/in/kmcgrail - 703.798.0171 On Wed, May 20, 2020 at 10:41 AM Rick Cooper wrote: > Phil Reynolds wrote: > > On Tue, 19 May 2020 07:43:14 -0400 > > "Rick Cooper" wrote: > > > >> I occasionally get emails warning me of bounced mail, this one > >> doesn't go through we will send a probe, yada, yada. > >> > >> They say they include the bounce message but they always look like > >> this: --- Enclosed is a copy of the bounce message I received. > >> > >> Return-Path: <> > >> Received: (qmail 21198 invoked for bounce); 8 May 2020 19:58:49 - > >> Date: 8 May 2020 19:58:49 - > >> From: mailer-dae...@apache.org > >> To: users-return-1220...@spamassassin.apache.org > >> Subject: failure notice > >> > >> Which is useless. I also cannot find where the list was every denied > >> in the logs. This time I went ahead and the email that would > >> retrieve the messages that had bounced and I have every single one > >> of them already... Every singled one. > >> > >> What is up with that? > > > > I have seen this from time to time on several mailing lists. > > > > Normally, it is caused by your mailserver rejecting a malformed mail > > that has been sent to the list - the list software has accepted it and > > not corrected its "non-compliance" - hence your mailserver bounces it. > > No I would see the reject in the mail logs, and when I requested the > bounced > messages I had already received all of them. So that was why I wondered why > the list server was saying they bounced without a denial and after having > had them delivered to my box. > > > > > If you do ever find out about the mail in question, it is usually (*) > > spam. > > > > Unfortunately: > > > > (a) certain mailing list software is set up so that it can send on > > malformed mail it could in theory reject or put right. I am of the > > opinion this is wrong. > > (b) certain mailservers (including mine, of my own volition) are > > configured to reject such malformed mail on the grounds that it is > > usually spam. I am of the opinion this is right. > > (c) the mailing list software treats this as a bounce, without > > treating the reason as special and letting it simply pass. I am > > of the opinion this is wrong. > > > > (*) usually = at least 995 per mil. > > > > I am happy to read anyone else's opinions on the three points above, > > of course. > >
RE: Bounced messages
Phil Reynolds wrote: > On Tue, 19 May 2020 07:43:14 -0400 > "Rick Cooper" wrote: > >> I occasionally get emails warning me of bounced mail, this one >> doesn't go through we will send a probe, yada, yada. >> >> They say they include the bounce message but they always look like >> this: --- Enclosed is a copy of the bounce message I received. >> >> Return-Path: <> >> Received: (qmail 21198 invoked for bounce); 8 May 2020 19:58:49 - >> Date: 8 May 2020 19:58:49 - >> From: mailer-dae...@apache.org >> To: users-return-1220...@spamassassin.apache.org >> Subject: failure notice >> >> Which is useless. I also cannot find where the list was every denied >> in the logs. This time I went ahead and the email that would >> retrieve the messages that had bounced and I have every single one >> of them already... Every singled one. >> >> What is up with that? > > I have seen this from time to time on several mailing lists. > > Normally, it is caused by your mailserver rejecting a malformed mail > that has been sent to the list - the list software has accepted it and > not corrected its "non-compliance" - hence your mailserver bounces it. No I would see the reject in the mail logs, and when I requested the bounced messages I had already received all of them. So that was why I wondered why the list server was saying they bounced without a denial and after having had them delivered to my box. > > If you do ever find out about the mail in question, it is usually (*) > spam. > > Unfortunately: > > (a) certain mailing list software is set up so that it can send on > malformed mail it could in theory reject or put right. I am of the > opinion this is wrong. > (b) certain mailservers (including mine, of my own volition) are > configured to reject such malformed mail on the grounds that it is > usually spam. I am of the opinion this is right. > (c) the mailing list software treats this as a bounce, without > treating the reason as special and letting it simply pass. I am > of the opinion this is wrong. > > (*) usually = at least 995 per mil. > > I am happy to read anyone else's opinions on the three points above, > of course.
Re: Bounced messages
On Wed, 20 May 2020 13:09:14 +0100 Phil Reynolds wrote: > On Tue, 19 May 2020 07:43:14 -0400 > "Rick Cooper" wrote: > > This time I went ahead and the email that would retrieve the > > messages that had bounced and I have every single one of them > > already... Every singled one. > > > > What is up with that? > > I have seen this from time to time on several mailing lists. > > Normally, it is caused by your mailserver rejecting a malformed mail > that has been sent to the list The OP said that were received. I've seen this on the getmail list and, like the OP, when I requested they be resent I got duplicates.
Re: Bounced messages
On Tue, 19 May 2020 07:43:14 -0400 "Rick Cooper" wrote: > I occasionally get emails warning me of bounced mail, this one > doesn't go through we will send a probe, yada, yada. > > They say they include the bounce message but they always look like > this: --- Enclosed is a copy of the bounce message I received. > > Return-Path: <> > Received: (qmail 21198 invoked for bounce); 8 May 2020 19:58:49 - > Date: 8 May 2020 19:58:49 - > From: mailer-dae...@apache.org > To: users-return-1220...@spamassassin.apache.org > Subject: failure notice > > Which is useless. I also cannot find where the list was every denied > in the logs. > This time I went ahead and the email that would retrieve the messages > that had bounced and I have every single one of them already... Every > singled one. > > What is up with that? I have seen this from time to time on several mailing lists. Normally, it is caused by your mailserver rejecting a malformed mail that has been sent to the list - the list software has accepted it and not corrected its "non-compliance" - hence your mailserver bounces it. If you do ever find out about the mail in question, it is usually (*) spam. Unfortunately: (a) certain mailing list software is set up so that it can send on malformed mail it could in theory reject or put right. I am of the opinion this is wrong. (b) certain mailservers (including mine, of my own volition) are configured to reject such malformed mail on the grounds that it is usually spam. I am of the opinion this is right. (c) the mailing list software treats this as a bounce, without treating the reason as special and letting it simply pass. I am of the opinion this is wrong. (*) usually = at least 995 per mil. I am happy to read anyone else's opinions on the three points above, of course. -- Phil Reynolds mail: phil-spamassas...@tinsleyviaduct.com
Re: shortcircuit internal mail
Thanks for the reply.
John Hardin writes:
> On Tue, 19 May 2020, micah anderson wrote:
>
>> The final stage I thought would be short-circuited, because it was
>> relayed through our internal network, and we already do spam filtering
>> at the list server stage, we don't want to do it again.
>
> Nope. SA scans whatever you give it to scan, and that is driven by the
> MTA. All you can do in SA is tune the scoring behavior.
Indeed, you are right. I had a fundamental misunderstanding in the
architecture.
>> Is there a way I can actually short-circuit this?
One way, which isn't particularly great, is to do something like this:
# if it comes from our list server, we don't want to scan it again
describe __LOCAL_OUR_LISTS Was delivered to our lists
priority __LOCAL_OUR_LISTS -100
header __LOCAL_OUR_LISTSDelivered-To =~ /\@lists\.example\.com/
shortcircuit __LOCAL_OUR_LISTS on
of course someone can forge the Delivered-To, there are some other list
specific headers that could also be found as well.
> Configure the second internal MTA to entirely skip passing the message to
> SA for messages received from the first internal-only MTA, which has
> already scanned them.
>
> You'll need to provide more-specific information about which MTA you're
> using before we can provide more-specific advice than that.
That is an interesting idea, I'm running postfix, and doing the
following in master.cf right now:
dovecot unix- n n - - pipe
flags=DRhu user=mail argv=/usr/bin/spamc --connect-retries=1 -H -d 10.0.1.90
-s 1024 -t 100 -u ${recipient} -e /usr/lib/dovecot/dovecot-lda -f ${sender}
-d ${user}@${domain}
and dovecot is a virtual_transport.
> Also be aware: "short-circuit" in the SA context doesn't *quite* mean what
> you're asking.
Yeah, I am aware... it still fires up all of spamassassin and begins
processing, but at least with the priority level high, it should
determine things quickly and bail out.
--
micah
