[Postfixbuch-users] Bounce statt Reject bei nicht vorhandenem Empfänger
Michael Koehler
postfixbuch-users at makomi.de
Mi Jul 15 09:32:14 CEST 2015
Hallo,
ich habe bei meinem Server folgendes Problem: Ich bekomme Emails an die
Adresse wordpress at controlc.de gesendet - die Email-Adresse gibt es aber
bei mir nicht. Ich bin der Meinung, dass auch nicht bekannte Empfänger
abgelehnt werden. Hier erst einmal den Logeintrag:
------
Jul 15 01:18:54 mail postfix/smtpd[17136]: connect from
hcp2-mail.webkazan.ru[5.9.71.21]
Jul 15 01:18:54 mail postfix/smtpd[17136]: Anonymous TLS connection
established from hcp2-mail.webkazan.ru[5.9.71.21]: TLSv1.2 with cipher
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jul 15 01:18:54 mail postgrey[776]: action=pass, reason=triplet found,
client_name=hcp2-mail.webkazan.ru, client_address=5.9.71.21,
recipient=wordpress at controlc.de
Jul 15 01:18:54 mail postfix/smtpd[17136]: NOQUEUE:
client=hcp2-mail.webkazan.ru[5.9.71.21]
Jul 15 01:18:54 mail amavis[3991]: (03991-08) ESMTP [::1]:10024
/var/lib/amavis/tmp/amavis-20150714T142624-03991-ZhAJlcAk: <> ->
<wordpress at controlc.de> SIZE=3130 BODY=8BITMIME Received: from
mail.controlc.de ([IPv6:::1]) by localhost (mail.controlc.de [IPv6:::1])
(amavisd-new, port 10024) with ESMTP for <wordpress at controlc.de>; Wed,
15 Jul 2015 01:18:54 +0200 (CEST)
Jul 15 01:18:54 mail amavis[3991]: (03991-08) Checking: 4TfOupfg7G3R
[5.9.71.21] <> -> <wordpress at controlc.de>
Jul 15 01:18:56 mail postfix/amavisd-feed-smtpd/smtpd[17144]: connect
from localhost[127.0.0.1]
Jul 15 01:18:56 mail postfix/amavisd-feed-smtpd/smtpd[17144]:
9EC4AE0E16: client=localhost[127.0.0.1]
Jul 15 01:18:56 mail postfix/cleanup[17149]: 9EC4AE0E16: info: header
Subject: Undelivered Mail Returned to Sender from localhost[127.0.0.1];
from=<> to=<wordpress at controlc.de> proto=ESMTP helo=<localhost>
Jul 15 01:18:56 mail postfix/cleanup[17149]: 9EC4AE0E16:
message-id=<20150714231824.D90A3662FDBD at hcp2-mail.webkazan.ru>
Jul 15 01:18:56 mail postfix/cleanup[17149]: 9EC4AE0E16: info: header
Subject: Re:Oh my god she is from localhost[127.0.0.1]; from=<>
to=<wordpress at controlc.de> proto=ESMTP helo=<localhost>
Jul 15 01:18:56 mail postfix/amavisd-feed-smtpd/smtpd[17144]: disconnect
from localhost[127.0.0.1]
Jul 15 01:18:56 mail postfix/qmgr[30856]: 9EC4AE0E16: from=<>,
size=4133, nrcpt=1 (queue active)
Jul 15 01:18:56 mail amavis[3991]: (03991-08) 4TfOupfg7G3R FWD from <>
-> <wordpress at controlc.de>, BODY=7BIT 250 2.0.0 from
MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9EC4AE0E16
Jul 15 01:18:56 mail amavis[3991]: (03991-08) Passed CLEAN
{RelayedInbound}, [5.9.71.21]:56020 [5.9.71.21] <> ->
<wordpress at controlc.de>, Message-ID:
<20150714231824.D90A3662FDBD at hcp2-mail.webkazan.ru>, mail_id:
4TfOupfg7G3R, Hits: 3.631, size: 3431, queued_as: 9EC4AE0E16, 2307 ms
Jul 15 01:18:56 mail dovecot: lmtp(17156): Connect from local
Jul 15 01:18:56 mail postfix/smtpd[17136]: proxy-accept: END-OF-MESSAGE:
250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as
9EC4AE0E16; from=<> to=<wordpress at controlc.de> proto=ESMTP
helo=<hcp2-mail.webkazan.ru>
Jul 15 01:18:56 mail postfix/smtpd[17136]: disconnect from
hcp2-mail.webkazan.ru[5.9.71.21]
Jul 15 01:18:56 mail postfix/lmtp[17155]: 9EC4AE0E16:
to=<wordpress at controlc.de>,
relay=mail.controlc.de[private/dovecot-lmtp], delay=0.1,
delays=0.05/0/0.01/0.04, dsn=5.1.1, status=bounced (host
mail.controlc.de[private/dovecot-lmtp] said: 550 5.1.1
<wordpress at controlc.de> User doesn't exist: wordpress at controlc.de (in
reply to RCPT TO command))
Jul 15 01:18:56 mail dovecot: lmtp(17156): Disconnect from local:
Successful quit
------
Sollte Postfix nicht viel eher, also bereits vor amavis, die Mail
bereits ablehnen? Und wie kann ich amavis dazu überreden einen
Empfängercheck zu machen - immerhin stecken alle Empfänger in einer
SQL-Datenbank?! Ich finde die Lösung dass erst dovecot die EMail abweist
als unbefriedigend und ressourcenverschwendend.
Viele Grüße,
Michael
postconf -n sagt:
------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_template_file = /etc/postfix/bounce-templates/bounce.de-DE.cf
config_directory = /etc/postfix
header_checks = pcre:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 0
mydestination = localhost
myhostname = mail.controlc.de
mynetworks = 127.0.0.0/8 192.168.0.0/24 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
postscreen_access_list =
permit_mynetworks,regexp:/etc/postfix/postscreen_whitelist
postscreen_dnsbl_action = drop
postscreen_dnsbl_sites = ix.dnsbl.manitu.net*1 dsn.rfc-ignorant.org*1
postscreen_dnsbl_threshold = 2
postscreen_greet_action = drop
postscreen_helo_required = $smtpd_helo_required
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
smtp_tls_CAfile = $smtpd_tls_CAfile
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_exclude_ciphers = RC4, aNULL
smtp_tls_loglevel = 1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_note_starttls_offer = yes
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_data_restrictions = reject_multi_recipient_bounce
reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_proxy_filter = 10024
smtpd_proxy_options = speed_adjust
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated
reject_non_fqdn_sender reject_non_fqdn_recipient
reject_unknown_sender_domain check_recipient_access
hash:/etc/postfix/roleaccount_exceptions check_recipient_access
mysql:/etc/postfix/maps/sql-maintain.cf reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname check_helo_access
pcre:/etc/postfix/helo_checks check_sender_mx_access
cidr:/etc/postfix/bogus_mx check_sender_access
pcre:/etc/postfix/umlaute
reject_unlisted_recipient check_client_access
hash:/etc/postfix/client_whitelist reject_rbl_client
ix.dnsbl.manitu.net
check_policy_service inet:127.0.0.1:60000 permit
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
smtpd_tls_CAfile = /etc/ssl/certs/startssl-ca.pem
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/startssl-sub-cert.pem
smtpd_tls_dh1024_param_file = /etc/postfix/dh_2048.pem
smtpd_tls_dh512_param_file = /etc/postfix/dh_512.pem
smtpd_tls_eecdh_grade = strong
smtpd_tls_exclude_ciphers = RC4, aNULL, EXPORT, LOW
smtpd_tls_key_file = /etc/ssl/private/startssl-key.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
soft_bounce = no
tls_append_default_CA = yes
tls_high_cipherlist =
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
tls_preempt_cipherlist = yes
tls_random_source = dev:/dev/urandom
tls_ssl_options = NO_COMPRESSION
virtual_alias_domains = mysql:/etc/postfix/maps/sql-domain-aliases.cf
virtual_alias_maps = mysql:/etc/postfix/maps/sql-mailboxes-self-aliases.cf,
mysql:/etc/postfix/maps/sql-aliases.cf,
mysql:/etc/postfix/maps/sql-domain-aliases-mailboxes.cf,
mysql:/etc/postfix/maps/sql-catchall-aliases.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/mail
virtual_mailbox_domains = mysql:/etc/postfix/maps/sql-domains.cf
virtual_mailbox_limit = 102400000
virtual_minimum_uid = 5000
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:5000
------
Mehr Informationen über die Mailingliste Postfixbuch-users