Hi to all,
Due to a missconfiguration of my postfix I received an email which was not locally delivered. The postfix tries to send back the notification every time, but this notification is also rejected by the other host.
The original email:
Mar 16 04:07:27 linz postfix/smtpd[11405]: connect from unknown[62.77.58.234]
Mar 16 04:07:50 linz postfix/smtpd[11405]: warning: 234.58.77.62.ipwhois.rfc-ignorant.org: RBL lookup error: Host or domain name not found. Name service error for name=234.58.77.62.ipwhois.rfc-ignorant.org type=A: Host not found, try again
Mar 16 04:07:54 linz postfix/smtpd[11405]: NOQUEUE: reject: RCPT from unknown[62.77.58.234]: 504 <c015836-srv7>: Helo command rejected: need fully-qualified hostname; from=
The Friday 2005-03-18 at 12:07 +0200, Andrei Bintintan wrote:
Due to a missconfiguration of my postfix I received an email which was not locally delivered. The postfix tries to send back the notification every time, but this notification is also rejected by the other host.
The original email:
Mar 16 04:07:27 linz postfix/smtpd[11405]: connect from unknown[62.77.58.234] Mar 16 04:07:50 linz postfix/smtpd[11405]: warning: 234.58.77.62.ipwhois.rfc-ignorant.org: RBL lookup error: Host or domain name not found. Name service error for name=234.58.77.62.ipwhois.rfc-ignorant.org type=A: Host not found, try again Mar 16 04:07:54 linz postfix/smtpd[11405]: NOQUEUE: reject: RCPT from unknown[62.77.58.234]: 504 <c015836-srv7>: Helo command rejected: need fully-qualified hostname; from=
to= proto=ESMTP helo=<c015836-srv7> Mar 16 04:07:55 linz postfix/smtpd[11405]: disconnect from unknown[62.77.58.234] This is the response that postfix sends from since the original email was rejected...:
Mar 18 11:30:15 linz postfix/smtpd[32135]: connect from unknown[62.77.58.234] Mar 18 11:30:39 linz postfix/smtpd[32135]: NOQUEUE: reject: RCPT from unknown[62.77.58.234]: 450
: Sender address rejected: undeliverable address: host mx2.intelideas.com[217.75.254.201] said: 554 : Relay access denied (in reply to RCPT TO command); from= to= proto=ESMTP helo=<c015836-srv7> Mar 18 11:30:39 linz postfix/smtpd[32135]: disconnect from unknown[62.77.58.234] So, how can I drop/delete this kind of rejected emails? Postfix tries to resend this email for 2 days. I couldn't find this mail in the mail queue.
If the command "mailq" does not show that email, it is not in your system, and postfix is not trying to resend it. It doesn't exist. IMO. What I see from your logs, is, that the first one is rejected because it lacks a fully qualified host name. (The warning above it I don't fully understand). Notice the "NOQUEUE" and that it is rejected at the HELO stage. In the second case, it seems that unknown[62.77.58.234] is trying to relay through your system (sending an email from mail@motograndprix.com to klodoma@ar-sd.net, and you are not ar-sd.net), and postfix rejects him. That is correct. Hold on, you really are "ar-sd.net", are you? Is your machine handling email fro that domain? There are things about your setup i don't know. I think he tried one way, got rejected, and then tried another. Block him in the firewall. Investigate why he is trying to relay through your system, and why your postfix considers an email to you as a relay. -- Cheers, Carlos Robinson
Ok, I didn't explain my problem clear. It is this way:
First a mail from mail@motograndprix.com was sent to klodoma@ar-sd.net. This
email was rejected because I worked in the postfix settings, and I did
something wrong. Due to this reject an email was sent from ar-sd.net to
mail@motograndprix.com to announce this reject. This second email which was
sent from my host(ar-sd.net) is always rejected(relay), but the email was
always resend.
My question was: how can I delete the email from the mail queue after it was
rejected. So that it is not sent anymore.
I think I understanded clearly from the logs what happened. ( I hope so).
Mar 16 04:07:54 linz postfix/smtpd[11405]: NOQUEUE: reject: RCPT from
unknown[62.77.58.234]: 504 <c015836-srv7>: Helo command rejected: need
fully-qualified hostname; from=
The Friday 2005-03-18 at 12:07 +0200, Andrei Bintintan wrote:
Due to a missconfiguration of my postfix I received an email which was not locally delivered. The postfix tries to send back the notification every time, but this notification is also rejected by the other host.
The original email:
Mar 16 04:07:27 linz postfix/smtpd[11405]: connect from unknown[62.77.58.234] Mar 16 04:07:50 linz postfix/smtpd[11405]: warning: 234.58.77.62.ipwhois.rfc-ignorant.org: RBL lookup error: Host or domain name not found. Name service error for name=234.58.77.62.ipwhois.rfc-ignorant.org type=A: Host not found, try again Mar 16 04:07:54 linz postfix/smtpd[11405]: NOQUEUE: reject: RCPT from unknown[62.77.58.234]: 504 <c015836-srv7>: Helo command rejected: need fully-qualified hostname; from=
to= proto=ESMTP helo=<c015836-srv7> Mar 16 04:07:55 linz postfix/smtpd[11405]: disconnect from unknown[62.77.58.234] This is the response that postfix sends from since the original email was rejected...:
Mar 18 11:30:15 linz postfix/smtpd[32135]: connect from unknown[62.77.58.234] Mar 18 11:30:39 linz postfix/smtpd[32135]: NOQUEUE: reject: RCPT from unknown[62.77.58.234]: 450
: Sender address rejected: undeliverable address: host mx2.intelideas.com[217.75.254.201] said: 554 : Relay access denied (in reply to RCPT TO command); from= to= proto=ESMTP helo=<c015836-srv7> Mar 18 11:30:39 linz postfix/smtpd[32135]: disconnect from unknown[62.77.58.234] So, how can I drop/delete this kind of rejected emails? Postfix tries to resend this email for 2 days. I couldn't find this mail in the mail queue.
If the command "mailq" does not show that email, it is not in your system, and postfix is not trying to resend it. It doesn't exist. IMO.
What I see from your logs, is, that the first one is rejected because it lacks a fully qualified host name. (The warning above it I don't fully understand). Notice the "NOQUEUE" and that it is rejected at the HELO stage.
In the second case, it seems that unknown[62.77.58.234] is trying to relay through your system (sending an email from mail@motograndprix.com to klodoma@ar-sd.net, and you are not ar-sd.net), and postfix rejects him. That is correct.
Hold on, you really are "ar-sd.net", are you? Is your machine handling email fro that domain? There are things about your setup i don't know.
I think he tried one way, got rejected, and then tried another. Block him in the firewall. Investigate why he is trying to relay through your system, and why your postfix considers an email to you as a relay.
-- Cheers, Carlos Robinson
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
The Friday 2005-03-18 at 15:57 +0200, Andrei Bintintan wrote:
Ok, I didn't explain my problem clear. It is this way:
First a mail from mail@motograndprix.com was sent to klodoma@ar-sd.net. This email was rejected because I worked in the postfix settings, and I did something wrong. Due to this reject an email was sent from ar-sd.net to mail@motograndprix.com to announce this reject. This second email which was sent from my host(ar-sd.net) is always rejected(relay), but the email was always resend.
Let me see.
My question was: how can I delete the email from the mail queue after it was rejected. So that it is not sent anymore. I think I understanded clearly from the logs what happened. ( I hope so).
If an email is queued, it is shown by the command "mailq". Then, after identifying it, you can delete it with the command: postsuper -d queue_id If, before deleting it, you want to read it, use this command: postcat -q queue_id | less The option "-q" is relatively new, depends on your version you may or may not have it. If you don't, you have to find first the queue location.
Mar 16 04:07:54 linz postfix/smtpd[11405]: NOQUEUE: reject: RCPT from unknown[62.77.58.234]: 504 <c015836-srv7>: Helo command rejected: need fully-qualified hostname; from=
to= proto=ESMTP helo=<c015836-srv7> Mar 16 04:07:55 linz postfix/smtpd[11405]: disconnect from unknown[62.77.58.234] This was ar-sd.net reject due to the missconfiguration of postfix.
Ok. But notice that the email is rejected at the "Helo" stage, i.e, at the very beginning, when it is negotiating the connection. Notice also the "NOQUEUE" token: I understand that is simply not queued in your system. Therefore, your postfix can not create a rejection message and send it back, because it doesn't get to read the contents of the email above: it is rejected before starting. It is the motograndprix server who will be responsible to bounce back that email, not you. That's how I read those two log entries above. If the email was queued somewhere, there would be a log entry saying so.
Then the other server:
Mar 17 04:13:55 linz postfix/cleanup[20674]: 0365722D42: message-id=<20050317021355.0365722D42@ar-sd.net>
This second email (a full day later) is queued as id 0365722D42. mailq should show it, unless already sent.
Mar 17 04:13:55 linz postfix/qmgr[12505]: 0365722D42: from=
, size=243, nrcpt=1 (queue active)
Mar 17 04:13:58 linz postfix/smtp[20678]: 0365722D42: to=
, relay=mx2.intelideas.com[217.75.254.201], delay=3, status=undeliverable (host mx2.intelideas.com[217.75.254.201] said: 554 : Relay access denied (in reply to RCPT TO command))
Ok. This email is attempted to be sent from postmaster@ar-sd.net to mail@motograndprix.com, but using an intermediate relay server, mx2.intelideas.com. I'm not online now, so I can not "whois" it, nor know if they are the MX server for grandprix. You must check why you are relaying through them, if you should do so, and why they reject you if you should be allowed. Perhaps you need to enable authentication.
Mar 17 04:13:58 linz postfix/qmgr[12505]: 0365722D42: removed
That email is removed from the queue. It could appear on another one (bounce? whatever), but I can not check it.
Mar 17 04:14:01 linz postfix/smtpd[20670]: NOQUEUE: reject: RCPT from unknown[62.77.58.234]: 450
: Sender address rejected: undeliverable address: host mx2.intelideas.com[217.75.254.201] said: 554 : Relay access denied (in reply to RCPT TO command); from= to= proto=ESMTP helo=<c015836-srv7>
This is more or less the same as the first one, with a different reason. I'm confused about this one. You receive from "unknown" an email from mail@motograndprix.com to klodoma@ar-sd.net. The sender address is rejected because it is an "undeliverable address". I don't understand the "Relay access denied" part in this one. It not queued.
Mar 17 04:14:01 linz postfix/smtpd[20670]: disconnect from unknown[62.77.58.234]
I don't think you have multiple resending attempts of the same email. I think they are different emails being bounced and rejected to and fro. At least, that is what I gather from the small information I have. -- Cheers, Carlos Robinson
On Friday, March 18, 2005 10:12 am, Carlos E. R. wrote:
This was ar-sd.net reject due to the missconfiguration of postfix.
Ok. But notice that the email is rejected at the "Helo" stage, i.e, at the very beginning, when it is negotiating the connection. Notice also the "NOQUEUE" token: I understand that is simply not queued in your system.
FWIW, we no longer use HELO checks to filter spam; there are too many misconfigured email systems and MUAs out there, and HELO checks wind up dropping too much legitimate email. Best regards, Mark -- _________________________________________________________ A Message From... L. Mark Stone Reliable Networks of Maine, LLC "We manage your network so you can manage your business." 477 Congress Street Portland, ME 04101 Tel: (207) 772-5678 Web: http://www.rnome.com
The Friday 2005-03-18 at 10:24 -0500, L. Mark Stone wrote:
FWIW, we no longer use HELO checks to filter spam; there are too many misconfigured email systems and MUAs out there, and HELO checks wind up dropping too much legitimate email.
But that's the point or moment to reject an email based on not fully qualified or inexistent "from" domains, isn't it? -- Cheers, Carlos Robinson
participants (3)
-
Andrei Bintintan
-
Carlos E. R.
-
L. Mark Stone