Vacation responding to spam

2009-02-20
2013-01-23
  • rick steeves

    rick steeves - 2009-02-20

    Running the 2.3 beta
    Let's say a user, spamtest@example.com, sends mail to a user test222@example.com, which includes the GTUBE sting (guaranteed to make it flag as spam). Test222@example.com has vacation turned on. Test222@example.com received the following mail, with headers:

    Return-Path: <spamtest@example.com>
    Delivered-To: test222+Spam@example.com
    Received: from localhost (example.com [127.0.0.1])
         by example.com (Postfix) with ESMTP id BE51CEFD0B
         for <test222+Spam@example.com>; Fri, 20 Feb 2009 10:21:15 -0500 (EST)
    X-Virus-Scanned: amavisd-new at itmstitle.com
    X-Spam-Flag: YES
    X-Spam-Score: 1000.366
    X-Spam-Level: ****************************************************************
    X-Spam-Status: Yes, score=1000.366 tagged_above=-999 required=4.3
         tests=[ALL_TRUSTED=-1.44, GTUBE=1000, SUBJ_ALL_CAPS=1.806]
    Received: from example.com ([127.0.0.1])
         by localhost (example.com [127.0.0.1]) (amavisd-new, port 10024)
         with ESMTP id 8K6Gqx7TxL5z; Fri, 20 Feb 2009 10:21:15 -0500 (EST)
    Received: from example.com (example.com [127.0.0.1])
         by example.com (Postfix) with ESMTP id 7914FEFCFC
         for <test222@example.com>; Fri, 20 Feb 2009 10:21:15 -0500 (EST)
    Received: from 216.27.12.114
         (SquirrelMail authenticated user spamtest@example.com)
         by example.com with HTTP;
         Fri, 20 Feb 2009 10:21:15 -0500 (EST)
    Message-ID: <250ceda0860d9492b70a55c807d3a3c6.squirrel@example.com>
    Date: Fri, 20 Feb 2009 10:21:15 -0500 (EST)
    Subject: ***SPAM*** SPAM TEST OF RECIPIEINT
    From: spamtest@example.com
    To: test222@example.com
    User-Agent: SquirrelMail/1.4.17
    MIME-Version: 1.0
    Content-Type: text/plain;charset=iso-8859-1
    Content-Transfer-Encoding: 8bit
    X-Priority: 3 (Normal)
    Importance: Normal
      

    It includes all the X-Spam headers appropriately. 

    spamtest@example.com receives the following headers from the autoreply indicating that test222 is on vacation, where I think it should instead not reply to mail flagged as spam.

    Return-Path: <test222@example.com>
    Delivered-To: spamtest@example.com
    Received: from localhost (example.com [127.0.0.1])
         by example.com (Postfix) with ESMTP id E7AF1EFD09
         for <spamtest@example.com>; Fri, 20 Feb 2009 10:19:17 -0500 (EST)
    X-Virus-Scanned: amavisd-new at itmstitle.com
    X-Spam-Flag: NO
    X-Spam-Score: -1.44
    X-Spam-Level:
    X-Spam-Status: No, score=-1.44 tagged_above=-999 required=4.3
         tests=[ALL_TRUSTED=-1.44]
    Received: from example.com ([127.0.0.1])
         by localhost (example.com [127.0.0.1]) (amavisd-new, port 10024)
         with ESMTP id c8Kzz9s50AKS for <spamtest@example.com>;
         Fri, 20 Feb 2009 10:19:17 -0500 (EST)
    Received: from example.com (example.com [127.0.0.1])
         by example.com (Postfix) with SMTP id 925B4EFCFC
         for <spamtest@example.com>; Fri, 20 Feb 2009 10:19:17 -0500 (EST)
    Subject: Out of Office
    Date: Fri, 20 Feb 2009 10:19:17 -0500
    X-Loop: Postfix Admin Virtual Vacation
    Mime-Version: 1.0
    Precedence: junk
    Content-Type: text/plain; charset=UTF-8
    To: spamtest@example.com
    Content-Transfer-Encoding: base64
    From: test222@example.com
    Message-Id: <20090220151917.925B4EFCFC@example.com>

    That should at least show all the headers.

     
    • Charles

      Charles - 2009-02-21

      Hi Rick,

      In one of your posts to the postfix list, you had said your master.cf entry for vacation was:

      vacation    unix    -   n   n   -   -  pipe
         flags=DRhu   user=vacation   argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}

      But the doc that comes in the 2.3b vacation folder says to use flags=Rq  for the postfixadmin vacation script. Did you try changing these flags?

       
      • rick steeves

        rick steeves - 2009-02-21

        Sadly I know I had it running as Rq and changed it back in 10/2008 for something that was broken, but my notes don't reflect why. Happen to know what all those flags mean?

         
    • rick steeves

      rick steeves - 2009-02-21

      I have now tried this with Rq, ad I get the same results. I send spam to a user on vacation, and get an autorespond.

      I have tried hacking apart the vacation.pl, and manually running it and just fed the headers from the spam email(s) in question to <STDIN> and it does appear to flag it as spam, so I'm still not quite sure what the problem is.

      Rick

       
    • Charles

      Charles - 2009-02-21

      > Sadly I know I had it running as Rq and changed it back in 10/2008 for something that
      > was broken, but my notes don't reflect why. Happen to know what all those flags mean?

      I didn't, but just found out:

      http://www.postfix.org/pipe.8.html

      > I have now tried this with Rq, ad I get the same results. I send spam to a user on vacation,
      > and get an autorespond. 

      When you say you send spam... you mean you send a message that gets the x-spam flag set in the headers by spamassassin?

      > I have tried hacking apart the vacation.pl, and manually running it and just fed the headers
      > from the spam email(s) in question to <STDIN> and it does appear to flag it as spam, so I'm
      > still not quite sure what the problem is.

      I'm not sure what you mean by 'it does appear to flag it as spam'. *What* appears to flag it as spam? Spamassassin? The only question is, is the x-spam header set to yes. If it is, then the vacation message should not be sent.

      I hope one of the postfixadmin devs will chime in here...

       
      • rick steeves

        rick steeves - 2009-02-22

        See my original post for my testing process. Yes, the mail has the  x-spam flag set. (full headers in original post).

        If I manually run that part fo the vacation.pl script, the regexp that's supposed to read the x-spam header appears to correctly read the message and exit() the function correctly.

        Rick

         
    • Charles

      Charles - 2009-02-22

      Ok, so it must be something other than the vacation.pl script that is generating the auto-reply...

      Maybe you have an older version of the vacation script somewhere that is being executed?

      Time for detailed logs of an example transaction, from the incoming message, showing it being passed to spamassassin, and finally showing it being edelivered, then shoing the auto-reply being generated.

      What is doevot -n output? postconf -n output?

       
      • rick steeves

        rick steeves - 2009-02-22

        There is only one vacation.pl on the system, and I've never called it any other way.

        Included: Logs of transaction, headers from received email, headers from vacation mail, dovecot -n, postconf -n, (presuming sourceforge will let me). I've munged the domain names, hopefully all the same way! :-)   the mail clearly gets flagged as spam, and labeled with the recipient_delimiter "+" and "Spam" (user+Spam@domain)

        The log output from the transaction:
        Feb 21 23:53:14 email postfix/smtpd[30318]: connect from email.example.com[127.0.0.1]
        Feb 21 23:53:14 email postfix/smtpd[30318]: D3269EFCD9: client=email.example.com[127.0.0.1]
        Feb 21 23:53:14 email postfix/cleanup[30323]: D3269EFCD9: message-id=<65445adf6518398ea7c8360ab7fc1b34.squirrel@email.example.com>
        Feb 21 23:53:14 email postfix/qmgr[28409]: D3269EFCD9: from=<test222@domain2.example.com>, size=1530, nrcpt=2 (queue active)
        Feb 21 23:53:14 email postfix/smtpd[30318]: disconnect from email.example.com[127.0.0.1]
        Feb 21 23:53:14 email dovecot: imap-login: Login: user=<test222@domain2.example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
        Feb 21 23:53:14 email postfix/smtp[30324]: initializing the client-side TLS engine
        Feb 21 23:53:15 email amavis[27644]: (27644-04) ESMTP::10024 /var/amavis/tmp/amavis-20090221T161658-27644: <test222@domain2.example.com> -> <spamtest#domain2.example.com@autoreply.domain2.example.com>,<spamtest@domain2.example.com> SIZE=1530 BODY=8BITMIME Received: from email.example.com ([127.0.0.1]) by localhost (email.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP; Sat, 21 Feb 2009 23:53:15 -0500 (EST)
        Feb 21 23:53:15 email amavis[27644]: (27644-04) Checking: thLE2r7wpO1p <test222@domain2.example.com> -> <spamtest#domain2.example.com@autoreply.domain2.example.com>,<spamtest@domain2.example.com>
        Feb 21 23:53:15 email postfix/smtpd[30329]: connect from email.example.com[127.0.0.1]
        Feb 21 23:53:15 email postfix/smtpd[30329]: 2D59CEFCE5: client=email.example.com[127.0.0.1]
        Feb 21 23:53:15 email dovecot: IMAP(test222@domain2.example.com): Disconnected: Logged out bytes=1375/166
        Feb 21 23:53:15 email postfix/cleanup[30323]: 2D59CEFCE5: message-id=<65445adf6518398ea7c8360ab7fc1b34.squirrel@email.example.com>
        Feb 21 23:53:15 email postfix/qmgr[28409]: 2D59CEFCE5: from=<test222@domain2.example.com>, size=2010, nrcpt=1 (queue active)
        Feb 21 23:53:15 email postfix/smtpd[30329]: disconnect from email.example.com[127.0.0.1]
        Feb 21 23:53:15 email amavis[27644]: (27644-04) FWD via SMTP: <test222@domain2.example.com> -> <spamtest#domain2.example.com@autoreply.domain2.example.com>,BODY=8BITMIME 250 2.6.0 Ok, id=27644-04, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 2D59CEFCE5
        Feb 21 23:53:15 email postfix/smtpd[30329]: connect from email.example.com[127.0.0.1]
        Feb 21 23:53:15 email postfix/smtpd[30329]: 42659EFCFC: client=email.example.com[127.0.0.1]
        Feb 21 23:53:15 email postfix/cleanup[30323]: 42659EFCFC: message-id=<65445adf6518398ea7c8360ab7fc1b34.squirrel@email.example.com>
        Feb 21 23:53:15 email postfix/qmgr[28409]: 42659EFCFC: from=<test222@domain2.example.com>, size=2227, nrcpt=2 (queue active)
        Feb 21 23:53:15 email postfix/smtpd[30329]: disconnect from email.example.com[127.0.0.1]
        Feb 21 23:53:15 email amavis[27644]: (27644-04) FWD via SMTP: <test222@domain2.example.com> -> <spamtest+Spam@domain2.example.com>,BODY=8BITMIME 250 2.6.0 Ok, id=27644-04, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 42659EFCFC
        Feb 21 23:53:15 email amavis[27644]: (27644-04) Passed SPAM, [216.27.12.114] <test222@domain2.example.com> -> <spamtest#domain2.example.com@autoreply.domain2.example.com>,<spamtest@domain2.example.com>, Message-ID: <65445adf6518398ea7c8360ab7fc1b34.squirrel@email.example.com>, mail_id: thLE2r7wpO1p, Hits: 998.56, size: 1530, queued_as: 2D59CEFCE5/42659EFCFC, 359 ms
        Feb 21 23:53:15 email postfix/smtp[30324]: D3269EFCD9: to=<spamtest#domain2.example.com@autoreply.domain2.example.com>, orig_to=<spamtest@domain2.example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.52, delays=0.11/0.04/0/0.36, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 2D59CEFCE5)
        Feb 21 23:53:15 email postfix/smtp[30324]: D3269EFCD9: to=<spamtest@domain2.example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.52, delays=0.11/0.04/0/0.36, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 2D59CEFCE5)
        Feb 21 23:53:15 email postfix/qmgr[28409]: D3269EFCD9: removed
        Feb 21 23:53:15 email dovecot: imap-login: Login: user=<test222@domain2.example.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
        Feb 21 23:53:15 email dovecot: IMAP(test222@domain2.example.com): Disconnected: Logged out bytes=296/84183
        Feb 21 23:53:15 email deliver(spamtest@domain2.example.com): msgid=<65445adf6518398ea7c8360ab7fc1b34.squirrel@email.example.com>: saved mail to Spam
        Feb 21 23:53:15 email postfix/pipe[30333]: 42659EFCFC: to=<spamtest+Spam@domain2.example.com>, relay=dovecot, delay=0.41, delays=0.09/0.02/0/0.3, dsn=2.0.0, status=sent (delivered via dovecot service)
        Feb 21 23:53:15 email postfix/pipe[30332]: 42659EFCFC: to=<spamtest#domain2.example.com+Spam@autoreply.domain2.example.com>, orig_to=<spamtest+Spam@domain2.example.com>, relay=vacation, delay=0.59, delays=0.09/0.02/0/0.48, dsn=2.0.0, status=sent (delivered via vacation service)
        Feb 21 23:53:15 email postfix/qmgr[28409]: 42659EFCFC: removed
        Feb 21 23:53:15 email postfix/smtpd[30318]: connect from email.example.com[127.0.0.1]
        Feb 21 23:53:15 email postfix/smtpd[30318]: ECEB5EFCD9: client=email.example.com[127.0.0.1]
        Feb 21 23:53:16 email postfix/cleanup[30323]: ECEB5EFCD9: message-id=<20090222045315.ECEB5EFCD9@email.example.com>
        Feb 21 23:53:16 email postfix/qmgr[28409]: ECEB5EFCD9: from=<spamtest@domain2.example.com>, size=714, nrcpt=2 (queue active)
        Feb 21 23:53:16 email postfix/smtpd[30318]: disconnect from email.example.com[127.0.0.1]
        Feb 21 23:53:16 email postfix/pipe[30330]: 2D59CEFCE5: to=<spamtest#domain2.example.com@autoreply.domain2.example.com>, relay=vacation, delay=0.87, delays=0.08/0.01/0/0.79, dsn=2.0.0, status=sent (delivered via vacation service)
        Feb 21 23:53:16 email postfix/qmgr[28409]: 2D59CEFCE5: removed
        Feb 21 23:53:16 email amavis[27643]: (27643-05) ESMTP::10024 /var/amavis/tmp/amavis-20090221T161119-27643: <spamtest@domain2.example.com> -> <test222#domain2.example.com@autoreply.domain2.example.com>,<test222@domain2.example.com> SIZE=714 Received: from email.example.com ([127.0.0.1]) by localhost (email.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP; Sat, 21 Feb 2009 23:53:16 -0500 (EST)
        Feb 21 23:53:16 email amavis[27643]: (27643-05) Checking: kS3mimKCgsKr <spamtest@domain2.example.com> -> <test222#domain2.example.com@autoreply.domain2.example.com>,<test222@domain2.example.com>
        Feb 21 23:53:16 email postfix/smtpd[30329]: connect from email.example.com[127.0.0.1]
        Feb 21 23:53:16 email postfix/smtpd[30329]: 6B903EFCE5: client=email.example.com[127.0.0.1]
        Feb 21 23:53:16 email postfix/cleanup[30323]: 6B903EFCE5: message-id=<20090222045315.ECEB5EFCD9@email.example.com>
        Feb 21 23:53:16 email postfix/qmgr[28409]: 6B903EFCE5: from=<spamtest@domain2.example.com>, size=1193, nrcpt=1 (queue active)
        Feb 21 23:53:16 email postfix/smtpd[30329]: disconnect from email.example.com[127.0.0.1]
        Feb 21 23:53:16 email amavis[27643]: (27643-05) FWD via SMTP: <spamtest@domain2.example.com> -> <test222#domain2.example.com@autoreply.domain2.example.com>,BODY=7BIT 250 2.6.0 Ok, id=27643-05, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 6B903EFCE5
        Feb 21 23:53:16 email postfix/smtpd[30329]: connect from email.example.com[127.0.0.1]
        Feb 21 23:53:16 email postfix/smtpd[30329]: 75607EFCFC: client=email.example.com[127.0.0.1]
        Feb 21 23:53:16 email postfix/cleanup[30323]: 75607EFCFC: message-id=<20090222045315.ECEB5EFCD9@email.example.com>
        Feb 21 23:53:16 email postfix/qmgr[28409]: 75607EFCFC: from=<spamtest@domain2.example.com>, size=1314, nrcpt=2 (queue active)
        Feb 21 23:53:16 email postfix/smtpd[30329]: disconnect from email.example.com[127.0.0.1]
        Feb 21 23:53:16 email amavis[27643]: (27643-05) FWD via SMTP: <spamtest@domain2.example.com> -> <test222@domain2.example.com>,BODY=7BIT 250 2.6.0 Ok, id=27643-05, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 75607EFCFC
        Feb 21 23:53:16 email amavis[27643]: (27643-05) Passed CLEAN, [127.0.0.1] <spamtest@domain2.example.com> -> <test222#domain2.example.com@autoreply.domain2.example.com>,<test222@domain2.example.com>, Message-ID: <20090222045315.ECEB5EFCD9@email.example.com>, mail_id: kS3mimKCgsKr, Hits: -1.44, size: 714, queued_as: 6B903EFCE5/75607EFCFC, 473 ms
        Feb 21 23:53:16 email postfix/smtp[30324]: ECEB5EFCD9: to=<test222#domain2.example.com@autoreply.domain2.example.com>, orig_to=<test222@domain2.example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.57, delays=0.09/0/0/0.48, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 6B903EFCE5)
        Feb 21 23:53:16 email postfix/smtp[30324]: ECEB5EFCD9: to=<test222@domain2.example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.57, delays=0.09/0/0/0.48, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 6B903EFCE5)
        Feb 21 23:53:16 email postfix/qmgr[28409]: ECEB5EFCD9: removed
        Feb 21 23:53:16 email postfix/pipe[30332]: 6B903EFCE5: to=<test222#domain2.example.com@autoreply.domain2.example.com>, relay=vacation, delay=0.23, delays=0.04/0/0/0.19, dsn=2.0.0, status=sent (delivered via vacation service)
        Feb 21 23:53:16 email postfix/qmgr[28409]: 6B903EFCE5: removed
        Feb 21 23:53:16 email postfix/pipe[30330]: 75607EFCFC: to=<test222#domain2.example.com@autoreply.domain2.example.com>, orig_to=<test222@domain2.example.com>, relay=vacation, delay=0.23, delays=0.04/0.01/0/0.17, dsn=2.0.0, status=sent (delivered via vacation service)
        Feb 21 23:53:16 email deliver(test222@domain2.example.com): msgid=<20090222045315.ECEB5EFCD9@email.example.com>: saved mail to INBOX
        Feb 21 23:53:16 email postfix/pipe[30333]: 75607EFCFC: to=<test222@domain2.example.com>, relay=dovecot, delay=0.24, delays=0.04/0.01/0/0.19, dsn=2.0.0, status=sent (delivered via dovecot service)
        Feb 21 23:53:16 email postfix/qmgr[28409]: 75607EFCFC: removed
        Feb 21 23:53:17 email dovecot: imap-login: Login: user=<test222@domain2.example.com>, method=PLAIN, rip=67.223.73.161, lip=192.168.250.80, TLS
        Feb 21 23:53:17 email dovecot: IMAP(test222@domain2.example.com): Disconnected: Logged out bytes=158/3483

        Out of office mesage:
        Return-Path: <spamtest@domain2.example.com>
        Delivered-To: test222@domain2.example.com
        Received: from localhost (email.example.com [127.0.0.1])
             by email.example.com (Postfix) with ESMTP id 75607EFCFC
             for <test222@domain2.example.com>; Sat, 21 Feb 2009 23:53:16 -0500 (EST)
        X-Virus-Scanned: amavisd-new at domain2.example.com
        X-Spam-Flag: NO
        X-Spam-Score: -1.44
        X-Spam-Level:
        X-Spam-Status: No, score=-1.44 tagged_above=-999 required=4.3
             tests=[ALL_TRUSTED=-1.44]
        Received: from email.example.com ([127.0.0.1])
             by localhost (email.example.com [127.0.0.1]) (amavisd-new, port 10024)
             with ESMTP id kS3mimKCgsKr; Sat, 21 Feb 2009 23:53:16 -0500 (EST)
        Received: from email.example.com (email.example.com [127.0.0.1])
             by email.example.com (Postfix) with SMTP id ECEB5EFCD9
             for <test222@domain2.example.com>; Sat, 21 Feb 2009 23:53:15 -0500 (EST)
        Subject: Out of Office
        Date: Sat, 21 Feb 2009 23:53:15 -0500
        X-Loop: Postfix Admin Virtual Vacation
        Mime-Version: 1.0
        Precedence: junk
        Content-Type: text/plain; charset=UTF-8
        To: test222@domain2.example.com
        Content-Transfer-Encoding: base64
        From: spamtest@domain2.example.com
        Message-Id: <20090222045315.ECEB5EFCD9@email.example.com>

        Received original message (clearly flagged as spam)
        Return-Path: <test222@domain2.example.com>
        Delivered-To: spamtest+Spam@domain2.example.com
        Received: from localhost (email.example.com [127.0.0.1])
             by email.example.com (Postfix) with ESMTP id 42659EFCFC
             for <spamtest+Spam@domain2.example.com>; Sat, 21 Feb 2009 23:53:15 -0500 (EST)
        X-Virus-Scanned: amavisd-new at domain2.example.com
        X-Spam-Flag: YES
        X-Spam-Score: 998.56
        X-Spam-Level: ****************************************************************
        X-Spam-Status: Yes, score=998.56 tagged_above=-999 required=4.3
             tests=[ALL_TRUSTED=-1.44, GTUBE=1000]
        Received: from email.example.com ([127.0.0.1])
             by localhost (email.example.com [127.0.0.1]) (amavisd-new, port 10024)
             with ESMTP id thLE2r7wpO1p; Sat, 21 Feb 2009 23:53:15 -0500 (EST)
        Received: from email.example.com (email.example.com [127.0.0.1])
             by email.example.com (Postfix) with ESMTP id D3269EFCD9
             for <spamtest@domain2.example.com>; Sat, 21 Feb 2009 23:53:14 -0500 (EST)
        Received: from 216.27.12.114
             (SquirrelMail authenticated user test222@domain2.example.com)
             by email.example.com with HTTP;
             Sat, 21 Feb 2009 23:53:14 -0500 (EST)
        Message-ID: <65445adf6518398ea7c8360ab7fc1b34.squirrel@email.example.com>
        Date: Sat, 21 Feb 2009 23:53:14 -0500 (EST)
        Subject: ***SPAM*** Test with GTUBE
        From: test222@domain2.example.com
        To: spamtest@domain2.example.com
        User-Agent: SquirrelMail/1.4.17
        MIME-Version: 1.0
        Content-Type: text/plain;charset=iso-8859-1
        Content-Transfer-Encoding: 8bit
        X-Priority: 3 (Normal)
        Importance: Normal

        dovecot -n
        # 1.1.8: /etc/dovecot.conf
        # OS: Linux 2.6.18-92.el5 i686 Red Hat Enterprise Linux Server release 5.2 (Tikanga) ext3
        ssl_cert_file: /etc/httpd/certs/email_example_com.crt
        ssl_key_file: /etc/httpd/certs/email.example.com.key.no.password
        login_dir: /var/run/dovecot/login
        login_executable(default): /usr/libexec/dovecot/imap-login
        login_executable(imap): /usr/libexec/dovecot/imap-login
        login_executable(pop3): /usr/libexec/dovecot/pop3-login
        mail_uid: 1015
        mail_gid: 105
        mail_location: maildir:/var/spool/mail/%d/%n/Maildir
        mail_executable(default): /usr/libexec/dovecot/imap
        mail_executable(imap): /usr/libexec/dovecot/imap
        mail_executable(pop3): /usr/libexec/dovecot/pop3
        mail_plugins(default): quota imap_quota expire trash
        mail_plugins(imap): quota imap_quota expire trash
        mail_plugins(pop3): quota
        mail_plugin_dir(default): /usr/lib/dovecot/imap
        mail_plugin_dir(imap): /usr/lib/dovecot/imap
        mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
        imap_client_workarounds(default): delay-newmail outlook-idle
        imap_client_workarounds(imap): delay-newmail outlook-idle
        imap_client_workarounds(pop3):
        pop3_client_workarounds(default):
        pop3_client_workarounds(imap):
        pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
        dict_db_config: /etc/dovecot-db.conf
        auth default:
          mechanisms: plain login
          passdb:
            driver: sql
            args: /etc/dovecot-sql.conf
          userdb:
            driver: passwd
          userdb:
            driver: sql
            args: /etc/dovecot-sql.conf
          userdb:
            driver: static
          socket:
            type: listen
            client:
              path: /var/spool/postfix/private/auth
              mode: 432
              user: postfix
              group: postfix
            master:
              path: /var/run/dovecot/auth-master
              mode: 384
              user: vuser
              group: vuser
        plugin:
          quota: maildir
          quota_rule: *:storage=102400000
          quota_rule2: Trash:storage=100M
          trash: /etc/dovecot-trash.conf
          expire: Trash 14 Trash/* 14 Spam 14
          expire_dict: proxy::expire

        postfix -n
        alias_database = hash:/etc/aliases
        alias_maps = hash:/etc/aliases
        bounce_queue_lifetime = 3d
        bounce_size_limit = 50000
        bounce_template_file = /etc/postfix/bounce.cf
        command_directory = /usr/sbin
        config_directory = /etc/postfix
        content_filter = amavisd-new:[127.0.0.1]:10024
        daemon_directory = /usr/libexec/postfix
        debug_peer_level = 2
        default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason}
        delay_warning_time = 4h
        disable_vrfy_command = yes
        header_checks = pcre:/etc/postfix/header_checks
        home_mailbox = Maildir/
        html_directory = /var/www/html/postfix
        mail_owner = postfix
        mailq_path = /usr/bin/mailq
        manpage_directory = /usr/share/man
        maximal_queue_lifetime = 3d
        message_size_limit = 30720000
        mime_header_checks = pcre:/etc/postfix/mime_header_checks
        mydestination = localhost $myhostname
        mydomain = example.com
        myhostname = email.example.com
        myorigin = domain2.example.com
        newaliases_path = /usr/bin/newaliases
        queue_directory = /var/spool/postfix
        readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
        recipient_delimiter = +
        sendmail_path = /usr/sbin/sendmail
        setgid_group = postdrop
        show_user_unknown_table_name = no
        smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
        smtp_tls_loglevel = 2
        smtp_use_tls = yes
        smtpd_client_connection_rate_limit = 30
        smtpd_client_restrictions =
        smtpd_data_restrictions = reject_multi_recipient_bounce
        smtpd_helo_required = yes
        smtpd_recipient_restrictions = reject_non_fqdn_recipient    reject_non_fqdn_sender    reject_unknown_sender_domain     permit_mynetworks    permit_sasl_authenticated    check_client_access hash:/etc/postfix/agencies    reject_unauth_destination    check_client_access hash:/etc/postfix/access    check_helo_access pcre:/etc/postfix/helo_checks    reject_rbl_client zen.spamhaus.org     reject_rbl_client dnsbl.sorbs.net    reject_rbl_client bl.spamcop.net        reject_rbl_client cbl.abuseat.org
        smtpd_sasl_auth_enable = yes
        smtpd_sasl_path = /var/spool/postfix/private/auth
        smtpd_sasl_security_options = noanonymous
        smtpd_sasl_type = dovecot
        smtpd_sender_restrictions = reject_unknown_sender_domain     check_sender_access hash:/etc/postfix/access
        smtpd_tls_cert_file = /etc/httpd/certs/email_example_com.crt
        smtpd_tls_key_file = /etc/httpd/certs/email.example.com.key.no.password
        smtpd_tls_loglevel = 1
        smtpd_tls_security_level = may
        tls_random_source = dev:/dev/urandom
        transport_maps = hash:/etc/postfix/transport
        unknown_local_recipient_reject_code = 550
        virtual_alias_domains =
        virtual_alias_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_alias_maps.cf
        virtual_gid_maps = static:105
        virtual_mailbox_base = /var/spool/mail
        virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/mysql_virtual_domains_maps.cf
        virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mysql_virtual_mailbox_maps.cf
        virtual_transport = dovecot
        virtual_uid_maps = static:1015

         
    • Charles

      Charles - 2009-02-22

      Ok... this is very confusing because there is more than one message in here...

      You should always just grep the logs and show logs for a single example problem messageID - that makes it much easier to see what is going on, BUT... I found your problem...

      Feb 21 23:53:16 email postfix/pipe[30330]: 75607EFCFC: to=<test222#domain2.example.com@autoreply.domain2.example.com>, orig_to=<test222@domain2.example.com>, relay=vacation, delay=0.23, delays=0.04/0.01/0/0.17, dsn=2.0.0, status=sent (delivered via vacation service)

      Above is the first vacation message delivered via the postfixadmin vacation service, and then:

      Feb 21 23:53:16 email deliver(test222@domain2.example.com): msgid=<20090222045315.ECEB5EFCD9@email.example.com>: saved mail to INBOX
      Feb 21 23:53:16 email postfix/pipe[30333]: 75607EFCFC: to=<test222@domain2.example.com>, relay=dovecot, delay=0.24, delays=0.04/0.01/0/0.19, dsn=2.0.0, status=sent (delivered via dovecot service)

      Here is ANOTHER one delivered via DOVECOT service.

      I'm not sure why dovecot is doing this... oh, wait, you forgot to add this to your main.cf:

      dovecot_destination_recipient_limit = 1

      Actually, I think that will fix it...

      Also, in master.cf you have:

      dovecot unix    -       n       n       -       -      pipe
        flags=DR

      Unless you really do want to preserve the case of ${extension}, the flags should be DRhu

       
      • rick steeves

        rick steeves - 2009-02-22

        What's really interesting is that I DO have
        dovecot_destination_recipient_limit = 1

        in my mail.cf  (direct cut and paste of the line)

        I've noticed before that it doesn't output on postconf -n  . Weird, eh?

        But good observation. Any ideas?

        I do want to preserve the case of the delimiter, so that was intentional :-)  

        Rick

         
    • Charles

      Charles - 2009-02-22

      Bingo.

      This means one of two things...

      1. the main.cf file you are editing is NOT the one that postfix is USING, or...

      2. The value is over-ridden somewhere after the line where you enable it.

      This is why the postfix users list insists on the output of postconf -n - if it isn't shown there, it isn't using it.

      Good luck...

       
      • rick steeves

        rick steeves - 2009-02-22

        What in the world would override it?  It's definitely the correct main.cf. Changes I make are reflected, and there's no other main.cf on the system.  I just revalidated by viewing smtpd_helo_required = yes in postconf -n, changing it to "no", restarting, seeing that it was "no", changing it back to yes, restarting, and seeing that it was now yes.

        And (now) my dovecot_destination_recipient_limit is the last line in main.cf, so I don't think something is overriding it. GRR.

        Well, thanks for finding that as an issue; I'll wander back to the postfix list and see if I can find what's going on.

        Rick

         
    • Charles

      Charles - 2009-02-22

      Oh...

      And this is why I always put all of my customizations to main.cf at the very bottom of main.cf, in a section that starts with:

      ### Begin My Custom Settings

      my custom settings here

      ###End My Custom Settings

      But of course, you'll first need to confirm that you are indeed editing the right file... one way would be to make a change, reload postfix, confirm that change is reflected, then change it back and reload again.

       
    • Charles

      Charles - 2009-02-22

      Also... I just noticed you don't have:

      vacation_destination_recipient_limit = 1

      either...

      ?

       
    • Charles

      Charles - 2009-02-22

      Ok, just saw Wietse's response that these don't show in postconf -n output, and just confirmed that mine don't either (never noticed this before)...

      Oh well, I'm about out of ideas... sorry for all the dead ends...

       
    • rick steeves

      rick steeves - 2009-02-23

      I was thinking his almost has to have something to do with the recipient_delimiter, but if I disable recipient_delimiter in main.cf and amavisd.conf, I still get the vacation response to mail flagged with GTUBE (and thus the x-spam headers).

      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:479 main:: - Script argument SMTP recipient is : 'test222#int.example.com@autoreply.int.example.com' and smtp_sender : 'rsteeves@example.com'
      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:479 main:: - Script argument SMTP recipient is : 'test222#int.example.com@autoreply.int.example.com' and smtp_sender : 'rsteeves@example.com'
      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:505 main:: - Converted autoreply mailbox back to normal style - from test222#int.example.com@autoreply.int.example.com to test222@int.example.com
      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:516 main:: - Email headers have to: '<test222@int.example.com>' and From: '"Rick Steeves" <rsteeves@example.com>'
      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:489 main:: - x-spam-Flag: yes found; exiting

      ^ And right here it exits and yet it keeps going

      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:306 main::find_real_address - Found test222@int.example.com has vacation active
      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:551 main:: - Attempting to send vacation response for: <E265AC6DA349994F9EF439E2F724439F079F8A14@NOFEXCHANGE.int.example.com> to: rsteeves@example.com, test222@int.example.com, test222@int.example.com (test_mode = 0)
      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:364 main::send_vacation_email - Asked to send vacation reply to test222@int.example.com thanks to <E265AC6DA349994F9EF439E2F724439F079F8A14@NOFEXCHANGE.int.example.com>
      2009/02/23 16:53:21 DEBUG> /var/spool/vacation/vacation.pl:376 main::send_vacation_email - Will send vacation response for <E265AC6DA349994F9EF439E2F724439F079F8A14@NOFEXCHANGE.int.example.com>: FROM: test222@int.example.com (orig_to: test222@int.example.com), TO: rsteeves@example.com; VACATION SUBJECT: Out of Office 778 ; VACATION BODY: I will be away from

      2009/02/23 16:53:22 DEBUG> /var/spool/vacation/vacation.pl:401 main::send_vacation_email - Vacation response sent, Mail::Sendmail said : Mail::Sendmail v. 0.79 - Mon Feb 23 16:53:21 2009
      Date: Mon, 23 Feb 2009 16:53:21 -0500
      Server: localhost Port: 25
      From: test222@int.example.com
      Subject: Out of Office 778
      To: rsteeves@example.com

      Result: 250 2.0.0 Ok: queued as E81BDEFEEF

      And delivers the out of office notification.

       
    • GingerDog

      GingerDog - 2009-02-24

      Hi,

      a) Turn on debugging in vacation.pl

      b) What does the log contain - it should print out that it's found X-Spam... in the email.. and bin it.

      thanks
      David.

       
      • rick steeves

        rick steeves - 2009-02-24

        I've identified the problem. Might be worth noting in the install instructions tho.

        When using with amavisd mail flows through postfix > amavis > postfix, and by default each of those postfix instances expands the aliases.

        That means that the first instance of postfix spins off an autoreply address, but then so does the second instance of postfix. the first instance gets passed through amavisd, gets flagged for spam, and dropped. but the second instance expands the alias AFTER amavisd, and thus doesn't get flagged as spam, and then sends the reply.

        To fix this you need to add:
        receive_override_options = no_address_mappings
        to main.cf to prevent the address from being expanded,
        and then ALSO add
        -o receive_override_options=

        to the postfix process taking mail in from amavisd.

        Rick

         
    • GingerDog

      GingerDog - 2009-02-25

      Ah; yes... INSTALL.txt file updated.

      thanks
      David.

       
    • Charles

      Charles - 2009-02-26

      Actually, someone else on the postfix list just responded with what I believe to be a better solution...

      Instead of disabling address mappings globally, then selectively re-enabling them, the suggestion was to selectively disable on the appropriate master.cf entry.

      It sounds cleaner to me too.

      So, Rick, in your case, you would only have needed to add -o receive_override_options=no_address_mappings to the first smtp instance in master.cf, and no mod needed to main.cf.

      Rick... feel like testing this and posting back? I don't use amavisd here or I would...

       
      • rick steeves

        rick steeves - 2009-02-26

        I prefer the config the other way, but I understand the logic. should work.

        Rick
        (it's me in that thread as well :-)  )

         
    • Charles

      Charles - 2009-02-26

      I'm curious as to why...

      Doing it this way requires only one edit to one file and doesn't change any defaults, while the way you did it requires two edits to two different files, one of which changes a default parameter.

       
      • rick steeves

        rick steeves - 2009-02-26

        Because my preference is generally to have apps not do things unless I ask them to.

        It also means putting config for the default instance in master.cf, where I prefer to leave all the config for the default / external instance in main.cf.

        And, perhaps, just because that's how I figured it out.  The Book of postfix also suggests this config if you look hard enough.

        Rick

         

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks