AOL relay Postfix problems
Steve J
For the last week one of the servers i'm looking after has been having bad
bounce relay message problems from AOL mail servers thats driving us crazy,
I've tried everything i can think of but theyre still going thru us :-(
The server domain affected is called r-smedia.com
System is FreeBsd 4.00 with Postfix 20010228-p102
In Postfix's config I've enabled:
virtual_maps = hash:/etc/postfix/virtual (with the 48 domains on the server
in the virtual file and postmapped)
smtpd_helo_required = yes
allow_untrusted_routing = no
smtpd_helo_restrictions = permit_mynetworks, reject_unknown_hostname,
reject_invalid_hostname
smtp_recipient_restrictions = permit_mynetworks, check_relay_domains,
reject_unauth_destination
inet_interfaces = $myhostname, localhost
mydestination = $myhostname, localhost.$mydomain, $mydomain
mynetworks = $config_directory/mynetworks
relay_domains = $mydestination
header_checks = hash:/etc/postfix/regexp.table ( with the default example
regexpr.table postmapped)
What is happening is that it appears bounces are getting sent to us by AOL's
mail servers from spam sent out from the domain host2.rsmedia.com (same as
ours but without the - ) which host2 doesn't exist but rsmedia.com does seem
to exist.
When a invalid bounce comes in from AOL, Postfix sends it on to me as i'm
the alias for root and nobody, then postfix proceeds to email every one of
the aol users in the carbon copy field of the bounced spam message.
One of the offending bounces below after its been redirected to me at my
server:
From MAILER-DAEMON Thu Jun 14 00:01:53 2001
Return-Path: <>
Delivered-To: ste...@localhost.ozxrated.com
Received: from r-smedia.r-smedia.com (unknown [209.25.186.2])
by ns1.ozxrated.com (Postfix) with ESMTP id 2103364DF41
for <ste...@ozxrated.com>; Thu, 14 Jun 2001 00:01:50 +0000 (GMT)
Received: by r-smedia.r-smedia.com (Postfix)
id CD43C1CDB; Thu, 14 Jun 2001 05:21:09 +0000 (GMT)
Delivered-To: ste...@r-smedia.r-smedia.com
Received: from omr-r02.mx.aol.com (omr-r02.mx.aol.com [152.163.225.130])
by r-smedia.r-smedia.com (Postfix) with ESMTP id 7D7831CDA
for <nob...@r-smedia.r-smedia.com>; Thu, 14 Jun 2001 05:21:09 +0000 (GMT)
Received: from rly-yc01.mx.aol.com (rly-yc01.mail.aol.com [172.18.149.33])
by omr-r02.mx.aol.com (v77.27) with ESMTP; Thu, 14 Jun 2001 00:59:52 -0400
Received: from localhost (localhost)
by rly-yc01.mx.aol.com (8.8.8/8.8.8/AOL-5.0.0)
with internal id AAB13160;
Thu, 14 Jun 2001 00:59:52 -0400 (EDT)
Date: Thu, 14 Jun 2001 00:59:52 -0400 (EDT)
From: Mail Delivery Subsystem <MAILER...@aol.com>
Message-Id: <2001061404...@rly-yc01.mx.aol.com>
To: <nob...@r-smedia.r-smedia.com>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="AAB13160.992494792/rly-yc01.mx.aol.com"
Subject: Returned mail: User unknown
Auto-Submitted: auto-generated (failure)
This is a MIME-encapsulated message
--AAB13160.992494792/rly-yc01.mx.aol.com
The original message was received at Thu, 14 Jun 2001 00:59:40 -0400 (EDT)
from host2.rsmedia.com [209.25.186.2]
*** ATTENTION ***
Your e-mail is being returned to you because there was a problem with its
delivery. The address which was undeliverable is listed in the section
labeled: "----- The following addresses had permanent fatal errors -----".
The reason your mail is being returned to you is listed in the section
labeled: "----- Transcript of Session Follows -----".
The line beginning with "<<<" describes the specific reason your e-mail
could
not be delivered. The next line contains a second error message which is a
general translation for other e-mail servers.
Please direct further questions regarding this message to your e-mail
administrator.
--AOL Postmaster
----- The following addresses had permanent fatal errors -----
<elbaja...@aol.com>
<elbaja...@aol.com>
<elbaja...@aol.com>
<elb...@aol.com>
----- Transcript of session follows -----
... while talking to air-yc05.mail.aol.com.:
>>> RCPT To:<elb...@aol.com>
<<< 550 MAILBOX NOT FOUND
550 <elb...@aol.com>... User unknown
>>> RCPT To:<elbaja...@aol.com>
<<< 550 MAILBOX NOT FOUND
550 <elbaja...@aol.com>... User unknown
>>> RCPT To:<elbaja...@aol.com>
<<< 550 MAILBOX NOT FOUND
550 <elbaja...@aol.com>... User unknown
>>> RCPT To:<elbaja...@aol.com>
<<< 550 MAILBOX NOT FOUND
550 <elbaja...@aol.com>... User unknown
--AAB13160.992494792/rly-yc01.mx.aol.com
Content-Type: message/delivery-status
Reporting-MTA: dns; rly-yc01.mx.aol.com
Arrival-Date: Thu, 14 Jun 2001 00:59:40 -0400 (EDT)
Final-Recipient: RFC822; elbaja...@aol.com
Action: failed
Status: 2.0.0
Remote-MTA: DNS; air-yc05.mail.aol.com
Diagnostic-Code: SMTP; 250 OK
Last-Attempt-Date: Thu, 14 Jun 2001 00:59:50 -0400 (EDT)
Final-Recipient: RFC822; elbaja...@aol.com
Action: failed
Status: 2.0.0
Remote-MTA: DNS; air-yc05.mail.aol.com
Diagnostic-Code: SMTP; 250 OK
Last-Attempt-Date: Thu, 14 Jun 2001 00:59:50 -0400 (EDT)
Final-Recipient: RFC822; elbaja...@aol.com
Action: failed
Status: 2.0.0
Remote-MTA: DNS; air-yc05.mail.aol.com
Diagnostic-Code: SMTP; 250 OK
Last-Attempt-Date: Thu, 14 Jun 2001 00:59:50 -0400 (EDT)
Final-Recipient: RFC822; elb...@aol.com
Action: failed
Status: 2.0.0
Remote-MTA: DNS; air-yc05.mail.aol.com
Diagnostic-Code: SMTP; 250 OK
Last-Attempt-Date: Thu, 14 Jun 2001 00:59:50 -0400 (EDT)
--AAB13160.992494792/rly-yc01.mx.aol.com
Content-Type: message/rfc822
Received: from r-smedia.r-smedia.com (host2.rsmedia.com [209.25.186.2]) by
rly-yc01.mx.aol.com (v78_r3.8) with ESMTP; Thu, 14 Jun 2001 00:59:39 -0400
Received: by r-smedia.r-smedia.com (Postfix, from userid 65534)
id 5E5B81CDB; Thu, 14 Jun 2001 05:20:11 +0000 (GMT)
To: elba...@aol.com, elbadm...@aol.com, elb...@aol.com,
elbajap...@aol.com, elbajap...@aol.com,
elbaja...@aol.com,
elbaja...@aol.com, elbaja...@aol.com, elb...@aol.com,
elba...@aol.com
From: MakingMone...@yahoo.com ()
Subject: hello
Message-Id: <200106140520...@r-smedia.r-smedia.com>
Date: Thu, 14 Jun 2001 05:20:11 +0000 (GMT)
Below is the result of your feedback form. It was submitted by
(MakingMone...@yahoo.com) on Thursday, June 14, 2001 at 05:20:10
---------------------------------------------------------------------------
<pre : p><font face="Arial" size="2"><HTML><BODY BGCOLOR="#000000"><FONT
COLOR="#ff8000" BACK="#000000" style="BACKGROUND-COLOR: #000000" SIZE=3
PTSIZE=10><B>Own Your Own Risk FREE Home Business, We'll Show You
How!<BR>How Much Money Do You Want To Earn This Week?</FONT><FONT
COLOR="#000000" BACK="#000000" style="BACKGROUND-COLOR: #000000" SIZE=3
PTSIZE=10 FAMILY="SANSSERIF" FACE="Arial" LANG="0"><BR>-<A
HREF="aol://1223:26260/http://www.crempshire.com/members/998744">$500?</A><B
R>-<A
HREF="aol://1223:26260/http://www.crempshire.com/members/998744">$1000?</A><
BR>-<A
HREF="aol://1223:26260/http://www.crempshire.com/members/998744">$2000?</A><
BR>-<A
HREF="aol://1223:26260/http://www.crempshire.com/members/998744">$3000 Or
More?</A><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR></B></FONT></HTML>
---------------------------------------------------------------------------
--AAB13160.992494792/rly-yc01.mx.aol.com--
Excerpt from the server log below when its happening:
Jun 14 09:15:27 r-smedia postfix/smtpd[29552]: connect from
aolmbd03.mx.aol.com[205.188.156.77]
Jun 14 09:15:27 r-smedia postfix/smtpd[29552]: 2FFF11CEC:
client=aolmbd03.mx.aol.com[205.188.156.77]
Jun 14 09:15:27 r-smedia postfix/cleanup[29444]: 2FFF11CEC:
message-id=<2001061408...@rly-yb03.mx.aol.com>
Jun 14 09:15:27 r-smedia postfix/qmgr[29360]: 2FFF11CEC: from=<>, size=6218,
nrcpt=1 (queue active)
Jun 14 09:15:27 r-smedia postfix/cleanup[29444]: A6C601CED:
message-id=<2001061408...@rly-yb03.mx.aol.com>
Jun 14 09:15:27 r-smedia postfix/local[29553]: 2FFF11CEC:
to=<nob...@r-smedia.r-smedia.com>, relay=local, delay=0, status=sent
(forwarded as A6C601CED)
Jun 14 09:15:27 r-smedia postfix/qmgr[29360]: A6C601CED: from=<>, size=6362,
nrcpt=1 (queue active)
Jun 14 09:15:28 r-smedia postfix/smtp[29541]: A6C601CED:
to=<ste...@ozxrated.com>, relay=ozxrated.com[64.152.7.220], delay=1,
status=sent (250 Ok: queued as D928964DF41)
Jun 14 09:15:45 r-smedia postfix/smtpd[29555]: connect from
omr-d02.mx.aol.com[205.188.156.81]
Jun 14 09:15:45 r-smedia postfix/smtpd[29555]: 87F731CEC:
client=omr-d02.mx.aol.com[205.188.156.81]
Jun 14 09:15:45 r-smedia postfix/cleanup[29444]: 87F731CEC:
message-id=<2001061408...@rly-yc02.mx.aol.com>
Jun 14 09:15:45 r-smedia postfix/qmgr[29360]: 87F731CEC: from=<>, size=5802,
nrcpt=1 (queue active)
Jun 14 09:15:45 r-smedia postfix/cleanup[29444]: E71781CED:
message-id=<2001061408...@rly-yc02.mx.aol.com>
Jun 14 09:15:46 r-smedia postfix/local[29553]: 87F731CEC:
to=<nob...@r-smedia.r-smedia.com>, relay=local, delay=1, status=sent
(forwarded as E71781CED)
Jun 14 09:15:46 r-smedia postfix/qmgr[29360]: E71781CED: from=<>, size=5946,
nrcpt=1 (queue active)
Jun 14 09:15:46 r-smedia postfix/smtpd[29555]: disconnect from
omr-d02.mx.aol.com[205.188.156.81]
Jun 14 09:15:47 r-smedia postfix/smtp[29541]: E71781CED:
to=<ste...@ozxrated.com>, relay=ozxrated.com[64.152.7.220], delay=2,
status=sent (250 Ok: queued as 3834564DF41)
Jun 14 09:15:57 r-smedia postfix/smtpd[29552]: disconnect from
aolmbd03.mx.aol.com[205.188.156.77]
Jun 14 09:16:30 r-smedia postfix/pickup[29503]: 8A6C91CED: uid=65534
from=<nobody>
Jun 14 09:16:30 r-smedia postfix/cleanup[29444]: 8A6C91CED:
message-id=<200106140916...@r-smedia.r-smedia.com>
Jun 14 09:16:30 r-smedia postfix/qmgr[29360]: 8A6C91CED:
from=<nob...@r-smedia.r-smedia.com>, size=1955, nrcpt=10 (queue active)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<a16a...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED: to=<ba...@aol.com>,
relay=mailin-02.mx.aol.com[64.12.136.89], delay=2, status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<cade...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<crus...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<sixt...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<sixt...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED: to=<sy...@aol.com>,
relay=mailin-02.mx.aol.com[64.12.136.89], delay=2, status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<urf...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<urf...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Jun 14 09:16:32 r-smedia postfix/smtp[29541]: 8A6C91CED:
to=<urfl...@aol.com>, relay=mailin-02.mx.aol.com[64.12.136.89], delay=2,
status=sent (250 OK)
Steve Judge
-
To unsubscribe, send mail to majo...@postfix.org with content
(not subject): unsubscribe postfix-users
Ralf Hildebrandt
> smtpd_helo_restrictions = permit_mynetworks,
> reject_unknown_hostname,
> reject_invalid_hostname
Wouldn't these be better off in smtpd_recipient_restrictions?
> smtp_recipient_restrictions = permit_mynetworks, check_relay_domains,
> reject_unauth_destination
This is wrong. It must be
a) smtpd_recipient_restrictions
b) reject_unauth_destination after check_relay_domains makes no sense.
Postfix must have told you so in the logs.
> header_checks = hash:/etc/postfix/regexp.table ( with the default example
> regexpr.table postmapped)
You cannot postmap a pcre: or regexp: table. You just postmapped
regexp.table into the type hash: - ouch. SHow the contents!
> What is happening is that it appears bounces are getting sent to us by AOL's
> mail servers from spam sent out from the domain host2.rsmedia.com (same as
> ours but without the - ) which host2 doesn't exist but rsmedia.com does seem
> to exist.
I see.
> When a invalid bounce comes in from AOL, Postfix sends it on to me as i'm
> the alias for root and nobody, then postfix proceeds to email every one of
> the aol users in the carbon copy field of the bounced spam message.
> One of the offending bounces below after its been redirected to me at my
> server:
Why does it come to you? Are you the MX for that domain?
Simply reject mail to host2.rsmedia.com or rsmedia.com
> Excerpt from the server log below when its happening:
> Jun 14 09:15:27 r-smedia postfix/smtpd[29552]: connect from aolmbd03.mx.aol.com[205.188.156.77]
> Jun 14 09:15:27 r-smedia postfix/smtpd[29552]: 2FFF11CEC: client=aolmbd03.mx.aol.com[205.188.156.77]
> Jun 14 09:15:27 r-smedia postfix/cleanup[29444]: 2FFF11CEC: message-id=<2001061408...@rly-yb03.mx.aol.com>
> Jun 14 09:15:27 r-smedia postfix/qmgr[29360]: 2FFF11CEC: from=<>, size=6218, nrcpt=1 (queue active)
> Jun 14 09:15:27 r-smedia postfix/cleanup[29444]: A6C601CED: message-id=<2001061408...@rly-yb03.mx.aol.com>
> Jun 14 09:15:27 r-smedia postfix/local[29553]: 2FFF11CEC: to=<nob...@r-smedia.r-smedia.com>, relay=local, delay=0, status=sent (forwarded as A6C601CED)
I guess your virtual_maps are flawed. SOmething is rewriting the
recipient in a bad way. Also, this might be due to you allowing non-FQ
senders and recipients:
smtpd_helo_restrictions =
reject_unknown_hostname,
reject_invalid_hostname
smtpd_recipient_restrictions =
permit_mynetworks,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
check_recipient_access hash:/etc/postfix/check_recipient_access,
check_relay_domains
and in /etc/postfix/check_recipient_access:
rsmedia.com 554 We don't handle mail for rsmedia.com
host2.rsmedia.com 554 We don't handle mail for rsmedia.com
% postmap check_recipient_access
% postfix reload
--
ralf.hil...@innominate.com innominate AG
Technical Consultant Don't be afraid of what you see -
Diplom-Informatiker be afraid of what you don't see!
tel: +49.(0)7000.POSTFIX fax: +49.(0)30.308806-77
Steve J
I did all the changes below as suggested and our problem is still the same,
postfix is forwarding mail on from bounced AOL messages :-(
at the rate of around 300 to 400 an hour right now.
This system was also running sendmail up until 2 weeks ago when the problem
started and all of these were going straight through sendmail as well :-(
which is why I installed postfix instead.
> You cannot postmap a pcre: or regexp: table. You just postmapped
> regexp.table into the type hash: - ouch. SHow the contents!
Ouch, sorry, I did that out of desperation guessing in the end, its back to
header_checks = regexp:/etc/postfix/regexp.table
below is whats in the regexp.table
/[%!@].*@/ 550 Sender-specified routing rejected
# Postmaster is OK, that way they can talk to us about how to fix their
problem.
/^postmaster@.*$/ OK
# Protect your outgoing majordomo exploders
/^(.*)-outgoing@(.*)$/!/^owner-.*/ 550 Use ${1}@${2} instead
# Block out aol spam
/^host2.rsmedia.com/ 550 REJECT
> > When a invalid bounce comes in from AOL, Postfix sends it on to me as
i'm
> > the alias for root and nobody, then postfix proceeds to email every one
of
> > the aol users in the carbon copy field of the bounced spam message.
> > One of the offending bounces below after its been redirected to me at
my
> > server:
>
> Why does it come to you? Are you the MX for that domain?
> Simply reject mail to host2.rsmedia.com or rsmedia.com
No, we aren't the MX for that domain and have no idea why its coming at us
from AOL.
the only difference in betwen the two of us is the - in the domain name
r-smedia.com - our domain
rsmedia.com - their domain
> I guess your virtual_maps are flawed. SOmething is rewriting the
> recipient in a bad way. Also, this might be due to you allowing non-FQ
> senders and recipients:
we are using the same type of config as a couple of other servers we have ?
example below of the r-smedia map:
r-smedia.com r-smedia.com
@r-smedia.com susies@localhost ste...@ozxrated.com
ste...@r-smedia.com ste...@ozxrated.com
nob...@r-smedia.com ste...@ozxrated.com
> smtpd_helo_restrictions =
> reject_unknown_hostname,
> reject_invalid_hostname
>
> smtpd_recipient_restrictions =
> permit_mynetworks,
> reject_non_fqdn_sender,
> reject_non_fqdn_recipient,
> check_recipient_access hash:/etc/postfix/check_recipient_access,
> check_relay_domains
>
> and in /etc/postfix/check_recipient_access:
>
> rsmedia.com 554 We don't handle mail for rsmedia.com
> host2.rsmedia.com 554 We don't handle mail for rsmedia.com
>
> % postmap check_recipient_access
> % postfix reload
yep, did all of that to no effect,
i've even just added
aol.com 554 we don't handle mail for aol.com
to the check_recipient_access file and rehashed it ?
and the bounces are still flooding in.
How do i put a blanket ban on anything from aol.com
I know it won't fix it but at least it'll give us some breathing space till
we can :-)
Steve Judge
Michael Loftis
something like
/^*@host2.rsmedia.com/ 550 REJECT
Steve J
Yep just did that and theyre still coming in :-(
Steve..
Ralf Hildebrandt
> Thats not quite right ^ mathces the start of the line. you want
> something like
>
> /^*@host2.rsmedia.com/ 550 REJECT
Thats not quite right, * nothing, since ^ matches the start of the
line. you want something like :
/^.*@host2\.rsmedia\.com/ REJECT
--
ralf.hil...@innominate.com innominate AG
Technical Consultant Don't be afraid of what you see -
Diplom-Informatiker be afraid of what you don't see!
tel: +49.(0)7000.POSTFIX fax: +49.(0)30.308806-77
-
Rask Ingemann Lambertsen
> Hello,
> For the last week one of the servers i'm looking after has been having bad
> bounce relay message problems from AOL mail servers thats driving us crazy,
> I've tried everything i can think of but theyre still going thru us :-(
IMHO there is no magic involved here. Someone on host2.rsmedia.com is
spamming AOL users with a sender address of nob...@r-smedia.r-smedia.com, so
obviously you get the joy of handling the bounces.
> When a invalid bounce comes in from AOL, Postfix sends it on to me as i'm
> the alias for root and nobody, then postfix proceeds to email every one of
> the aol users in the carbon copy field of the bounced spam message.
Actually, I believe you have badly fscked up the nobody alias or one of the
addresses it points to. What is in your nobody alias?
> Received: from r-smedia.r-smedia.com (host2.rsmedia.com [209.25.186.2]) by
> rly-yc01.mx.aol.com (v78_r3.8) with ESMTP; Thu, 14 Jun 2001 00:59:39 -0400
> Received: by r-smedia.r-smedia.com (Postfix, from userid 65534)
^^^^^^^^^^^^
> id 5E5B81CDB; Thu, 14 Jun 2001 05:20:11 +0000 (GMT)
There is the offender, injecting the message.
> Jun 14 09:16:30 r-smedia postfix/pickup[29503]: 8A6C91CED: uid=65534 from=<nobody>
And again. Something is resending the message and it is happening in the
nobody alias, which suggests that your nobody alias is broken somehow.
Regards,
Rask Ingemann Lambertsen
--
/¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯\
| Please do NOT Cc: to me or the |
| mailing list. I am on the list.|
furio ercolessi
> On Thu, Jun 14, 2001 at 07:15:27PM +1000, Steve J wrote:
>
> > Received: from r-smedia.r-smedia.com (host2.rsmedia.com [209.25.186.2]) by
> > rly-yc01.mx.aol.com (v78_r3.8) with ESMTP; Thu, 14 Jun 2001 00:59:39 -0400
> > Received: by r-smedia.r-smedia.com (Postfix, from userid 65534)
> ^^^^^^^^^^^^
> > id 5E5B81CDB; Thu, 14 Jun 2001 05:20:11 +0000 (GMT)
>
> There is the offender, injecting the message.
>
> > Jun 14 09:16:30 r-smedia postfix/pickup[29503]: 8A6C91CED: uid=65534 from=<nobody>
>
> And again. Something is resending the message and it is happening in the
> nobody alias, which suggests that your nobody alias is broken somehow.
It could be a message generated by a CGI (or similar) from a web server
running as "nobody" on that system.
furio ercolessi
Spin
Steve J
> IMHO there is no magic involved here. Someone on host2.rsmedia.com is
> spamming AOL users with a sender address of nob...@r-smedia.r-smedia.com,
> so obviously you get the joy of handling the bounces.
yes, its not much fun :-(
> > When a invalid bounce comes in from AOL, Postfix sends it on to me as
i'm
> > the alias for root and nobody, then postfix proceeds to email every one
of
> > the aol users in the carbon copy field of the bounced spam message.
>
> Actually, I believe you have badly fscked up the nobody alias or one of
the
> addresses it points to. What is in your nobody alias?
Ok, in /etc/postfix/virtual/
r-smedia.com r-smedia.com
@r-smedia.com susies@localhost ste...@ozxrated.com
ste...@r-smedia.com ste...@ozxrated.com
nob...@r-smedia.com ste...@ozxrated.com
and in /etc/aliases
# root: m...@my.domain
root: ste...@ozxrated.com
# Basic system aliases -- these MUST be present
MAILER-DAEMON: postmaster
postmaster: root
# General redirections for pseudo accounts
bin: root
daemon: root
games: root
man: root
news: root
nobody: root
operator: root
pop: root
system: root
toor: root
usenet: news
uucp: root
xten: root
Is there anywhere else on the system to configure the nobody alias apart
from the virtual maps and the alias file ?
> > Received: from r-smedia.r-smedia.com (host2.rsmedia.com [209.25.186.2])
by
> > rly-yc01.mx.aol.com (v78_r3.8) with ESMTP; Thu, 14 Jun 2001
00:59:39 -0400
> > Received: by r-smedia.r-smedia.com (Postfix, from userid 65534)
> ^^^^^^^^^^^^
> > id 5E5B81CDB; Thu, 14 Jun 2001 05:20:11 +0000 (GMT)
>
> There is the offender, injecting the message.
>
> > Jun 14 09:16:30 r-smedia postfix/pickup[29503]: 8A6C91CED: uid=65534
from=<nobody>
>
> And again. Something is resending the message and it is happening in the
> nobody alias, which suggests that your nobody alias is broken somehow.
Yes, I agree, which is what i can't figure out, why the nobody alias is
sending out after it gets a bounce message from AOL, then it sends to all of
the CC's in that bounce message ?? weird !
Steve Judge..
Ralf Hildebrandt
> Is there anywhere else on the system to configure the nobody alias apart
> from the virtual maps and the alias file ?
No. But which processes are running as "nobody" on your box?
% ps auxwww| grep nobody
> Yes, I agree, which is what i can't figure out, why the nobody alias is
> sending out after it gets a bounce message from AOL, then it sends to all of
> the CC's in that bounce message ?? weird !
Do you have any cgi's like formmail.pl on your webserver?
--
ralf.hil...@innominate.com innominate AG
Technical Consultant Don't be afraid of what you see -
Diplom-Informatiker be afraid of what you don't see!
tel: +49.(0)7000.POSTFIX fax: +49.(0)30.308806-77
-