Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Message bounced by administrator
670 views
Skip to first unread message
Nikolaos Milas
Mar 9, 2012, 9:55:36 AM3/9/12
to
Hi,
Today somebody (user1, see below) sent a message from outside to our
org. Our gateway server (Cisco Ironport C-160: mailgw.admin.noa.gr)
received the message which had 9 recipients, of which one in an outside
domain, one in the @astro.noa.gr domain and 7 in the @noa.gr domain.
Those last 8 messages were forwarded to our final Postfix server (2.8.3
on CentOS 5.7 x86_64) for delivery.
The one in the @astro.noa.gr domain(user2)was delivered fine. The other
7 bounced with the message: "5.x.0 - Message bounced by administrator
('000', []) ".
Note that @astro.noa.gr is not treated differently than @noa.gr, nor we
have noticed such a problem again.
{Comment: The time difference is due to non proper time sync on Cisco
Ironport.}
I have not seen something like this. Can somebody please provide some
insight?
Thanks in advance,
Nick
Logs from Postfix (true usernames changed consistently):
Mar 9 04:21:36 vmail postfix/smtpd[16063]: connect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/smtpd[16063]: 535E4C4D1F8: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 535E4C4D1F8: message-id=<69717EF038E74A01B1B77103FAF50F8D@pavillion>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 535E4C4D1F8: from=<us...@noa.gr>, size=19392, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/pipe[16065]: 535E4C4D1F8: to=<us...@astro.noa.gr>, relay=dovecot, delay=0.15, delays=0.086/0.001/0/0.058, dsn=2.0.0, status=sent (delivered via dovecot service)
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 535E4C4D1F8: removed
Mar 9 04:21:36 vmail postfix/smtpd[16069]: connect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/smtpd[16069]: 82EEDC4D1F8: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 82EEDC4D1F8: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 82EEDC4D1F8: from=<>, size=3269, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: 9EC3CC4D215: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 9EC3CC4D215: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 9EC3CC4D215: from=<>, size=3258, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: A8E73C4D234: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: A8E73C4D234: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: A8E73C4D234: from=<>, size=3262, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: B3145C4D264: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: B3145C4D264: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: B3145C4D264: from=<>, size=3264, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: BD551C4D266: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: BD551C4D266: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: BD551C4D266: from=<>, size=3258, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: C76D8C4D26A: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: C76D8C4D26A: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: C76D8C4D26A: from=<>, size=3264, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: D0E6CC4D27B: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: D0E6CC4D27B: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: D0E6CC4D27B: from=<>, size=3273, nrcpt=1 (queue active)
Mar 9 04:21:40 vmail postfix/smtp[16071]: 9EC3CC4D215: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.5, delays=0.024/0.006/3/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292LaYj023447 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: 9EC3CC4D215: removed
Mar 9 04:21:40 vmail postfix/smtp[16060]: 82EEDC4D1F8: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.6, delays=0.1/0.002/3.1/0.42, dsn=2.0.0, status=sent (250 2.0.0 q292LaxN023445 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: 82EEDC4D1F8: removed
Mar 9 04:21:40 vmail postfix/smtp[16072]: A8E73C4D234: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.5, delays=0.025/0.005/3/0.41, dsn=2.0.0, status=sent (250 2.0.0 q292LaCF023449 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: A8E73C4D234: removed
Mar 9 04:21:40 vmail postfix/smtp[16073]: B3145C4D264: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.5, delays=0.024/0.005/3/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292La2Q023451 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: B3145C4D264: removed
Mar 9 04:21:40 vmail postfix/smtp[16074]: BD551C4D266: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.4, delays=0.024/0.005/3/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292La0b023453 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: BD551C4D266: removed
Mar 9 04:21:41 vmail postfix/smtpd[16063]: disconnect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:41 vmail postfix/smtpd[16069]: disconnect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:43 vmail postfix/smtp[16071]: D0E6CC4D27B: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=6.7, delays=0.024/3.2/3.1/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292Lehs023543 Message accepted for delivery)
Mar 9 04:21:43 vmail postfix/qmgr[32594]: D0E6CC4D27B: removed
Mar 9 04:21:43 vmail postfix/smtp[16085]: C76D8C4D26A: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=6.8, delays=0.024/3.3/3.1/0.41, dsn=2.0.0, status=sent (250 2.0.0 q292Leob023544 Message accepted for delivery)
Mar 9 04:21:43 vmail postfix/qmgr[32594]: C76D8C4D26A: removed
Logs from Ironport:
Fri Mar 9 04:22:10 2012 Info: New SMTP ICID 3212319 interface
Management (195.251.204.12) address 83.235.69.15 reverse dns host
chimaera.otenet.gr verified yes
Fri Mar 9 04:22:10 2012 Info: ICID 3212319 ACCEPT SG UNKNOWNLIST match
sbrs[-1.0:10.0] SBRS 4.8
Fri Mar 9 04:22:10 2012 Info: New SMTP ICID 3212320 interface
Management (195.251.204.12) address 83.235.69.15 reverse dns host
chimaera.otenet.gr verified yes
Fri Mar 9 04:22:10 2012 Info: ICID 3212320 ACCEPT SG UNKNOWNLIST match
sbrs[-1.0:10.0] SBRS 4.8
Fri Mar 9 04:22:10 2012 Info: Start MID 991858 ICID 3212319
Fri Mar 9 04:22:10 2012 Info: MID 991858 ICID 3212319 From: <us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: Start MID 991859 ICID 3212320
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 From: <us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991858 ICID 3212319 RID 0 To:
<us...@astro.noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 0 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 1 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 2 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 3 To:
<allu...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991858 Message-ID
'<69717EF038E74A01B1B77103FAF50F8D@pavillion>'
Fri Mar 9 04:22:10 2012 Info: MID 991858 Subject
'=?iso-8859-7?B?UmU6IMXw5d/j7/Xz4SDl8Onz9O/r3iA=?='
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 4 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 5 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 6 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 Message-ID
'<69717EF038E74A01B1B77103FAF50F8D@pavillion>'
Fri Mar 9 04:22:10 2012 Info: MID 991859 Subject
'=?iso-8859-7?B?UmU6IMXw5d/j7/Xz4SDl8Onz9O/r3iA=?='
Fri Mar 9 04:22:10 2012 Info: MID 991858 ready 18912 bytes from
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991858 matched all recipients for
per-recipient policy DEFAULT in the inbound table
Fri Mar 9 04:22:10 2012 Info: ICID 3212319 close
Fri Mar 9 04:22:10 2012 Info: MID 991859 ready 18912 bytes from
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 matched all recipients for
per-recipient policy DEFAULT in the inbound table
Fri Mar 9 04:22:10 2012 Info: ICID 3212320 close
Fri Mar 9 04:22:11 2012 Info: MID 991858 interim verdict using engine:
CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991858 using engine: CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991858 interim AV verdict using
McAfee CLEAN
Fri Mar 9 04:22:11 2012 Info: MID 991858 antivirus negative
Fri Mar 9 04:22:11 2012 Info: MID 991858 queued for delivery
Fri Mar 9 04:22:11 2012 Info: New SMTP DCID 363077 interface
195.251.204.12 address 195.251.204.235 port 25
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363077 MID 991858 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363077 MID 991858 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991858 RID [0] Response '2.0.0 Ok:
queued as 535E4C4D1F8'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991858 done
Fri Mar 9 04:22:11 2012 Info: MID 991859 interim verdict using engine:
CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991859 using engine: CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991859 interim AV verdict using
McAfee CLEAN
Fri Mar 9 04:22:11 2012 Info: MID 991859 antivirus negative
Fri Mar 9 04:22:11 2012 Info: Message aborted MID 991859 Bounced by
content filter block_eaa_aliases in the inbound table
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 0 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991860 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991860 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991860 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991860 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991860 ready 2913 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991860 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 1 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991861 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991861 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991861 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991861 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: New SMTP DCID 363078 interface
195.251.204.12 address 195.251.204.235 port 25
Fri Mar 9 04:22:11 2012 Info: MID 991861 ready 2902 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991861 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 2 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991862 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991862 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991862 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991862 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991862 ready 2906 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991862 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 3 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991863 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991863 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991863 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991863 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991860 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991863 ready 2908 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991863 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 4 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991864 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991864 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991864 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991864 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991864 ready 2902 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991864 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 5 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991865 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991865 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991865 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991865 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991865 ready 2908 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991865 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 6 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991866 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991866 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991866 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991866 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991866 ready 2917 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991866 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991859 done
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991860 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991860 RID [0] Response '2.0.0 Ok:
queued as 82EEDC4D1F8'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991860 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991861 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991861 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991861 RID [0] Response '2.0.0 Ok:
queued as 9EC3CC4D215'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991861 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991862 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991862 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991862 RID [0] Response '2.0.0 Ok:
queued as A8E73C4D234'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991862 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991863 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991863 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991863 RID [0] Response '2.0.0 Ok:
queued as B3145C4D264'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991863 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991864 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991864 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991864 RID [0] Response '2.0.0 Ok:
queued as BD551C4D266'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991864 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991865 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991865 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991865 RID [0] Response '2.0.0 Ok:
queued as C76D8C4D26A'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991865 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991866 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991866 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991866 RID [0] Response '2.0.0 Ok:
queued as D0E6CC4D27B'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991866 done
Fri Mar 9 04:22:12 2012 Info: ICID 3212277 close
# postconf -n
alias_database = hash:/etc/postfix/aliases,
hash:/etc/postfix/aliases.d/virtual_aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
delay_logging_resolution_limit = 3
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4, ipv6
local_header_rewrite_clients = static:all
mail_owner = postfix
mailbox_command = /usr/lib/dovecot/deliver
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 41943040
milter_default_action = accept
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = noa.gr
myhostname = vmail.noa.gr
mynetworks = 195.251.204.0/24, 195.251.202.0/24, 195.251.203.0/24,
194.177.194.0/24, 194.177.195.0/24, 127.0.0.0/8, 195.251.5.0/24,
[2001:648:2011::]/48
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
parent_domain_matches_subdomains =
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
recipient_canonical_maps = hash:/etc/postfix/domainrecipientmap
relay_domains = $mydestination
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sender_canonical_maps = hash:/etc/postfix/domainsendermap
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject
smtpd_delay_reject = yes
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/protected_destinations,
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,
reject_unknown_recipient_domain,reject_unverified_recipient
smtpd_restriction_classes = controlled_senders,allowed_list1
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/pki/tls/certs/chain-180.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/cert-180.pem
smtpd_tls_exclude_ciphers = DES,3DES,MD5,aNULL,AES128,CAMELLIA128
smtpd_tls_key_file = /etc/pki/tls/private/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_preempt_cipherlist = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/aliases,
hash:/etc/postfix/aliases.d/virtual_aliases,
ldap:/etc/postfix/ldap-alias-vacation.cf, ldap:/etc/postfix/ldap-aliases.cf
virtual_gid_maps = static:500
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = $mydomain, space.$mydomain, admin.$mydomain,
nestor.$mydomain, gein.$mydomain, meteo.$mydomain, technet.$mydomain,
astro.$mydomain
virtual_mailbox_limit = 0
virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf
virtual_transport = dovecot
virtual_uid_maps = static:500
Today somebody (user1, see below) sent a message from outside to our
org. Our gateway server (Cisco Ironport C-160: mailgw.admin.noa.gr)
received the message which had 9 recipients, of which one in an outside
domain, one in the @astro.noa.gr domain and 7 in the @noa.gr domain.
Those last 8 messages were forwarded to our final Postfix server (2.8.3
on CentOS 5.7 x86_64) for delivery.
The one in the @astro.noa.gr domain(user2)was delivered fine. The other
7 bounced with the message: "5.x.0 - Message bounced by administrator
('000', []) ".
Note that @astro.noa.gr is not treated differently than @noa.gr, nor we
have noticed such a problem again.
{Comment: The time difference is due to non proper time sync on Cisco
Ironport.}
I have not seen something like this. Can somebody please provide some
insight?
Thanks in advance,
Nick
Logs from Postfix (true usernames changed consistently):
Mar 9 04:21:36 vmail postfix/smtpd[16063]: connect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/smtpd[16063]: 535E4C4D1F8: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 535E4C4D1F8: message-id=<69717EF038E74A01B1B77103FAF50F8D@pavillion>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 535E4C4D1F8: from=<us...@noa.gr>, size=19392, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/pipe[16065]: 535E4C4D1F8: to=<us...@astro.noa.gr>, relay=dovecot, delay=0.15, delays=0.086/0.001/0/0.058, dsn=2.0.0, status=sent (delivered via dovecot service)
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 535E4C4D1F8: removed
Mar 9 04:21:36 vmail postfix/smtpd[16069]: connect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/smtpd[16069]: 82EEDC4D1F8: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 82EEDC4D1F8: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 82EEDC4D1F8: from=<>, size=3269, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: 9EC3CC4D215: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 9EC3CC4D215: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 9EC3CC4D215: from=<>, size=3258, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: A8E73C4D234: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: A8E73C4D234: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: A8E73C4D234: from=<>, size=3262, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: B3145C4D264: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: B3145C4D264: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: B3145C4D264: from=<>, size=3264, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: BD551C4D266: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: BD551C4D266: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: BD551C4D266: from=<>, size=3258, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: C76D8C4D26A: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: C76D8C4D26A: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: C76D8C4D26A: from=<>, size=3264, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/smtpd[16069]: D0E6CC4D27B: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: D0E6CC4D27B: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: D0E6CC4D27B: from=<>, size=3273, nrcpt=1 (queue active)
Mar 9 04:21:40 vmail postfix/smtp[16071]: 9EC3CC4D215: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.5, delays=0.024/0.006/3/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292LaYj023447 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: 9EC3CC4D215: removed
Mar 9 04:21:40 vmail postfix/smtp[16060]: 82EEDC4D1F8: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.6, delays=0.1/0.002/3.1/0.42, dsn=2.0.0, status=sent (250 2.0.0 q292LaxN023445 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: 82EEDC4D1F8: removed
Mar 9 04:21:40 vmail postfix/smtp[16072]: A8E73C4D234: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.5, delays=0.025/0.005/3/0.41, dsn=2.0.0, status=sent (250 2.0.0 q292LaCF023449 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: A8E73C4D234: removed
Mar 9 04:21:40 vmail postfix/smtp[16073]: B3145C4D264: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.5, delays=0.024/0.005/3/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292La2Q023451 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: B3145C4D264: removed
Mar 9 04:21:40 vmail postfix/smtp[16074]: BD551C4D266: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=3.4, delays=0.024/0.005/3/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292La0b023453 Message accepted for delivery)
Mar 9 04:21:40 vmail postfix/qmgr[32594]: BD551C4D266: removed
Mar 9 04:21:41 vmail postfix/smtpd[16063]: disconnect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:41 vmail postfix/smtpd[16069]: disconnect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:43 vmail postfix/smtp[16071]: D0E6CC4D27B: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=6.7, delays=0.024/3.2/3.1/0.4, dsn=2.0.0, status=sent (250 2.0.0 q292Lehs023543 Message accepted for delivery)
Mar 9 04:21:43 vmail postfix/qmgr[32594]: D0E6CC4D27B: removed
Mar 9 04:21:43 vmail postfix/smtp[16085]: C76D8C4D26A: to=<us...@otenet.gr>, orig_to=<us...@noa.gr>, relay=mx.otenet.gr[62.103.147.198]:25, delay=6.8, delays=0.024/3.3/3.1/0.41, dsn=2.0.0, status=sent (250 2.0.0 q292Leob023544 Message accepted for delivery)
Mar 9 04:21:43 vmail postfix/qmgr[32594]: C76D8C4D26A: removed
Logs from Ironport:
Fri Mar 9 04:22:10 2012 Info: New SMTP ICID 3212319 interface
Management (195.251.204.12) address 83.235.69.15 reverse dns host
chimaera.otenet.gr verified yes
Fri Mar 9 04:22:10 2012 Info: ICID 3212319 ACCEPT SG UNKNOWNLIST match
sbrs[-1.0:10.0] SBRS 4.8
Fri Mar 9 04:22:10 2012 Info: New SMTP ICID 3212320 interface
Management (195.251.204.12) address 83.235.69.15 reverse dns host
chimaera.otenet.gr verified yes
Fri Mar 9 04:22:10 2012 Info: ICID 3212320 ACCEPT SG UNKNOWNLIST match
sbrs[-1.0:10.0] SBRS 4.8
Fri Mar 9 04:22:10 2012 Info: Start MID 991858 ICID 3212319
Fri Mar 9 04:22:10 2012 Info: MID 991858 ICID 3212319 From: <us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: Start MID 991859 ICID 3212320
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 From: <us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991858 ICID 3212319 RID 0 To:
<us...@astro.noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 0 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 1 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 2 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 3 To:
<allu...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991858 Message-ID
'<69717EF038E74A01B1B77103FAF50F8D@pavillion>'
Fri Mar 9 04:22:10 2012 Info: MID 991858 Subject
'=?iso-8859-7?B?UmU6IMXw5d/j7/Xz4SDl8Onz9O/r3iA=?='
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 4 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 5 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 ICID 3212320 RID 6 To:
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 Message-ID
'<69717EF038E74A01B1B77103FAF50F8D@pavillion>'
Fri Mar 9 04:22:10 2012 Info: MID 991859 Subject
'=?iso-8859-7?B?UmU6IMXw5d/j7/Xz4SDl8Onz9O/r3iA=?='
Fri Mar 9 04:22:10 2012 Info: MID 991858 ready 18912 bytes from
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991858 matched all recipients for
per-recipient policy DEFAULT in the inbound table
Fri Mar 9 04:22:10 2012 Info: ICID 3212319 close
Fri Mar 9 04:22:10 2012 Info: MID 991859 ready 18912 bytes from
<us...@noa.gr>
Fri Mar 9 04:22:10 2012 Info: MID 991859 matched all recipients for
per-recipient policy DEFAULT in the inbound table
Fri Mar 9 04:22:10 2012 Info: ICID 3212320 close
Fri Mar 9 04:22:11 2012 Info: MID 991858 interim verdict using engine:
CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991858 using engine: CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991858 interim AV verdict using
McAfee CLEAN
Fri Mar 9 04:22:11 2012 Info: MID 991858 antivirus negative
Fri Mar 9 04:22:11 2012 Info: MID 991858 queued for delivery
Fri Mar 9 04:22:11 2012 Info: New SMTP DCID 363077 interface
195.251.204.12 address 195.251.204.235 port 25
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363077 MID 991858 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363077 MID 991858 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991858 RID [0] Response '2.0.0 Ok:
queued as 535E4C4D1F8'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991858 done
Fri Mar 9 04:22:11 2012 Info: MID 991859 interim verdict using engine:
CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991859 using engine: CASE spam negative
Fri Mar 9 04:22:11 2012 Info: MID 991859 interim AV verdict using
McAfee CLEAN
Fri Mar 9 04:22:11 2012 Info: MID 991859 antivirus negative
Fri Mar 9 04:22:11 2012 Info: Message aborted MID 991859 Bounced by
content filter block_eaa_aliases in the inbound table
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 0 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991860 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991860 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991860 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991860 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991860 ready 2913 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991860 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 1 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991861 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991861 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991861 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991861 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: New SMTP DCID 363078 interface
195.251.204.12 address 195.251.204.235 port 25
Fri Mar 9 04:22:11 2012 Info: MID 991861 ready 2902 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991861 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 2 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991862 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991862 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991862 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991862 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991862 ready 2906 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991862 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 3 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991863 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991863 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991863 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991863 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991860 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991863 ready 2908 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991863 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 4 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991864 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991864 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991864 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991864 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991864 ready 2902 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991864 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 5 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991865 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991865 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991865 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991865 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991865 ready 2908 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991865 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Bounced: DCID 0 MID 991859 to RID 6 -
Bounced by destination server with response: 5.x.0 - Message bounced by
administrator ('000', [])
Fri Mar 9 04:22:11 2012 Info: Start MID 991866 ICID 0
Fri Mar 9 04:22:11 2012 Info: MID 991866 was generated for bounce of
MID 991859
Fri Mar 9 04:22:11 2012 Info: MID 991866 ICID 0 From: <>
Fri Mar 9 04:22:11 2012 Info: MID 991866 ICID 0 RID 0 To: <us...@noa.gr>
Fri Mar 9 04:22:11 2012 Info: MID 991866 ready 2917 bytes from <>
Fri Mar 9 04:22:11 2012 Info: MID 991866 queued for delivery
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991859 done
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991860 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991860 RID [0] Response '2.0.0 Ok:
queued as 82EEDC4D1F8'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991860 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991861 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991861 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991861 RID [0] Response '2.0.0 Ok:
queued as 9EC3CC4D215'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991861 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991862 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991862 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991862 RID [0] Response '2.0.0 Ok:
queued as A8E73C4D234'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991862 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991863 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991863 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991863 RID [0] Response '2.0.0 Ok:
queued as B3145C4D264'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991863 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991864 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991864 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991864 RID [0] Response '2.0.0 Ok:
queued as BD551C4D266'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991864 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991865 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991865 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991865 RID [0] Response '2.0.0 Ok:
queued as C76D8C4D26A'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991865 done
Fri Mar 9 04:22:11 2012 Info: Delivery start DCID 363078 MID 991866 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: Message done DCID 363078 MID 991866 to
RID [0]
Fri Mar 9 04:22:11 2012 Info: MID 991866 RID [0] Response '2.0.0 Ok:
queued as D0E6CC4D27B'
Fri Mar 9 04:22:11 2012 Info: Message finished MID 991866 done
Fri Mar 9 04:22:12 2012 Info: ICID 3212277 close
# postconf -n
alias_database = hash:/etc/postfix/aliases,
hash:/etc/postfix/aliases.d/virtual_aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
delay_logging_resolution_limit = 3
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = ipv4, ipv6
local_header_rewrite_clients = static:all
mail_owner = postfix
mailbox_command = /usr/lib/dovecot/deliver
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
message_size_limit = 41943040
milter_default_action = accept
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = noa.gr
myhostname = vmail.noa.gr
mynetworks = 195.251.204.0/24, 195.251.202.0/24, 195.251.203.0/24,
194.177.194.0/24, 194.177.195.0/24, 127.0.0.0/8, 195.251.5.0/24,
[2001:648:2011::]/48
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
parent_domain_matches_subdomains =
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
recipient_canonical_maps = hash:/etc/postfix/domainrecipientmap
relay_domains = $mydestination
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sender_canonical_maps = hash:/etc/postfix/domainsendermap
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject
smtpd_delay_reject = yes
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/protected_destinations,
permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,
reject_unknown_recipient_domain,reject_unverified_recipient
smtpd_restriction_classes = controlled_senders,allowed_list1
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/pki/tls/certs/chain-180.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/cert-180.pem
smtpd_tls_exclude_ciphers = DES,3DES,MD5,aNULL,AES128,CAMELLIA128
smtpd_tls_key_file = /etc/pki/tls/private/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_preempt_cipherlist = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/aliases,
hash:/etc/postfix/aliases.d/virtual_aliases,
ldap:/etc/postfix/ldap-alias-vacation.cf, ldap:/etc/postfix/ldap-aliases.cf
virtual_gid_maps = static:500
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = $mydomain, space.$mydomain, admin.$mydomain,
nestor.$mydomain, gein.$mydomain, meteo.$mydomain, technet.$mydomain,
astro.$mydomain
virtual_mailbox_limit = 0
virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf
virtual_transport = dovecot
virtual_uid_maps = static:500
Reindl Harald
Mar 9, 2012, 10:16:15 AM3/9/12
to
Am 09.03.2012 15:55, schrieb Nikolaos Milas:
> Hi,
>
> Today somebody (user1, see below) sent a message from outside to our org. Our gateway server (Cisco Ironport C-160:
> mailgw.admin.noa.gr) received the message which had 9 recipients, of which one in an outside domain, one in the
> @astro.noa.gr domain and 7 in the @noa.gr domain. Those last 8 messages were forwarded to our final Postfix server
> (2.8.3 on CentOS 5.7 x86_64) for delivery.
>
> The one in the @astro.noa.gr domain(user2)was delivered fine. The other 7 bounced with the message: "5.x.0 -
> Message bounced by administrator ('000', []) "
additionally your postfix log does not contain anything interesting
it seems to be filtered only for lines containing the queue-id
Nikolaos Milas
Mar 9, 2012, 11:35:58 AM3/9/12
to
On 9/3/2012 5:16 μμ, Reindl Harald wrote:
> i doubt this is not a postfix-message
It can't be from anywhere else (as far as I can tell). We are not
> i doubt this is not a postfix-message
running any filters, anti-spam or anti-virus on this Postfix server.
I haven't seen any errors on the associated ldap server (used for user
lookups) either.
I hope Wietse can provide some more info.
> additionally your postfix log does not contain anything interesting
> it seems to be filtered only for lines containing the queue-id
of this message. I have not filtered anything out.
Thanks,
Nick
/dev/rob0
Mar 9, 2012, 11:54:34 AM3/9/12
to
On Fri, Mar 09, 2012 at 06:35:58PM +0200, Nikolaos Milas wrote:
> We are not running any filters, anti-spam or anti-virus on
> this Postfix server.
>
> I haven't seen any errors on the associated ldap server (used
> for user lookups) either.
>
> I hope Wietse can provide some more info.
>
> >additionally your postfix log does not contain anything
> >interesting
This part is true.
> >it seems to be filtered only for lines containing
> >the queue-id
>
> I have copied the whole content from the maillog regarding the
> handling of this message. I have not filtered anything out.
Indeed, you have pasted a complete log which shows no problem in
Postfix. The bounces came from outside, not generated by Postfix.
Your issue is outside Postfix.
--
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
> On 9/3/2012 5:16, Reindl Harald wrote:
>
> >i doubt this is not a postfix-message
>
> It can't be from anywhere else (as far as I can tell).
You said it was Ironport.
>
> >i doubt this is not a postfix-message
>
> It can't be from anywhere else (as far as I can tell).
> We are not running any filters, anti-spam or anti-virus on
> this Postfix server.
>
> I haven't seen any errors on the associated ldap server (used
> for user lookups) either.
>
> I hope Wietse can provide some more info.
>
> >additionally your postfix log does not contain anything
> >interesting
> >it seems to be filtered only for lines containing
> >the queue-id
>
> I have copied the whole content from the maillog regarding the
> handling of this message. I have not filtered anything out.
Postfix. The bounces came from outside, not generated by Postfix.
Your issue is outside Postfix.
--
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Reindl Harald
Mar 9, 2012, 11:59:12 AM3/9/12
to
Am 09.03.2012 17:35, schrieb Nikolaos Milas:
> On 9/3/2012 5:16 μμ, Reindl Harald wrote:
>
>> i doubt this is not a postfix-message
>
> It can't be from anywhere else (as far as I can tell). We are not running any filters,
>
>> i doubt this is not a postfix-message
>
> anti-spam or anti-virus on this Postfix server.
Mar 9 04:21:36 vmail postfix/smtpd[16063]: connect from mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/smtpd[16063]: 535E4C4D1F8: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 535E4C4D1F8: message-id=<69717EF038E74A01B1B77103FAF50F8D@pavillion>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 535E4C4D1F8: from=<us...@noa.gr>, size=19392, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/pipe[16065]: 535E4C4D1F8: to=<us...@astro.noa.gr>, relay=dovecot, delay=0.15,
delays=0.086/0.001/0/0.058, dsn=2.0.0, status=sent (delivered via dovecot service)
shows clearly that the message was received and given to dovecot
Mar 9 04:21:36 vmail postfix/smtpd[16063]: 535E4C4D1F8: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: 535E4C4D1F8: message-id=<69717EF038E74A01B1B77103FAF50F8D@pavillion>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: 535E4C4D1F8: from=<us...@noa.gr>, size=19392, nrcpt=1 (queue active)
Mar 9 04:21:36 vmail postfix/pipe[16065]: 535E4C4D1F8: to=<us...@astro.noa.gr>, relay=dovecot, delay=0.15,
delays=0.086/0.001/0/0.058, dsn=2.0.0, status=sent (delivered via dovecot service)
after that something must happen
Mar 9 04:21:36 vmail postfix/smtpd[16069]: C76D8C4D26A: client=mailgw.admin.noa.gr[195.251.204.12]
Mar 9 04:21:36 vmail postfix/cleanup[16059]: C76D8C4D26A: message-id=<0684c0$u8...@mailgw.admin.noa.gr>
Mar 9 04:21:36 vmail postfix/qmgr[32594]: C76D8C4D26A: from=<>, size=3264, nrcpt=1 (queue active)
you should search the logs there - the machine "vmail" is not responsible
for me it sounds like dovecot is responsible for them after
accepted the messages, sent the bounces to 195.251.204.12
(no idea why - depends on config) and from there they
was simply relayed back to "vmail"
>> additionally your postfix log does not contain anything interesting
>> it seems to be filtered only for lines containing the queue-id
>
> I have copied the whole content from the maillog regarding the handling of this
> message. I have not filtered anything out
but there is no single REJCT line or as mentinoed above you are
>
> I have copied the whole content from the maillog regarding the handling of this
> message. I have not filtered anything out
searhcing in the wrong machines logs, so this machine did not
generate/trigger any bounce
Wietse Venema
Mar 9, 2012, 12:09:48 PM3/9/12
to
Nikolaos Milas:
Wietse
> I hope Wietse can provide some more info.
Negative. The mail is rejected by a non-Postfix machine.
Wietse
0 new messages