Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

How to extend smtpd_sender_restrictions to DISCARD mail for all recipients if just one matches in a hash table?

555 views
Skip to first unread message

n75...@50mail.com

unread,
Apr 17, 2012, 2:20:40 PM4/17/12
to
Hey!

I finally installed a postfix mail server this past weekend. Pretty
straightforward with the awesome docs! Well, once ya find it all ;-)

In my config, I declared

smtpd_sender_restrictions=check_recipient_access,hash:/etc/postfix/lists/traps

with entries in "/etc/postfix/lists/traps",

b...@domain.com DISCARD

Mail sent to that address appears to be accepted, but really gets
quietly DISCARDed, and processing stops. Like it's supposed to.

If there are additional recipients in the TO: list that are not in the
hash list, they still are delivered. So if there's a mail sent TO: both
"b...@domain.com" and "M...@domain.com" one copy gets accepted for the
"M...@domain.com" recipient.

I want to change the behavior so if ANY of the TO: recipient addresses
are in the hash table the mail is discarded for ALL the recipients,
accpeted & delivered for noone.

With all the flexibility it's gotta be possible. I just can't find the
right topic on the docs for it though.

Got a suggestion for me how to get this done?

Cheers,

Niemh

Jeroen Geilman

unread,
Apr 17, 2012, 2:32:10 PM4/17/12
to
On 2012-04-17 20:20, n75...@50mail.com wrote:
> Hey!
>
> I finally installed a postfix mail server this past weekend. Pretty
> straightforward with the awesome docs! Well, once ya find it all ;-)
>
> In my config, I declared
>
> smtpd_sender_restrictions=check_recipient_access,hash:/etc/postfix/lists/traps

This is incorrect; the format is described clearly as:

smtpd_sender_restrictions=check_recipient_access
hash:/etc/postfix/lists/traps

> with entries in "/etc/postfix/lists/traps",
>
> b...@domain.com DISCARD
>
> Mail sent to that address appears to be accepted, but really gets
> quietly DISCARDed, and processing stops. Like it's supposed to.

No. Do not discard mail unless you have absolutely no alternative.
In this case you provide no arguments for discarding mail; use REJECT
instead.

> If there are additional recipients in the TO: list that are not in the
> hash list, they still are delivered. So if there's a mail sent TO: both
> "b...@domain.com" and "M...@domain.com" one copy gets accepted for the
> "M...@domain.com" recipient.

Provide evidence that this happens.

Please see the welcome message you received when joining this list on
how to provide adequate information:

http://www.postfix.org/DEBUG_README.html#mail


--
J.

Noel Jones

unread,
Apr 17, 2012, 3:25:36 PM4/17/12
to
On 4/17/2012 1:20 PM, n75...@50mail.com wrote:
> Hey!
>
> I finally installed a postfix mail server this past weekend. Pretty
> straightforward with the awesome docs! Well, once ya find it all ;-)
>
> In my config, I declared
>
> smtpd_sender_restrictions=check_recipient_access,hash:/etc/postfix/lists/traps
>
> with entries in "/etc/postfix/lists/traps",
>
> b...@domain.com DISCARD
>
> Mail sent to that address appears to be accepted, but really gets
> quietly DISCARDed, and processing stops. Like it's supposed to.
>
> If there are additional recipients in the TO: list that are not in the
> hash list, they still are delivered. So if there's a mail sent TO: both
> "b...@domain.com" and "M...@domain.com" one copy gets accepted for the
> "M...@domain.com" recipient.
>
> I want to change the behavior so if ANY of the TO: recipient addresses
> are in the hash table the mail is discarded for ALL the recipients,
> accpeted & delivered for noone.

The access(5) man page includes, in part:

DISCARD optional text...
Claim successful delivery and silently discard the
message. Log the optional text if specified, oth-
erwise log a generic message.

Note: this action currently affects all recipients
of the message. To discard only one recipient
without discarding the entire message, use the
transport(5) table to direct mail to the discard(8)
service.


So your claim is not supported by the documentation.
http://www.postfix.org/access.5.html

If you wish to make a case that postfix does not behave as
documented, you'll need to provide clear evidence of your claim.

And as food for thought, DISCARD works as documented for me.



-- Noel Jones

n75...@50mail.com

unread,
Apr 17, 2012, 3:55:09 PM4/17/12
to


On Tue, Apr 17, 2012, at 02:25 PM, Noel Jones wrote:
> The access(5) man page includes, in part:
...
> So your claim is not supported by the documentation.
> http://www.postfix.org/access.5.html
>
> If you wish to make a case that postfix does not behave as
> documented, you'll need to provide clear evidence of your claim.

I read the docs. That's where I started. I thought I configured it
right, but I'm not seeing the 'DISCARD for all' happen so I'm asking
here. I'm not making any kind of 'case'. I'm 'claiming' what I'm
seeing.

If I'm misunderstanding something, that's why I'm asking.

I logged into my webmail @myprovider & I sent one test mail

FROM: "n###@###.com"
TO: b...@domain.com, m...@domain.com

For that message send, postfix logs on my end show:

Apr 17 11:52:48 mail postfix/smtpd[23367]: connect from
smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:48 mail postfix/smtpd[23369]: connect from
smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:49 mail postfix/smtpd[23367]: setting up TLS
connection from smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:49 mail postfix/smtpd[23369]: setting up TLS
connection from smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:49 mail postfix/smtpd[23367]: Anonymous TLS
connection established from smtp.myprovider.com[1.2.3.4]: TLSv1
with cipher ADH-AES256-SHA (256/256 bits)
Apr 17 11:52:49 mail postfix/smtpd[23369]: Anonymous TLS
connection established from smtp.myprovider.com[1.2.3.4]: TLSv1
with cipher ADH-AES256-SHA (256/256 bits)
>> Apr 17 11:52:49 mail postfix/smtpd[23369]: NOQUEUE: discard: RCPT from smtp.myprovider.com[1.2.3.4]: <b...@domain.com>: Recipient address triggers DISCARD action; from=<n###@###.com> to=<b...@domain.com> proto=ESMTP helo=<smtp.myprovider.com>
Apr 17 11:52:49 mail postfix/smtpd[23369]: 7D4EA6039A:
client=smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:49 mail postfix/smtpd[23369]: disconnect from
smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:50 mail postfix/smtpd[23367]: 10FED6039A:
client=smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:50 mail postfix/cleanup[23372]: 10FED6039A:
message-id=<9846513213.98464.842...@horde.myprovider.com>
Apr 17 11:52:50 mail postfix/qmgr[18330]: 10FED6039A:
from=<n###@###.com>, size=1903, nrcpt=1 (queue active)
Apr 17 11:52:50 mail postfix/smtpd[23367]: disconnect from
smtp.myprovider.com[1.2.3.4]
Apr 17 11:52:56 mail postfix/smtpd[23391]: connect from
localhost.localdomain[127.0.0.1]
Apr 17 11:52:56 mail postfix/smtpd[23391]: 6B0636039F:
client=localhost.localdomain[127.0.0.1]
Apr 17 11:52:56 mail postfix/cleanup[23372]: 6B0636039F:
message-id=<9846513213.98464.842...@horde.myprovider.com>
Apr 17 11:52:56 mail postfix/qmgr[18330]: 6B0636039F:
from=<n###@###.com>, size=2850, nrcpt=1 (queue active)
Apr 17 11:52:56 mail postfix/smtp[23375]: 10FED6039A:
to=<m...@domain.com>, relay=127.0.0.1[127.0.0.1]:10024,
delay=7.1, delays=0.71/0.01/0.02/6.4, dsn=2.0.0, status=sent
(250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
6B0636039F)
Apr 17 11:52:56 mail postfix/qmgr[18330]: 10FED6039A: removed
>> Apr 17 11:52:56 mail postfix/lmtp[23412]: 6B0636039F: to=<m...@domain.com>, relay=domain.com[10.0.0.1]:7025, delay=0.27, delays=0.12/0.03/0/0.12, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)

It looks to me like it's being handled as two separate transactions
where one gets discarded and one passes through.

Niemh

Brian Evans - Postfix List

unread,
Apr 17, 2012, 4:09:27 PM4/17/12
to
On 4/17/2012 3:55 PM, n75...@50mail.com wrote:
>
> FROM: "n###@###.com"
> TO: b...@domain.com, m...@domain.com
>
> For that message send, postfix logs on my end show:
>
> Apr 17 11:52:48 mail postfix/smtpd[23367]: connect from
> smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:48 mail postfix/smtpd[23369]: connect from
> smtp.myprovider.com[1.2.3.4]

Notice 2 connections.
>
>>> Apr 17 11:52:49 mail postfix/smtpd[23369]: NOQUEUE: discard: RCPT from smtp.myprovider.com[1.2.3.4]: <b...@domain.com>: Recipient address triggers DISCARD action; from=<n###@###.com> to=<b...@domain.com> proto=ESMTP helo=<smtp.myprovider.com>
> Apr 17 11:52:49 mail postfix/smtpd[23369]: 7D4EA6039A:
> client=smtp.myprovider.com[1.2.3.4]

OK queue id 7D4EA6039A from process 22369 triggered the DISCARD action.
Great.

> Apr 17 11:52:49 mail postfix/smtpd[23369]: disconnect from
> smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:50 mail postfix/smtpd[23367]: 10FED6039A:
> client=smtp.myprovider.com[1.2.3.4]

Queue id 10FED6039A was received by 23367

> Apr 17 11:52:50 mail postfix/cleanup[23372]: 10FED6039A:
> message-id=<9846513213.98464.842...@horde.myprovider.com>
> Apr 17 11:52:50 mail postfix/qmgr[18330]: 10FED6039A:
> from=<n###@###.com>, size=1903, nrcpt=1 (queue active)
> Apr 17 11:52:50 mail postfix/smtpd[23367]: disconnect from
> smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:56 mail postfix/smtpd[23391]: connect from
> localhost.localdomain[127.0.0.1]
> Apr 17 11:52:56 mail postfix/smtpd[23391]: 6B0636039F:
> client=localhost.localdomain[127.0.0.1]
> Apr 17 11:52:56 mail postfix/cleanup[23372]: 6B0636039F:
> message-id=<9846513213.98464.842...@horde.myprovider.com>
> Apr 17 11:52:56 mail postfix/qmgr[18330]: 6B0636039F:
> from=<n###@###.com>, size=2850, nrcpt=1 (queue active)
> Apr 17 11:52:56 mail postfix/smtp[23375]: 10FED6039A:
> to=<m...@domain.com>, relay=127.0.0.1[127.0.0.1]:10024,
> delay=7.1, delays=0.71/0.01/0.02/6.4, dsn=2.0.0, status=sent
> (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
> 6B0636039F)

Connection from 23367 after queue filter is now 6B0636039F.

> Apr 17 11:52:56 mail postfix/qmgr[18330]: 10FED6039A: removed
>>> Apr 17 11:52:56 mail postfix/lmtp[23412]: 6B0636039F: to=<m...@domain.com>, relay=domain.com[10.0.0.1]:7025, delay=0.27, delays=0.12/0.03/0/0.12, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
> It looks to me like it's being handled as two separate transactions
> where one gets discarded and one passes through.
>

This is a case of your "provider" trying to be "helpful" and splitting
each recipient into a new message.
The second message does not include the discarded recipient, so Postfix
accepts it.

Noel Jones

unread,
Apr 17, 2012, 4:12:58 PM4/17/12
to
On 4/17/2012 2:55 PM, n75...@50mail.com wrote:
>
>
> On Tue, Apr 17, 2012, at 02:25 PM, Noel Jones wrote:
>> The access(5) man page includes, in part:
> ...
>> So your claim is not supported by the documentation.
>> http://www.postfix.org/access.5.html
>>
>> If you wish to make a case that postfix does not behave as
>> documented, you'll need to provide clear evidence of your claim.
>
> I read the docs. That's where I started. I thought I configured it
> right, but I'm not seeing the 'DISCARD for all' happen so I'm asking
> here. I'm not making any kind of 'case'. I'm 'claiming' what I'm
> seeing.
>
> If I'm misunderstanding something, that's why I'm asking.
>
> I logged into my webmail @myprovider & I sent one test mail
>
> FROM: "n###@###.com"
> TO: b...@domain.com, m...@domain.com
>
> For that message send, postfix logs on my end show:
>
> Apr 17 11:52:48 mail postfix/smtpd[23367]: connect from
> smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:48 mail postfix/smtpd[23369]: connect from
> smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:49 mail postfix/smtpd[23367]: setting up TLS
> connection from smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:49 mail postfix/smtpd[23369]: setting up TLS
> connection from smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:49 mail postfix/smtpd[23367]: Anonymous TLS
> connection established from smtp.myprovider.com[1.2.3.4]: TLSv1
> with cipher ADH-AES256-SHA (256/256 bits)
> Apr 17 11:52:49 mail postfix/smtpd[23369]: Anonymous TLS
> connection established from smtp.myprovider.com[1.2.3.4]: TLSv1
> with cipher ADH-AES256-SHA (256/256 bits)
>>> Apr 17 11:52:49 mail postfix/smtpd[23369]: NOQUEUE: discard: RCPT from smtp.myprovider.com[1.2.3.4]: <b...@domain.com>: Recipient address triggers DISCARD action; from=<n###@###.com> to=<b...@domain.com> proto=ESMTP helo=<smtp.myprovider.com>
> Apr 17 11:52:49 mail postfix/smtpd[23369]: 7D4EA6039A:
> client=smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:49 mail postfix/smtpd[23369]: disconnect from
> smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:50 mail postfix/smtpd[23367]: 10FED6039A:
> client=smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:50 mail postfix/cleanup[23372]: 10FED6039A:
> message-id=<9846513213.98464.842...@horde.myprovider.com>
> Apr 17 11:52:50 mail postfix/qmgr[18330]: 10FED6039A:
> from=<n###@###.com>, size=1903, nrcpt=1 (queue active)
> Apr 17 11:52:50 mail postfix/smtpd[23367]: disconnect from
> smtp.myprovider.com[1.2.3.4]
> Apr 17 11:52:56 mail postfix/smtpd[23391]: connect from
> localhost.localdomain[127.0.0.1]
> Apr 17 11:52:56 mail postfix/smtpd[23391]: 6B0636039F:
> client=localhost.localdomain[127.0.0.1]
> Apr 17 11:52:56 mail postfix/cleanup[23372]: 6B0636039F:
> message-id=<9846513213.98464.842...@horde.myprovider.com>
> Apr 17 11:52:56 mail postfix/qmgr[18330]: 6B0636039F:
> from=<n###@###.com>, size=2850, nrcpt=1 (queue active)
> Apr 17 11:52:56 mail postfix/smtp[23375]: 10FED6039A:
> to=<m...@domain.com>, relay=127.0.0.1[127.0.0.1]:10024,
> delay=7.1, delays=0.71/0.01/0.02/6.4, dsn=2.0.0, status=sent
> (250 2.0.0 from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as
> 6B0636039F)
> Apr 17 11:52:56 mail postfix/qmgr[18330]: 10FED6039A: removed
>>> Apr 17 11:52:56 mail postfix/lmtp[23412]: 6B0636039F: to=<m...@domain.com>, relay=domain.com[10.0.0.1]:7025, delay=0.27, delays=0.12/0.03/0/0.12, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
>
> It looks to me like it's being handled as two separate transactions
> where one gets discarded and one passes through.
>
> Niemh


Looks as if your provider is sending two separate messages. Note
the log line from qmgr (the queue manager) with nrcpt=1 -- that
means the message was submitted with one recipient.

There's not much you can do about that from the receiving end.

It might be tempting to use header_checks to DISCARD the message if
the To: header contains a banned recipient, but that's likely to
bite you in the nether region one day, and not recommended.



-- Noel Jones

n75...@50mail.com

unread,
Apr 17, 2012, 4:24:36 PM4/17/12
to
Brian

On Tue, Apr 17, 2012, at 04:09 PM, Brian Evans - Postfix List wrote:
> > It looks to me like it's being handled as two separate transactions
> > where one gets discarded and one passes through.
>
> This is a case of your "provider" trying to be "helpful" and splitting each recipient into a new message.
> The second message does not include the discarded recipient, so Postfix accepts it.

So those really ARE two separate connections from the outside :-/

That didn't dawn on me as possible or likley. My own server/mailer
never do that. Seems like it'd be work to get it to do that. That
would sure explain it though. Just looking at the postfix logs I didn't
know that that wasn't somehow Postfix doing it as a result of my config.

Unless my helpful provider adds some detectable header info, I guess
that once the recipients are split that Postfix has no way to detect
that the two connections are correlated to one another. So for mail
from this provider I have to live with it unless they fix it.

Do you know if that kind of recipient-splitting is specifically
disallowed by any RFC?

In the meantime I dug up a dusty gmail account and redid the mail send
test to both recipients. This time one connection, one DISCARD, nothing
gets delivered. That's what I hoped for in the first place.

Cheers

Niemh

Wietse Venema

unread,
Apr 17, 2012, 6:08:54 PM4/17/12
to
n75...@50mail.com:
> Do you know if that kind of recipient-splitting is specifically
> disallowed by any RFC?

It is not forbidden, and it is in fact the basis of how qmail works.

Wietse

Benny Pedersen

unread,
Apr 25, 2012, 10:19:58 PM4/25/12
to
Den 2012-04-17 20:20, n75...@50mail.com skrev:

>
> smtpd_sender_restrictions=check_recipient_access,hash:/etc/postfix/lists/traps

,hash

remove the , before hash

this test is not testing To: but only envelope recipient

if you want to test To: then you need header_acccess testing,
milter-regex is made to make this simple

0 new messages