Florin Iucha
2007-Oct-31 22:42 UTC
[Logcheck-devel] Bug#448788: postfix/postgrey: "Sender address rejected: " are not filtered out
Package: logcheck-database Version: 1.2.63 Severity: important I am running postfix with postgrey for graylisting and I'm getting tons of : Oct 31 16:20:21 hermes postfix/smtpd[6778]: NOQUEUE: reject: RCPT from $HOST[$IP]: 450 4.2.0 <>: Sender address rejected: Server unavailable. Try again later.; from=<> to=<abqnm$WHATEVER at iucha.net> proto=ESMTP helo=<$HOST> I am getting too many of those with an zero-length from and with abqnm$RANDOM_STRING as the originator, so I suspect it is some clever antispam or open relay testing tool. At any rate, it is generating waay too much noise. Thanks, florin -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- debconf information: logcheck-database/conffile-cleanup: false
Justin Pryzby
2007-Oct-31 23:56 UTC
[Logcheck-devel] Bug#448788: postfix/postgrey: "Sender address rejected: " are not filtered out
On Wed, Oct 31, 2007 at 05:42:50PM -0500, Florin Iucha wrote:> Package: logcheck-database > Version: 1.2.63 > Severity: important > > > I am running postfix with postgrey for graylisting and I'm getting tons > of : > > Oct 31 16:20:21 hermes postfix/smtpd[6778]: NOQUEUE: reject: RCPT from $HOST[$IP]: 450 4.2.0 <>: Sender address rejected: Server unavailable. Try again later.; from=<> to=<abqnm$WHATEVER at iucha.net> proto=ESMTP helo=<$HOST> > > I am getting too many of those with an zero-length from and with > abqnm$RANDOM_STRING as the originator, so I suspect it is some > clever antispam or open relay testing tool. At any rate, it is > generating waay too much noise.That's because the rule is: <[^[:space:]]+>: (Sender|Recipient) address rejected: so it seems that it should be <[^[:space:]]*>: (Sender|Recipient) address rejected: However it's not clear to me why the sender address is being rejected, as <> is not only valid but required to be allowed for bounces. I note that postfix is using <> when I do: "mail from:>" but not giving the "server unavailable" message (instead apparently treating it as the null originator). Can you confirm that DNS on the logcheck/postfix machine(s) is working?
Florin Iucha
2007-Nov-01 00:41 UTC
[Logcheck-devel] Bug#448788: postfix/postgrey: "Sender address rejected: " are not filtered out
On Wed, Oct 31, 2007 at 07:56:55PM -0400, Justin Pryzby wrote:> On Wed, Oct 31, 2007 at 05:42:50PM -0500, Florin Iucha wrote: > > Package: logcheck-database > > Version: 1.2.63 > > Severity: important > > > > > > I am running postfix with postgrey for graylisting and I'm getting tons > > of : > > > > Oct 31 16:20:21 hermes postfix/smtpd[6778]: NOQUEUE: reject: RCPT from $HOST[$IP]: 450 4.2.0 <>: Sender address rejected: Server unavailable. Try again later.; from=<> to=<abqnm$WHATEVER at iucha.net> proto=ESMTP helo=<$HOST> > > > > I am getting too many of those with an zero-length from and with > > abqnm$RANDOM_STRING as the originator, so I suspect it is some > > clever antispam or open relay testing tool. At any rate, it is > > generating waay too much noise. > That's because the rule is: > > <[^[:space:]]+>: (Sender|Recipient) address rejected: > > so it seems that it should be > > <[^[:space:]]*>: (Sender|Recipient) address rejected: > > However it's not clear to me why the sender address is being rejected, > as <> is not only valid but required to be allowed for bounces. I > note that postfix is using <> when I do: "mail from:>" but not giving > the "server unavailable" message (instead apparently treating it as > the null originator). > > Can you confirm that DNS on the logcheck/postfix machine(s) is > working?Yes, it is working fine -- I am sending this message from that very machine. If it helps, here are two examples of messages: ---- cut here --- Oct 31 16:20:21 hermes postfix/smtpd[6778]: NOQUEUE: reject: RCPT from +co01-00511.bcc.de[212.68.65.128]: 450 4.2.0 <>: Sender address rejected: Server +unavailable. Try again later.; from=<> to=<abqnmsul at iucha.net> proto=ESMTP +helo=<co01-00511.bcc.de> Oct 31 16:29:36 hermes postfix/smtpd[6869]: NOQUEUE: reject: RCPT from +mailgw11.hrz.uni-giessen.de[134.176.2.191]: 450 4.2.0 <>: Sender address +rejected: Server unavailable. Try again later.; from=<> +to=<abqnmryorm at iucha.net> proto=ESMTP helo=<mailgw11.hrz.uni-giessen.de> ---- cut here --- I do have about 100 abqnm* messages a day: hermes:/var/log# grep -c abqnm mail.log 96 hermes:/var/log# grep -c abqnm mail.log.0 108 florin -- Bruce Schneier expects the Spanish Inquisition. http://geekz.co.uk/schneierfacts/fact/163 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20071031/c10bfa35/attachment.pgp
Debian Bug Tracking System
2009-Aug-21 15:12 UTC
[Logcheck-devel] Bug#448788: marked as done (postfix/postgrey: "Sender address rejected: " are not filtered out)
Your message dated Fri, 21 Aug 2009 10:57:29 -0400 with message-id <20090821145729.GA27534 at toroia.fbriere.dyndns.org> and subject line Re: Bug#448788: postfix/postgrey: "Sender address rejected: " are not filtered out has caused the Debian Bug report #448788, regarding postfix/postgrey: "Sender address rejected: " are not filtered out to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner at bugs.debian.org immediately.) -- 448788: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448788 Debian Bug Tracking System Contact owner at bugs.debian.org with problems -------------- next part -------------- An embedded message was scrubbed... From: Florin Iucha <florin at iucha.net> Subject: postfix/postgrey: "Sender address rejected: " are not filtered out Date: Wed, 31 Oct 2007 17:42:50 -0500 Size: 2129 URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20090821/0b29aaef/attachment-0002.eml> -------------- next part -------------- An embedded message was scrubbed... From: =?iso-8859-1?B?RnLpZOlyaWMgQnJp6HJl?= <fbriere at fbriere.net> Subject: Re: Bug#448788: postfix/postgrey: "Sender address rejected: " are not filtered out Date: Fri, 21 Aug 2009 10:57:29 -0400 Size: 2833 URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20090821/0b29aaef/attachment-0003.eml>