postfix-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: how are you stopping this? (mailq full of connection refused)

from Larry Vaden [Permanent Link]
Subject: Re: how are you stopping this? (mailq full of connection refused)
From: "Larry Vaden" <vaden AT texoma DOT net>
To: "Noel Jones" <njones AT megan.vbhcs DOT org>
Date: Sat, 11 Aug 2007 15:07:08 -0500 
On 8/11/07, Noel Jones <njones AT megan.vbhcs DOT org> wrote:
> At 01:51 PM 8/11/2007, Larry Vaden wrote:
> >How are you stopping your mailq from filling with "connection refused."?
>
> By not accepting and bouncing mail addressed to unknown/undeliverable
> recipients, or not bouncing mail classified as spam after it's accepted.
> Which are these?

Thanks for your help.

Me thinks the latter because of

Aug 11 00:06:45 mx1 postfix/smtpd[9656]: NOQUEUE: reject: RCPT from unknown[218.
37.6.153]: 550 5.1.1 <redacted AT texoma DOT net>: Recipient address rejected: 
User un
known; from=<redacted AT hotmail DOT com> to=<redacted AT texoma DOT net> 
proto=SMTP helo=<
hotmail.com>

(enforced by relay_recipients).

If it is the latter, then our amavisd.conf may be in error;  seemingly
relevant (and default) portion:

$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 6.2;  # add 'spam detected' headers at that level
$sa_kill_level_deflt = 6.9;  # triggers spam evasive actions (e.g. blocks mail)
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off
$penpals_bonus_score = 8;    # (no effect without a @storage_sql_dsn database)
$penpals_threshold_high = $sa_kill_level_deflt;  # don't waste time on hi spam

At any rate, a sample of a deferred queue entry is below the sig.

Kind regards/ldv

[root@mx1 defer]# cat ../deferred/F/F350C76C869
CO           3625             607               1               0
      3625T1186749398
996479Acreate_time=1186749398Arewrite_context=remoteA/envelope_id=AM..20070810T123638Z
 AT mx1.texoma DOT 
netSAlog_client_name=mx1.texoma.netAlog_client_address=127.0.0.1A,log_message_origin=mx1.texoma.net[127.0.0.1]Alog_helo_name=localhostAlog_protocol_name=ESMTPAclient_name=mx1.texoma.netA"reverse_client_name=mx1.texoma.netAclient_address=127.0.0.1Ahelo_name=localhostAclient_address_type=2A2dsn_orig_rcpt=rfc822;4inkjets
 AT polsterfindernet DOT comO4inkjets@polsterfindernet.comR4inkjets AT 
polsterfindernet DOT comMN5Received:
from localhost (mx1.texoma.net [127.0.0.1])N6       by mx1.texoma.net
(Postfix) with ESMTP id F350C76C869NK for
<4inkjets AT polsterfindernet DOT com>; Fri, 10 Aug 2007 07:36:38 -0500
(CDT)N<Content-Type: multipart/report; report-type=delivery-status;N*
boundary="----------=_1186749398-24604-4"NContent-Transfer-Encoding:
7bitNMIME-Version: 1.0N?Subject: Considered UNSOLICITED BULK EMAIL,
apparently from youN:In-Reply-To:
<jLgIEBmCzIWEnxTzAWRLLA AT polsterfindernet DOT com>N+Message-ID:
<SS2+W8Ifs78nNF AT mx1.texoma DOT net>NDFrom: "Content-filter at
mx1.texoma.net" <postmaster AT mx1.texoma DOT net>N#To:
<4inkjets AT polsterfindernet DOT com>N+Date: Fri, 10 Aug 2007 07:36:26 -0500
(CDT)NN.This is a multi-part message in MIME format...NN
------------=_1186749398-24604-4N.Content-Type: text/plain;
charset="iso-8859-1"Nontent-Disposition:
inlineNContent-Transfer-Encoding: 7bitNN2A message from
<4inkjets AT polsterfindernet DOT com> to:N-> gustgs AT texoma DOT netNN-was
considered unsolicited bulk e-mail (UBE).NNHOur internal reference
code for your message is 24604-03-20/2+W8Ifs78nNFNNHThe message
carried your return address, so it was either a genuine mailNFfrom
you, or a sender address was faked and your e-mail address abusedNFby
third party, in which case we apologize for undesired
notification.NNEWe do try to minimize backscatter for more prominent
cases of UBE andNAfor infected mail, but for less obvious cases of UBE
some balanceNHbetween losing genuine mail and sending undesired
backscatter is sought,N6and there can be some collateral damage on
both sides.NN6First upstream SMTP client IP address: [64.187.119.66]N
mail.polsterfindernet.comNNAccording to a 'Received:' trace, the
message originated at: [64.187.119.66], NN,Return-Path:
<4inkjets AT polsterfindernet DOT com>N9Message-ID:
<jLgIEBmCzIWEnxTzAWRLLA AT polsterfindernet DOT com>N1Subject: Coupons up to
15% Off Ink & Toner InsideNNDuplicate header field: "Date"NNN"Delivery
of the email was stopped!NN
------------=_1186749398-24604-4N8Content-Type:
message/delivery-status; name="dsn_status"N2Content-Disposition:
inline; filename="dsn_status"NContent-Transfer-Encoding:
7bitN*Content-Description: Delivery error reportNN"Reporting-MTA: dns;
mx1.texoma.netN5Received-From-MTA: smtp; mx1.texoma.net
([127.0.0.1])N3Arrival-Date: Fri, 10 Aug 2007 07:36:26 -0500
(CDT)NN,Original-Recipient: rfc822;gustgs AT texoma DOT netN)Final-Recipien
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SASL config, brian
Next by Date:  Re: commercial milter software doesn't work with postfix, Wietse Venema
Previous by Thread:  Re: how are you stopping this? (mailq full of connection refused), Noel Jones
Next by Thread:  Re: how are you stopping this? (mailq full of connection refused), Noel Jones
Indexes:  [Date] [Thread] [Top] [All Lists]