Skip to main content

centos6 - Bounced mails not reaching postfix




I have postfix and dovecot installed on a Centos 6.4 production (www.bw.co.uk) machine. The intent is to send all system and transactional messages and collect bounces. The email id's that resulted in a bounce are then flagged to prevent site from sending further messages to these id's.



I have the necessary SPF records setup on the DNS and PTR records setup on my hosting providers end. My MX records point to a different mail server where our staff sends and receives email.



My issue is though I have been able to send mail from the production machine I am unable to read bounces using my php snippet. Actually I do not even know if the bounces are reaching the machine!



I have a similar setup on my test (www.st.biz) machine with the same hosting provider the MX, SPF and PTR records are setup in a similar fashion i.e. the MX records point to another mail server where the staff sends and receives mail. On the test machine I am able to read the bounces using the PHP program.



The postfix logs /var/log/maillog on the production machine indicates a single bounce which was not initiated by the php program that send out the transactional messages

Mar 3 03:15:03 bw postfix/smtp[22338]: 09420120CA3: to=, relay=mail.st.in[999.999.999.999]:25, delay=0.9, delays=0.05/0.02/0.43/0.41, dsn=4.7.1, status=deferred (host mail.st.in[999.999.999.999] said: 451 4.7.1 Please try again later (in reply to DATA command))



Any idea what could be wrong?


Answer



Bounces will be returned to the relay system. You must arrange for it to forward the bounces back to your system for processing. It may be simpler to process the bounces on it than getting the bounces forwarded back to your system.



Do use a specific sending email address of the form "donotreploy@example.com". It should be in an appropriate domain or sub-domain for your application.



In normal processing, you can expect some email to remain queued for a long time before being bounced. Normally, this will be in the range of 4 to 7 days.




Some systems will accept the mail before deciding whether to deliver it or not. If they are well behaved you will not see bounces from them as they would risk generating backscatter spam if they did send a bounce message.



EDIT: I would expect your email to be sent using the MX server which appears to be a different server than your web server. (Email sent from www. domains is unusual, and in my experience likely spam.) Using a second domain on the same server to send mail might be more appropriate. Neither of the domains you describe appear to be valid, so I can't verify your configuration.



If you want the bounces to remain on your web server, use it as the MX for itself, or just omit the MX record. Configure a postmaster address that can be used to send information back about configuration issues. Likewise an abuse address is recommended so that abuse reports can be sent to you. Both of these can be forward to users on the MX domain you refer to.


Comments

Post a Comment

Popular posts from this blog

linux - iDRAC6 Virtual Media native library cannot be loaded

When attempting to mount Virtual Media on a iDRAC6 IP KVM session I get the following error: I'm using Ubuntu 9.04 and: $ javaws -version Java(TM) Web Start 1.6.0_16 $ uname -a Linux aud22419-linux 2.6.28-15-generic #51-Ubuntu SMP Mon Aug 31 13:39:06 UTC 2009 x86_64 GNU/Linux $ firefox -version Mozilla Firefox 3.0.14, Copyright (c) 1998 - 2009 mozilla.org On Windows + IE it (unsurprisingly) works. I've just gotten off the phone with the Dell tech support and I was told it is known to work on Linux + Firefox, albeit Ubuntu is not supported (by Dell, that is). Has anyone out there managed to mount virtual media in the same scenario?
Post a Comment
Read more

hp proliant - Smart Array P822 with HBA Mode?

We get an HP DL360 G8 with an Smart Array P822 controller. On that controller will come a HP StorageWorks D2700 . Does anybody know, that it is possible to run the Smart Array P822 in HBA mode? I found only information about the P410i, who can run HBA. If this is not supported, what you think about the LSI 9207-8e controller? Will this fit good in that setup? The Hardware we get is used but all original from HP. The StorageWorks has 25 x 900 GB SAS 10K disks. Because the disks are not new I would like to use only 22 for raid6, and the rest for spare (I need to see if the disk count is optimal or not for zfs). It would be nice if I'm not stick to SAS in future. As OS I would like to install debian stretch with zfs 0.71 as file system and software raid. I have see that hp has an page for debian to. I would like to use hba mode because it is recommend, that zfs know at most as possible about the disk, and I'm independent from the raid controller. For us zfs have many benefits,
Post a Comment
Read more

apache 2.2 - Server Potentially Compromised -- c99madshell

So, low and behold, a legacy site we've been hosting for a client had a version of FCKEditor that allowed someone to upload the dreaded c99madshell exploit onto our web host. I'm not a big security buff -- frankly I'm just a dev currently responsible for S/A duties due to a loss of personnel. Accordingly, I'd love any help you server-faulters could provide in assessing the damage from the exploit. To give you a bit of information: The file was uploaded into a directory within the webroot, "/_img/fck_uploads/File/". The Apache user and group are restricted such that they can't log in and don't have permissions outside of the directory from which we serve sites. All the files had 770 permissions (user rwx, group rwx, other none) -- something I wanted to fix but was told to hold off on as it wasn't "high priority" (hopefully this changes that). So it seems the hackers could've easily executed the script. Now I wasn't able
Post a Comment
Read more