| 1 |
On Mon, May 11, 2015 at 03:31:51PM -0400, Michael Orlitzky wrote: |
| 2 |
> On 05/11/2015 03:29 AM, Eray Aslan wrote: |
| 3 |
> > On Mon, May 11, 2015 at 04:26:01AM +0000, Robin H. Johnson wrote: |
| 4 |
> >> TL;DR: As of May 17, @gentoo.org will drop incoming spammy mail instead of |
| 5 |
> >> delivering it. Speak now or hold your peace. |
| 6 |
> > |
| 7 |
> > Believe me I understand your pain. Been there done that. However, |
| 8 |
> > dropping mail is never a good idea. You are mucking with the |
| 9 |
> > dependebility of the email. |
| 10 |
> Is there some reason a pre-queue filter (with amavisd-new) wouldn't |
| 11 |
> work? Then we could reject the spammy messages (at SMTP time) instead of |
| 12 |
> silently dropping them. |
| 13 |
By drop, I will clarify that they should ideally be rejected at SMTP |
| 14 |
time, not silently dropped. |
| 15 |
|
| 16 |
amavis settings for this in theory are: |
| 17 |
$sa_kill_level_deflt = 20.0; |
| 18 |
$sa_dsn_cutoff_level = 20.0; |
| 19 |
$sa_crediblefrom_dsn_cutoff_level = 20.0; |
| 20 |
$final_virus_destiny = D_REJECT; |
| 21 |
$final_banned_destiny = D_REJECT; |
| 22 |
$final_spam_destiny = D_REJECT; |
| 23 |
|
| 24 |
(The other choices are D_PASS, D_BOUNCE, D_DISCARD) |
| 25 |
D_REJECT is supposed to just reply to the SMTP error. |
| 26 |
|
| 27 |
It's doing that, but it's ALSO sending a NDN, despite amavis settings to |
| 28 |
the contrary. |
| 29 |
|
| 30 |
Here's a quick test, with D_REJECT that show the NDN being sent (and rejected |
| 31 |
since that address was probably faked). |
| 32 |
|
| 33 |
May 11 20:00:45 woodpecker postfix/smtpd[21896]: E83DF34098C: client=unknown[183.93.114.52] |
| 34 |
May 11 20:00:46 woodpecker postfix/cleanup[21836]: E83DF34098C: message-id=<> |
| 35 |
May 11 20:00:46 woodpecker postfix/qmgr[21745]: E83DF34098C: from=<mldmh@××××××.com>, size=5678, nrcpt=1 (queue active) |
| 36 |
May 11 20:00:53 woodpecker amavis[21935]: (21935-01) Blocked SPAM {RejectedInbound}, [183.93.114.52]:4758 [183.93.114.52] <mldmh@××××××.com> -> <$DEVNAME@g.o>, Queue-ID: E83DF34098C, mail_id: 6k-hfYzAtEKp, Hits: 26.004, size: 5678, 6812 ms |
| 37 |
May 11 20:00:53 woodpecker postfix/bounce[21847]: E83DF34098C: sender non-delivery notification: 7ECE534098D |
| 38 |
May 11 20:00:53 woodpecker postfix/cleanup[21754]: 7ECE534098D: message-id=<20150511200053.7ECE534098D@×××××××××××.org> |
| 39 |
May 11 20:00:53 woodpecker postfix/qmgr[21745]: 7ECE534098D: from=<>, size=7622, nrcpt=1 (queue active) |
| 40 |
May 11 20:00:53 woodpecker postfix/qmgr[21745]: E83DF34098C: removed |
| 41 |
May 11 20:00:53 woodpecker postfix/smtp[21837]: E83DF34098C: to=<$DEVNAME@g.o>, relay=127.0.0.1[127.0.0.1]:10024, delay=12, delays=4.8/0/0.01/6.8, dsn=5.7.0, status=bounced (host 127.0.0.1[127.0.0.1] said: 554 5.7.0 Reject, id=21935-01 - spam (in reply to end of DATA command)) |
| 42 |
May 11 20:01:25 woodpecker postfix/qmgr[21745]: 7ECE534098D: removed |
| 43 |
May 11 20:01:25 woodpecker postfix/smtp[21773]: 7ECE534098D: to=<mldmh@××××××.com>, relay=mxbiz1.qq.com[184.105.206.87]:25, delay=32, delays=0/0/30/1, dsn=5.0.0, status=bounced (host mxbiz1.qq.com[184.105.206.87] said: 550 Mail content denied. http://service.mail.qq.com/cgi-bin/help?subtype=1&&id=20022&&no=1000726 (in reply to end of DATA command)) |
| 44 |
|
| 45 |
-- |
| 46 |
Robin Hugh Johnson |
| 47 |
Gentoo Linux: Developer, Infrastructure Lead |
| 48 |
E-Mail : robbat2@g.o |
| 49 |
GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
Archives