postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Correction: Persistent mails being received

Correction: Persistent mails being received

From: Sharma, Ashish <ashish.sharma3_at_nospam>
Date: Wed Oct 27 2010 - 11:19:38 GMT
To: postfix users <postfix-users@postfix.org>

There's a correction in my Postfix 'main.cf' settings in the mail below.

-----Original Message-----
From: owner-postfix-users@postfix.org [mailto:owner-postfix-users@postfix.org] On Behalf Of Sharma, Ashish
Sent: Wednesday, October 27, 2010 2:52 PM
To: postfix users
Subject: Persistent mails being received

Hi,

I have a postfix mail server configured as mail receiving server.

The problem that I am facing is that I am receiving same email every 15 second from same sender 'peter**@warwick.net' with same message-ID on my production mail servers, following are my postfix logs:

"Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: connect from webmail.warwick.net[204.255.24.104]
Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: 2EAAF23004C: client=webmail.warwick.net[204.255.24.104]
Oct 25 01:11:02 g2t0433g postfix/cleanup[6579]: 2EAAF23004C: message-id=<CE130ED7-D498-4461-B076-E3B8AB55B462@warwick.net>
Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): webmail.warwick.net [204.255.24.104] not internal Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): not authenticated Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing domain match for `warwick.net'
Oct 25 01:11:02 g2t0433g opendkim[17677]: (unknown-jobid): no signing subdomain match for `warwick.net'
Oct 25 01:11:02 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: from=<peter**@warwick.net>, size=1987, nrcpt=1 (queue active) Oct 25 01:11:02 g2t0433g postfix/smtpd[6497]: disconnect from webmail.warwick.net[204.255.24.104]
Oct 25 01:11:03 g2t0433g amavis[6492]: (06492-09) Passed CLEAN, [204.255.24.104] [204.255.24.104] <peter**@warwick.net> -> <775eejom36ebi@xxx.com>, Message-ID: <CE130ED7-D498-4461-B076-E3B8AB55B462@warwick.net>, mail_id: rJ8M8oQHBzWt, Hits: 1.104, size: 2234, queued_as: 250 Ok, 946 ms Oct 25 01:11:03 g2t0433g postfix/lmtp[6585]: 2EAAF23004C: to=<775eejom36ebi@xxx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.6/0/0.01/0.95, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=06492-09, from MTA([127.0.0.1]:10030): 250 Ok) Oct 25 01:11:03 g2t0433g postfix/qmgr[17833]: 2EAAF23004C: removed"

Right now I have added 'peter**@warwick.net' in my postfix 'main.cf' restriction list as follows:

content_filter=amavisfeed:[127.0.0.1]:10024

#Milter support for smtpd mail
smtpd_milters =
  inet:localhost:10028 #Custom java mail filter

milter_default_action = reject

# Postfix . 2.6
milter_protocol = 2

smtpd_recipient_restrictions =
  check_recipient_access hash:/etc/postfix/recipientRestrictionList,
  check_sender_access hash:/etc/postfix/senderRestrictionList,
  reject_unauth_destination,
  reject_rbl_client zen.spamhaus.org,
  reject_rbl_client bl.spamcop.net
  permit

Is it the right approach?

If not, kindly suggest me correct approach that I can use on Postfix conf files or mail filters to deal with such persistent emails.

Please help

Thanks in advance
Ashish Sharma