Unknown Recipient Domain
in [Postfix]
|
Prev: : Recipient address rejected: Access denied while SASL/TLSare really enabled
Next: VRFY defaults to on--why?
From: Dan Lists on 29 Jan 2010 12:57 When a user mistypes an email address domain (eg @monsant.com), the message is sitting in the queue for days before they know about it. We'd like to give them immediate feedback instead of making them wail. I'm trying to have the outbound mail server permanently reject email with an invalid sender domain. I am using postfix 2.7-20100117 on FreeBSD 7.1 p10. I have: smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination unknown_address_reject_code = 550 This works if the domain exists but the hostname does not, for example email to nobody(a)asdf.gmail.com: Jan 29 11:49:27 outbound postfix/smtpd[65568]: NOQUEUE: reject: RCPT from hostname[12.34.56.78]: 550 5.1.2 <nobody(a)asdf.gmail.com>: Recipient address rejected: Domain not found; from=<dan(a)nowhere.com> to=<nobody(a)asdf.gmail.com> proto=ESMTP helo=<hostname> If the domain does not exist, it is giving a 450. Here is the log for an email to monsant.com: Jan 29 11:48:23 outbound postfix/smtpd[65568]: NOQUEUE: reject: RCPT from hostname[12.34.56.78]: 450 4.1.2 <nobody(a)monsant.com>: Recipient address rejected: Domain not found; from=<dan(a)dan@nowhere.com> to=<nobody(a)monsant.com> proto=ESMTP helo=<hostname> How can I make postfix issue a 550 error when the domain does not exist? Thanks, Dan
From: Noel Jones on 29 Jan 2010 13:22 On 1/29/2010 11:57 AM, Dan Lists wrote: > When a user mistypes an email address domain (eg @monsant.com), the > message is sitting in the queue for days before they know about it. > We'd like to give them immediate feedback instead of making them wail. > > I'm trying to have the outbound mail server permanently reject email > with an invalid sender domain. > > I am using postfix 2.7-20100117 on FreeBSD 7.1 p10. > > I have: > > smtpd_recipient_restrictions = > reject_non_fqdn_recipient, > reject_unknown_recipient_domain, > permit_mynetworks, > reject_unauth_destination > unknown_address_reject_code = 550 > > This works if the domain exists but the hostname does not, for example > email to nobody(a)asdf.gmail.com: > > Jan 29 11:49:27 outbound postfix/smtpd[65568]: NOQUEUE: reject: RCPT > from hostname[12.34.56.78]: 550 5.1.2<nobody(a)asdf.gmail.com>: > Recipient address rejected: Domain not found; from=<dan(a)nowhere.com> > to=<nobody(a)asdf.gmail.com> proto=ESMTP helo=<hostname> > > If the domain does not exist, it is giving a 450. Here is the log for > an email to monsant.com: > > Jan 29 11:48:23 outbound postfix/smtpd[65568]: NOQUEUE: reject: RCPT > from hostname[12.34.56.78]: 450 4.1.2<nobody(a)monsant.com>: Recipient > address rejected: Domain not found; from=<dan(a)dan@nowhere.com> > to=<nobody(a)monsant.com> proto=ESMTP helo=<hostname> > > How can I make postfix issue a 550 error when the domain does not exist? > > Thanks, > > Dan $ host monsant.com Host monsant.com not found: 2(SERVFAIL) This is a temporary error. The name server for monsant.com could not be contacted. You don't know if the domain exists or not. "whois" shows this domain does exist, but the listed name servers return an error rather than an authoritative NXDOMAIN. $ host asdf.gmail.com Host asdf.gmail.com not found: 3(NXDOMAIN) This domain does not exist. Postfix will always respond with a 450 defer when it can't find out if a domain exists or not. Don't confuse temporary errors (you don't know if the domain exists or not) with permanent errors (domain definitely does not exist). If you want to help out fat-fingered users, you can add frequently misspelled domains to your transport table. Note: these domains exist, but they don't respond to email. hotmial.com error:5.1.2 hotmail.com not hotmial.com hotmai.com error:5.1.2 hotmail.com not hotmai.com cherter.net error:5.1.2 try "charter.net" instead monsant.com error:5.1.2 monsanto.com not monsant.com Changing postfix behavior to immediately return mail on temporary errors would be a mistake. -- Noel Jones
From: adrian ilarion ciobanu on 29 Jan 2010 13:59 On Fri, Jan 29, 2010 at 12:22:53PM -0600, Noel Jones wrote: > > On 1/29/2010 11:57 AM, Dan Lists wrote: > > > >smtpd_recipient_restrictions = > > reject_non_fqdn_recipient, > > reject_unknown_recipient_domain, > > permit_mynetworks, > > reject_unauth_destination > >unknown_address_reject_code = 550 > > > > $ host monsant.com > Host monsant.com not found: 2(SERVFAIL) > > This is a temporary error. The name server for monsant.com > could not be contacted. You don't know if the domain exists > or not. "whois" shows this domain does exist, but the listed > name servers return an error rather than an authoritative > NXDOMAIN. > > $ host asdf.gmail.com > Host asdf.gmail.com not found: 3(NXDOMAIN) > > This domain does not exist. > > Postfix will always respond with a 450 defer when it can't > find out if a domain exists or not. atleast in postfix stable, specifying unknown_address_reject_code=550 works no matter if servfail or nx. maybe 2.7 makes now distinctions between different dns error replies? > > Don't confuse temporary errors (you don't know if the domain > exists or not) with permanent errors (domain definitely does > not exist). > > If you want to help out fat-fingered users, you can add > frequently misspelled domains to your transport table. > Note: these domains exist, but they don't respond to email. > > hotmial.com error:5.1.2 hotmail.com not hotmial.com > hotmai.com error:5.1.2 hotmail.com not hotmai.com > cherter.net error:5.1.2 try "charter.net" instead > monsant.com error:5.1.2 monsanto.com not monsant.com > > Changing postfix behavior to immediately return mail on > temporary errors would be a mistake. > > -- Noel Jones -- adrian ilarion ciobanu adrian.i(a)ciobanu.name http://pub.mud.ro/~cia +40 788 319 497
From: adrian ilarion ciobanu on 29 Jan 2010 14:01 > > > atleast in postfix stable, specifying > > unknown_address_reject_code=550 > > works no matter if servfail or nx. > maybe 2.7 makes now distinctions between different dns error replies? it doesn't. my bad > > > > > > > > Don't confuse temporary errors (you don't know if the domain > > exists or not) with permanent errors (domain definitely does > > not exist). > > > > If you want to help out fat-fingered users, you can add > > frequently misspelled domains to your transport table. > > Note: these domains exist, but they don't respond to email. > > > > hotmial.com error:5.1.2 hotmail.com not hotmial.com > > hotmai.com error:5.1.2 hotmail.com not hotmai.com > > cherter.net error:5.1.2 try "charter.net" instead > > monsant.com error:5.1.2 monsanto.com not monsant.com > > > > Changing postfix behavior to immediately return mail on > > temporary errors would be a mistake. > > > > -- Noel Jones > > -- > adrian ilarion ciobanu > adrian.i(a)ciobanu.name > http://pub.mud.ro/~cia > +40 788 319 497 -- adrian ilarion ciobanu adrian.i(a)ciobanu.name http://pub.mud.ro/~cia +40 788 319 497
From: Dan Lists on 29 Jan 2010 13:42 On Fri, Jan 29, 2010 at 12:22 PM, Noel Jones <njones(a)megan.vbhcs.org> wrote: > On 1/29/2010 11:57 AM, Dan Lists wrote: >> >> When a user mistypes an email address domain (eg @monsant.com), the >> message is sitting in the queue for days before they know about it. >> We'd like to give them immediate feedback instead of making them wail. >> >> I'm trying to have the outbound mail server permanently reject email >> with an invalid sender domain. >> >> I am using postfix 2.7-20100117 on FreeBSD 7.1 p10. >> >> I have: >> >> smtpd_recipient_restrictions = >> reject_non_fqdn_recipient, >> reject_unknown_recipient_domain, >> permit_mynetworks, >> reject_unauth_destination >> unknown_address_reject_code = 550 >> >> This works if the domain exists but the hostname does not, for example >> email to nobody(a)asdf.gmail.com: >> >> Jan 29 11:49:27 outbound postfix/smtpd[65568]: NOQUEUE: reject: RCPT >> from hostname[12.34.56.78]: 550 5.1.2<nobody(a)asdf.gmail.com>: >> Recipient address rejected: Domain not found; from=<dan(a)nowhere.com> >> to=<nobody(a)asdf.gmail.com> proto=ESMTP helo=<hostname> >> >> If the domain does not exist, it is giving a 450. Here is the log for >> an email to monsant.com: >> >> Jan 29 11:48:23 outbound postfix/smtpd[65568]: NOQUEUE: reject: RCPT >> from hostname[12.34.56.78]: 450 4.1.2<nobody(a)monsant.com>: Recipient >> address rejected: Domain not found; from=<dan(a)dan@nowhere.com> >> to=<nobody(a)monsant.com> proto=ESMTP helo=<hostname> >> >> How can I make postfix issue a 550 error when the domain does not exist? >> >> Thanks, >> >> Dan > > $ host monsant.com > Host monsant.com not found: 2(SERVFAIL) > > This is a temporary error. The name server for monsant.com could not be > contacted. You don't know if the domain exists or not. "whois" shows this > domain does exist, but the listed name servers return an error rather than > an authoritative NXDOMAIN. I am getting an NXDOMAIN: # host monsant.com Host monsant.com not found: 3(NXDOMAIN)
|
Next
|
Last
Pages: 1 2 Prev: : Recipient address rejected: Access denied while SASL/TLSare really enabled Next: VRFY defaults to on--why? |