Prev: Simple hack to get $1000 to your home.
Next: Yahoo disconnecting at end of data on large messages.
From: Wietse Venema on 9 Jun 2010 11:31 Proniewski Patrick: > Hello, > > I used to have a old SMTP server, with after-queue content filtering. > My new setup involve a before-queue content filter (amavisd). > Unfortunately, Amavisd is a little bit strict about the smtp > session: it bounces email sent using "MAIL FROM: address" instead > of "MAIL FROM:<address>". > It's ok for my all my clients but one. It's an appliance, so I > cannot change anything about its way to handle SMTP protocol. Besides making this configurable for Amavisd-new, the other option is to use the Postfix 2.7 smtpd_command_filter feature to replace the RCPT TO command very carefully. If the applicance sends mail to only one address, be sure to modify only that RCPT TO command and nothing else. Wietse smtpd_command_filter (default: empty) A mechanism to transform commands from remote SMTP clients. This is a last-resort tool to work around client commands that break inter-oper- ability with the Postfix SMTP server. Other uses involve fault injec- tion to test Postfix's handling of invalid commands. Specify the name of a "type:table" lookup table. The search string is the SMTP command as received from the remote SMTP client, except that initial whitespace and the trailing <CR><LF> are removed. The result value is executed by the Postfix SMTP server. There is no need to use smtpd_command_filter for the following cases: o Use "resolve_numeric_domain = yes" to accept "user(a)ipaddress". o Postfix already accepts the correct form "user@[ipaddress]". Use virtual_alias_maps or canonical_maps to translate these into domain names if necessary. o Use "strict_rfc821_envelopes = no" to accept "RCPT TO:<User Name <user(a)example.com>>". Postfix will ignore the "User Name" part and deliver to the <user(a)example.com> address. Examples of problems that can be solved with the smtpd_command_filter feature: /etc/postfix/main.cf: smtpd_command_filter = pcre:/etc/postfix/command_filter /etc/postfix/command_filter: # Work around clients that send malformed HELO commands. /^HELO\s*$/ HELO domain.invalid # Work around clients that send empty lines. /^\s*$/ NOOP # Work around clients that send RCPT TO:<'user(a)domain'>. # WARNING: do not lose the parameters that follow the address. /^RCPT\s+TO:\s*<'([^[:space:]]+)'>(.*)/ RCPT TO:<$1>$2 # Bounce-never mail sink. Use notify_classes=bounce,resource,software # to send bounced mail to the postmaster (with message body removed). /^(RCPT\s+TO:.*?)\bNOTIFY=\S+\b(.*)/ $1 NOTIFY=NEVER $2 /^(RCPT\s+TO:.*)/ $1 NOTIFY=NEVER This feature is available in Postfix 2.7.
From: Noel Jones on 9 Jun 2010 17:42 On 6/9/2010 10:11 AM, Proniewski Patrick wrote: > Hello, > > I used to have a old SMTP server, with after-queue content filtering. My new setup involve a before-queue content filter (amavisd). Unfortunately, Amavisd is a little bit strict about the smtp session: it bounces email sent using "MAIL FROM: address" instead of "MAIL FROM:<address>". > It's ok for my all my clients but one. It's an appliance, so I cannot change anything about its way to handle SMTP protocol. > > Here is a debug session: > > smtp/smtpd[86566]: connect from extron.domain.tld[192.168.42.241] > smtp/smtpd[86566]: match_hostaddr: 192.168.42.241 ~? 127.0.0.1 > smtp/smtpd[86566]: match_hostaddr: 192.168.42.241 ~? 192.168.0.0/16 > smtp/smtpd[86566]:> extron.domain.tld[192.168.42.241]: 220 smtp.domain.tld ESMTP > smtp/smtpd[86566]:< extron.domain.tld[192.168.42.241]: HELO extron.domain.tld > smtp/smtpd[86566]:> extron.domain.tld[192.168.42.241]: 250 smtp.domain.tld > smtp/smtpd[86566]:< extron.domain.tld[192.168.42.241]: MAIL FROM: appliance(a)domain.tld > smtp/smtpd[86566]:> extron.domain.tld[192.168.42.241]: 250 2.1.0 Ok > smtp/smtpd[86566]:< extron.domain.tld[192.168.42.241]: RCPT TO: techservice(a)domain.tld > smtp/smtpd[86566]: check_namadr_access: name extron.domain.tld addr 192.168.42.241 > smtp/smtpd[86566]: check_addr_access: 192.168.42.241 > smtp/smtpd[86566]: permit_mynetworks: extron.domain.tld 192.168.42.241 > smtp/smtpd[86566]: match_hostaddr: 192.168.42.241 ~? 127.0.0.1 > smtp/smtpd[86566]: match_hostaddr: 192.168.42.241 ~? 192.168.0.0/16 > smtp/smtpd[86566]:> 127.0.0.1:10024: XFORWARD NAME=extron.domain.tld ADDR=192.168.42.241 PORT=2488 HELO=extron.domain.tld PROTO=SMTP SOURCE=LOCAL > smtp/smtpd[86566]:> extron.domain.tld[192.168.42.241]: 501 5.5.2 Syntax: MAIL FROM:<address> > smtp/smtpd[86566]: match_hostaddr: 192.168.42.241 ~? 127.0.0.1 > smtp/smtpd[86566]: match_hostaddr: 192.168.42.241 ~? 192.168.0.0/16 > smtp/smtpd[86566]: lost connection after RCPT from extron.domain.tld[192.168.42.241] > smtp/smtpd[86566]: disconnect from extron.domain.tld[192.168.42.241] > > I've read the Postfix documentation, especially this part: > >> The content filter should accept the same MAIL FROM and RCPT TO command syntax as the before-filter Postfix SMTP server, and should forward the commands without modification to the after-filter SMTP server. If the content filter or after-filter SMTP server does not support all the ESMTP features that the before-filter Postfix SMTP server supports, then the missing features must be turned off in the before-filter Postfix SMTP server with the smtpd_discard_ehlo_keywords parameter. > > I know the problem is on Amavisd's side. But I'm sure others have been confronted to this issue. Any idea other than patching amavisd? > > thanks, > > Patrick PRONIEWSKI For problems with amavisd-new, better to ask on the amavis-users list. I don't think this is configurable in amavisd-new, in which case the easiest solution is to redirect the problem client to an unfiltered postfix listener. Either have the client connect to a different IP:port, or use firewall redirect rules. -- Noel Jones
|
Pages: 1 Prev: Simple hack to get $1000 to your home. Next: Yahoo disconnecting at end of data on large messages. |