On 7 Oct, Jason Williams wrote:
| Good morning everyone.
|
| I'm having problems with a specific recipe that im attempting to develop.
| I'm pretty new to Procmail and have much to learn.
|
| Here is my setup: I have two postfix mail servers; one one my DMZ that is
| our Mail Gateway, and our actual mail server that is on our private
| network. I have Spamassassin setup on the Mail gateway to Tag any email
| that it thinks is spam and then relays it to my mail server on the private
| network.
|
| I setup procmail to be the local delivery agent, and it works fine.
| I wanted to setup procmail to forward any emails that have been tagged as
| spam, to a certain user account for review.
|
| My System is RH 8.0
| Running IMAP, using Courier (Maildir)
| I am running Postfix-2.0.14
| Running procmail 3.22.
|
| I've setup postfix to call procmail, and point to /etc/procmailrc.
|
| Here are the contents of procmailrc:
|
| # tell procmail we use Maildir style
| DEFAULT="$HOME/Maildir/"
| MAILDIR="$HOME/Maildir"
|
| :0
| * ^(X-Spam-Flag: YES|Subject:.*\[SPAM\])
| ! spamcop(_at_)courtesymortgage(_dot_)com
|
| As I said, I wanted all messages that are tagged as spam, to go to this
| account for review.
|
| However, there is a problem when this recipe is envoked. I see the
| following entry in my maillog:
|
| Oct 7 08:28:56 corpmail postfix/local[27620]: AEEEFAB543:
| to=<jwilliams(_at_)blowfish(_dot_)acme(_dot_)com>, relay=local, delay=0,
status=sent
| ("|/usr/bin/procmail -m /etc/procmailrc")
| Oct 7 08:28:56 corpmail postfix/qmgr[16470]: C7D2DAB544:
| from=<jwilliams(_at_)acme(_dot_)com>, size=3582, nrcpt=1 (queue active)
| Oct 7 08:28:56 corpmail postfix/pickup[27513]: CB86EAB543: uid=503
| from=<spamcop>
| Oct 7 08:28:56 corpmail postfix/cleanup[27619]: CB86EAB543:
|
message-id=<20031007152754(_dot_)36372(_dot_)qmail(_at_)web40310(_dot_)mail(_dot_)yahoo(_dot_)com>
| Oct 7 08:28:56 corpmail postfix/local[27620]: C7D2DAB544:
| to=<spamcop(_at_)acme(_dot_)com>, relay=local, delay=0, status=sent
| ("|/usr/bin/procmail -m /etc/procmailrc")
| Oct 7 08:28:56 corpmail postfix/qmgr[16470]: CB86EAB543:
| from=<spamcop(_at_)acme(_dot_)com>, size=3797, nrcpt=1 (queue active)
| Oct 7 08:28:56 corpmail postfix/local[27620]: CB86EAB543:
| to=<spamcop(_at_)acme(_dot_)com>, relay=local, delay=0, status=bounced (mail
| forwarding loop for spamcop(_at_)acme(_dot_)com)
| Oct 7 08:28:56 corpmail postfix/cleanup[27619]: CE1AFAB544:
|
message-id=<20031007152856(_dot_)CE1AFAB544(_at_)corpmail(_dot_)acme(_dot_)com>
| Oct 7 08:28:56 corpmail postfix/qmgr[16470]: CE1AFAB544: from=<>,
| size=5635, nrcpt=1 (queue active)
| Oct 7 08:28:56 corpmail postfix/local[27620]: CE1AFAB544:
| to=<spamcop(_at_)acme(_dot_)com>, relay=local, delay=0, status=sent
| ("|/usr/bin/procmail -m /etc/procmailrc")
|
| The thing that stands out, is the line that has (mail forwarding loop for
| spamcop(_at_)acme(_dot_)com).
| Also, the spamcop account does receive a email, but it receives a message
| stating that the message could not be delivered due to a mail forwarding loop.
|
Unless there's something else in the procmail setup or logs that you
haven't shared, this doesn't look at all like a procmail issue. The
logs entries above are generated by postfix, as I'm sure you know,
indicating that postfix, not procmail, is taking exception to the
forwarded messages.
That said, and assuming the log entries above do correspond to messages
forwarded by the procmail recipe, one thought that comes to mind is
mis-configured virtual domains and/or mx records. I have no experience
with postfix, and you haven't explained the relationship between
courtesymortgage.com and acme.com, so it's only a wild guess. If the
bounces are from forwarded messages, the recipient domain is morphing
from courtesymortgage.com to acme.com. Further, the envelope sender of
the forwarded message is also morphing to spamcop(_at_)acme(_dot_)com(_dot_)
That makes
me suspect that something in your postfix config thinks they're one and
the same, or they share some common link that's circular, and postfix is
refusing to play along. If it was sendmail, I'd suggest checking
mailertable, genericstable, and virtusertable entries. Since it's
postfix, you're on your own. Besides, either would be off-topic and
you'd get better help in a forum specific to the MTA.
Another, probably more far-fetched, possibilty is mis-configured dns.
The mx records visible publicly don't indicate any relationship, nor an
obvious mx loop. But I run private names servers for my LAN. They have
some additional and some different records than the public servers and
are authoritative for the LAN. This includes private mx records that
direct all local mail to one mailhub. I have in the past created the
dreaded "mx points back to myself" error with sendmail mis-configured
(http://www.sendmail.org/faq/section4.html#4.5). Do you have something
like that which privately has courtesymortgage.com acting as mx for
acme.com or vice versa, or some other host in the middle with
mail relayed between the three, and without a postfix config to properly
handle it?
Lastly, any time you forward messages from procmail they should have
loop detection/prevention. The canonical method is to add and
subsequently check for a unique X-Loop: header, short-circuiting
forwarding if it exists since that would indicate a loop. That's not
your problem here, but it's something that should definitely be added
once this problem is solved, or else you risk creating the next problem.
--
Email address in From: header is valid * but only for a couple of days *
This is my reluctant response to spammers' unrelenting address harvesting
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail