k3mistâ„¢ » postfix http://k3mist.com Development, Design & System Administration Sat, 12 Sep 2009 15:40:34 +0000 http://wordpress.org/?v=2.8.4 en hourly 1 Postfix catch-all. The proper way… http://k3mist.com/linux/posix-catch-all-the-proper-way/ http://k3mist.com/linux/posix-catch-all-the-proper-way/#comments Wed, 26 Aug 2009 16:34:44 +0000 k3mist http://k3mist.com/?p=172 An issue I recently encountered with some mail servers was poor MTA reputation. Even though the servers were only used for corporate email, somehow their MTA is poor at senderbase, even though none of the IP’s are on a single RBL/SBL. This is partly due to Slicehost having bad IP blocks and the method they use for assigning IP’s to new slices. But I believe the issue can be resolved with good history.

I know that the servers are properly configured (because I set them up) and they are not an open relay. They reject mail correctly and SA/CAV are filtering mail correctly.

Without knowing the cause I took two approaches to resolve the issue. The first thing I did was change the RDNS for the machines. The second thing I did was setup a Postfix catch-all to cut down on outgoing mail from the machines. The servers each receive 30-60 or more email’s a minute to unknown users. This is a mere trickle compared to most mail servers, but enough.

It’s bad practice to setup a catch-all. But when you are not AOL, Microsoft, Google, etc, you have very little push and pull on the internet and can get blocked for adding to the spam. Some spammers are clever enough to purposely use other mail servers to reject mail and send that email to their intended recipient.

Anyway, after much research, not a single blog, howto or tutorial demonstrated how to setup a catch-all in Postfix correctly. Every method I read about caught ALL mail even if the intended recipient existed locally on the machine. One blog post I read said it would send the mail to the correct recipient before it redirected mail for the unknown user, which goes to show this guy did not test his configuration and even posted about it!

I eventually found my way by reading the postfix configuration documentation. This very simple method is a combination of two parameters you can add in /etc/postfix/main.cf

luser_relay = localuser@localdomain.com
local_recipient_maps =

luser_relay is the local user on the machine to catch all email that does not belong to an existing local user. luser_relay documentation.

local_recipient_maps is left blank to stop Postfix from checking if the user exists on the local machine. This is very important, without this line, Postfix will still reject the mail and send a bounce message. local_recipient_maps documenation.

After adding the above two lines to the configuration, apply the changes and restart Postfix in terminal.

service postfix reload
/etc/init.d/postfix restart

]]> An issue I recently encountered with some mail servers was poor MTA reputation. Even though the servers were only used for corporate email, somehow their MTA is poor at senderbase, even though none of the IP’s are on a single RBL/SBL. This is partly due to Slicehost having bad IP blocks and the method they use for assigning IP’s to new slices. But I believe the issue can be resolved with good history.

I know that the servers are properly configured (because I set them up) and they are not an open relay. They reject mail correctly and SA/CAV are filtering mail correctly.

Without knowing the cause I took two approaches to resolve the issue. The first thing I did was change the RDNS for the machines. The second thing I did was setup a Postfix catch-all to cut down on outgoing mail from the machines. The servers each receive 30-60 or more email’s a minute to unknown users. This is a mere trickle compared to most mail servers, but enough.

It’s bad practice to setup a catch-all. But when you are not AOL, Microsoft, Google, etc, you have very little push and pull on the internet and can get blocked for adding to the spam. Some spammers are clever enough to purposely use other mail servers to reject mail and send that email to their intended recipient.

Anyway, after much research, not a single blog, howto or tutorial demonstrated how to setup a catch-all in Postfix correctly. Every method I read about caught ALL mail even if the intended recipient existed locally on the machine. One blog post I read said it would send the mail to the correct recipient before it redirected mail for the unknown user, which goes to show this guy did not test his configuration and even posted about it!

I eventually found my way by reading the postfix configuration documentation. This very simple method is a combination of two parameters you can add in /etc/postfix/main.cf

luser_relay = localuser@localdomain.com
local_recipient_maps =

luser_relay is the local user on the machine to catch all email that does not belong to an existing local user. luser_relay documentation.

local_recipient_maps is left blank to stop Postfix from checking if the user exists on the local machine. This is very important, without this line, Postfix will still reject the mail and send a bounce message. local_recipient_maps documenation.

After adding the above two lines to the configuration, apply the changes and restart Postfix in terminal.

service postfix reload
/etc/init.d/postfix restart

]]> http://k3mist.com/linux/posix-catch-all-the-proper-way/feed/ 0