Skip to content

Unintended creation of undeliverable messages cin the system #1167

Closed
Closed
Unintended creation of undeliverable messages cin the system#1167
@tpf4oc

Description

@tpf4oc
tpf4oc
opened on May 14, 2019

For some, maybe all, incoming mails two internal messages to "user@localhost" are created that keep circulating in the system.

Context

I have just tranferred a "normal" ubuntu based mailserver (postfix-dovecot-amavis-clamav) to docker using the tomav/mailserver image. The server is run in satellite mode as part of my home server. That means besides connections from local clients mail are inserted into the system using fetchmail from public mailserver. Out going mails are relayed via my primary service provider.

After few hurdles mail seems to be delivered and received propriately now.

Expected Behavior

All mails seem to be delivered and received well.

Actual Behavior

Looking at the logs after a while I found that for some, maybe all, incoming mails two internal messages are created that keep circulating in the system:

May 14 21:37:12 sonne postfix/smtpd[19512]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 <username@localhost>: Recipient address rejected: User unknown in local recipient table; from=<bounces+3922699-6547-username2=my-own-domain.tld@sendgrid.meetup.com> to=<username2@localhost> proto=ESMTP helo=<sonne>
May 14 21:37:12 sonne postfix/smtpd[19512]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 550 5.1.1 <admin@localhost>: Recipient address rejected: User unknown in local recipient table; from=<bounces+3922699-6547-username2=my-own-domain.tld@sendgrid.meetup.com> to=<admin@localhost> proto=ESMTP helo=<sonne>

Notes:
"[email protected]" is the public mail address the messages was originally sent to
"sonne" is the local hostname of the docker host, the local domain is "my-own-domain.test"
DKIM and DMARC are not configured. I believe they don't make sense in my setup but they seem difficult to deactivate.
I am not using any ldap datadase.

The issue that the recipient adresses are unknown in locally is ok. The questions are:
1. Who sends mails to username@localhost, which does currectly not exist and why - I suspect it is postscreen
2. Why is a second message created to a user admin, which does not exist in the system for any domain

Funny enough there is a small number of these messages that keep circulating independent of incimung mails even beyond a complete stop - rebove - start cycle of the container (docker-compose down and up actually).

These "internal" mesages are irritating and creating load on the server as they accumulate and are resent every 5 minutes.

Steps to Reproduce

this is my docker-compose file, other configurtion files below:

version: '3'
services:
  mail:
    image: tvial/docker-mailserver:stable
    restart: unless-stopped
    container_name: mailserver
    domainname: my-own-domain.tld
    volumes:
      - /mail:/var/mail
      - ./mailstate:/var/mail-state
      - ./config:/tmp/docker-mailserver
      - /etc/ssl:/tmp/ssl:ro
      - ./config/dovecot/10-auth.conf:/etc/dovecot/conf.d/10-auth.conf
      - ./config/dovecot/10-ssl.conf:/etc/dovecot/conf.d/10-ssl.conf
    network_mode: "host"
    environment:
      - TZ=Europe/Berlin
      - DMS_DEBUG=${DMS_DEBUG}
      - ENABLE_CLAMAV=${ENABLE_CLAMAV}
      - ONE_DIR=${ONE_DIR}
      - ENABLE_POP3=${ENABLE_POP3}
      - ENABLE_FAIL2BAN=${ENABLE_FAIL2BAN}
      - ENABLE_MANAGESIEVE=${ENABLE_MANAGESIEVE}
      - OVERRIDE_HOSTNAME=${OVERRIDE_HOSTNAME}
      - POSTMASTER_ADDRESS=${POSTMASTER_ADDRESS}
      - POSTSCREEN_ACTION=${POSTSCREEN_ACTION}
      - REPORT_RECIPIENT=${REPORT_RECIPIENT}
      - REPORT_INTERVAL=${REPORT_INTERVAL}
      - SMTP_ONLY=${SMTP_ONLY}
      - SSL_TYPE=${SSL_TYPE}
      - TLS_LEVEL=${TLS_LEVEL}
      - SPOOF_PROTECTION=${SPOOF_PROTECTION}
      - ENABLE_SRS=${ENABLE_SRS}
      - PERMIT_DOCKER=${PERMIT_DOCKER}
      - VIRUSMAILS_DELETE_DELAY=${VIRUSMAILS_DELETE_DELAY}
      - ENABLE_POSTFIX_VIRTUAL_TRANSPORT=${ENABLE_POSTFIX_VIRTUAL_TRANSPORT}
      - POSTFIX_DAGENT=${POSTFIX_DAGENT}
      - ENABLE_SPAMASSASSIN=${ENABLE_SPAMASSASSIN}
      - SA_TAG=${SA_TAG}
      - SA_TAG2=${SA_TAG2}
      - SA_KILL=${SA_KILL}
      - SA_SPAM_SUBJECT=${SA_SPAM_SUBJECT}
      - ENABLE_FETCHMAIL=${ENABLE_FETCHMAIL}
      - FETCHMAIL_POLL=${FETCHMAIL_POLL}
      - ENABLE_LDAP=${ENABLE_LDAP}
      - LDAP_START_TLS=${LDAP_START_TLS}
      - LDAP_SERVER_HOST=${LDAP_SERVER_HOST}
      - LDAP_SEARCH_BASE=${LDAP_SEARCH_BASE}
      - LDAP_BIND_DN=${LDAP_BIND_DN}
      - LDAP_BIND_PW=${LDAP_BIND_PW}
      - LDAP_QUERY_FILTER_USER=${LDAP_QUERY_FILTER_USER}
      - LDAP_QUERY_FILTER_GROUP=${LDAP_QUERY_FILTER_GROUP}
      - LDAP_QUERY_FILTER_ALIAS=${LDAP_QUERY_FILTER_ALIAS}
      - DOVECOT_TLS=${DOVECOT_TLS}
      - DOVECOT_USER_FILTER=${DOVECOT_USER_FILTER}
      - DOVECOT_PASS_FILTER=${DOVECOT_PASS_FILTER}
      - ENABLE_POSTGREY=${ENABLE_POSTGREY}
      - POSTGREY_DELAY=${POSTGREY_DELAY}
      - POSTGREY_MAX_AGE=${POSTGREY_MAX_AGE}
      - POSTGREY_TEXT=${POSTGREY_TEXT}
      - ENABLE_SASLAUTHD=${ENABLE_SASLAUTHD}
      - SASLAUTHD_MECHANISMS=${SASLAUTHD_MECHANISMS}
      - SASLAUTHD_MECH_OPTIONS=${SASLAUTHD_MECH_OPTIONS}
      - SASLAUTHD_LDAP_SERVER=${SASLAUTHD_LDAP_SERVER}
      - SASLAUTHD_LDAP_SSL=${SASLAUTHD_LDAP_SSL}
      - SASLAUTHD_LDAP_BIND_DN=${SASLAUTHD_LDAP_BIND_DN}
      - SASLAUTHD_LDAP_PASSWORD=${SASLAUTHD_LDAP_PASSWORD}
      - SASLAUTHD_LDAP_SEARCH_BASE=${SASLAUTHD_LDAP_SEARCH_BASE}
      - SASLAUTHD_LDAP_FILTER=${SASLAUTHD_LDAP_FILTER}
      - SASL_PASSWD=${SASL_PASSWD}
      - SRS_EXCLUDE_DOMAINS=${SRS_EXCLUDE_DOMAINS}
      - SRS_SECRET=${SRS_SECRET}
      - RELAY_HOST=${RELAY_HOST}
      - RELAY_PORT=${RELAY_PORT}
      - RELAY_USER=${RELAY_USER}
      - RELAY_PASSWORD=${RELAY_PASSWORD}
      - SSL_TYPE=manual
      - SSL_CERT_PATH=/tmp/ssl/certs/mycert.pem
      - SSL_KEY_PATH=/tmp/ssl/private/mykey.pem

Your Environment

  • Mailserver version used: tvial/docker-mailserver:stable
  • Docker version used: 18.06.3-ce, build d7080c1

.env

HOSTNAME=sonne
DOMAINNAME=my-own-domain.test
CONTAINER_NAME=mailserver
OVERRIDE_HOSTNAME=sonne.my-own-domain.test
DMS_DEBUG=1
ONE_DIR=0
[email protected]
PERMIT_DOCKER=network
TLS_LEVEL=
SPOOF_PROTECTION=
ENABLE_SRS=0
ENABLE_POP3=
ENABLE_CLAMAV=1
ENABLE_FAIL2BAN=0
ENABLE_MANAGESIEVE=1
POSTSCREEN_ACTION=enforce
SMTP_ONLY=
SSL_TYPE=
VIRUSMAILS_DELETE_DELAY=
ENABLE_POSTFIX_VIRTUAL_TRANSPORT=
POSTFIX_DAGENT=
REPORT_RECIPIENT=1
REPORT_INTERVAL=daily
ENABLE_SPAMASSASSIN=1
SA_TAG=2.0
SA_TAG2=6.31
SA_KILL=6.31
SA_SPAM_SUBJECT=***SPAM*****
ENABLE_FETCHMAIL=1
FETCHMAIL_POLL=300
ENABLE_LDAP=
LDAP_START_TLS=
LDAP_SERVER_HOST=
LDAP_SEARCH_BASE=
LDAP_BIND_DN=
LDAP_BIND_PW=
LDAP_QUERY_FILTER_USER=
LDAP_QUERY_FILTER_GROUP=
LDAP_QUERY_FILTER_ALIAS=
DOVECOT_TLS=
DOVECOT_USER_FILTER=
DOVECOT_PASS_FILTER=
ENABLE_POSTGREY=0
POSTGREY_DELAY=300
POSTGREY_MAX_AGE=35
POSTGREY_TEXT=Delayed by postgrey
ENABLE_SASLAUTHD=0
SASLAUTHD_MECHANISMS=
SASLAUTHD_MECH_OPTIONS=
SASLAUTHD_LDAP_SERVER=
SASLAUTHD_LDAP_SSL=
SASLAUTHD_LDAP_BIND_DN=
SASLAUTHD_LDAP_PASSWORD=
SASLAUTHD_LDAP_SEARCH_BASE=
SASLAUTHD_LDAP_FILTER=
SASL_PASSWD=
SRS_EXCLUDE_DOMAINS=
SRS_SECRET=
RELAY_HOST=smtp.ionos.de
RELAY_PORT=587
RELAY_USER=username
RELAY_PASSWORD=###########

postfix-main.cf

smtpd_tls_ciphers = export
smtpd_tls_mandatory_protocols = !SSLv2
smtpd_tls_loglevel = 2
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_protocols =
smtpd_tls_received_header = yes
relayhost = [smtp.ionos.de]:587
message_size_limit = 20480000
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_non_fqdn_hostname,reject_invalid_hostname,permit
strict_mailbox_ownership = no

dovecot/10-auth.conf

auth_default_realm = my-own-domain.tld
auth_mechanisms = plain login
!include auth-passwdfile.inc

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions