DSN without attachment?
in [Postfix]
|
From: Markus Schwengel on 14 May 2010 10:30 On Fri, May 14, 2010 at 14:46, Wietse Venema <wietse(a)porcupine.org> wrote: > Markus Schwengel: >> >> True, the message is generated locally. But this is exactly what I need. >> >> So the question remains the same: How can i tell postfix to not >> include the original message in the DSN or at least strip the >> attachment? > > You can submit the message with "sendmail -N never" and get no DSN > at all. > > Postfix currently doesn't implement the Sendmail "-R" command-line > option that controls whether a DSN returns a "full" or "headers > only" message. This option should be implemented when time is > available. Currently, it is silently ignored to avoid breaking > programs. > > Â Â Â Â Wietse > OK, too bad, I have to find another way then... Thanks a lot
From: Noel Jones on 14 May 2010 10:37 On 5/14/2010 7:08 AM, Markus Schwengel wrote: > On Fri, May 14, 2010 at 13:44, Larry Stone<lstone19(a)stonejongleux.com> wrote: >> On 5/14/10 3:19 AM, Markus Schwengel at markus.schwengel(a)googlemail.com >> wrote: >> >> >>>>> When a virus is found postfix sends a message like the one I posted >>>>> earlier. Is this not a DSN generated by postfix? I'm confused... >>>> >>>> >>>> We need to see log entries of an entire infected message transaction. >>>> >>>> >>>> >>> >>> >>> here you go: >>> >>> postfix/pickup[9871]: 445AE1EAEB1: uid=33 from=<SENDER> >>> postfix/cleanup[9878]: 445AE1EAEB1: message-id=<1273824671.91686-9548(a)HOST> >>> postfix/cleanup[9878]: 445AE1EAEB1: milter-reject: END-OF-MESSAGE from >>> localhost[127.0.0.1]: \ >>> 5.7.1 Virus Eicar-Test-Signature found!; from=<SENDER> to=<RECEIVER> >>> postfix/cleanup[9878]: 445AE1EAEB1: to=<RECEIVER>, >>> orig_to=<@HOST:RECEIVER>, relay=none, delay=0.11, \ >>> delays=0.11/0/0/0, dsn=5.7.1, status=bounced (Virus >>> Eicar-Test-Signature found!) >>> postfix/cleanup[9882]: 5CFE71EAEB3: >>> message-id=<20100514081111.5CFE71EAEB3(a)HOST> >>> postfix/qmgr[9870]: 5CFE71EAEB3: from=<>, size=2559, nrcpt=1 (queue active) >>> postfix/bounce[9880]: 445AE1EAEB1: sender non-delivery notification: >>> 5CFE71EAEB3 >>> postfix/smtp[9883]: 5CFE71EAEB3: to=<SENDER>, >>> relay=192.168.30.11[192.168.30.11]:25, delay=0.07, \ >>> delays=0.02/0.01/0/0.04, dsn=2.0.0, status=sent (250 2.0.0 Ok: >>> queued as 5F8193955D9) >>> postfix/qmgr[9870]: 5CFE71EAEB3: removed >> >> Looks like this message is originating locally so your Postfix is acting as >> both client (sending) and server (receiving) for the message. So yes, >> Postfix is generating that DSN but it's doing so as the sending Postfix. Try >> testing with a message originating externally and you should see your local >> Postfix reject the message, not accept it and then generate a DSN. >> >> -- >> Larry Stone >> lstone19(a)stonejongleux.com >> http://www.stonejongleux.com/ >> >> >> > > True, the message is generated locally. But this is exactly what I need. > > So the question remains the same: How can i tell postfix to not > include the original message in the DSN or at least strip the > attachment? This might help: http://www.postfix.org/postconf.5.html#bounce_size_limit But for locally submitted mail it might be better to use the quarantine function of your milter. -- Noel Jones
From: Wietse Venema on 14 May 2010 10:53 Noel Jones: > > So the question remains the same: How can i tell postfix to not > > include the original message in the DSN or at least strip the > > attachment? > > This might help: > http://www.postfix.org/postconf.5.html#bounce_size_limit > > But for locally submitted mail it might be better to use the > quarantine function of your milter. This will effectively enforce "sendmail -R hdrs" (return headers only) when the global bounce_size_limit limit is set to a small value. Wietse
From: Markus Schwengel on 15 May 2010 02:57 On Fri, May 14, 2010 at 16:53, Wietse Venema <wietse(a)porcupine.org> wrote: > Noel Jones: >> > So the question remains the same: How can i tell postfix to not >> > include the original message in the DSN or at least strip the >> > attachment? >> >> This might help: >> http://www.postfix.org/postconf.5.html#bounce_size_limit >> >> But for locally submitted mail it might be better to use the >> quarantine function of your milter. > > This will effectively enforce "sendmail -R hdrs" (return headers > only) when the global bounce_size_limit limit is set to a small > value. > > Â Â Â Â Wietse > In this case I don't like the quarantine function because users (senders) should get some kind of notice that their mail was rejected because of a virus. With quarantine the mail is put into the hold queue and nothing else happens. I'll give bounce_size_limit a try, thank you. Markus Markus
From: Victor Duchovni on 15 May 2010 10:33
On Sat, May 15, 2010 at 08:57:00AM +0200, Markus Schwengel wrote: > In this case I don't like the quarantine function because users > (senders) should get some kind of notice that their mail was rejected > because of a virus. Absolutely NOT. If you ever send any sender notices for viruses here, you will be filtered rather quickly. Virus sender addresses are "always" forged, and notices of blocked viruses are the least welcome type of spam we receive. I'd rather get any other type of spam than bogus "you sent a virus" notices.... > With quarantine the mail is put into the hold > queue and nothing else happens. Viruses should be quietly discarded or quarantined. No sender notices of any sort. A well designed quarantine may notify the recipient in many cases, but never the sender. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note. |