smtpd_delay_reject = yes & Reject Logging
in [Postfix]
|
From: Noel Jones on 10 Aug 2010 18:38 Please don't top-post. > -------------------------------------------------- > From: "Noel Jones" <njones(a)megan.vbhcs.org> > Sent: Tuesday, August 10, 2010 1:27 PM > To: <postfix-users(a)postfix.org> > Subject: Re: smtpd_delay_reject = yes & Reject Logging > >> On 8/10/2010 3:19 PM, JunkYardMail1(a)Verizon.net wrote: >>> When using the smtpd_delay_reject = yes option, all log >>> messages indicate RCPT stage rejection. e.g. ... NOQUEUE: >>> reject: RCPT from ...; regardless of which type of >>> restriction an option is listed under. >>> >> When smtpd_delay=yes all rejections will be logged at RCPT >> stage. >> >> Does this cause any sort of problem? >> >> >> -- Noel Jones >> On 8/10/2010 3:43 PM, JunkYardMail1(a)Verizon.net wrote: > Yes it does cause a problem. > It does not indicate the stage the rejection is associated > with (CONNECT, HELO, FROM, RCPT, etc.). > With smtpd_delay_reject=yes, the reject happens at the RCPT stage. The logging is correct. The reject message in the log clearly shows what restriction triggered the rejection. So again, exactly what problem does this cause for you? -- Noel Jones
From: Ralf Hildebrandt on 11 Aug 2010 03:14 * JunkYardMail1(a)Verizon.net <JunkYardMail1(a)Verizon.net>: > "I think he just wants to know which smtpd restrictions list contains > the rule that caused the rejection." > > Correct. Like I said, even with smtpd_delay_reject = no this is not given. > >An almost-answer: each reject_foo rule has a certain log format > >which, once learned, will give you a pretty good idea about the > >rule that caused the rejection. You still have to look up which > >restrictions list contains that rule, though. Best and only answer, really -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt(a)charite.de | http://www.charite.de
From: Stan Hoeppner on 11 Aug 2010 03:35 Michael Orlitzky put forth on 8/10/2010 4:02 PM: > I think he just wants to know which smtpd restrictions list contains the > rule that caused the rejection. This is relatively easy to accomplish with custom rejection messages. Simply insert a unique symbol at the beginning of each rejection message text string which identifies the rejection stage. This of course would require a separate access table for each "check_client_access" statement, which can create future table management headaches to the point it may not be worth the effort. -- Stan
From: Ralf Hildebrandt on 11 Aug 2010 03:35 * Stan Hoeppner <stan(a)hardwarefreak.com>: > Michael Orlitzky put forth on 8/10/2010 4:02 PM: > > > I think he just wants to know which smtpd restrictions list contains the > > rule that caused the rejection. > > This is relatively easy to accomplish with custom rejection messages. Simply > insert a unique symbol at the beginning of each rejection message text string > which identifies the rejection stage. This of course would require a separate > access table for each "check_client_access" statement, which can create future > table management headaches to the point it may not be worth the effort. Yes, this only works for check_*_access. Stuff like e.g. reject_unknown_sender_domain have predefined rejection messages, so... -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt(a)charite.de | http://www.charite.de
From: Stan Hoeppner on 11 Aug 2010 04:31 Ralf Hildebrandt put forth on 8/11/2010 2:35 AM: > * Stan Hoeppner <stan(a)hardwarefreak.com>: >> Michael Orlitzky put forth on 8/10/2010 4:02 PM: >> >>> I think he just wants to know which smtpd restrictions list contains the >>> rule that caused the rejection. >> >> This is relatively easy to accomplish with custom rejection messages. Simply >> insert a unique symbol at the beginning of each rejection message text string >> which identifies the rejection stage. This of course would require a separate >> access table for each "check_client_access" statement, which can create future >> table management headaches to the point it may not be worth the effort. > > Yes, this only works for check_*_access. Stuff like e.g. > reject_unknown_sender_domain have predefined rejection messages, so... I was just looking at a Logwatch summary. The data the OP is requesting _is_ in the Postfix logs somewhere, as Logwatch is tallying the disconnection phases: 81 Connections lost (inbound) 61 After DATA 11 After CONNECT 7 After RCPT 2 After EHLO If you need this information _per msg_ with detail, you'll have to go digging and figure it out for yourself. The data _is_ in there though. And, yes, I use smtpd_delay_reject=yes, the default. -- Stan
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: Simple hack to get $3000 to your home Next: compile Postfix in static linking |