I followed the How-To for Debian Etch/Postfix/Virtual and after a week of successful testing started getting the following error: Code: From: Content-filter at mail1.server.com [[email protected]] Sent: Sunday, June 24, 2007 1:01 PM To: [email protected] Subject: Considered UNSOLICITED BULK EMAIL, apparently from you A message from <[email protected]> to: -> [email protected] was considered unsolicited bulk e-mail (UBE). Our internal reference code for your message is 15973-07/ipyPfF8DMCzg The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and your e-mail address abused by third party, in which case we apologize for undesired notification. We do try to minimize backscatter for more prominent cases of UBE and for infected mail, but for less obvious cases of UBE some balance between losing genuine mail and sending undesired backscatter is sought, and there can be some collateral damage on both sides. First upstream SMTP client IP address: [xx.xx.152.161] xxxxx.res.rr.com According to a 'Received:' trace, the message originated at: [xx.xx.152.161], design1 (xxxx.res.rr.com [xx.xx.152.161]) Return-Path: <[email protected]> Message-ID: <6A6ED8E39D444ECCB967390EFA5A9DE2@design1> Subject: RE: Question about shipping for xxxxxxx Delivery of the email was stopped! this is sent from my wife's Outlook account, although I also get similar messages from Logwatch and other local processes where I can guarantee I am the sender. I have run the test at abuse.net for relaying and it passed. What process is blocking this? Is it postfix or something amavisd is calling up? BTW, I'm a supporter with a subscription, but the forum doesn't list me as one, how do I change that? Thanks, Cameron San Diego
Is your server located in a adatacenter or do you host it on a dynamic IP address? http://www.howtoforge.com/howtoforge_supporter_howto
I am at a datacenter as a colo box running a mailserver on dom2 on a Debian Etch xen SMP Xeon. I just added a valid reverse DNS entry, and the IP isn't blacklisted anywhere. Thanks, Cameron San Diego
Do you manage your IP address yourself, or is it managed by your ISP? Usually the ISP does that, and then he'd have to create the reverse record.
My ISP created the reverse DNS record, well, I sent a ticket in to them to have it done. I just editted /etc/amavis/conf.d/20-debian_defaults and added my domain to the read hash list: # read_hash("/var/amavis/sender_scores_sitewide"), { # a hash-type lookup table (associative array) '[email protected]' => -3.0, '[email protected]' => -3.0, .... '.server.com' => -8.0, and it fixed it, but I doubt I really fixed it, I can't do this for all the virtual hosts , yet I don't want to raise the detection much above the standard 6.31, that's higher than I'm used to having it. Thanks, Cameron San Diego
Hi ! I have the same problem... No fresh idea to help me ? I have not change my reverseDNS, seems not to be a good idea at all... ?! I've haded my domain in /etc/amavis/conf.d/20-debian_defaults too... I don't receive the logwatch emails, it's not practical. Recently, on one of my two servers encounter the problem, the mail arrived, but that this day there... Probably a ghooost Falko, an idea ? Thx, Tisc
Hi Falko, Sorry for long time, little holidays The problem is checked, I received again my logwatch mails : I've modified the /etc/amavis/conf.d/20-debian_defaults and added my domain to the read hash list, like uncleCameron, with -18 I've made the modification too, proposed here : http://www200.pair.com/mecham/spam/clamav-amavisd-new.html Clamav don't speak anymore in my logwatch to annonce his updates (freshclam), so I've just modified my freshclam.conf and putting true on the following options : LogVerbose true & LogSyslog true. Wait and see my tomorrow logwatch. have a nice day !
Hi, I'm having this same problem after moving the virtual domains onto another identical etch set up as described in the howto but on another server on a different IP. Most addresses have moved over okay but a couple of addresses are having UBE problems when they send. Is this a local configuration which is causing the problem? One user uses microsoft outlook express and the other uses microsoft outlook 2003. Not sure if this has any impact but I thought I'd add it in. Is there anything reported in the below code which might be a symptom of my mis-configuring anything in the howto? Any help would be greatly appreciated. Code: Return-Path: <> X-Original-To: [email protected] Delivered-To: [email protected] Received: from localhost (localhost.localdomain [127.0.0.1]) by serverdomain.co.uk (Postfix) with ESMTP id 13D9E15199 for <[email protected]>; Wed, 4 Feb 2009 14:44:32 +0000 (GMT) Content-Type: multipart/report; report-type=delivery-status; boundary="----------=_1233758672-15655-0" Content-Transfer-Encoding: 7bit MIME-Version: 1.0 Subject: Considered UNSOLICITED BULK EMAIL, apparently from you In-Reply-To: <!&!AAAAAAAAAAAYAAAAAAAAAI3rdRyPkWFLnHwKoEQrVgDCgAAAEAAAAKN/[email protected]> Message-ID: <[email protected]> From: "Content-filter at serverdomain.co.uk" <[email protected]> To: <[email protected]> Date: Wed, 4 Feb 2009 14:44:32 +0000 (GMT) This is a multi-part message in MIME format... ------------=_1233758672-15655-0 Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit A message from <[email protected]> to: -> [email protected] was considered unsolicited bulk e-mail (UBE). Our internal reference code for your message is 15655-02/idKKN469WFto The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and your e-mail address abused by third party, in which case we apologize for undesired notification. We do try to minimize backscatter for more prominent cases of UBE and for infected mail, but for less obvious cases of UBE some balance between losing genuine mail and sending undesired backscatter is sought, and there can be some collateral damage on both sides. First upstream SMTP client IP address: [xxx.xxx.xxx.xxx] unknown According to a 'Received:' trace, the message originated at: [xxx.xxx.xxx.xxx], ParkwoodPC (unknown [xxx.xxx.xxx.xxx]) Return-Path: <[email protected]> Message-ID: <!&!AAAAAAAAAAAYAAAAAAAAAI3rdRyPkWFLnHwKoEQrVgDCgAAAEAAAAKN/[email protected]> Subject: test Delivery of the email was stopped! ------------=_1233758672-15655-0 Content-Type: message/delivery-status; name="dsn_status" Content-Disposition: inline; filename="dsn_status" Content-Transfer-Encoding: 7bit Content-Description: Delivery error report Reporting-MTA: dns; serverdomain.co.uk Received-From-MTA: smtp; serverdomain.co.uk ([127.0.0.1]) Arrival-Date: Wed, 4 Feb 2009 14:44:29 +0000 (GMT) Original-Recipient: rfc822;[email protected] Final-Recipient: rfc822;[email protected] Action: failed Status: 5.7.1 Diagnostic-Code: smtp; 554 5.7.1 Rejected, id=15655-02 - SPAM Last-Attempt-Date: Wed, 4 Feb 2009 14:44:32 +0000 (GMT) ------------=_1233758672-15655-0 Content-Type: text/rfc822-headers; name="header" Content-Disposition: inline; filename="header" Content-Transfer-Encoding: 7bit Content-Description: Message headers Return-Path: <[email protected]> Received: from ParkwoodPC (unknown [xxx.xxx.xxx.xxx]) by serverdomain.co.uk (Postfix) with ESMTP id 48E7B150F0 for <[email protected]>; Wed, 4 Feb 2009 14:44:29 +0000 (GMT) Return-Receipt-To: "Senders Name" <[email protected]> From: "Senders Name" <[email protected]> To: <[email protected]> Subject: test Date: Wed, 4 Feb 2009 14:44:21 -0000 Message-ID: <!&!AAAAAAAAAAAYAAAAAAAAAI3rdRyPkWFLnHwKoEQrVgDCgAAAEAAAAKN/[email protected]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0000_01C986D7.1747EC90" X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AcmG1xB5HDi1RrI/QS+DebUcG1cRwA== Content-Language: en-gb ------------=_1233758672-15655-0--
Could this error message be generated by someone sending me an email with too many addresses in the To field? Perhaps the system is sensing it as bulk garbage and kicking back to them? Dan
I am getting this email also and I am using a dynamic IP address with dynamic dns. I followed the guide precisely on how to set up this server with opensuse 11.1 Can someone help me? Thanks!
Dynamic IPs are blacklisted. Please set up relaying: http://www.howtoforge.com/postfix_relaying_through_another_mailserver
Yea. But the thing is, ATT has two smtp servers. One for ssl and the other is non ssl. I am wondering if I should be relaying through the ssl and simply indicate the ssl port. What do you think? If so, how do I configure this in postfix for the port?
