Hello all. I'm running ISPConfig 3 on Ubuntu 10. I used the perfect setup tutorial to install the entire system. The problem I realized today is that mail sent to an alias domain (i.e. @somedomain forwards to @newsomedomain) is not blocked even though the recipient does not exist in the forwarded domain. Mail is rejected for unknown recipients in the real domain. No bounce message is generated though. Looking in the mail.log I see the mail to the invalid recipient being queued and delivered via maildrop. The problem is I need e-mail that is addressed to person@somedomain to be rejected, if person@newsomedomain does not exist. I have an upstream spam filter that is generating quarantines for invalid recipients because of this. Thanks for your help.
same problem ... maildrop creating new directories for any address, so after some time is little mess in /var/vmail/newsomedomain/
Thats a known problem on courier setups, please see bugtracker. Possible solutions are described in the bugtracker too: http://bugtracker.ispconfig.org/index.php?do=details&task_id=1393&project=3
Thanks for the reply. I looked at the bugtracker. I even registered. But, it appears the post is cut off? I can't seem to figure out how to display the rest of the content.
Thanks. I guess the question is, is there anyway to block these invalid e-mail addresses at the Postfix level? My biggest issue is because Postfix accepts the invalid e-mail address, it causes my upstream spamfilter to also think it is valid and thus creates quarantines for non-existent e-mail addresses. I would like postfix to reply with a reject message like it does for other invalid e-mail addresses. Maybe I should I post this in a Postfix support forum?
I can appreciate that. Except I don't speak German and when I try to translate it I can't make heads or tails of what is actually being said.
I revisited this issue today and want to post concise ENGLISH instructions to resolve this issue. I have tested this solution and it appears to work successfully. I pulled the information from the German website referenced above. I revisited this because this known issue (which remains unsolved to the best of my knowledge) causes so much backscatter with bounce messages for incoming spam that it was causing the mail server to get blacklisted. In order to fix this problem and get your ISPConfig setup to reject mail that is addressed to invalid recipients located in alias domains you'll need to create 3 new files and modify 2 existing files. All these files are located in /etc/postfix on my system. Create mysql-virtual-aliasdomain_catchall.cf: Code: user = ispconfig password = xxx dbname = dbispconfig hosts = 127.0.0.1 query = SELECT mail_forwarding.destination FROM mail_forwarding,mail_forwarding as mailfwd WHERE (mailfwd.type='aliasdomain' AND mailfwd.source=CONCAT('@','%d')) AND mail_forwarding.source = mailfwd.destination Create mysql-virtual_aliasdomain_forwardalias.cf: Code: user = ispconfig password = xxx dbname = dbispconfig hosts = 127.0.0.1 query = SELECT mail_forwarding.destination FROM mail_forwarding,mail_forwarding as mailfwd WHERE (mailfwd.type='aliasdomain' AND mailfwd.source=CONCAT('@','%d')) AND mail_forwarding.source = CONCAT('%u',mailfwd.destination) Create mysql-virtual_aliasdomain_mailbox.cf: Code: user = ispconfig password = xxx dbname = dbispconfig hosts = 127.0.0.1 query = SELECT mail_user.email FROM mail_user,mail_forwarding as mailfwd WHERE (mailfwd.type='aliasdomain' AND mailfwd.source=CONCAT('@','%d')) AND mail_user.email = CONCAT('%u',mailfwd.destination) Modify mysql-virtual_forwardings.cf: Code: user = ispconfig password = xxx dbname = dbispconfig table = mail_forwarding select_field = destination where_field = source additional_conditions = and type != 'aliasdomain' and active = 'y' and server_id = 1 hosts = 127.0.0.1 Modify the following line in main.cf: Code: virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf, proxy:mysql:/etc/postfix/mysql-virtual-aliasdomain_catchall.cf, proxy:mysql:/etc/postfix/mysql-virtual_aliasdomain_forwardalias.cf, proxy:mysql:/etc/postfix/mysql-virtual_aliasdomain_mailbox.cf, hash:/var/lib/mailman/data/virtual-mailman Obviously, replace 'xxx' above with the actual password hash to your ISPConfig database. This can be recovered from any of the existing mysql*.cf files including the one you modify above. Reload postfix and test. Postfix seems to block invalid recipients located in alias domains now. Better backup your main.cf file because the next ISPConfig update will likely overwrite this.
