Discussion in 'HOWTO-Related Questions' started by FredZ, Aug 4, 2009.

  1. FredZ

    FredZ Member HowtoForge Supporter

    Have followed this tutorial and finished it without error :)

    I am now testing it but all emails I send bounce.

    A message from <[email protected]> to:
    -> [email protected]

    was considered unsolicited bulk e-mail (UBE).

    Our internal reference code for your message is 02250-01/nuwMaDK00hUz

    The message carried your return address, so it was either a genuine mail
    from you, or a sender address was faked and your e-mail address abused
    by third party, in which case we apologize for undesired notification.

    We do try to minimize backscatter for more prominent cases of UBE and
    for infected mail, but for less obvious cases of UBE some balance
    between losing genuine mail and sending undesired backscatter is sought,
    and there can be some collateral damage on both sides.

    First upstream SMTP client IP address: [] localhost
    According to a 'Received:' trace, the message originated at: [], SquirrelMail authenticated user [email protected]

    Return-Path: <[email protected]>
    Message-ID: <[email protected]>
    Subject: test

    Delivery of the email was stopped!

    The mail.log shows

    Aug 4 11:17:58 mail1 amavis[2250]: (02250-02) Blocked SPAM, LOCAL [] [] <[email protected]> -> <[email protected]>, quarantine: R/spam-R0NYr+RFa4yh.gz, Message-ID: <[email protected]>, mail_id: R0NYr+RFa4yh, Hits: 6.42, size: 747, 24549 ms
    Aug 4 11:17:58 mail1 postfix/smtp[3047]: 85A2C2151: to=<[email protected]>, relay=[]:10024, delay=25, delays=0.22/0.06/0.01/25, dsn=2.5.0, status=sent (250 2.5.0 Ok, id=02250-02, BOUNCE)
    Aug 4 11:17:58 mail1 postfix/qmgr[2151]: 85A2C2151: removed

    I am not all that technical, thats why I use these howtos in some kind of atempt to learn.

    I first thought it was something to do with DNS resolution (don't ask why) so I had mx records put in place.

    Any comments would be most helpfull.


  2. falko

    falko Super Moderator ISPConfig Developer

  3. FredZ

    FredZ Member HowtoForge Supporter

    Thanks for that comment, I tested it and it comes back as OK for all except for the bottom 5 that time out.

    The test was with the IP releated to the mx record for the domain in question.

    OK, here goes me with a wild stab in the dark.

    The original message was generated by Amavis. I assume this as I found the template used for the message in that folder (/etc/amavis/en_US/template-spam-sender.txt).

    For what ever reason Amavis doesn't realise that the message sent was from an authenticated person logged into squirrel mail, as opposed to an smtp connection faking the user as this is what it is suggesting.

    beyond that I have no clues. I have checked all the configuration files against the tutorial and they appear to be correct. If I dig the mx records of the domain/s from the mail server they are resolved.


  4. FredZ

    FredZ Member HowtoForge Supporter

    Well after some playing I think I have resolved the problem.

    So I guess now you get the whole picture.

    As a matter of course I always adjust my hosts file to reflect the server name and domain. localhost.localdomain localhost mail1

    # The following lines are desirable for IPv6 capable hosts
    ::1 localhost ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts

    All I did was to remove the local.domain and from the hosts file and rebooted the system and it now sends emails.

    Note?: I do still have the hostname file intact.

    So now when I do a hostname and hostname -f they both still return


  5. paxpacis

    paxpacis Member

    Hi Falko,

    What is the best solution in ispconfig 2.x to fight backscatter mail?


Share This Page