[Postfixbuch-users] Frage zu Sender address verified

Sven Schoeppner Schoeppner at biotec.uni-bremen.de
Mi Feb 9 10:43:28 CET 2005



Patrick Ben Koetter schrieb:
> * Sven Schoeppner <Schoeppner at biotec.uni-bremen.de>:
> 
>>hallo LIste,
>>warum wird dieses Mail abgelehnt?
>>
>>
>>Feb  9 09:58:39 btsun1 postfix/smtpd[19322]: connect from a.ww.adjoli.net[212.21.65.165]
>>Feb  9 09:58:39 btsun1 postfix/cleanup[19360]: 5ABCD3707A: message-id=<20050209085839.5ABCD3707A at btsun1.biotec.uni-bremen.de>
>>Feb  9 09:58:39 btsun1 postfix/qmgr[29980]: 5ABCD3707A: from=<>, size=272, nrcpt=1 (queue active)
>>
>>
>>Feb  9 09:58:39 btsun1 postfix/smtp[19367]: 5ABCD3707A: to=<vlfnet-nl-return-308-test=biotec.uni-bremen.de at vlf.adjoli.de>, relay=a.mx.adjoli.de[212.21.65.164], delay=0, status=deliverable (250 ok)
>>
>>Absender ist erreichbar
>>
>>Feb  9 09:58:40 btsun1 postfix/qmgr[29980]: 5ABCD3707A: removed
>>Feb  9 09:58:41 btsun1 postfix/smtpd[19322]: NOQUEUE: reject: RCPT from a.ww.adjoli.net[212.21.65.165]: 450 <vlfnet-nl-return-308-test=biotec.uni-bremen.de at vlf.adjoli.de>: Sender address rejected: unverified address: Address verification in progress;
>>
>>Obwohl der Absender erreichbar ist wird die Mail beim 1. Zustellversuch 
>>abgelehnt.
> 
> 
> Der empfangende Server führt eine "sender address verification" durch.
> Dazu lehnt er, in diesem Fall, erst einmal die Mail ab, prüft dann ob
> der für den envelope-sender zuständige Mailserver den envelope-sender
> auch kennt und erst dann nimmt er die Mail an.
> 
> So wie es bei der Implementierung dieses empfangenden Mailservers
> scheint, lehnt er die Mail erst mal temporär (siehe: Code 450) ab.

empfangenden Mailservers = btsun1.biotec.uni-bremen.de = "mein Server"
genau das ist mein Problem, wie kann ich den Mailservers dazu bringen 
die mails gleich anzunehmen, wenn die "Sender address verified" Prüfung 
erfolgreich war?

Main.cf
btsun1:/home/schoeppner# postconf -n
address_verify_local_transport = $local_transport
address_verify_map = btree:/var/spool/postfix/verify
address_verify_negative_cache = no
address_verify_negative_expire_time = 4d
address_verify_negative_refresh_time = 2d
address_verify_poll_count = 1
address_verify_poll_delay = 300s
address_verify_positive_expire_time = 31d
address_verify_positive_refresh_time = 7d
address_verify_relay_transport = $relay_transport
address_verify_relayhost = $relayhost
address_verify_sender = <>
address_verify_service_name = verify
address_verify_transport_maps = $transport_maps
address_verify_virtual_transport = $virtual_transport

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no

broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/lib/postfix
debug_peer_level = 2
debug_peer_list =
delay_warning_time = 1h

header_checks = regexp:/etc/postfix/header_checks
mailbox_command =
mailbox_size_limit = 0
message_size_limit = 80240000
mydestination = btsun1.biotec.uni-bremen.de, 
localhost.biotec.uni-bremen.de, localhost
myhostname = btsun1.biotec.uni-bremen.de
mynetworks = 192.168.5.0/24
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
recipient_delimiter = +
relocated_maps = hash:/etc/postfix/relocated
sender_canonical_maps = hash:/etc/postfix/sender_canonical
setgid_group = postdrop
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_helo_required = yes

smtpd_recipient_restrictions =
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_non_fqdn_recipient,
reject_non_fqdn_sender,
permit_sasl_authenticated,
permit_mynetworks,
check_helo_access hash:/etc/postfix/helo_access,
check_sender_access hash:/etc/postfix/sender_access, 
reject_unauth_pipelining,
reject_unauth_destination,
reject_unknown_address,
reject_non_fqdn_hostname,
warn_if_reject  reject_unknown_hostname,
reject_unknown_client,
reject_invalid_hostname,
reject_unverified_sender,
check_policy_service inet:127.0.0.1:60690,

smtpd_sasl_auth_enable = yes
smtpd_sasl_exceptions_networks =
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_tls_cert_file = /etc/postfix/smtpd.cert
smtpd_tls_key_file = /etc/postfix/smtpd.key
strict_rfc821_envelopes = yes
unverified_recipient_reject_code = 550

virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5001
virtual_mailbox_base = /virtual
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 0
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 5001
virtual_transport = virtual
virtual_uid_maps = static:5001



> Zitat RFC 2821, Section 4.2:
> 
> 4yz Transient Negative Completion reply
>   The command was not accepted, and the requested action did not occur.
>   However, the error condition is temporary and the action may be
>   requested again.
> 
> Dein Mailserver muß also die Nachricht noch mal in die Queue
> zurückstellen. Dann erst prüft der andere Mailserver die Existenz deines
> envelope-senders.
> 
> Postfix macht das schneller und eleganter, weil er prüft die Existenz
> des envelope-senders während der 1. client-Verbindung und entscheidet
> wenn möglich sofort. Geht das nicht, wird auch Postfix eine 4xx Meldung
> rausgeben und den Server bitten, nacher nochmal wieder vorbeizukommen.
> 
> p at rick
> 



Mehr Informationen über die Mailingliste Postfixbuch-users