r-raymond / nixos-mailserver

A complete and Simple Nixos Mailserver
GNU General Public License v3.0
181 stars 27 forks source link

Emails rejected too late, thus turning into spam relay #97

Closed tokudan closed 6 years ago

tokudan commented 6 years ago

(Use this template for bugs, feel free to delete it for other issues)

SNM Version: v2.1.3

Nixos Version: 17.09 (1dcd022f01b)

Relevant part of the config to reproduce:

  mailserver = {
    enable = true;
    fqdn = "myserver.example.com";
    localDnsResolver = false;
    domains = [
      "example.com"
    ];
    loginAccounts = {
      "someone@example.com" = {
        hashedPassword = "...";
        catchAll = [
        ];
      };
    };
    certificateScheme = 3;
    enableImap = true;
    enableImapSsl = true;
    virusScanning = true;
  };
}

What I expected to happen:

I expected the email to an invalid address (invalidemail@example.com) to be rejected while recieving.

What happened:

The email was accepted into the queue, causing a non-delivery notification to be created and thus spamming possibly innocent people with these notifications.

Relevant journald log:

[root@myserver:~]# journalctl --since=-7d | egrep 'smtpd\[19677\]|9BAE872A12E'
Feb 28 13:54:02 myserver postfix/smtpd[19677]: connect from squash.apkpuire.com[66.118.165.49]
Feb 28 13:54:02 myserver postfix/smtpd[19677]: 9BAE872A12E: client=squash.apkpuire.com[66.118.165.49]
Feb 28 13:54:02 myserver rmilter[3897]: <a14399b521>; mlfi_data: queue id: <9BAE872A12E>
Feb 28 13:54:03 myserver postfix/cleanup[19684]: 9BAE872A12E: message-id=<WRKWOOFTOCULACVVFEHSI@cg.bulevardcafe.com>
Feb 28 13:54:03 myserver rspamd[4916]: <6049ca>; task; rspamd_message_parse: loaded message; id: <WRKWOOFTOCULACVVFEHSI@cg.bulevardcafe.com>; queue-id: <9BAE872A12E>; size: 2337; checksum: <10d4ada951bad1a06bf28d6c42ba90ea>
Feb 28 13:54:03 myserver rspamd[4916]: <6049ca>; task; rspamd_task_write_log: id: <WRKWOOFTOCULACVVFEHSI@cg.bulevardcafe.com>, qid: <9BAE872A12E>, ip: 66.118.165.49, from: <sigismundsxhmzwg@bulevardcafe.com>, (default: F (add header): [10.35/15.00] [ABUSE_SURBL(5.50){bulevardcafe.com.multi.surbl.org;},HTML_SHORT_LINK_IMG_1(2.00){},RBL_SENDERSCORE(2.00){49.165.118.66.bl.score.senderscore.com;},FROM_EXCESS_QP(1.19){},DMARC_POLICY_ALLOW(-0.25){bulevardcafe.com;none;},MIME_HTML_ONLY(0.20){},R_DKIM_ALLOW(-0.20){bulevardcafe.com;},R_SPF_ALLOW(-0.20){+ip4:66.118.165.32/27;},ONCE_RECEIVED(0.10){},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},HAS_PHPMAILER_SIG(0.00){},HAS_X_PRIO_3(0.00){},PRECEDENCE_BULK(0.00){},RCPT_COUNT_1(0.00){},RCVD_COUNT_1(0.00){},SUBJECT_HAS_QUESTION(0.00){},TO_DN_NONE(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), len: 2337, time: 117.000ms real, 7.354ms virtual, dns req: 24, digest: <10d4ada951bad1a06bf28d6c42ba90ea>, rcpts: <invalidemail@example.com>, mime_rcpt: <invalidemail@example.com>
Feb 28 13:54:03 myserver rmilter[3897]: <a14399b521>; msg done: queue_id: <9BAE872A12E>; message id: <WRKWOOFTOCULACVVFEHSI@cg.bulevardcafe.com>; ip: 66.118.165.49; from: <sigismundsxhmzwg@bulevardcafe.com>; rcpt: <invalidemail@example.com> (1 total); user: unauthorized; spam scan: action: add header; virus scan: clean; dkim: not signed, ignored
Feb 28 13:54:03 myserver postfix/qmgr[5046]: 9BAE872A12E: from=<sigismundsxhmzwg@bulevardcafe.com>, size=2386, nrcpt=1 (queue active)
Feb 28 13:54:03 myserver postfix/lmtp[19686]: 9BAE872A12E: to=<invalidemail@example.com>, relay=myserver.example.com[private/dovecot-lmtp], delay=1.3, delays=1.3/0.01/0/0.03, dsn=5.1.1, status=bounced (host myserver.example.com[private/dovecot-lmtp] said: 550 5.1.1 <invalidemail@example.com> User doesn't exist: invalidemail@example.com (in reply to RCPT TO command))
Feb 28 13:54:03 myserver postfix/bounce[19688]: 9BAE872A12E: sender non-delivery notification: EC00872A1BA
r-raymond commented 6 years ago

Hi, thanks for using SNM, and sorry for the inconvenience. Thanks for pointing this out. For future references, solution