Bounce tracking

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Bounce tracking

Wiebe Cazemier
Hi,

I'm trying to set up simple bounce handling in Postfix. I was hoping not to need/want VERP, but simply trying to get Postfix to call a script with the failed (bounced/delayed) RCPT TO address, instead of sending a bounce e-mail with that bounced address in the body. (Current version is 3.1.0-3ubuntu0.3, from Ubuntu 16.04).

So far, I've tried:

main.cf:

  notify_classes = bounce
  bounce_notice_recipient = [hidden email]
  transport_maps = hash:/etc/postfix/transport_maps

master.cf:

  bouncehandler unix -       n       n       -       -       pipe
    flags=FRq user=bouncehandler argv=/usr/local/bin/postfix-bounce-handler.sh --sender ${sender} --recipient ${recipient}

transport_maps:

  [hidden email] bouncehandler:

/usr/local/bin/postfix-bounce-handler.sh

  #!/bin/bash
  debug_file="/tmp/bouncelog.txt"
  datestamp=$(date +%Y%m%d-%H:%M)
  echo "[$datestamp] $@" >> "$debug_file"

But, the only output I seem to get, is from the double bounce, and not the bounced address:

  [20181130-17:43] --sender [hidden email] --recipient [hidden email]

Postfix knows exactly which address failed, because it includes it in the mail body of bounce notices:

  <[hidden email]>: host ASPMX.L.GOOGLE.COM[2a00:1450:4013:c00::1b] said: 550-5.1.1
    The email account that you tried to reach does not exist. Please try
    550-5.1.1 double-checking the recipient's email address for typos or
    550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
    https://support.google.com/mail/?p=NoSuchUser a12si2525633edk.106 - gsmtp
    (in reply to RCPT TO command)

So instead of sending that e-mail, can I call the script with that address?

Or, am I going to have to parse that message (that comes in on std-in)?

Regards,

Wiebe
Reply | Threaded
Open this post in threaded view
|

Re: Bounce tracking

Wietse Venema
Wiebe Cazemier:

> Hi,
>
> I'm trying to set up simple bounce handling in Postfix. I was hoping not to need/want VERP, but simply trying to get Postfix to call a script with the failed (bounced/delayed) RCPT TO address, instead of sending a bounce e-mail with that bounced address in the body. (Current version is 3.1.0-3ubuntu0.3, from Ubuntu 16.04).
>
> So far, I've tried:
>
> main.cf:
>
>   notify_classes = bounce
>   bounce_notice_recipient = [hidden email]
>   transport_maps = hash:/etc/postfix/transport_maps
>
> master.cf:
>
>   bouncehandler unix -       n       n       -       -       pipe
>     flags=FRq user=bouncehandler argv=/usr/local/bin/postfix-bounce-handler.sh --sender ${sender} --recipient ${recipient}
>
> transport_maps:
>
>   [hidden email] bouncehandler:
>
> /usr/local/bin/postfix-bounce-handler.sh
>
>   #!/bin/bash
>   debug_file="/tmp/bouncelog.txt"
>   datestamp=$(date +%Y%m%d-%H:%M)
>   echo "[$datestamp] $@" >> "$debug_file"
>
> But, the only output I seem to get, is from the double bounce, and not the bounced address:
>
>   [20181130-17:43] --sender [hidden email] --recipient [hidden email]
>
> Postfix knows exactly which address failed, because it includes it in the mail body of bounce notices:
>
>   <[hidden email]>: host ASPMX.L.GOOGLE.COM[2a00:1450:4013:c00::1b] said: 550-5.1.1
>     The email account that you tried to reach does not exist. Please try
>     550-5.1.1 double-checking the recipient's email address for typos or
>     550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1
>     https://support.google.com/mail/?p=NoSuchUser a12si2525633edk.106 - gsmtp
>     (in reply to RCPT TO command)
>
> So instead of sending that e-mail, can I call the script with that address?

The pipe daemon has no access to message content fields, only the
message envelope. Putting the failed recipient address in the sender
or recipient envelope address of a bounce notification would not
be safe.

The format of Postfix bounces is documented in Internet RFCs:

       RFC 3462 (Delivery Status Notifications)
       RFC 3464 (Delivery Status Notifications)

Extracting the failed recipient should be a no-brainer. It's
all MIME boundaries and "label: value" stuff, with folding whitespace.

        Wietse