Question regarding null senders and smtpd restrictions

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Question regarding null senders and smtpd restrictions

Research
Hello,

I have recently begun deploying Postfix on a web server.

Postfix is configured to handle the e-mail for the web server domain (i.e.: receives e-mail for example.com), and then has virtual tables configured to route that mail to Gmail accounts.  I have mappings for all RFC required e-mail addresses (i.e.: [hidden email], [hidden email]), and can verify that mail sent to those addresses does go to the recipients on Gmail successfully.  I have also verified that I am not an open relay.

In my syslog, I can see an e-mail transaction of the following form (truncated):

        Feb 25 04:48:14 example postfix/qmgr[16092]: BBCE57FCD4: from=<>, size=20118, nrcpt=1 (queue active)...

In this case, a sender has attempted to deliver a message with no sender (“from”), information.  As far as I can tell, that is not-RFC compliant and is most likely spam.

Is there a way via: smtpd_sender_restrictions in main.cf that I can block this behaviour, or is there another method of doing so ?

Thank you.
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding null senders and smtpd restrictions

Noel Jones-2
On 2/25/2015 4:53 PM, Research wrote:

> Hello,
>
> I have recently begun deploying Postfix on a web server.
>
> Postfix is configured to handle the e-mail for the web server domain (i.e.: receives e-mail for example.com), and then has virtual tables configured to route that mail to Gmail accounts.  I have mappings for all RFC required e-mail addresses (i.e.: [hidden email], [hidden email]), and can verify that mail sent to those addresses does go to the recipients on Gmail successfully.  I have also verified that I am not an open relay.
>
> In my syslog, I can see an e-mail transaction of the following form (truncated):
>
> Feb 25 04:48:14 example postfix/qmgr[16092]: BBCE57FCD4: from=<>, size=20118, nrcpt=1 (queue active)...
>
> In this case, a sender has attempted to deliver a message with no sender (“from”), information.  As far as I can tell, that is not-RFC compliant and is most likely spam.
>
> Is there a way via: smtpd_sender_restrictions in main.cf that I can block this behaviour, or is there another method of doing so ?
>
> Thank you.
>


The null sender is used for RFC compliant bounces or non-delivery
notices and MUST NOT be blocked.

It's OK to block a particular message if the client or content
violates some local policy of yours, but the null sender MUST NOT be
used as blocking criteria.


  -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Question regarding null senders and smtpd restrictions

Research
On Feb 25, 2015, at 5:56 PM, Noel Jones <[hidden email]> wrote:

> On 2/25/2015 4:53 PM, Research wrote:
>> Hello,
>>
>> I have recently begun deploying Postfix on a web server.
>>
>> Postfix is configured to handle the e-mail for the web server domain (i.e.: receives e-mail for example.com), and then has virtual tables configured to route that mail to Gmail accounts.  I have mappings for all RFC required e-mail addresses (i.e.: [hidden email], [hidden email]), and can verify that mail sent to those addresses does go to the recipients on Gmail successfully.  I have also verified that I am not an open relay.
>>
>> In my syslog, I can see an e-mail transaction of the following form (truncated):
>>
>> Feb 25 04:48:14 example postfix/qmgr[16092]: BBCE57FCD4: from=<>, size=20118, nrcpt=1 (queue active)...
>>
>> In this case, a sender has attempted to deliver a message with no sender (“from”), information.  As far as I can tell, that is not-RFC compliant and is most likely spam.
>>
>> Is there a way via: smtpd_sender_restrictions in main.cf that I can block this behaviour, or is there another method of doing so ?
>>
>> Thank you.
>>
>
>
> The null sender is used for RFC compliant bounces or non-delivery
> notices and MUST NOT be blocked.
>
> It's OK to block a particular message if the client or content
> violates some local policy of yours, but the null sender MUST NOT be
> used as blocking criteria.
>
>
>  -- Noel Jones

Hi Noel,

Thank you for your prompt response.  I was unaware of bounce and non-delivery notices using null sender addresses and would have attempted to block this to my servers’ detriment.  I will use content filtering to examine these addresses and *NOT* block solely on null addresses.