email retry problem

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

email retry problem

Jittinan Suwanrueangsri
Dear sir
 
I assume these conditions are true.
 
1.sample domain: test.com
2.test.com has one mx is called mail.test.com
3.mail.test.com host is down
 
 
if some one relay an email which sender is [hidden email] ,recipients is [hidden email] via one mailrelay server.After mailserver recieve a message it try to connect to test.com 's mx ,finally it will fail so mailserver keep  a message for next retry but it will faill every times until a message is expire.After that mailserver will generate delivery status notification,send it back to sender [hidden email] with hope to notify sender that his/her message can not be delivered but It  can not connect to test.com 's mx and retry until message is expire.Default value for postfix queue expire time is 5 days if someone send only 1 message which all situation are met these conditions.It will stay in mailserver for 10 days.what 's happen if someone send 10,000 messages/day.Are there any solution ?
 
 
Jittinan Suwanrueangsri
Reply | Threaded
Open this post in threaded view
|

Re: email retry problem

Noel Jones-2
jittinan suwanrueangsri wrote:

Please press the [Plain Text] button when posting from gmail.

> Dear sir
>  
> I assume these conditions are true.
>  
> 1.sample domain: test.com <http://test.com>
> 2.test.com <http://2.test.com> has one mx is called mail.test.com
> <http://mail.test.com>
> 3.mail.test.com <http://3.mail.test.com> host is down
>  
>  
> if some one relay an email which sender is [hidden email]
> <mailto:[hidden email]> ,recipients is [hidden email]
> <mailto:[hidden email]> via one mailrelay server.After mailserver
> recieve a message it try to connect to test.com <http://test.com> 's mx
> ,finally it will fail so mailserver keep  a message for next retry but
> it will faill every times until a message is expire.After that
> mailserver will generate delivery status notification,send it back to
> sender [hidden email] <mailto:[hidden email]> with hope to notify
> sender that his/her message can not be delivered but It  can not connect
> to test.com <http://test.com> 's mx and retry until message is
> expire.Default value for postfix queue expire time is 5 days if someone
> send only 1 message which all situation are met these conditions.It will
> stay in mailserver for 10 days.

Yes, this is correct behavior.

> what 's happen if someone send 10,000
> messages/day.Are there any solution ?

Solution to what?  Where's the problem?

- If you send lots of mail, you must be prepared to accept
lots of bounces.
- If you don't want your users to send lots of mail, use a
policy service with per-user rate limits.
- If you don't want your users using "unauthorized" envelope
sender, use reject_sender_login_mismatch and friends.
- If your queue is full of mail you know will never be
delivered, use postsuper -d QUEUEID to delete it.


--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: email retry problem

Jittinan Suwanrueangsri
Dear Noel Jones
 
In our environment
1. a user can not connect to other mailserver directly such as gmail,aol etc. except our mailserver.
2. a user have right to use his/her other domain sender (aol,gmail) in message which have to relay via our mailserver.if our policy allow user to send only our sender domain we can authenticate his/her right but it 's impossible to know which sender is his/her account in gmail or aol.we can not connect to their database .
3.a user need to use dynamic ip address so we can not create allow/reject policy by source ip ,dnsbl checking or other technique base on source ip.
4. our mailserver  is in situation same as previous post(retry problem).There are too many emails  are pending in mailserver so it affect to other email user.email sending process is slow down because of unnecessary retry.we sure these messages are bad .
 
are there any solution to this problem? 
  
 
Jittinan Suwanrueangsri

2009/1/7 Noel Jones <[hidden email]>
jittinan suwanrueangsri wrote:

Please press the [Plain Text] button when posting from gmail.

Dear sir
 I assume these conditions are true.
 1.sample domain: test.com <http://test.com>
2.test.com <http://2.test.com> has one mx is called mail.test.com <http://mail.test.com>
3.mail.test.com <http://3.mail.test.com> host is down
  if some one relay an email which sender is [hidden email] <mailto:[hidden email]> ,recipients is [hidden email] <mailto:[hidden email]> via one mailrelay server.After mailserver recieve a message it try to connect to test.com <http://test.com> 's mx ,finally it will fail so mailserver keep  a message for next retry but it will faill every times until a message is expire.After that mailserver will generate delivery status notification,send it back to sender [hidden email] <mailto:[hidden email]> with hope to notify sender that his/her message can not be delivered but It  can not connect to test.com <http://test.com> 's mx and retry until message is expire.Default value for postfix queue expire time is 5 days if someone send only 1 message which all situation are met these conditions.It will stay in mailserver for 10 days.

Yes, this is correct behavior.


what 's happen if someone send 10,000 messages/day.Are there any solution ?

Solution to what?  Where's the problem?

- If you send lots of mail, you must be prepared to accept lots of bounces.
- If you don't want your users to send lots of mail, use a policy service with per-user rate limits.
- If you don't want your users using "unauthorized" envelope sender, use reject_sender_login_mismatch and friends.
- If your queue is full of mail you know will never be delivered, use postsuper -d QUEUEID to delete it.


--
Noel Jones

Reply | Threaded
Open this post in threaded view
|

Re: email retry problem

Noel Jones-2
jittinan suwanrueangsri wrote:

> Dear Noel Jones
>  
> In our environment
> 1. a user can not connect to other mailserver directly such as gmail,aol
> etc. except our mailserver.
> 2. a user have right to use his/her other domain sender (aol,gmail) in
> message which have to relay via our mailserver.if our policy allow user
> to send only our sender domain we can authenticate his/her right but it
> 's impossible to know which sender is his/her account in gmail or aol.we
> can not connect to their database .
> 3.a user need to use dynamic ip address so we can not create
> allow/reject policy by source ip ,dnsbl checking or other technique base
> on source ip.
> 4. our mailserver  is in situation same as previous post(retry
> problem).There are too many emails  are pending in mailserver so it
> affect to other email user.email sending process is slow down because of
> unnecessary retry.we sure these messages are bad .
>  
> are there any solution to this problem?
>  

Please don't top-post.


- if you don't want users sending so much mail, use a policy
service with per-user rate limits.
http://www.postfix.org/addon.html#policy
maybe this one:
http://policyd.sourceforge.net/

- if you have lots of mail in your queue that you're sure will
never be delivered, remove it with postsuper -d.  There's an
example on the man page showing how to delete multiple messages.
http://www.postfix.org/postsuper.1.html

--
Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: email retry problem

Jorey Bump
In reply to this post by Jittinan Suwanrueangsri
jittinan suwanrueangsri wrote, at 01/07/2009 02:15 PM:

> In our environment
> 1. a user can not connect to other mailserver directly such as gmail,aol
> etc. except our mailserver.
> 2. a user have right to use his/her other domain sender (aol,gmail) in
> message which have to relay via our mailserver.if our policy allow user
> to send only our sender domain we can authenticate his/her right but it
> 's impossible to know which sender is his/her account in gmail or aol.we
> can not connect to their database .
> 3.a user need to use dynamic ip address so we can not create
> allow/reject policy by source ip ,dnsbl checking or other technique base
> on source ip.
> 4. our mailserver  is in situation same as previous post(retry
> problem).There are too many emails  are pending in mailserver so it
> affect to other email user.email sending process is slow down because of
> unnecessary retry.we sure these messages are bad .

It sounds like you (or your ISP) is blocking outgoing connections to
port 25 and you are trying to get around this block or minimize its
effect. If that's the case don't bother. Use your mail server to relay
and handle mail for your own domain only. If users want to relay mail
via other email service providers, they can use webmail or the
submission port 587. Encouraging them to use your relay for domains you
don't control will only complicate things and interfere with the
delivery of the messages (as you seem to be discovering).


Reply | Threaded
Open this post in threaded view
|

Re: email retry problem

Jittinan Suwanrueangsri
Dear Jorey Bump
 
Actually,we can authenticate emails which use our domain as sender but our mailserver must act as mailfilter for our customer's mailserver.sometime spams are sended from our customer 's mailserver.we can not force them to use submission in their organization and we do not have information which sender are exits in their domain.How should I do?
 
 
Jittinan Suwanrueangsri

2009/1/8 Jorey Bump <[hidden email]>
jittinan suwanrueangsri wrote, at 01/07/2009 02:15 PM:

> In our environment
> 1. a user can not connect to other mailserver directly such as gmail,aol
> etc. except our mailserver.
> 2. a user have right to use his/her other domain sender (aol,gmail) in
> message which have to relay via our mailserver.if our policy allow user
> to send only our sender domain we can authenticate his/her right but it
> 's impossible to know which sender is his/her account in gmail or aol.we
> can not connect to their database .
> 3.a user need to use dynamic ip address so we can not create
> allow/reject policy by source ip ,dnsbl checking or other technique base
> on source ip.
> 4. our mailserver  is in situation same as previous post(retry
> problem).There are too many emails  are pending in mailserver so it
> affect to other email user.email sending process is slow down because of
> unnecessary retry.we sure these messages are bad .

It sounds like you (or your ISP) is blocking outgoing connections to
port 25 and you are trying to get around this block or minimize its
effect. If that's the case don't bother. Use your mail server to relay
and handle mail for your own domain only. If users want to relay mail
via other email service providers, they can use webmail or the
submission port 587. Encouraging them to use your relay for domains you
don't control will only complicate things and interfere with the
delivery of the messages (as you seem to be discovering).