[Dovecot] How to deal with mail to unknown virtual recipients?

mouss mouss at netoyen.net
Fri Apr 18 00:50:40 EEST 2008 

Andreas Ntaflos wrote:
> Hello list, 
>
> I am not quite sure whether this is a questions for Dovecot or Postfix. I have 
> set up, virtual hosting for one domain (for test purposes) using a 
> passwd-file as passdb and a static userdb (see dovecot -n at the end) along 
> with Postfix in a manner described in [1], i.e. a non-Postfix mail store. 
> Other than that I also do hosting for the canonical domain which is for users 
> with a regular Unix account on the system (looked up via PAM)
>
> The virtual domain shall be "example.org", with two users "alice at example.org" 
> and "bob at example.org". 
>
> But today I received spam mail (which was correctly identified as such by 
> amavisd-new) for "info at example.org" and "sales at example.org", two recipient 
> addresses that do not exist. According to [1] "it's left up to the 
> non-Postfix delivery agent to reject non-existent recipients from local 
> submission or from local alias expansion." 
>   

note that this is about local submission and local alias expansion. it 
is not about mail received from outside.
> How to deal with such a situation? 
>
>   

this is postfix issue. postfix will reject mail to invalid local and 
virtual users unless you rebak recipient validation. a common error is 
to use wildcard virtual aliases or wildcard canonical mapping.

Followup on the postfix list, but do show enough informations:
- output of 'postconf -n'
- logs of the transaction (from reception until error)
- do you have a wildcard alias or canonical.

> The sender address was clearly forged so returning a failed delivery message 
> is pointless. The messages are now hanging around in the queue with a status 
> of "deferred: temporary failure". 
>
> The logs show:
>
> dovecot: auth(default): passwd(info at exmaple.org): unknown user
> dovecot: auth(default): passwd-file(info at mexample.org): unknown user
> dovecot: auth(default): static(info at example.org): passdb doesn't support 
> lookups, can't verify user's existence
>
> postfix/pipe[25328]: C7EA18BC0B5: to=<info at exmaple.org>, relay=dovecot, 
> delay=1.4, delays=0.07/0.02/0/1.3, dsn=4.3.0, status=deferred (temporary 
> failure)
>
> The dovecot relay is defined in /etc/postfix/master.cf:
>
> dovecot unix - n n - - pipe
>   flags=DRhu user=vmail:vmail argv=/usr/local/libexec/dovecot/deliver -f 
> ${sender} -d ${recipient}
>
> The question, once again, is: what to do in such a situation? A catch-all 
> address could be set up, but to what end? It would just catch a lot of spam 
> over time. What is the correct way to deal with this? 
>
> More importantly: is there even anything Dovecot could (or should) do? 
>
> Thanks in advance, 
>
> Andreas
>
> [1] http://www.postfix.org/VIRTUAL_README.html#in_virtual_other
>
> # 1.0.10: /usr/local/etc/dovecot.conf
> base_dir: /var/run/dovecot/
> protocols: imap imaps pop3 pop3s managesieve
> listen(default): *
> listen(imap): *
> listen(pop3): *
> listen(managesieve): *:2000
> ssl_cert_file: /path/to/ssl_cert
> ssl_key_file: /path/to/private_key
> login_dir: /var/run/dovecot//login
> login_executable(default): /usr/local/libexec/dovecot/imap-login
> login_executable(imap): /usr/local/libexec/dovecot/imap-login
> login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
> login_executable(managesieve): /usr/local/libexec/dovecot/managesieve-login
> mail_extra_groups: mail
> mail_location: maildir:~/Maildir
> maildir_copy_with_hardlinks: yes
> mail_executable(default): /usr/local/libexec/dovecot/imap
> mail_executable(imap): /usr/local/libexec/dovecot/imap
> mail_executable(pop3): /usr/local/libexec/dovecot/pop3
> mail_executable(managesieve): /usr/local/libexec/dovecot/managesieve
> mail_plugin_dir(default): /usr/local/lib/dovecot/imap
> mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
> mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
> mail_plugin_dir(managesieve): /usr/local/lib/dovecot/managesieve
> imap_client_workarounds(default): outlook-idle delay-newmail 
> tb-extra-mailbox-sep
> imap_client_workarounds(imap): outlook-idle delay-newmail tb-extra-mailbox-sep
> imap_client_workarounds(pop3): outlook-idle
> imap_client_workarounds(managesieve): outlook-idle
> pop3_uidl_format(default):
> pop3_uidl_format(imap):
> pop3_uidl_format(pop3): %08Xu%08Xv
> pop3_uidl_format(managesieve):
> sieve_storage(default):
> sieve_storage(imap):
> sieve_storage(pop3):
> sieve_storage(managesieve): ~/sieve
> sieve(default):
> sieve(imap):
> sieve(pop3):
> sieve(managesieve): ~/.dovecot.sieve
> namespace:
>   type: public
>   separator: /
>   prefix: Public/
>   location: 
> maildir:/var/mail/public:CONTROL=~/Maildir/control/public:INDEX=~/Maildir/index/public
> namespace:
>   type: private
>   separator: /
>   inbox: yes
> auth default:
>   mechanisms: plain login
>   verbose: yes
>   passdb:
>     driver: passwd-file
>     args: /etc/dovecot/passwd
>   passdb:
>     driver: pam
>   userdb:
>     driver: passwd
>   userdb:
>     driver: static
>     args: uid=vmail gid=vmail home=/home/vmail/%d/%u
>   socket:
>     type: listen
>     client:
>       path: /var/spool/postfix/private/auth
>       mode: 432
>       user: postfix
>       group: postfix
>     master:
>       path: /var/run/dovecot/auth-master
>       mode: 432
>       user: vmail
>       group: vmail
>

More information about the dovecot mailing list