headers
tobi | 18 Aug 2012 17:17
Picon
Favicon

Find "overquota" mailboxes

Hello list

I need your experience here to see if "my" solution is good or bad :-)
Background:
We have a postfix setup which can only check users quota after postfix
accepted the message. As you can imagine we produce a lot of
backscatter. Until now the procedure was to manually check mailq and
delete mails from "well-known" users which never clean up their
mailboxes (do not blame me about that, I just started to work there 4
weeks ago ;-) )
So I thought that must be solved somehow easier and more automatically.
My basic idea is to regularly scan the mailq for mails defered by
"overquota". From these mails in queue I fetch the recipients and add
them to a recipient-restriction file for postfix. So postfix can reject
such mails before the queue.

<<snip>>
#!/bin/bash
LIMIT=10
TFILE=$(mktemp)
mailq | tail -n +2| awk 'BEGIN {RS = ""} /over quota/ {print $NF}' |
grep -v maildrop: | sort -n | uniq -c | sort -nr | awk '{if($1>
'"$LIMIT"') print $2}' > $TFILE

while read line ; do
 echo "$line 550 Account $line is overquota and cannot receive mails" >>
/root/overquota
done <$TFILE
cp -f /root/overquota /etc/postfix/
postmap /etc/postfix/overquota
(Continue reading)

Permalink | Reply |
headers
Wietse Venema | 18 Aug 2012 21:07

Re: Find "overquota" mailboxes

tobi:
> So I thought that must be solved somehow easier and more automatically.
> My basic idea is to regularly scan the mailq for mails defered by
> "overquota". From these mails in queue I fetch the recipients and add
> them to a recipient-restriction file for postfix. So postfix can reject
> such mails before the queue.

That is a reasonable approach. 

> mailq | tail -n +2| awk 'BEGIN {RS = ""} /over quota/ {print $NF}' |
> grep -v maildrop: | sort -n | uniq -c | sort -nr | awk '{if($1>
> '"$LIMIT"') print $2}' > $TFILE

This misses all the users that are over quota but did not get mail.

What about parsing "du" output? This way you can find out all users
that are over quota.

> cp -f /root/overquota /etc/postfix/
> postmap /etc/postfix/overquota
> postfix reload

Safer:
    postmap /etc/postfix/overquota.new && mv /etc/postfix/overquota.new.db /etc/postfix/overquota.db

	Wietse
Permalink | Reply |
headers
Henry Stryker | 18 Aug 2012 23:32

Apply custom transport to MX hostname


I have defined a few custom smtp transports to limit deliveries to
certain large domains such as Yahoo and Hotmail.  These are applied via
the transport map file to match recipient address domains.

There are a large number of recipients I would like to use a custom
transport for, but whose actual recipient address domains are all
different.  The common bond among them is they all use the same MX.
These are personal domain names hosted by GoDaddy, so they all use
smtp.secureserver.net as the primary MX.

Is there a way to apply a custom smtp transport to the MX hostname,
rather than the recipient address domain?
Permalink | Reply |
headers
/dev/rob0 | 19 Aug 2012 00:13
Picon
Favicon

Re: Apply custom transport to MX hostname

Please do not hijack threads. When starting a new thread on list, you 
should do a "new message" rather than a "reply to list". Thank you.

On Sat, Aug 18, 2012 at 02:32:45PM -0700, Henry Stryker wrote:
> I have defined a few custom smtp transports to limit deliveries to 
> certain large domains such as Yahoo and Hotmail.  These are applied 
> via the transport map file to match recipient address domains.

Hmmm, in general I think this is not worth the trouble.

> There are a large number of recipients I would like to use a custom
> transport for, but whose actual recipient address domains are all
> different.  The common bond among them is they all use the same MX.
> These are personal domain names hosted by GoDaddy, so they all use
> smtp.secureserver.net as the primary MX.
> 
> Is there a way to apply a custom smtp transport to the MX hostname,
> rather than the recipient address domain?

You can use check_recipient_mx_access with a FILTER action. However, 
you should be aware that this affects all recipients of a multi-rcpt 
message, so it might not always work as hoped.

Why do you need to do this?
--

-- 
  http://rob0.nodns4.us/ -- system administration and consulting
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Permalink | Reply |
headers
Wietse Venema | 19 Aug 2012 00:23

Re: Apply custom transport to MX hostname

Henry Stryker:
> I have defined a few custom smtp transports to limit deliveries to
> certain large domains such as Yahoo and Hotmail.  These are applied via
> the transport map file to match recipient address domains.
> 
> There are a large number of recipients I would like to use a custom
> transport for, but whose actual recipient address domains are all
> different.  The common bond among them is they all use the same MX.
> These are personal domain names hosted by GoDaddy, so they all use
> smtp.secureserver.net as the primary MX.
> 
> Is there a way to apply a custom smtp transport to the MX hostname,
> rather than the recipient address domain?

No. However, if you know that a domain is hosted by GoDaddy,
then you can make a transport map:

    example.com	smtp:[smtp.secureserver.net]

and Postfix will bundle all recipients in those domains.

Transport lookup happens in the scheduler, which groups recipients
by domain name. The scheduler knows nothing about SMTP or DNS. This
allows Postfix to send and receive non-SMTP mail even when DNS or
the entire network is down.

MX lookup happens in the SMTP client, which knows nothing about
how to group recipients.

	Wietse
(Continue reading)

Permalink | Reply |
headers
Henry Stryker | 19 Aug 2012 00:53

Re: Apply custom transport to MX hostname

On 08/18/12 15:23 , Wietse Venema wrote:
> 
> No. However, if you know that a domain is hosted by GoDaddy,
> then you can make a transport map:
> 
>     example.com	smtp:[smtp.secureserver.net]
> 
> and Postfix will bundle all recipients in those domains.

Thank-you, for the explanation and the example.  I think that will
accomplish what I want to do, which is limit the number of connections
to that MX to the extent possible.

I apologize for the thread hijack.  I guess my brain went dead, because
I even have the list address in my Address Book, all ready to start a
new thread with.
Permalink | Reply |
headers
tobi | 19 Aug 2012 15:16
Picon
Favicon

Re: Find "overquota" mailboxes


Am 18.08.2012 21:07, schrieb Wietse Venema:
> This misses all the users that are over quota but did not get mail.
> 
> What about parsing "du" output? This way you can find out all users
> that are over quota.
> 
As usual you propose the best solution ;-) I will keep the idea with
"du" in mind, but as our main concern is to end up on backscatter
blacklists, it's imho enough to only list overquota accounts which
actually receive mails.
We have rumours in the company that this postfix will be replaced in
near future, so I do not want to invest too much time ;-) Other postfix
servers were already replaced by atmail, which I personally not really
like ;-)
> 
> Safer:
>     postmap /etc/postfix/overquota.new && mv /etc/postfix/overquota.new.db /etc/postfix/overquota.db
> 
Thanks for that I will change it tomorrow.

Cheers

tobi
Permalink | Reply |
headers
Wietse Venema | 19 Aug 2012 15:57

Re: Find "overquota" mailboxes

tobi:
> Am 18.08.2012 21:07, schrieb Wietse Venema:
> > This misses all the users that are over quota but did not get mail.
> > 
> > What about parsing "du" output? This way you can find out all users
> > that are over quota.
> > 
> As usual you propose the best solution ;-) I will keep the idea with
> "du" in mind, but as our main concern is to end up on backscatter
> blacklists, it's imho enough to only list overquota accounts which
> actually receive mails.

You overwrite the old over-quota list. You lose the users that 
are on the old list but not on the new list. That is not smart.

	Wietse
Permalink | Reply |

Gmane