You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using qpsmtpd 1.0 and Qmail::Deliverable 1.07. If a spammer sends mail to an address at my domain whose local part contains multiple dots in a row, this address is accepted by qpsmtpd, resulting in a bounce message (backscatter or joe-job problem) after the message cannot be delivered locally.
Qmail's bounce looks like this:
Hi. This is the qmail-send program at greg.wooledge.org.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out. [email protected]:
Sorry, no mailbox here by that name. (#5.1.1)
The relevant piece of plugins/qmail_deliverable looks like this:
my $rv = deliverable $address;
if (not defined $rv or not length $rv) {
$self->log(LOGWARN, "error (unknown) checking '$address'");
return DECLINED;
}
I think the relevant part of Qmail::Deliverable is this:
sub deliverable {
my ($in) = @_;
my ($address) = lc($in) =~ /$valid/
or do { carp "Invalid address: $in"; return; };
where $valid is a regular expression that these addresses containing consecutive dots do not conform to. So, deliverable generates an error because the address is malformed, qpsmtpd sees an error and decides not to trigger a DENY, the message is accepted, and a backscatter bounce is generated.
I can't tell whether this is an issue in qpsmtpd or in Qmail::Deliverable. It's not a frequent issue at my domain, fortunately, but it would be nice if I could put a stop to it.
The text was updated successfully, but these errors were encountered:
I'm using qpsmtpd 1.0 and Qmail::Deliverable 1.07. If a spammer sends mail to an address at my domain whose local part contains multiple dots in a row, this address is accepted by qpsmtpd, resulting in a bounce message (backscatter or joe-job problem) after the message cannot be delivered locally.
Qmail's bounce looks like this:
Hi. This is the qmail-send program at greg.wooledge.org.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
[email protected]:
Sorry, no mailbox here by that name. (#5.1.1)
The qpsmtpd log looks like this:
2023-11-04 14:56:33.471497500 740579 dispatching RCPT TO:<"zl5bsa9pgfixz..."@wooledge.org>
2023-11-04 14:56:33.472074500 740579 (rcpt) badrcptto: skip, empty config
2023-11-04 14:56:33.472328500 Invalid address: [email protected] at /usr/local/share/qpsmtpd/plugins/qmail_deliverable line 147.
2023-11-04 14:56:33.472329500 740579 (rcpt) qmail_deliverable: error (unknown) checking '[email protected]'
2023-11-04 14:56:33.472711500 740579 (rcpt) rcpt_ok: pass: wooledge.org in rcpthosts
2023-11-04 14:56:33.472810500 740579 250 [email protected], recipient ok
The relevant piece of plugins/qmail_deliverable looks like this:
I think the relevant part of Qmail::Deliverable is this:
sub deliverable {
my ($in) = @_;
my ($address) = lc($in) =~ /$valid/
or do { carp "Invalid address: $in"; return; };
where $valid is a regular expression that these addresses containing consecutive dots do not conform to. So, deliverable generates an error because the address is malformed, qpsmtpd sees an error and decides not to trigger a DENY, the message is accepted, and a backscatter bounce is generated.
I can't tell whether this is an issue in qpsmtpd or in Qmail::Deliverable. It's not a frequent issue at my domain, fortunately, but it would be nice if I could put a stop to it.
The text was updated successfully, but these errors were encountered: