[Avcheck] avpcheck Problem

Michael Tokarev mjt@tls.msk.ru
Fri, 27 Jul 2001 13:58:45 +0400 

Ralf Hildebrandt wrote:
> 
> Hi!
> 
> I sent mail to hostmaster@bigfoot.de via /sur/sbin/sendmail. The reinjection
> from avpcheck was denied, because bigfoot.de does not exist.
> 
> Look at this transcript:
> 
> Transcript of session follows.
> 
>    Out: 220 mate.bln.innominate.de ESMTP Postfix
>    In:  HELO localhost

Oops, I see another interesting thing here: "localhost"
isn't allowed per rfc... What to place here?  gethostname()?
Note that gethostbyaddr(127.0.0.1) will usually return
bare "localhost", not "localhost.dom.ain".

>    Out: 250 mate.bln.innominate.de
>    In:  MAIL FROM:<Ralf.Hildebrandt@innominate.com>
>    Out: 250 Ok
>    In:  RCPT TO:<douglsab@bigfoot.com>
>    Out: 250 Ok
>    In:  RCPT TO:<hostmaster@bigfoot.com>
>    Out: 250 Ok
>    In:  RCPT TO:<hostmaster@bigfoot.de>
>    Out: 554 <hostmaster@bigfoot.de>: Recipient address rejected: Domain not found
> 
> Session aborted, reason: lost connection
> 
> An although two recipients were OK, the mail was NOT sent...

Ralf, I'm surprized.  We already "solved" this in private email
with you.  Should I answer here as well, or you can post just
a result? ;)  Ok, here it goes.

--- Begin message from Ralf Hilderbrandt, Thu, 26 Jul 2001 15:21:09 +0200 --

On Thu, Jul 26, 2001 at 05:16:59PM +0400, Michael Tokarev wrote:
> Ralf Hildebrandt wrote:
> > 
> > Hi!
> > 
> > I sent mail to hostmaster@bigfoot.de via sendmail. The reinjection
> > from avpcheck was denied, because bigfoot.de does not exist.
> 
> So how you submitted your mail at a first place? ;)

I was looked in on "mate", and wrote it using "mutt" (which uses
/usr/sbin/sendmail)

> I suspect this is from "internal smtpd" that listens for
> avpcheck's reinjection.  Looks very good. ;)

Correct!

> Correct.  Avpcheck (and any virusscanner in general) isn't supposed
> to deal with delivery failures - it either delivers ALL mails (to
> ALL recipients), or fails temporary while problem will be solved.

OK.

> It will not sent bounces to one recipient (and how this bounce should
> look like? ;).

OK.

> This is cleanly a misconfiguration, and an interesting
> one.  Your mailsystem allowed you to submit a mail that can't be
> sent *inside* mail subsystem (counting avpcheck a part of it too).

Mail submitted via sendmail IS NOT subject to the smtpd_*_restrictions
:( That's the problem. 

> BTW, Why you do not use Avcheck@list.innominate.org ?

Sorry :)

-- 
ralf.hildebrandt@innominate.com                            innominate AG
Technical Consultant                   Don't be afraid of what you see -
Diplom-Informatiker                     be afraid of what you don't see!
tel: +49.(0)7000.POSTFIX                        fax: +49.(0)30.308806-77

--- end message ---

Regards,
 Michael.