On 7/12/22 12:36 AM, Bjoern Franke via Mailman-users wrote:
Hi,
some time ago I started a discussion where I wrongly assumed that probe messages were sent accidentally from example.com
Some digging showed now that the sender of the probe messages are correct, but the attached messages seem to be wrong.
An attached example for bouncing messages was:
From: Mailman <mailman@example.com> To: Mailman Bounces <mailman-bounces@example.com> Subject: SMTP Delivery Failure Message-ID: <165577237837.35.8042057157021349872@mailman-core> Date: Tue, 21 Jun 2022 00:46:18 +0000 Message-ID-Hash: TOJ7WDT3TXWOEHZB4USRUOPZUW7BEATI X-Message-ID-Hash: TOJ7WDT3TXWOEHZB4USRUOPZUW7BEATI
Mail to bjo@schafweide.org failed at outgoing SMTP
Error code: 554 Error message: b'5.7.1 Spam message rejected'
That's a fake DSN created by Mailman's outgoing runner. See https://gitlab.com/mailman/mailman/-/blob/master/src/mailman/runners/outgoin....
There will be nothing in Mailman's smtp.log regarding receipt of this message because this message is not received via SMTP, but see below. It is created when the outgoing runner gets a 5xx refusal and the runner calls the bounce processor directly with this fake DSN to process this refusal as a bounce.
I took a look into the logs and found no example.com, but:
Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) handling connection Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) >> b'LHLO mail.ffnw.de' Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) >> b'MAIL FROM:<yzvotmm@forestanes.mom> SIZE=293338' Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) sender: yzvotmm@forestanes.mom Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) >> b'RCPT TO:<vorstand@lists.ffnw.de>' Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) recip: vorstand@lists.ffnw.de Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) >> b'DATA' Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) >> b'QUIT' Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) connection lost Jun 21 00:46:14 2022 (33) ('172.20.199.1', 52074) Connection lost during _handle_client()
The above is the receipt of the post whose delivery to some recipients failed.
Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> response exception: (554, b'5.7.1 Spam message rejected') Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> response exception: (554, b'5.7.1 Spam message rejected') Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> smtp to vorstand@lists.ffnw.de for 6 recips, completed in 0.7157599925994873 seconds Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> post to vorstand@lists.ffnw.de from vorstand@lists.ffnw.de, 294362 bytes, 6 failures Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> delivery to foo@stadel.info failed with code 554, b'5.7.1 Spam message rejected' Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> delivery to abc@ffnw.de failed with code 554, b'5.7.1 Spam message rejected' Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> delivery to def@ffnw.de failed with code 554, b'5.7.1 Spam message rejected' Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> delivery to xyz@ffnw.de failed with code 554, b'5.7.1 Spam message rejected' Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> delivery to bjo@schafweide.org failed with code 554, b'5.7.1 Spam message rejected' Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> delivery to blabla@osnabrueck.freifunk.net failed with code 554, b'5.7.1 Spam message rejected' Jun 21 00:46:49 2022 (35) <165577240769.30.3077851374384466408@mailman-core> smtp to vorstand@lists.ffnw.de for 1 recips, completed in 0.5507137775421143 seconds
The various messages like
Jun 21 00:46:18 2022 (35) <H44657323H70760722Q60416802U@yzvotmm> delivery to bjo@schafweide.org failed with code 554, b'5.7.1 Spam message rejected'
are logged by the outgoing runner when it receives a 5xx reject and creates a bounce with a fake DSN.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan