[Mailman-Developers] Mail forwarding loops - discovered!

Bob Puff@NLE bob@nleaudio.com
Fri, 14 Jun 2002 01:10:09 -0400 

Hello all,

I have been recently seeing a bunch of "Mail forwarding Loop" messages in my Postfix mail log.  After pouring over this stuff for several hours, I think I found the
problem... Microsoft!

Seriously, here's the scoop: a user sends a message to the list, which gets properly distributed.  Sometime later (I've seen a few hours to a few days), the exact message
that went out of the list mysteriously comes back to the list, with the same FROM: (usually the list's admin address), and the same TO: address (the list posting address). 
Postfix catches the loop, as it sees it's "Delivered-To" line in there, and bounces the message back to the sender, which sometimes is the real sender, other times is the
list bounce address.

The sender gets the bounce, and thinks their message didn't go out, when it really did.

I've seen at least three different mail servers that have caused this: a roadrunner server, xt1.xtlab.com, and some other one in Australia.  The common thread is that they
are all running Microsoft mail server software.  One of the messages had a header line that indicated it came from some webmail server, so it's possible that the webmail
server software itself is somehow buggered up, and sends out these messages when the user does something.  If it is user interaction, that would explain the random delay I
saw (up to 2 days on one message).

Here's a sample header, with some comments:

>From DRSpoelhof@cs.com  Thu Jun 13 22:09:44 2002
Return-Path: <DRSpoelhof@cs.com>
Delivered-To: cscmsgs@nlenet.net    <--- my separate test mailbox to collect this message
Received: from mail8.nc.rr.com (fe8.southeast.rr.com [24.93.67.55])
        by list.nlenet.net (Postfix) with ESMTP id 65DA9128
        for <csc@lists.churchsoundcheck.com>; Thu, 13 Jun 2002 22:09:44 -0400 (EDT)
Received: from mail pickup service by mail8.nc.rr.com with Microsoft SMTPSVC;
         Thu, 13 Jun 2002 21:58:19 -0400   <--- HERE'S THE REMAILED MESSAGE GOING OUT!
Received: from ncmx01.mgw.rr.com ([24.93.67.251]) by mail8.nc.rr.com  with Microsoft  SMTPSVC(5.5.1877.757.75); <-- Here's where the original message got delivered
         Wed, 12 Jun 2002 08:01:15 -0400            <--- NOTICE THE DATE CHANGE!
Received: from list.nlenet.net (list.nlenet.net [208.178.159.75])
        by ncmx01.mgw.rr.com (8.12.2/8.12.2) with ESMTP id g5CC1FbC010819;
        Wed, 12 Jun 2002 08:01:15 -0400 (EDT)
Received: from list.nlenet.net (localhost.localdomain [127.0.0.1])
        by list.nlenet.net (Postfix) with ESMTP
        id 0368EFE; Wed, 12 Jun 2002 08:01:11 -0400 (EDT)
Delivered-To: csc@nlenet.net
Received: from imo-r07.mx.aol.com (imo-r07.mx.aol.com [152.163.225.103])
  by list.nlenet.net (Postfix) with ESMTP id 60E2EF8 for
  <csc@lists.churchsoundcheck.com>; Wed, 12 Jun 2002 08:00:56 -0400
  (EDT)
Received: from DRSpoelhof@cs.com by imo-r07.mx.aol.com (mail_out_v32.5.)
  id 7.cb.23799993 (657) for <csc@lists.churchsoundcheck.com>; Wed, 12
  Jun 2002 08:00:50 -0400 (EDT)
From: DRSpoelhof@cs.com
Message-ID: <cb.23799993.2a3891f2@cs.com>
Subject: Re: [CSC] surge protection
To: csc@lists.churchsoundcheck.com

My solution (for now) was to insert procmail into the picture, scan the message for the "Delivered-To" the list address header, and if present, dump the message to the
bit-bucket.  Otherwise, the message gets passed on to Mailman.  But the mail server software needs to be fixed!

I'm sure others out there are going to see this same thing happening.  I've seen it on a few different servers of my own, so I know it's not just one specific machine.

Bob