[Mailman-Users] Mail forwarding loops - discovered!
bob at nleaudio.com
Fri Jun 14 07:10:09 CEST 2002
I have been recently seeing a bunch of "Mail forwarding Loop" messages in my Postfix mail log. After pouring over this stuff for several hours, I think I found the
Seriously, here's the scoop: a user sends a message to the list, which gets properly distributed. Sometime later (I've seen a few hours to a few days), the exact message
that went out of the list mysteriously comes back to the list, with the same FROM: (usually the list's admin address), and the same TO: address (the list posting address).
Postfix catches the loop, as it sees it's "Delivered-To" line in there, and bounces the message back to the sender, which sometimes is the real sender, other times is the
list bounce address.
The sender gets the bounce, and thinks their message didn't go out, when it really did.
I've seen at least three different mail servers that have caused this: a roadrunner server, xt1.xtlab.com, and some other one in Australia. The common thread is that they
are all running Microsoft mail server software. One of the messages had a header line that indicated it came from some webmail server, so it's possible that the webmail
server software itself is somehow buggered up, and sends out these messages when the user does something. If it is user interaction, that would explain the random delay I
saw (up to 2 days on one message).
Here's a sample header, with some comments:
>From DRSpoelhof at cs.com Thu Jun 13 22:09:44 2002
Return-Path: <DRSpoelhof at cs.com>
Delivered-To: cscmsgs at nlenet.net <--- my separate test mailbox to collect this message
Received: from mail8.nc.rr.com (fe8.southeast.rr.com [22.214.171.124])
by list.nlenet.net (Postfix) with ESMTP id 65DA9128
for <csc at lists.churchsoundcheck.com>; Thu, 13 Jun 2002 22:09:44 -0400 (EDT)
Received: from mail pickup service by mail8.nc.rr.com with Microsoft SMTPSVC;
Thu, 13 Jun 2002 21:58:19 -0400 <--- HERE'S THE REMAILED MESSAGE GOING OUT!
Received: from ncmx01.mgw.rr.com ([126.96.36.199]) by mail8.nc.rr.com with Microsoft SMTPSVC(5.5.1877.757.75); <-- Here's where the original message got delivered
Wed, 12 Jun 2002 08:01:15 -0400 <--- NOTICE THE DATE CHANGE!
Received: from list.nlenet.net (list.nlenet.net [188.8.131.52])
by ncmx01.mgw.rr.com (8.12.2/8.12.2) with ESMTP id g5CC1FbC010819;
Wed, 12 Jun 2002 08:01:15 -0400 (EDT)
Received: from list.nlenet.net (localhost.localdomain [127.0.0.1])
by list.nlenet.net (Postfix) with ESMTP
id 0368EFE; Wed, 12 Jun 2002 08:01:11 -0400 (EDT)
Delivered-To: csc at nlenet.net
Received: from imo-r07.mx.aol.com (imo-r07.mx.aol.com [184.108.40.206])
by list.nlenet.net (Postfix) with ESMTP id 60E2EF8 for
<csc at lists.churchsoundcheck.com>; Wed, 12 Jun 2002 08:00:56 -0400
Received: from DRSpoelhof at cs.com by imo-r07.mx.aol.com (mail_out_v32.5.)
id 7.cb.23799993 (657) for <csc at lists.churchsoundcheck.com>; Wed, 12
Jun 2002 08:00:50 -0400 (EDT)
From: DRSpoelhof at cs.com
Message-ID: <cb.23799993.2a3891f2 at cs.com>
Subject: Re: [CSC] surge protection
To: csc at lists.churchsoundcheck.com
My solution (for now) was to insert procmail into the picture, scan the message for the "Delivered-To" the list address header, and if present, dump the message to the
bit-bucket. Otherwise, the message gets passed on to Mailman. But the mail server software needs to be fixed!
I'm sure others out there are going to see this same thing happening. I've seen it on a few different servers of my own, so I know it's not just one specific machine.
More information about the Mailman-Users