Tcp_local channel mails

Similar Messages

• Messages getting stuck in tcp_local Channel

  Hi All
  Version
  Sun Java(tm) System Messaging Server 6.1 HotFix 0.01 (built Jun 24 2004)
  libimta.so 6.1 HotFix 0.01 (built 12:52:04, Jun 24 2004)
  SunOS dakota 5.9 Generic_112233-12 sun4u sparc SUNW,Sun-Fire-V440
  Background
  In the last week we've been experiencing problems with outgoing messages getting stuck in our tcp_local channel. They can stay for up to 4 hours before dequeuing. We plan to install Patch 116568 which is the latest core patch for our version of the Messaging Server.
  To date we haven't experienced any DNS problems and have not made any configuration changes.
  However I was just wondering if anyone had come across this type of problem before? We're hoping the patch will resolve the issue but would be interested in other alternatives.
  Thanks in advance
  Paul

  You'll have to do more research before I can offer help. . .
  It's not unusual for some messages to be retried, and depending on the destination, that may take a while.
  Some outside domains are always slow. If you have many messages queued for such outside domains, they can involve the whole server, and cause mails to queue up behind them.
  Many installations create a new channel, such as, "tcp_slow", and use rewrite rules to move messages addressed to these domains (aol, hotmail, earthlink, etc.) into this separate channel. You can "tune" that channel differently, and messages there won't block tcp_local.

• How to separate ims-ms and tcp_local channel

  Since I have serveral domains in one mail store, now we can separate SMTP channel for each domain. But how to separate ims-ms and tcp_local channel for each domain? Now we are on version 6.0 patch 1
  Thanks

  I'm sorry, I don't have a clue what you're looking to do. Often folks ask for a way to do something, without telling us what it is they want to do, and the method requested isn't possible.
  tcp_local is the channel set up for mail to and from the internet. ims-ms is for delivery to the store. They're already separated.
  Please start over, and let me know what your ultimate goal is, and perhaps then, I can help you.
  There is no need to separate anything for separate domains on one mail store. . .

• Tcp_intranet & tcp_local channel

  the default domain is domain.net
  when [email protected] send an email to another user in the same domain the message is routed by default to the tcp_intranet channel
  what can i do to route all internal mail to tcp_local channel
  thanks for reply

  The choice of which channel is used is made in the "internal_ip" section of the "mapping" file.
  You need to make sure that all of your internal systems are included in the IP range(s) you specify there.

• Text type 'HTML' for the Channel 'Mail (Letter)'

  Dear Experts,
  I'm unable to use the text type 'HTML' for the Channel 'Mail (Letter)' in mail forms, as a result of which fonts like arial and images like jpeg could not be used in mail forms created for letters.
  Is there a way to use HTML type or to have more font options, insert JPEG images, tables etc in mail forms for letters?
  Regards,
  Kathir

  In case, if you are using custom excel export functionality, you should use fileDownloadActionListener with in a button.
  Here, you could specify the content type.
  <af:commandButton text="Say Hello">
                <af:fileDownloadActionListener filename="hello_txt"
                                          contentType="text/plain; charset=utf-8"
                                          method="#{bean.sayHello}"/>
              </af:commandButton>For more details, check here:
  http://docs.oracle.com/cd/E16162_01/apirefs.1112/e17491/tagdoc/af_fileDownloadActionListener.html

• Imta.cnf - had to add nameservers to tcp_local channel?

  I am working through a new installation of Sun Messaging Server. I was unable to send email outside of my domain and after a fair bit of debugging, I found that the MX lookups were failing. Being unfamiliar with the imta.cnf file (only been working with this a week) I finally figured out that what I needed to edit was tcp_local.
  I had to add the followint to tcp_local to get it to work...
  ! tcp_local
  tcp_local smtp nameservers xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx ... rest of defaults here...
  My question is this... when I do a nslookup from the command line, things work. So, why would I have had to add the nameservers entry into imta.cnf?
  -bash-3.00# nslookup gmail.com
  Server: 130.39.245.26
  Address: 130.39.245.26#53
  Non-authoritative answer:
  Name: gmail.com
  Address: 64.233.161.107
  Name: gmail.com
  Address: 64.233.171.107
  Name: gmail.com
  Address: 216.239.57.107
  -bash-3.00# nslookup
  set type=mx
  gmail.comServer: 130.39.245.26
  Address: 130.39.245.26#53
  Non-authoritative answer:
  gmail.com mail exchanger = 10 gsmtp83-2.google.com.
  gmail.com mail exchanger = 10 gsmtp185-2.google.com.
  gmail.com mail exchanger = 5 gmail-smtp-in.l.google.com.
  gmail.com mail exchanger = 10 gsmtp83.google.com.
  gmail.com mail exchanger = 10 gsmtp163.google.com.
  gmail.com mail exchanger = 10 gsmtp185.google.com.
  Authoritative answers can be found from:
  gmail.com nameserver = ns1.google.com.
  gmail.com nameserver = ns2.google.com.
  gmail.com nameserver = ns3.google.com.
  gmail.com nameserver = ns4.google.com.
  However, like I say, any message I sent to myself at gmail.com (or any other domain) sat in the queue forever. If I looked at the messages in the tcp_local queue, they all complained about MX failing.
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 00:52:58 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 00:54:37 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:17:56 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:18:27 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:20:14 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:33:00 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:33:38 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:36:19 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:38:52 -0500 (CDT)
  Failed MX lookup; try again later
  Boundary_(ID_MUEkO506xOVmuOTx9cuOYQ)
  Wed, 05 Oct 2005 01:46:22 -0500 (CDT)
  Failed MX lookup; try again later
  and on and on....
  my /etc/resolv.conf has proper entries.
  my nsswitch.conf has this:
  # You must also set up the /etc/resolv.conf file for DNS name
  # server lookup. See resolv.conf(4).
  hosts: files dns
  Can anyone help me out here?

  Hm. I know of no such problem on Solaris. I run it on Solaris, myself, and have never seen anythikng like this.
  You're sure that you had no DNS problem, that has since gone away?
  You are letting nscd run? (there is a Solaris issue that running nscd works around, where if more than 256 dns lookups are done at one time, a buffer overflows)
  You might want to hit
  http://sunsolve.sun.com
  and pull some current patches for your original release of 6.2:
  118207-37
  117784-10
  119254-02
  119345-01
  118210-23
  118540-10
  118042-07
  A couple of the above are language only, so you may not need all.

• Test channel mails not going out

  hi,
  i've created mailforms in the CRMD_EMAIL, then i wanted to test the e-mail if they will be sent out. So i maintained :-
  1) Sender e-mails address
  2) Recipient e-mail address
  after i click on the "Enter" to send the e-mails out, i get the following error message "No delivery to [email protected], as recipient unknown".
  Did i miss out any steps? eg. configure stmp, etc??

  Hi Noobie,
  The E-mail which you have given to test it might not have assigned to the BP, check the Port no and Mail Host connections in the SCOT t-code.
  Regards
  Chandramohan
  Reward points if it helps.........

• Configuring Outbound and Inbound SMTP mails with SUN Java messaging system

  hi all,
  i am new to Solaris i have deployed SUN java comuunication Suite. How do i configure my messaging server to send outgoing mails through existing gateway and recieve inbound mails from the same gateway?
  Currently my server is connected to the internet directly i am able to send a mail to an external domain for example gmail. Can anyone help me out in understanding the default functioning of external mail routing and how do i point to a gateway?
  Thanks,
  Zafrul

  Hi,
  zkhan wrote:
  i am new to Solaris i have deployed SUN java comuunication Suite. Welcome. Some good resources you should look at are the following:
  http://www.sun.com/bigadmin/hubs/comms/overview/index.jsp
  http://msg.wikidoc.info/
  http://blogs.sun.com/factotum/
  How do i configure my messaging server to send outgoing mails through existing gateway and recieve inbound mails from the same gateway?There is two steps to this.
  To configure outgoing emails to be relayed through a gateway, you need to modify the <msg_base>/config/imta.cnf MTA configuration file and add "deamon <gateway hostname>" to your tcp_local channel configuration e.g.
  ! tcp_local
  tcp_local smtp mx single_sys remotehost inner switchchannel identnonenumeric subdirs 20 maxjobs 7
  pool SMTP_POOL maytlsserver maysaslserver saslswitchchannel tcp_auth missingrecipientpolicy 0
  loopcheck daemon mygateway.com
  tcp-daemonTo allow the gateway system to send emails to your host unconditionally, modify the <msg_base>/config/mappings MTA configuration fail and add the gateway's IP address to the INTERNAL_IP mapping table e.g. (where the gateway has an IP of 1.2.3.4 and your system has an IP of 192.168.1.20)
  INTERNAL_IP
    $(192.168.1.20/24)  $Y
    $(1.2.3.4/32)            $Y
    127.0.0.1  $Y
    *  $NOnce you have done this you will need to rebuild the MTA configuration cache and restart the MTA processes.
  <msg_base>/sbin/imsimta cnbuild
  <msg_base>/sbin/imsimta restart
  Currently my server is connected to the internet directly i am able to send a mail to an external domain for example gmail. Can anyone help me out in understanding the default functioning of external mail routing and how do i point to a gateway?For the understanding, you will need to read-up the manuals. Messaging server is a flexible and powerful product for sending/processing emails, but with that flexibility comes complexity. I suggest you start by reading the Messaging Server Administration Guide:
  http://docs.sun.com/app/docs/doc/819-4428
  Regards,
  Shane.

• Tcp_intranet channel to accept only for a specific internal IP address

  I am currently using SunOne Messaging Server v5.2:
  I would like to configure our MTA to only deliver emails to their proper mailstore if the emails are from 2 specific internal IP addresses. If emails that originated from the intranet are not from the above 2 IP addresses then I would like to re-route the emails to a particular MTA(port 25) for processing. Can this be done? And if so, what changes do I need to make to the imta.cnf file/mappings file?
  The tcp_local channel for outgoing emails should remain the same. My guess is that I have to modify the tcp_intranet channel to only accept from specific IPaddresses, Otherwise pass the emails to another channel or MTA for processing.
  Question: Can a user spoof an Email with an improper IP address. And if so, do I have to turn on reverse lookup to stop this from happening Or is reverse lookup on by default? Where is the reverse lookup setting? In the imta.cnf file?

  by default, we do examine the ip address of a mail sending partner. this is hard to spoof, and it's not based on "from" attribute.
  However, I'm not at all sure that what you're asking for is truly something achieveable by any normal means, nor if it's truly useful ..
  Perhaps you could create another channel for your specific ip addresses, and that would work. . .

• How to set MTA to accept mails from hosts on INTERNAL_IP only?

  Hello,
  I would like to config a messaging server with:
  - this mail server will accept incoming mails from hosts on INTERNAL_IP list only without authentication.
  - this mail server will accept to send mail for clients with SASL and TLS only, which means, any incoming SMTP connection will be restricted to use SASL and TLS except hosts on INTERNAL_IP list.
  /opt/SUNWmsgsr/@msg# imsimta version
  Sun Java(tm) System Messaging Server 6.2-7.05 (built Sep 5 2006)
  libimta.so 6.2-7.05 (built 12:08:11, Sep 5 2006)
  I appreciate if you can help me on this, thanks in advance.
  Best regards,
  Robert

  Hello Shane,
  Thanks for your reply.
  From the log below, it seems incoming mails will go
  to the tcp_local channel first then switch to
  tcp_intranet later for sending hosts on INTERNAL_IP
  list.
  INTERNAL_IP
  $(10.1.255.222/32) $Y
  $(10.1.255.202/32) $Y <-- sending host
  127.0.0.1 $Y
  * $N
  25-Jun-2007 11:29:18.25 46f1.39c.2830 tcp_local +
  O TCP|10.1.255.222|25|10.1.255.202|6442
  SMTP
  5-Jun-2007 11:29:18.27 46f1.39c.2831 tcp_intranet
  ims-ms E 3 [email protected]
  rfc822;[email protected] 0694037@ims-ms-daemon
  /opt/SUNWmsgsr/data/queue/ims-ms/007/ZZf0B4WiQpxLd.00
  <A0D8A3EC90EE42E799706627282BF74C@ibm336> mailsrv
  msmail.abc.com ([10.1.255.202])
  25-Jun-2007 11:29:18.27 4c9c.0e48.3788 ims-ms
  D 3 [email protected]
  rfc822;[email protected] 0694037@ims-ms-daemon
  /opt/SUNWmsgsr/data/queue/ims-ms/007/ZZf0B4WiQpxLd.00
  <A0D8A3EC90EE42E799706627282BF74C@ibm336> mailsrv
  My question is, if I modify the tcp_local channel
  definition to "mustsaslserver" and "musttlsserver",
  will sending hosts listed on INTERNAL_IP also be
  blocked?
  Thanks for your response. ^^No. All emails to port 25 'hit' the tcp_local channel - there is a rewrite rule to switch messages from a certain IP range (INTERNAL_IP) across to the tcp_intranet channel, at which point the tcp_intranet restrictions apply.
  Regards,
  Shane.

• How to Configure internet channel to a relay SMTP server

  Hi men,
  My problem is How to Configure internet channel(or outbound mail) sending to a relay SMTP server. I want to test my spam software.
  I have search and read Sun Messaging Administration document but haven't fought the guide.
  ./imsimta version
  Sun Java(tm) System Messaging Server 7.0-0.04 32bit (built Jun 20 2008)
  Thank and Regards,
  Duc Tien.

  tien86 wrote:
  My problem is How to Configure internet channel(or outbound mail) sending to a relay SMTP server. I want to test my spam software. You can use the daemon channel keyword with the tcp_local channel e.g.
  ! tcp_local
  tcp_local smtp nomx multiple remotehost inner switchchannel identnonenumeric \
  pool SMTP_POOL maytlsserver maysaslserver saslswitchchannel tcp_auth loopcheck \
  daemon relay.yourdomain.com
  tcp-daemonIf the relay SMTP server only has an A record then use "nomx" instead of "mx".
  http://msg.wikidoc.info/index.php/Mx%2C_nomx%2C_nodns%2C_defaultmx%2C_randommx%2C_nonrandommx%2C_nameservers%2C_defaultnameservers_Channel_Options
  The "multiple" keyword instead of "single_sys" helps performance by increasing the number of emails per connection when sending to a relay system.
  http://msg.wikidoc.info/index.php/Multiple%2C_addrsperfile%2C_single%2C_single_sys_Channel_Options
  Regards,
  Shane.

• Route mail based on email address (full address, not just host or domain)

  I'm trying to test sending all mail outbound from IMS 5.2 to our email gateway that will scan the messages. I would like to first test with just one IMS email address to make sure it works. So, how would I configure IMS so that outbound mail from [email protected] is sent to a tcp_firewall channel, but all other mail from @mydomain.com is handled normally. Also, which files and configuration commands do I need to look at so that custom tcp_firewall channel works. Thanks!

  Not shure why you want to route one user's mail. That's much more difficult that making the one, easy, change to route all your mails through the gateway.
  Locate your imta.cnf file. Open it with a text editor.
  Scroll down to the Channel Definitions section, and locate your "tcp_local" channel.
  There should be three lines, starting with
  !tcp_local
  a bunch of stuff
  tcp_daemon
  add to the end of the second line:
  daemon <the fully qualified name of your gateway>
  like:
  daemon some.machine.at.your.domain
  save the file
  run:
  imsimta cnbuild
  imsimta restart job_controller
  and now, all mail going out the tcp_local channel will be routed thorugh the gateway.

• Undeliverable mail question

  hi,
  What does this dsn mean? And could it be spam?
  the subject is "Undeliverable mail"
  Message body:
  Failed to deliver to '[email protected]'
  SMTP module(domain yyyyy.com) reports:
  yyyyy.com: no response
  Two attachments came along with the message. One of them is:
  Reporting-MTA: dns; mail.zzzzz.net
  Original-Recipient: rfc822;<[email protected]>
  Final-Recipient: rfc822;<[email protected]>
  Action: failed
  Status: 4.0.0
  I checked mail.log_current and grepped for zzzzz.net:
  mail.log_yesterday:07-Mar-2006 21:16:12.76 tcp_local ims-ms E 5 rfc822;[email protected] myuser@ims-ms-daemon zzzzz.net (mail.zzzzz.net [a.b.c.d])
  mail.log_yesterday:07-Mar-2006 21:19:56.49 tcp_local ims-ms E 3 rfc822;[email protected] myuser@ims-ms-daemon zzzzz.net (mail.zzzzz.net [a.b.c.d])
  mail.log_yesterday:07-Mar-2006 21:38:36.74 tcp_local ims-ms E 3 rfc822;[email protected] myuser@ims-ms-daemon zzzzz.net (mail.zzzzz.net [a.b.c.d])
  mail.log_yesterday:07-Mar-2006 21:55:07.28 tcp_local ims-ms E 3 rfc822;[email protected] myuser@ims-ms-daemon zzzzz.net (mail.zzzzz.net [a.b.c.d])
  mail.log_yesterday:07-Mar-2006 22:42:36.60 tcp_local ims-ms E 3 rfc822;[email protected] myuser@ims-ms-daemon zzzzz.net (mail.zzzzz.net [a.b.c.d])
  thx

  thx for the explanation .Now things are clearer. Few
  more questions if you don't mind Jay:
  what about the E entries in the log:
  mail.log_yesterday:07-Mar-2006 21:16:12.76 tcp_local
  ims-ms E 5 rfc822;[email protected]
  myuser@ims-ms-daemon swip.net (mailfe05.swip.net
  [83.180.141.95]) "E" means, "Enqueue". That's when your server puts the message in the queue. Has nothing to do with sending a message. In fact, this log entry shows the message
  Coming from the tcp_local channel (external to your systems),
  and addressed to your user on the local store.
  >
  Does it mean that the my mail server was trying to
  re-send the spam again?No
  Also, when you said 'original address is bad', the
  original address is [email protected]? and the
  remote server checked that email address and found
  out that it does not exist?No.
  the address to: was "[email protected]", or whatever was there, before you changed it.
  >
  Finally, what about the aol and yahoo emails that I
  found in the FROM and TO in the attached file?
  Received: from d83-180-141-95.cust.tele2.es
  ([83.180.141.95] verified)
  by mailfe05.swip.net (CommuniGate Pro SMTP 5.0.8)
  with SMTP id 39743822; Thu, 02 Mar 2006 22:57:17
  17 +0100
  Message-ID: <000b01c63e01$377fa740$5f8db453@ppdtdv>
  From:
  =?Windows-1251?Q?=D2=E8=EC=EE=F4=E5=E9_=D2=E0=F0=E0=F1
  =EE=E2=E8=F7_=CA=EE=ED=E4=E5=E5=E2?=
  <[email protected]>
  To:
  =?Windows-1251?Q?=C1=EE=E3=E4=E0=ED_=C5=E2=E3=E5=ED=FC
  =E5=E2=E8=F7_=CC=F3=F5=E0=EC=E5=E4=E8=ED=EE=E2?=
  <[email protected]>
  Those have nothing to do with the current mail itself. They're attached/forwarded/replied previously.

• SMTP mail forwarding

  Hi ,
  In one of my customers IMS system we have a web mail server with http.smtphost settings which forwards the http/smtp traffic to one of
  virus wall server for filtering. After reading the forum thred below I am also thinking of avoiding the http.smtphost method and using some other way of
  http/smtp mail forwarding. Bcos this syetm carry huge http based traffic in that ISP.
  web mail behaviour for unknown recipient
  I can enable imta on the same web mail host and remove http.smtphost setting so that web mail server can
  use its defualt for http/smtp delivery. But my problem is how can I forward "all" the channels traffic to the virus wall ( not only tcp_local)?
  msg server version --> 7u3
  Thanks and best regards,
  ...

  Adding the daemon option to the tcp_local channel, as Ray suggested, will route all mail enqueued to the tcp_local channel to the specified host. However, if you want to route all mail thru that host, rather than just that which would normally go thru the tcp_local channel (ie, mail submitted by webmail users and destined for other users on the same system, it will be more complicated. If that other mail all goes thru the tcp_intranet channel, you could add the daemon option to the tcp_intranet channel as well and that would be the end of it. But if this is a single-host deployment where mshttpd is running on the same system as the message store, then such local delivery would probably go directly to the ims-ms channel.
  See the aliasdetourhost option in Routing After Address Validation But Before Expansion in the Admin Guide:
  http://wikis.sun.com/display/CommSuite/Configuring+Channel+Definitions#ConfiguringChannelDefinitions-RoutingAfterAddressValidationButBeforeExpansion
  It is also mentioned in
  http://wikis.sun.com/display/CommSuite/Messaging+Server+Best+Practices+for+Fighting+Email+Spam

• Lot of SPAM mails in queue - Warnings from ISP

  Hi Jay,Shane and ALL,
  We are running messaging on Solaris 10 with below version.
  Sun Java(tm) System Messaging Server 6.2-7.05 (built Sep 5 2006)
  libimta.so 6.2-7.05 (built 12:18:44, Sep 5 2006)
  Insured that no entries added to mappings (except localhost) and only "authenticated SMTP" allowed.
  We implemented Separate AV/anti-spam box with aliasdetour and conversion channel which is working fine.
  we could achieve >95% spam control but recently we started receiving warnings from ISP that SPAM being sent out from our mail server.
  ++++++++Part of mail sent by ISP+++++++++
  Data received in complaint:
  Return-Path: <x>
  Delivered-To: x
  Received: from webmail.<our-domain>.com (our_mail_server_IP) by mail.iecc.com with SMTP;
  7 Sep 2007 03:29:00 -0000
  Received: from User ([210.70.82.129]) by webmail.<our-domain>.com (Sun Java System Messaging Server 6.2-7.05 (built Sep 5 2006)) with ESMTPA id <x> for x; Thu,
  06 Sep 2007 20:45:43 -0400 (EDT)
  Date: Fri, 07 Sep 2007 08:47:54 +0800
  From: Bank of America <x>
  Subject: Account Information Update.
  To: Undisclosed recipients: ;
  Reply-to: x
  Message-id: <x>
  MIME-version: 1.0
  X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
  X-Mailer: Microsoft Outlook Express 6.00.2600.0000
  X-Priority: 1
  X-MSMail-priority: High
  X-DCC-IECC-Metrics: tom.iecc.com 1107;
  bulk Body=154 Fuz1=154 Fuz2#X-Tag: tagged by DCC
  Content-Type: text/plain
  Content-Transfer-Encoding: 8bit
  ++++++++++++end-of-part-mail-sent-by-ISP++++++++++++
  I noticed around 10K SPAM mails getting generated (added) daily in tcp_local channel queue.
  +++++++++a mail in queue++++++++++
  qm.maint> read 3000
  Message id: 3000
  Filename: /iplanet/SUNWmsgsr/data/queue/tcp_local/017/ZWf0I3dFTzue9.00
  Transport layer information:
  Envelope From: address: [email protected]
  Envelope To: addresses: [email protected]
  Message header:
  Received: from User ([203.144.16.210])
  by webmail.<our_domain>.com (Sun Java System Messaging Server 6.2-7.05 (built Sep
  5 2006)) with ESMTPA id <0JO300B5LSZDBK10@webmail.<our_domain>.com> for
  [email protected]; Sun, 09 Sep 2007 09:47:45 -0400 (EDT)
  Date: Sun, 09 Sep 2007 23:49:59 +1000
  From: Bank Of America <[email protected]>
  Subject: Account Information Update Urgently Needed
  To: Undisclosed recipients: ;
  Reply-to: [email protected]
  Message-id: <0JO300B5MSZFBK10@webmail.<our_domain>.com>
  MIME-version: 1.0
  X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
  X-Mailer: Microsoft Outlook Express 6.00.2600.0000
  Content-type: text/html; charset=Windows-1251
  Content-transfer-encoding: 7BIT
  X-Priority: 3
  X-MSMail-priority: Normal
  qm.maint>
  ++++++++++++++++++++end-of-mail-in-queue++++++++++++++++++++
  Wondering how these mails exist in tcp_local queue wherein none of IPs (or users) allowed to relay through our servers.
  Pl help me resolve this issue.
  TIA
  Prvn

  Thanks Shane.
  Pl find my below answers:
  Hi,
  You need to track down the source of the emails by
  locating the relevant mail.log lines that correspond
  to the email delivery attempt. This will at least
  tell you how they are getting in (whether the email
  is coming in via the
  tcp_local/tcp_auth/tcp_submit/tcp_intranet channel
  etc.).07-Sep-2007 19:13:44.02 tcp_auth tcp_local EA 3 [email protected] rfc822;[email protected] [email protected] User ([210.70.82.129])
  08-Sep-2007 16:21:44.38 tcp_auth tcp_local EA 1 [email protected] rfc822;[email protected] [email protected] User ([203.144.16.210])
  >
  From there you can determine (if you have enough
  logging enabled such as LOG_USERNAME=1,
  LOG_CONNECTION=1, LOG_MESSAGE_ID=1) why they emails
  are being allowed through... After enabling the three parameters (option.dat and did cnbuild/restart),
  i noticed lot of such entries in mail.log_current:
  10-Sep-2007 00:04:28.59 tcp_local Q 2 [email protected] rfc822;[email protected] [email protected] <0JO400CPG2A15F00@webmail.<our-domain>.com> *admin@<our-domain>.com mailin.binghamton.edu dns;mailin.binghamton.edu (TCP|192.168.1.41|34548|128.226.7.23|25) (mail2.binghamton.edu ESMTP [7e5e6797de0c707331914caad1b54f2f]) smtp;450 <[email protected]>: Sender address rejected: Domain not found [email protected]: smtp;450 <alert@bancamerica.
  I have seen cases of:
  -> Incorrect mapping rules (so tcp_local->tcp_local
  relaying was broken)
  -> Overly large 'internal' IP mappings (so
  tcp_intranet was the source channel)My Mappings file:
  +++++
  ! MTA mappings file
  ! for access control and other table lookups
  PORT_ACCESS
  *|*|*|*|* $C$|INTERNAL_IP;$3|$Y$E
  * $YEXTERNAL
  INTERNAL_IP
  $(192.168.1.41/32) $Y
  127.0.0.1 $Y
  * $N
  ORIG_SEND_ACCESS
  tcp_local|*|tcp_local|* $N$D30|Relaying$ not$ allowed
  tcp_*|*|native|* $N
  tcp_*|*|hold|* $N
  tcp_*|*|pipe|* $N
  tcp_*|*|ims-ms|* $N
  ! Block "external" submissions of explicitly source-routed "internal" addresses
  tcp_local|*|tcp_intranet|@*:*.* $N$D30|Explicit$ routing$ not$ allowed
  tcp_local|*|tcp_intranet|*$%*@* $N$D30|Explicit$ routing$ not$ allowed
  tcp_local|*|tcp_intranet|*.*!*@* $N$D30|Explicit$ routing$ not$ allowed
  tcp_local|*|tcp_intranet|"*@*"@* $N$D30|Explicit$ routing$ not$ allowed
  SEND_ACCESS
  tcp_*|*|*|*@[127.*] $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@localhost.* $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@example.com $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@example.net $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@example.org $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@*.test $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@*.example $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@*.invalid $X5.1.2|$NBad$ destination$ system
  tcp_*|*|*|*@*.localhost $X5.1.2|$NBad$ destination$ system
  <IMTA_TABLE:mappings.locale
  NOSCAN_IP
  $(192.168.1.49/32) $Y$E
  * $N
  CONVERSIONS
  IN-CHAN=tcp_noscan;OUT-CHAN=*;CONVERT No
  IN-CHAN=tcp_local;OUT-CHAN=tcp_intranet;CONVERT No
  IN-CHAN=tcp_*;OUT-CHAN=*;CONVERT Yes,Channel=tcp_scan
  ++++++++
  -> A users username/password being hacked so
  authenticated delivery was being used (tcp_auth was
  the source channel with the same username each time)i will see this option but if somebody gets authenticated, i should see in logs?
  Pls help me on this.....
  Thanks
  Prvn