Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 283991 - invalid recipient syntax: "-d@gentoo.org" on emails to voip@gentoo.org
Summary: invalid recipient syntax: "-d@gentoo.org" on emails to voip@gentoo.org
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Infrastructure
Classification: Unclassified
Component: Other (show other bugs)
Hardware: All Linux
: High normal
Assignee: Gentoo Infrastructure
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-09-07 15:44 UTC by Rajiv Aaron Manglani (RETIRED)
Modified: 2010-06-17 01:11 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
smtp.log for example listed (mail.log,3.66 KB, text/plain)
2009-09-07 15:50 UTC, Mike Doty (RETIRED) 		Details
-d@gentoo.org log (dash-d.log,134.04 KB, text/plain)
2009-09-07 15:52 UTC, Mike Doty (RETIRED) 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rajiv Aaron Manglani (RETIRED) gentoo-dev 2009-09-07 15:44:19 UTC 
spam emails to voip@gentoo.org trigger these errors:

Return-Path: <>
Received: from compute2.internal (compute2.internal [10.202.2.42])
	 by store44m.internal (Cyrus v2.3.15rc1-fmsvn20340-5397ac8d) with LMTPA;
	 Mon, 07 Sep 2009 06:19:08 -0400
X-Sieve: CMU Sieve 2.3
X-Spam-score: 0.0
X-Spam-hits: ALL_TRUSTED -0.5, BAYES_50 0.001, HTML_MESSAGE 0.001, BAYES_USED user
X-Backscatter: Yes
X-Backscatter-Hosts: smtp.gentoo.org, 236.27.broadband6.iol.cz
X-Spam-source: IP='140.211.166.183', Host='unk', Country='US', FromHeader='unk',
  MailFrom='unk'
X-Spam-charsets: 
X-Resolved-to: rajiv@xxxxx.com
X-Delivered-to: rajiv@xxxxx.com
X-Mail-from: 
Received: from mx4.messagingengine.com ([10.202.2.203])
  by compute2.internal (LMTPProxy); Mon, 07 Sep 2009 06:19:08 -0400
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx4.messagingengine.com (Postfix) with ESMTPS id D2381AD
	for <rajiv@xxxxx.com>; Mon,  7 Sep 2009 06:19:07 -0400 (EDT)
Received: by smtp.gentoo.org (Postfix)
	id DF92266BD6; Mon,  7 Sep 2009 10:19:05 +0000 (UTC)
X-Remote-Delivered-To: rajiv@gentoo.org
Received: by smtp.gentoo.org (Postfix)
	id B1A9D64DC1; Mon,  7 Sep 2009 10:19:05 +0000 (UTC)
Date: Mon,  7 Sep 2009 10:19:05 +0000 (UTC)
From: MAILER-DAEMON@gentoo.org (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: voip@gentoo.org
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
	boundary="3A21F66C1F.1252318745/smtp.gentoo.org"
Message-Id: <20090907101905.B1A9D64DC1@smtp.gentoo.org>
X-Truedomain-DKIM: None
X-Truedomain: Neutral

This is a MIME-encapsulated message.

--3A21F66C1F.1252318745/smtp.gentoo.org
Content-Description: Notification
Content-Type: text/plain

This is the Postfix program at host smtp.gentoo.org.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to <postmaster>

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

			The Postfix program

<-d@gentoo.org> (expanded from <voip@gentoo.org>): invalid recipient syntax:
    "-d@gentoo.org"

<${USER}@gentoo.org> (expanded from <voip@gentoo.org>): unknown user: "${user}"

--3A21F66C1F.1252318745/smtp.gentoo.org
Content-Description: Delivery report
Content-Type: message/delivery-status

Reporting-MTA: dns; smtp.gentoo.org
X-Postfix-Queue-ID: 3A21F66C1F
X-Postfix-Sender: rfc822; voip@gentoo.org
Arrival-Date: Mon,  7 Sep 2009 10:19:05 +0000 (UTC)

Final-Recipient: rfc822; -d@gentoo.org
Original-Recipient: rfc822; voip@gentoo.org
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; invalid recipient syntax: "-d@gentoo.org"

Final-Recipient: rfc822; ${USER}@gentoo.org
Original-Recipient: rfc822; voip@gentoo.org
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; unknown user: "${user}"

--3A21F66C1F.1252318745/smtp.gentoo.org
Content-Description: Undelivered Message
Content-Type: message/rfc822

Received: by smtp.gentoo.org (Postfix)
	id 3A21F66C1F; Mon,  7 Sep 2009 10:19:05 +0000 (UTC)
Delivered-To: volkmar@gentoo.org
Received: from localhost (localhost [127.0.0.1])
	by smtp.gentoo.org (Postfix) with ESMTP id DDF9B66BD6
	for <voip@gentoo.org>; Mon,  7 Sep 2009 10:19:04 +0000 (UTC)
X-Virus-Scanned: amavisd-new at gentoo.org
X-Spam-Flag: YES
X-Spam-Score: 19.732
X-Spam-Level: *******************
X-Spam-Status: Yes, score=19.732 required=5.5 tests=[AWL=0.086, BAYES_99=3.5,
	DCC_CHECK=2.17, DIGEST_MULTIPLE=0.001, HTML_MESSAGE=0.001,
	MIME_HTML_ONLY=1.457, RAZOR2_CF_RANGE_51_100=0.5,
	RAZOR2_CF_RANGE_E8_51_100=1.5, RAZOR2_CHECK=0.5,
	RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_NIX_SPAM=3.5, RCVD_IN_PBL=0.905,
	RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033]
Received: from smtp.gentoo.org ([127.0.0.1])
	by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 7rNocV6Ozsih for <voip@gentoo.org>;
	Mon,  7 Sep 2009 10:18:57 +0000 (UTC)
Received: from 236.27.broadband6.iol.cz (236.27.broadband6.iol.cz [88.101.27.236])
	by smtp.gentoo.org (Postfix) with ESMTP id 7DFAB643C8
	for <voip@gentoo.org>; Mon,  7 Sep 2009 10:18:53 +0000 (UTC)
From: "Ivy Maor" <voip@gentoo.org>
To: voip@gentoo.org
Mime-Version: 1.0
Received: for <voip@gentoo.org>
Date: Mon, 7 Sep 2009 12:18:52 +0200
Reply-To: "Ivy Mytq" <kref@bk.ru>
Subject: Love is all I seek
Message-ID: <9505TY.5440E72B0.47891292397466AWTODXSINSMTLJC75@milena-xjv8qpf0>
Content-type: text/html; charset="UTF-8"

[...]
Comment 1 Mike Doty (RETIRED) gentoo-dev 2009-09-07 15:49:53 UTC 
uploading logs
Comment 2 Mike Doty (RETIRED) gentoo-dev 2009-09-07 15:50:38 UTC 
Created attachment 203370 [details]
smtp.log for example listed
Comment 3 Mike Doty (RETIRED) gentoo-dev 2009-09-07 15:52:19 UTC 
Created attachment 203371 [details]
-d@gentoo.org log

grep -- '-d@gentoo.org' /var/log/mail/*.log output showing the issue isn't specific to voip@gentoo.org.  I suspect a spammer is at work here.
Comment 4 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2009-09-07 21:37:30 UTC 
I think the maildrop was broken first of all, but beyond that:

I just wrote up something quick to try and block mail that claims to be from an alias (which should never be a valid sender).

/etc/cron.hourly/block-mail-to-aliases.sh:
#!/bin/sh
find /var/mail/alias/{arch,misc} \
	-type f \
	! -name '*~' \
	-printf '/^%f@gentoo.org$/\t\tREJECT 550 Not a valid sender.\n' | \
	sort \
	>/etc/postfix/sender_access_control-aliases.pcre

And in the postfix main.cf:
check_sender_access pcre:/etc/postfix/sender_access_control-aliases.pcre
(inside the restrictive class).
Comment 5 Alec Warner (RETIRED) archtester gentoo-dev Security 2009-09-07 22:03:51 UTC 
so if I want to send from an alias I should send from myself and set reply-to..or what?
Comment 6 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2009-09-07 22:08:12 UTC 
From with reply-to yes.

I don't know of any valid mail being sent as aliases right now, if there is, I'll whitelist it for the moment.
Comment 7 Tomáš Chvátal (RETIRED) gentoo-dev 2009-09-09 14:02:02 UTC 
I get the stuff too.
When i sent the mail from my gmail account to the gentoo one:

...
 <-d@gentoo.org> (expanded from <scarabeus@gentoo.org>): invalid recipient
    syntax: "-d@gentoo.org"
 
Final-Recipient: rfc822; -d@gentoo.org
 Original-Recipient: rfc822; scarabeus@gentoo.org
 Action: failed
 Status: 5.0.0
 Diagnostic-Code: X-Postfix; invalid recipient syntax: "-d@gentoo.org"
 

---------- Přeposlaná zpráva ----------
From: "Tomáš Chvátal" <tomas.chvatal@gmail.com>
To: scarabeus@gentoo.org
Date: Wed, 9 Sep 2009 15:49:40 +0200
...
Comment 8 Tomáš Chvátal (RETIRED) gentoo-dev 2009-09-09 14:22:54 UTC 
ok lads fixed by:
scarabeus@woodpecker: ~ > cat .forward
| /usr/bin/maildrop
instead of:
scarabeus@woodpecker: ~ > cat .forward
| /usr/bin/maildrop -d scarabeus


Hope it will make you happy.
Comment 9 Mounir Lamouri (volkmar) (RETIRED) gentoo-dev 2009-09-09 14:25:43 UTC 
from maildrop man pages:
       -d user
              Run maildrop in delivery mode for this user ID.

              The system administrator may optionally restrict the  -d  option
              to be available to the mail system only, so it may not be avail-
              able to you.  In all cases, the -d option is allowed if user  is
              the  same user who is running maildrop.  Also, for the -d option
              to work at all, maildrop must be executed by root,  or  maildrop
              must  be  a root-owned program with the setuid bit set.  Absence
              of a filename on maildrop's command line implies the  -d  option
              for the user running maildrop.

              If  -d  is  not  specified, the first argument following all the
              options is a name of the file containing filtering instructions.
              The  remaining  arguments, if any, are assigned to the variables
              $1, $2, and so on (see  "Environment"  and  "Variable  substitu-
              tion").

So I assume -d is not allowed on woodpecker...
I had a maldrop file too. That's probably why voip was suffering of this bug.

Sorry about that.