1

I have a Postfix SMTP server that sends transactional emails from a web service. These messages use VERP for the return path, so bounces go back to an address like this:

bounce-7232-useremail=userdomain.com@e.mydomain.com

This postfix server running on e.mydomain.com is used exclusively to send email, there are no local mailboxes, POP or IMAP access, and so forth. Only systems on the local network can relay mail through it.

I then have a separate custom SMTP application that only processes bounces running on the same server (e.mydomain.com), but on a different port (8025). It drops any messages that aren't going to a properly formatted bounce address. Emails with properly formatted bounce addresses are accepted.

When a bounce is accepted, this custom application looks up the proper user in the database based on the bounce email address, and increments a bounce counter. The main web service will only send transactional email to users who's bounce count isn't over a threshold.

My questions are these:

  1. Would it be better to set up my bounce handling SMTP (bounces.mydomain.com) server to handle bounces directly (and run on port 25)? Or is it better to have all bounces go to my postfix server, and then have postfix forward only the bounces to the bounce SMTP application?

  2. If it is better to have postfix handle all incoming messages, how do I configure it to forward only messages formatted like the above address to another SMTP server, running on an unprivileged port (8025)?

Tauren
  • 739
  • 4
  • 14
  • 24

2 Answers2

1

I am always reluctant to put services on ports that they don't usually live-- not because of a software deficiency, but because of people deficiencies. A sysadmin who inherits this setup has to be pretty good to track down the architecture of "where emails go when they bounce", or else your documentation needs to be pretty clear (and easy to find).

So, to answer your first question-- my suggestion is to have a separate server that handles bounces. This makes things nicely documented via dns, instead of buried in a config file for postfix.

If you choose to ignore that advice, utilizing the transport maps of postfix will allow you to do so. For example, adding this to main.cf:

transport_maps = regexp:/etc/postfix/transport

and using something like this in your transport file:

/bounce.*/      smtp:bounces.mydomain.com:8025

(don't forget to 'postmap /etc/postfix/transport' and 'postfix reload')

unixguy
  • 366
  • 1
  • 4
  • Thanks. I think I'll go the first route -- have a separate server to handle bounces. But I appreciate the information on how to configure postfix for this as well. – Tauren Sep 21 '10 at 08:02
0

If your 8025 service only tallies the bounces per recipient and discards them, you might as well run the bounces through Postfix and delegate the entire "bounce database" functionality into a Postfix policy service. Instead of speaking SMTP, the policy server then only needs to parse the trivial protocol that Postfix talks to it.

unixtippse
  • 880
  • 1
  • 6
  • 13
  • Interesting, I did not know about this. I'll check into it, thanks! – Tauren Sep 16 '10 at 08:51
  • In the meantime, I already have an SMTP "bounce database" service functional, but don't know how to configure postfix to forward the bounces to the 8025 service. Suggestions? – Tauren Sep 16 '10 at 09:09
  • Sorry, haven't checked back in a while. I hope you haven't lost all of your patience. :-) Do you only want to catch the VERP responses or do you want to reroute all bounce mails? – unixtippse Sep 25 '10 at 15:00