1

I have a debian box with postfix on it.
I checked the mailq and I do not understand how to read the mailq.
I need to know witch user is used to send this emails.

here is a example

0F87797868C     3993 Mon Mar 10 02:15:28  MAILER-DAEMON
     (connect to unknown.interbgc.com[217.9.224.233]:25: Connection timed out)
                                         aphexx@unknown.interbgc.com

0273E9786EF     3421 Fri Mar  7 09:13:01  MAILER-DAEMON
             (connect to mail.progys.fr[217.16.11.100]:25: Connection refused)
                                         no-reply@progys.fr

I am not sure but I suppose that this are bounces from spam emails.
How can I verify this.

Max Muster
  • 337
  • 2
  • 6
  • 27

1 Answers1

1

Use postcat to 'cat out' the message body and headers. From the postcat(1) manpage:

SYNOPSIS
       postcat [-bdehnoqv] [-c config_dir] [files...]

DESCRIPTION
       The postcat(1) command prints the contents of the named files in human-
       readable form.

I see a good blog article here: http://www.buildcube.com/tech_blog/tag/postcat/

Stefan Lasiewski
  • 23,667
  • 41
  • 132
  • 186
  • thank you, now I know its indeed a bounce from a spam email, how can I tell postfix to not bounce that user does not exist? – Max Muster Mar 11 '14 at 00:12
  • If you mean the user that will be the recipient of the bounce, there's not much you can do about that. Spammers use the "backscatter" technique to use your email system as a somewhat-broken mail relay. They send the spam to your MTA with a bogus sender address. The MTA can't deliver, so it attempts to return the message to the sender, but the sender is the actual target; in effect, your MTA queues the message for them. You can get around this by only allowing deliveries for mapped users (an option that is unpopular with some admins). This forces a valid recipient (and kills the bounce). – Avery Payne Jul 03 '14 at 19:11