Hello,
Recently I enabled the mail rate limiting feature to test it and I found some issue. The setup is default installaiton of CentOS 6.5 + Virtualmin. CentOS is running Postfix as default MTA.
Here is what happens: I install the mail rate limiting using the option in Virtualmin (which installs the package from the Virtualmin repo), then enable the mail rate limiting and put a low general limit of 60 messages per hour. What is expected is that the milter will greylist any user sending more than 60 messages per hour even for the local users sending mail via PHP or sendmail.
What happens is that if a local user reaches the limit, then nobody can send email from 127.0.0.1 anymore (local users sending via sendmail or PHP). Here are the logs:
This is what I get when I try to send a lot of emails via PHP:
Apr 8 04:40:32 s3 postfix/pickup[12585]: 342B0802AA2: uid=508 from=
Apr 8 04:40:32 s3 milter-greylist: smfi_getsymval failed for {if_addr}
Apr 8 04:40:32 s3 postfix/cleanup[26517]: 342B0802AA2: message-id=
Apr 8 04:40:32 s3 milter-greylist: ratelimit overflow for class virtualmin_limit: 6219, limit is 60 recipients / 3600 sec, key = "127.0.0.1"
Apr 8 04:40:32 s3 milter-greylist: 342B0802AA2: addr localhost[127.0.0.1] from someuser@s3.someserver.com to someotheruser@hotmail.com blacklisted (ACL 65)
Apr 8 04:40:32 s3 postfix/cleanup[26517]: 342B0802AA2: milter-reject: RCPT from localhost[127.0.0.1]: 5.7.1 Message quota exceeded; from= to=
Apr 8 04:40:32 s3 postfix/cleanup[26517]: warning: 342B0802AA2: milter configuration error: can't reject recipient in non-smtpd(8) submission
Apr 8 04:40:32 s3 postfix/cleanup[26517]: warning: 342B0802AA2: deferring delivery of this message
It is what we expect, the milter kicks in and defers the delivery of the messages.
Now I try to send an email from another local user:
Apr 8 04:43:20 s3 postfix/pickup[12585]: D6EAB802A7B: uid=0 from=
Apr 8 04:43:20 s3 milter-greylist: D6EAB802A7B: addr localhost[127.0.0.1] from root@s3.someserver.com to root@s3.someserver.com blacklisted (ACL 65)
Apr 8 04:43:20 s3 postfix/cleanup[22329]: D6EAB802A7B: milter-reject: RCPT from localhost[127.0.0.1]: 5.7.1 Message quota exceeded; from= to=
It is something that we do not expect. This user didn’t sent too much emails and his’ emails should not be blacklisted.
It looks like when a local user gets blacklisted, the whole localhost 127.0.0.1 is actually blacklisted (which means that nobody can send emails anymore).
Something interesting is the line milter-greylist: smfi_getsymval failed for {if_addr}. I have read in a previous post (https://www.virtualmin.com/node/32664) Locutus saying it is not a real problem. But I see here: http://www.postfix.org/MILTER_README.html#workarounds this thing is probably used to identify local mail and there is a workaround for Postfix. Also in the building instructions of milter-greylist is pointed that if you are building for Postfix you should use --enable-postfix key. And if you check the code of the milter-greylist you’ll see that enabling postfix exchanges {if_addr} with {client_addr}.
So it looks whoever built the CentOS package in the Virtualmin repo didn’t used the --enable-postfix key and more likely the failing {if_addr} is not quite harmless as it probably prevent the milter from detecting if the mail is local and then blacklist the user and not the IP.
Can you please rebuild the package with --enable-postfix, that will at least get rid of the error message if not fixing the whole problem. Do you thing something else can cause blacklisting of the whole localhost?
Thanks for your time!
Georgi