The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bounced messages and undeliverables

Discussion in 'General Discussion' started by sexy_guy, Mar 25, 2003.

  1. sexy_guy

    sexy_guy Well-Known Member

    Joined:
    Mar 19, 2003
    Messages:
    848
    Likes Received:
    0
    Trophy Points:
    16
    We are getting far too many emails being returned to us with a return path of nobody@hostname.com. This is wrong. Why are our users emails being returned to nobody. The from field contains the proper email address of the user where bounced email should be returning to but this is not happeneing.

    Also, email is still being sent from nobody@ourhostname.com even when the tweek option is set to not allow it.
     
  2. brandonk

    brandonk Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    66
    Likes Received:
    0
    Trophy Points:
    6
    I am having the same problem...

    I have a customer who runs a very large auction site and they have from defined in the headers but it appears to still be going out as nobody...thus it is returned to the nobody box as unrouteable domain (because nobody is blocked in tweak settings).
     
  3. sexy_guy

    sexy_guy Well-Known Member

    Joined:
    Mar 19, 2003
    Messages:
    848
    Likes Received:
    0
    Trophy Points:
    16
    I really think this is a thing they just cant fix. Its unbelievable but true. Why are their so many problems with email? Why cant they fix this? Why is this not priority?
     
  4. Uneeeq

    Uneeeq Member

    Joined:
    Feb 4, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    We have a similar issue
    WHM 6.2.0 Cpanel 6.4.0-S16 RedHat 7.3
    but so far only related to Horde
    - if any user user@customerdomain.com sends out email from Horde interface to nonexistent email address the nondeliverable ends up being returned to cpanel@servername instead of to user@customerdomain.com

    == here are headers on the bounced email from Horde:
    Received: from SERVERNAME by aaa.net
    with SMTP (MDaemon.v3.0.1.R)
    for <123user@aaa.net>; Sun, 20 Apr 2003 11:06:19 -0700
    Received: from cpanel by SERVERNAME with local (Exim 3.36 #1)
    id 197JC1-0004TL-00
    for 123user@aaa.net; Sun, 20 Apr 2003 11:05:33 -0700
    Received: from cpe-24-165-87-140.socal.rr.com ( [cpe-24-165-87-140.socal.rr.com])
    as user christma@localhost by www.CUSTOMERDOMAIN.info with HTTP;
    Sun, 20 Apr 2003 11:05:33 -0700
    Message-ID: <1050861933.3ea2e16d88fc2@www.CUSTOMERDOMAIN.info>
    Date: Sun, 20 Apr 2003 11:05:33 -0700
    From: Genie <christma@CUSTOMERDOMAIN.info>
    To: 123user@aaa.net
    Subject: testing return if bad email
    MIME-Version: 1.0
    Content-Type: text/plain
    Content-Transfer-Encoding: 7bit
    User-Agent: Internet Messaging Program (IMP) 3.1
    X-Originating-IP: 24.165.87.140
    X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
    X-AntiAbuse: Primary Hostname - SERVERNAME
    X-AntiAbuse: Original Domain - servername.net
    X-AntiAbuse: Originator/Caller UID/GID - [502 503] / [502 503]
    X-AntiAbuse: Sender Address Domain - SERVERNAME
    X-MDaemon-Deliver-To: 123user@aaa.net
    X-Return-Path: cpanel@SERVERNAME
    X-MDRcpt-To: 123user@aaa.net
    Reply-To: cpanel@SERVERNAME

    ===== right here on the last line - reply to should be same as From christma@CUSTOMERDOMAIN.info but instead it inserts the cpanel@SERVERNAME there =======


    when customer uses Neomail interface as user@customerdomain.com and sends email to nonexistent email address, the bounced message gets properly returned to user@customerdomain.com, so Neomail works perfectly which leads me to believe it is Horde/PHP ? related

    we have not tested any mailing lists yet

    this issue was discovered based on our customers complaining about never receiving undeliverable messages since early February- all those undeliverable emails ended up being returned to cpanel@servername physically located at

    usr/local/cpanel/mail/inbox

    can anyone look at their
    usr/local/cpanel/mail/inbox
    to see if you also see large amount of bounced emails there to confirm if a similar issue exists on your servers?

    we do NOT have [[Prevent the user 'nobody' from sending out mail to remote addresses ]] checked in tweak settings under WHM

    suExec is currently enabled

    === more added later ===
    I think this is somehow PHP related issue
    because I found bounced messages from PHPBB message boards bouncing to NOBODY user instead of them being sent to the user@customerdomain.com - the fact that Neomail which is Perl based does not exhibit this symptom - only PHP based applications do as far as I can tell

    so looking into how PHP mail() and PHP based apps like IMP handle the REPLY TO and FROM may be a good start...

    this thread may offer some insights
    http://forums.cpanel.net/showthread.php?s=&threadid=7966
    =====================

    cheers
     
    #4 Uneeeq, Apr 21, 2003
    Last edited: Apr 21, 2003
  5. Uneeeq

    Uneeeq Member

    Joined:
    Feb 4, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    SOLVED - ON EXIM LEVEL

    OK - I spent 3 days figuring what is going on with EXIM/Horde/PHP scripts and this nobody user stuff

    here is the short answer:

    our Exim is version 3.36 so if yours is 4.x you may have to look at exim 4.x manual for an equivalent option

    all you need to do is add this line to your exim.conf file in /etc

    untrusted_set_sender = true

    then restart exim



    (( this only works if you have exim 3.x version, in 4.x version this switch is NOT boolean ))

    here is the long answer:
    anything PHP powered runs under nobody user
    exim prevents nobody user (who executes PHP scripts like Horde) from setting -f command option which
    converts the SENDER ENVELOPE from nobody@yourservername to customersrealaddress@hisrealdomain.ext ((( which is the FROM field ))) == so if the mail bounces it does not bounce to nobody@yourservername but it is necely routed back to customersrealaddress@hisrealdomain.ext

    untrusted_set_user = true
    tells exim to allow nobody user to run -f command option which in turn lets Horde or other PHP scripts actually apply this -f option

    without
    untrusted_set_user = true
    in exim.conf file, even though Horde DOES send -f command option to EXIM, exim ignores it because notbody is the user, and nobody user has no business sendin command options to the server ((at least in exims eyes))

    ==
    all other exim.conf setting we use are generic vanilla ones
    here are the relevant ones FYI
    local_from_check = false
    sender_verify = true
    headers_sender_verify = true
    # qualify_domain =
    # qualify_recipient =
    never_users = root
    # host_accept_relay = localhost
    host_accept_relay = +allow_address : lsearch;/etc/relayhosts : localhost
    host_auth_accept_relay = *
    # receiver_unqualified_hosts =
    # sender_unqualified_hosts =


    cheers
    Genie
     
  6. sexy_guy

    sexy_guy Well-Known Member

    Joined:
    Mar 19, 2003
    Messages:
    848
    Likes Received:
    0
    Trophy Points:
    16
    That doesnt work! I added that untrusted option last night and i received about 10 bounced emails with a return paths of nobody and unroutable domains today under phpsuexec. So what else? Im looking at my reverse PTR records at the moment but i will not know for sure until it starts resolving after 24 - 72hrs.
     
  7. Uneeeq

    Uneeeq Member

    Joined:
    Feb 4, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    grab one of those bounced emails
    block out your server name with SERVERNAME
    block out customer email with something like
    customer@hisdomain.ext
    and any privacy related data
    post it here

    I can try to figure it out

    for example if the email header is

    X-Mailer: PHP
    then we would look if the sender for mail.php
    passes the -f option in command line to exim

    and so forth
    I did my bug extermination on Horde - which does pass the -f command line option, have not yet looked at other PHP mailers...
     
  8. techark

    techark Well-Known Member

    Joined:
    May 22, 2002
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    Normal PHP Mail() function does not include the -f modifer.

    The script has to include the -f user@domain.com in it for the mod you posted for exim to work.

    Why they did not make it default with phpcunexec I have no idea.
     
  9. Uneeeq

    Uneeeq Member

    Joined:
    Feb 4, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    OK - there seems to be the HARD way to fix this, I wish I was a real programmer, not just a reverse coder...

    I have the answers - I think - that may be universal - the lowest common denominator is exim and we want any php mailer to work without having to modify things and worry about cpanel upgrades on those specific PHP scripts

    exim has an answer: rewrite rule
    it can rewrite sender envelope (say it is nobody@servername )
    to read FROM field which is customer@hisdomain.com

    so if php script sends stuff to exim like this ((without -f option))
    Received: from cpanel by SERVERNAME with local (Exim 3.36 #1)
    From: Genie <christma@CUSTOMERDOMAIN.info>
    To: 123user@aaa.net

    exim then adds this
    Reply-To: cpanel@SERVERNAME

    exims REWRITE reads the value in
    From: Genie <christma@CUSTOMERDOMAIN.info>
    and inserts it into
    Reply-To:
    to make it
    Reply-To: Genie <christma@CUSTOMERDOMAIN.info>


    the answers how to do rewrite are here:

    http://www.exim.org/exim-html-4.10/doc/html/FAQ_8.html#TOC204
    (( note this is from 4.x exim manual ))

    here are some examples I found:


    example 1)
    REWRITE CONFIGURATION
    #############################


    # This is an example of a useful rewriting rule---it looks up the real
    # address of all local users in a file

    # *@verisim.com ${lookup{$1}lsearch{/etc/email-addresses}\
    # {$value}fail} bcfrF

    # End of Exim configuration file
    #############################

    example 2)
    #############################
    | Is it possible to have Exim re-write a users name on outgoing
    | posts mail?

    If you're talking about the envelope sender, this snippet generated by
    'eximconfig' on debian does the job (for exim3) :


    ~~~~~~~
    ######################################################################
    # REWRITE CONFIGURATION #
    ######################################################################

    # This rewriting rule is particularly useful for dialup users who
    # don't have their own domain, but could be useful for anyone.
    # It looks up the real address of all local users in /etc/email-addresses

    *@dman.ddts.net ${lookup{$1}lsearch{/etc/email-addresses}\
    {$value}fail} frFs

    ~~~~~~~


    Replace "dman.ddts.net" with your local hostname, and create
    /etc/email-addresses like


    ~~~~
    local_username: public_address@public_domain.com
    local_username2: public_address2@public_domain.com
    ~~~~


    It won't change the From: header that the recipient sees, though.

    -D
    =====================
    #############################

    example 3)
    #############################
    http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030331/051817.html

    not exactly rewrite per-se but ((I think)) its logic can be applied to extract and apply $username@$usersrealdomain into REPLY-TO HEADER

    #############################
    ALSO - I am not sure - but I think I saw in exim 4.x documentation they even might have a option that can be
    inserted to exim.conf to replace envelope sender by a value
    in FROM field... but we run 3.x exim


    I believe it would take care of all these issues but I am not brave enough to write code on my production server and do not yet have a test server... perhaps CPANEL crew can take if from here
     
    #9 Uneeeq, Apr 22, 2003
    Last edited: Apr 22, 2003
  10. techark

    techark Well-Known Member

    Joined:
    May 22, 2002
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    LOLOL I am nick naming you the Exim queen :cool:

    Any support tickets I get on exim I am just passing them along to you...:D

    I will try it later on a test server and see how well it works.
     
  11. Uneeeq

    Uneeeq Member

    Joined:
    Feb 4, 2003
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    Ok - I had some more time to dig for answers

    If you add this to your exim.conf


    ######################################################################
    # REWRITE CONFIGURATION #
    Exim######################################################################

    # There are no rewriting specifications in this default configuration file.

    nobody@your.server.name $header_Reply-to: Fs

    #replace your.server.name with actual name of your sever

    RESTART EXIM

    this tip can be found all the way on the bottom of the page
    http://mitglied.lycos.de/HMGerhards/linux/en/how02.html

    Exim will then change headers inserting into SENDER ENVELOPE contents of the FROM field

    without this exim mod

    Exim constructs:

    Return-path: <nobody@your.server.name>
    Envelope-to: recipient@destinationdomain.ext
    Delivery-date: Sat, 26 Apr 2003 09:14:58 -0700
    Received: from nobody by your.server.name with local (Exim 3.36 #1)
    id 199SKI-00030K-00
    for recipient@destinationdomain.ext; Sat, 26 Apr 2003 09:14:58 -0700
    Subject: test 2 post
    From: sender@senderdomain.ext
    Reply-To: sender@senderdomain.ext


    with this exim mod, exim constructs mail like this

    Return-path: <sender@senderdomain.ext>
    Envelope-to: recipient@destinationdomain.ext
    Delivery-date: Sat, 26 Apr 2003 09:14:58 -0700
    Received: from nobody by your.server.name with local (Exim 3.36 #1)
    id 199SKI-00030K-00
    for recipient@destinationdomain.ext; Sat, 26 Apr 2003 09:14:58 -0700
    Subject: test 2 post
    From: sender@senderdomain.ext
    Reply-To: sender@senderdomain.ext

    --- hence any bounced messages will go to sender@senderdomain.ext instead of nobody@your.server.name

    Hope this helps
     
  12. sexy_guy

    sexy_guy Well-Known Member

    Joined:
    Mar 19, 2003
    Messages:
    848
    Likes Received:
    0
    Trophy Points:
    16
    Great info thanks. I will try that. Crossing fingers.
     
  13. sexy_guy

    sexy_guy Well-Known Member

    Joined:
    Mar 19, 2003
    Messages:
    848
    Likes Received:
    0
    Trophy Points:
    16
    I did implament this but every so often, especially when i have a user sending out a msg from a forum under phpsuexec i see this error in the log;

    Rewrite of nobody@myhostname.com yielded unparseable address: empty address in address

    ..otherwise it works fairly well. Once should think this was not necessary if this was working properly.
     
  14. brandonk

    brandonk Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    66
    Likes Received:
    0
    Trophy Points:
    6
    I'm getting the same errors...

    2003-05-01 10:46:36 19BHCe-0005cD-00 Rewrite of nobody@my.server.net yielded unparseable address: empty address in address
    2003-05-01 10:46:49 19BHCr-0005cS-00 Rewrite of nobody@my.server.net yielded unparseable address: empty address in address
     
  15. howard

    howard Well-Known Member

    Joined:
    Apr 20, 2003
    Messages:
    233
    Likes Received:
    0
    Trophy Points:
    16
    yea only really happens when you send out a mail w/o a reply-to field since then obviously exim has no address work with to rewrite the nobody stuff, you could use $header_From: if you wished to avoid it or ensure reply-to was in all mails :)
     
  16. bsasninja

    bsasninja Well-Known Member

    Joined:
    Sep 2, 2004
    Messages:
    528
    Likes Received:
    0
    Trophy Points:
    16
    I got an error

    I tried to do what you said in exim.conf (I have EXIM 4.44) I added the line but when i restart exim i got this error: option "nobody" unknown

    Anyone could help me?

    Thanks in advance!
     
Loading...

Share This Page