Hello,
Scenario:
- mailbox MAILADDRESS1 - size 25MB and it has been exceeded
- mailbox MAILADDRESS1 is configured to forward mail to MAILADDRESS2 without message deletion
- MAILADDRESS2 is located on live.com domain
- SOME_SPAM_EMAIL is being sent to MAILADDRESS1 and it gets bounce/error: "Mailbox size limit exceeded"
- in moment when SOME_SPAM_EMAIL is being tried to be delivered new email is being created on MAILADDRESS1 with title "Mailbox size limit exceeded" from System Administrator
- when new email is being created also another email is being sent to forwarding address MAILADDRESS2
Can someone tell me why notification is being sent to remote forwarding MAILADDRESS2 since message which caused forwarding is simple local notification message? I thing there should be a switch somewhere to keep System Administrator message local.
Take a look at logs.
SMTP log (spam message is being delivered to MAILADDRES1):
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] rsp: 220 MAIN_SM_INSTANCE
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] connected at 2017-08-24 02:39:49
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] IP in whitelist
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] cmd: EHLO INCOMING_GATEWAY_SM_IP
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] rsp: 250-MAIN_SM_INSTANCE Hello [INCOMING_GATEWAY_SM_IP]250-SIZE 104857600250-AUTH LOGIN CRAM-MD5250-STARTTLS250-8BITMIME250 OK
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] cmd: STARTTLS
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] rsp: 220 Start TLS negotiation
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] cmd: EHLO INCOMING_GATEWAY_SM_IP
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] rsp: 250-MAIN_SM_INSTANCE Hello [INCOMING_GATEWAY_SM_IP]250-SIZE 104857600250-AUTH LOGIN CRAM-MD5250-8BITMIME250 OK
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] cmd: MAIL FROM:<SOME_SPAM_EMAIL> SIZE=31488
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] rsp: 250 OK <SOME_SPAM_EMAIL> Sender ok
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] cmd: RCPT TO:<MAILADDRESS1>
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] rsp: 452 <MAILADDRESS1> Mailbox size limit exceeded
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] cmd: QUIT
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] rsp: 221 Service closing transmission channel
[2017.08.24] 02:39:49 [INCOMING_GATEWAY_SM_IP][7993676] disconnected at 2017-08-24 02:39:49
Delivery log (notification about mailbox size exceeding is being sent to MAILADDRES2 for some reasong with empty email addres):
[2017.08.24] 02:39:49 [31282] Delivery started for at 02:39:49
[2017.08.24] 02:39:53 [31282] Skipping spam checks: User authenticated
[2017.08.24] 02:39:56 [31282] Starting local delivery to MAILADDRESS1
[2017.08.24] 02:39:56 [31282] Delivery for to MAILADDRESS1 has completed (Forwarded Delivered) Filter: None
[2017.08.24] 02:39:56 [31282] End delivery to MAILADDRESS1
[2017.08.24] 02:39:56 [31282] Sending remote mail for
[2017.08.24] 02:39:56 [31282] Spam check results: [_CUSTOMRULES: ], [_BAYESIANFILTERING: passed]
[2017.08.24] 02:39:56 [31282] Initiating connection to OUTGOING_GATEWAY_SM_IP
[2017.08.24] 02:39:56 [31282] Connecting to OUTGOING_GATEWAY_SM_IP:25 (Id: 1)
[2017.08.24] 02:39:56 [31282] Binding to local IP LOCAL_MAIN_SM_IP:0 (Id: 1)
[2017.08.24] 02:39:56 [31282] Connection to OUTGOING_GATEWAY_SM_IP:25 from LOCAL_MAIN_SM_IP:37559 succeeded (Id: 1)
[2017.08.24] 02:39:56 [31282] RSP: 220 OUTGOING_GATEWAY_INSTANCE
[2017.08.24] 02:39:56 [31282] CMD: EHLO MAIN_SM_INSTANCE
[2017.08.24] 02:39:56 [31282] RSP: 250-OUTGOING_GATEWAY_INSTANCE Hello [LOCAL_MAIN_SM_IP]
[2017.08.24] 02:39:56 [31282] RSP: 250-SIZE 104857600
[2017.08.24] 02:39:56 [31282] RSP: 250-AUTH LOGIN CRAM-MD5
[2017.08.24] 02:39:56 [31282] RSP: 250-STARTTLS
[2017.08.24] 02:39:56 [31282] RSP: 250-8BITMIME
[2017.08.24] 02:39:56 [31282] RSP: 250 OK
[2017.08.24] 02:39:56 [31282] CMD: STARTTLS
[2017.08.24] 02:39:56 [31282] RSP: 220 Start TLS negotiation
[2017.08.24] 02:39:56 [31282] CMD: EHLO MAIN_SM_INSTANCE
[2017.08.24] 02:39:56 [31282] RSP: 250-OUTGOING_GATEWAY_INSTANCE Hello [LOCAL_MAIN_SM_IP]
[2017.08.24] 02:39:56 [31282] RSP: 250-SIZE 104857600
[2017.08.24] 02:39:56 [31282] RSP: 250-AUTH LOGIN CRAM-MD5
[2017.08.24] 02:39:56 [31282] RSP: 250-8BITMIME
[2017.08.24] 02:39:56 [31282] RSP: 250 OK
[2017.08.24] 02:39:56 [31282] CMD: MAIL FROM:<> SIZE=1030
[2017.08.24] 02:39:56 [31282] RSP: 250 OK <> Sender ok
[2017.08.24] 02:39:56 [31282] CMD: RCPT TO:<MAILADDRESS2>
[2017.08.24] 02:39:56 [31282] RSP: 250 OK <MAILADDRESS2> Recipient ok
[2017.08.24] 02:39:56 [31282] CMD: DATA
[2017.08.24] 02:39:56 [31282] RSP: 354 Start mail input; end with <CRLF>.<CRLF>
[2017.08.24] 02:39:56 [31282] RSP: 250 OK
[2017.08.24] 02:39:56 [31282] CMD: QUIT
[2017.08.24] 02:39:56 [31282] RSP: 221 Service closing transmission channel
[2017.08.24] 02:39:56 [31282] Delivery for to MAILADDRESS2 has completed (Delivered)
[2017.08.24] 02:39:59 [31282] Delivery finished for at 02:39:59 [id:830131282]
Shouldn't local notifications messages from System Administrator be delivered only to local account and not sent to forwarding address?
Another thing is also interesting and probably this is cause of my problems (about this below). Local "Mailbox size limit exceeded" message contains sender "System Administrator" with proper email address from SmarterMail configuration System Messages section BUT as you can see from Delivery log message sent to forwarding MAILADDRESS2 has empty email addres as sender.
I'm investigating this because my outgoing gateway has been marked on SORBS list and I'm trying to figure out why and IMHO cause is:
empty sender address in message "MailboxSizeLimitExceeded" which is being sent to forwarding MAILADDRESS2 configured in MAILADDRESS1
Any comments?
Thanks