Date: Fri, 15 Jan 2010 07:05:32 +0000 From: Frank Shute <frank@shute.org.uk> To: Benjamin Lutz <mail@maxlor.com> Cc: freebsd-chat@freebsd.org Subject: Re: How Fetchmail made me a spammer Message-ID: <20100115070532.GA75137@orange.esperance-linux.co.uk> In-Reply-To: <201001141016.56877.mail@maxlor.com> References: <201001141016.56877.mail@maxlor.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jan 14, 2010 at 10:16:56AM +0100, Benjamin Lutz wrote: > > Last night, I got an email from one of my users for whom I handle emails. He > said that friend sent him a large email, which was rejected because of its > size; and that his friend now gets a notice to that effect every minute. > > What had happened? > > 1) The friend sent a 20MB Email to my user's public email account. > 2) Fetchmail downloads that 20MB email from the public POP3 server. > 3) Fetchmail tries to pass the email to the local postfix server. > 4) Postfix refuses the email with a permanent 552 error because > it's larger than 10MB. > 5) Fetchmail generates and sends a rejection notice, but does not > delete the 20MB Email from the POP3 server because the > "softbounce" option is still the default. > 6) Fetchmail sleeps 60 seconds. > 7) Continue at step 2). > > The damage done: > - roughly 20GB of bandwidth wasted by downloading the 20MB email over > and over. > - an estimated 1000 rejection notices sent to the poor guy who originally > sent the 20MB email (well, that should teach him not to send big mails! :) > - personal embarassment. > > The lessons learned: > - I need better monitoring. I already monitor postfix's queue size and > get alerts if it goes above a certain size, but in this case, the email > in question never ended up in the queue. Monitoring bandwidth usage at > the firewall and mails-per-hour at the mail server (which includes error > notices) should let me detect sooner that something is amiss next time. > - Postfix's default 10MB size limit seems outdated seeing how internet > connections have become faster; I've upped it to 50MB. > - Fetchmail's defaults are dangerous. The softbounce option, which is the > default (the manpage claims it'll be disabled by default with the next > version,) can generate large amounts of spam. > > Cheers > Benjamin Benjamin, You might want to give getmail a try. In the getmail conf you can limit the size of emails it fetches. I'm not sure you can do that with fetchmail. As you say, the guy who sent a >10MB email was rather silly, although I don't know what the "standard Windows user" uses for file transfer other than email. It's not like they usually have a web server set up. Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100115070532.GA75137>