[fetchmail]Fetchmail, Tobit, Postfix to name but a few.

[Rob Funk]

Scotter wrote:
> Firstly, apologies for the bizarre solution I'm trying to implement.
> The only reason I'm trying to get it to work like this is because of
> time and money considerations. As such, I'll be equally appreciative if
> someone manages to come up with a quick and dirty fix or a more robust
> solution.

Since you mention quick&dirty, I'll make a suggestion that may not work in 
your situation, but if it does would be quick, and not even that dirty:  
Point a single MX to your Postfix server, and ditch the backup MXs.

In my opinion, backup MXs are more trouble than they're worth, and you're 
seeing one reason why.  Don't forget, senders are required by the mail 
standards to retry for a few days if they are initially unable to reach 
the receiving server.  (Of course, the backup MX question is a live 
controversy, so others disagree with me.)

> This has been working well for some time. The problem is that the Anti
> SPAM and Anti Virus on the tobitmail server has been disabled

A big reason backup MXs are not good these days, except maybe if you 
control them.

> 1) ATRN using fetchmail. This would have been my preferred method as it
> would keep headers intact. But authentication fails because the
> mail.tobitmail.net requires the EHLO response to be the domain I wish
> to collect mail for (Not RFC compliant I believe). Fetchmail always
> says "EHLO localhost", unless I set the hostname to
> customers-domain.com before running fetchmail. Obviously I don't want
> to have to keep renaming server, as I have a few domains I'd like to
> collect mail for. Would have been lovely if there was a -ehlo option!

According to your verbose log, you're using version 6.2.5.  Thecurrent 
version is 6.3.2.  I don't remember the ETRN feature changing lately, but 
I might have forgotten.
If fetchmail is still using "EHLO localhost", that's definitely something 
we should change.

> 2) I've just tired using fetchmail via POP3. If I run it with a --check
> it tells me mails their to collect. If I knock the --check off it
> starts doing its thing, then starts printing lots of dots. I assumed
> that this was a progress report just telling me fetchmail is working,
> but even when I've left it running for 10 minutes when one very small
> email is in the mailbox its still echoing dots.

The dots are an indicator of progress.  There's probably something weird 
about the spam that is confusing fetchmail.  This is something that may 
be improved in the current version.

> fetchmail: 6.2.5 querying mail.tobitmail.net (protocol auto) at Wed 22
> Feb 2006 15:00:13 GMT: poll started

Fetchmail 6.2.5 has some known security problems, which were fixed in 
6.2.5.4 and the 6.3 releases.

See http://fetchmail.berlios.de/ for the current version.
(Yes, we know that the old fetchmail web page doesn't indicate that 
there's been a change.)

While I'm at it, I'lll mention that this mailing list is deprecated, and 
the current lists are shown at:
   http://developer.berlios.de/mail/?group_id=1824
In particular:  https://lists.berlios.de/mailman/listinfo/fetchmail-users

> The most obvious question I have is why is the mail being sent to
> root@localhost? (RCPT TO:<root@localhost>). I'd have expected to see
> RCPT TO:<user@customers-domain.com>?

You're probably not properly setting fetchmail for multidrop mode.

> Regardless of that, why am I 
> getting dotted to death?

That's probably a bug in either the POP server or fetchmail or both, and 
probably related to the fact that spam is often malformed somehow.

> I know most peoples initiate reaction is to say get another server on
> the internet and get that running as a backup server for your domains
> and remove the tobit mail servers MX records from the domain. That is
> my overall plan, but I need time and money to get to that stage.

No, just forget the backup server idea entirely.

-- 
==============================|   "A microscope locked in on one point
 Rob Funk <rfunk@funknet.net> |Never sees what kind of room that it's in"
 http://www.funknet.net/rfunk |    -- Chris Mars, "Stuck in Rewind"