Bounce handling

I’m trying to figure out how to append bounce notices to tickets.
Basically, if a bounce comes in to my return-path address, I want to
scan it for evidence of a bounce from RT. If it finds it, append the
message (or just the DSN report part if it is a DSN) to the offending
ticket.

Has anyone written such a beastie? If not, I will write my own and
then share it. I’m just looking to save some work :slight_smile:

smime.p7s (2.47 KB)

We have database at work that has all of our customer contacts. We have
a script which polls it regularly and builds a procmail ruleset based on
all of those contact email addresses. If an incoming email is directed
at the queue to which the procmail ruleset belongs and the address is
not found it is sent a bounce message.

Basically, the ‘From’ address is compared to everything in the procmail
ruleset. If the email address exists it is passed to the RT mailgate.
If the address doesn’t exist, postfix sends a bounce with a prebuilt
message indicating the address is not an authorized address and to have
someone that is already authorized to contact our NOC to add the new user.

If they contact us we add them to an authorized users list until they
are added to the database. This list is checked immediately after the
database is polled by our script.

This led to an issue of emails being bounced to likely non-existent
email addresses since they are primarily spam induced. The servers for
these bounced messages then would return another bounce to us indicating
that the email address doesn’t exist. This was solved by setting the
’From’ address in OUR bounces to no-reply@ which we then configured
Exchange to send to the bit bucket.

HTH,
Mathew

Vivek Khera wrote:

I should note that this has literally eliminated all spam in our
customer ticket queue.

In order to manage the spam received by way of our other public facing
queue I have the owner of the queue assign all tickets to me and open
them. I then have a script which accesses the page via WWW::Mechanize
and then scrape the addresses using HTML::TokeParser. These addresses
are then passed to rtx-shredder on a daily basis.

We only have two public facing queues though. The one which our
customers submit work tickets to and the security queue which also
receives all info requests as well as any abuse related issue.

I’m not sure that this solution would scale well.

Mathew

Vivek Khera wrote:

It also people like me have to deal with your bounce messages,
when the spammers fake my address as the sender. That is currently the
largest source of junk that I get. They seem to not use the guys who
don’t include the original message in the bounce as much, though I still
get quite a number of faked bounces and vacation messages.
As one example, spamcop.net now considers those bad bounces as
spam, and will send reports to your upstream provider.

A better solution would be to bounce them earlier.  I haven't 

tried to bounce based on From address, since that is so easy to change,
but I imagine it should be possible.On Mon, 11 Dec 2006, Mathew wrote:

I should note that this has literally eliminated all spam in our
customer ticket queue.

In order to manage the spam received by way of our other public facing
queue I have the owner of the queue assign all tickets to me and open
them. I then have a script which accesses the page via WWW::Mechanize
and then scrape the addresses using HTML::TokeParser. These addresses
are then passed to rtx-shredder on a daily basis.

We only have two public facing queues though. The one which our
customers submit work tickets to and the security queue which also
receives all info requests as well as any abuse related issue.

I’m not sure that this solution would scale well.

Mathew

Vivek Khera wrote:

I’m trying to figure out how to append bounce notices to tickets.
Basically, if a bounce comes in to my return-path address, I want to
scan it for evidence of a bounce from RT. If it finds it, append the
message (or just the DSN report part if it is a DSN) to the offending
ticket.

Has anyone written such a beastie? If not, I will write my own and then
share it. I’m just looking to save some work :slight_smile:



The rt-users Archives

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com


The rt-users Archives

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Some things can’t be helped I guess.

Mathew

Jon Daley wrote:

I’m trying to figure out how to append bounce notices to tickets.
Basically, if a bounce comes in to my return-path address, I want
to scan it for evidence of a bounce from RT. If it finds it,
append the message (or just the DSN report part if it is a DSN) to
the offending ticket.

Written, tested, and posted to

Request Tracker Wiki

That page needs to be “despammed” as the links in it are flagged in
red, which hopefully can be cleared up.

smime.p7s (2.47 KB)

Request Tracker Wiki

That page needs to be “despammed” as the links in it are flagged in
red, which hopefully can be cleared up.

Apparently mere mortals are not allowed to download attachments, so
if anyone wants it email me until that is fixed on the wiki… or is
there some other way to post scripts into the wiki without painful
reformatting?

smime.p7s (2.47 KB)

I saw Mail-DeliveryStatus-BounceParser-1.543 - utility functions for Mail::DeliveryStatus::BounceParser's unittests - metacpan.org on
the CPAN that could help parse bounces.On 12/13/06, Vivek Khera vivek@khera.org wrote:

On Dec 11, 2006, at 4:56 PM, Vivek Khera wrote:

I’m trying to figure out how to append bounce notices to tickets.
Basically, if a bounce comes in to my return-path address, I want
to scan it for evidence of a bounce from RT. If it finds it,
append the message (or just the DSN report part if it is a DSN) to
the offending ticket.

Written, tested, and posted to

Request Tracker Wiki

That page needs to be “despammed” as the links in it are flagged in
red, which hopefully can be cleared up.


The rt-users Archives

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

Best regards, Ruslan.

I saw Mail-DeliveryStatus-BounceParser-1.543 - utility functions for Mail::DeliveryStatus::BounceParser's unittests - metacpan.org on
the CPAN that could help parse bounces.

Nice! I’ll be updating my script today :wink:

smime.p7s (2.47 KB)