postconf -n
address_verify_sender = [email protected]
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
disable_vrfy_command = yes
empty_address_recipient = [email protected]
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
local_recipient_maps =
local_transport = error:No local mail delivery
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
maximal_queue_lifetime = 30d
message_size_limit = 31457280
mydestination =
myhostname = bsd5.domain.net
mynetworks = 127.0.0.0/8 [::1]/128 83.96.158.128/25
myorigin = nedport.net
postscreen_access_list = permit_mynetworks
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = b.barracudacentral.org*2, zen.spamhaus.org*3,
bl.spamcop.net*1, psbl.surriel.com*1, dnsbl.ahbl.org*2,
bl.spameatingmonkey.net*1, virbl.dnsbl.bit.nl*3
postscreen_dnsbl_threshold = 3
postscreen_greet_action = enforce
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-relay_domains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-relay_recipients.cf
relayhost =
smtpd_banner = myname.net ESMTP Mailgateway
smtpd_client_restrictions = permit_sasl_authenticated,
permit_mynetworks, permit
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks,
permit
smtpd_recipient_limit = 200
smtpd_recipient_restrictions = permit_mynetworks,
reject_unauth_destination, reject_unknown_recipient_domain,
reject_unverified_recipient, whitelist_policy, permit
smtpd_restriction_classes = whitelist_policy
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_sender,
reject_unknown_sender_domain, permit
strict_rfc821_envelopes = no
transport_maps = mysql:/etc/postfix/mysql-transports.cf
virtual_alias_maps = hash:/etc/postfix/virtual
whitelist_policy = check_client_access
mysql:/etc/postfix/mysql-global_whitelist.cf, check_sender_access
mysql:/etc/postfix/mysql-global_whitelist.cf
--------------------------------------------------------
I have migrated 2 sendmail servers to postfix/dovecot servers using the
spamsnake tutorial. The first server runs the spamsnake and the second
handles the mail for the clients.
I tested it for a while and it seemed to run ok, but after turning it
in production i got a few errors.
-The biggest problem now is that some clients can't get their email
using their exchange 2008 pop connector, because it stop after 5
messages with corrupt headers. I don't know where this comes from or to
find a solution. This is a sample header:
Return-Path: <MAILER-DAEMON>
Delivered-To: [email protected]
Received: from bsd5.domain.net (bsd5.domain.net [83.x.x.x])
by mail.domain.net (Postfix) with ESMTP id 56C771B53204
for <[email protected]>; Tue, 7 Jan 2014 14:22:10 +0100 (CET)
Received: by bsd5.domain.net (Postfix)
id 2A62AA41455; Tue, 7 Jan 2014 14:22:04 +0100 (CET)
Date: Tue, 7 Jan 2014 14:22:04 +0100 (CET)
From: [email protected] (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: [email protected]
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="21EA9A41450.1389100924/bsd5.domain.net"
Content-Transfer-Encoding: 8bit
Message-Id: <[email protected]>
This is a MIME-encapsulated message.
etc..
second problem is that on the first server (spamsnake) I get sometimes this
error:
Jan 7 14:56:56 bsd5 postfix/error[7639]: 0BF47A41459:
to=<[email protected]>, relay=none, delay=20, delays=20/0/0/0.01, dsn=4.3.0,
status=deferred (unknown mail transport error)
when it happens I got several messages in about a minute and then it
stops. the messsages are resend without a problem after about 9 minutes.
Third problem is that I have reject_unverified_recipient enabled but it
is not working I have one domain which receives about 100 mails an hour
off which 99 are spam. the use only one emailaccount (no catchall) but
the mail is refused at the second server after it has gone through the
spamsnake. This was working ok, but I don't know what I did to break
this ;-)
Thanks,
Roger
