What is the best value for first retry-window for postgrey ?

[an...@iguanait.com]

Hi,

we have a centos 5 server that we use  for mail server and i have
installed their postgrey.

I want to ask what values do you use for retry-window option and what is
the best value for this ?

I have leave it with the default value 2 days for now, but i don't know
if it is too high.

What's your opinion?

Thanks in advance and best regards!

different transport_maps when submitting mail from amavis

[Rolandas Juodzbalis]

Hello list,

I have postfix on one server and amavis on another. On postfix I'm using 
transport_maps to deliver depending on spam flag in database. If spam 
flag is on, then query returns following output: 
smtp:ip_of_amavis:10024. If spam flag is off, then it returns word 
virtual. Problem begins when amavis tries to submit mail back to postfix 
on port 10025 - transport_maps is used again and starts looping. Is 
there any way to avoid using transport_maps when feeding mail from 
amavis back to postfix via port 10025? Or maybe another alternative of 
communicating between amavis and postfix?


Thanks,
Roland

Applying dfilt to one IP only

[Paul Cocker]

I am attempting setting up footers so they apply only to outgoing mail
not incoming mail (currently they apply to all e-mail), but I would like
to check that I have the right end of the stick.

First I map a second IP (100.100.100.2) to eth0, this interface will be
eth0:0

Next I modify master.cf from:

smtp  inet  n   -   n   -   -   smtpd
   -o content_filter=dfilt:
dfilt unix  -   n   n   -   -   pipe
flags=Rq user=filter argv=/etc/postfix/disclaimer -f ${sender} --
${recipient}

To:

100.100.100.1:smtp  inet  n   -   n   -   -
smtpd
100.100.100.2:smtp  inet  n   -   n   -   -
smtpd
   -o content_filter=dfilt:
127.0.0.1:smtpinet  n   -   n   -   -
smtpd
   -o content_filter=dfilt:
dfilt unix  -   n   n   -   -   pipe
flags=Rq user=filter argv=/etc/postfix/disclaimer -f ${sender} --
${recipient} 

I'm pretty sure that thus far I'm spot on, my only question now is
whether or not I need to change the inet_interfaces setting in main.cf
from all to 100.100.100.2, or whether this would prevent local systems
from sending mail out via 100.100.100.1.

Paul Cocker
_

Please consider the environment, think before you print.

TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047),
TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland Ltd (05695897),
TNT Post North Ltd (05701709), TNT Post South West Ltd (05983401), TNT Post
Midlands Limited (6458167)and TNT Post London Limited (6493826). Emma's Diary
and Lifecycle are trading names for Lifecycle Marketing (Mother and Baby) Ltd
(02556692). All companies are registered in England and Wales; registered
address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire,
SL7 1HY.

RE: temporary lookup failure

[Jon Harris]

Hi Brian

Everything you said makes a great deal of sense - thanks very much. I
have changed the RBL settings, as you advised.

Yes, the load has gone up considerably, particularly, we are seeing a
massive rise of spam traffic on this box (mainly on one or two of the
domains 30 domains its responsible for)

However, I have tried putting "proxy:" in front of my mysql maps and it
stopped it being able to receive email. Presumably, I need to enable
proxymap to get proxy maps to work. This is something I don't know how
to do.

This is what "postconf -d | grep proxy" returns:

local_recipient_maps = proxy:unix:passwd.byname $alias_maps
proxy_interfaces = 
proxy_read_maps = $local_recipient_maps $mydestination
$virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps
$virtual_mailbox_domains $relay_recipient_maps $relay_domains
$canonical_maps $sender_canonical_maps $recipient_canonical_maps
$relocated_maps $transport_maps $mynetworks
smtpd_proxy_ehlo = $myhostname
smtpd_proxy_filter = 
smtpd_proxy_timeout = 100s

There are no lines with proxy in my main.cf, do I need to add in a
"proxy_read_maps"? If so what do I set it to?

Incidently, here is a copy of my "mysql_virtual_mailbox_maps.cf" I did
initially have a few problems getting this working. If I use
proxy:mysql: will I need to change this?

user = 
password = 
hosts = localhost
dbname = postfix
table = mailbox
#select_field = CONCAT(domain,'/',maildir)
select_field = maildir
where_field = username
additional_conditions = and active = '1'
#query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE
username='%s' AND active = '1'

Regards

Jon


[snip]

Re: "nobody is going to write a new MTA"

[Jordi Espasa Clofent]

mouss escribió:


the OpenBSD guys take this a bit too "aggressively". on the other hand,
this approach has resulted in good software (the so-called OpenBSD pf is
a good example, although the story was "special").


Well, I would say 'coherently instead of 'aggressively'

+info:
http://www.openbsd.org/policy.html
http://www.openbsd.org/faq/faq1.html#HowAbout

And yes, the history behind PF origin is curious at least.

--
Thanks,
Jordi Espasa Clofent

Re: different transport_maps when submitting mail from amavis

[Magnus Bäck]

On Fri, May 29, 2009 9:27 am, Rolandas Juodzbalis said:

> I have postfix on one server and amavis on another. On postfix I'm using
> transport_maps to deliver depending on spam flag in database. If spam
> flag is on, then query returns following output:
> smtp:ip_of_amavis:10024. If spam flag is off, then it returns word
> virtual. Problem begins when amavis tries to submit mail back to postfix
> on port 10025 - transport_maps is used again and starts looping. Is
> there any way to avoid using transport_maps when feeding mail from
> amavis back to postfix via port 10025? Or maybe another alternative of
> communicating between amavis and postfix?

The transport table is global for the whole Postfix instance. Per-user
routing thus requires two Postfix instances.

http://www.postfix.org/MULTI_INSTANCE_README.html

-- 
Magnus Bäck
mag...@dsek.lth.se

Relay mail server for a dial-up sat connection

[Enrico g]

Hello all,
I've been charged to develop a relay mail server in a dial-up sat
connection by my company.

1a) This server must connect to Internet every 3 hours and fetch and
send mails for various users.
1b) Connection must be opened by the server at the start of the
process and closed when all mails are received and sent.

2a) Users can access the received mail on the server through POP
clients or webmail.
2b) Users can send mail through the server with SMTP clients or webmail.


I read something here and there and decided to resolve the various
problems this way:
getmail to fetch mail for the various users
qmail or postfix are the choices for the SMTP servant
pop3d (is that the right name?) to serve POP at clients
squirrelmail for webmail

Have to find out how to manage virtual users (I saw a couple of tools
here and there), because I don't want 'mail user' = 'nix user'

1a
The various processes sure can be launched by a cron job.
However there is the possibilities of a power loss, possibly resulting
in a "missing call" by cron.
Anacron is supposed to help in these but can it manage every-3-hours
jobs? Have to check...

1b
In the case I will use postfix, how can I check out when it has
finished sending mail to Internet (to close dialup connection)?

2a
Both qmail and postfix have modules to serve mail boxes using POP3 so
no problems here

2b
Here comes a big question. I want a MTA that can receive mail from
clients using SMTP and send those "big bag of mails" using server
smtp.domain.net instead of take care to distribute every single mail.
Can postfix do this? and how?

However the mail provider my company is using has blocked access to
the SMTP server only to authenticated users, and sat provider doesn't
give SMTP services...
So I have this strange question:
I'm user u...@domain.net
Can I send a mail to someb...@fake.net using otheru...@domain.net AS
u...@domain.net keeping correct header infos to let someb...@fake.net
reply to otheru...@domain.net

Why this? Because as I said the mail provider we use require
authentication, so my intention where to use one account to access
SMTP server and from there leave the "big bag of mail" to the SMTP
server of the mail provider, instead of opening different connection
for every single user.

strange mail protocol

[Stefan Palme]

Hi,

I've just found the following in my postfix log:

> grep C5E7710205CD: /var/log/mail/current 
May 29 13:21:01 [postfix/pickup] C5E7710205CD: uid=65534 
from=
May 29 13:21:01 [postfix/cleanup] C5E7710205CD: 
message-id=<20090529112101.11351.11039.stra...@strato1>
May 29 13:21:01 [postfix/qmgr] C5E7710205CD: from=, 
size=1355, nrcpt=1 (queue active)
May 29 13:21:03 [postfix/smtp] C5E7710205CD: host 
f.mx.mail.yahoo.com[68.142.202.247] said: 451 Message temporarily deferred - 
[170] (in reply to end of DATA command)
May 29 13:21:04 [postfix/smtp] C5E7710205CD: to=, 
relay=f.mx.mail.yahoo.com[98.137.54.237]:25, delay=3.2, 
delays=0.29/0.01/1.7/1.2, dsn=2.0.0, status=sent (250 ok dirdel)
May 29 13:21:04 [postfix/qmgr] C5E7710205CD: removed

So the question: what has happened with that mail? 

I am confused about the line "451 Message temporarily deferred" 
immediately followed by "status=sent (250 ok)".

Thanks and regards
-stefan-

Re: strange mail protocol

[Andreas Winkelmann]

> Hi,
>
> I've just found the following in my postfix log:
>
>> grep C5E7710205CD: /var/log/mail/current
> May 29 13:21:01 [postfix/pickup] C5E7710205CD: uid=65534
> from=
> May 29 13:21:01 [postfix/cleanup] C5E7710205CD:
> message-id=<20090529112101.11351.11039.stra...@strato1>
> May 29 13:21:01 [postfix/qmgr] C5E7710205CD: from=,
> size=1355, nrcpt=1 (queue active)
> May 29 13:21:03 [postfix/smtp] C5E7710205CD: host
> f.mx.mail.yahoo.com[68.142.202.247] said: 451 Message temporarily deferred
> - [170] (in reply to end of DATA command)
> May 29 13:21:04 [postfix/smtp] C5E7710205CD: to=,
> relay=f.mx.mail.yahoo.com[98.137.54.237]:25, delay=3.2,
> delays=0.29/0.01/1.7/1.2, dsn=2.0.0, status=sent (250 ok dirdel)
> May 29 13:21:04 [postfix/qmgr] C5E7710205CD: removed
>
> So the question: what has happened with that mail?
>
> I am confused about the line "451 Message temporarily deferred"
> immediately followed by "status=sent (250 ok)".

4xx are temporary Errors and Postfix tries the next MX.

68.142.202.247 != 98.137.54.237

--
Andreas

Re: strange mail protocol

[Stefan Palme]

> > I am confused about the line "451 Message temporarily deferred"
> > immediately followed by "status=sent (250 ok)".
> 
> 4xx are temporary Errors and Postfix tries the next MX.
> 
> 68.142.202.247 != 98.137.54.237

Args, obviously you are right. Sorry for the noise...

Thanks
-stefan-

domain-in-a-box statistics

[Wietse Venema]

Wietse Venema:
> > Is it even neccessary to have a hostname at all since the days of having s
> >-eperate machines for seperate daemons are behind us for most websites?  Afte
> >-r all, mail.example1.com, www.example1.com, pop3.example1.com,... are all th
> >-e same machine these days.
> 
> A machine name is required for several email-related Internet standards.
> Besides, having all DNS names resolve to the same box is not normal usage.

I'll post some numbers today, based on domain names found in open
mailing lists.

Wietse

Re: What is the best value for first retry-window for postgrey ?

[lst_hoe02]

Zitat von "an...@iguanait.com" :


Hi,

we have a centos 5 server that we use  for mail server and i have
installed their postgrey.

I want to ask what values do you use for retry-window option and what is
the best value for this ?

I have leave it with the default value 2 days for now, but i don't know
if it is too high.

What's your opinion?



Postfix is not Postgrey so it may be useful to ask on the Postgrey List.
The "retry-window" is the time after which a record is purged if no  
other attempt to deliver mail is made. If you set it too short server  
with long retry times may not be able to deliver mail to you at all.  
So if unsure leave it at the save default.


Regards

Andreas

Re: temporary lookup failure

[Brian Evans - Postfix List]

Jon Harris wrote:
> Hi Brian
>
> Everything you said makes a great deal of sense - thanks very much. I
> have changed the RBL settings, as you advised.
>
> Yes, the load has gone up considerably, particularly, we are seeing a
> massive rise of spam traffic on this box (mainly on one or two of the
> domains 30 domains its responsible for)
>
> However, I have tried putting "proxy:" in front of my mysql maps and it
> stopped it being able to receive email. Presumably, I need to enable
> proxymap to get proxy maps to work. This is something I don't know how
> to do.
>
> This is what "postconf -d | grep proxy" returns:
>   

'postconf -d' shows defaults that are used unless you define them in main.cf
'postconf -n' shows what Postfix sees in your main.cf.

> There are no lines with proxy in my main.cf, do I need to add in a
> "proxy_read_maps"? If so what do I set it to?
>   

You have proxymap enabled according to your OP:
> master.cf
> -
> proxymap  unix  -   -   n   -   -   proxymap
What is the in the log of the error?


> Incidently, here is a copy of my "mysql_virtual_mailbox_maps.cf" I did
> initially have a few problems getting this working. If I use
> proxy:mysql: will I need to change this?
>   
No.  Read 'man 8 proxymap' to understand what it does.

> user = 
> password = 
> hosts = localhost
> dbname = postfix
> table = mailbox
> #select_field = CONCAT(domain,'/',maildir)
> select_field = maildir
> where_field = username
> additional_conditions = and active = '1'
> #query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE
> username='%s' AND active = '1'
>
>   

Re: temporary lookup failure

[Barney Desmond]

2009/5/29 Jon Harris :
> However, I have tried putting "proxy:" in front of my mysql maps and it
> stopped it being able to receive email. Presumably, I need to enable
> proxymap to get proxy maps to work. This is something I don't know how
> to do.

Error logs?

My suspicion is that the proxy map isn't available for some reason.
Run `postconf -m` to check that proxy is actually a supported map type
(ie. was compiled into your distribution). This is a Debian machine of
mine, yours should be similar:

yoshino:~# postconf -m
btree
cidr
environ
hash
nis
pcre
pgsql
proxy
regexp
sdbm
static
tcp
unix


> This is what "postconf -d | grep proxy" returns:

`-d` shows you the defaults. Use plain `postconf` to show all relevant
values, so your grep will return useful results. Use `-d` when you're
reading the postconf manpage and want to know what the default is for
system-dependent stuff (at least, that's what I use it for).

> There are no lines with proxy in my main.cf, do I need to add in a
> "proxy_read_maps"? If so what do I set it to?

No. I've never seen it mentioned here; chances are you'll never need
to change it. proxy is something of a "magic" map type, you stack it
on another "real" map.

> If I use
> proxy:mysql: will I need to change this?

No. The proxy map basically just does connection sharing/pooling to
ease the load on mysql (when used on mysql tables).
http://www.postfix.org/proxymap.8.html

Re: temporary lookup failure

[Victor Duchovni]

On Sat, May 30, 2009 at 02:09:35AM +1000, Barney Desmond wrote:

> 2009/5/29 Jon Harris :
> > However, I have tried putting "proxy:" in front of my mysql maps and it
> > stopped it being able to receive email. Presumably, I need to enable
> > proxymap to get proxy maps to work. This is something I don't know how
> > to do.
> 
> Error logs?

All tables used with "proxy:" need to be listed in "proxy_read_maps".
The default value covers many of the built-in table-valued parameters,
but it is not uncommon to need to extend this list. There is no "+="
syntax in main.cf, so extending the parameter means copying in the
default value, and then the required additions.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

Re: Applying dfilt to one IP only

[Victor Duchovni]

On Fri, May 29, 2009 at 09:10:14AM +0100, Paul Cocker wrote:

> I'm pretty sure that thus far I'm spot on, my only question now is
> whether or not I need to change the inet_interfaces setting in main.cf
> from all to 100.100.100.2, or whether this would prevent local systems
> from sending mail out via 100.100.100.1.

At a minimum, the union of "inet_interfaces" and "proxy_addresses"
needs to list all IP addresses at which you receive inbound email
(IP addresses of MX hosts for your domans, or A records of hosts
that receive u...@host email). Email sent to u...@[ip] is considered
"local" provided the "ip" is in inet_interfaces or proxy_addresses.

If "inet_interfaces" is then just a single IP address, but the system
is connected to multiple subnets, not just multi-IP on a single subnet,
then it is important to read the docs for "inet_interfaces" and understand
the notes about "smtp_bind_address".

Otherwise, also "inet_interfaces" is used in the default value of:

local_header_rewrite_clients = permit_inet_interfaces

and of course the default address list for master.cf "inet" services
that only specify a service name, with no address.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

veritication of sender and auth

[maximatt]

hi...

where i can check in a momento of processing sender - that's is with a
script or other method - the following:

   - for an authenticated user, he send a message, but i need to check that
the mail of the sender is authenticated user mail address.

in others words, who's  the point that i can merge autentication with sender
validation... (i understand that are diferent process)

thanks!

-- 
Salu2 ;)

Re: veritication of sender and auth

[Brian Evans - Postfix List]

maximatt wrote:
>
> hi...
>
> where i can check in a momento of processing sender - that's is with a
> script or other method - the following:
>
>- for an authenticated user, he send a message, but i need to check
> that the mail of the sender is authenticated user mail address.
>
> in others words, who's  the point that i can merge autentication with
> sender validation... (i understand that are diferent process)
>
> thanks!
If submitted via sendmail(1) command, then it is up to you and your
script/web interface.

If submitted via SMTP read the following:
http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps
http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch
http://www.postfix.org/postconf.5.html#reject_unauthenticated_sender_login_mismatch

Brian

Re: domain-in-a-box statistics (was myhostname etc.)

[Wietse Venema]

Wietse Venema:
> Wietse Venema:
> > > Is it even neccessary to have a hostname at all since the days of having s
> > >-eperate machines for seperate daemons are behind us for most websites?  
> > >Afte
> > >-r all, mail.example1.com, www.example1.com, pop3.example1.com,... are all 
> > >th
> > >-e same machine these days.
> > 
> > A machine name is required for several email-related Internet standards.
> > Besides, having all DNS names resolve to the same box is not normal usage.
> 
> I'll post some numbers today, based on domain names found in open
> mailing lists.

To test the hypothesis that mail.domain, www.domain, etc. all have
the same IP address, I did a quick survey based on email sender
domain names found in open mailing lists on postfix, freebsd, php,
and bugtraq, for the past 1.5 year. The list is available on request.

These mailing lists represents a technical audience. At least in
this population, the "domain in a host" approach is not dominant
for email.

For the analysis I queried each domain for its A records, for the
A records of "www.domain", and for the A records of the domain's
primary MX records. Queries were done in parallel to reduce
inconsistencies due to short TTLs.  All queries followed CNAME
indirections.  I deleted domains that produced no result at all.

A special case is when a domain has no MX records. In this case
RFC 5321 requires that mail is sent using domain's A records instead.
Thus, a domain without MX records is the same as a domain with an
MX record that points at the domain itself. Thus, the default DNS
rules correspond to a domain-in-a-box architecture.

The raw results are at the end of this message.

For this domain population, the "domain in a host" approach is not
dominant with email: 1116 or 3755 domains used the same IP addresses
for the domain itself and as for email (with or without explicit
MX records), and 917 of 3755 domains used the same IP addresses
for web services (http://www.domain) as for email (u...@domain).

The "domain in a host" approach appears to be more common with web
services: 3346 of 3755 domains used the same IP addresses for the
domain itself as for web services (http://www.domain). I had
expected a larger number here.

Conclusion: SMTP is not HTTP; don't assume that what is valid for
web services is necessarily valid for email services.

Wietse

Number of domains = 3755
 with A records = 3147 (following CNAME)
 with MX records = 3525 (following CNAME)
 with www.domain A records = 3346 (following CNAME)
 with A records == www.domain A records = 2589
 with A records == primary MX A records = 886
 with www.domain A records == primary MX A records = 917
 with A records or www.domain A records == primary MX A records = 986
 with A records == primary MX A records, or no MX records = 1116

Maildir questions

[Postfix Support Mail]

okay i'm trying to configure postfix to use maildir instead of mbox.  this
is in preparation to migrate to a new server.
 
i've got it configured so it will deliver the mail into the correct mail
directories for the users.  i used mb2md version 2, which with a little
trial and error worked fine. 
 
the maildirs are set up, and with the lines in postfix set, and procmailrc,
it's delivering the mail.
 
my problem is, when i log in, i can't see the mail.  the new mail files are
being created in /home/username/Maildir/new but...  mail clients can't see
it.
 
what gives?  what did i do wrong?  what do i need to change to make this
work?
 
thanks in advance
--Mac

Re: Maildir questions

[J.P. Trosclair]

my problem is, when i log in, i can't see the mail.  the new mail files are
being created in /home/username/Maildir/new but...  mail clients can't see
it.


This is a configuration issue with your pop3/imap service. You'll need 
to configure it to support maildir and probably tell it where to look 
for the mail directory.


If you think you have an issue with the maildir themselves, you can try 
opening them with mutt (mutt -f /path/to/maildir/folder). My guess is 
it's a configuration issue as stated above though. Hope this helps.

Re: different transport_maps when submitting mail from amavis

[mouss]

Rolandas Juodzbalis a écrit :
> Hello list,
> 
> I have postfix on one server and amavis on another. On postfix I'm using
> transport_maps to deliver depending on spam flag in database. If spam
> flag is on, then query returns following output:
> smtp:ip_of_amavis:10024. If spam flag is off, then it returns word
> virtual. Problem begins when amavis tries to submit mail back to postfix
> on port 10025 - transport_maps is used again and starts looping. Is
> there any way to avoid using transport_maps when feeding mail from
> amavis back to postfix via port 10025? Or maybe another alternative of
> communicating between amavis and postfix?
> 

as Magnus said, transport_maps is global.

what real problem are you trying to solve?

amavisd-new has policy banks and other features that may help you. check
the docs or ask on amavsid-new list.

otherwise, postfix has the FILTER statement (which can be returned in
smtpd access checks). but keep in mind that if mail is sent to multiple
recipients, only one filter is used (so the last FILTER statement will
win). so use FILTER if it is per client, per helo or per sender, but not
if it is per recipient.

Re: Disabling a domain

[Eduardo Júnior]

Hi,

On Thu, May 28, 2009 at 5:28 PM, Brian Evans - Postfix List <
grkni...@scent-team.com> wrote:

> Eduardo Júnior wrote:
> >
> > Hi,
> >
> > I have a Postfix Server 2.4.0 with virtual domains and interface
> > postfixadmin.
> > I want disabling a domain through postfixadmin. There's the option
> ACTIVE.
> >
> > What this option do?
> > Disable a domain, right? But internally, it just modify field active
> > in the table domain in your database?
> > And what directive in the postfix check out if a domain is or not enable?
> For the record, this is the Postfix list, not the postfixadmin list.


I din't well manifest.
Postfixadmin is an example
Actually, my postfixadmin isn't working and i want disable a domain  through
command line.



>
> Postfix will check domains listed in virtual_(alias|mailbox)_domains.
> If this is a mysql map, then it is up to the query listed in the map as
> to what Postfix will use.
>
> Brian
>


[]'s

-- 
Eduardo Júnior
GNU/Linux user #423272

:wq

Re: Disabling a domain

[Eduardo Júnior]

Hi,


On Thu, May 28, 2009 at 11:15 PM, Sahil Tandon  wrote:

> On Thu, 28 May 2009, Eduardo Júnior wrote:
>
> > I have a Postfix Server 2.4.0 with virtual domains and interface
> > postfixadmin.
> > I want disabling a domain through postfixadmin. There's the option
> ACTIVE.
>
> What is your definition of 'disable' in this context?


In my context, disable a domain would be leave it suspended.
Become it inatve.

I  didn't find out more information about this field in the table domain of
the postfix to complete understanding, so i'm a little confused.

But for me, become a domain inatice, means which it don't will receibe mails
after I unset active active.
Or i'm wrong?



>
> --
> Sahil Tandon 
>


[]'s

-- 
Eduardo Júnior
GNU/Linux user #423272

:wq

RE: Maildir questions

[Postfix Support Mail]

## >> ## >> > my problem is, when i log in, i can't see the mail.  
## >> the new mail 
## >> > files are being created in /home/username/Maildir/new 
## >> but...  mail 
## >> > clients can't see it.
## >> 
## >> This is a configuration issue with your pop3/imap 
## >> service. You'll need to configure it to support maildir 
## >> and probably tell it where to look for the mail directory.
## >> 
## >> If you think you have an issue with the maildir 
## >> themselves, you can try opening them with mutt (mutt -f 
## >> /path/to/maildir/folder). My guess is it's a 
## >> configuration issue as stated above though. Hope this helps.

you have hit the nail on the head.  i have switched from
/home/username/Maildir to /home/username/Mail, and the messages are going
where they are supposed to go.  mutt -f /home/username/Mail (or Maildir from
before) will show the new messages.

however, running Pine, or logging into squirrelmail, no messages.  where is
the configuration to change for Maildir for pop3 to see the new directories?
i'm not seeing it.  the setup i'm running is using Courier.  should i be
doing something with that?  i'm a little lost.  i built this mail config a
LONG time ago and now i can't remember what i did.

--Mac

RE: Maildir questions

[Postfix Support Mail]

## >> ## >> > my problem is, when i log in, i can't see the mail.  
## >> the new mail
## >> > files are being created in /home/username/Maildir/new ## >> but...
mail ## >> > clients can't see it.
## >>
## >> This is a configuration issue with your pop3/imap ## >> service.
You'll need to configure it to support maildir ## >> and probably tell it
where to look for the mail directory.
## >>
## >> If you think you have an issue with the maildir ## >> themselves, you
can try opening them with mutt (mutt -f ## >> /path/to/maildir/folder). My
guess is it's a ## >> configuration issue as stated above though. Hope this
helps.

you have hit the nail on the head.  i have switched from
/home/username/Maildir to /home/username/Mail, and the messages are going
where they are supposed to go.  mutt -f /home/username/Mail (or Maildir from
before) will show the new messages.

however, running Pine, or logging into squirrelmail, no messages.  where is
the configuration to change for Maildir for pop3 to see the new directories?
i'm not seeing it.  the setup i'm running is using Courier.  should i be
doing something with that?  i'm a little lost.  i built this mail config a
LONG time ago and now i can't remember what i did.

--

i think i've found the problem.  this server is running UW-IMAP, which if i
am not mistaken, does not support maildir?  i thought this server was
running Courier, but apparently it is not.  the replacement servers being
configured are using Courier.  so.  unless i change to Courier on this
server, i'm pretty much out of luck.  do i have this corredt?

--Mac

Re: domain-in-a-box statistics (was myhostname etc.)

[Darren Pilgrim]

Wietse Venema wrote:

The "domain in a host" approach appears to be more common with web
services: 3346 of 3755 domains used the same IP addresses for the
domain itself as for web services (http://www.domain). I had
expected a larger number here.



Number of domains = 3755
 with A records = 3147 (following CNAME)
 with www.domain A records = 3346 (following CNAME)
 with A records == www.domain A records = 2589


Umm... those two sections don't seem to match.  How do you conclude 3346 
have domain A == www.domain A, then state there are only 3147 with 
domain A and 2589 with domain A == www.domain A?

Re: domain-in-a-box statistics (was myhostname etc.)

[Wietse Venema]

Darren Pilgrim:
> Wietse Venema wrote:
> > The "domain in a host" approach appears to be more common with web
> > services: 3346 of 3755 domains used the same IP addresses for the
> > domain itself as for web services (http://www.domain). I had
> > expected a larger number here.
> 
> > Number of domains = 3755
> >  with A records = 3147 (following CNAME)
> >  with www.domain A records = 3346 (following CNAME)
> >  with A records == www.domain A records = 2589
> 
> Umm... those two sections don't seem to match.  How do you conclude 3346 
> have domain A == www.domain A, then state there are only 3147 with 
> domain A and 2589 with domain A == www.domain A?

I counted them.

If example.com has A records, and www.example.com has A records,
they often, but not always, have the same A records.

Wietse

Re: domain-in-a-box statistics (was myhostname etc.)

[Wietse Venema]

Wietse Venema:
> Darren Pilgrim:
> > Wietse Venema wrote:
> > > The "domain in a host" approach appears to be more common with web
> > > services: 3346 of 3755 domains used the same IP addresses for the
> > > domain itself as for web services (http://www.domain). I had
> > > expected a larger number here.
> > 
> > > Number of domains = 3755
> > >  with A records = 3147 (following CNAME)
> > >  with www.domain A records = 3346 (following CNAME)
> > >  with A records == www.domain A records = 2589
> > 
> > Umm... those two sections don't seem to match.  How do you conclude 3346 
> > have domain A == www.domain A, then state there are only 3147 with 
> > domain A and 2589 with domain A == www.domain A?

I think I have found where the confusion is.

3346 domains have www.domain A records.

NOT: 3346 have domain A == www.domain A as you wrote above.

3147 domains have A records.

2589 domains have domain A == www.domain A.

Wietse

Re: Relay mail server for a dial-up sat connection

[Terry Carmen]

> In the case I will use postfix, how can I check out when it has
> finished sending mail to Internet (to close dialup connection)?

postqueue will show the current contents of the various queues. The maillog
file will show a record of everything that has happened to each message.

> Both qmail and postfix have modules to serve mail boxes using POP3 so
> no problems here

No idea about qmail, but postfix doesn't do POP. You need an application that
handles it. Dovecot works nicely, although there are others.

> 2b
> Here comes a big question. I want a MTA that can receive mail from
> clients using SMTP and send those "big bag of mails" using server
> smtp.domain.net instead of take care to distribute every single mail.
> Can postfix do this? and how?

Yes. You can route all your outbound mail via a specific relayhost:

See: http://www.postfix.org/postconf.5.html#relayhost

Note that there is no "bagging" (archiving, packaging, etc.) involved.
Messages are sent according to the SMTP protocol.

> However the mail provider my company is using has blocked access to
> the SMTP server only to authenticated users, and sat provider doesn't
> give SMTP services...

Get permission to relay through the server you want to use and configure SMTP
auth. The company that runs the server you're relaying through will supply the
needed credentials.

While it is possible to configure postfix to connect as a specific user, this
isn't worth the time involved since it will work only until the ISP discovers
what you're doing.


Terry



-- 
CNY Support, LLC
Web. Database. Business
http://www.cnysupport.com

Re: veritication of sender and auth

[maximatt]

yes... i reading these documents, but.. i can see that sasl its not working
:( so i cant test the new config :(

thanks again!!

2009/5/29 Brian Evans - Postfix List 

> maximatt wrote:
> >
> > hi...
> >
> > where i can check in a momento of processing sender - that's is with a
> > script or other method - the following:
> >
> >- for an authenticated user, he send a message, but i need to check
> > that the mail of the sender is authenticated user mail address.
> >
> > in others words, who's  the point that i can merge autentication with
> > sender validation... (i understand that are diferent process)
> >
> > thanks!
> If submitted via sendmail(1) command, then it is up to you and your
> script/web interface.
>
> If submitted via SMTP read the following:
> http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps
> http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch
>
> http://www.postfix.org/postconf.5.html#reject_unauthenticated_sender_login_mismatch
>
> Brian
>
>


-- 
Salu2 ;)

Re: Relay mail server for a dial-up sat connection

[Wietse Venema]

Enrico g:
> 2b
> Here comes a big question. I want a MTA that can receive mail from
> clients using SMTP and send those "big bag of mails" using server
> smtp.domain.net instead of take care to distribute every single mail.
> Can postfix do this? and how?

/etc/postfix/main.cf:
   # Don't deliver remote mail immediately.
   defer_transports = smtp, relay
   # Send remote mail via this host.
   relayhost = smtp.domain.net

You'd flush the queue with "sendmail -q" or "postqueue -f".

Wietse

virtual file

[admin2]

Hi there,

I have a question about changing the default behavior of postfix.  As 
current configuration stands I need to add a mailman maillist hosted by 
virtual hosts/domains I need to add the to list entries to the /var/lib/ 
mailman/data/aliases file and also the /etc/postfix/virtual file


Is there any way to get postfix to deliver mail to a virutal 
domain/hosted email, such as a mailman maillist, if it is found in the 
/var/lib/ mailman/data/aliases file but does not appear in the 
/etc/postfix/virtual file?


What about allowing postfix to deliver Incoming mail if an user and/or 
maillist address is a local user but does not appear in the 
/etc/postfix/virtual file?


Cheers,

Noah

Re: Disabling a domain

[Sahil Tandon]

On Fri, 29 May 2009, Eduardo Júnior wrote:

> On Thu, May 28, 2009 at 11:15 PM, Sahil Tandon  wrote:
> 
> > On Thu, 28 May 2009, Eduardo Júnior wrote:
> >
> > > I have a Postfix Server 2.4.0 with virtual domains and interface
> > > postfixadmin.
> > > I want disabling a domain through postfixadmin. There's the option
> > ACTIVE.
> >
> > What is your definition of 'disable' in this context?
> 
> In my context, disable a domain would be leave it suspended.
> Become it inatve.
> 
> I  didn't find out more information about this field in the table domain of
> the postfix to complete understanding, so i'm a little confused.
> 
> But for me, become a domain inatice, means which it don't will receibe mails
> after I unset active active.
> Or i'm wrong?

I'm sorry it is difficult for me to understand your english, but if you do
not wish to receive any more emails addressed to recipients in that domain,
then use transport maps to direct all messages for that domain to the error:
transport.

-- 
Sahil Tandon 

Re: different transport_maps when submitting mail from amavis

[Sahil Tandon]

On Fri, 29 May 2009, Rolandas Juodzbalis wrote:

> I have postfix on one server and amavis on another. On postfix I'm using  
> transport_maps to deliver depending on spam flag in database. If spam  
> flag is on, then query returns following output:  
> smtp:ip_of_amavis:10024. If spam flag is off, then it returns word  
> virtual. Problem begins when amavis tries to submit mail back to postfix  
> on port 10025 - transport_maps is used again and starts looping. Is  
> there any way to avoid using transport_maps when feeding mail from  
> amavis back to postfix via port 10025? Or maybe another alternative of  
> communicating between amavis and postfix?

Use multiple instances as already suggested, or remove this elusive 'spam
flag' before re-submitting mail to the current Postfix instance so it doesn't
trigger the loop.

-- 
Sahil Tandon 

Re: domain-in-a-box statistics (was myhostname etc.)

[Darren Pilgrim]

Wietse Venema wrote:

Wietse Venema:

Darren Pilgrim:

Wietse Venema wrote:

The "domain in a host" approach appears to be more common with web
services: 3346 of 3755 domains used the same IP addresses for the
domain itself as for web services (http://www.domain). I had
expected a larger number here.
Number of domains = 3755
 with A records = 3147 (following CNAME)
 with www.domain A records = 3346 (following CNAME)
 with A records == www.domain A records = 2589
Umm... those two sections don't seem to match.  How do you conclude 3346 
have domain A == www.domain A, then state there are only 3147 with 
domain A and 2589 with domain A == www.domain A?


I think I have found where the confusion is.

3346 domains have www.domain A records.

NOT: 3346 have domain A == www.domain A as you wrote above.


But that's what you said:

"The "domain in a host" approach appears to be more common with web 
services: 3346 of 3755 domains used the same IP addresses for the domain 
itself as for web services (http://www.domain)."

Re: Disabling a domain

[Barney Desmond]

2009/5/30 Eduardo Júnior :
> On Thu, May 28, 2009 at 11:15 PM, Sahil Tandon  wrote:
>>
>> What is your definition of 'disable' in this context?
>
> In my context, disable a domain would be leave it suspended.
> Become it inatve.
>
> I  didn't find out more information about this field in the table domain of
> the postfix to complete understanding, so i'm a little confused.
>
> But for me, become a domain inatice, means which it don't will receibe mails
> after I unset active active.
> Or i'm wrong?

This is really a feature of postfixadmin. Postfix just does what it's
told, it's up to the map files used by postfixadmin that determine how
it works.

You can figure out what you need to change by inspecting the map files
(usually /etc/postfix/mysql_something.cf), but it will take some work.
It's been a while since I've touched postfix admin, but the
edit-domain.php script seems to make the change you're referring to.
You probably want the `domain` table (the name may be different), you
can set the `active` field to False.

Re: domain-in-a-box statistics (was myhostname etc.)

[Res]

On Fri, 29 May 2009, Wietse Venema wrote:



If example.com has A records, and www.example.com has A records,
they often, but not always, have the same A records.


In the hosting world this is very common, how many of those plesk boxes 
out there with A,www-A and mail-A/MX point to same IP, tens of thousands

yielding hundreds upon hundreds of thousands of domains I'd say :)
Of course ISP's and large ASP/OSP's using internal prorietory setups 
with separate servers for WWW/MX, and most businesses above SOHO,

would of course use separate servers and IP's.

Many of us techie types use SOHO/NAT etc (because we appreciate the pure
waste of IPv4 space carried out by many others) and other private systems, 
just like hobbyists.



--
Res

-Beware of programmers who carry screwdrivers

Re: domain-in-a-box statistics (was myhostname etc.)

[Barney Desmond]

2009/5/30 Res :
>> If example.com has A records, and www.example.com has A records,
>> they often, but not always, have the same A records.
>
> In the hosting world this is very common, how many of those plesk boxes out
> there with A,www-A and mail-A/MX point to same IP, tens of thousands
> yielding hundreds upon hundreds of thousands of domains I'd say :)
> Of course ISP's and large ASP/OSP's using internal prorietory setups with
> separate servers for WWW/MX, and most businesses above SOHO,
> would of course use separate servers and IP's.

I can only speak for my own employer (hosting provider in Australia),
but my anecdotal findings have to agree with Wietse's (but the scope
may not match that of the original assertions). The only
cpanel/plesk/$controlpanel boxes in the shop are those owned by
customers, which we don't support (we have no love whatsoever for
these control panels). We have, at a guess, an order of magnitude more
customers on shared hosting compared to dedicated servers. DNS, www
and mail are separate servers, so if you assume roughly one domain for
each customer, this skews things quite strongly towards
domain-not-in-a-box.

Of course as I mentioned, the original assertion may have been about
people who manage their own services, which is very different to this.

Brasil is adopting submission protocol

[Julio Cesar Covolato]

Hi!

I'm proud to inform you that Brasil is adopting the submission protocol 
!!  Its very good to ereryone!
The "Bigs" operators here are conivent, and they will do block on 
residencial (xdsl, 3g,dial-up, etc..) conecctions on port 25.


I'm a litle provider here, and I configured my "master.cf" like this:

submission   inetn   -   n   -   -   smtpd
#  -o smtpd_enforce_tls=yes
 -o smtpd_etrn_restrictions=reject
 -o smtpd_sasl_local_domain=
 -o smtpd_sasl_auth_enable=yes
 -o smtpd_sasl_security_options=noanonymous
 -o broken_sasl_auth_clients=yes
 -o header_checks=
 -o body_checks=
 -o 
smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination

 -o content_filter=

Any sugestions, is that ok?

[]'s

--
-
   _Julio Cesar Covolato
  0v0   
 /(_)\  F: 55-11-3129-3366
  ^ ^   PSI INTERNET
-

Re: virtual file

[Victor Duchovni]

On Fri, May 29, 2009 at 04:45:34PM -0700, admin2 wrote:

> I have a question about changing the default behavior of postfix.  As 
> current configuration stands I need to add a mailman maillist hosted by 
> virtual hosts/domains I need to add the to list entries to the /var/lib/ 
> mailman/data/aliases file and also the /etc/postfix/virtual file
>
> Is there any way to get postfix to deliver mail to a virutal domain/hosted 
> email, such as a mailman maillist, if it is found in the /var/lib/ 
> mailman/data/aliases file but does not appear in the /etc/postfix/virtual 
> file?
>
> What about allowing postfix to deliver Incoming mail if an user and/or 
> maillist address is a local user but does not appear in the 
> /etc/postfix/virtual file?

The make(1) program allows you coordinate the construction of multiple
output files based on changes in one or more input files. To avoid having
to change multiple output files by hand, use make(1) to build from one
or more input files where each logical change requires you to edit just
one input file.

Postfix itself has orthogonal mechanisms that can be used in a wide
variety of use-cases. It will not be coerced into a particular set
of assumptions.

-- 
Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:


If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.