do not bounce a message if it contain certain header in the message
Hello, I would like to know if there is possible to configure postfix not to bounce a message if it contain certain header in the message? I tried adding -o header_checks option to the bounce process in master.cf, does not seems picking up my header check pcre config. Regards, - joe
Re: Postfix 2.8 stable release soon
Zitat von lst_ho...@kwsoft.de: Zitat von Wietse Venema wie...@porcupine.org: lst_ho...@kwsoft.de: If you have time, can you try: stuff = 0.7 * ((double) var_psc_pre_queue_limit); stuff = 0.9 * ((double) var_psc_pre_queue_limit); Thanks, In case that does not help, declaring the hiwat and lowat variables as double instead of int (in postscreen.c and postscreen.h) could make a difference. Perhaps the bug is triggered when the target of assignment is int. Either way it would be a compiler bug. Luckily we do not need aCC compiled Postfix on HPUX but i wonder what else this compiler would break. I have to talk to the devs if they are aware of this strange behaviour. Maybe a recommendation should be included to better use gcc on HPUX. Were you able to make it work? How? I'd rather not have other people go through this same thing again. As said this HPUX machine is not a mail server but a developer machine. Beside the HPUX aCC compiler there is also the GNU toolchain with gcc. Using gcc (version 4.2.4) yield to correct results. I will have a look if i can test tomorrow the other workarounds (declaring as double) or maybe get a update for aCC. I let you know if i can get it to work with the HP compiler. After this mess i installed the latest aCC Update (aCC 6.06 -- aCC 6.15) which include the ANSI-C compiler from HP and started from scratch with the RC3 source. Eh voila: Jan 20 09:38:05 hpux2 postfix/postfix-script[12274]: starting the Postfix mail system Jan 20 09:38:05 hpux2 postfix/master[12275]: daemon started -- version 2.8.0-RC3, configuration /etc/postfix Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: name_mask: ipv4 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: inet_addr_local: configured 2 IPv4 addresses Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: process generation: 3 (3) Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: warning: The postscreen_whitelist_networks and postscreen_blacklist_networks features will be removed soon. Use postscreen_access_list instead Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: warning: To stop this warning, specify empty values for postscreen_whitelist_networks and postscreen_blacklist_networks Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: match_string: mynetworks ~? debug_peer_list Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: match_string: mynetworks ~? fast_flush_domains Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: match_string: mynetworks ~? mynetworks Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: dict_cidr_open: add 10.1.70.1/32 permit Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: dict_open: cidr:/etc/postfix/postscreen_access Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: set_eugid: euid 1004 egid 1002 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: Compiled against Berkeley DB: 4.7.25? Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: Run-time linked against Berkeley DB: 4.7.25? Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: dict_open: btree:/var/lib/postfix/postscreen_cache Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: set_eugid: euid 0 egid 3 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: psc_smtpd_format_ehlo_reply: discard_mask Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: psc_smtpd_format_ehlo_reply: discard_mask STARTTLS Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: postscreen_command_time_limit: stress=10 normal=300 lowat=70 hiwat=90 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: cache /var/lib/postfix/postscreen_cache.db full cleanup: retained=0 dropped=0 entries Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: connection established fd 13 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: master_notify: status 0 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: CONNECT from [10.1.70.1]:54033 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: source=postscreen_access_list address=10.1.70.1 acl=permit_mynetworks Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: match_hostaddr: 10.1.70.1 ~? 10.1.53.102/32 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: match_hostaddr: 10.1.70.1 ~? 127.0.0.0/8 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: match_list_match: 10.1.70.1: no match Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: source=postscreen_access_list address=10.1.70.1 acl=cidr:/etc/postfix/postscreen_access Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: dict_cidr_lookup: /etc/postfix/postscreen_access: 10.1.70.1 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: source=cidr:/etc/postfix/postscreen_access address=10.1.70.1 acl=permit Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: WHITELISTED [10.1.70.1]:54033 Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: flags for psc_conclude: Jan 20 09:38:25 hpux2 postfix/postscreen[12279]: master_notify: status 1 Jan 20 09:38:26 hpux2 postfix/postscreen[12279]: connection closed fd 13 Jan 20 09:38:26 hpux2 postfix/smtpd[12280]: connect from
Re: do not bounce a message if it contain certain header in the message
* Joe Wong joewon...@gmail.com: Hello, I would like to know if there is possible to configure postfix not to bounce a message if it contain certain header in the message? I tried adding -o header_checks option to the bounce process in master.cf, does not seems picking up my header check pcre config. You'd have to subject the bounces to the internal filtering: internal_mail_filter_classes BUT: In that case the BOUNCE MESSAGE will be subject to filtering - meaning it's not clear if the header is in the original mail OR in the attached mail (in the bounce). So I'd say it's not possible. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: Success story: smtpd_reject_footer
/dev/rob0 wrote: http://nospam4.nodns4.us/ The Alternate media stuff is like accepting that spam has made email impossible to rely on for communication. Antispam made right can actually make email work again as it once did. Mikael
Re: Success story: smtpd_reject_footer
On 19/01/2011 15:04, /dev/rob0 wrote: Off topic, but on this subject, I am planning to implement this with a web page, and maybe a contact form. Does anyone have a preferred simple and yet spam-resistant means of doing this? Ideally I'd like something that's more blind-friendly than Captcha. I dislike graphic captchas. If they're good enough to defeat bots then they're awkward for humans. I have normal eyesight, and I find that I often have to refresh a captcha image before I can answer it. It must be considerably harder for anyone with any level of visual impairment. My preferred option is the question and answer system, otherwise known as a QA captcha or gatekeeper, whereby a simple and easily answered random question is posed to the visitor and they have to answer it correctly in order to proceed. In my experience, this has a 100% success rate in defeating spambots. The only downside of the QA system is that it requires the user to be reasonably fluent in the language in which the questions are posed. For that reason, it may not be appropriate if you expect to get contact form submissions from people whose first language is different to that in which your website is written. Mark -- http://mark.goodge.co.uk http://www.ratemysupermarket.com
Re: do not bounce a message if it contain certain header in the message
Hi if that header only presents in the original message but no the BOUNCE message itself, should be ok? But in this case I am checking that header in the BOUNCE MESSAGE mail body? - Joe On Thu, Jan 20, 2011 at 4:59 PM, Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Joe Wong joewon...@gmail.com: Hello, I would like to know if there is possible to configure postfix not to bounce a message if it contain certain header in the message? I tried adding -o header_checks option to the bounce process in master.cf, does not seems picking up my header check pcre config. You'd have to subject the bounces to the internal filtering: internal_mail_filter_classes BUT: In that case the BOUNCE MESSAGE will be subject to filtering - meaning it's not clear if the header is in the original mail OR in the attached mail (in the bounce). So I'd say it's not possible. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: do not bounce a message if it contain certain header in the message
* Joe Wong joewon...@gmail.com: Hi if that header only presents in the original message but no the BOUNCE message itself, should be ok? No, since you can only filter the bounce away. But in this case I am checking that header in the BOUNCE MESSAGE mail body? - Joe On Thu, Jan 20, 2011 at 4:59 PM, Ralf Hildebrandt ralf.hildebra...@charite.de wrote: * Joe Wong joewon...@gmail.com: Hello, I would like to know if there is possible to configure postfix not to bounce a message if it contain certain header in the message? I tried adding -o header_checks option to the bounce process in master.cf, does not seems picking up my header check pcre config. You'd have to subject the bounces to the internal filtering: internal_mail_filter_classes BUT: In that case the BOUNCE MESSAGE will be subject to filtering - meaning it's not clear if the header is in the original mail OR in the attached mail (in the bounce). So I'd say it's not possible. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: Success story: smtpd_reject_footer
Hi, Off topic, but on this subject, I am planning to implement this with a web page, and maybe a contact form. Does anyone have a preferred simple and yet spam-resistant means of doing this? Ideally I'd like something that's more blind-friendly than Captcha. I dislike graphic captchas. If they're good enough to defeat bots then they're awkward for humans. I have normal eyesight, and I find that I often have to refresh a captcha image before I can answer it. It must be considerably harder for anyone with any level of visual impairment. My preferred option is the question and answer system, otherwise known as a QA captcha or gatekeeper, whereby a simple and easily answered random question is posed to the visitor and they have to answer it correctly in order to proceed. In my experience, this has a 100% success rate in defeating spambots. The only downside of the QA system is that it requires the user to be reasonably fluent in the language in which the questions are posed. For that reason, it may not be appropriate if you expect to get contact form submissions from people whose first language is different to that in which your website is written. Why adding a contact form? If a postmaster really does his/her job and scans the logs, finds your assistance info and enters the website, don't you think the same admin is also able to write a mail to you (postmaster@...)? OT: Concerning captchas: Yes, I hate them a lot. I have many problems with my eyes. And sites working with captchas are often a stopper for me. Left eye nearly blind, right eye with 60-70% and yes, color blind, too. So captchas are really a cool idea *ironic* IMO: Adding the page is really nice and should give a remote postmaster enough information to either fix his/her setup or contact you (postmaster@). Christian --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gießen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com PGP.sig Description: Signierter Teil der Nachricht
Re: Success story: smtpd_reject_footer
Am 20.01.2011 12:29, schrieb Christian Roessner: Why adding a contact form? If a postmaster really does his/her job and scans the logs, finds your assistance info and enters the website, don't you think the same admin is also able to write a mail to you (postmaster@...)? Because if his server is rejected you will also not receive this mail signature.asc Description: OpenPGP digital signature
Re: Success story: smtpd_reject_footer
On Thu, Jan 20, 2011 at 12:33:06PM +0100, Reindl Harald wrote: Am 20.01.2011 12:29, schrieb Christian Roessner: Why adding a contact form? If a postmaster really does his/her job and scans the logs, finds your assistance info and enters the website, don't you think the same admin is also able to write a mail to you (postmaster@...)? Because if his server is rejected you will also not receive this mail Typically that's not the kind of postmaster (or end user) who is blocked by antispam measures. It's more likely the site where the postmaster isn't a dedicated position, where s/he has other issues taking up time, and mail is just a poorly-understood sideline, or worse, outsourced to an incompetent provider. I'm thinking about end users at XBL-listed sites, where the mail server itself might be okay, but some employee got a virus which spewed out over a NATed port 25. I'm thinking about hobbyist postmasters who don't (yet?) understand why you can't have a mail server sending from a dynamic IP address. And of course, the thing we have to allow for, having delegated our access policy to a third party such as Spamhaus: what if that third party is wrong? I'll bet Steve would admit to having made listing mistakes a time or two. This is all about adding a safety net under a system which is doing well for the most part. Also, a good safety net might allow us more leeway in trying more aggressive antispam measures. Re: the comment upthread about Alternative Media being a sort of admission of failure: that's a good point, but I still don't believe that a perfect antispam system is possible in the wild and wooly reality of Internet email. Re: Mark's suggestion about the QA gatekeeper: thanks, I will look into that. -- Offlist mail to this address is discarded unless /dev/rob0 or not-spam is in Subject: header
Re: COMMAND PIPELINING from [216.46.18.51]:58366 after QUIT ?
Victor Duchovni: On Wed, Jan 19, 2011 at 03:35:13PM -0500, Wietse Venema wrote: 2011-01-19T15:05:00-05:00 amnesiac postfix/smtpd[17971]: improper command pipelining after QUIT from smtp-newslist-214.md02.com[209.172.40.214] And Postfix isn't lying. These hosts send some bytes after QUIT. In this case, the programmer wrote code that sends sizeof(QUIT\r\n) instead of strlen(QUIT\r\n) bytes. More incompetence than malice perhaps? 21:05:43.751385 70.38.100.17.39547 192.0.2.1.25: P 161:168(7) 0x0034 5155 4954 0d0a 00 QUIT... The total amount of clue on the Internet is a fixed constant (Bill Cheswick, ca. 1994). The Internet has grown a lot since then. Wietse
Re: Postfix 2.8 stable release soon
lst_ho...@kwsoft.de: Zitat von lst_ho...@kwsoft.de: Zitat von Wietse Venema wie...@porcupine.org: lst_ho...@kwsoft.de: If you have time, can you try: stuff = 0.7 * ((double) var_psc_pre_queue_limit); stuff = 0.9 * ((double) var_psc_pre_queue_limit); Thanks, In case that does not help, declaring the hiwat and lowat variables as double instead of int (in postscreen.c and postscreen.h) could make a difference. Perhaps the bug is triggered when the target of assignment is int. Either way it would be a compiler bug. Luckily we do not need aCC compiled Postfix on HPUX but i wonder what else this compiler would break. I have to talk to the devs if they are aware of this strange behaviour. Maybe a recommendation should be included to better use gcc on HPUX. Were you able to make it work? How? I'd rather not have other people go through this same thing again. As said this HPUX machine is not a mail server but a developer machine. Beside the HPUX aCC compiler there is also the GNU toolchain with gcc. Using gcc (version 4.2.4) yield to correct results. I will have a look if i can test tomorrow the other workarounds (declaring as double) or maybe get a update for aCC. I let you know if i can get it to work with the HP compiler. After this mess i installed the latest aCC Update (aCC 6.06 -- aCC 6.15) which include the ANSI-C compiler from HP and started from scratch with the RC3 source. Eh voila: The logging looks OK. Thanks, I will leave in the panic() check for this compiler bug. The solution is available so there is no need to jump hoops in Postfix. Wietse PS: WATCHDOG_PIPE is now turned on by default for all systems.
Re: do not bounce a message if it contain certain header in the message
On Thu, Jan 20, 2011 at 04:50:30PM +0800, Joe Wong wrote: I would like to know if there is possible to configure postfix not to bounce a message if it contain certain header in the message? I tried adding -o header_checks option to the bounce process in master.cf, does not seems picking up my header check pcre config. Perhaps if you told us the real-world problem you're trying to solve, you could get suggestions on better ways to do it. header_checks is not a valid option for the bounce(8) daemon, so no, that will not work. -- Offlist mail to this address is discarded unless /dev/rob0 or not-spam is in Subject: header
Re: do not bounce a message if it contain certain header in the message
shortly, I don't want to bounce the message if it was tagged as spam by SpamAssassian. So, I was looking for a way not to bounce if X-SPAM-Flag: yes in found in the message. any thought? thanks, - Joe On Thu, Jan 20, 2011 at 8:33 PM, /dev/rob0 r...@gmx.co.uk wrote: On Thu, Jan 20, 2011 at 04:50:30PM +0800, Joe Wong wrote: I would like to know if there is possible to configure postfix not to bounce a message if it contain certain header in the message? I tried adding -o header_checks option to the bounce process in master.cf, does not seems picking up my header check pcre config. Perhaps if you told us the real-world problem you're trying to solve, you could get suggestions on better ways to do it. header_checks is not a valid option for the bounce(8) daemon, so no, that will not work. -- Offlist mail to this address is discarded unless /dev/rob0 or not-spam is in Subject: header
filter emails not only by domain
Hi, i need to make a configuration to send mails as below: u...@domain.com IP1 user.to...@domain.com IP2 So i added on transport_maps: domain.com smtp:[IP1] and on header_checks: /^to:.*\.town1@domain\.com/ FILTER smtp:[IP2] It's ugly, but it works... obviously EXCEPTS for mails sent to both addresses. In fact if I send to us...@domain.com and in copy to user2.to...@domain.com, the FILTER sends the mail to IP2 only. Is there a way to make postfix send one mail to us...@domain.com via IP1, and one mail to user2.to...@domain.com via IP2? I know a third level domain should be used, but I'm not the admin of the domain.com servers. Thanks! Andrea
Re: filter emails not only by domain
Am 20.01.2011 17:34, schrieb Andrea Scarso: Hi, i need to make a configuration to send mails as below: u...@domain.com IP1 user.to...@domain.com IP2 So i added on transport_maps: domain.com smtp:[IP1] and on header_checks: /^to:.*\.town1@domain\.com/ FILTER smtp:[IP2] It's ugly, but it works... obviously EXCEPTS for mails sent to both addresses. In fact if I send to us...@domain.com and in copy to user2.to...@domain.com, the FILTER sends the mail to IP2 only. Is there a way to make postfix send one mail to us...@domain.com via IP1, and one mail to user2.to...@domain.com via IP2? I know a third level domain should be used, but I'm not the admin of the domain.com servers. Thanks! Andrea Hi Andrea, If I get you right you want filtering (or no filtering) per domain. Try restriction classes. http://www.postfix.org/RESTRICTION_CLASS_README.html John
Re: filter emails not only by domain
On 1/20/2011 10:34 AM, Andrea Scarso wrote: Hi, i need to make a configuration to send mails as below: u...@domain.com IP1 user.to...@domain.com IP2 So i added on transport_maps: domain.com smtp:[IP1] and on header_checks: /^to:.*\.town1@domain\.com/ FILTER smtp:[IP2] It's ugly, but it works... obviously EXCEPTS for mails sent to both addresses. In fact if I send to us...@domain.com and in copy to user2.to...@domain.com, the FILTER sends the mail to IP2 only. Is there a way to make postfix send one mail to us...@domain.com via IP1, and one mail to user2.to...@domain.com via IP2? I know a third level domain should be used, but I'm not the admin of the domain.com servers. Thanks! Andrea Don't use FILTER for mail routing; it affects all recipients of a message. Do use transport_maps entries to direct specific recipients to the correct mail server. # transport_maps example.com smtp:[IP1] u...@example.com smtp:[IP2] -- Noel Jones
Re: filter emails not only by domain
On Thu, Jan 20, 2011 at 05:34:52PM +0100, Andrea Scarso wrote: Hi, i need to make a configuration to send mails as below: u...@domain.com IP1 user.to...@domain.com IP2 So i added on transport_maps: domain.com smtp:[IP1] and on header_checks: /^to:.*\.town1@domain\.com/ FILTER smtp:[IP2] It's ugly, but it works... It's not only ugly, but it does NOT work, since FILTER is a message-level action, in this case misapplied to a message feature that is recipient-specific. Multi-recipient mail will be mis-routed. Is there a way to make postfix send one mail to us...@domain.com via IP1, and one mail to user2.to...@domain.com via IP2? Plenty of examples in the list archives, for example: http://archives.neohapsis.com/archives/postfix/2011-01/thread.html#198 -- Viktor.
Re: filter emails not only by domain
Don't use FILTER for mail routing; it affects all recipients of a message. Do use transport_maps entries to direct specific recipients to the correct mail server. # transport_maps example.com smtp:[IP1] u...@example.com smtp:[IP2] I tried, but I have to know all addresses. Or is it possible to use wildcards? I should use: example.com smtp:[IP1] *.t...@example.com smtp:[IP2] But it seems not to work.
Re: filter emails not only by domain
On 1/20/2011 10:48 AM, Andrea Scarso wrote: Don't use FILTER for mail routing; it affects all recipients of a message. Do use transport_maps entries to direct specific recipients to the correct mail server. # transport_maps example.com smtp:[IP1] u...@example.com smtp:[IP2] I tried, but I have to know all addresses. Or is it possible to use wildcards? I should use: example.com smtp:[IP1] *.t...@example.com smtp:[IP2] But it seems not to work. You can use a regexp table for transport_maps. main.cf: transport_maps = regexp:/etc/postfix/transport.regexp # transport.regexp # order matters; put more specific entries first /\.town@example\.com$/ smtp:[IP1] /@example\.com$/ smtp:[IP2] Postfix won't automatically recognize changes to the regexp table, so run postfix reload after editing the file. -- Noel Jones
Relay config assistance
Hello, I have a VPS with postfix as my MTA. vps.sweetwise.com My MX is handled by another remote server and mail accounts for my domain are configured there. sweetwise.com. 3600 IN MX 0 smtp.secureserver.net. sweetwise.com. 3600 IN MX 10 mailstore1.secureserver.net. My VPS needs to send mail to people outside my domain and to accounts on my domain. I set the virtual_alias_domains and virtual_alias_maps entries in main.cfand populated the /etc/postfix/virtual file with this style entries: jo...@sweetwise.com johng sweetwise.com sweetwise.com postmas...@sweetwise.com jo...@sweetwise.com emails to domains other than this one are sending fine. Emails to my domain have the following entry in maillog but do not arrive at the remote mailserver. Jan 20 09:39:10 vps postfix/local[13436]: BE37CA6D1B16: to= jo...@vps.sweetwise.com, relay=local, delay=0.47, delays=0.03/0.01/0/0.43, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME What have I missed or mis configured? Here is my postconf -n output: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all mail_owner = postfix mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, vps.sweetwise.com newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES relay_domains = $mydestination sample_directory = /usr/share/doc/postfix-2.3.3/samples sender_bcc_maps = hash:/etc/postfix/bcc sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous unknown_local_recipient_reject_code = 550 virtual_alias_domains = sweetwise.com virtual_alias_maps = hash:/etc/postfix/virtual
Configuring Postfix for an external content filter box
I have a postfix configuration issue, I'm wondering if anybody has any experience with this kind of situation. I have an openXchange groupware box running a version of Postfix. We recently acquired an external email spam/virus/content filtering box that sits between the mail server and the internet. I've configured relaying and DNS properly so all incoming and outgoing mail goes through the filter box. That's all good. What I need to do now is run all internal email through the filter box. What I need is for all mail from appliance.dom.org to be delivered locally on the mail server, while all mail from anything-else.dom.org gets relayed to the appliance. Obviously, just relaying all mail from the domain gets into a mail loop. Having the users change their mail client config is also not in the cards. I'm not a postfix expert, by any means, so this is giving me a headache. Incredibly, tech support from the company that supplies the box says they never had anyone who wanted to filter internal mail with their box. The closest solution I can see is to split the postfix into incoming and outgoing servers and have the outgoing instance deliver all mail to the appliance while the incoming server handles delivery to the mailboxes. That way, all mail would go through the appliance. Is this the way to do it, or is there another solution? If possible, I'd like to avoid having to split the instance since that means I would have to reconfigure the appliance and I do not have admin access on that. Any advice appreciated. -- Paul Amaranth| Rochester MI, USA Aurora Group, Inc. | Security, Systems Software p...@auroragrp.com | Unix Windows
Re: Relay config assistance
Cameron Smith wrote: Hello, I have a VPS with postfix as my MTA. vps.sweetwise.com http://vps.sweetwise.com My MX is handled by another remote server and mail accounts for my domain are configured there. sweetwise.com http://sweetwise.com. 3600 IN MX 0 smtp.secureserver.net http://smtp.secureserver.net. sweetwise.com http://sweetwise.com. 3600 IN MX 10 mailstore1.secureserver.net http://mailstore1.secureserver.net. My VPS needs to send mail to people outside my domain and to accounts on my domain. I set the virtual_alias_domains and virtual_alias_maps entries in main.cf http://main.cf and populated the /etc/postfix/virtual file with this style entries: jo...@sweetwise.com mailto:jo...@sweetwise.com johng sweetwise.com http://sweetwise.com sweetwise.com http://sweetwise.com postmas...@sweetwise.com mailto:postmas...@sweetwise.com jo...@sweetwise.com mailto:jo...@sweetwise.com emails to domains other than this one are sending fine. Emails to my domain have the following entry in maillog but do not arrive at the remote mailserver. Jan 20 09:39:10 vps postfix/local[13436]: BE37CA6D1B16: to=jo...@vps.sweetwise.com mailto:jo...@vps.sweetwise.com, relay=local, delay=0.47, delays=0.03/0.01/0/0.43, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME What have I missed or mis configured? mydestination = $myhostname, localhost.$mydomain, localhost, vps.sweetwise.com http://vps.sweetwise.com Your server handles mail for vps.sweetwise.com. rcr
Re: Configuring Postfix for an external content filter box
On Thu, Jan 20, 2011 at 04:14:00PM -0500, Paul Amaranth wrote: I have an openXchange groupware box running a version of Postfix. We recently acquired an external email spam/virus/content filtering box that sits between the mail server and the Internet. Is it a store-and-forward MTA, or a transparent SMTP proxy that forwards commands and content in real-time to Postfix while the remote client is still waiting for (at least) the . response at the end of the message? Depending on how this appliance is designed, you may be better of inserting it as a pre-queue proxy filter after Postfix, and before the queue. What I need to do now is run all internal email through the filter box. If the device is a pre-queue filter, all mail goes through it, and then Postfix routes it to its destination. Any advice appreciated. The proposed configuration is to have Postfix receive the mail, route it via the appliance as a pre-queue proxy filter, and have the appliance hand the mail back to Postfix on a different port, where Postfix delivers the mail. You will not regret having a real MTA manage your queues. -- Viktor.
Re: Configuring Postfix for an external content filter box
wouldn't making your content filter box your mx do it? On Jan 20, 2011 4:15 PM, Paul Amaranth p...@auroragrp.com wrote: I have a postfix configuration issue, I'm wondering if anybody has any experience with this kind of situation. I have an openXchange groupware box running a version of Postfix. We recently acquired an external email spam/virus/content filtering box that sits between the mail server and the internet. I've configured relaying and DNS properly so all incoming and outgoing mail goes through the filter box. That's all good. What I need to do now is run all internal email through the filter box. What I need is for all mail from appliance.dom.org to be delivered locally on the mail server, while all mail from anything-else.dom.org gets relayed to the appliance. Obviously, just relaying all mail from the domain gets into a mail loop. Having the users change their mail client config is also not in the cards. I'm not a postfix expert, by any means, so this is giving me a headache. Incredibly, tech support from the company that supplies the box says they never had anyone who wanted to filter internal mail with their box. The closest solution I can see is to split the postfix into incoming and outgoing servers and have the outgoing instance deliver all mail to the appliance while the incoming server handles delivery to the mailboxes. That way, all mail would go through the appliance. Is this the way to do it, or is there another solution? If possible, I'd like to avoid having to split the instance since that means I would have to reconfigure the appliance and I do not have admin access on that. Any advice appreciated. -- Paul Amaranth | Rochester MI, USA Aurora Group, Inc. | Security, Systems Software p...@auroragrp.com | Unix Windows
Re: Reliably distinguishing authorized vs unauthorized users
On 01/19/11 15:03, Ron Garret wrote: I am working on a spam filter. I want both incoming and outgoing messages to go through the filter, not because the outgoing messages need to be filtered, but because I want the filter to know who my authorized users have sent messages to because that is a very reliable indicator of non-spam. amavisd-new can do this for you; the feature is called pen pals. From the homepage: pen pals soft-whitelisting feature (since 2.4.2) reduces spam score on replies to previous correspondence sent from a local user (requires logging to SQL to be enabled);
Re: Relay config assistance
On 1/20/2011 12:15 PM, Cameron Smith wrote: Hello, I have a VPS with postfix as my MTA. vps.sweetwise.com http://vps.sweetwise.com My MX is handled by another remote server and mail accounts for my domain are configured there. sweetwise.com http://sweetwise.com.3600INMX0 smtp.secureserver.net http://smtp.secureserver.net. sweetwise.com http://sweetwise.com.3600INMX10 mailstore1.secureserver.net http://mailstore1.secureserver.net. My VPS needs to send mail to people outside my domain and to accounts on my domain. I set the virtual_alias_domains and virtual_alias_maps entries in main.cf http://main.cf and populated the /etc/postfix/virtual file with this style entries: jo...@sweetwise.com mailto:jo...@sweetwise.comjohng sweetwise.com http://sweetwise.comsweetwise.com http://sweetwise.com postmas...@sweetwise.com mailto:postmas...@sweetwise.comjo...@sweetwise.com mailto:jo...@sweetwise.com emails to domains other than this one are sending fine. Emails to my domain have the following entry in maillog but do not arrive at the remote mailserver. Jan 20 09:39:10 vps postfix/local[13436]: BE37CA6D1B16: to=jo...@vps.sweetwise.com mailto:jo...@vps.sweetwise.com, relay=local, delay=0.47, delays=0.03/0.01/0/0.43, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME What have I missed or mis configured? (it's a little hard to read your logs and config with all the HTML markup). You've configured vps.sweetwise.com as a local domain. If that mail should be delivered somewhere else, then it's not a local domain. You've configured sweetwise.com in virtual_alias_domains. Virtual_alias_domains are for domains that are rewritten to another domain before delivery. If you don't want to rewrite this domain, then it doesn't belong in virtual_alias_domains. You're rewriting jo...@sweetwise.com to jo...@vps.sweetwise.com, which postfix delivers to the johng user on the local machine. You need to decide where the mail goes before you start trying to configure postfix. http://www.postfix.org/BASIC_CONFIGURATION_README.html http://www.postfix.org/ADDRESS_CLASS_README.html http://www.postfix.org/documentation.html It *sounds* as if you want to relay sweetwise.com to the main MX, which makes it a relay domain. In that case, you just do something like # main.cf myhostname = vps.sweetwise.com mydestination = localhost $myhostname virtual_alias_domains = relay_domains = sweetwise.com relay_recipient_maps = hash:/etc/postfix/relay_recipients # relay_recipients jo...@sweetwise.com OK u...@sweetwise.com OK postmas...@sweetwise.com OK ... -- Noel Jones
Re: Relay config assistance
On Thu, Jan 20, 2011 at 2:40 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 1/20/2011 12:15 PM, Cameron Smith wrote: Hello, I have a VPS with postfix as my MTA. vps.sweetwise.com http://vps.sweetwise.com My MX is handled by another remote server and mail accounts for my domain are configured there. sweetwise.com http://sweetwise.com.3600INMX0 smtp.secureserver.net http://smtp.secureserver.net. sweetwise.com http://sweetwise.com.3600INMX10 mailstore1.secureserver.net http://mailstore1.secureserver.net. My VPS needs to send mail to people outside my domain and to accounts on my domain. I set the virtual_alias_domains and virtual_alias_maps entries in main.cf http://main.cf and populated the /etc/postfix/virtual file with this style entries: jo...@sweetwise.com mailto:jo...@sweetwise.comjohng sweetwise.com http://sweetwise.comsweetwise.com http://sweetwise.com postmas...@sweetwise.com mailto:postmas...@sweetwise.comjo...@sweetwise.com mailto:jo...@sweetwise.com emails to domains other than this one are sending fine. Emails to my domain have the following entry in maillog but do not arrive at the remote mailserver. Jan 20 09:39:10 vps postfix/local[13436]: BE37CA6D1B16: to=jo...@vps.sweetwise.com mailto:jo...@vps.sweetwise.com, relay=local, delay=0.47, delays=0.03/0.01/0/0.43, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME What have I missed or mis configured? (it's a little hard to read your logs and config with all the HTML markup). You've configured vps.sweetwise.com as a local domain. If that mail should be delivered somewhere else, then it's not a local domain. You've configured sweetwise.com in virtual_alias_domains. Virtual_alias_domains are for domains that are rewritten to another domain before delivery. If you don't want to rewrite this domain, then it doesn't belong in virtual_alias_domains. You're rewriting jo...@sweetwise.com to jo...@vps.sweetwise.com, which postfix delivers to the johng user on the local machine. You need to decide where the mail goes before you start trying to configure postfix. http://www.postfix.org/BASIC_CONFIGURATION_README.html http://www.postfix.org/ADDRESS_CLASS_README.html http://www.postfix.org/documentation.html It *sounds* as if you want to relay sweetwise.com to the main MX, which makes it a relay domain. In that case, you just do something like # main.cf myhostname = vps.sweetwise.com mydestination = localhost $myhostname virtual_alias_domains = relay_domains = sweetwise.com relay_recipient_maps = hash:/etc/postfix/relay_recipients # relay_recipients jo...@sweetwise.com OK u...@sweetwise.com OK postmas...@sweetwise.com OK ... -- Noel Jones Noel that is very very helpful to me and my further understanding of postfix relay setup. Thank you :)
probleme ipv6
Hello postfix network. I encounter problems in configuring ipv6. I documented on the page but I don http://www.postfix.org/IPV6_README.html happens not connect in ipv6 on my mail server. My ISP does not support ipv6 I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 on my mail server. I possess a slice ipv6 2001:41 D0: DD6 2:3:: / 64 is my postconf- n to every detail of my config ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.2-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_protocol = 6 mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.2-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access pcre:/etc/postfix/ptr-tld.pcre check_helo_access cidr:/etc/postfix/sinokorea.cidr check_helo_access cidr:/etc/postfix/taiwancidr.cidr check_helo_access regexp:/etc/postfix/blacklist_clients check_helo_access cidr:/etc/postfix/asian-ip.cidr check_helo_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_helo_access cidr:/etc/postfix/IN_cidr.cidr check_helo_access cidr:/etc/postfix/BR_cidr.cidr check_helo_access cidr:/etc/postfix/CN_cidr.cidr check_helo_access cidr:/etc/postfix/UA_cidr.cidr check_helo_access cidr:/etc/postfix/TR_cidr.cidr check_helo_access cidr:/etc/postfix/VE_cidr.cidr check_helo_access cidr:/etc/postfix/VN_cidr.cidr reject_unauth_pipelining
Re: probleme ipv6
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is the error that you received? If your ISP does not support IPv6 you will not be able to use IPv6 connectivity unless you have a PoP tunnel or some other type of IPv4-to-IPv6 tunnel going on. On 1/20/11 6:50 PM, fakessh @ wrote: Hello postfix network. I encounter problems in configuring ipv6. I documented on the page but I don http://www.postfix.org/IPV6_README.html happens not connect in ipv6 on my mail server. My ISP does not support ipv6 I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 on my mail server. I possess a slice ipv6 2001:41 D0: DD6 2:3:: / 64 is my postconf- n to every detail of my config ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.2-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_protocol = 6 mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.2-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access pcre:/etc/postfix/ptr-tld.pcre check_helo_access cidr:/etc/postfix/sinokorea.cidr check_helo_access cidr:/etc/postfix/taiwancidr.cidr check_helo_access regexp:/etc/postfix/blacklist_clients check_helo_access cidr:/etc/postfix/asian-ip.cidr check_helo_access cidr:/etc/postfix/taiwanipblocksreject.cidr
Postfix 2.8.0 available
[An on-line version of this announcement will be available at http://www.postfix.org/announcements/postfix-2.8.0.html] Postfix stable release 2.8.0 is available. This release continues the move towards improving code and documentation, and making the system better prepared for changes in the threat environment. - The postscreen daemon (a zombie blocker in front of Postfix) is now included with the stable release. postscreen now supports TLS and can log the rejected sender, recipient and helo information. See the POSTSCREEN_README file for recommended usage scenarios. - Support for DNS whitelisting (permit_rhswl_client), and for pattern matching to filter the responses from DNS white/blacklist servers (e.g., reject_rhsbl_client zen.spamhaus.org=127.0.0.[1..10]). - Improved message tracking across SMTP-based content filters; the after-filter SMTP server can log the before-filter queue ID (the XCLIENT protocol was extended). - Read-only support for sqlite databases. See sqlite_table(5) and SQLITE_README. - Support for 'footers' that are appended to SMTP server reject responses. See smtpd_reject_footer in the postconf(5) manpage. No functionality has been removed, but it is a good idea to review the RELEASE_NOTES file for the usual minor incompatibilities or limitations. You can find Postfix version 2.8.0 at the mirrors listed at http://www.postfix.org/ The same code is also available as Postfix snapshot 2.9-20100120. Updated versions of Postfix version 2.7, 2.6, 2.5 and 2.4 will be released as time permits. Support for Postfix 2.4 will end soon. Wietse
problem with added spaces in the message body
Hi, We are using postfix to send html version newsletter, and we found that the postfix(?) adds spaces into the body. The message body is saved in database so we can preview it to make sure it is right. If the space is added between works or tags, it is fine, somehow space is added within word and make work such as officials to offi cials, and sometimes space is added in the url. I would like to know if it is possible to configure postfix to fix it, or any other ways. Thanks a lot! Vince
Re: problem with added spaces in the message body
On Thu, Jan 20, 2011 at 05:18:42PM -0800, Vince Wang wrote: We are using postfix to send html version newsletter, and we found that the postfix(?) adds spaces into the body. Only when you fail to abide by email RFCs and generate message bodies with lines longer than ~990 bytes. The correct thing to do when sending long lines is to use the quoted-printable content-transfer-encoding. Postfix folding of long lines is substantially more graceful than Sendmail's which not only folds the line but also inserts an extra ! character into at the end of the folded physical line. The Postfix algorithm is less likely to do damage to text content, but clearly HTML mark-up may not always survive the transformation. The fix is your hands. -- Viktor.
Re: probleme ipv6
Hello postfix network. I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 address postmas...@fakessh.eu check my network with http;//dnscheck.iis.se many returns are welcome Le jeudi 20 janvier 2011 à 19:20 -0500, Steven King a écrit : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is the error that you received? If your ISP does not support IPv6 you will not be able to use IPv6 connectivity unless you have a PoP tunnel or some other type of IPv4-to-IPv6 tunnel going on. On 1/20/11 6:50 PM, fakessh @ wrote: Hello postfix network. I encounter problems in configuring ipv6. I documented on the page but I don http://www.postfix.org/IPV6_README.html happens not connect in ipv6 on my mail server. My ISP does not support ipv6 I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 on my mail server. I possess a slice ipv6 2001:41 D0: DD6 2:3:: / 64 is my postconf- n to every detail of my config ~]# postconf -n alias_database = hash:/etc/aliases , hash:/etc/postfix/aliases alias_maps = hash:/etc/aliases , hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix content_filter = dkimproxy:[127.0.0.1]:10029 daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 default_privs = nobody double_bounce_sender = no header_checks = regexp:/etc/postfix/header_checks.cf home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix-2.7.2-documentation/html in_flow_delay = 10 inet_interfaces = all inet_protocols = all local_recipient_maps = unix:passwd.byname $alias_maps mail_owner = postfix mail_spool_directory = /var/spool/mail mailbox_command = /usr/libexec/dovecot/deliver mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man message_size_limit = 2048 milter_protocol = 6 mime_header_checks = regexp:/etc/postfix/mime_header_checks.cf mydestination = $myhostname , localhost.$mydomain, r13151.ovh.net mydomain = r13151.ovh.net mynetworks = 127.0.0.0/8 ,87.98.186.232 , [::1]/128 , [2001:41D0:2:3Dd6::]/64 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix parent_domain_matches_subdomains = queue_directory = /var/spool/postfix queue_run_delay = 200s readme_directory = /usr/share/doc/postfix-2.7.2-documentation/readme recipient_delimiter = + relay_domains = sample_directory = /usr/share/doc/postfix-2.5.4/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_tls_loglevel = 3 smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtp_tls_session_cache smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_restrictions = permit_mynetworks reject_unknown_reverse_client_hostname reject_unauth_pipelining reject_non_fqdn_recipient check_client_access cidr:/etc/postfix/koreacidr.cidr check_client_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_sender_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_host check_recipient_access hash:/etc/postfix/access_client check_recipient_access hash:/etc/postfix/access_host check_client_access cidr:/etc/postfix/perso_cidr.cidr check_recipient_access cidr:/etc/postfix/perso_cidr.cidr check_helo_access cidr:/etc/postfix/perso_cidr.cidr check_client_access pcre:/etc/postfix/ptr-tld.pcre check_client_access cidr:/etc/postfix/sinokorea.cidr check_client_access cidr:/etc/postfix/taiwancidr.cidr check_client_access regexp:/etc/postfix/blacklist_clients check_client_access cidr:/etc/postfix/asian-ip.cidr reject_rbl_client relays.orbs.org check_client_access cidr:/etc/postfix/taiwanipblocksreject.cidr check_client_access cidr:/etc/postfix/IN_cidr.cidr check_client_access cidr:/etc/postfix/BR_cidr.cidr check_client_access cidr:/etc/postfix/CN_cidr.cidr check_client_access cidr:/etc/postfix/UA_cidr.cidr check_client_access cidr:/etc/postfix/TR_cidr.cidr check_client_access cidr:/etc/postfix/VE_cidr.cidr check_client_access cidr:/etc/postfix/VN_cidr.cidr permit smtpd_helo_restrictions = permit_mynetworks check_helo_access cidr:/etc/postfix/koreacidr.cidr check_helo_access cidr:/etc/postfix/chinacidr.cidr check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access hash:/etc/postfix/access_host check_helo_access hash:/etc/postfix/access_client check_helo_access
Re: problem with added spaces in the message body
Vince Wang: Hi, We are using postfix to send html version newsletter, and we found that the postfix(?) adds spaces into the body. Unfortunately, the SMTP protocol does not allow lines of text longer than 998 characters (plus two for the CRLF). If you want your mail to arrive undamaged, you need to break long lines yourself, perhaps using quoted-printable MIME encoding (though that is not required if your words and URLs are short enough). Postfix breaks lines at 990 characters as an additional safety measure. I do not recommend that you keep your text lines much shorter than that. Wietse The message body is saved in database so we can preview it to make sure it is right. If the space is added between works or tags, it is fine, somehow space is added within word and make work such as officials to offi cials, and sometimes space is added in the url. I would like to know if it is possible to configure postfix to fix it, or any other ways. Thanks a lot! Vince
Re: probleme ipv6
What do you exactly mean with My ISP does not support ipv6 If the ISP for your server does not support IPv6 you can not use IPv6 for services Am 21.01.2011 02:33, schrieb fakessh @: Hello postfix network. I found the error in the ipv6 by visiting http://dnscheck.iis.se/ he tells me a difficulty connecting ipv6 address postmas...@fakessh.eu check my network with http;//dnscheck.iis.se many returns are welcome Le jeudi 20 janvier 2011 à 19:20 -0500, Steven King a écrit : What is the error that you received? If your ISP does not support IPv6 you will not be able to use IPv6 connectivity unless you have a PoP tunnel or some other type of IPv4-to-IPv6 tunnel going on. signature.asc Description: OpenPGP digital signature
Re: probleme ipv6
Hi, my ISP does not support ipv6 my service for hosting support ipv6 Your system is not reachable from IPv6. fakessh.eu. 38300 IN MX 10 mail.fakessh.eu. mail.fakessh.eu.38303 IN 2001:41d0:2:3dd6:1234:5678:9abc:def0 schleppi% ping6 mail.fakessh.eu. PING mail.fakessh.eu.(2001:41d0:2:3dd6:1234:5678:9abc:def0) 56 data bytes From vss-2-6k.fr.eu icmp_seq=1 Destination unreachable: Address unreachable From vss-2-6k.fr.eu icmp_seq=5 Destination unreachable: Address unreachable This is not a postfix problem, it looks like you misconfigured your system. Bernhard
