RE: Postfix Pipe Error
Why would I be getting this error message? I am experiencing message delays with this too. Aug 4 22:46:56 app1 postfix/pipe[54935]: fatal: watchdog timeout Aug 4 22:48:21 app1 postfix/pipe[54454]: fatal: watchdog timeout Aug 4 22:50:22 app1 postfix/pipe[55545]: fatal: watchdog timeout Aug 4 22:51:35 app1 postfix/pipe[55546]: fatal: watchdog timeout Aug 4 23:04:22 app1 postfix/pipe[62922]: fatal: watchdog timeout -- T
Re: Postfix Pipe Error
Tait Grove: Why would I be getting this error message? I am experiencing message delays with this too. Aug 4 22:46:56 app1 postfix/pipe[54935]: fatal: watchdog timeout Aug 4 22:48:21 app1 postfix/pipe[54454]: fatal: watchdog timeout Aug 4 22:50:22 app1 postfix/pipe[55545]: fatal: watchdog timeout Aug 4 22:51:35 app1 postfix/pipe[55546]: fatal: watchdog timeout Aug 4 23:04:22 app1 postfix/pipe[62922]: fatal: watchdog timeout TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html Thank you for using Postfix.
spam status with postfix ( thank you )
Hi all, When I first ran postfix, on my own machine instead of having my mail hosted by an ISP, the set up was as it came 'out of the box' - I was absolutely swamped by spam, probably one every second or two - and I almost panicked when I saw what a horrendous volume of crap I was recieving. At first I tried to handle these using header- and body- checks, looking for recognisable spam strings via regexes, and brought the volume down to something more managable. Then I sat down, RTFM'd some more, (read lots of posts on this list and Ralf's excellent postfix book), and set up my main- and master- .cf files to something more sensible using postfixes reject- this and reject- that filters (which reject most of the spam at connection time). I ensured I wasn't an open-relay, and incorporated an RBL check as well as ensuring amavis-new worked correctly. Additions to this was a minimum of regex checks to suit my particular domain usage and to ensure I'm RFC compliant. This was all a little complex to make sure I wasn't disabling one thing while enabling another, but in the end I think I have it reasonably under control. I now recieve approx. five spam messages each day, which while in a perfect world this may be five too many, is really quite acceptable when you consider from where I started. This mail is just FYI and by way of saying: postfix and friends do a great job - many thanks! -- Richard Foley Ciao - shorter than aufwiedersehen http://www.rfi.net/
lmtp port in 2.1.5 vs 2.3.8
Hi, Previously we were running postfix 2.1.5 (Debian Sarge) and now have upgraded to 2.3.8 (Etch). We have several lmtp transports in master.cf: mail1 unix - - n - - lmtp mail2 unix - - n - - lmtp mail3 unix - - n - - lmtp We used an ldap directory to route to the correct backend: umTransport: mail1:mail1.ugent.be In postfix 2.1.5 the destination port of our lmtp connections was *by default* 2003. Because we had the following entry in /etc/services: lmtp 2003/tcp When I did the upgrade to 2.3.8 I noticed that was not the case anymore. It connected to an other port (I can't remember what anymore). I tried changing lmtp_tcp_port to 2003 but that didn't help. In the end I changed the result attribute of my ldap lookup to add the port number to the transport: result_format = %s:2003 I was wondering why this was changed, or did I miss something? Thanks in advance, -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Rudy Gevaert [EMAIL PROTECTED] tel:+32 9 264 4734 Directie ICT, afd. Infrastructuur ICT Department, Infrastructure office Groep SystemenSystems group Universiteit Gent Ghent University Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
Re: Problem sending to email, getting sender verify failed
On 8/4/2008 9:10 PM, fajar wrote: Why are you using sender verification? You should NOT use SAV for all messages, only for messages destined to domains that you control or have already gotten permission to do SAV for, or you WILL evenutally get blacklisted. Please post postconf -n output... This response wasn't generated by our postfix server, but, by remote destination mail server, and I believe it is Exim mail server. Our postfix mail server is working fine. It can send to other mail server without problem. Thanks. Sorry... I thought that was from your logs... Obviously, then, THEY are trying to perform sender verification on you AFTER they have already accepted your message for delivery - which means they are engaging in backscatter. Still no postconf -n output - how do you expect anyone to help? -- Best regards, Charles
Re: Whitelist a host using check_client_access before the rbl check?
On Mon, Aug 04, 2008 at 02:40:54PM -0400, Brian Evans - Postfix List wrote: Nicolas KOWALSKI wrote: On Mon, Aug 04, 2008 at 12:29:34PM -0400, Brian Evans - Postfix List wrote: A *better* way is force them to Authenticate using SASL. See http://www.postfix.org/SASL_README.html Postfix supports either Cyrus or Dovecot SASL. P.S. This is if you fully trust and know this host Yes, I fully trust this host. Actually, it is the mx backup for my home server: $ host petole.dyndns.org petole.dyndns.org has address 87.90.240.206 petole.dyndns.org mail is handled by 10 demisel.dyndns.org. petole.dyndns.org mail is handled by 5 petole.dyndns.org. Can I use authentication for MX? I would highly recommend setting SASL up on both ends in this case. This is much more secure and reliable than whitelisting a dynamic host. See the above link for details. Just to close this thread, we implemented SMTP AUTH over TLS between my server and its secondary MX, and it works perfectly. Thanks for your suggestions, -- Nicolas
Re: spam status with postfix ( thank you )
Richard Foley wrote: This mail is just FYI and by way of saying: postfix and friends do a great job - many thanks! Hi Richard, I second your sentiments and would like to shout out a big thank you to Wietse for creating Postfix! I was at about the same point you are now for more than 2 of the last 3 years, with about 5 spam a day making it into my inbox. Over the last 6 months or so that number has steadily increased, and in the last month the curve has become much steeper, averaging 25-40 spam per day until just this past week. Over the weekend I implemented an access table and have started adding the class C network of each host successfully getting spam into my inbox. I'm down to less than 5 a day again. :) Give it a shot. It doesn't take much time at all and the results are well worth the effort. Stan
Re: sasl parameters missing
Thanks Wietse, On Tue, 5 Aug 2008 09:30:44 am Wietse Venema wrote: Postfix passes the information in the SMTP client's AUTH command. This is how I got the Dovecot extension from Timo. If someone is willing to monitor his docs for changes, it seems fairly stable. Going off the doc/auth-protocol.txt changelog Nov 12 2006 lport/rport was added. Aug 07 2005 changed valid-client-cert to ssl-valid-cert Oct 22 2004 original documentation Current implementation of the authentication server in dovecot seems to ignore parameters it doesn't understand. then they are welcome to do so. I won't. On the basis of this apparent stability and compatibility would you consider accepting a patch? Is adding these parameters to postfix's sasl authentication a useful feature request? Should I be doing this another way? Just whitelist the client with: good idea. Though by offering smtp services to users I don't think I can get away with something so simple. Strictly speaking don't need the web mail to authenticate though I like the added anti-spoofing protection it provides. I guess a password so long that it isn't realistically brute-forceable will do. -- Daniel Black -- Proudly a Gentoo Linux User. Gnu-PG/PGP signed and encrypted email preferred http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x76677097 GPG Signature D934 5397 A84A 6366 9687 9EB2 861A 4ABA 7667 7097 signature.asc Description: This is a digitally signed message part.
Re: postfix 2.5.1: smtp_sasl_tls_verified_security_options non-functional?
Victor Duchovni [EMAIL PROTECTED] writes: On Tue, Jul 29, 2008 at 08:21:09PM +0200, Matthias Andree wrote: smtp_sasl_tls_verified_security_options apparently stopped working after the upgrade. There has never been an official release where this feature is fully implemented. The code for 2.6 is ready, but it is in the review queue behind multi-instance support. Well - then the smtp(8) manpage and postfix -n could need fixing for the next 2.5.X and 2.4.Y releases to remove this confusion, as the former (as of 2.5.1, I didn't check 2.4.X) states: | Available in Postfix version 2.4 and later: | | smtp_sasl_tls_verified_security_options ($smtp_sasl_tls_security_options) | | The SASL authentication security options that the Postfix SMTP | client uses for TLS encrypted SMTP sessions with a verified server | certificate. The docs I see say: The SASL authentication security options that the Postfix SMTP client uses for TLS encrypted SMTP sessions with a verified server certificate. This feature is under construction as of Postfix version 2.3. You have left out the crucial final sentence. If the TLS patch-set for 2.6 is reviewed in time, this should be fully available in 2.6. No Victor, I haven't left that out, I simply don't have it in the smtp(8) manual page: $ cat /etc/SuSE-release openSUSE 11.0 (i586) VERSION = 11.0 $ rpm -qf $(man -w 8 smtp) postfix-2.5.1-28.1 $ postconf mail_version mail_version = 2.5.1 $ postconf mail_release_date mail_release_date = 20080216 and Novell isn't patching documentation in said RPM - I downloaded the .src.rpm and checked - the contained 2.5.1 tarball verifies with Wietse's official .sig GnuPG checksum, and smtp.c, .8 and .8.html also match what I quoted (left in). Conclusion: documentation doesn't match implementation. Reason unknown. I suggest to fix the former in the current situation. Best regards, -- Matthias Andree
RE: spam status with postfix ( thank you )
I too would like to thank Wietse for Postfix along with the authors of Maia Mailguard, amavis-new, clamav, spamhaus, et al.. Our Postfix frontend gateway processes almost 500,000 emails a day of which we only accept less than 3% as being legitimate email for over 4,000 user accounts. Enterprise environment with the majority of users are minimal Internet mail users. We do this on one HP DL360G4 dual Xeon, 4GB RAM, (1 GB used as RAM disk for amavis temporary work space) mirrored 36GB 15K SCSI320 drives running SUSE Enterprise 10. We have been using this configuration for almost two years now. Considering we have been quoted well over $30,000 per year for a commercial spam / anti-virus solution that would require a beefier piece of hardware, Postfix has proved to our management that open source software is in fact a very viable alternative to commercial software. Thanks, Darin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stan Hoeppner Sent: Tuesday, August 05, 2008 8:21 AM To: postfix-users@postfix.org Subject: Re: spam status with postfix ( thank you ) Richard Foley wrote: This mail is just FYI and by way of saying: postfix and friends do a great job - many thanks! Hi Richard, I second your sentiments and would like to shout out a big thank you to Wietse for creating Postfix! I was at about the same point you are now for more than 2 of the last 3 years, with about 5 spam a day making it into my inbox. Over the last 6 months or so that number has steadily increased, and in the last month the curve has become much steeper, averaging 25-40 spam per day until just this past week. Over the weekend I implemented an access table and have started adding the class C network of each host successfully getting spam into my inbox. I'm down to less than 5 a day again. :) Give it a shot. It doesn't take much time at all and the results are well worth the effort. Stan __ Information from ESET Smart Security, version of virus signature database 3328 (20080805) __ The message was checked by ESET Smart Security. http://www.eset.com __ Information from ESET Smart Security, version of virus signature database 3328 (20080805) __ The message was checked by ESET Smart Security. http://www.eset.com
log file help
Hi, On of my users asked me about, why she got an error sending mail with attachment in squirrelmail, i dont know - but the thing i want to ask you about, is that the reciever got 2 emails, one with no attachments and one with. cat /var/log/maillog | grep [EMAIL PROTECTED] Aug 5 14:51:09 yyy01 postfix/pipe[42017]: 49D181CC70: to=[EMAIL PROTECTED], relay=spamd, delay=1.1, delays=0.32/0.04/0/0.71, dsn=2.0.0, status=sent (delivered via spamd service) Aug 5 14:51:11 yyy01 amavis[41452]: (41452-06) ESMTP::10024 /var/amavis/tmp/amavis-20080805T134904-41452: [EMAIL PROTECTED] - [EMAIL PROTECTED] SIZE=1087360 BODY=8BITMIME Received: from yyy01.apz.dk ([127.0.0.1]) by localhost (yyy01.apz.dk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for [EMAIL PROTECTED]; Tue, 5 Aug 2008 14:51:11 +0200 (CEST) Aug 5 14:51:12 yyy01 amavis[41452]: (41452-06) Checking: OHI8Y0pDs4kn [127.0.0.1] [EMAIL PROTECTED] - [EMAIL PROTECTED] Aug 5 14:52:28 yyy01 postfix/pipe[42033]: 071071CCDB: to=[EMAIL PROTECTED], relay=spamd, delay=52, delays=0.19/0.02/0/52, dsn=2.0.0, status=sent (delivered via spamd service) Aug 5 14:52:31 yyy01 amavis[41452]: (41452-06) FWD via SMTP: [EMAIL PROTECTED] - [EMAIL PROTECTED],BODY=8BITMIME 250 2.0.0 Ok, id=41452-06, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0B6DA1CD00 Aug 5 14:52:35 yyy01 amavis[41452]: (41452-06) Passed CLEAN, [127.0.0.1] [83.92.80.128] [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], yyy_id: OHI8Y0pDs4kn, Hits: -, size: 1087360, queued_as: 0B6DA1CD00, 85268 ms Aug 5 14:52:37 yyy01 postfix/smtp[42024]: 343691CCC6: to=[EMAIL PROTECTED], relay=127.0.0.1[127.0.0.1]:10024, delay=88, delays=0.61/0.02/1.8/86, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=41452-06, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0B6DA1CD00) Aug 5 14:52:44 yyy01 amavis[41452]: (41452-07) ESMTP::10024 /var/amavis/tmp/amavis-20080805T134904-41452: [EMAIL PROTECTED] - [EMAIL PROTECTED] SIZE=1680 BODY=8BITMIME Received: from yyy01.apz.dk ([127.0.0.1]) by localhost (yyy01.apz.dk [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for [EMAIL PROTECTED]; Tue, 5 Aug 2008 14:52:44 +0200 (CEST) Aug 5 14:52:45 yyy01 amavis[41452]: (41452-07) Checking: px8-36kEpiPY [127.0.0.1] [EMAIL PROTECTED] - [EMAIL PROTECTED] Aug 5 14:52:53 yyy01 postfix/smtp[42046]: 0B6DA1CD00: to=[EMAIL PROTECTED], relay=yyy.6agency.dk[64.106.174.62]:25, delay=23, delays=1.2/0.37/15/6.5, dsn=2.6.0, status=sent (250 2.6.0 1087776 bytes received in 00:00:06; Message id LUG13401 accepted for delivery) Aug 5 14:53:37 yyy01 amavis[41452]: (41452-07) FWD via SMTP: [EMAIL PROTECTED] - [EMAIL PROTECTED],BODY=8BITMIME 250 2.0.0 Ok, id=41452-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as EB2CB1CC70 Aug 5 14:53:37 yyy01 amavis[41452]: (41452-07) Passed CLEAN, [127.0.0.1] [83.92.80.128] [EMAIL PROTECTED] - [EMAIL PROTECTED], Message-ID: [EMAIL PROTECTED], yyy_id: px8-36kEpiPY, Hits: -3.83, size: 1680, queued_as: EB2CB1CC70, 53300 ms Aug 5 14:53:38 yyy01 postfix/smtp[42024]: 70CEE1CCFF: to=[EMAIL PROTECTED], relay=127.0.0.1[127.0.0.1]:10024, delay=122, delays=52/9.1/6.9/53, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=41452-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as EB2CB1CC70) Aug 5 14:53:53 yyy01 postfix/smtp[42046]: EB2CB1CC70: to=[EMAIL PROTECTED], relay=yyy.6agency.dk[64.106.174.62]:25, delay=18, delays=1.9/0.72/15/0.38, dsn=2.6.0, status=sent (250 2.6.0 1907 bytes received in 00:00:00; Message id LUH58707 accepted for delivery) Can you help me analyse? Thank you very much, Ebbe, Denmark System: Freebsd, with postfix, amavis-new and spamassassin.
Re: log file help
Ebbe Hjorth: Hi, On of my users asked me about, why she got an error sending mail with attachment in squirrelmail, i dont know - but the thing i want to ask you about, is that the reciever got 2 emails, one with no attachments and one with. Postfix cannot remove attachments. Wietse
Question about Bounces
Hello Postfix-users Sorry for being so rude for being a new member and immediately sending a pleed for help. I have been surfing the internet for serveral days now, searching for information on the problem I am having. I use postfix on several linux servers and I am very pleased with how well everything functions. On one machine however (It is a so called virtual private server with a limit to the number of sockets and processes) I have a lot of the following logfile entries. Aug 5 18:37:36 vps683 postfix/bounce[15429]: warning: unexpected attribute W from bounce socket (expecting: nrequest) Aug 5 18:37:36 vps683 postfix/bounce[15429]: warning: malformed request It looks something goes wrong with bounces wich are generated for mails send to users which do not exist on the server. But what do these entries exactly mean and what can I do to correct them? Thanks for any help. Kind regards Richard Wolterink
Re: Question about Bounces
Richard Wolterink: Aug 5 18:37:36 vps683 postfix/bounce[15429]: warning: unexpected attribute W from bounce socket (expecting: nrequest) Aug 5 18:37:36 vps683 postfix/bounce[15429]: warning: malformed request In master.cf you have turned on the wakeup timer for the bounce service. See: man 5 master. Only these entries have a wakeup timer by default: pickupfifo n - n 60 1 pickup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgrunix - - n 1000? 1 tlsmgr flush unix n - n 1000? 0 flush Wietse
Re: Question about Bounces
Wietse Venema wrote: Richard Wolterink: Aug 5 18:37:36 vps683 postfix/bounce[15429]: warning: unexpected attribute W from bounce socket (expecting: nrequest) Aug 5 18:37:36 vps683 postfix/bounce[15429]: warning: malformed request In master.cf you have turned on the wakeup timer for the bounce service. See: man 5 master. Only these entries have a wakeup timer by default: pickupfifo n - n 60 1 pickup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgrunix - - n 1000? 1 tlsmgr flush unix n - n 1000? 0 flush Wietse It looks something goes wrong with bounces wich are generated for mails send to users which do not exist on the server. But what do these entries exactly mean and what can I do to correct them? You should configure your system so it doesn't accept then bounce unknown recipients; they should be rejected during SMTP and not generate a bounce. Accepting and bouncing adds extra load to your server, clogs your queue with undeliverable bounces, and annoys innocent forged senders with your backscatter. Here's a place to start with fixing the problem: http://www.postfix.org/LOCAL_RECIPIENT_README.html -- Noel Jones
poor perfomance for multiple-recipient emails
Hello, I'm experiencing very poor performance on receipt of email with large numbers of multiple recipients. One particular listserv for example sends emails to 1600+ users in chunks of 50-60 per message. Users are either local (maildir) or forwarded. We do have three ldap maps in each receipt so that's a possible source of slowness, however, a previous setup that used sendmail with the same ldap server didn't experience this at all. By 'very poor' I mean it takes almost two hours for the message to be delivered to all 1600 users. Each message of 50 users sits in the incoming queue for quite a while and then in the active queue for quite a while as well. Any tips? The hardware is sufficient to run almost any number of smtp or local processes if that is what's required. thanks, Aaron Bennett # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, proxy:ldap:/etc/postfix/ldap-localonly.cf broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 1 default_destination_concurrency_limit = 50 default_process_limit = 500 home_mailbox = html_directory = no in_flow_delay = 0 inet_interfaces = all local_recipient_maps = $alias_maps $virtual_alias_maps mail_owner = postfix mail_spool_directory = /export/maildirs/ mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, depot.bwh.harvard.edu, maildrop.bwh.harvard.edu, bwh.harvard.edu, spl.harvard.edu mynetworks = 127.0.0.1, 134.174.8.0/24, 134.174.9.0/24, 134.174.54.0/24, 170.223.221.0/24, 155.52.0.0/16 mynetworks_style = host newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_client_connection_count_limit = 500 smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_tls_CAfile = /etc/pki/smtp.bwh.harvard.edu.pem smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/pki/smtp.bwh.harvard.edu.pem smtpd_tls_key_file = /etc/pki/smtp.bwh.harvard.edu.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes unknown_local_recipient_reject_code = 550 virtual_alias_maps = proxy:ldap:/etc/postfix/ldap-forwardonly.cf, proxy:ldap:/etc/postfix/ldap-forwardkeep.cf
Postfix log warning
First off I don't think this is a postfix problem. I'm hoping someone here has seen something similar and can help me out. Google so far has turned up nothing for me. :( I get this same warning from gmail, yahoo live. The email goes straight the the junk email folder on all of these systems. :( Makes me very unhappy. Log snippet: (74.86.26.64 spellwellinc.com is my server) Aug 4 16:55:03 swi postfix/smtpd[23275]: warning: 74.86.26.64: address not listed for hostname spellwellinc.com Aug 4 16:55:03 swi postfix/smtpd[23275]: connect from unknown[74.86.26.64] Aug 4 16:55:03 swi postfix/smtpd[23275]: 03377BDCC2: client=unknown[ 74.86.26.64] Aug 4 16:55:03 swi postfix/cleanup[23278]: 03377BDCC2: message-id= [EMAIL PROTECTED] (Spell Well Inc. Password Reset) Aug 4 16:55:03 swi postfix/qmgr[66310]: 03377BDCC2: from= [EMAIL PROTECTED], size=1193, nrcpt=1 (queue active) Aug 4 16:55:03 swi postfix/smtpd[23275]: disconnect from unknown[ 74.86.26.64] Aug 4 16:55:04 swi postfix/smtp[23279]: 03377BDCC2: to=[EMAIL PROTECTED], relay=gmail-smtp-in.l.google.com[64.233.185.27]:25, delay=1.4, delays=0.11/0.01/0.09/1.2, dsn=2.0.0, status=sent (250 2.0.0 OK 1217868904 l43si10712889wrl.17) Aug 4 16:55:04 swi postfix/qmgr[66310]: 03377BDCC2: removed I assume the warning: 27.86.26.64: address not listed message if from the far end. I check DNS and see PTR is there. Then check dig -x kenhat: dig -x 74.86.26.64 ; DiG 9.4.1-P1 -x 74.86.26.64 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 12869 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;64.26.86.74.in-addr.arpa.INPTR ;; ANSWER SECTION: 64.26.86.74.in-addr.arpa. 86400INPTRspellwellinc.com. ;; Query time: 79 msec ;; SERVER: 208.67.222.222#53(208.67.222.222) ;; WHEN: Tue Aug 5 12:36:02 2008 ;; MSG SIZE rcvd: 72 So dig finds the correct lookup. I'm stumped on where to go now. I must have something screwed up in DNS but can't find it. I can post my zone file if that helps. Anyone out there that can toss me a bone? I'm only using postfix for outgoing mail. No incoming. Just in case someone thinks my postconf might help. root: postconf -n broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 html_directory = no mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man mydestination = $myhostname, localhost.$mydomain, localhost mynetworks_style = host newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks smtpd_tls_CAfile = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_cert_file = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_key_file = /usr/local/etc/postfix/ssl/smtpd.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550
Re: Postfix log warning
Ken Hathaway wrote: First off I don't think this is a postfix problem. I'm hoping someone here has seen something similar and can help me out. Google so far has turned up nothing for me. :( I get this same warning from gmail, yahoo live. The email goes straight the the junk email folder on all of these systems. :( Makes me very unhappy. Log snippet: (74.86.26.64 http://74.86.26.64 spellwellinc.com http://spellwellinc.com is my server) Aug 4 16:55:03 swi postfix/smtpd[23275]: warning: 74.86.26.64 http://74.86.26.64: address not listed for hostname spellwellinc.com http://spellwellinc.com Aug 4 16:55:03 swi postfix/smtpd[23275]: connect from unknown[74.86.26.64 http://74.86.26.64] Aug 4 16:55:03 swi postfix/smtpd[23275]: 03377BDCC2: client=unknown[74.86.26.64 http://74.86.26.64] Aug 4 16:55:03 swi postfix/cleanup[23278]: 03377BDCC2: message-id=[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] (Spell Well Inc. Password Reset) Aug 4 16:55:03 swi postfix/qmgr[66310]: 03377BDCC2: from=[EMAIL PROTECTED] mailto:[EMAIL PROTECTED], size=1193, nrcpt=1 (queue active) Aug 4 16:55:03 swi postfix/smtpd[23275]: disconnect from unknown[74.86.26.64 http://74.86.26.64] Aug 4 16:55:04 swi postfix/smtp[23279]: 03377BDCC2: to=[EMAIL PROTECTED] mailto:[EMAIL PROTECTED], relay=gmail-smtp-in.l.google.com http://gmail-smtp-in.l.google.com[64.233.185.27 http://64.233.185.27]:25, delay=1.4, delays=0.11/0.01/0.09/1.2, dsn=2.0.0, status=sent (250 2.0.0 OK 1217868904 l43si10712889wrl.17) Aug 4 16:55:04 swi postfix/qmgr[66310]: 03377BDCC2: removed I assume the warning: 27.86.26.64 http://27.86.26.64: address not listed message if from the far end. I check DNS and see PTR is there. Then check dig -x Postfix smtpd uses gethostbyaddr() and gethostbyname() system libraries. Here's a great post by Wietse from the archives to see what Postfix sees: http://archives.neohapsis.com/archives/postfix/2001-02/1165.html This should help you debug a bit more. If that turns up nothing interesting, someone more knowledgeable than me can help further. I must have something screwed up in DNS but can't find it. I can post my zone file if that helps. Anyone out there that can toss me a bone? I'm only using postfix for outgoing mail. No incoming. Just in case someone thinks my postconf might help. root: postconf -n [...] mydestination = $myhostname, localhost.$mydomain, localhost myhostname is default. Hard to tell what it is from this output. 'postconf -d myhostname' may help you know what postfix is using. smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks This line is useless as everything permits (implied permit at the end). Brian
Bounce problem continued
Hello postfix-users, The problem with the bounce warning is fixed due to the alteration sugested in the master.cf Now I have another one. The mailq clogs up with bounces. I have altered main.cf and added the line local_recipient_maps = but with no result. What could be wrong. I installed and configured postfix by using the following tutorial: http://www.howtoforge.com/virtual_users_and_domains_with_postfix_debian_etch I left out the parts concerning spamfilters This is my main.cf # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate delayed mail warnings #delay_warning_time = 4h readme_directory = /usr/share/doc/postfix # TLS parameters smtpd_tls_cert_file = /etc/postfix/smtpd.cert smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_use_tls = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. myhostname = vps683.wolvecreations.eu alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = vps683.wolvecreations.eu, localhost, localhost.localdomain relayhost = mynetworks = 127.0.0.0/8 mailbox_command = procmail -a $EXTENSION mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all smtpd_reject_unlisted_recipient = yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = vps683.wolvecreations.eu smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_security_options = noanonymous html_directory = /usr/share/doc/postfix/html local_recipient_maps = virtual_alias_domains = virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_mailbox_base = /home/vmail virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 broken_sasl_auth_clients = yes transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf virtual_create_maildirsize = yes virtual_mailbox_extended = yes virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf virtual_mailbox_limit_override = yes virtual_maildir_limit_message = The user you are trying to reach is over quota. virtual_overquota_bounce = yes proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps default_process_limit = 20 My master.cf looks like this # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: man 5 master). # # Do not forget to execute postfix reload after editing this file. # # == # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # == smtp inet n - - - - smtpd #submission inet n - - - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - - - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - - - - qmqpd pickupfifo n - - 60 1 pickup cleanup unix n - - - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - - 300 1 oqmgr tlsmgrunix - - - 10? 1 tlsmgr rewrite unix - - - - - trivial-rewrite #bounceunix - - - 10 0 bounce #defer unix - - - - 0 bounce #trace unix - - - - 0 bounce verifyunix - - - -
Re: Bounce problem continued
Richard Wolterink wrote: Hello postfix-users, The problem with the bounce warning is fixed due to the alteration sugested in the master.cf Now I have another one. The mailq clogs up with bounces. I have altered main.cf and added the line local_recipient_maps = but with no result. What could be wrong. I installed and configured postfix by using the following tutorial: http://www.howtoforge.com/virtual_users_and_domains_with_postfix_debian_etch If you're using virtual users, then the LOCAL_RECIPIENT_README doesn't apply. for why, see: http://www.postfix.org/ADDRESS_CLASS_README.html Make sure you don't have any wildcard rewrites in your virtual_alias_maps or *canonical_maps, and that your SQL lookups don't return succeed for unknown/undeliverable recipients. If you need more help, please see: http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones
Re: Bounce problem continued
Richard Wolterink: tlsmgrunix - - - 10? 1 tlsmgr flush unix n - - 10? 0 flush Undo these changes. They are detrimental to Postfix performance. Wietse
Re: Bounce problem continued
Noel Jones schreef: Richard Wolterink wrote: Hello postfix-users, The problem with the bounce warning is fixed due to the alteration sugested in the master.cf Now I have another one. The mailq clogs up with bounces. I have altered main.cf and added the line local_recipient_maps = but with no result. What could be wrong. I installed and configured postfix by using the following tutorial: http://www.howtoforge.com/virtual_users_and_domains_with_postfix_debian_etch If you're using virtual users, then the LOCAL_RECIPIENT_README doesn't apply. for why, see: http://www.postfix.org/ADDRESS_CLASS_README.html Make sure you don't have any wildcard rewrites in your virtual_alias_maps or *canonical_maps, and that your SQL lookups don't return succeed for unknown/undeliverable recipients. If you need more help, please see: http://www.postfix.org/DEBUG_README.html#mail Noel, You are my hero. Many thanks The removal of the *canonical_maps did the trick Kind regards Richard Wolterink
Re: Bounce problem continued
Wietse Venema schreef: Richard Wolterink: tlsmgrunix - - - 10? 1 tlsmgr flush unix n - - 10? 0 flush Undo these changes. They are detrimental to Postfix performance. Wietse Do I have to comment them out or alter them? Kind regards Richard Wolterink
Re: Bounce problem continued
Richard Wolterink wrote: Wietse Venema schreef: Richard Wolterink: tlsmgrunix - - - 10? 1 tlsmgr flush unix n - - 10? 0 flush Undo these changes. They are detrimental to Postfix performance. Wietse Do I have to comment them out or alter them? Kind regards Richard Wolterink Their defaults are 1000? not 10?. Please change them back to this to be more sane. Brian
Re: Bounce problem continued
Brian Evans - Postfix List schreef: Richard Wolterink wrote: Wietse Venema schreef: Richard Wolterink: tlsmgrunix - - - 10? 1 tlsmgr flush unix n - - 10? 0 flush Undo these changes. They are detrimental to Postfix performance. Wietse Do I have to comment them out or alter them? Kind regards Richard Wolterink Their defaults are 1000? not 10?. Please change them back to this to be more sane. Brian Brian, I have altered them to the defaults. Thanks for your help. Kind regards Richard Wolterink
Re: Bounce problem continued
Richard Wolterink: Wietse Venema schreef: Richard Wolterink: tlsmgrunix - - - 10? 1 tlsmgr flush unix n - - 10? 0 flush Undo these changes. They are detrimental to Postfix performance. Wietse Do I have to comment them out or alter them? It is a good idea to make a backup copy before changing a configuration file. It is also a good idea to make notes of configuration changes that you make. Wietse
Re: poor perfomance for multiple-recipient emails
Aaron Bennett: Hello, I'm experiencing very poor performance on receipt of email with large numbers of multiple recipients. One particular listserv for example sends emails to 1600+ users in chunks of 50-60 per message. Users are either local (maildir) or forwarded. We do have three ldap maps in each receipt so that's a possible source of slowness, however, a previous setup that used sendmail with the same ldap server didn't experience this at all. By 'very poor' I mean it takes almost two hours for the message to be delivered to all 1600 users. Each message of 50 users sits in the incoming queue for quite a while and then in the active queue for quite a while as well. Any tips? The hardware is sufficient to run almost any number of smtp or local processes if that is what's required. man ldap_table ... domain (default: no domain list) This is a list of domain names, paths to files, or dictionaries. When specified, only fully qualified search keys with a *non- empty* localpart and a matching domain are eligible for lookup: 'user' lookups, bare domain lookups and @domain lookups are not performed. This can significantly reduce the query load on the LDAP server. domain = postfix.org, hash:/etc/postfix/searchdomains
E-mail alias
Hello, Please forgive the stupid question but I have done my due diligence and was unable to locate a definitive answer in the Postfix FAQ, Documentation, or How To. Basically what I want to do seems simple enough I am just not sure how to go about it. Currently I run a Mailman mailing list using Postfix as the MTA and all mail is getting sent to the subscribers. Outside of the mailing list, I want to create an e-mail alias such as [EMAIL PROTECTED] where example.com is my qualified Internet Domain name (same as the Domain name used for the Mailman mailing list), and have that forwarded to either this Hotmail account or my BellSouth e-mail box. Where would I create this e-mail address and how do I tell Postfix to send the mail to my legitimate mailbox? Secondly, would it be possible to compose a message from my legitimate e-mail account and use my Postfix as a sort of relay, where Postfix would accept my message, then make it appear as though it were coming from [EMAIL PROTECTED] and send it to its intended recipient? What I mean is, at the final intended destination of the message, I would like the e-mail to appear as though it was from [EMAIL PROTECTED] as opposed to my real e-mail address. Thanks! Dov
Re: E-mail alias
Dov Oxenberg wrote: Hello, Please forgive the stupid question but I have done my due diligence and was unable to locate a definitive answer in the Postfix FAQ, Documentation, or How To. Basically what I want to do seems simple enough I am just not sure how to go about it. Currently I run a Mailman mailing list using Postfix as the MTA and all mail is getting sent to the subscribers. Outside of the mailing list, I want to create an e-mail alias such as [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] where example.com is my qualified Internet Domain name (same as the Domain name used for the Mailman mailing list), and have that forwarded to either this Hotmail account or my BellSouth e-mail box. Where would I create this e-mail address and how do I tell Postfix to send the mail to my legitimate mailbox? A virtual_alias_maps entry should do what you want. Note that example.com does *not* need to be defined in virtual_alias_domains (but OK if it is for other purposes). # virtual_alias [EMAIL PROTECTED] [EMAIL PROTECTED] Secondly, would it be possible to compose a message from my legitimate e-mail account and use my Postfix as a sort of relay, where Postfix would accept my message, then make it appear as though it were coming from [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] and send it to its intended recipient? What I mean is, at the final intended destination of the message, I would like the e-mail to appear as though it was from [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] as opposed to my real e-mail address. Thanks! Dov It's generally better to configure your mail client to set the sender address to what you need. You can use smtp_generic_maps to rewrite some address to some other specific address. http://www.postfix.org/ADDRESS_REWRITING_README.html#generic If what you are wanting to do is send mail through your hotmail account and have it appear as if it comes from example.com, that depends on what hotmail allows. Gmail, for example, allows you to set an alternate sender address once you prove you control that alternate address - but this has nothing to do with postfix or your local server. -- Noel Jones
smart hosting issues
Hello fellow smart hosters, I've been running this way for 3 years now because I could never figure out how to wildcard everything else. Here's the top of my transport file (a very small portion of it): hardwarefreak.com smtp:[192.168.100.2] earthlink.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] .earthlink.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] sbcglobal.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] .sbcglobal.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] swbell.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] .swbell.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] sbc.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] .sbc.comsmtp:[smtp.sbc.mail.yahoo4.akadns.net] yahoo.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] .yahoo.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] aol.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] .aol.comsmtp:[smtp.sbc.mail.yahoo4.akadns.net] Is there a way to wildcard everything other than hardwarefreak.com? I'd sure like to have a two line transport file instead of 200. Any help in getting this fixed would be greatly appreciated. Thanks. Stan Hoeppner TheHardwareFreak
mail queue is filling up with bounce messages
I have a lot of messages that are being delivered to `double-bounce` accounts. What setting do I have that may cause this buildup? Sample log: -Queue ID- --Size-- Arrival Time -Sender/Recipient--- AE3FD7E833* 288 Tue Aug 5 16:57:20 [EMAIL PROTECTED] [EMAIL PROTECTED] Postconf -n: alias_database = hash:/etc/mail/aliases alias_maps = hash:/etc/mail/aliases bounce_queue_lifetime = 2d broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 disable_vrfy_command = yes enable_original_recipient = no html_directory = no inet_interfaces = 127.0.0.1, localhost, $myhostname invalid_hostname_reject_code = 550 mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man maps_rbl_reject_code = 554 maximal_backoff_time = 5135s maximal_queue_lifetime = 2d message_size_limit = 4096 minimal_backoff_time = 535s mydestination = localhost.$mydomain, $mydomain, localhost, $myhostname myhostname = post-app1.tdpserver.net mynetworks = 127.0.0.0/8, 10.0.0.0/8, 38.119.86.0/25, $myhostname newaliases_path = /usr/local/bin/newaliases non_fqdn_reject_code = 504 proxy_interfaces = 10.11.0.29 proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps queue_directory = /var/spool/postfix queue_run_delay = 535s readme_directory = no relay_domains = sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_sasl_password_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf smtp_tls_CAfile = /usr/local/share/certs/ca-root.crt smtp_tls_cert_file = /usr/local/etc/dovecot/certs/tdpserver.crt smtp_tls_key_file = /usr/local/etc/dovecot/certs/tdpserver.key smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_client_connection_rate_limit = 400 smtpd_client_event_limit_exceptions = $mynetworks, 10.0.0.0/8, 127.0.0.1, 38.119.86.0/25, localhost smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce,permit smtpd_recipient_limit = 3000 smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,reject_invalid_helo_hostname, reject_non_fqdn_sender,reject_non_fqdn_recipient, check_policy_service inet:127.0.0.1:10031,permit_tls_clientcerts, reject_unauth_destination,warn_if_reject reject_non_fqdn_helo_hostname,warn_if_reject reject_unknown_helo_hostname,warn_if_reject reject_unknown_client, reject_unverified_recipient,reject_unknown_sender_domain, check_recipient_access hash:$config_directory/recipient.list, reject_rbl_client zen.spamhaus.org,permit smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_CAfile = /usr/local/share/certs/ca-root.crt smtpd_tls_ask_ccert = no smtpd_tls_cert_file = /usr/local/etc/dovecot/certs/tdpserver.crt smtpd_tls_key_file = /usr/local/etc/dovecot/certs/tdpserver.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache soft_bounce = no transport_maps = hash:/etc/mail/transport unknown_local_recipient_reject_code = 550 unverified_sender_reject_code = 550 virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot -- Tait
Re: Postfix log warning
Thanks Brian! You got me going in the right direction. I probably should have mentioned that this running in a FreeBSD jail. I read the archive reference you gave and pulled and compiled gethostbyaddr gethostbyname. I haven't used c in long time so I was pretty impressed with myself getting these to compile. ;) So here is what I got. SWI.spellwellinc.com:~ kenhat: ./gethostbyaddr 74.86.26.64 host 74.86.26.64 not found SWI.spellwellinc.com:~ kenhat: ./gethostbyname swi.spellwellinc.com Hostname:swi.spellwellinc.com Aliases: Addresses:74.86.26.64 SWI.spellwellinc.com:~ kenhat: I copied these programs to my master server (not a jail) and get the same results. While I'm further along with my debugging I'm still not sure how to fix it. Any help appreciated... Also would this cause the assorted email ISP out there to classify my email as junk? Is postfix passing on the warning message to the far end smtp? That doesn't seem right. Anyway thanks for the help ken So if I'm reading this right the warning message is coming from postfix. On Tue, Aug 5, 2008 at 1:12 PM, Brian Evans - Postfix List [EMAIL PROTECTED] wrote: Ken Hathaway wrote: First off I don't think this is a postfix problem. I'm hoping someone here has seen something similar and can help me out. Google so far has turned up nothing for me. :( I get this same warning from gmail, yahoo live. The email goes straight the the junk email folder on all of these systems. :( Makes me very unhappy. Log snippet: (74.86.26.64 http://74.86.26.64 spellwellinc.com http://spellwellinc.com is my server) Aug 4 16:55:03 swi postfix/smtpd[23275]: warning: 74.86.26.64 http://74.86.26.64: address not listed for hostname spellwellinc.com http://spellwellinc.com Aug 4 16:55:03 swi postfix/smtpd[23275]: connect from unknown[ 74.86.26.64 http://74.86.26.64] Aug 4 16:55:03 swi postfix/smtpd[23275]: 03377BDCC2: client=unknown[ 74.86.26.64 http://74.86.26.64] Aug 4 16:55:03 swi postfix/cleanup[23278]: 03377BDCC2: message-id= [EMAIL PROTECTED] mailto: [EMAIL PROTECTED] (Spell Well Inc. Password Reset) Aug 4 16:55:03 swi postfix/qmgr[66310]: 03377BDCC2: from= [EMAIL PROTECTED] mailto:[EMAIL PROTECTED], size=1193, nrcpt=1 (queue active) Aug 4 16:55:03 swi postfix/smtpd[23275]: disconnect from unknown[ 74.86.26.64 http://74.86.26.64] Aug 4 16:55:04 swi postfix/smtp[23279]: 03377BDCC2: to= [EMAIL PROTECTED] mailto:[EMAIL PROTECTED], relay= gmail-smtp-in.l.google.com http://gmail-smtp-in.l.google.com[ 64.233.185.27 http://64.233.185.27]:25, delay=1.4, delays=0.11/0.01/0.09/1.2, dsn=2.0.0, status=sent (250 2.0.0 OK 1217868904 l43si10712889wrl.17) Aug 4 16:55:04 swi postfix/qmgr[66310]: 03377BDCC2: removed I assume the warning: 27.86.26.64 http://27.86.26.64: address not listed message if from the far end. I check DNS and see PTR is there. Then check dig -x Postfix smtpd uses gethostbyaddr() and gethostbyname() system libraries. Here's a great post by Wietse from the archives to see what Postfix sees: http://archives.neohapsis.com/archives/postfix/2001-02/1165.html This should help you debug a bit more. If that turns up nothing interesting, someone more knowledgeable than me can help further. I must have something screwed up in DNS but can't find it. I can post my zone file if that helps. Anyone out there that can toss me a bone? I'm only using postfix for outgoing mail. No incoming. Just in case someone thinks my postconf might help. root: postconf -n [...] mydestination = $myhostname, localhost.$mydomain, localhost myhostname is default. Hard to tell what it is from this output. 'postconf -d myhostname' may help you know what postfix is using. smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks This line is useless as everything permits (implied permit at the end). Brian
Re: Postfix log warning
Doh! forgot to include this kenhat: postconf -d myhostname myhostname = swi.spellwellinc.com SWI.spellwellinc.com:~ On Tue, Aug 5, 2008 at 6:01 PM, Ken Hathaway [EMAIL PROTECTED] wrote: Thanks Brian! You got me going in the right direction. I probably should have mentioned that this running in a FreeBSD jail. I read the archive reference you gave and pulled and compiled gethostbyaddr gethostbyname. I haven't used c in long time so I was pretty impressed with myself getting these to compile. ;) So here is what I got. SWI.spellwellinc.com:~ kenhat: ./gethostbyaddr 74.86.26.64 host 74.86.26.64 not found SWI.spellwellinc.com:~ kenhat: ./gethostbyname swi.spellwellinc.com Hostname:swi.spellwellinc.com Aliases: Addresses:74.86.26.64 SWI.spellwellinc.com:~ kenhat: I copied these programs to my master server (not a jail) and get the same results. While I'm further along with my debugging I'm still not sure how to fix it. Any help appreciated... Also would this cause the assorted email ISP out there to classify my email as junk? Is postfix passing on the warning message to the far end smtp? That doesn't seem right. Anyway thanks for the help ken So if I'm reading this right the warning message is coming from postfix. On Tue, Aug 5, 2008 at 1:12 PM, Brian Evans - Postfix List [EMAIL PROTECTED] wrote: Ken Hathaway wrote: First off I don't think this is a postfix problem. I'm hoping someone here has seen something similar and can help me out. Google so far has turned up nothing for me. :( I get this same warning from gmail, yahoo live. The email goes straight the the junk email folder on all of these systems. :( Makes me very unhappy. Log snippet: (74.86.26.64 http://74.86.26.64 spellwellinc.com http://spellwellinc.com is my server) Aug 4 16:55:03 swi postfix/smtpd[23275]: warning: 74.86.26.64 http://74.86.26.64: address not listed for hostname spellwellinc.com http://spellwellinc.com Aug 4 16:55:03 swi postfix/smtpd[23275]: connect from unknown[ 74.86.26.64 http://74.86.26.64] Aug 4 16:55:03 swi postfix/smtpd[23275]: 03377BDCC2: client=unknown[ 74.86.26.64 http://74.86.26.64] Aug 4 16:55:03 swi postfix/cleanup[23278]: 03377BDCC2: message-id= [EMAIL PROTECTED] mailto: [EMAIL PROTECTED] (Spell Well Inc. Password Reset) Aug 4 16:55:03 swi postfix/qmgr[66310]: 03377BDCC2: from= [EMAIL PROTECTED] mailto:[EMAIL PROTECTED], size=1193, nrcpt=1 (queue active) Aug 4 16:55:03 swi postfix/smtpd[23275]: disconnect from unknown[ 74.86.26.64 http://74.86.26.64] Aug 4 16:55:04 swi postfix/smtp[23279]: 03377BDCC2: to= [EMAIL PROTECTED] mailto:[EMAIL PROTECTED], relay= gmail-smtp-in.l.google.com http://gmail-smtp-in.l.google.com[ 64.233.185.27 http://64.233.185.27]:25, delay=1.4, delays=0.11/0.01/0.09/1.2, dsn=2.0.0, status=sent (250 2.0.0 OK 1217868904 l43si10712889wrl.17) Aug 4 16:55:04 swi postfix/qmgr[66310]: 03377BDCC2: removed I assume the warning: 27.86.26.64 http://27.86.26.64: address not listed message if from the far end. I check DNS and see PTR is there. Then check dig -x Postfix smtpd uses gethostbyaddr() and gethostbyname() system libraries. Here's a great post by Wietse from the archives to see what Postfix sees: http://archives.neohapsis.com/archives/postfix/2001-02/1165.html This should help you debug a bit more. If that turns up nothing interesting, someone more knowledgeable than me can help further. I must have something screwed up in DNS but can't find it. I can post my zone file if that helps. Anyone out there that can toss me a bone? I'm only using postfix for outgoing mail. No incoming. Just in case someone thinks my postconf might help. root: postconf -n [...] mydestination = $myhostname, localhost.$mydomain, localhost myhostname is default. Hard to tell what it is from this output. 'postconf -d myhostname' may help you know what postfix is using. smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks This line is useless as everything permits (implied permit at the end). Brian
Re: mail queue is filling up with bounce messages
Tait Grove [EMAIL PROTECTED] wrote: I have a lot of messages that are being delivered to `double-bounce` accounts. What setting do I have that may cause this buildup? Might be related to the existence and placement of your reject_unverified_recipient parameter. See: http://article.gmane.org/gmane.mail.postfix.user/181317 -- Sahil Tandon [EMAIL PROTECTED]
Re: smart hosting issues
Stan Hoeppner wrote: Hello fellow smart hosters, I've been running this way for 3 years now because I could never figure out how to wildcard everything else. Here's the top of my transport file (a very small portion of it): hardwarefreak.com smtp:[192.168.100.2] earthlink.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] .earthlink.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] sbcglobal.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] .sbcglobal.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] swbell.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] .swbell.net smtp:[smtp.sbc.mail.yahoo4.akadns.net] sbc.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] .sbc.comsmtp:[smtp.sbc.mail.yahoo4.akadns.net] yahoo.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] .yahoo.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] aol.com smtp:[smtp.sbc.mail.yahoo4.akadns.net] .aol.comsmtp:[smtp.sbc.mail.yahoo4.akadns.net] Is there a way to wildcard everything other than hardwarefreak.com? I'd sure like to have a two line transport file instead of 200. Any help in getting this fixed would be greatly appreciated. Thanks. Stan Hoeppner TheHardwareFreak # main.cf relayhost = [smtp.sbc.mail.yahoo4.akadns.net] # transport hardwarefreak.com smtp:[192.168.100.2] All mail is sent to the relayhost, except for overrides listed in the transport map. -- Noel Jones
Missing Something - header_checks Entry
I am testing a new entry in my header_checks file: /^Return-Path:.*mjhunter=aurora\.edu*/DISCARD From Address Rejected 018 in an attempt to test this header entry: Return-Path: [EMAIL PROTECTED] I have entries for From, Subject, X-Barracuda-Connect and they work. For some reason, I cannot see the 'Trees for the Forest on this new entry. Any suggestions? Steve == Steve Lowe Information Technology Services Aurora University (630) 844 4200
RE: E-mail alias
Sorry to be a bother, but another newbie question - in my main.cf, when creating the entry for virtual_alias_maps = do I have to prepend the path value with hash:? or do I just put the path to the virtual_alias file? Thanks! Dov A virtual_alias_maps entry should do what you want. Note that example.com does *not* need to be defined in virtual_alias_domains (but OK if it is for other purposes). # virtual_alias [EMAIL PROTECTED] [EMAIL PROTECTED]
RE: E-mail alias
In my post below the question mark in the hash:? was a typo From: [EMAIL PROTECTED]: [EMAIL PROTECTED]: RE: E-mail aliasDate: Tue, 5 Aug 2008 22:05:23 -0400 Sorry to be a bother, but another newbie question - in my main.cf, when creating the entry for virtual_alias_maps = do I have to prepend the path value with hash:? or do I just put the path to the virtual_alias file? Thanks!Dov A virtual_alias_maps entry should do what you want. Note that example.com does *not* need to be defined in virtual_alias_domains (but OK if it is for other purposes). # virtual_alias [EMAIL PROTECTED] [EMAIL PROTECTED]
RE: E-mail alias
Thank you Sahil, and Noel, works beautifully! Date: Tue, 5 Aug 2008 22:14:24 -0400 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: postfix-users@postfix.org Subject: Re: E-mail alias Dov Oxenberg [EMAIL PROTECTED] wrote: Sorry to be a bother, but another newbie question - in my main.cf, when creating the entry for virtual_alias_maps = do I have to prepend the path value with hash:? or do I just put the path to the virtual_alias file? It doesn't have to be hash, but it does have to be the database type that corresponds to that map. For more information and examples, see: http://www.postfix.org/postconf.5.html#virtual_alias_maps http://www.postfix.org/postmap.1.html -- Sahil Tandon [EMAIL PROTECTED]
Re: Missing Something - header_checks Entry
Sahil Tandon wrote: Steve Lowe [EMAIL PROTECTED] wrote: I am testing a new entry in my header_checks file: /^Return-Path:.*mjhunter=aurora\.edu*/DISCARD From Address Rejected 018 Sorry for the wrapping above. PCRE right? You don't need the second *, so the following should work: /^Return-Path:.*mjhunter=aurora\.edu/ But even with the extraneous *, the PCRE hits here with postmap -q. The bigger problem is that the Return-Path header isn't present in the original mail, so header_checks is the wrong tool here. Steve will need to use a check_sender_access map to reject unwanted envelope senders. -- Noel Jones