OT: Email courtesy
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vince LaMonica Sent: Tuesday, 28 October 2008 4:11 AM To: Patrick Ben Koetter Cc: postfix-users@postfix.org Subject: Re: problems authenticating [snip] TIA once again, /vjl/ Could you please remove the annoying header that tells me I should use Pine instead of Outlook if I'm worried about Outlook viruses? I have the courtesy not to tell you that Pine doesn't have the functionality I (and my corporate environment) require in each and every one of my emails, so please have the courtesy not to give unsolicited opinions by default. Especially when they're based on misleading information (what Outlook viruses? Also, many of the vulnerabilities in older versions of Outlook have been fixed).
Re: Which FileSystem do you use on your postfix server?
* Simone Felici [EMAIL PROTECTED]: Hi Postfix-Users! I know, there is enough written on the net and on the mailinglist too, but have found only old results, maybe the meanwhile something is different, also I would ask you... Which filesystem do you use on your mailserver? I'm going to migrate a mailserver with EXT3 (and qmail) to a new postfix mailserver (virtual domains on mysql, ...). I would create the system on EXT3 (RHES) and the following partitions on rieserfs: I would never use reiserfs for anything except our disposable Squid Cache. Stay with ext3, it works. -- Ralf Hildebrandt ([EMAIL PROTECTED]) [EMAIL PROTECTED] Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de I'm looking for a job Given the opacity of the product, how could a Windows admin ever know as much about Windows as a UNIX admin does about UNIX?! (Roger B. A. Klorese on Postfix Mailing List)
Re: Sender Bcc Maps
* Ranjith Kumar [EMAIL PROTECTED]: I have enabled sender_bcc_maps on my postfix mta using the documentation available on postfix site. The mails are being forwarded successfully, but I am receiving 2 copies of the mail. What could be the problem? You didn't read the installation instructions for amavisd-new carefully enough. -- Ralf Hildebrandt ([EMAIL PROTECTED]) [EMAIL PROTECTED] Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de I'm looking for a job Nichts kann ohne Einsamkeit entstehen.
SMTP transaction interrupted
Hello, I can't identify the cause of impossibility to relay emails through my Postifix mail gateway, from a Outlook express client. From mail log, I saw: postfix/smtpd[16988]: connect from unknown[xxx.yyy.www.zzz] postfix/smtpd[16988]: 7B98D75008D: client=unknown[xxx.yyy.www.zzz] postfix/cleanup[22797]: 7B98D75008D: message-id=[EMAIL PROTECTED] From client side I get a pop-up window that points out problems with server communication or even network.. What it couuld be inferred from postfix log above? How could continue to investigate to get the cause of interruption? TIA, rocsca
Re: RE : RE : Big incoming queue, slow qmgr, idle system. It worked, thanks
Hi Viktor, Normaly at this time I have lot of mail in the incoming, but with your modification nothing... the response of the server, and the mail process are perfect THANK YOU ! I have just a little question, how can I disable de qmgr logging ? In a normal case I am interrested in the log by the smtpd/smtp/delevery agents activity (mail come from, go to filter, go to dest...), but not by the cleanup/qmgr activity... what do you think ? Best regards. Francis Victor Duchovni wrote: On Tue, Oct 28, 2008 at 09:12:34PM +0100, Francis SOUYRI wrote: Is syslog configured to not log each line synchronously??? On Linux systems with syslogd make sure that the log file has -/var/log/maillog not /var/log/maillog. Otherwise syslog can't keep up and the queue manager is blocked trying to syslog... Yes... I changed the syslog config. # Log all the mail messages in one place. mail.* /opt/pmx/postfix/var/log/maillog by # Log all the mail messages in one place. mail.* -/opt/pmx/postfix/var/log/maillog See you tomorrow at this time there is less activity on the server. I hope the problem is solved, because since we activated the RDNS/HELO/IP checks and put the server on internet the system log activity increase a lot of... Just one question how can the qmgr blocked be by the syslog ? The queue manager writes a log entry every time it moves a file from incoming to active. If syslog is not servicing the log socket in a timely fashion, these writes will block. With smtpd and cleanup and spam filters wring piles of logs in parallel, the qmgr does not stand a chance... Also make sure your log socket is a datagram socket, not a stream socket, otherwise logs are recorded (badly) out of order, and syslogd does not scale to hundreds/thousands of processes (smtpd, cleanup, delivery agents) connecting via stream sockets at the same time. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:[EMAIL PROTECTED] If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: Which FileSystem do you use on your postfix server?
I know, there is enough written on the net and on the mailinglist too, but have found only old results, maybe the meanwhile something is different, also I would ask you... Which filesystem do you use on your mailserver? I'm going to migrate a mailserver with EXT3 (and qmail) to a new postfix mailserver (virtual domains on mysql, ...). I would create the system on EXT3 (RHES) and the following partitions on rieserfs: I would never use reiserfs for anything except our disposable Squid Cache. Stay with ext3, it works. Ditto. Unless your mail volume is pretty extreme it is hard to believe you'll see performance difference of filesystems; if your I/O is slow your disk / controller are a much more source of the problem.
Re: Sender Bcc Maps
Hi, I am not using amavisd-new. I am using spamassassin as the content filter. On Wed, Oct 29, 2008 at 2:35 PM, Ralf Hildebrandt [EMAIL PROTECTED] wrote: * Ranjith Kumar [EMAIL PROTECTED]: I have enabled sender_bcc_maps on my postfix mta using the documentation available on postfix site. The mails are being forwarded successfully, but I am receiving 2 copies of the mail. What could be the problem? You didn't read the installation instructions for amavisd-new carefully enough. -- Ralf Hildebrandt ([EMAIL PROTECTED]) [EMAIL PROTECTED] Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de I'm looking for a job Nichts kann ohne Einsamkeit entstehen.
RE: SMTP transaction interrupted
I can't identify the cause of impossibility to relay emails through my Postifix mail gateway, from a Outlook express client. Indeed, I get the problem while sending email with attachment with size above 5-6 MB.. From mail log, I saw: postfix/smtpd[16988]: connect from unknown[xxx.yyy.www.zzz] postfix/smtpd[16988]: 7B98D75008D: client=unknown[xxx.yyy.www.zzz] postfix/cleanup[22797]: 7B98D75008D: message-id=[EMAIL PROTECTED] From client side I get a pop-up window that points out problems with server communication or even network.. What it couuld be inferred from postfix log above? How could continue to investigate to get the cause of interruption? TIA, rocsca
Re: OT: Email courtesy
Zitat von MacShane, Tracy [EMAIL PROTECTED]: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vince LaMonica Sent: Tuesday, 28 October 2008 4:11 AM To: Patrick Ben Koetter Cc: postfix-users@postfix.org Subject: Re: problems authenticating [snip] TIA once again, /vjl/ Could you please remove the annoying header that tells me I should use Pine instead of Outlook if I'm worried about Outlook viruses? I have the courtesy not to tell you that Pine doesn't have the functionality I (and my corporate environment) require in each and every one of my emails, so please have the courtesy not to give unsolicited opinions by default. Especially when they're based on misleading information (what Outlook viruses? Also, many of the vulnerabilities in older versions of Outlook have been fixed). Please keep your personal dispute about e-mail clients private !! -- All your trash belong to us ;-) www.spamschlucker.org To: [EMAIL PROTECTED]
Re: SMTP transaction interrupted
Rocco Scappatura: I can't identify the cause of impossibility to relay emails through my Postifix mail gateway, from a Outlook express client. Indeed, I get the problem while sending email with attachment with size above 5-6 MB.. From mail log, I saw: postfix/smtpd[16988]: connect from unknown[xxx.yyy.www.zzz] postfix/smtpd[16988]: 7B98D75008D: client=unknown[xxx.yyy.www.zzz] postfix/cleanup[22797]: 7B98D75008D: message-id=[EMAIL PROTECTED] From client side I get a pop-up window that points out problems with server communication or even network.. What it couuld be inferred from postfix log above? How could continue to investigate to get the cause of interruption? Look for the records at the END of the SMTP session. $ egrep 'postfix/cleanup\[22797\]|postfix/smtpd\[16988\]' /var/log/maillog Wietse
postfix 2.5 vmail hosting - Resource temporarily unavailable + mail transport unavailable
Udv / Greetings! I have a classic virtual mail hosting setup, with postfix 2.5, dovecot, maildrop, ldap and sasl authentication. I've just setup quotas and upgraded he server from posfix 2.3. All is is working fine, but. I'm starting to receive the following messages: Oct 24 22:09:24 ** postfix/master[27379]: warning: master_wakeup_timer_event: service tlsmgr(private/tlsmgr): Resource temporarily unavailable Oct 24 22:33:54 *** postfix/qmgr[741]: warning: connect to transport maildrop: Resource temporarily unavailable Oct 24 22:33:54 *** postfix/qmgr[741]: warning: connect to transport retry: Resource temporarily unavailable Oct 24 22:33:54 *** postfix/qmgr[741]: D2CA1100BC1: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=none, delay=907, delays=907/0.17/0/0, dsn=4.3.0, status=deferred (mail transport unavailable) Oct 24 22:33:54 *** postfix/qmgr[741]: D2CA1100BC1: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=none, delay=908, delays=907/0.23/0/0, dsn=4.3.0, status=deferred (mail transport unavailable) Oct 24 22:33:54 *** postfix/qmgr[741]: D2CA1100BC1: to=[EMAIL PROTECTED], orig_to=[EMAIL PROTECTED], relay=none, delay=908, delays=907/0.25/0/0, dsn=4.3.0, status=deferred (mail transport unavailable) I've googled but no useable answer found. (tlsmgr -v startup simply shows everything ok) These messages are starting to popup when there is a mail alias, wich has multiple maildrops. So in general, mail send/receive is working when it addresses an existing account, or a simple alias. In my case: [EMAIL PROTECTED] is OK. [EMAIL PROTECTED] -redirected to- [EMAIL PROTECTED] is OK. [EMAIL PROTECTED] -redirected to MULTIPLE EXISTING accounts- is NOT OK. An example ldap entry: dn: [EMAIL PROTECTED],vd=***.hu,o=hosting,dc=***,dc=hu accountActive: TRUE lastChange: 1165829161 mail: [EMAIL PROTECTED] objectClass: top objectClass: VirtualMailAlias cn: hiba sn: hiba maildrop: [EMAIL PROTECTED] maildrop: [EMAIL PROTECTED] maildrop: [EMAIL PROTECTED] I roughly tested the problem, and I could state the following: ldap connection fine. Entrys got fine. since standard and mails with only one alias wrking fine, it must be some timing or bottleneck issue. Let me show you a normal connection (mail is sent to a mail alias, wich has been redirected to a normal address [EMAIL PROTECTED]elias.tamas@) I can see the following in the log (qmgr -v), and also the courier authdaemon's logging set to 2: Oct 24 23:19:47 *** postfix/smtpd[4455]: connect from fibhost-12-130.fibernet.bacs-net.hu[85.66.12.130] Oct 24 23:19:48 *** postfix/smtpd[4455]: 9FB78100BC1: client=fibhost-12-130.fibernet.bacs-net.hu[85.66.12.130], sasl_method=PLAIN, sasl_username= [EMAIL PROTECTED] Oct 24 23:19:48 *** postfix/cleanup[4458]: 9FB78100BC1: message-id=[EMAIL PROTECTED] Oct 24 23:19:48 *** postfix/qmgr[4149]: trigger_server_accept_fifo: trigger arrived Oct 24 23:19:48 *** postfix/qmgr[4149]: master_notify: status 0 Oct 24 23:19:48 *** postfix/qmgr[4149]: request: 87 (W) Oct 24 23:19:48 *** postfix/qmgr[4149]: qmgr_scan_start: start incoming queue scan Oct 24 23:19:48 *** postfix/qmgr[4149]: master_notify: status 1 Oct 24 23:19:48 *** postfix/qmgr[4149]: qmgr_active_feed: queue incoming Oct 24 23:19:48 *** postfix/qmgr[4149]: qmgr_active_feed: incoming/9/F/9FB78100BC1 Oct 24 23:19:48 *** postfix/qmgr[4149]: qmgr_message_alloc: active 9FB78100BC1 Oct 24 23:19:48 *** postfix/qmgr[4149]: 9FB78100BC1: recipient limit 5000 Oct 24 23:19:48 *** postfix/qmgr[4149]: 9FB78100BC1: from=[EMAIL PROTECTED], size=1535, nrcpt=1 (queue active) Oct 24 23:19:48 *** postfix/qmgr[4149]: start sorted recipient list Oct 24 23:19:48 *** postfix/qmgr[4149]: qmgr_message_sort: [EMAIL PROTECTED] Oct 24 23:19:48 *** postfix/qmgr[4149]: end sorted recipient list Oct 24 23:19:48 *** postfix/qmgr[4149]: connect to subsystem private/rewrite Oct 24 23:19:48 *** postfix/qmgr[4149]: send attr request = resolve Oct 24 23:19:48 *** postfix/qmgr[4149]: send attr sender = [EMAIL PROTECTED] Oct 24 23:19:48 *** postfix/qmgr[4149]: send attr address = [EMAIL PROTECTED] Oct 24 23:19:48 *** postfix/qmgr[4149]: private/rewrite socket: wanted attribute: flags Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute name: flags Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute value: 0 Oct 24 23:19:48 *** postfix/qmgr[4149]: private/rewrite socket: wanted attribute: transport Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute name: transport Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute value: maildrop Oct 24 23:19:48 *** postfix/qmgr[4149]: private/rewrite socket: wanted attribute: nexthop Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute name: nexthop Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute value: ***.hu Oct 24 23:19:48 *** postfix/qmgr[4149]: private/rewrite socket: wanted attribute: recipient Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute name: recipient Oct 24 23:19:48 *** postfix/qmgr[4149]: input attribute
Re: Sender Bcc Maps
* Ranjith Kumar [EMAIL PROTECTED]: Hi, I am not using amavisd-new. I am using spamassassin as the content filter. Please show master.cf then. -- Ralf Hildebrandt ([EMAIL PROTECTED]) [EMAIL PROTECTED] Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.arschkrebs.de I'm looking for a job Windows has detected that a gnat has farted near your computer. Press any key to reboot.
Re: Which FileSystem do you use on your postfix server?
* Simone Felici [EMAIL PROTECTED] wrote: I know, there is enough written on the net and on the mailinglist too, but have found only old results, maybe the meanwhile something is different, also I would ask you... Which filesystem do you use on your mailserver? I'm going to migrate a mailserver with EXT3 (and qmail) to a new postfix mailserver (virtual domains on mysql, ...). I would create the system on EXT3 (RHES) and the following partitions on rieserfs: /var/spool/postfix AND the partition that will contain all mails in MailDir format. Postfix works perfectly with it's spool on an ext3 filesystem - or rather, the list of Linux specific issues at http://www.postfix.org/LINUX_README.html does not mention ext3. Given this and the fact that a lot of people are running Postfix with it's spool on an ext3 filesystem suggests that there are no fundamental problems with this setup (well, there is one gotcha: At least on i386, ext3 can only handle 32k inodes per directory). Since some point during development of the 2.4 kernel, ext3 got the ability to use htree hashing for direcotry indexing. I don't know whether the Orlov allocator ever made it to the official kernel, but nevertheless, an ext3 filesystem initialized for storing a lot of small files (inode_ratio = 4096) and htree inidces (-O dir_index) is perfectly capable of dealing with the requirements that mail handling imposes. That said, although I personally never had any issues with ReiserFS, there are really tons of problem reports out there on the net - so I'd never use ReiserFS for any data I care for - though it might be perfectly fine for things like a proxy cache. Besides, I never saw any real performance gains (see below). At the moment the server has ~100.000 mailboxes and more or less 120.000 mails stored per day (already filtered trought spam filters from frontend servers). If directory access times really become an issue, you can always work around that: The configuration parameter virtual_mailbox_maps allows you to store incoming mail in a directory structure of several levels instead of a flat hierarchy. For example: [EMAIL PROTECTED] - $virtual_mailbox_base/incertum.invalid/cite could also become [EMAIL PROTECTED] - $virtual_mailbox_base/i/incertum.net/c/cite We cannot give you any advice on a possible way to organize your mail storage without knowing some real data on the number of domains and localparts per domain involved. Any suggestions? Any test results on both FS to compare with mine I'll create? Back in 2004, during my time at university, me and some friends performed some quick tests, which you can find at: http://tinyurl.com/6bb3q4 It's in German, but perhaps you can find an online service to translate it - though I seriously doubt it's worth the trouble: Old kernel and we didn't really put that much effort into the tests we performed. There are a number of performance related docs in the Postfix website: http://www.postfix.org/TUNING_README.html http://www.postfix.org/QSHAPE_README.html As a last remark: IMAP servers typically impose a greater I/O load on a system than the MTA itself. There are massive performance differences betweens Cyrus, Courier, uw-imapd and Dovecot, so perhaps you might want to search for a benchmark on those programs. Conclusion: Don't put valuable data on ReiserFS. Don't do premature optimization. You can always change filesystems if your tests show performance gains and you run into performance shortages. Cheers Stefan -- Stefan Förster http://www.incertum.net/ Public Key: 0xBBE2A9E9
postfix 2.5 vmail hosting - Resource temporarily unavailable + mail transport unavailable - master.cf -
Udv / Greetings!
Attachment dod not go through. I post my master.cf here:
# ==
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==
smtp inet n - - - 30 smtpd
-o smtpd_client_connection_count_limit=20
smtps inet n - - - 30 smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_connection_count_limit=20
pickupfifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr -v
tlsmgrunix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounceunix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verifyunix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - - - - smtp
-o fallback_relay=
-o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scacheunix - - - - 1 scache
retry unix - - - - - error
error unix - - n - - error
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -V 10 -w 91 -d ${recipient}
${recipient} ${user} ${nexthop} ${sender}
gnarwlunix - n n - - pipe
flags=F user=vmail argv=/usr/bin/gnarwl -a [EMAIL PROTECTED] -s ${sender}
##
# BLD - BlackList Daemon
##
bld-policy unix - n n - - spawn
user=nobody argv=/usr/sbin/bld-pf_policy
##
# ESET anti-malware
##
127.0.0.1:2525 inet n - n - - smtpd
-o content_filter=
-o myhostname=pszinfo
-o local_recipient_maps=
-o relay_recipient_maps=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtp_send_xforward_command=yes
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o disable_mime_output_conversion=yes
-o smtp_generic_maps=
-o smtpd_error_sleep_time=10s
My /etc/maildroprc:
logfile /data/logs/mail/maildrop.log
RECIPIENT=tolower($1)
USER=tolower($2)
HOST=tolower($3)
SENDER=tolower($4)
if (!$SENDER)
{
SENDER =
}
#
# Autocreate maildir, if not existant
#
`test -e /data/vmail.INBOX/$HOST`
if ( $RETURNCODE != 0 )
{
`mkdir /data/vmail.INBOX/$HOST`
}
`test -e /data/vmail.INBOX/$HOST/$USER`
if ( $RETURNCODE != 0 )
{
`/usr/bin/maildirmake /data/vmail.INBOX/$HOST/$USER`
`chmod -R 0600 /data/vmail.INBOX/$HOST`
}
--
Éliás Tamás / Thomas Elias
*NIX System administrator, Certified Cisco Network Engineer, Pascal/Bash/C++
programmer, Certified IBM UDB DB2 Database Administrator
mailto: [EMAIL PROTECTED]
Tel.: +3630/4971626 ; ICQ UIN: 206-714-459 ; SKYPE: elias.tamas
OpenPGP public key: http://pszinfo.hu/elias.tamas.asc
Quote: Non Omnis Moriar
pgptNxzK3b2WA.pgp
Description: PGP signature
Re: Sender Bcc Maps
Ranjith Kumar пишет: Hi, I have enabled sender_bcc_maps on my postfix mta using the documentation available on postfix site. The mails are being forwarded successfully, but I am receiving 2 copies of the mail. What could be the problem? Please, show main.cf and master.cf, specifically recieve_override_options and content_filter
Re: postfix 2.5 vmail hosting - Resource temporarily unavailable + mail transport unavailable
?li?s Tam?s: Oct 24 22:09:24 ** postfix/master[27379]: warning: master_wakeup_timer_event: service tlsmgr(private/tlsmgr): Resource temporarily unavailable Oct 24 22:33:54 *** postfix/qmgr[741]: warning: connect to transport maildrop: Resource temporarily unavailable Oct 24 22:33:54 *** postfix/qmgr[741]: warning: connect to transport retry: Resource temporarily unavailable You need to scale up your kernel, or reduce the number of processes (with the default_process_limit parameter in main.cf, or with the process limit fields in master.cf). Wietse
Re: VRFY problem
Pete Fuggle: So it seems that smtpd_recipient_restrictions are somehow being invoked when VRFY is used? VRFY is pretty useless by now because many sites disable it. Postfix invokes smtpd_recipient_restrictions to make the reply similar to that of RCPT TO (no point to have VRFY reply with 2xx when we already know that RCPT TO would reject the same address). However, that similarity broke long ago with the introduction of smtpd_delay_reject=yes, and with client/helo/sender restrictions in smtpd_recipient_restrictions. My understanding is that VRFY should respond with; 250, 251 or 252 only. That understanding is not supported by RFC 821, 2821, ... Wietse So apart from wanting to understand what is going on, my question is whether or not I should just disable VRFY, and what are any pitfalls of doing so? I was content to have it monotonously return 252 but if it is broken and I don't need it then I will turn it off. Cheers, Pete
RE: SMTP transaction interrupted
I can't identify the cause of impossibility to relay emails through my Postifix mail gateway, from a Outlook express client. Indeed, I get the problem while sending email with attachment with size above 5-6 MB.. From mail log, I saw: postfix/smtpd[16988]: connect from unknown[xxx.yyy.www.zzz] postfix/smtpd[16988]: 7B98D75008D: client=unknown[xxx.yyy.www.zzz] postfix/cleanup[22797]: 7B98D75008D: message-id=[EMAIL PROTECTED] From client side I get a pop-up window that points out problems with server communication or even network.. What it couuld be inferred from postfix log above? How could continue to investigate to get the cause of interruption? Look for the records at the END of the SMTP session. $ egrep 'postfix/cleanup\[22797\]|postfix/smtpd\[16988\]' /var/log/maillog Thanks Wietse: Oct 29 10:27:58 av3 postfix/smtpd[16988]: connect from unknown[xxx.yyy.www.zzz] Oct 29 10:27:58 av3 postfix/smtpd[16988]: 7B98D75008D: client=unknown[xxx.yyy.www.zzz] Oct 29 10:34:25 av3 postfix/smtpd[16988]: timeout after DATA from unknown[xxx.yyy.www.zzz] Oct 29 10:34:25 av3 postfix/smtpd[16988]: disconnect from unknown[xxx.yyy.www.zzz] What I can suspect about the cause? Firewall, Protection software on sending client or what? rocsca
Re: SMTP transaction interrupted
Rocco Scappatura: Oct 29 10:27:58 av3 postfix/smtpd[16988]: connect from unknown[xxx.yyy.www.zzz] Oct 29 10:27:58 av3 postfix/smtpd[16988]: 7B98D75008D: client=unknown[xxx.yyy.www.zzz] Oct 29 10:34:25 av3 postfix/smtpd[16988]: timeout after DATA from unknown[xxx.yyy.www.zzz] Oct 29 10:34:25 av3 postfix/smtpd[16988]: disconnect from unknown[xxx.yyy.www.zzz] What I can suspect about the cause? Firewall, Protection software on sending client or what? All of the above, including firewalls that break IP path MTU discovery or TCP window scaling. A tcpdump recording will help to distinguish between these. I don't think that packet content is needed for this. Wietse
Re: Which FileSystem do you use on your postfix server?
Stefan Förster ha scritto: Conclusion: Don't put valuable data on ReiserFS. Don't do premature optimization. You can always change filesystems if your tests show performance gains and you run into performance shortages. Cheers Stefan Thank you for the answer, I'll take a look to your tests too, no problem for German language (lebe in Südtirol, hier deutsch muss man kennen ;) ) Also now I've a good point to start migration and tests on the server with more or less 1000 domains. Mopst of them with some mails, only a few domains with more than thousend mailboxes. Nice work will be the migration of the old server (qmail and mails stored in maildir format). Byebye simon
Re: RE : RE : Big incoming queue, slow qmgr, idle system. It worked, thanks
On Wed, Oct 29, 2008 at 11:18:13AM +0100, Francis SOUYRI wrote: I have just a little question, how can I disable de qmgr logging ? In a normal case I am interrested in the log by the smtpd/smtp/delevery agents activity (mail come from, go to filter, go to dest...), but not by the cleanup/qmgr activity... what do you think ? Leave these logs in place. They are an important part of the message audit trail, logging the message-id and envelope sender, the additional disk space overhead is negligible and with syslog not misconfigured, there is no performance impact. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:[EMAIL PROTECTED] If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
How can I override previous FILTER action
Hi! Networkers, I'm using postfix 2.5.4 and it works perfectly. Thanks ;-) / /25 - 10024 - 10025/ /I add FILTER action within my header_checks file and it works correctly. My header_checks file contains: /^some-special-header/ FILTER my-filter 25 - 10024 - 10025 - 10027 - 10025 During execution, my-filter append the header my-filter-been-there: Yes so, I want to NOT execute my-filter if that header is present. otherwise, I will get the infamous too many hops error message. Documentation said: /In the case that multiple *FILTER* actions fire, only the last one is executed. /I try without success to override previously defined FILTER /^some-special-header/ FILTER my-filter /^my-filter-been-there: Yes/ FILTER none Can it be done ? How can I remove the current FILTER action ? Thanks in advance, Eddy Eddy Beliveau HEC Montreal Montreal (Quebec) Canada
Re: RE : RE : Big incoming queue, slow qmgr, idle system. It worked, thanks
Viktor, No problem the server is now very speed... Thank you for all your help. Best regards. Francis Victor Duchovni wrote: On Wed, Oct 29, 2008 at 11:18:13AM +0100, Francis SOUYRI wrote: I have just a little question, how can I disable de qmgr logging ? In a normal case I am interrested in the log by the smtpd/smtp/delevery agents activity (mail come from, go to filter, go to dest...), but not by the cleanup/qmgr activity... what do you think ? Leave these logs in place. They are an important part of the message audit trail, logging the message-id and envelope sender, the additional disk space overhead is negligible and with syslog not misconfigured, there is no performance impact. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:[EMAIL PROTECTED] If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: XFORWARD Vs PDP
If it can not be done at the moment, all right (I found a similar request in 2006 - message 209338). My real problem is this: Many customers use mail groups (virtual_alias_maps). Each destination account can create their own rules for releasing and blocking, which is consulted by the Delegation Protocol. When a person has a blocking rule and e-mail is sent to a group, the message can not be blocked at the moment, only after the delivery of mail by destination. When that happens, the envelope of information are lost, because final assessment is carried out in other instances. Any ideas? Wietse Venema escreveu: Victor Duchovni: On Mon, Oct 27, 2008 at 03:47:08PM -0400, Wietse Venema wrote: This thread suggests that each xforward attribute also needs to be made available via Milter macros (in smtpd and cleanup), and via the policy delegation protocol. There seems to be some demand for this, but the OP seems to be asking to override XFORWARD with policy actions. A most surprising request... I may have missed that amidst the HTML. What I could recognize was an example request from the SMTP server with a couple more attributes. Using this protocol to modify attributes would indeed be against the spirit of the design, and would give too much control to untrusted code. Wietse
Return-Path and Errors-To not behaving as expected
I have a shell script that generates simple emails by piping text (with To, From and Subject headers) to 'sendmail -t' (the postfix version). All is well with that except when a message bounces. The failure notice comes back to the user that ran the script. The script is run from cron under an administrative account. I would prefer to redirect bounces to a customer service agent that can deal with it. So I tried inserting Return-Path: [EMAIL PROTECTED] in the headers, but they still bounced to the script user. Same deal with inserting Errors-To: [EMAIL PROTECTED]. I have verified that [EMAIL PROTECTED] is deliverable. In the first case, my manual Return-Path header was replaced with the script user address. In the second case, I can see my Errors-To header, but a Return-Path header is also inserted (by postfix/sendmail?) with the script user address. What am I doing wrong? http://www.postfix.org/sendmail.1.html says that Errors-To overrides command line options to sendmail, so why is it not heeded when no return path command line options are used? If possible, I would like the bounce address to be something that is not normally displayed by common mail clients. -- Jeff
Re: Return-Path and Errors-To not behaving as expected
Jeff wrote: What am I doing wrong? http://www.postfix.org/sendmail.1.html says that Errors-To overrides command line options to sendmail, so why is it not heeded when no return path command line options are used? Please, reread it again.. -f sender Set the envelope sender address. This is the address where delivery problems are sent to. With Postfix versions *before 2.1*, the Errors-To: message header overrides the error return address. Brian
Hello Postfix guys
Dear Guys, I am having a postfix+ldap+jamm debian server having more than 15 mail accounts and so now, Jamm is not able to load all the mail accounts together and not able to reset a mail account password due to this. Please let me know is there any alternative to Jamm, i am not able to see any option for search and find a mail account and edit it , rather it tries to load the email accounts in one page. Also someone please advise the commands on how we can do delete mail accounts and reset passwords from command line from the backend in ldap+postix server. Regard, Hemanth
Re: Return-Path and Errors-To not behaving as expected
Jeff wrote: I have a shell script that generates simple emails by piping text (with To, From and Subject headers) to 'sendmail -t' (the postfix version). All is well with that except when a message bounces. The failure notice comes back to the user that ran the script. The script is run from cron under an administrative account. I would prefer to redirect bounces to a customer service agent that can deal with it. So I tried inserting Return-Path: [EMAIL PROTECTED] in the headers, but they still bounced to the script user. Same deal with inserting Errors-To: [EMAIL PROTECTED]. The Return-Path: header is added (or replaced) by the final delivery agent, using the envelope sender address. The Errors-To: header is a non-standard header and is ignored by most MTAs including current postfix versions. To control where bounces are delivered, set the envelope sender address to your bounce address. With the sendmail(1) interface, use the -f option. -- Noel Jones I have verified that [EMAIL PROTECTED] is deliverable. In the first case, my manual Return-Path header was replaced with the script user address. In the second case, I can see my Errors-To header, but a Return-Path header is also inserted (by postfix/sendmail?) with the script user address. What am I doing wrong? http://www.postfix.org/sendmail.1.html says that Errors-To overrides command line options to sendmail, so why is it not heeded when no return path command line options are used? If possible, I would like the bounce address to be something that is not normally displayed by common mail clients.
Re: How can I override previous FILTER action
Eddy Beliveau: Documentation said: /In the case that multiple *FILTER* actions fire, only the last one is executed. /I try without success to override previously defined FILTER /^some-special-header/ FILTER my-filter /^my-filter-been-there: Yes/ FILTER none As documented, the syntax of a filter is transport:destination, where an SMTP destination is typically of the form host:port. To skip filters, specify the port that re-injects mail back into Postfix. filter scan:127.0.0.1:the_postfix_inject_port Wietse
Re: Return-Path and Errors-To not behaving as expected
Jeff: So I tried inserting Return-Path: [EMAIL PROTECTED] in the headers, but they still bounced to the script user. As documented, use the sendmail -f option. Return-Path: is created on OUTPUT, it is not used for INPUT. Same deal with inserting Errors-To: [EMAIL PROTECTED]. Errors-To: is a non-standard header. Wietse
Re: Delivery for local users when using pam_mysql (PAM)
Postfix uses the standard getpwnam() system library routine to determine if a user exists. You should do your tests with getpwnam(), not with the getent command. Wietse
Re: Delivery for local users when using pam_mysql (PAM)
On Wed, Oct 29, 2008 at 09:26:32PM +0200, Ilo Lorusso wrote: if getpwnam() is a system library routine and not a command how would I go about performing those tests? With a C program, or perhaps a Perl script (if we trust Perl's getpwnam()). You should also make sure that getent(1) works when running as the postfix user, not just root, ... -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:[EMAIL PROTECTED] If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: Delivery for local users when using pam_mysql (PAM)
Try this: # perl -e 'print getpwnam "username",$/' Ilo Lorusso escreveu: if getpwnam() is a system library routine and not a command how would I go about performing those tests? please forgive my ignorance .. On Wed, Oct 29, 2008 at 8:44 PM, Wietse Venema [EMAIL PROTECTED] wrote: Postfix uses the standard getpwnam() system library routine to determine if a user exists. You should do your tests with getpwnam(), not with the getent command. Wietse
Re: XFORWARD Vs PDP
Guys, I'm still accepting ideas. :D Gustav Meirinho escreveu: If it can not be done at the moment, all right (I found a similar request in 2006 - message 209338). My real problem is this: Many customers use mail groups (virtual_alias_maps). Each destination account can create their own rules for releasing and blocking, which is consulted by the Delegation Protocol. When a person has a blocking rule and e-mail is sent to a group, the message can not be blocked at the moment, only after the delivery of mail by destination. When that happens, the envelope of information are lost, because final assessment is carried out in other instances. Any ideas? Wietse Venema escreveu: Victor Duchovni: On Mon, Oct 27, 2008 at 03:47:08PM -0400, Wietse Venema wrote: This thread suggests that each xforward attribute also needs to be made available via Milter macros (in smtpd and cleanup), and via the policy delegation protocol. There seems to be some demand for this, but the OP seems to be asking to override XFORWARD with policy actions. A most surprising request... I may have missed that amidst the HTML. What I could recognize was an example request from the SMTP server with a couple more attributes. Using this protocol to modify attributes would indeed be against the spirit of the design, and would give too much control to untrusted code. Wietse
Re: Delivery for local users when using pam_mysql (PAM)
Ilo Lorusso:
[EMAIL PROTECTED] ~]#perl -le 'for (@ARGV) { print join(:,
getpwnam($_)) }' ipnoc
DO NOT RUN THE TEST AS ROOT.
Wietse
Re: Which FileSystem do you use on your postfix server?
Ralf Hildebrandt wrote: * Simone Felici [EMAIL PROTECTED]: Hi Postfix-Users! I know, there is enough written on the net and on the mailinglist too, but have found only old results, maybe the meanwhile something is different, also I would ask you... Which filesystem do you use on your mailserver? I'm going to migrate a mailserver with EXT3 (and qmail) to a new postfix mailserver (virtual domains on mysql, ...). I would create the system on EXT3 (RHES) and the following partitions on rieserfs: I would never use reiserfs for anything except our disposable Squid Cache. Stay with ext3, it works. But ext3 does have problems - All our production boxes are 100% reiserfs, and have been for some years, based on performance testing. They have been rock solid, and most of them have 800 day uptimes at this point. I did some performance comparisons a few months ago and reiser still has a large lead over ext3. As reiser has always been the default filesystem on suse enterprise linux, it stands to reason that it has been well vetted. Of course, the legal woes of the reiserfs creator have put the future of the filesystem in doubt. The future seems to be btrfs. ext4 might be a good stepping stone along the way, when it's ready, but if I had to pick a filesystem to deploy today, it would be reiserfs - xfs could get some consideration as well, but we just really don't want the performance hit that comes with ext3. Joe
Re: Delivery for local users when using pam_mysql (PAM)
-bash-3.2$ perl -le 'for (@ARGV) { print join(:,getpwnam($_)) }' ipnoc
-bash-3.2$ whoami
sneak
-bash-3.2$ who am i
sneakpts/62008-10-29 23:10 (172.69.128.108)
-bash-3.2$
On Wed, Oct 29, 2008 at 11:04 PM, Ilo Lorusso [EMAIL PROTECTED] wrote:
perl -le 'for (@ARGV) { print join(:,getpwnam($_)) }' ipnoc
-bash-3.2$
nope.. not successfull, what does this mean?
On Wed, Oct 29, 2008 at 10:35 PM, Victor Duchovni
[EMAIL PROTECTED] wrote:
On Wed, Oct 29, 2008 at 10:12:19PM +0200, Ilo Lorusso wrote:
[EMAIL PROTECTED] ~]#perl -le 'for (@ARGV) { print join(:,
getpwnam($_)) }' ipnoc
ipnoc:bb8mChsjCXn.c:5000:5000:/bin/bash
So what now ?
Now repeat the experiment when not running as root. If it still works,
post the local entry from master.cf.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
mailto:[EMAIL PROTECTED]
If my response solves your problem, the best way to thank me is to not
send an it worked, thanks follow-up. If you must respond, please put
It worked, thanks in the Subject so I can delete these quickly.
Re: Which FileSystem do you use on your postfix server?
On 10/29/2008, Joe Sloan ([EMAIL PROTECTED]) wrote: All our production boxes are 100% reiserfs, and have been for some years, based on performance testing. They have been rock solid, and most of them have 800 day uptimes at this point. I did some performance comparisons a few months ago and reiser still has a large lead over ext3. As reiser has always been the default filesystem on suse enterprise linux, it stands to reason that it has been well vetted. I'd have to say 'me too' here, although I only use it for our maildirs... My understanding is reiserfs' big weak point is unclean shutdowns, which can be minimized/eliminated by using good UPS's and hardware RAID cards with battery backup for the cache... Mine survived one unclean shutdown (extended power outage in the middle of the night) with no problems... I've also hear people who have had nightmares with ext3... No filesystem is perfect. -- Best regards, Charles
Re: Delivery for local users when using pam_mysql (PAM)
On Wed, Oct 29, 2008 at 11:04:27PM +0200, Ilo Lorusso wrote:
perl -le 'for (@ARGV) { print join(:,getpwnam($_)) }' ipnoc
-bash-3.2$
nope.. not successfull, what does this mean?
Your MySQL (IIRC) nss module is misconfigured. Only root can do
passwd lookups. You must allow all users to consult the logical
passwd database.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
mailto:[EMAIL PROTECTED]
If my response solves your problem, the best way to thank me is to not
send an it worked, thanks follow-up. If you must respond, please put
It worked, thanks in the Subject so I can delete these quickly.
SecuritySage header_check, mime_header_check, and access files
Hello, I'm just rebuilding one of our old servers here and I see that the previous administrator was using the header_check, mime_header_check, and access regex files from SecuritySage. I tried to go the security sage site and it appears to be down, and most posts I have seen out there support that assumption. Anyways, my question for Postfix users is, is there another site/company that is providing those files updated? Should I be abandoning this old method for RBLDNS? If there are any suggestions or sites to point me in the right direction for lists of valid RBLs or someone/company that is producing those regex check files, it would be appreciated. Thanks Ryan
