Re: OT: Multiple Queues
* Steve steve.h...@digitalcertainty.co.uk: This 'BSMTP' munged MTA looks to offer very little more than Postfix save for some Rate Control/Throttling/Better logging ? From my early explorations with Postfix, it can mostly do all of this anyway or am I missing something? Postfix does rate control, but on a one size fits all-basis. The real question I guess I am asking - is it possible to have three instances of Postfix running on the same box, listening on different ports, with separate queue directories? Yes. 2.6.x can do it easily with the multiple instance support. -- Ralf Hildebrandt Postfix - Einrichtung, Betrieb und Wartung Tel. +49 (0)30-450 570-155 http://www.computerbeschimpfung.de Perl - The only language that looks the same before and after RSA encryption. -- Keith Bostic
Re: OT: Multiple Queues
Quoting Steve steve.h...@digitalcertainty.co.uk: On Fri, 2009-05-22 at 18:06 +1000, Barney Desmond wrote: 2009/5/22 Ralf Hildebrandt ralf.hildebra...@charite.de: 2. Rate/Anti DNS control a. If IP X is seen more than 50 times in 30 minutes block it. Postfix can do that using anvil I'd just like to add to that; the answer here on the list is almost always, ANVIL IS NOT FOR DOING THAT (whatever you think you can use it for). Which kind of begs the question what is it for ? :-) The appliance I took apart had a nice rate control feature. The crux of it was the ability to set connection limit on a per IP basis in 30 minutes. You could *NOT* change this time window, but could change the limit thus; 50 connections in 30 minutes, 60 connections in 30 minutes ... 200 connections in 30 minutes etc. What it would do is something like this: Connection 51 come in, it defers with a 45x error (temp) and starts a new timer. If that IP presents another '50' connections in the new window of 30 minutes - say connections 51-101 - they will also be given 45x errors. If connection 102 falls inside this period it then starts giving 55x errors to that IP. It will reset when it sees nothing from that IP in 30 minutes. It's very useful - but I suspect there is a better way to do this with iptables. It's a UCE/Protection feature at the end of the day - not an MTA feature. This could also be done using a policy service without much effort.
RE: RESOLVED RE: Need To Reject Inbound From Addresses with My Own Domain/s
From: mich...@orlitzky.com To: postfix-users@postfix.org Subject: Re: RESOLVED RE: Need To Reject Inbound From Addresses with My Own Domain/s wiskbr...@hotmail.com wrote: My problem was that my main.cf, although stating the aliases map with: alias_database = dbm:/etc/postfix/aliases alias_maps = dbm:/etc/postfix/aliases Was actually using /etc/aliases. Not sure why, I've just deleted the /etc one and sym-linked the /etc/postfix/aliases to /etc/aliases. You are putting yourself at great risk of being strangled by your successor. Try to figure out why Postfix was using /etc/aliases. Have you checked the output of postconf -n (hint, hint) to confirm that Postfix is using the main.cf that you think it is? Or maybe you're redefining alias_database and alias_maps further down in main.cf? I've looked, and it does not exist. I ran strings against the postfix binary, it's supplied by a vendor, and it contains: dbm:/etc/mail/aliases But even that file does not exist. Thanks, .vp
Re: Consistent Entry Stuck in Queue
Carlos Williams: 206.212.244.102 does not accept SMTP connections. Either the host is firewalled, or the host is down, or it is not reachable for other reasons. % telnet 206.212.244.102 smtp Trying 206.212.244.102... telnet: connect to address 206.212.244.102: Operation timed out telnet: Unable to connect to remote host Yes, this scares me even more because the user indicated that she herself is not initiating the message. The recipient domain is not Look at the RECEIVED: headers, with time stamps, host names, and IP addresses. Wietse
delivering mail to one host to another port
I need to deliver mail to the primary MX of several hundred domains via a different port. Unfortunately, putting the MX's address or IP into the transport map does not seem to work. I'd prefer not to maintain the list of domains in the transport table as well, so I am wondering: Is it possiblew to instruct postfix to always deliver to a different port when it tries to connect to a specific machine? Thanks, -- martin | http://madduck.net/ | http://two.sentenc.es/ i always had a repulsive need to be something more than human. -- david bowie spamtraps: madduck.bo...@madduck.net digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/)
Re: Consistent Entry Stuck in Queue
On Fri, 22 May 2009 19:23:33 +0200 mouss mo...@ml.netoyen.net wrote: Carlos Williams a __crit : [snip] Content-filter at server.us wrote: A message from jthras...@server.us to: - jthras...@server.us was considered unsolicited bulk e-mail (UBE). Our internal reference code for your message is 16433-01/qNJBp5TNkzDa The message carried your return address, so it was either a genuine mail from you, or a sender address was faked and your e-mail address abused by third party, in which case we apologize for undesired notification. We do try to minimize backscatter for more prominent cases of UBE and for infected mail, but for less obvious cases of UBE some balance between losing genuine mail and sending undesired backscatter is sought, and there can be some collateral damage on both sides. First upstream SMTP client IP address: [88.255.159.190] unknown According to a 'Received:' trace, the message originated at: [88.255.159.190], [88.255.159.190] unknown [88.255.159.190] Return-Path: jthras...@server.us Message-ID: 173702817170361.uflfwryznisq...@[88.255.159.190] Subject: Come to my place Delivery of the email was stopped! ** so some filter (at server.us?) is bouncing mail it considers possibly spam. This is a bad idea. once mail has been accepted by postfix, subsequent relays/filters/whatever should no more bounce. if spam is bounced to an innocent who never sent anything, you'll get in trouble... and even if not, you know it is bad to hit innocents whose email address was forged. [snip] Looks worse than that: host -t mx server.us server.us mail is handled by 10 cm1.dnsmadeeasy.com. So they're not the primary MX and they're bouncing it. -- John
Re: Disable content_filter
what exactly doesn't work? what do you mean by the local smtp-port? if you mean port 25 on localhost, then you need to add a listener localhost:25 -o content_filter= Here is part of my master.cf smtp inet n - n - 75 smtpd -o content_filter=postfixfilter localhost:10025 inetn - n - - smtpd -o content_filter= 192.168.xxx.xxx:25 inetn - n - - smtpd -o content_filter= postfixfilter unix -n n - - pipe flags=Rq user=filter argv=/home/filter/postfixfilter -f ${sender} -- ${recipient} Mail from outside is received and then passed to the postfixfilter. This works perfect. Filtered mail is returned to postfix via the listener on localhost. Contentfiltering is turned off and everything works fine. My problem is the third listener. This one should receive mail from other servers within my network (postfix acts as a relay), but here contentfiltering should also be turned off for all mail, independent of where it comes from and where it goes to. The problem is, that I can send mail to the listener on 192.168.xxx.xxx on port 25, but that it is passed to the postfixfilter. My question is, how can I completely turn off contentfiltering for all mail received on 192.168.xxx.xxx and why does the -o content_filter= option turn off contentfiltering for the listener on localhost and not for the one on 192.168.xxx.xxx? BTW: in main.cf there is also set content_filter=. Regards, Simon
Re: OT: Multiple Queues
On Fri, May 22, 2009 at 03:23:07PM +0100, Steve wrote: The appliance I took apart had a nice rate control feature. The crux of it was the ability to set connection limit on a per IP basis in 30 minutes. You could *NOT* change this time window, but could change the limit thus; 50 connections in 30 minutes, 60 connections in 30 minutes ... 200 connections in 30 minutes etc. What it would do is something like this: Connection 51 come in, it defers with a 45x error (temp) and starts a new timer. Connection rate (rather than concurrency) limits are rather risky, a site with legitimate mail to send, and a lot of senders, may not be able to deliver any mail to you in the face of a load-spike. Anvil can do just this, but (especially rate rather than concurrency controls) such controls are not recommended for fine-grained limits close to the expected transmission rate. Rather the limits should be very generous, intended to prevent wizards-apprentice accidents, ... If that IP presents another '50' connections in the new window of 30 minutes - say connections 51-101 - they will also be given 45x errors. If connection 102 falls inside this period it then starts giving 55x errors to that IP. It will reset when it sees nothing from that IP in 30 minutes. This is really lame rate control mechanism. It fails catastrophically when a legitimate site has a spike of email in your direction. Consider generous connection concurrency limits, and avoid rate limits unless they are very generous, and would NEVER be hit by a legitimate sender. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: delivering mail to one host to another port
also sprach Wietse Venema wie...@porcupine.org [2009.05.22.2010 +0200]: Is it possiblew to instruct postfix to always deliver to a different port when it tries to connect to a specific machine? iptables is not an option, since it cannot (yet) translate destination sockets for IPv6. Sorry, should have mentioned. Use a transport map: example.com [foo.example.com]:37331 I'd need an entry for every one of my couple of hundred domains since the transport maps are matched on recipient address, not on the MX domain. Since I am using permit_mx_backup_networks, I'd rather avoid maintaining the list of domains in the transport map on the backup MX. Thus my asking. -- martin | http://madduck.net/ | http://two.sentenc.es/ there was silence for a moment, and then out of the scrambled mess of arthur's brain crawled some words. -- hitchhiker's guide to the galaxy spamtraps: madduck.bo...@madduck.net digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/)
Re: time stamp changes in the queue'
tom lee: One more thing, I have MAILDIR set to an external storage server which Postfix has no MAILDIR setting. sorry, I am talking about home_mailbox, it looks that if home_mailbox not available, the mail will go to the default mail_spool_directory. Please show actual evidence that mail is delivered to the mailspool directory while home_mailbox is set in main.cf: 1) Command output from postconf -n home_mailbox. 2) Logging that shows delivery to system mailbox. Wietse
Re: delivering mail to one host to another port
On Fri, May 22, 2009 at 08:41:45PM +0200, martin f krafft wrote: also sprach Wietse Venema wie...@porcupine.org [2009.05.22.2010 +0200]: Is it possiblew to instruct postfix to always deliver to a different port when it tries to connect to a specific machine? iptables is not an option, since it cannot (yet) translate destination sockets for IPv6. Sorry, should have mentioned. Use a transport map: example.com [foo.example.com]:37331 I'd need an entry for every one of my couple of hundred domains since the transport maps are matched on recipient address, not on the MX domain. Since I am using permit_mx_backup_networks, I'd rather avoid maintaining the list of domains in the transport map on the backup MX. Thus my asking. You can use a pcre map to do it with one entry. Cheers, Ken
Re: adding secondary MX
On Tue, May 19, 2009 at 1:58 PM, Noel Jones njo...@megan.vbhcs.org wrote: post...@corwyn.net Won't the mail just be forwarded to the primary mail server, who can reject it there? ... which then causes your server to generate a bounce to the (often forged) envelope sender. Your queue will be clogged with undeliverable bounces, choking performance for legit mail. Eventually you will deliver enough mail to f orged senders that your server will be blacklisted as an outscatter/backscatter source. I'm still not clear on how this is different than normal. Let's say I use a gmail account, and send it directly to my domain/main mail server (Microsoft Exchange) to an invalid address. I get the following bounce-back: Delivered-To: testacco...@gmail.com Received: by 10.220.74.197 with SMTP id v5cs94260vcj; Fri, 22 May 2009 12:05:35 -0700 (PDT) Received: by 10.224.2.212 with SMTP id 20mr4273331qak.343.1243019135083; Fri, 22 May 2009 12:05:35 -0700 (PDT) Return-Path: Received: from webmail.int.example.com (Webmail2.example.com [x.x.x.x]) by mx.google.com with ESMTP id 5si4116455qwg.29.2009.05.22.12.05.28; Fri, 22 May 2009 12:05:34 -0700 (PDT) Received-SPF: pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) client-ip=x.x.x.x; Authentication-Results: mx.google.com; spf=pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) smtp.mail= Received: from (unknown [10.10.20.150]) by webshield3200.int.example.comwith smtp id 2198_176c0290_46ff_11de_b524_001422234860; Fri, 22 May 2009 14:33:50 -0400 From: postmas...@example.com To: testacco...@gmail.com Date: Fri, 22 May 2009 15:05:26 -0400 MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary=9B095B5ADSN=_01C9A571EDB220B262B8webmail.int.i X-DSNContext: 335a7efd - 4523 - 0001 - 80040546 Message-ID: hn7lwxkxf2...@webmail.int.example.com Subject: Delivery Status Notification (Failure) Pretty much what I expect. But let's say I set up my postfix mail server with the changes discussed above and telnet into it (don't feel like updating DNS for a secondary MX). Mail sent to a valid address works just fine (yay!). When I send mail to my domain with an invalid address, again, I get a bounceback, but it looks pretty much like the original bounceback when sent directly: Delivered-To: testacco...@gmail.com Received: by 10.220.74.197 with SMTP id v5cs93288vcj; Fri, 22 May 2009 11:56:18 -0700 (PDT) Received: by 10.151.72.1 with SMTP id z1mr8254952ybk.170.124301854; Fri, 22 May 2009 11:56:17 -0700 (PDT) Return-Path: Received: from webmail.int.example.com (Webmail2.example.com [x.x.x.x]) by mx.google.com with ESMTP id 23si7742750gxk.58.2009.05.22.11.56.17; Fri, 22 May 2009 11:56:17 -0700 (PDT) Received-SPF: pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) client-ip=x.x.x.x; Authentication-Results: mx.google.com; spf=pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) smtp.mail= Received: from (unknown [10.10.20.150]) by webshield3200.int.example.comwith smtp id 21e4_cf39f690_46fd_11de_88a2_001422234860; Fri, 22 May 2009 14:24:39 -0400 From: postmas...@example.com To: testacco...@gmail.com Date: Fri, 22 May 2009 14:56:15 -0400 MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary=9B095B5ADSN=_01C9A571EDB220B262B1webmail.int.i X-DSNContext: 335a7efd - 4523 - 0001 - 80040546 Message-ID: ivswsrlry2...@webmail.int.example.com Subject: Delivery Status Notification (Failure) So the behavior is the same when I use the primary with an invalid address, or if I use the secondary with an invalid address. How am I becoming an increased source of backscatter? If the answer is, your exchange server config is broken well, perhaps, but I didnt' set up (or own) that box. Setting up postfix as a secondary won't break anything any worse than it already is, right? rick Rick
Re: time stamp changes in the queue'
Please show actual evidence that mail is delivered to the mailspool directory while home_mailbox is set in main.cf: 1) Command output from postconf -n home_mailbox. $ postconf -n home_mailbox home_mailbox = Maildir/ 2) Logging that shows delivery to system mailbox. procmail: Error while writing to /Users/username/Maildir/ From x...@.com Tue May 21 11:18:25 2009 Subject: test Folder: /var/mail/username I tried in purpose to make the directory not writable for /Users/username/Maildir, and the mail will be delivered to /var/mail. if home_mailbox is external storage which not available due to network issue, the mail be delivered to local /var/mail directory. my postfix version is 2.4.3 Thanks. tom
Re: adding secondary MX
On Fri, May 22, 2009 at 3:19 PM, Rick post...@corwyn.net wrote: On Tue, May 19, 2009 at 1:58 PM, Noel Jones njo...@megan.vbhcs.org wrote: Won't the mail just be forwarded to the primary mail server, who can reject it there? ... which then causes your server to generate a bounce to the (often forged) envelope sender. Your queue will be clogged with undeliverable bounces, choking performance for legit mail. Eventually you will deliver enough mail to f orged senders that your server will be blacklisted as an outscatter/backscatter source. I'm still not clear on how this is different than normal. Let's say I use a gmail account, and send it directly to my domain/main mail server (Microsoft Exchange) to an invalid address. I get the following bounce-back: Delivered-To: testacco...@gmail.com Received: by 10.220.74.197 with SMTP id v5cs94260vcj; Fri, 22 May 2009 12:05:35 -0700 (PDT) Received: by 10.224.2.212 with SMTP id 20mr4273331qak.343.1243019135083; Fri, 22 May 2009 12:05:35 -0700 (PDT) Return-Path: Received: from webmail.int.example.com (Webmail2.example.com [x.x.x.x]) by mx.google.com with ESMTP id 5si4116455qwg.29.2009.05.22.12.05.28; Fri, 22 May 2009 12:05:34 -0700 (PDT) Received-SPF: pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) client-ip=x.x.x.x; Authentication-Results: mx.google.com; spf=pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) smtp.mail= Received: from (unknown [10.10.20.150]) by webshield3200.int.example.com with smtp id 2198_176c0290_46ff_11de_b524_001422234860; Fri, 22 May 2009 14:33:50 -0400 From: postmas...@example.com To: testacco...@gmail.com Date: Fri, 22 May 2009 15:05:26 -0400 MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary=9B095B5ADSN=_01C9A571EDB220B262B8webmail.int.i X-DSNContext: 335a7efd - 4523 - 0001 - 80040546 Message-ID: hn7lwxkxf2...@webmail.int.example.com Subject: Delivery Status Notification (Failure) Pretty much what I expect. But let's say I set up my postfix mail server with the changes discussed above and telnet into it (don't feel like updating DNS for a secondary MX). Mail sent to a valid address works just fine (yay!). When I send mail to my domain with an invalid address, again, I get a bounceback, but it looks pretty much like the original bounceback when sent directly: Delivered-To: testacco...@gmail.com Received: by 10.220.74.197 with SMTP id v5cs93288vcj; Fri, 22 May 2009 11:56:18 -0700 (PDT) Received: by 10.151.72.1 with SMTP id z1mr8254952ybk.170.124301854; Fri, 22 May 2009 11:56:17 -0700 (PDT) Return-Path: Received: from webmail.int.example.com (Webmail2.example.com [x.x.x.x]) by mx.google.com with ESMTP id 23si7742750gxk.58.2009.05.22.11.56.17; Fri, 22 May 2009 11:56:17 -0700 (PDT) Received-SPF: pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) client-ip=x.x.x.x; Authentication-Results: mx.google.com; spf=pass (google.com: domain of webmail.int.example.com designates x.x.x.x as permitted sender) smtp.mail= Received: from (unknown [10.10.20.150]) by webshield3200.int.example.com with smtp id 21e4_cf39f690_46fd_11de_88a2_001422234860; Fri, 22 May 2009 14:24:39 -0400 From: postmas...@example.com To: testacco...@gmail.com Date: Fri, 22 May 2009 14:56:15 -0400 MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary=9B095B5ADSN=_01C9A571EDB220B262B1webmail.int.i X-DSNContext: 335a7efd - 4523 - 0001 - 80040546 Message-ID: ivswsrlry2...@webmail.int.example.com Subject: Delivery Status Notification (Failure) So the behavior is the same when I use the primary with an invalid address, or if I use the secondary with an invalid address. How am I becoming an increased source of backscatter? If the answer is, your exchange server config is broken well, perhaps, but I didnt' set up (or own) that box. Setting up postfix as a secondary won't break anything any worse than it already is, right? Yes, the exchange configuration is broken. They will have to fix it eventually, because such a configuration is unusable in the real world. When they do, your broken postfix configuration will become evident.
Re: time stamp changes in the queue'
On Fri, May 22, 2009 at 12:33:22PM -0700, tom lee wrote: Please show actual evidence that mail is delivered to the mailspool directory while home_mailbox is set in main.cf: 1) Command output from postconf -n home_mailbox. $ postconf -n home_mailbox home_mailbox = Maildir/ 2) Logging that shows delivery to system mailbox. procmail: Error while writing to /Users/username/Maildir/ From x...@.com Tue May 21 11:18:25 2009 Subject: test Folder: /var/mail/username When mail is delivered to procmail (mailbox_command, .forward, ...) naturally it is up to procmail, not Postfix to select the final mailbox. This should be rather obvious. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: time stamp changes in the queue'
tom lee: procmail: Error while writing to /Users/username/Maildir/ The error message says PROCMAIL. This is the POSTFIX mailing list. Wietse
Re: time stamp changes in the queue'
On Fri, May 22, 2009 at 12:36 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Fri, May 22, 2009 at 12:33:22PM -0700, tom lee wrote: Please show actual evidence that mail is delivered to the mailspool directory while home_mailbox is set in main.cf: 1) Command output from postconf -n home_mailbox. $ postconf -n home_mailbox home_mailbox = Maildir/ 2) Logging that shows delivery to system mailbox. procmail: Error while writing to /Users/username/Maildir/ From x...@.com Tue May 21 11:18:25 2009 Subject: test Folder: /var/mail/username When mail is delivered to procmail (mailbox_command, .forward, ...) naturally it is up to procmail, not Postfix to select the final mailbox. my procmail setting is very simple: VERBOSE=yes LOGFILE=/var/log/procmail.log USERINBOX=$HOME/Maildir/ :0 $USERINBOX so, if $USERINBOX is not writable, procmail delivered the mail to /var/mail, not the postfix. (I may change USERINBOX to the external storage eventually) . not sure if there is a way to let procmail to stop the delivery to /var/mail? maybe I need to check procmail mailing lis. Thanks. Tom
Re: How to safely re-inject an archived queue file?
On Thu, May 21, 2009 at 07:48:43PM -0600, Curtis wrote: It would appear that we're seeing a side effect of dropping files into the maildrop queue like this. if there are messages in the maildrop directory when a postfix reload is run, we're seeing duplicate messages. Yes, postfix reload runs postsuper, which will fix-up the names of files. To avoid this, you'd have to do that yourself, before marking the file mode 0700. The first 5 bytes are a microsecond timer measured just after the created file's inode is obtained via lstat(2) and before it is renamed to: hex-of-usec-timehex-of-inode-number Getting all of this right is done by sendmail/postdrop. .then the message gets sent a second time (or at least I'm guessing that's how the duplicate happens). I guess the answer is to either run that second instance of postfix that doesn't get hit with a reload very often or. would running postsuper -s solve it? Running postsuper -s causes a race, and is too expensive. Why are you manually creating queue-files again? -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
RE: How to safely re-inject an archived queue file?
Yes, postfix reload runs postsuper, which will fix-up the names of files. To avoid this, you'd have to do that yourself, before marking the file mode 0700. The first 5 bytes are a microsecond timer measured just after the created file's inode is obtained via lstat(2) and before it is renamed to: hex-of-usec-timehex-of-inode-number Getting all of this right is done by sendmail/postdrop. Since it sounds like I'd have to do this with postfix stopped, I found a different workaround. .then the message gets sent a second time (or at least I'm guessing that's how the duplicate happens). I guess the answer is to either run that second instance of postfix that doesn't get hit with a reload very often or. would running postsuper -s solve it? Running postsuper -s causes a race, and is too expensive. Yeah, I realized that right after I sent my message. Why are you manually creating queue-files again? We're not manually creating them, these are archived queue files that were pulled from the hold queue, and then later released by being dropped into the maildrop queue (using the technique discussed earlier in this thread). As for the workaround... I simply created a wrapper for postfix reload that we'll use in place of actually running postfix reload... it creates a lock file that tells the script that drops the files into maildrop to pause and then it waits until the maildrop queue is empty before doing the reload. Thanks, Curtis P.S. Since I received complaints about my message formatting from both the HTML and plain text modes of gmail, I've switched to using Outlook just for messages that I send to this list. Hopefully Outlook uses an acceptable charset? -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
Re: How to safely re-inject an archived queue file?
Curtis: We're not manually creating them, these are archived queue files that were pulled from the hold queue, and then later released by being dropped into the maildrop queue (using the technique discussed earlier in this thread). This is safe only when the maildrop queue is stopped, that is, 1) No submissions with the Postfix sendmail command while these files are in the maildrop directory, otherwise mail will be lost. 2) No pickup daemon and no postsuper command, otherwise pickup will read incomplete files and throw them away, or it will make duplicate deliveries as files get renamed. Wietse
RE: How to safely re-inject an archived queue file?
Curtis: We're not manually creating them, these are archived queue files that were pulled from the hold queue, and then later released by being dropped into the maildrop queue (using the technique discussed earlier in this thread). This is safe only when the maildrop queue is stopped, that is, 1) No submissions with the Postfix sendmail command while these files are in the maildrop directory, otherwise mail will be lost. 2) No pickup daemon and no postsuper command, otherwise pickup will read incomplete files and throw them away, or it will make duplicate deliveries as files get renamed. Based on earlier conversations in this thread (from February), it was determined to be safe to drop messages into the maildrop queue if we created the files using a unique filename and mode 0600, and then switched them to mode 0700 once the file was ready. Hopefully that's still true... Curtis Wietse
Re: How to safely re-inject an archived queue file?
On Fri, May 22, 2009 at 03:51:49PM -0600, Curtis wrote: Curtis: We're not manually creating them, these are archived queue files that were pulled from the hold queue, and then later released by being dropped into the maildrop queue (using the technique discussed earlier in this thread). This is safe only when the maildrop queue is stopped, that is, 1) No submissions with the Postfix sendmail command while these files are in the maildrop directory, otherwise mail will be lost. 2) No pickup daemon and no postsuper command, otherwise pickup will read incomplete files and throw them away, or it will make duplicate deliveries as files get renamed. Based on earlier conversations in this thread (from February), it was determined to be safe to drop messages into the maildrop queue if we created the files using a unique filename and mode 0600, and then switched them to mode 0700 once the file was ready. Hopefully that's still true... Only if you don't have postsuper racing against you. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
/etc/mailname
Hi all, What should contain this file, local or external fqdn ? Thanks, Sébastien