Re: myhostname is different between postconf and main.cf
On Thu, 2009-05-28 at 22:53 -0700, Joe Sloan wrote: Steve wrote: Personally, I would not have a M$ box for anything other than charity. That is to allow those nice far eastern people access to my resources to send UCE. Mind you, most of them buckle under the load I'm with you there... Because DNS requires an MX entry for a mail server and a A record for the web server. Don't shoot the messenger - I'm not responsible for DNS ! These will often be pointing to the same host but be externally seen as different entities. An example would be CNAMES. A machine can have an unlimited number of CNAME aliases in DNS, but a separate CNAME record must be in the database for each alias. True, but they could technically all be the same name - let's say you have one box and it's mydomain.com. Your dns records might look like this: IN A 1.2.3.4 IN NS mydomain.com. IN MX 10 mydomain.com You might also want to add: IN CNAME www.mydomain.com mydomain.com But nobody says you absolutely must have smtp.mydomain.com or mail.mydomain.com or ns.mydomain.com or pop3.mydomain.com Joe I agree. But you would still need to list an MX record if you were expecting mail traffic and probably a CNAME for the www to the A record. It would not be 'not normal' for these to resolve to the same host. There is nothing wrong with doing so if it fits your needs. There may be arguments as to scaling and redundancy, but that is a different arena. To be called a 'big mouth' for pointing it out - or even a 'hobbyist' amuses me when you consider that Postfix is a Open Source and written by Hobbyists. I appreciate it's the guys baby - but to descend to abuse is really unnecessary.
What is the best value for first retry-window for postgrey ?
Hi, we have a centos 5 server that we use for mail server and i have installed their postgrey. I want to ask what values do you use for retry-window option and what is the best value for this ? I have leave it with the default value 2 days for now, but i don't know if it is too high. What's your opinion? Thanks in advance and best regards!
Applying dfilt to one IP only
I am attempting setting up footers so they apply only to outgoing mail not incoming mail (currently they apply to all e-mail), but I would like to check that I have the right end of the stick. First I map a second IP (100.100.100.2) to eth0, this interface will be eth0:0 Next I modify master.cf from: smtp inet n - n - - smtpd -o content_filter=dfilt: dfilt unix - n n - - pipe flags=Rq user=filter argv=/etc/postfix/disclaimer -f ${sender} -- ${recipient} To: 100.100.100.1:smtp inet n - n - - smtpd 100.100.100.2:smtp inet n - n - - smtpd -o content_filter=dfilt: 127.0.0.1:smtpinet n - n - - smtpd -o content_filter=dfilt: dfilt unix - n n - - pipe flags=Rq user=filter argv=/etc/postfix/disclaimer -f ${sender} -- ${recipient} I'm pretty sure that thus far I'm spot on, my only question now is whether or not I need to change the inet_interfaces setting in main.cf from all to 100.100.100.2, or whether this would prevent local systems from sending mail out via 100.100.100.1. Paul Cocker _ Please consider the environment, think before you print. TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047), TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland Ltd (05695897), TNT Post North Ltd (05701709), TNT Post South West Ltd (05983401), TNT Post Midlands Limited (6458167)and TNT Post London Limited (6493826). Emma's Diary and Lifecycle are trading names for Lifecycle Marketing (Mother and Baby) Ltd (02556692). All companies are registered in England and Wales; registered address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1HY.
RE: temporary lookup failure
Hi Brian Everything you said makes a great deal of sense - thanks very much. I have changed the RBL settings, as you advised. Yes, the load has gone up considerably, particularly, we are seeing a massive rise of spam traffic on this box (mainly on one or two of the domains 30 domains its responsible for) However, I have tried putting proxy: in front of my mysql maps and it stopped it being able to receive email. Presumably, I need to enable proxymap to get proxy maps to work. This is something I don't know how to do. This is what postconf -d | grep proxy returns: local_recipient_maps = proxy:unix:passwd.byname $alias_maps proxy_interfaces = proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks smtpd_proxy_ehlo = $myhostname smtpd_proxy_filter = smtpd_proxy_timeout = 100s There are no lines with proxy in my main.cf, do I need to add in a proxy_read_maps? If so what do I set it to? Incidently, here is a copy of my mysql_virtual_mailbox_maps.cf I did initially have a few problems getting this working. If I use proxy:mysql: will I need to change this? user = postfixuser password = postfixpassword hosts = localhost dbname = postfix table = mailbox #select_field = CONCAT(domain,'/',maildir) select_field = maildir where_field = username additional_conditions = and active = '1' #query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1' Regards Jon [snip]
Re: nobody is going to write a new MTA
mouss escribió: the OpenBSD guys take this a bit too aggressively. on the other hand, this approach has resulted in good software (the so-called OpenBSD pf is a good example, although the story was special). Well, I would say 'coherently instead of 'aggressively' +info: http://www.openbsd.org/policy.html http://www.openbsd.org/faq/faq1.html#HowAbout And yes, the history behind PF origin is curious at least. -- Thanks, Jordi Espasa Clofent
Re: different transport_maps when submitting mail from amavis
On Fri, May 29, 2009 9:27 am, Rolandas Juodzbalis said: I have postfix on one server and amavis on another. On postfix I'm using transport_maps to deliver depending on spam flag in database. If spam flag is on, then query returns following output: smtp:ip_of_amavis:10024. If spam flag is off, then it returns word virtual. Problem begins when amavis tries to submit mail back to postfix on port 10025 - transport_maps is used again and starts looping. Is there any way to avoid using transport_maps when feeding mail from amavis back to postfix via port 10025? Or maybe another alternative of communicating between amavis and postfix? The transport table is global for the whole Postfix instance. Per-user routing thus requires two Postfix instances. http://www.postfix.org/MULTI_INSTANCE_README.html -- Magnus Bäck mag...@dsek.lth.se
Relay mail server for a dial-up sat connection
Hello all, I've been charged to develop a relay mail server in a dial-up sat connection by my company. 1a) This server must connect to Internet every 3 hours and fetch and send mails for various users. 1b) Connection must be opened by the server at the start of the process and closed when all mails are received and sent. 2a) Users can access the received mail on the server through POP clients or webmail. 2b) Users can send mail through the server with SMTP clients or webmail. I read something here and there and decided to resolve the various problems this way: getmail to fetch mail for the various users qmail or postfix are the choices for the SMTP servant pop3d (is that the right name?) to serve POP at clients squirrelmail for webmail Have to find out how to manage virtual users (I saw a couple of tools here and there), because I don't want 'mail user' = 'nix user' 1a The various processes sure can be launched by a cron job. However there is the possibilities of a power loss, possibly resulting in a missing call by cron. Anacron is supposed to help in these but can it manage every-3-hours jobs? Have to check... 1b In the case I will use postfix, how can I check out when it has finished sending mail to Internet (to close dialup connection)? 2a Both qmail and postfix have modules to serve mail boxes using POP3 so no problems here 2b Here comes a big question. I want a MTA that can receive mail from clients using SMTP and send those big bag of mails using server smtp.domain.net instead of take care to distribute every single mail. Can postfix do this? and how? However the mail provider my company is using has blocked access to the SMTP server only to authenticated users, and sat provider doesn't give SMTP services... So I have this strange question: I'm user u...@domain.net Can I send a mail to someb...@fake.net using otheru...@domain.net AS u...@domain.net keeping correct header infos to let someb...@fake.net reply to otheru...@domain.net Why this? Because as I said the mail provider we use require authentication, so my intention where to use one account to access SMTP server and from there leave the big bag of mail to the SMTP server of the mail provider, instead of opening different connection for every single user.
strange mail protocol
Hi, I've just found the following in my postfix log: grep C5E7710205CD: /var/log/mail/current May 29 13:21:01 [postfix/pickup] C5E7710205CD: uid=65534 from=sen...@mydomain.com May 29 13:21:01 [postfix/cleanup] C5E7710205CD: message-id=20090529112101.11351.11039.stra...@strato1 May 29 13:21:01 [postfix/qmgr] C5E7710205CD: from=sen...@mydomain.com, size=1355, nrcpt=1 (queue active) May 29 13:21:03 [postfix/smtp] C5E7710205CD: host f.mx.mail.yahoo.com[68.142.202.247] said: 451 Message temporarily deferred - [170] (in reply to end of DATA command) May 29 13:21:04 [postfix/smtp] C5E7710205CD: to=recipi...@yahoo.de, relay=f.mx.mail.yahoo.com[98.137.54.237]:25, delay=3.2, delays=0.29/0.01/1.7/1.2, dsn=2.0.0, status=sent (250 ok dirdel) May 29 13:21:04 [postfix/qmgr] C5E7710205CD: removed So the question: what has happened with that mail? I am confused about the line 451 Message temporarily deferred immediately followed by status=sent (250 ok). Thanks and regards -stefan-
Re: strange mail protocol
Hi, I've just found the following in my postfix log: grep C5E7710205CD: /var/log/mail/current May 29 13:21:01 [postfix/pickup] C5E7710205CD: uid=65534 from=sen...@mydomain.com May 29 13:21:01 [postfix/cleanup] C5E7710205CD: message-id=20090529112101.11351.11039.stra...@strato1 May 29 13:21:01 [postfix/qmgr] C5E7710205CD: from=sen...@mydomain.com, size=1355, nrcpt=1 (queue active) May 29 13:21:03 [postfix/smtp] C5E7710205CD: host f.mx.mail.yahoo.com[68.142.202.247] said: 451 Message temporarily deferred - [170] (in reply to end of DATA command) May 29 13:21:04 [postfix/smtp] C5E7710205CD: to=recipi...@yahoo.de, relay=f.mx.mail.yahoo.com[98.137.54.237]:25, delay=3.2, delays=0.29/0.01/1.7/1.2, dsn=2.0.0, status=sent (250 ok dirdel) May 29 13:21:04 [postfix/qmgr] C5E7710205CD: removed So the question: what has happened with that mail? I am confused about the line 451 Message temporarily deferred immediately followed by status=sent (250 ok). 4xx are temporary Errors and Postfix tries the next MX. 68.142.202.247 != 98.137.54.237 -- Andreas
Re: strange mail protocol
I am confused about the line 451 Message temporarily deferred immediately followed by status=sent (250 ok). 4xx are temporary Errors and Postfix tries the next MX. 68.142.202.247 != 98.137.54.237 Args, obviously you are right. Sorry for the noise... Thanks -stefan-
domain-in-a-box statistics
Wietse Venema: Is it even neccessary to have a hostname at all since the days of having s -eperate machines for seperate daemons are behind us for most websites? Afte -r all, mail.example1.com, www.example1.com, pop3.example1.com,... are all th -e same machine these days. A machine name is required for several email-related Internet standards. Besides, having all DNS names resolve to the same box is not normal usage. I'll post some numbers today, based on domain names found in open mailing lists. Wietse
Re: What is the best value for first retry-window for postgrey ?
Zitat von an...@iguanait.com an...@iguanait.com: Hi, we have a centos 5 server that we use for mail server and i have installed their postgrey. I want to ask what values do you use for retry-window option and what is the best value for this ? I have leave it with the default value 2 days for now, but i don't know if it is too high. What's your opinion? Postfix is not Postgrey so it may be useful to ask on the Postgrey List. The retry-window is the time after which a record is purged if no other attempt to deliver mail is made. If you set it too short server with long retry times may not be able to deliver mail to you at all. So if unsure leave it at the save default. Regards Andreas
Re: temporary lookup failure
Jon Harris wrote: Hi Brian Everything you said makes a great deal of sense - thanks very much. I have changed the RBL settings, as you advised. Yes, the load has gone up considerably, particularly, we are seeing a massive rise of spam traffic on this box (mainly on one or two of the domains 30 domains its responsible for) However, I have tried putting proxy: in front of my mysql maps and it stopped it being able to receive email. Presumably, I need to enable proxymap to get proxy maps to work. This is something I don't know how to do. This is what postconf -d | grep proxy returns: 'postconf -d' shows defaults that are used unless you define them in main.cf 'postconf -n' shows what Postfix sees in your main.cf. There are no lines with proxy in my main.cf, do I need to add in a proxy_read_maps? If so what do I set it to? You have proxymap enabled according to your OP: master.cf - proxymap unix - - n - - proxymap What is the in the log of the error? Incidently, here is a copy of my mysql_virtual_mailbox_maps.cf I did initially have a few problems getting this working. If I use proxy:mysql: will I need to change this? No. Read 'man 8 proxymap' to understand what it does. user = postfixuser password = postfixpassword hosts = localhost dbname = postfix table = mailbox #select_field = CONCAT(domain,'/',maildir) select_field = maildir where_field = username additional_conditions = and active = '1' #query = SELECT CONCAT(domain,'/',maildir) FROM mailbox WHERE username='%s' AND active = '1'
Re: temporary lookup failure
2009/5/29 Jon Harris j.har...@digital-ink.co.uk: However, I have tried putting proxy: in front of my mysql maps and it stopped it being able to receive email. Presumably, I need to enable proxymap to get proxy maps to work. This is something I don't know how to do. Error logs? My suspicion is that the proxy map isn't available for some reason. Run `postconf -m` to check that proxy is actually a supported map type (ie. was compiled into your distribution). This is a Debian machine of mine, yours should be similar: yoshino:~# postconf -m btree cidr environ hash nis pcre pgsql proxy regexp sdbm static tcp unix This is what postconf -d | grep proxy returns: `-d` shows you the defaults. Use plain `postconf` to show all relevant values, so your grep will return useful results. Use `-d` when you're reading the postconf manpage and want to know what the default is for system-dependent stuff (at least, that's what I use it for). There are no lines with proxy in my main.cf, do I need to add in a proxy_read_maps? If so what do I set it to? No. I've never seen it mentioned here; chances are you'll never need to change it. proxy is something of a magic map type, you stack it on another real map. If I use proxy:mysql: will I need to change this? No. The proxy map basically just does connection sharing/pooling to ease the load on mysql (when used on mysql tables). http://www.postfix.org/proxymap.8.html
Re: Applying dfilt to one IP only
On Fri, May 29, 2009 at 09:10:14AM +0100, Paul Cocker wrote: I'm pretty sure that thus far I'm spot on, my only question now is whether or not I need to change the inet_interfaces setting in main.cf from all to 100.100.100.2, or whether this would prevent local systems from sending mail out via 100.100.100.1. At a minimum, the union of inet_interfaces and proxy_addresses needs to list all IP addresses at which you receive inbound email (IP addresses of MX hosts for your domans, or A records of hosts that receive u...@host email). Email sent to u...@[ip] is considered local provided the ip is in inet_interfaces or proxy_addresses. If inet_interfaces is then just a single IP address, but the system is connected to multiple subnets, not just multi-IP on a single subnet, then it is important to read the docs for inet_interfaces and understand the notes about smtp_bind_address. Otherwise, also inet_interfaces is used in the default value of: local_header_rewrite_clients = permit_inet_interfaces and of course the default address list for master.cf inet services that only specify a service name, with no address. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.
veritication of sender and auth
hi... where i can check in a momento of processing sender - that's is with a script or other method - the following: - for an authenticated user, he send a message, but i need to check that the mail of the sender is authenticated user mail address. in others words, who's the point that i can merge autentication with sender validation... (i understand that are diferent process) thanks! -- Salu2 ;)
Re: veritication of sender and auth
maximatt wrote: hi... where i can check in a momento of processing sender - that's is with a script or other method - the following: - for an authenticated user, he send a message, but i need to check that the mail of the sender is authenticated user mail address. in others words, who's the point that i can merge autentication with sender validation... (i understand that are diferent process) thanks! If submitted via sendmail(1) command, then it is up to you and your script/web interface. If submitted via SMTP read the following: http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch http://www.postfix.org/postconf.5.html#reject_unauthenticated_sender_login_mismatch Brian
Re: domain-in-a-box statistics (was myhostname etc.)
Wietse Venema: Wietse Venema: Is it even neccessary to have a hostname at all since the days of having s -eperate machines for seperate daemons are behind us for most websites? Afte -r all, mail.example1.com, www.example1.com, pop3.example1.com,... are all th -e same machine these days. A machine name is required for several email-related Internet standards. Besides, having all DNS names resolve to the same box is not normal usage. I'll post some numbers today, based on domain names found in open mailing lists. To test the hypothesis that mail.domain, www.domain, etc. all have the same IP address, I did a quick survey based on email sender domain names found in open mailing lists on postfix, freebsd, php, and bugtraq, for the past 1.5 year. The list is available on request. These mailing lists represents a technical audience. At least in this population, the domain in a host approach is not dominant for email. For the analysis I queried each domain for its A records, for the A records of www.domain, and for the A records of the domain's primary MX records. Queries were done in parallel to reduce inconsistencies due to short TTLs. All queries followed CNAME indirections. I deleted domains that produced no result at all. A special case is when a domain has no MX records. In this case RFC 5321 requires that mail is sent using domain's A records instead. Thus, a domain without MX records is the same as a domain with an MX record that points at the domain itself. Thus, the default DNS rules correspond to a domain-in-a-box architecture. The raw results are at the end of this message. For this domain population, the domain in a host approach is not dominant with email: 1116 or 3755 domains used the same IP addresses for the domain itself and as for email (with or without explicit MX records), and 917 of 3755 domains used the same IP addresses for web services (http://www.domain) as for email (u...@domain). The domain in a host approach appears to be more common with web services: 3346 of 3755 domains used the same IP addresses for the domain itself as for web services (http://www.domain). I had expected a larger number here. Conclusion: SMTP is not HTTP; don't assume that what is valid for web services is necessarily valid for email services. Wietse Number of domains = 3755 with A records = 3147 (following CNAME) with MX records = 3525 (following CNAME) with www.domain A records = 3346 (following CNAME) with A records == www.domain A records = 2589 with A records == primary MX A records = 886 with www.domain A records == primary MX A records = 917 with A records or www.domain A records == primary MX A records = 986 with A records == primary MX A records, or no MX records = 1116
Maildir questions
okay i'm trying to configure postfix to use maildir instead of mbox. this is in preparation to migrate to a new server. i've got it configured so it will deliver the mail into the correct mail directories for the users. i used mb2md version 2, which with a little trial and error worked fine. the maildirs are set up, and with the lines in postfix set, and procmailrc, it's delivering the mail. my problem is, when i log in, i can't see the mail. the new mail files are being created in /home/username/Maildir/new but... mail clients can't see it. what gives? what did i do wrong? what do i need to change to make this work? thanks in advance --Mac
Re: different transport_maps when submitting mail from amavis
Rolandas Juodzbalis a écrit : Hello list, I have postfix on one server and amavis on another. On postfix I'm using transport_maps to deliver depending on spam flag in database. If spam flag is on, then query returns following output: smtp:ip_of_amavis:10024. If spam flag is off, then it returns word virtual. Problem begins when amavis tries to submit mail back to postfix on port 10025 - transport_maps is used again and starts looping. Is there any way to avoid using transport_maps when feeding mail from amavis back to postfix via port 10025? Or maybe another alternative of communicating between amavis and postfix? as Magnus said, transport_maps is global. what real problem are you trying to solve? amavisd-new has policy banks and other features that may help you. check the docs or ask on amavsid-new list. otherwise, postfix has the FILTER statement (which can be returned in smtpd access checks). but keep in mind that if mail is sent to multiple recipients, only one filter is used (so the last FILTER statement will win). so use FILTER if it is per client, per helo or per sender, but not if it is per recipient.
Re: Disabling a domain
Hi, On Thu, May 28, 2009 at 11:15 PM, Sahil Tandon sa...@tandon.net wrote: On Thu, 28 May 2009, Eduardo Júnior wrote: I have a Postfix Server 2.4.0 with virtual domains and interface postfixadmin. I want disabling a domain through postfixadmin. There's the option ACTIVE. What is your definition of 'disable' in this context? In my context, disable a domain would be leave it suspended. Become it inatve. I didn't find out more information about this field in the table domain of the postfix to complete understanding, so i'm a little confused. But for me, become a domain inatice, means which it don't will receibe mails after I unset active active. Or i'm wrong? -- Sahil Tandon sa...@tandon.net []'s -- Eduardo Júnior GNU/Linux user #423272 :wq
RE: Maildir questions
## ## my problem is, when i log in, i can't see the mail. ## the new mail ## files are being created in /home/username/Maildir/new ## but... mail ## clients can't see it. ## ## This is a configuration issue with your pop3/imap ## service. You'll need to configure it to support maildir ## and probably tell it where to look for the mail directory. ## ## If you think you have an issue with the maildir ## themselves, you can try opening them with mutt (mutt -f ## /path/to/maildir/folder). My guess is it's a ## configuration issue as stated above though. Hope this helps. you have hit the nail on the head. i have switched from /home/username/Maildir to /home/username/Mail, and the messages are going where they are supposed to go. mutt -f /home/username/Mail (or Maildir from before) will show the new messages. however, running Pine, or logging into squirrelmail, no messages. where is the configuration to change for Maildir for pop3 to see the new directories? i'm not seeing it. the setup i'm running is using Courier. should i be doing something with that? i'm a little lost. i built this mail config a LONG time ago and now i can't remember what i did. --Mac
RE: Maildir questions
## ## my problem is, when i log in, i can't see the mail. ## the new mail ## files are being created in /home/username/Maildir/new ## but... mail ## clients can't see it. ## ## This is a configuration issue with your pop3/imap ## service. You'll need to configure it to support maildir ## and probably tell it where to look for the mail directory. ## ## If you think you have an issue with the maildir ## themselves, you can try opening them with mutt (mutt -f ## /path/to/maildir/folder). My guess is it's a ## configuration issue as stated above though. Hope this helps. you have hit the nail on the head. i have switched from /home/username/Maildir to /home/username/Mail, and the messages are going where they are supposed to go. mutt -f /home/username/Mail (or Maildir from before) will show the new messages. however, running Pine, or logging into squirrelmail, no messages. where is the configuration to change for Maildir for pop3 to see the new directories? i'm not seeing it. the setup i'm running is using Courier. should i be doing something with that? i'm a little lost. i built this mail config a LONG time ago and now i can't remember what i did. -- i think i've found the problem. this server is running UW-IMAP, which if i am not mistaken, does not support maildir? i thought this server was running Courier, but apparently it is not. the replacement servers being configured are using Courier. so. unless i change to Courier on this server, i'm pretty much out of luck. do i have this corredt? --Mac
Re: domain-in-a-box statistics (was myhostname etc.)
Darren Pilgrim: Wietse Venema wrote: The domain in a host approach appears to be more common with web services: 3346 of 3755 domains used the same IP addresses for the domain itself as for web services (http://www.domain). I had expected a larger number here. Number of domains = 3755 with A records = 3147 (following CNAME) with www.domain A records = 3346 (following CNAME) with A records == www.domain A records = 2589 Umm... those two sections don't seem to match. How do you conclude 3346 have domain A == www.domain A, then state there are only 3147 with domain A and 2589 with domain A == www.domain A? I counted them. If example.com has A records, and www.example.com has A records, they often, but not always, have the same A records. Wietse
Re: domain-in-a-box statistics (was myhostname etc.)
Wietse Venema: Darren Pilgrim: Wietse Venema wrote: The domain in a host approach appears to be more common with web services: 3346 of 3755 domains used the same IP addresses for the domain itself as for web services (http://www.domain). I had expected a larger number here. Number of domains = 3755 with A records = 3147 (following CNAME) with www.domain A records = 3346 (following CNAME) with A records == www.domain A records = 2589 Umm... those two sections don't seem to match. How do you conclude 3346 have domain A == www.domain A, then state there are only 3147 with domain A and 2589 with domain A == www.domain A? I think I have found where the confusion is. 3346 domains have www.domain A records. NOT: 3346 have domain A == www.domain A as you wrote above. 3147 domains have A records. 2589 domains have domain A == www.domain A. Wietse
Re: veritication of sender and auth
yes... i reading these documents, but.. i can see that sasl its not working :( so i cant test the new config :( thanks again!! 2009/5/29 Brian Evans - Postfix List grkni...@scent-team.com maximatt wrote: hi... where i can check in a momento of processing sender - that's is with a script or other method - the following: - for an authenticated user, he send a message, but i need to check that the mail of the sender is authenticated user mail address. in others words, who's the point that i can merge autentication with sender validation... (i understand that are diferent process) thanks! If submitted via sendmail(1) command, then it is up to you and your script/web interface. If submitted via SMTP read the following: http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps http://www.postfix.org/postconf.5.html#reject_sender_login_mismatch http://www.postfix.org/postconf.5.html#reject_unauthenticated_sender_login_mismatch Brian -- Salu2 ;)
Re: Relay mail server for a dial-up sat connection
Enrico g: 2b Here comes a big question. I want a MTA that can receive mail from clients using SMTP and send those big bag of mails using server smtp.domain.net instead of take care to distribute every single mail. Can postfix do this? and how? /etc/postfix/main.cf: # Don't deliver remote mail immediately. defer_transports = smtp, relay # Send remote mail via this host. relayhost = smtp.domain.net You'd flush the queue with sendmail -q or postqueue -f. Wietse
virtual file
Hi there, I have a question about changing the default behavior of postfix. As current configuration stands I need to add a mailman maillist hosted by virtual hosts/domains I need to add the to list entries to the /var/lib/ mailman/data/aliases file and also the /etc/postfix/virtual file Is there any way to get postfix to deliver mail to a virutal domain/hosted email, such as a mailman maillist, if it is found in the /var/lib/ mailman/data/aliases file but does not appear in the /etc/postfix/virtual file? What about allowing postfix to deliver Incoming mail if an user and/or maillist address is a local user but does not appear in the /etc/postfix/virtual file? Cheers, Noah
Re: Disabling a domain
On Fri, 29 May 2009, Eduardo Júnior wrote: On Thu, May 28, 2009 at 11:15 PM, Sahil Tandon sa...@tandon.net wrote: On Thu, 28 May 2009, Eduardo Júnior wrote: I have a Postfix Server 2.4.0 with virtual domains and interface postfixadmin. I want disabling a domain through postfixadmin. There's the option ACTIVE. What is your definition of 'disable' in this context? In my context, disable a domain would be leave it suspended. Become it inatve. I didn't find out more information about this field in the table domain of the postfix to complete understanding, so i'm a little confused. But for me, become a domain inatice, means which it don't will receibe mails after I unset active active. Or i'm wrong? I'm sorry it is difficult for me to understand your english, but if you do not wish to receive any more emails addressed to recipients in that domain, then use transport maps to direct all messages for that domain to the error: transport. -- Sahil Tandon sa...@tandon.net
Re: different transport_maps when submitting mail from amavis
On Fri, 29 May 2009, Rolandas Juodzbalis wrote: I have postfix on one server and amavis on another. On postfix I'm using transport_maps to deliver depending on spam flag in database. If spam flag is on, then query returns following output: smtp:ip_of_amavis:10024. If spam flag is off, then it returns word virtual. Problem begins when amavis tries to submit mail back to postfix on port 10025 - transport_maps is used again and starts looping. Is there any way to avoid using transport_maps when feeding mail from amavis back to postfix via port 10025? Or maybe another alternative of communicating between amavis and postfix? Use multiple instances as already suggested, or remove this elusive 'spam flag' before re-submitting mail to the current Postfix instance so it doesn't trigger the loop. -- Sahil Tandon sa...@tandon.net
Re: domain-in-a-box statistics (was myhostname etc.)
Wietse Venema wrote: Wietse Venema: Darren Pilgrim: Wietse Venema wrote: The domain in a host approach appears to be more common with web services: 3346 of 3755 domains used the same IP addresses for the domain itself as for web services (http://www.domain). I had expected a larger number here. Number of domains = 3755 with A records = 3147 (following CNAME) with www.domain A records = 3346 (following CNAME) with A records == www.domain A records = 2589 Umm... those two sections don't seem to match. How do you conclude 3346 have domain A == www.domain A, then state there are only 3147 with domain A and 2589 with domain A == www.domain A? I think I have found where the confusion is. 3346 domains have www.domain A records. NOT: 3346 have domain A == www.domain A as you wrote above. But that's what you said: The domain in a host approach appears to be more common with web services: 3346 of 3755 domains used the same IP addresses for the domain itself as for web services (http://www.domain).
Re: Disabling a domain
2009/5/30 Eduardo Júnior ihtrau...@gmail.com: On Thu, May 28, 2009 at 11:15 PM, Sahil Tandon sa...@tandon.net wrote: What is your definition of 'disable' in this context? In my context, disable a domain would be leave it suspended. Become it inatve. I didn't find out more information about this field in the table domain of the postfix to complete understanding, so i'm a little confused. But for me, become a domain inatice, means which it don't will receibe mails after I unset active active. Or i'm wrong? This is really a feature of postfixadmin. Postfix just does what it's told, it's up to the map files used by postfixadmin that determine how it works. You can figure out what you need to change by inspecting the map files (usually /etc/postfix/mysql_something.cf), but it will take some work. It's been a while since I've touched postfix admin, but the edit-domain.php script seems to make the change you're referring to. You probably want the `domain` table (the name may be different), you can set the `active` field to False.
Re: domain-in-a-box statistics (was myhostname etc.)
On Fri, 29 May 2009, Wietse Venema wrote: If example.com has A records, and www.example.com has A records, they often, but not always, have the same A records. In the hosting world this is very common, how many of those plesk boxes out there with A,www-A and mail-A/MX point to same IP, tens of thousands yielding hundreds upon hundreds of thousands of domains I'd say :) Of course ISP's and large ASP/OSP's using internal prorietory setups with separate servers for WWW/MX, and most businesses above SOHO, would of course use separate servers and IP's. Many of us techie types use SOHO/NAT etc (because we appreciate the pure waste of IPv4 space carried out by many others) and other private systems, just like hobbyists. -- Res -Beware of programmers who carry screwdrivers
Re: domain-in-a-box statistics (was myhostname etc.)
2009/5/30 Res r...@ausics.net: If example.com has A records, and www.example.com has A records, they often, but not always, have the same A records. In the hosting world this is very common, how many of those plesk boxes out there with A,www-A and mail-A/MX point to same IP, tens of thousands yielding hundreds upon hundreds of thousands of domains I'd say :) Of course ISP's and large ASP/OSP's using internal prorietory setups with separate servers for WWW/MX, and most businesses above SOHO, would of course use separate servers and IP's. I can only speak for my own employer (hosting provider in Australia), but my anecdotal findings have to agree with Wietse's (but the scope may not match that of the original assertions). The only cpanel/plesk/$controlpanel boxes in the shop are those owned by customers, which we don't support (we have no love whatsoever for these control panels). We have, at a guess, an order of magnitude more customers on shared hosting compared to dedicated servers. DNS, www and mail are separate servers, so if you assume roughly one domain for each customer, this skews things quite strongly towards domain-not-in-a-box. Of course as I mentioned, the original assertion may have been about people who manage their own services, which is very different to this.
Brasil is adopting submission protocol
Hi! I'm proud to inform you that Brasil is adopting the submission protocol !! Its very good to ereryone! The Bigs operators here are conivent, and they will do block on residencial (xdsl, 3g,dial-up, etc..) conecctions on port 25. I'm a litle provider here, and I configured my master.cf like this: submission inetn - n - - smtpd # -o smtpd_enforce_tls=yes -o smtpd_etrn_restrictions=reject -o smtpd_sasl_local_domain= -o smtpd_sasl_auth_enable=yes -o smtpd_sasl_security_options=noanonymous -o broken_sasl_auth_clients=yes -o header_checks= -o body_checks= -o smtpd_client_restrictions=permit_sasl_authenticated,reject_unauth_destination -o content_filter= Any sugestions, is that ok? []'s -- - _Julio Cesar Covolato 0v0 ju...@psi.com.br /(_)\ F: 55-11-3129-3366 ^ ^ PSI INTERNET -
Re: virtual file
On Fri, May 29, 2009 at 04:45:34PM -0700, admin2 wrote: I have a question about changing the default behavior of postfix. As current configuration stands I need to add a mailman maillist hosted by virtual hosts/domains I need to add the to list entries to the /var/lib/ mailman/data/aliases file and also the /etc/postfix/virtual file Is there any way to get postfix to deliver mail to a virutal domain/hosted email, such as a mailman maillist, if it is found in the /var/lib/ mailman/data/aliases file but does not appear in the /etc/postfix/virtual file? What about allowing postfix to deliver Incoming mail if an user and/or maillist address is a local user but does not appear in the /etc/postfix/virtual file? The make(1) program allows you coordinate the construction of multiple output files based on changes in one or more input files. To avoid having to change multiple output files by hand, use make(1) to build from one or more input files where each logical change requires you to edit just one input file. Postfix itself has orthogonal mechanisms that can be used in a wide variety of use-cases. It will not be coerced into a particular set of assumptions. -- Viktor. Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. To unsubscribe from the postfix-users list, visit http://www.postfix.org/lists.html or click the link below: mailto:majord...@postfix.org?body=unsubscribe%20postfix-users If my response solves your problem, the best way to thank me is to not send an it worked, thanks follow-up. If you must respond, please put It worked, thanks in the Subject so I can delete these quickly.