Re: suppressing (No client certificate requested) from TLS header
On Mon, May 18, 2009 at 15:42, Noel Jones wrote:
> Easy way:
> smtpd_tls_received_header = no
> Postfix will still indicate TLS was used by presence of the ESMTPS (for TLS
> only) or ESMTPSA (for TLS+SASL) tag.
For the record;
This doesn't work. Adding this does not make the
(No client certificate requested)
disappear. I'm usng Postfix version 2.5.5 The other (header-checks reg-exp);
# If $mail_name is not "Postfix" adjust accordingly...
/^(Received: from \S+ \S+ \S+\n\t\([^\n]*\)\n)\t\(No client certificate
requested\)\n((?:\t\([^\n]*\)\n)*?\tby mail\.example\.com \(Postfix\).*)/
REPLACE ${1}${2}
doesn't work (anymore) either. Question re-opened;
How do I kill the entire line saying "(No client certificate
requested)" from the postfix generated headers? Current real example
(except for domain-name);
Received: from [192.168.1.2] (somePCname [78.115.147.143])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.huppelepup.org (Postfix) with ESMTPSA id 64C86CA0C0
for ; Fri, 9 Feb 2010 09:40:28 +0100 (CET)
Thanks in advance for any and all hints.
Julius
Re: I'm not able to smtp relay email to yahoo...
Hi, since I moved from port 465 to port 587, it's look like working fine... Thanks Michele
Re: How to setup postfix to put the queued emails in hold (and not in deferred)
Hi Noel, thanks for your reply. I know that unfortunately it's not a standard configuration of Postfix, but it's the only one that solve all my problem... Anyway I will not upgrade postfix for at least the next 2 years... I'll try again to find a way to put emails in HOLD automatically...otherwise I'll add a cronjob with the command: 'postsuper -h ALL' Cheers Michele
Re: suppressing (No client certificate requested) from TLS header
On Tue, Feb 9, 2010 at 10:27, Thijssen wrote: >> smtpd_tls_received_header = no > For the record; > This doesn't work. Adding this does not make the > > (No client certificate requested) > > disappear. Sorry, it *does* work. I had a secondary entry of the same line in main.cf which made the "no" turn to "yes" again. :-/ Like this; smtpd_tls_received_header = no smtpd_tls_received_header = yes Apologies for the confusion. Julius
Re: suitable webmail
On Mon, Feb 1, 2010 at 16:52, K bharathan wrote: > of course this is a non postfix topic; but i'd like to know from the > experienced which webmail is best for a postfix pop server It mostly depends on the type of users you have; - If they like flashy GUI bullshit like HTML-mail and WYSIWYG formatted emails and spam and commerce, then don't use Squirrelmail. - If they focuss on actual text content and plaintext emails (the way it should be), then squirrelmail is your Number One choice, far outweighing all others. It's rock stable and top-secure. I use it together with dovecot, postfix, clamav, clamsmtdp, php and apache on debian x64, and it's just splendid. Been using Squirrelmail ever since it appeared in 2000 and won't be going away anytime soon. When it appeared I was really glad it did. Was exactly what I was looking for. My users complained the hell out of me each time I let them test a different webmail engine, and they were right everytime. Squirrelmail is lightweight, loads faster, has no useless plugins nobody really needs and gets the job done. Plus the sqm userbase is huge, solutions to problems are always up for grabs in wikis and mailinglists. Developers are responsive and active too. I'd recommend Squirrelmail. http://squirrelmail.org/wiki/SquirrelMailFeatures Good luck! Julius
Re: suitable webmail
yes i've used and know it's too good; but all those for small number of users; i want to use it at an ISP level; at ISP level i require some addons like quota/autorespond etc..i'll give a try to squirrelmail thanks On Tue, Feb 9, 2010 at 12:19 PM, Thijssen wrote: > On Mon, Feb 1, 2010 at 16:52, K bharathan wrote: > > of course this is a non postfix topic; but i'd like to know from the > > experienced which webmail is best for a postfix pop server > > It mostly depends on the type of users you have; > > - If they like flashy GUI bullshit like HTML-mail and WYSIWYG > formatted emails and spam and commerce, then don't use Squirrelmail. > - If they focuss on actual text content and plaintext emails (the way > it should be), then squirrelmail is your Number One choice, far > outweighing all others. > > It's rock stable and top-secure. I use it together with dovecot, > postfix, clamav, clamsmtdp, php and apache on debian x64, and it's > just splendid. > Been using Squirrelmail ever since it appeared in 2000 and won't be > going away anytime soon. When it appeared I was really glad it did. > Was exactly what I was looking for. My users complained the hell out > of me each time I let them test a different webmail engine, and they > were right everytime. Squirrelmail is lightweight, loads faster, has > no useless plugins nobody really needs and gets the job done. Plus the > sqm userbase is huge, solutions to problems are always up for grabs in > wikis and mailinglists. Developers are responsive and active too. > > I'd recommend Squirrelmail. > http://squirrelmail.org/wiki/SquirrelMailFeatures > > Good luck! > > Julius >
Re: suppressing (No client certificate requested) from TLS header
Thijssen wrote: > Sorry, it *does* work. > I had a secondary entry of the same line in main.cf which made the > "no" turn to "yes" again. :-/ This is why postconf -n output is valuable... -- Best regards, Charles
Re: suitable webmail
On Tue, Feb 9, 2010 at 11:43, K bharathan wrote: > yes i've used and know it's too good; but all those for small number of > users; i want to use it at an ISP level; at ISP level i require some addons > like quota/autorespond etc..i'll give a try to squirrelmail XS4ALL, the largest Dutch ISP, uses Squirrelmail code for their webmail (https://webmail.xs4all.nl/). You can access and use the existing Quota and Autorespond systems that are out there using squirrelmail.
Re: suitable webmail
On 09/02/2010 10:19, Thijssen wrote: On Mon, Feb 1, 2010 at 16:52, K bharathan wrote: of course this is a non postfix topic; but i'd like to know from the experienced which webmail is best for a postfix pop server It mostly depends on the type of users you have; - If they like flashy GUI bullshit like HTML-mail and WYSIWYG formatted emails and spam and commerce, then don't use Squirrelmail. - If they focuss on actual text content and plaintext emails (the way it should be), then squirrelmail is your Number One choice, far outweighing all others. That's not really true. Or, at least, it is true if the only thing that matters about email is the content of each individual message, but it's a false dichotomy to call other functionality "flashy GUI bullshit". The biggest weakness of Squirrelmail is that it doesn't support common desktop mail client functions such as drag-and-drop, threading, column sorting, indexed search, spam filtering and preview panes. That makes it considerably less user-friendly than a decent desktop client such as Thunderbird, particularly for high-volume mail users. As a lightweight webmail client, to be used as an infrequent alternative to a desktop client (eg, for collecting your mail when out and about with only web access), Squirrelmail is perfectly adequate for most users. But for day-to-day use as a long-term replacement for a desktop client, or for any user who gets a much larger than normal volume of mail, it's too lacking in functionality. That's what more full-featured webmail clients, such as Horde and Roundcube, are trying to address, albeit at the cost of additional complexity from a sysadmin perspective. As an administrator, therefore, you need to find out what your users actually need before deciding on what webmail client to provide them. And it isn't just about "flashy GUI bullshit", it's about real features that make a practical difference for people with different requirements. Mark
RE: suitable webmail
On 2010-02-09, Thijssen wrote: > On Tue, Feb 9, 2010 at 11:43, K bharathan > wrote: >> yes i've used and know it's too good; but all those for small number of >> users; i want to use it at an ISP level; at ISP level i require some >> addons like quota/autorespond etc..i'll give a try to squirrelmail > > XS4ALL, the largest Dutch ISP, uses Squirrelmail code for their webmail > (https://webmail.xs4all.nl/). You can access and use the existing Quota > and Autorespond systems that are out there using squirrelmail. However, their new (but perhaps still experimental) webmail server uses roundcube: https://roundcube.xs4all.nl/
Re: suitable webmail
On Tue, Feb 9, 2010 at 12:28, Mark Goodge wrote: > As a lightweight webmail client, to be used as an infrequent alternative to > a desktop client (eg, for collecting your mail when out and about with only > web access), Squirrelmail is perfectly adequate for most users. I use it for huge amounts of mail, huge attachments, even for viewing flashy HTML bullshit mail and sorting mail by sender string etc. How it handles larger folders depends on the IMAP server you use. Try dovecot on servers with SSD, configure it wisely and you'll never need more than Squirrelmail. > But for day-to-day use as a long-term replacement for a desktop client, or > for any > user who gets a much larger than normal volume of mail, What do you mean by that? > it's too lacking in functionality. That's what more full-featured webmail > clients, such as Horde > and Roundcube, are trying to address, albeit at the cost of additional > complexity from a sysadmin perspective. Plus at the cost of speed and responsiveness for the majority of users who don't require fancy features. I suspect you're not aware of the Plugins that are available for squirrelmail; http://squirrelmail.org/plugins.php > webmail client to provide them. And it isn't just about "flashy GUI > bullshit", it's about real features that make a practical difference for > people with different requirements. What appears to be the most important complaint I get from users is summed up by this; "I don't care about nice looking buttons or 3D Windows and all that crap, I just want a working and reliable e-mail client. One that doesn't reformat messages. No HTML and no annoying popups." and they all detest Outlook and Outlook Express (and Exchange webmail) as well, so that might illustrate the types of users that prefer Squirrelmail. But saying they don't handle large volumes of mail is a weird assumption to say the least. I'd say the average user box I maintain squirrelmail-thunderbird for recieves about 80 emails daily, and their Mail folders are around 6 GB in size per user. Julius
Re: suitable webmail
On 09/02/2010 11:53, Thijssen wrote: On Tue, Feb 9, 2010 at 12:28, Mark Goodge wrote: But for day-to-day use as a long-term replacement for a desktop client, or for any user who gets a much larger than normal volume of mail, What do you mean by that? Hundreds, or even thousands, of messages a day. it's too lacking in functionality. That's what more full-featured webmail clients, such as Horde and Roundcube, are trying to address, albeit at the cost of additional complexity from a sysadmin perspective. Plus at the cost of speed and responsiveness for the majority of users who don't require fancy features. Indeed. That's why you have to provide what your users need. Squirrelmail suits some users. Roundcube or Horde suit others. There is no one size that fits all. What appears to be the most important complaint I get from users is summed up by this; "I don't care about nice looking buttons or 3D Windows and all that crap, I just want a working and reliable e-mail client. One that doesn't reformat messages. No HTML and no annoying popups." and they all detest Outlook and Outlook Express (and Exchange webmail) as well, so that might illustrate the types of users that prefer Squirrelmail. Possibly, although there are different reasons for detesting OE and Outlook. OE and Outlook are crap desktop clients; most experienced high-volume mail users prefer better clients such as Thunderbird. If your users also detest Thunderbird, then yes, Squirrelmail is probably right up their street. But if they like Thunderbird, then they'll probably find Squirrelmail rather limited by comparison. But saying they don't handle large volumes of mail is a weird assumption to say the least. I'd say the average user box I maintain squirrelmail-thunderbird for recieves about 80 emails daily, and their Mail folders are around 6 GB in size per user. 80 would be a very low figure for the type of use I'm thinking of. The people I know who complain about Squirrelmail's limitations generally get several hundred emails a day. Mark
Error with postmulti
Dear All, Need assistance.. getting an error with postmulti as follows.. is there a fix.? r...@smtp:/etc/postfix# postmulti -e init r...@smtp:/etc/postfix# postmulti -I postfix-1 -G mta -e create postfix: warning: dict_open_dlinfo: cannot open /etc/postfix-1/ dynamicmaps.cf. No dynamic maps will be allowed. Rgds Dhiraj
Error no. 2 postmulti
Dear All, Please note that i am getting another error on ubuntu 9.10 machine with postfix 2.6.5 as below r...@smtp:/etc/postfix# postmulti -i postfix-1 -e enable r...@smtp:/etc/postfix# postmulti -i postfix-1 -p start /usr/lib/postfix/postfix-script: 373: /etc/postfix-1/postfix-script: not found postfix-1/postfix-script: starting the Postfix mail system
Re: Error with postmulti
Dhiraj Chatpar: > Dear All, > > Need assistance.. getting an error with postmulti as follows.. is there a > fix.? > > r...@smtp:/etc/postfix# postmulti -e init > r...@smtp:/etc/postfix# postmulti -I postfix-1 -G mta -e create > postfix: warning: dict_open_dlinfo: cannot open /etc/postfix-1/ > dynamicmaps.cf. No dynamic maps will be allowed. Dynamic maps are a DEBIAN feature. Therefore, you need to report this to the DEBIAN maintainer. Wiete
Re: Error no. 2 postmulti
Dhiraj Chatpar: > Dear All, > > Please note that i am getting another error on ubuntu 9.10 machine with > postfix 2.6.5 as below > > r...@smtp:/etc/postfix# postmulti -i postfix-1 -e enable > r...@smtp:/etc/postfix# postmulti -i postfix-1 -p start > /usr/lib/postfix/postfix-script: 373: /etc/postfix-1/postfix-script: not > found > postfix-1/postfix-script: starting the Postfix mail system Postfix 2.6, as released by me, installs the postfix-script file in the /usr/libexec/postfix directory. You need to file a bug report with the DEBIAN maintainer. Wietse
Re: suitable webmail
Hi! On Tue, Feb 9, 2010 at 7:35 AM, Mark Goodge wrote: > On 09/02/2010 11:53, Thijssen wrote: >> >> On Tue, Feb 9, 2010 at 12:28, Mark Goodge >> wrote: >> >>> But for day-to-day use as a long-term replacement for a desktop >>> client, or for any user who gets a much larger than normal volume >>> of mail, >> >> What do you mean by that? > > Hundreds, or even thousands, of messages a day. So?? please read on. > >>> it's too lacking in functionality. That's what more full-featured >>> webmail clients, such as Horde and Roundcube, are trying to >>> address, albeit at the cost of additional complexity from a >>> sysadmin perspective. >> >> Plus at the cost of speed and responsiveness for the majority of >> users who don't require fancy features. > > Indeed. That's why you have to provide what your users need. > Squirrelmail suits some users. Roundcube or Horde suit others. There is > no one size that fits all. True. But, what about the users who love "simple things", for example, I use operamini a lot (on a really old w200 sony ericsson), and I hate when I can't use a site becuase it use flash, ajax, and those stuff that are just fancy. > >> What appears to be the most important complaint I get from users is >> summed up by this; >> >> "I don't care about nice looking buttons or 3D Windows and all that >> crap, I just want a working and reliable e-mail client. One that >> doesn't reformat messages. No HTML and no annoying popups." >> >> and they all detest Outlook and Outlook Express (and Exchange >> webmail) as well, so that might illustrate the types of users that >> prefer Squirrelmail. > > Possibly, although there are different reasons for detesting OE and Outlook. > OE and Outlook are crap desktop clients; most experienced high-volume mail > users prefer better clients such as Thunderbird. If your users also detest > Thunderbird, then yes, Squirrelmail is probably right up their street. But > if they like Thunderbird, then they'll probably find Squirrelmail rather > limited by comparison. ... it depends, if you use squirrelmail, you will be able to read your mail using any phone using operamini, that's a neat feature. > >> But saying they don't handle large volumes of >> mail is a weird assumption to say the least. I'd say the average user >> box I maintain squirrelmail-thunderbird for recieves about 80 emails >> daily, and their Mail folders are around 6 GB in size per user. > > 80 would be a very low figure for the type of use I'm thinking of. The > people I know who complain about Squirrelmail's limitations generally get > several hundred emails a day. Please, just tell me: what does the volume of mail has to do with the webmail client? I mean, I could get 1000 mails at once, and squirrel would just show me the "latest" when I refresh the page: no delays, no problems, also felamimail (egroupware), and IMP (horde) so, what do you want a mail client to do with your 1000's mails? read them for you and parse them, so that you get the "most important first" I mean, there is no web client that do that, and if you really need to do something like that, use dovecot and sieve!. Any "client-side" filtering for 1000's of mails a day, could be slow, unless it is a desktop client. Please, refine your point. > > Mark > Ildefonso
Re: suitable webmail
On 09/02/2010 16:00, Jose Ildefonso Camargo Tolosa wrote: Possibly, although there are different reasons for detesting OE and Outlook. OE and Outlook are crap desktop clients; most experienced high-volume mail users prefer better clients such as Thunderbird. If your users also detest Thunderbird, then yes, Squirrelmail is probably right up their street. But if they like Thunderbird, then they'll probably find Squirrelmail rather limited by comparison. ... it depends, if you use squirrelmail, you will be able to read your mail using any phone using operamini, that's a neat feature. Yes, and that's an important consideration when choosing a webmail client. It's very difficult to make a webmail cient work equally well as a mobile client and as a replacement for a desktop client. 80 would be a very low figure for the type of use I'm thinking of. The people I know who complain about Squirrelmail's limitations generally get several hundred emails a day. Please, just tell me: what does the volume of mail has to do with the webmail client? I mean, I could get 1000 mails at once, and squirrel would just show me the "latest" when I refresh the page: no delays, no problems, also felamimail (egroupware), and IMP (horde) so, what do you want a mail client to do with your 1000's mails? read them for you and parse them, so that you get the "most important first" I mean, there is no web client that do that, and if you really need to do something like that, use dovecot and sieve!. Any "client-side" filtering for 1000's of mails a day, could be slow, unless it is a desktop client. The main issues with large volumes of mail are being able to visually scan through it using a preview pane instead of having to step through each message in turn, and being able to mass-move multiple emails by click-select and drag-and-drop. These are things that are easy to implement on a desktop client, but hard to do on a webmail client. Also, for list mail, threading is an essential feature for many people (including myself), and a client (either desktop or web) that doesn't support it is simply too non-functional to be used except as a backup. Mark
Re: suitable webmail
Hi! On Tue, Feb 9, 2010 at 11:44 AM, Mark Goodge wrote: > On 09/02/2010 16:00, Jose Ildefonso Camargo Tolosa wrote: >>> >>> Possibly, although there are different reasons for detesting OE and >>> Outlook. >>> OE and Outlook are crap desktop clients; most experienced high-volume >>> mail >>> users prefer better clients such as Thunderbird. If your users also >>> detest >>> Thunderbird, then yes, Squirrelmail is probably right up their street. >>> But >>> if they like Thunderbird, then they'll probably find Squirrelmail rather >>> limited by comparison. >> >> ... it depends, if you use squirrelmail, you will be able to read >> your mail using any phone using operamini, that's a neat feature. > > Yes, and that's an important consideration when choosing a webmail client. > It's very difficult to make a webmail cient work equally well as a mobile > client and as a replacement for a desktop client. > >>> 80 would be a very low figure for the type of use I'm thinking of. The >>> people I know who complain about Squirrelmail's limitations generally get >>> several hundred emails a day. >> >> Please, just tell me: what does the volume of mail has to do with the >> webmail client? I mean, I could get 1000 mails at once, and squirrel >> would just show me the "latest" when I refresh the page: no delays, no >> problems, also felamimail (egroupware), and IMP (horde) so, what >> do you want a mail client to do with your 1000's mails? read them for >> you and parse them, so that you get the "most important first" I >> mean, there is no web client that do that, and if you really need to >> do something like that, use dovecot and sieve!. Any "client-side" >> filtering for 1000's of mails a day, could be slow, unless it is a >> desktop client. > > The main issues with large volumes of mail are being able to visually scan > through it using a preview pane instead of having to step through each > message in turn, and being able to mass-move multiple emails by click-select > and drag-and-drop. These are things that are easy to implement on a desktop > client, but hard to do on a webmail client. Also, for list mail, threading > is an essential feature for many people (including myself), and a client > (either desktop or web) that doesn't support it is simply too non-functional > to be used except as a backup. As for threading: it depends on the imap server: http://squirrelmail.org/wiki/SquirrelMailFeatures <--- the question: Can I view my mail list in threaded view? , look at it. Ildefonso
Postfix 2.7 release candidate 2
Postfix 2.7 is being readied for final release. You can find release candidate 2 on the download sites (release candidate 1 was released a week ago). Postfix 2.7 brings performance improvements for before-queue content filtering, automatic cache cleanup for the verify daemon, and support for reputation management based on the outgoing source IP address. The postscreen daemon is still to rough for a stable release and will be made "mature" in the Postfix 2.8 development cycle. Wietse
Mail routing based on my own policy
Hello, I need to route emails that flow through my postfix/spamassassin gateway to different hosts based on my own policy. I think I have to use the transport mechanism, but I can't find any lookup table that satisfy my needs. Is there a way to call a script at the transport level that can return a transport:destination value? Thanks, Andrea -- There can never be a computer language in which you cannot write a bad program. Ing. Andrea Gabellini Email: andrea.gabell...@telecomitalia.sm Skype: andreagabellini Tel: (+378) 0549 886111 Fax: (+378) 0549 886188 Telecom Italia San Marino S.p.A. Strada degli Angariari, 3 47891 Rovereta Republic of San Marino http://www.telecomitalia.sm
Re: Mail routing based on my own policy
* Andrea Gabellini : > Hello, > > I need to route emails that flow through my postfix/spamassassin gateway > to different hosts based on my own policy. > > I think I have to use the transport mechanism, but I can't find any > lookup table that satisfy my needs. > > Is there a way to call a script at the transport level that can return a > transport:destination value? You can do that using a tcp_map. Look for "grinch" (http://www.zonque.org/projects/grinch/), you can adjust that to your needs and use it in transport_maps -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
relayhost - what smtp server can I use?
I have a situation with hosting.com, trying to setup a friends postfix config. Since I knew nothing about them I asked him to find out what their smtp server was. They said that we cannot use it and gave us a link to setup postfix, however they show no relayhost (smtp) server in the config! My question is, who can I use as an smtp relayhost if the local host doesnt have one? Thanks, Jeff
Re: relayhost - what smtp server can I use?
Quoting Jeff Lacki : I have a situation with hosting.com, trying to setup a friends postfix config. Since I knew nothing about them I asked him to find out what their smtp server was. They said that we cannot use it and gave us a link to setup postfix, however they show no relayhost (smtp) server in the config! My question is, who can I use as an smtp relayhost if the local host doesnt have one? If your ISP won't let you use their SMTP server, you'll need to configure your own or find someone who will let you use theirs. At this point your best bet is to find someone who will relay mail for you (generally this costs money), or switch to a hosting provider that has an SMTP server they will let you use. It's not difficult to setup postfix, however getting large ISPs to accept your mail can be a full-time job. If you're going to be sending out individual emails to people you know, it probably won't be a problem. If you're going to setup a mailing list or want to send bulk email, it's an entirely different story. For example, you can send a few emails to AOL and they'll go through. However if you send a bunch of mail to AOL or a few users click the "SPAM" button, suddenly you won't be able to send any mail to AOL, and getting this fixed takes work, which you may or may not want to do. Terry
Re: suitable webmail
On 8-Feb-2010, at 17:34, Jose Ildefonso Camargo Tolosa wrote: > > 100% of the servers I have access to, have, > at least once in the last year, been scanned by a bot (or person, who > knows) for /roundcoube or similar And? I have thousands of servers trying to access my machines via sshd every single day. This does not mean sshd is insecure. How many servers have you had be compromised by roundcube installs? (I have had a server get compromised from Squirrelmail, awstats, and phpbb in the past, but none from Roundcube and all were exploited because I did not update software quickly enough.
Re: How to setup postfix to put the queued emails in hold (and not in deferred)
On Tue, Feb 09, 2010 at 09:44:16AM +, Michele Carandente wrote: > I'll try again to find a way to put emails in HOLD > automatically...otherwise I'll add a cronjob with the command: > 'postsuper -h ALL' The cron job will be completely ineffective. It will miss all mail that is delivered between command invocations. This would be a terrible design. Postfix can put email on HOLD via access(5) checks, header/body checks or milter "quarantine" actions. Plenty of rope. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
local del - virtual v. virtualmailbox
Greetings, Some confusion on my part, my objective: 1) Hosted domain 2) some email addrs to virtual mail boxes 3) some email addrs are aliased to to other email addrs 3) some email addrs to local unix accounts and all for same domain. Per pf-2.6.5-VIRTUAL_README Section "virtual MAILBOX example: sep domains, non-Unix accts" It shows for "virtual" postmas...@example.com postmaster and states, Lines 8, 17, 18... possible to mix virtual aliases with virtual mailboxes... redirecting mail for example.com's postmaster address to local postmaster. Also states: NEVER list a virtual MAILBOX domain as a mydestination domain NEVER list a virtual MAILBOX domain as a virtual alias domain But then it states: Line 18: This example assumes that in main.cf, $myorigin is listed under the mydestination parameter setting. So I'm confused, does not listing $myorigin in mydestination violate the 1st NEVER statement. It would be helpful if the example showed $mydomain, $myorigin values. Best regards, ..Otto
Re: suitable webmail
Hi! On Tue, Feb 9, 2010 at 1:47 PM, LuKreme wrote: > On 8-Feb-2010, at 17:34, Jose Ildefonso Camargo Tolosa wrote: >> >> 100% of the servers I have access to, have, >> at least once in the last year, been scanned by a bot (or person, who >> knows) for /roundcoube or similar > > And? I have thousands of servers trying to access my machines via sshd every > single day. This does not mean sshd is insecure. SSH bots are "brute force" attempts. It means nothing about the security of ssh itself. > > How many servers have you had be compromised by roundcube installs? I don't use roundcube. So: No. > > (I have had a server get compromised from Squirrelmail, awstats, and phpbb in > the past, but none from Roundcube and all were exploited because I did not > update software quickly enough. Usual cause: lack of updates, the question is, sometimes: the response time to get the issues solved. The thing is: I'm currently avoiding roundcube, for the same reason why I used to avoid bind: bad security history. It looks like a really promising project, and if they "keep up the good work", they will become a really, really good webmail system, and not just "nice", but also secure.
Re: local del - virtual v. virtualmailbox
On 2/9/2010 2:54 PM, Otto Hirr wrote:
Greetings,
Some confusion on my part, my objective:
1) Hosted domain
2) some email addrs to virtual mail boxes
3) some email addrs are aliased to to other email addrs
3) some email addrs to local unix accounts
and all for same domain.
Per pf-2.6.5-VIRTUAL_README Section
"virtual MAILBOX example: sep domains, non-Unix accts"
It shows for "virtual"
postmas...@example.com postmaster
and states, Lines 8, 17, 18... possible to mix virtual
aliases with virtual mailboxes... redirecting mail for
example.com's postmaster address to local postmaster.
Also states:
NEVER list a virtual MAILBOX domain as a mydestination domain
NEVER list a virtual MAILBOX domain as a virtual alias domain
But then it states:
Line 18: This example assumes that in main.cf, $myorigin is
listed under the mydestination parameter setting.
So I'm confused, does not listing $myorigin in mydestination
violate the 1st NEVER statement. It would be helpful if
the example showed $mydomain, $myorigin values.
For this example, the domain used for $myorigin should be
listed in $mydestination, but not in either of virtual_{alias,
mailbox}_domains. Typically one would use something like
"localhost" or "localhost.example.com" for this.
You decide where a domain should be listed based on the
domain's *primary* use, then use overrides, typically listed
in virtual_alias_maps, for addresses that are the exceptions.
Sounds as if you should list your domain in
virtual_mailbox_domains. Then $myorigin and $mydestination
would include localhost.example.com. Local users would be
listed in virtual_alias_maps like so:
localu...@virtual.examplelocalu...@localhost.example.com
-- Noel Jones
Re: local del - virtual v. virtualmailbox
On Tue, Feb 09, 2010 at 12:54:31PM -0800, Otto Hirr wrote: > It shows for "virtual" > postmas...@example.com postmaster > > But then it states: > Line 18: This example assumes that in main.cf, $myorigin is > listed under the mydestination parameter setting. This is just part of the story, you alias postmaster for the domain, to you main postmaster account (@$myorigin), and *then* alias that to a set of real users. postmas...@example.com postmaster postmaster us...@example.net, us...@example.edu, ... -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
Re: Mail routing based on my own policy
maybe you could use some kind of sql based transport lookup and transform your script to an stored procedure at the database server. like http://www.postfix.org/pgsql_table.5.html regards, evelio vila -Original Message- From: Ralf Hildebrandt To: postfix-users@postfix.org Date: Tue, 9 Feb 2010 17:48:49 +0100 Subject: Re: Mail routing based on my own policy * Andrea Gabellini : > Hello, > > I need to route emails that flow through my postfix/spamassassin gateway > to different hosts based on my own policy. > > I think I have to use the transport mechanism, but I can't find any > lookup table that satisfy my needs. > > Is there a way to call a script at the transport level that can return a > transport:destination value? You can do that using a tcp_map. Look for "grinch" (http://www.zonque.org/projects/grinch/), you can adjust that to your needs and use it in transport_maps -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de Participe en la 15 Convención Científica de Ingeniería y Arquitectura, del 29 de noviembre al 3 de diciembre de 2010 La Ingeniería y la Arquitectura por un Futuro Sustentable Palacio de Convenciones, La Habana, Cuba http://www.cujae.edu.cu/eventos/convencion -- Participe en Universidad 2010, del 8 al 12 de febrero de 2010 La Habana, Cuba http://www.universidad2010.cu
Re: Mail routing based on my own policy
Ralf Hildebrandt ha scritto: > * Andrea Gabellini : >> Hello, >> >> I need to route emails that flow through my postfix/spamassassin gateway >> to different hosts based on my own policy. >> >> I think I have to use the transport mechanism, but I can't find any >> lookup table that satisfy my needs. >> >> Is there a way to call a script at the transport level that can return a >> transport:destination value? > > You can do that using a tcp_map. Look for "grinch" > (http://www.zonque.org/projects/grinch/), you can adjust that to your > needs and use it in transport_maps I already looked at tcp_map, but I have some doubts. First of all tcp_map support is not compiled by default, and I don't know the flag to activate it. Do you know it? TCP_TABLE(5) says that the return code must be a numeric value. Is only an example or I can return any value like transport:destination value? Thanks, Andrea -- If you want to make an enemy, try changing someone. Ing. Andrea Gabellini Email: andrea.gabell...@telecomitalia.sm Skype: andreagabellini Tel: (+378) 0549 886111 Fax: (+378) 0549 886188 Telecom Italia San Marino S.p.A. Strada degli Angariari, 3 47891 Rovereta Republic of San Marino http://www.telecomitalia.sm
Re: Mail routing based on my own policy
Andrea Gabellini: > Ralf Hildebrandt ha scritto: > > * Andrea Gabellini : > >> Hello, > >> > >> I need to route emails that flow through my postfix/spamassassin gateway > >> to different hosts based on my own policy. > >> > >> I think I have to use the transport mechanism, but I can't find any > >> lookup table that satisfy my needs. > >> > >> Is there a way to call a script at the transport level that can return a > >> transport:destination value? > > > > You can do that using a tcp_map. Look for "grinch" > > (http://www.zonque.org/projects/grinch/), you can adjust that to your > > needs and use it in transport_maps > > I already looked at tcp_map, but I have some doubts. > > First of all tcp_map support is not compiled by default, and I don't > know the flag to activate it. Do you know it? > > TCP_TABLE(5) says that the return code must be a numeric value. Is only > an example or I can return any value like transport:destination value? Actually, this manpage says the result is: 200 SPACE text NEWLINE 400 SPACE text NEWLINE 500 SPACE text NEWLINE Where "text" is the result, or an error message in case of failure. Wietse
Re: Error no. 2 postmulti
Wietse Venema put forth on 2/9/2010 8:54 AM: > Dhiraj Chatpar: >> Dear All, >> >> Please note that i am getting another error on ubuntu 9.10 machine with >> postfix 2.6.5 as below >> >> r...@smtp:/etc/postfix# postmulti -i postfix-1 -e enable >> r...@smtp:/etc/postfix# postmulti -i postfix-1 -p start >> /usr/lib/postfix/postfix-script: 373: /etc/postfix-1/postfix-script: not >> found >> postfix-1/postfix-script: starting the Postfix mail system > > Postfix 2.6, as released by me, installs the postfix-script file > in the /usr/libexec/postfix directory. > > You need to file a bug report with the DEBIAN maintainer. Debian runs Postfix in a chroot jail by default. I've never run multiple postfix instances under Debian, but I'm guessing these postmulti errors have something (maybe everything) to do with the jail setup. -- Stan
Re: relayhost - what smtp server can I use?
Jeff Lacki put forth on 2/9/2010 10:53 AM: > I have a situation with hosting.com, trying to setup > a friends postfix config. Since I knew nothing about > them I asked him to find out what their smtp server > was. They said that we cannot use it and gave us a link > to setup postfix, however they show no relayhost (smtp) > server in the config! > > My question is, who can I use as an smtp relayhost > if the local host doesnt have one? Typically in a hosting or colocation situation you send smtp directly to the recipient domains' MX'en. You don't typically use an smtp relay in this scenario. Unfortunately snowshoe spammers abuse both colos and hosting outfits, so the IP(s) you've been assigned my have a less than stellar mail reputation. This is the same reasons hosting companies don't want customers using their relays. They don't won't their relays ending up dnsbls. You didn't provide your IPs so I can't check them out. Run your IPs through this and see how many hits you get: http://www.mxtoolbox.com/blacklists.aspx If you only have a handful of hits, at places like the five-ten dnsbls, you should be fine sending direct smtp mail. If you find your IPs are listed in spamhaus, sorbs, or barracuda , you'll have a serious uphill battle getting your mail through. This is why people buying hosting or colo with the intention of sending mail need to do more than topical research into potential providers before handing them the plastic. For example, $4.95/month VPS service is probably not a good candidate for hosting a legit mail sending host because at that price spammers have probably already run the IP reputation of the provider into scorched earth territory. VPS in general, from a spam fighter perspective, is not a good place to host outbound mail. VPS services are nearly block-on-sight for many spam fighters. -- Stan
Re: Error no. 2 postmulti
Stan Hoeppner: > Wietse Venema put forth on 2/9/2010 8:54 AM: > > Dhiraj Chatpar: > >> Dear All, > >> > >> Please note that i am getting another error on ubuntu 9.10 machine with > >> postfix 2.6.5 as below > >> > >> r...@smtp:/etc/postfix# postmulti -i postfix-1 -e enable > >> r...@smtp:/etc/postfix# postmulti -i postfix-1 -p start > >> /usr/lib/postfix/postfix-script: 373: /etc/postfix-1/postfix-script: not > >> found > >> postfix-1/postfix-script: starting the Postfix mail system > > > > Postfix 2.6, as released by me, installs the postfix-script file > > in the /usr/libexec/postfix directory. > > > > You need to file a bug report with the DEBIAN maintainer. > > Debian runs Postfix in a chroot jail by default. I've never run multiple > postfix instances under Debian, but I'm guessing these postmulti errors have > something (maybe everything) to do with the jail setup. Please don't speculate - there is enough bad information on the Internet. Postfix's built-in chroot feature is not applicable for commands that are run from the root shell prompt. The real problem is that DEBIAN has not caught up on changes in Postfix file locations. When multi-instance support was introduced, it was necessary to move files such as postfix-script and postfix-files from (non-shared) /etc/postfix to (shared) /usr/libexec/postfix. Wietse
Re: Error no. 2 postmulti
On Tue, Feb 09, 2010 at 08:57:12PM -0500, Wietse Venema wrote: > The real problem is that DEBIAN has not caught up on changes in > Postfix file locations. When multi-instance support was introduced, > it was necessary to move files such as postfix-script and postfix-files > from (non-shared) /etc/postfix to (shared) /usr/libexec/postfix. Also Debian expects some machine-wide Postfix configuration files to be in the Postfix configuration directory, but with multiple instances, there there is more than one such directory. The solution is that such files should be in just the default configuration directory, and Debian- specific Postfix features that rely on them should look for them there. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
address rewriting with regexp
hello, maybe someone here can help. I am trying to rewrite a certain set of To address with regex when they are sent outbound from my mail server. I am trying to do the following: Can you rewrite this to 123456789@ smscountry.net to 123456789.mydom...@smscountry.net <12145524065.prodea_u...@smscountry.net>. The number string is very dynamic and will be many different combinations. is there a way to do this with regex. I have tried /@smscountry\.net/ . mydom...@smscountry.net but this drops the number sequence. Any help would be appreciated. Andy
