Re: Catch-all alias not working correctly
Da-Huntha: Oops, I forgot to mention the problem: All mail goes to the catch-all address, so even mail destined for m...@domain.com. As documented, virtual alias expansion is recursive. # /etc/postfix/virtual m...@domain.com me @domain.com spam @domain2.com spam To stop the recursion, use the same email address on the right-hand side as the left hand side: m...@domain.com m...@domain.com Wietse
Re: Can Receive jpeg but can`t send
Rafael Andrade: Hello Members, I would like to know if there is a method so I can have the following configuration on my MTA: The user foobar can receive attached jpeg files, but cannot send attached jpegs. I need this because some employees must receive some files in a specific extension, but cannot send files in that same extension. What is the error message? Wietse
AW: whitelist for smtp_recipient_restrictions
Hello Mr. Hildebrandt, thanks for the good advice. I try this. O. Schwalbe Von: owner-postfix-us...@postfix.org im Auftrag von Ralf Hildebrandt Gesendet: Sa 27.03.2010 00:12 An: postfix-users@postfix.org Betreff: Re: whitelist for smtp_recipient_restrictions * Schwalbe, Oliver oliver.schwa...@schnellecke.com: Hallo Herr Hildebrandt, Danke für die schnelle Rückantwort. uceprotect.net habe ich als erste Maßnahme schon deaktiviert, würde aber ganz gerne wieder darauf zurückkommen. Ich bräuchte aber noch genauere Informationen, wo ich IP ok hinterlegen muß. Muß ich dafür eine eigene Datei anlegen und darauf verweisen? Yes, like I wrote in my answer: ---check_client_access hash:/etc/postfix/whitelist echo IP OK /etc/postfix/whitelist postmap /etc/postfix/whitelist -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de http://www.charite.de/ winmail.dat
Re: Spam from the same domain
On Fri, 26 Mar 2010, Mark Goodge wrote: On 26/03/2010 20:54, listadecorreo wrote: in the last month I revived a lot of spam from user_non_ex...@mydomain to user_ex...@mydomain. can I block all received externals mails from my domain to my domain... It's very easy to block mails from fake_u...@domain to real_u...@domain. Just turn on sender address verification for your own domains. An easier way to block spam from f...@example.org is to use reject_unlisted_sender. See postconf(5). http://www.postfix.org/postconf.5.html#reject_unlisted_sender http://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_sender -- Sahil Tandon sa...@tandon.net
Re: Spam from the same domain
listadecorreo a écrit : Hello in the last month I revived a lot of spam from user_non_ex...@mydomain to user_ex...@mydomain. can I block all received externals mails from my domain to my domain... I use postfix with amavis (spamassassin/clamav) - to block mail from user_not_ex...@yourdomain, simply use reject_unlisted_sender in your smtpd restrictions, or even more simply, set smtpd_reject_unlisted_sender = yes The latter applies to all mail. - to block mail from user_ex...@yourdomain if it comes from external clients and is not authenticated, then simply use smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_sender_access hash:/etc/postfix/access_sender ... == access_sender example.com REJECT not allowed without authentication .example.comREJECT not allowed without authentication ... This will reject all mail from j...@example.com or j...@sub.example.com unless it comes from mynetworks or the user was authenticated. note this applies to envelope addresses (MAIL FROM), not to headers (From: or Reply-To:). If you are about headers, first try zen as suggested before. for the spam that slips, tune spamassassin.
Re: Postfix redirection after aliase resolution
Bob Sauvage a écrit : Hi people ! I have a postfix server and I want to redirect my mails to another server (Spam filter) after the aliase resolution. Because this spam filter can only filter 100 adresses. When the other server has completed its work, it sends this mail to my Postfix server (on another SMTP process and another port of course). And finally the mails will be delivered. Is this possible ? yes. configure filtering as usual, but put the -o receive_override_options=no_address_mappings in the after the filter smtpd listener, not in the before the filter as is usually done. More generally, this option should be set in all smtpd listeners in a chain, except in the one where you want address rewrite. (you don't want rewrite twice, because it may cause duplicate delivery).
Re: Difference between default_destination_recipient_limit and smtpd_recipient_limit
Marcos Lorenzo de Santiago a écrit : El vie, 26-03-2010 a las 12:06 +0100, Wietse Venema escribió: Marcos Lorenzo de Santiago: I had configured default_destination_recipient_limit to 1500 and I couldn't send an email destined to 1100 recipients. It was when I modified this two options when I got it working: smtpd_recipient_overshoot_limit smtpd_recipient_limit I rtfm but I just can't see why it wasn't working, because default_destination_recipient_limit seems to be the default value for every postfix service. ... or maybe I am just missing something. Indeed. You missed the instructions for reporting a problem on this mailing list. They were sent to you in the mailing list welcome message. externo2:~# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix default_destination_recipient_limit = 2 inet_interfaces = all mailbox_size_limit = 0 message_size_limit = 52428800 mydestination = externo2.ayto-getafe.org, localhost.ayto-getafe.org, localhost myhostname = externo2.ayto-getafe.org mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relay_domains = $mydestination, ayto-getafe.org relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_limit = 2 smtpd_recipient_overshoot_limit = 2 smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/sender_access smtpd_tls_cert_file = /etc/ssl/certs/mailer.ayto-getafe.org_cert.pem smtpd_tls_key_file = /etc/ssl/private/mailer.ayto-getafe.org_key.pem smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes transport_maps = hash:/etc/postfix/transport I have no logs to show, sorry. But my question remains as simple as before: Could anyone please point me to some document (RFC or so) where that options and its use are more thoroughly explained than in postfix's manual? Sorry for missing info and thank you very much for your time. without logs and/or transcripts, we have no idea what blocks your mail. It is possible that mail was blocked by some piece (anti-virus, firewall, router, mail relay, ...) other than postfix. As for the parameters, smtpd_* apply to the smtpd server, which _receives_ mail, while default_destination_recipient_limit applies to mail that postfix _delivers_ (via smtp, lmtp, virtual and pipe).
Re: Difference between default_destination_recipient_limit and smtpd_recipient_limit
Marcos Lorenzo de Santiago: El vie, 26-03-2010 a las 12:06 +0100, Wietse Venema escribi?: Marcos Lorenzo de Santiago: I had configured default_destination_recipient_limit to 1500 and I couldn't send an email destined to 1100 recipients. It was when I modified this two options when I got it working: smtpd_recipient_overshoot_limit smtpd_recipient_limit I rtfm but I just can't see why it wasn't working, because default_destination_recipient_limit seems to be the default value for every postfix service. ... or maybe I am just missing something. Indeed. You missed the instructions for reporting a problem on this mailing list. They were sent to you in the mailing list welcome message. externo2:~# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no ... I have no logs to show, sorry. Then could you at least tell us **what is the error message** Wietse
Re: Spam from the same domain
mouss wrote: listadecorreo a écrit : Hello in the last month I revived a lot of spam from user_non_ex...@mydomain to user_ex...@mydomain. can I block all received externals mails from my domain to my domain... I use postfix with amavis (spamassassin/clamav) - to block mail from user_not_ex...@yourdomain, simply use reject_unlisted_sender in your smtpd restrictions, or even more simply, set smtpd_reject_unlisted_sender = yes The latter applies to all mail. - to block mail from user_ex...@yourdomain if it comes from external clients and is not authenticated, then simply use smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_sender_access hash:/etc/postfix/access_sender ... == access_sender example.com REJECT not allowed without authentication .example.comREJECT not allowed without authentication ... This will reject all mail from j...@example.com or j...@sub.example.com unless it comes from mynetworks or the user was authenticated. note this applies to envelope addresses (MAIL FROM), not to headers (From: or Reply-To:). If you are about headers, first try zen as suggested before. for the spam that slips, tune spamassassin. thanks, is perfect Recuerdos Pep
Re: Postfix LDAP Temporary lookup failure
Victor Duchovni: On Fri, Mar 26, 2010 at 04:54:00PM -0400, Wietse Venema wrote: Don't pass non-ASCII user names to your LDAP table. Hmm. If the Postfix LDAP driver handles only non-ASCII query keys then we should have a smarter response from the mail system. Agreed. By the time I read your message, I had already implemented this idea. Arguably, something similar should be done for MySQL and PgSQL, since even with the databases willing to convert local encodings to UTF-8, the data Postfix sends into the query is not known to be in the local character-set, and so all such queries are dubious. Currently, sites that send valid UTF-8 in MAIL/RCPT commands can make meaningful LDAP queries in Postfix. Lots of MTAs are 8-bit clean internally, so this can actually work today. Do we want to remove this ability from Postfix, or should we add a valid_utf_8() routine in anticipation of a future standardization of UTF8SMTP? Wietse