What became of the append/truncate ideas for queuefiles?
During my internal performance tests I noticed the fsstone program and wondered what became of your ide to use append/truncate instead of generating new queuefiles. From http://archives.neohapsis.com/archives/postfix/2004-07/0991.html Early measurements have shown that disk overhead can be reduced dramatically by using append/truncate instead of create/rename/delete. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: Consolidating Virtual Domain Delivery
On 2010-03-28 8:15 PM, Daniel L'Hommedieu wrote: And, I didn't mean to hijack the thread earlier - I meant to change the subject line - oops... Changing the subject line of an existing thread to start a new thread is *the definition* of hijacking a thread. When you want to start a new thread, start a new message *from scratch*, *not* by replying to an existing thread and changing the subject. Threaded mail readers do *not* use the subject for displaying threads, they use the appropriate mail *headers*. -- Best regards, Charles
Re: What became of the append/truncate ideas for queuefiles?
Ralf Hildebrandt: During my internal performance tests I noticed the fsstone program and wondered what became of your ide to use append/truncate instead of generating new queuefiles. From http://archives.neohapsis.com/archives/postfix/2004-07/0991.html Early measurements have shown that disk overhead can be reduced dramatically by using append/truncate instead of create/rename/delete. Early stress tests also demonstrated that Postfix was up to 3 times faster than qmail when relaying small SMTP messages. I'll put the scarce time into finishing postscreen, and worry about queue performance later. Wietse
Re: All email forward a copy to testing server
Patric Falinder skrev 2010-03-24 12:00: Ansgar Wiechers skrev 2010-03-24 11:49: On 2010-03-24 Patric Falinder wrote: If I have a subdomain that I need to do this with, sub.domain.com, should it he like this then? /etc/postfix/recipient_bcc: if /@sub\.domain\.com/ /^...@sub\.domain\.com$/ $...@new.domain.com endif You can probably omit the if ... endif, the match alone should be sufficient. I get this error: warning: regexp map /etc/postfix/recipient_bcc, line 2: out of range replacement index 1: skipping this rule What did I do wrong? You didn't group what the $1 is supposed to refer to. /^(.*)@sub\.domain\.com$/ $...@new.domain.com Regards Ansgar Wiechers ah, I changed that but now I get this error message: warning: regexp map /etc/postfix/recipient_bcc, line 1: using empty replacement string warning: recipient_bcc_maps lookup of patric.falin...@sub.domain.com returns an empty string result warning: recipient_bcc_maps should return NO RESULT in case of NOT FOUND Should there be something more on the first line? I'm a total noob when it comes to scripting and such. I have all my users and stuff in a MySQL-databse if that would be some kind of problem here I don't know!? Thanks, Patric Is there no one that can help me with this? I really need this, or something similar, to work. Is it perhaps possible to do it with some other function? Thanks, Patric
Re: All email forward a copy to testing server
Patric Falinder: ah, I changed that but now I get this error message: warning: regexp map /etc/postfix/recipient_bcc, line 1: using empty replacement string warning: recipient_bcc_maps lookup of patric.falin...@sub.domain.com returns an empty string result warning: recipient_bcc_maps should return NO RESULT in case of NOT FOUND Should there be something more on the first line? I'm a total noob when it comes to scripting and such. I have all my users and stuff in a MySQL-databse if that would be some kind of problem here I don't know!? Thanks, Patric Is there no one that can help me with this? I really need this, or something similar, to work. Is it perhaps possible to do it with some other function? You show the error message BUT you did not show the configuration. Wietse
Re: Difference between default_destination_recipient_limit and smtpd_recipient_limit
El sáb, 27-03-2010 a las 17:11 +0100, mouss escribió: Marcos Lorenzo de Santiago a écrit : El vie, 26-03-2010 a las 12:06 +0100, Wietse Venema escribió: Marcos Lorenzo de Santiago: I had configured default_destination_recipient_limit to 1500 and I couldn't send an email destined to 1100 recipients. It was when I modified this two options when I got it working: smtpd_recipient_overshoot_limit smtpd_recipient_limit I rtfm but I just can't see why it wasn't working, because default_destination_recipient_limit seems to be the default value for every postfix service. ... or maybe I am just missing something. Indeed. You missed the instructions for reporting a problem on this mailing list. They were sent to you in the mailing list welcome message. externo2:~# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix default_destination_recipient_limit = 2 inet_interfaces = all mailbox_size_limit = 0 message_size_limit = 52428800 mydestination = externo2.ayto-getafe.org, localhost.ayto-getafe.org, localhost myhostname = externo2.ayto-getafe.org mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relay_domains = $mydestination, ayto-getafe.org relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_limit = 2 smtpd_recipient_overshoot_limit = 2 smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/sender_access smtpd_tls_cert_file = /etc/ssl/certs/mailer.ayto-getafe.org_cert.pem smtpd_tls_key_file = /etc/ssl/private/mailer.ayto-getafe.org_key.pem smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes transport_maps = hash:/etc/postfix/transport I have no logs to show, sorry. But my question remains as simple as before: Could anyone please point me to some document (RFC or so) where that options and its use are more thoroughly explained than in postfix's manual? Sorry for missing info and thank you very much for your time. without logs and/or transcripts, we have no idea what blocks your mail. It is possible that mail was blocked by some piece (anti-virus, firewall, router, mail relay, ...) other than postfix. As for the parameters, smtpd_* apply to the smtpd server, which _receives_ mail, while default_destination_recipient_limit applies to mail that postfix _delivers_ (via smtp, lmtp, virtual and pipe). Ok, that explains it!, even though I had set default_destination_recipient_limit to 1500, and therefore I could'nt use that SMTP server to connect to it and send a mail to 1500 recipients because default_destination_recipient_limit only applies to mail delivered by postfix process, not received by its smtp server. Thank you very much and sorry for the little info I gave. I was trying to remember the error code that SMTP came up with. It said Too many errors but I cannot assure that 470 or 407 was the error code although it's the only number I can recall. Regards, Marcos Lorenzo de Santiago. PS: Tahnks for your time. Next issue will be perfectly detailed, sorry for that. -- --- Who wants to remember that escape-x-alt-control-left shift-b puts you into super-edit-debug-compile mode? (Discussion in comp.os.linux.misc on the intuitiveness of commands, especially Emacs.) --- Marcos Lorenzo de Santiago Técnico de Sistemas Departamento de Nuevas Tecnologías Ayuntamiento de Getafe Plaza de la Constitución 1 (28901) Correo: marcos.lore...@ayto-getafe.org Teléfono:912 027 948 Móvil: 608 300 935 signature.asc Description: Esta parte del mensaje está firmada digitalmente
Special rules for delivery to one address needed
Hi Postfix users, there is an internally used development server with a fairly default postfix installation. For testing software I want to have postfix listen on an additional port and every mail incoming on this port should not be delivered as usual but instead being forwarded to a single address on the internal mail server (different server). Mails incoming on port 25 instead should be delivered normally. So I set up another rule in master.cf: localhost:485 inet n - - - - smtpd and postfix is now listen to port 485 as well. But now I'm stuck. Where do I want to go from here? A transport rule? Virtual? Always_bcc? What would be the best/canonical way to achieve this? -- Dirk Taggesell Systemadministrator Experteer.de
Re: All email forward a copy to testing server
Patric Falinder: /etc/postfix/recipient_bcc: /@sub\.domain\.com/ /^(.*)@sub\.domain\.com$/ $...@new.sub.domain.com That first line has no result value. Wietse
Re: All email forward a copy to testing server
Wietse Venema skrev 2010-03-29 14:47: Patric Falinder: /etc/postfix/recipient_bcc: /@sub\.domain\.com/ /^(.*)@sub\.domain\.com$/ $...@new.sub.domain.com That first line has no result value. Wietse What should I set the result value to? I got this example from the mailinglist so I didn't make it up my self. Thanks, Patric
Re: All email forward a copy to testing server
* Patric Falinder patric.falin...@omg.nu: Wietse Venema skrev 2010-03-29 14:47: Patric Falinder: /etc/postfix/recipient_bcc: /@sub\.domain\.com/ /^(.*)@sub\.domain\.com$/ $...@new.sub.domain.com That first line has no result value. Wietse What should I set the result value to? I got this example from the mailinglist so I didn't make it up my self. Leave it out then :) -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: All email forward a copy to testing server
Wietse Venema skrev 2010-03-29 14:15: Patric Falinder: ah, I changed that but now I get this error message: warning: regexp map /etc/postfix/recipient_bcc, line 1: using empty replacement string warning: recipient_bcc_maps lookup of patric.falin...@sub.domain.com returns an empty string result warning: recipient_bcc_maps should return NO RESULT in case of NOT FOUND Should there be something more on the first line? I'm a total noob when it comes to scripting and such. I have all my users and stuff in a MySQL-databse if that would be some kind of problem here I don't know!? Thanks, Patric Is there no one that can help me with this? I really need this, or something similar, to work. Is it perhaps possible to do it with some other function? You show the error message BUT you did not show the configuration. Wietse I added these in main.cf: recipient_bcc_maps = regexp:/etc/postfix/recipient_bcc smtp_generic_maps = hash:/etc/postfix/smtp_generic and created these files: /etc/postfix/smtp_generic: @new.sub.domain.com @sub.domain.com /etc/postfix/recipient_bcc: /@sub\.domain\.com/ /^(.*)@sub\.domain\.com$/ $...@new.sub.domain.com When I send a message to that domain I get: postfix/cleanup[25095]: warning: recipient_bcc_maps lookup of patric.falin...@sub.domain.com returns an empty string result postfix/cleanup[25095]: warning: recipient_bcc_maps should return NO RESULT in case of NOT FOUND Is there a typo or did I miss something in my main.cf? Thanks, Patric
max length of pcre rule?
Hi, I am using an (insanely) long pcre (see below) to reject african/chinese/etc. spam that relays through large ISP's. An now it seems I have reached a limit. When trying to add a single more expression with a set of () parens I get this error: postmap: warning: pcre map /etc/postfix/header_access_local, line 2: too many (...) Is this a limitation (or sanity check) of the pcre engine? My rule is long because I need to share the prefix: Received|X-((Origin(ating)?|Client|MDRemote|Sender)-?IP|(Client|Remote_)Addr|PHP-Script) and would rather not edit it more than once each time a new variation of 'X-Originating-IP' appears. Any suggestion on improving the following rule is welcome. Thanks, /^((Received|X-((Origin(ating)?|Client|MDRemote|Sender)-?IP|(Client|Remote_)Addr|PHP-Script)):.+\b((41\.245.\d+|60\.1(6[6-9]|7[0-5])\.\d+|41\.184\.(3[2-9]|4[0-7])|112\.110\.(46|61|9[6-9]|1([01]\d|2[0-7]))|41\.214\.(3[2-9]|4[0-7]|9[6-9])|211\.144\.(6[4-9]|[78]\d|9[0-5])|192\.83\.191|41\.2[78]\.\d+|121\.148\.199|112\.20[0-7]\.\d+|119\.(9[6-9]|10[0-3])\.\d+|117\.(2[4-9]|3[01])\.\d+|123\.16[0-3]\.\d+|222\.8[89]\.\d+|41\.138\.1([678]\d|9[01])|195\.78\.11[23]|61\.54\.\d+|80\.255\.61|213\.255\.1(2[89]|[3-5]\d)|86\.62\.([0-5]?\d|6[0-3])|41.221.194|41\.29\.\d+|218\.1[3-8].\d+|213\.136\.(9[6-9]|1([01]\d|2[0-7]))|202\.112\.([0-2]?\d|3[01])|116\.206\.\d+|120\.14[01]\.\d+|41\.215\.1(6\d|7[0-5])|41\.232\.\d+|88\.208\.206|120\.(9[6-9]|1([01]\d|2[0-7]))\.\d+|165\.146\.([1-5]?\d|6[0-3])|212\.52\.1(2[89]|[34][0-9]|5[0-9])|202\.96\.1(2[89]|[3-8]\d|9[01])|114\.12[0-7]\.\d+|189\.127\.143|86\.96\.2(2[6-9]|3\d)|41\.222\.19[2-5]|41\.203\.(6[4-9]|[78]\d|9[0-5]|2(2[4-9]|3[0-9]))|174\.143\.\d+|62\.56\.(1(2[8-9]|[3-9]\d)|2([0-4]\d|5[0-5]))|115\.13[2-5]\.\d+|196\.46\.24[0-7]|196\.220\.1[0-4]|41\.31\.\d+|61\.134\.0|80\.89\.1(7[6-9]|8\d|9[01])|213\.209\.162|217\.20\.8[0-6]|74\.220\.(19[2-9]|2([01]\d|2[0-3]))|41\.19\.\d+|81\.199\.\d+|217\.21\.(6[4-9]|[78]\d|9[0-5])|89\.248\.194|58\.(4[89]|5[0-5])\.\d+|77\.211\.(6[4-9]|[7-9]\d|[12]\d\d)|196\.3\.1(6[4-9]|7\d|8[13])|41.191.1(0[89]|1[01])|220\.22[4-7]\.\d+|41\.218\.(19[2-9]|2([0-4]\d|5[0-5]))|41\.219\.(1(2[89]|[3-8]\d|9[016])|24[24])|41\.26\.\d+|121\.([89]|1[0-5])\.\d+|61\.18[34]\.\d+|41.184.(1[6-9]|2\d|3[01])|83\.234\.72|203\.79\.224|41\.205\.1(6[57]|72)|81\.202\.\d+|41\.223\.2(48|51)|41\.191\.(6[89]|7[01]|8[4-7])|212\.116\.2(1[5-9]|2[0-3])|196\.28\.2(4\d|5[0-2])|213\.152\.(6[4-9]|[78]\d|9[0-5])|124\.23[6-9]\.\d+|41\.25[2-5]\.\d+|61\.135\.\d+|41\.1(6\d|7[0-5])\.\d+|196\.207\.254|193\.227\.(3[2-9]|[45]\d|6[0-3])|41\.30\.\d+|41\.217\.([1-9]?\d|1([01]\d|2[0-7]))|212.100.(6[4-9]|[78]\d|9[0-5])|222\.16[0-3]\.\d+|212\.92\.(19[2-9]|2([01]\d|2[0-3]))|87\.126\.(19[2-9]|2([0-4]\d|5[0-5]))|95\.1[67]\.\d+|77\.70\.12[89]|41\.220\.(75|1(7[6-9]|8\d|9[01]))|78\.138\.3|218\.2[89]\.\d+|219\.23[67]\.\d+|41\.204\.2(2[4-7]|[34]\d|5[0-5])|121\.121\.\d+|123\.(6[4-9]|[78]\d|9[0-5])\.\d+|58\.2(0[89]|1\d|2[0-3])\.\d+|219\.15[23]\.\d+|219\.151\.(1(2[89]|[3-9]\d)|2([0-4]\d|5[0-5]))|72\.9\.(9[6-9]|1(0[0-9]|1[01]))|220\.249\.1([6-8]\d|9[01])|60\.2(0[89]1[0-7]|).\d+|41.218.(19[2-9]|2([01]\d|2[0-3]))|124\.122\.(1(2[89]|[3-9]\d)|2([0-4]\d|5[0-4]))|196\.1\.17[6-9]|41\.208\.(1(2[89]|[3-9]\d)|2(0[0-7]))|82\.151\.131|196\.207\.218|207\.235\.61|123.5[2-5].\d+|124\.120\.1(2[89]|[3-8]\d|9[01])|41\.213\.(\d?\d|1([01]\d|2[0-7]))|82\.128\.(\d?\d|1([01]\d|2[0-7]))|121\.245\.116|41\.211\.([0-3]|19[2-9]|2([0-4]\d|5[0-5]))|81\.91\.2(2[4-9]|3[0-9])|41\.189\.([1-3]?\d|4[0237]|5[0-6]|9[6-9]|1([01]\d|2[0-7]))|41\.202\.\d+|41\.207\.([0-9]|1[5-9]|2[0-9]|3[01]|1([6-9]\d)|2([01]\d|2[0-3]))|196\.201\.(64|72|8[34])|41\.216\.(3[2-9]|[45]\d|6[0-3]))\.\d+|83\.229\.87\.24[0-7]|83\.229\.48\.1(4[4-9]|5[01]))\b)/ REJECT aviso.ci junk 2
Re: All email forward a copy to testing server
On 2010-03-29 Patric Falinder wrote: Wietse Venema skrev 2010-03-29 14:47: Patric Falinder: /etc/postfix/recipient_bcc: /@sub\.domain\.com/ /^(.*)@sub\.domain\.com$/ $...@new.sub.domain.com That first line has no result value. What should I set the result value to? I got this example from the mailinglist so I didn't make it up my self. No, you didn't get this example from the mailing list. You just misunderstood me when I told you to omit the if ... endif. I wanted you to change this: if /@sub\.domain\.com/ /^...@sub\.domain\.com$/ $...@new.domain.com endif into this: /^(.*)@sub\.domain\.com$/ $...@new.domain.com I had considered it quite clear that an if-condition without the if-keyword wouldn't make any sense. Regards Ansgar Wiechers -- Abstractions save us time working, but they don't save us time learning. --Joel Spolsky
Re: All email forward a copy to testing server
Patric Falinder: /etc/postfix/recipient_bcc: /@sub\.domain\.com/ /^(.*)@sub\.domain\.com$/ $...@new.sub.domain.com Wietse Venema skrev 2010-03-29 14:47: That first line has no result value. Patric Falinder: What should I set the result value to? I got this example from the mailinglist so I didn't make it up my self. I suppose that someone told you to do this: if /@sub\.domain\.com/ ...stuff... endif and then you mis-understood the first line. If the ...stuff... is only one line, then the if/endif are not needed. I think I'm going to change the regexp and pcre table implementations and disallow rules without result. No other Postfix table allows that. Wietse
Re: max length of pcre rule?
Louis-David Mitterrand: Hi, I am using an (insanely) long pcre (see below) to reject african/chinese/etc. spam that relays through large ISP's. An now it seems I have reached a limit. When trying to add a single more expression with a set of () parens I get this error: postmap: warning: pcre map /etc/postfix/header_access_local, line 2: too many (...) Postfix logs this when pcre_exec() returns a match count of zero. According to documentation: If the vector is too small to hold all the captured substring offsets, it is used as far as possible (up to two-thirds of its length), and the function returns a value of zero. About 10 years ago, someone decided that Postfix needs no more than 99 () in a PCRE regular expression. I suppose this is one of many things in Postfix that should eventually be made configurable. For now, you would have to edit dict_pcre.c, and update the PCRE_MAX_CAPTURE constant. Wietse
Re: max length of pcre rule?
Original-Nachricht Datum: Mon, 29 Mar 2010 14:54:47 +0200 Von: Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org An: postfix-users@postfix.org Betreff: max length of pcre rule? Hi, Hello, I am using an (insanely) long pcre (see below) to reject african/chinese/etc. spam that relays through large ISP's. An now it seems I have reached a limit. When trying to add a single more expression with a set of () parens I get this error: postmap: warning: pcre map /etc/postfix/header_access_local, line 2: too many (...) Is this a limitation (or sanity check) of the pcre engine? I think it is a hardcoded limit in Postfix. My rule is long because I need to share the prefix: Received|X-((Origin(ating)?|Client|MDRemote|Sender)-?IP|(Client|Remote_)Addr|PHP-Script) and would rather not edit it more than once each time a new variation of 'X-Originating-IP' appears. Any suggestion on improving the following rule is welcome. You can wrap the regexp into an if statement: -- if /^Received|X-((Origin(ating)?|Client|MDRemote|Sender)-?IP|(Client|Remote_)Addr|PHP-Script):/ /[^:]*.+\b(41\.245.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(60\.1(6[6-9]|7[0-5])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.184\.(3[2-9]|4[0-7])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(112\.110\.(46|61|9[6-9]|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.214\.(3[2-9]|4[0-7]|9[6-9])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(211\.144\.(6[4-9]|[78]\d|9[0-5])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(192\.83\.191\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.2[78]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(121\.148\.199\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(112\.20[0-7]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(119\.(9[6-9]|10[0-3])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(117\.(2[4-9]|3[01])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(123\.16[0-3]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(222\.8[89]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.138\.1([678]\d|9[01])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(195\.78\.11[23]\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(61\.54\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(80\.255\.61\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(213\.255\.1(2[89]|[3-5]\d)\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(86\.62\.([0-5]?\d|6[0-3])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41.221.194\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.29\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(218\.1[3-8].\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(213\.136\.(9[6-9]|1([01]\d|2[0-7]))\.\d+)\b/ REJECT
Re: max length of pcre rule?
Original-Nachricht Datum: Mon, 29 Mar 2010 16:35:49 +0200 Von: Steve stev...@gmx.net An: postfix-users@postfix.org Betreff: Re: max length of pcre rule? Original-Nachricht Datum: Mon, 29 Mar 2010 14:54:47 +0200 Von: Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org An: postfix-users@postfix.org Betreff: max length of pcre rule? Hi, Hello, I am using an (insanely) long pcre (see below) to reject african/chinese/etc. spam that relays through large ISP's. An now it seems I have reached a limit. When trying to add a single more expression with a set of () parens I get this error: postmap: warning: pcre map /etc/postfix/header_access_local, line 2: too many (...) Is this a limitation (or sanity check) of the pcre engine? I think it is a hardcoded limit in Postfix. My rule is long because I need to share the prefix: Received|X-((Origin(ating)?|Client|MDRemote|Sender)-?IP|(Client|Remote_)Addr|PHP-Script) and would rather not edit it more than once each time a new variation of 'X-Originating-IP' appears. Any suggestion on improving the following rule is welcome. You can wrap the regexp into an if statement: -- if /^Received|X-((Origin(ating)?|Client|MDRemote|Sender)-?IP|(Client|Remote_)Addr|PHP-Script):/ /[^:]*.+\b(41\.245.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(60\.1(6[6-9]|7[0-5])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.184\.(3[2-9]|4[0-7])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(112\.110\.(46|61|9[6-9]|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.214\.(3[2-9]|4[0-7]|9[6-9])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(211\.144\.(6[4-9]|[78]\d|9[0-5])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(192\.83\.191\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.2[78]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(121\.148\.199\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(112\.20[0-7]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(119\.(9[6-9]|10[0-3])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(117\.(2[4-9]|3[01])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(123\.16[0-3]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(222\.8[89]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.138\.1([678]\d|9[01])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(195\.78\.11[23]\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(61\.54\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(80\.255\.61\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(213\.255\.1(2[89]|[3-5]\d)\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(86\.62\.([0-5]?\d|6[0-3])\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41.221.194\.\d+)\b/ REJECT aviso.ci junk 2 /[^:]*.+\b(41\.29\.\d+\.\d+)\b/ REJECT aviso.ci junk 2
Re: max length of pcre rule?
On Mon, Mar 29, 2010 at 04:38:17PM +0200, Steve wrote: Ohhh boy. Now looking at the regexp I see an error. Every line starting with /[^:]*.+ should be replaced by /[^:]*:.+. Sorry for that. Hi Steve, You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ Thanks,
Re: max length of pcre rule?
Original-Nachricht Datum: Mon, 29 Mar 2010 16:44:58 +0200 Von: Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org An: postfix-users@postfix.org Betreff: Re: max length of pcre rule? On Mon, Mar 29, 2010 at 04:38:17PM +0200, Steve wrote: Ohhh boy. Now looking at the regexp I see an error. Every line starting with /[^:]*.+ should be replaced by /[^:]*:.+. Sorry for that. Hi Steve, Hallo Louis-David, You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ Yes. You are right. But to be honest this should be enough (just an example): 001) if /^Received|X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ 002) /\b(127\.0.\d+\.\d+)\b/ REJECT aviso.ci junk 2 003) endif * Rule 001 will match a specific header. * Rule 002 will match 127.0.xxx.xxx * 127.0.xxx.xxx could be anchored with ^ but the rule/if-condition in 001 is already taking care of that 127.0.xxx.xxx is not part of the header name. So you can shorten the regexp to just /\b(ip you check/rule)/b REJECT blah-blah-blah Thanks, No problem. // Steve -- Sicherer, schneller und einfacher. Die aktuellen Internet-Browser - jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/atbrowser
Re: max length of pcre rule?
On Mon, Mar 29, 2010 at 09:13:31AM -0400, Wietse Venema wrote: Louis-David Mitterrand: Hi, I am using an (insanely) long pcre (see below) to reject african/chinese/etc. spam that relays through large ISP's. An now it seems I have reached a limit. When trying to add a single more expression with a set of () parens I get this error: postmap: warning: pcre map /etc/postfix/header_access_local, line 2: too many (...) Postfix logs this when pcre_exec() returns a match count of zero. According to documentation: If the vector is too small to hold all the captured substring offsets, it is used as far as possible (up to two-thirds of its length), and the function returns a value of zero. About 10 years ago, someone decided that Postfix needs no more than 99 () in a PCRE regular expression. I suppose this is one of many things in Postfix that should eventually be made configurable. For now, you would have to edit dict_pcre.c, and update the PCRE_MAX_CAPTURE constant. I guess this means the rule can simply by fixed by not capturing anything, always using: (?:foobar)
notification message size to receiver
Hi ! Is there a possibility to configure postfix to send an email notification to the sender and receiver of an email, which is not accepted because of exceeding the message size limit ? We have a client, who wants to get notified if someone send him an email, which was rejected because of the message size limit. Greetings Robert
Re: Special rules for delivery to one address needed
On Mon, Mar 29, 2010 at 02:32:23PM +0200, Dirk Taggesell wrote: there is an internally used development server with a fairly default postfix installation. For testing software I want to have postfix listen on an additional port and every mail incoming on this port should not be delivered as usual but instead being forwarded to a single address on the internal mail server (different server). Mails incoming on port 25 instead should be delivered normally. So I set up another rule in master.cf: localhost:485 inet n - - - - smtpd and postfix is now listen to port 485 as well. But now I'm stuck. Where do I want to go from here? A transport rule? Virtual? Always_bcc? What would be the best/canonical way to achieve this? I would suggest a static: map for virtual_alias_maps, in a separate instance of Postfix. You might want a transport(5) for the single target address to the internal server in this instance. Note: when using static: for virtual_alias_maps, it is necessary to unset virtual_alias_domains. Google should be able to find one or more examples of this on this list. Multiple instance management is greatly improved in 2.6 et seq., so this might be a time to consider upgrading if you are not already using 2.7. http://www.postfix.org/MULTI_INSTANCE_README.html -- Offlist mail to this address is discarded unless /dev/rob0 or not-spam is in Subject: header
Re: max length of pcre rule?
Original-Nachricht Datum: Mon, 29 Mar 2010 16:44:58 +0200 Von: Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org An: postfix-users@postfix.org Betreff: Re: max length of pcre rule? On Mon, Mar 29, 2010 at 04:38:17PM +0200, Steve wrote: Ohhh boy. Now looking at the regexp I see an error. Every line starting with /[^:]*.+ should be replaced by /[^:]*:.+. Sorry for that. Hi Steve, Hello Louis-David, You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ I have fixed some issues in your regexp and sorted the rules: if /^Received|^X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ /\b(41\.1(6\d|7[0-5])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.138\.1([678]\d|9[01])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.184\.(1[6-9]|2\d|3[01])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.184\.(3[2-9]|4[0-7])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.189\.([1-3]?\d|4[0237]|5[0-6]|9[6-9]|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.191\.(6[89]|7[01]|8[4-7])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.191\.1(0[89]|1[01])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.19\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.202\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.203\.(6[4-9]|[78]\d|9[0-5]|2(2[4-9]|3[0-9]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.204\.2(2[4-7]|[34]\d|5[0-5])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.205\.1(6[57]|72)\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.207\.([0-9]|1[5-9]|2[0-9]|3[01]|1([6-9]\d)|2([01]\d|2[0-3]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.208\.(1(2[89]|[3-9]\d)|2(0[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.211\.([0-3]|19[2-9]|2([0-4]\d|5[0-5]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.213\.(\d?\d|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.214\.(3[2-9]|4[0-7]|9[6-9])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.215\.1(6\d|7[0-5])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.216\.(3[2-9]|[45]\d|6[0-3])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.217\.([1-9]?\d|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.218\.(19[2-9]|2([0-4]\d|5[0-5]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.218\.(19[2-9]|2([01]\d|2[0-3]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.219\.(1(2[89]|[3-8]\d|9[016])|24[24])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.220\.(75|1(7[6-9]|8\d|9[01]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.221\.194\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.222\.19[2-5]\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.223\.2(48|51)\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.232\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.245\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.25[2-5]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.26\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.29\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.2[78]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.30\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.31\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(58\.(4[89]|5[0-5])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(58\.2(0[89]|1\d|2[0-3])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(60\.1(6[6-9]|7[0-5])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(60\.2(0[89]1[0-7]|)\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(61\.134\.0\.\d+)\b/ REJECT aviso.ci junk 2 /\b(61\.135\.\d+\.\d+)\b/
catch-all local mail
I've been fighting with it for a long time but still can't get the desirable: - forward all local mail sent to valid unix users (+postmaster and abuse redirects of course) to specific email address. I.e. forward all mail sent to: [any-valid-unix-name-from-etc-pass...@[any-ip-address-of-the-host] [valid-us...@[any-hostname-of-the-server] just [valid-user] without domain part In other words any address which local service would accept. I've tried luser_relay but it local service still desperately wants to deliver to local unix mailbox first. I've tried mailbox_transport = virtual and localredir_alias_maps = static:redirect-h...@example.org but then virtual service failed to deliver to redirect-h...@example.org with User unknown in virtual alias table. Is it possible to setup catch-all for local mail without specifing each valid local user and/or each valid IP/hostname of the mail server? Thanks! Dimitri.
Re: max length of pcre rule?
Original-Nachricht Datum: Mon, 29 Mar 2010 17:12:58 +0200 Von: Steve stev...@gmx.net An: postfix-users@postfix.org Betreff: Re: max length of pcre rule? Original-Nachricht Datum: Mon, 29 Mar 2010 16:44:58 +0200 Von: Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org An: postfix-users@postfix.org Betreff: Re: max length of pcre rule? On Mon, Mar 29, 2010 at 04:38:17PM +0200, Steve wrote: Ohhh boy. Now looking at the regexp I see an error. Every line starting with /[^:]*.+ should be replaced by /[^:]*:.+. Sorry for that. Hi Steve, Hello Louis-David, You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ I have fixed some issues in your regexp and sorted the rules: if /^Received|^X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ /\b(41\.1(6\d|7[0-5])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.138\.1([678]\d|9[01])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.184\.(1[6-9]|2\d|3[01])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.184\.(3[2-9]|4[0-7])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.189\.([1-3]?\d|4[0237]|5[0-6]|9[6-9]|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.191\.(6[89]|7[01]|8[4-7])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.191\.1(0[89]|1[01])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.19\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.202\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.203\.(6[4-9]|[78]\d|9[0-5]|2(2[4-9]|3[0-9]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.204\.2(2[4-7]|[34]\d|5[0-5])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.205\.1(6[57]|72)\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.207\.([0-9]|1[5-9]|2[0-9]|3[01]|1([6-9]\d)|2([01]\d|2[0-3]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.208\.(1(2[89]|[3-9]\d)|2(0[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.211\.([0-3]|19[2-9]|2([0-4]\d|5[0-5]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.213\.(\d?\d|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.214\.(3[2-9]|4[0-7]|9[6-9])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.215\.1(6\d|7[0-5])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.216\.(3[2-9]|[45]\d|6[0-3])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.217\.([1-9]?\d|1([01]\d|2[0-7]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.218\.(19[2-9]|2([0-4]\d|5[0-5]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.218\.(19[2-9]|2([01]\d|2[0-3]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.219\.(1(2[89]|[3-8]\d|9[016])|24[24])\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.220\.(75|1(7[6-9]|8\d|9[01]))\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.221\.194\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.222\.19[2-5]\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.223\.2(48|51)\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.232\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.245\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.25[2-5]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.26\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.29\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.2[78]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.30\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.31\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(58\.(4[89]|5[0-5])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(58\.2(0[89]|1\d|2[0-3])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(60\.1(6[6-9]|7[0-5])\.\d+\.\d+)\b/
Re: max length of pcre rule?
On Mon, Mar 29, 2010 at 04:55:19PM +0200, Steve wrote: You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ Yes. You are right. But to be honest this should be enough (just an example): 001) if /^Received|X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ 002) /\b(127\.0.\d+\.\d+)\b/ REJECT aviso.ci junk 2 003) endif * Rule 001 will match a specific header. * Rule 002 will match 127.0.xxx.xxx * 127.0.xxx.xxx could be anchored with ^ but the rule/if-condition in 001 is already taking care of that 127.0.xxx.xxx is not part of the header name. So you can shorten the regexp to just /\b(ip you check/rule)/b REJECT blah-blah-blah Indeed, on second thought the anchoring is useless in individual rules, making it much more readable/managable. Thanks for taking to time to de-parse my giga-rule into its component parts!
Re: max length of pcre rule?
On Mon, Mar 29, 2010 at 05:16:39PM +0200, Steve wrote: Ach. Again. I made errors. Sorry. It's hard to write here in such a small edit box in a web interface. The above is not 100% correct. What I wanted to write is: You need the 'itsalltext' firefox extension to edit any web textarea with your $EDITOR. https://addons.mozilla.org/en-US/firefox/addon/4125 -- /\b(41\.26\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.29\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.2[78]\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.30\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 /\b(41\.31\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 Could be shortened to: /\b(41\.(2[6-9]|3[01])\.\d+\.\d+)\b/ REJECT aviso.ci junk 2 -- And of course your line-by-line rules makes it so much easier to sort, and regroup, them. Cheers,
Postfix 2.5.1 cleanup(8) Date: issue?
(although I'm subscribed, please Cc: me on replies for a quicker turnaround -- also, the list appears to drop messages from non-subscribers silently, rather than bouncing them. If it was held for moderation, sorry...) Greetings, I have observed a very strange behaviour related to the DST switch yesterday morning. Issue: On the most direct route I can fancy, i. e. injecting a trivial message (just a Subject: line) directly into port 10025 (to bypass spam filtering) and delivering to a Maildir/, Postfix appears to produce a bogus Date: header in the received message (UTC is correct, but local time and timezone are wrong, timezone name is missing). Interestingly, the time logged in Received: is correct. I would have hoped that the Date: header produces the same timestamp as in the Received: header. It would appear this is a cleanup(8) bug, but I'm apparently unable to debug it. The relevant code in cleanup appears to call mail_date which itself works OK. I confirmed that the three files /etc/localtime, /var/spool/postfix/etc/localtime, usr/share/zoneinfo/Europe/Berlin are all identical (according to md5sum) and none is a symlink. I've stopped and re-started postfix. Postfix check doesn't produce output. The Ubuntu and Debian bug trackers don't contain strikingly obvious bugs. I've tried to run cleanup outside the chroot jail, to no avail. I've run cleanup under strace, nothing strikingly obvious, opening /etc/localtime succeeds. (Information not included, but will figure relevant information from the logs upon request.) The system runs the official Ubuntu Linux 8.04 LTS Server postfix packages (i686/32-bit on a Xeon with ECC memory/Fujitsu Primergy RX100S3 IIRC and with AMCC RAID1), and it is in production, so testing is somewhat limited. Evidence given below (hostnames and IPs were anonymized to example.org and 10.0.0.NNN with a sed script): #1 the message as received in Maildir/ #2 relevant log #3 postfinger information. Any help to further debug this will be appreciated. #1 - Return-Path: X-Original-To: ma+direct Delivered-To: ma+dir...@example.org Received: from x (localhost [127.0.0.1]) by mail.example.org (Postfix) with ESMTP id A3F59481E3 for ma+direct; Mon, 29 Mar 2010 16:38:10 +0200 (CEST) Subject: yet another Postfix test Message-Id: 20100329143810.a3f5948...@mail.example.org Date: Mon, 29 Mar 2010 16:38:10 +0200 (CEST) From: MAILER-DAEMON To: undisclosed-recipients:; #2 - Mar 29 16:38:10 mailserver postfix/smtpd[14732]: A3F59481E3: client=localhost[127.0.0.1] Mar 29 16:38:15 mailserver postfix/cleanup[14739]: A3F59481E3: message-id=20100329143810.a3f5948...@mail.example.org Mar 29 16:38:15 mailserver postfix/qmgr[12968]: A3F59481E3: from=, size=381, nrcpt=1 (queue active) Mar 29 16:38:15 mailserver postfix/local[14743]: A3F59481E3: to=ma+dir...@example.org, orig_to=ma+direct, relay=local, delay=5.3, delays=5.3/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to maildir) Mar 29 16:38:15 mailserver postfix/qmgr[12968]: A3F59481E3: removed #3 - postfinger - postfix configuration on Mon Mar 29 16:40:53 CEST 2010 version: 1.30 --System Parameters-- mail_version = 2.5.1 hostname = mailserver uname = Linux mailserver 2.6.24-26-server #1 SMP Tue Dec 1 19:19:20 UTC 2009 i686 GNU/Linux --Packaging information-- looks like this postfix comes from deb package: postfix-2.5.1-2ubuntu1.2 --main.cf non-default parameters-- alias_database = hash:/etc/aliases hash:/etc/aliases-users alias_maps = hash:/etc/aliases hash:/var/lib/mailman/data/aliases hash:/etc/aliases-users append_dot_mydomain = no biff = no body_checks = pcre:/etc/postfix/body_checks bounce_queue_lifetime = 3d canonical_maps = hash:/etc/postfix/canonical delay_warning_time = 255m forward_path = /var/mail/${user}/.forward${recipient_delimiter}${extension} /var/mail/${user}/.forward header_checks = pcre:/etc/postfix/header_checks html_directory = /usr/share/doc/postfix/html local_recipient_maps = proxy:nis:passwd.byname $relocated_maps $alias_maps mailbox_command = /usr/bin/maildrop -d $USER -f $SENDER $EXTENSION $RECIPIENT $USER $SENDER mailbox_size_limit = 0 masquerade_domains = example.org example.org message_size_limit = 3200 mydestination = $myhostname, localhost.$mydomain, $mydomain, example.org, mailserver.example.org, localhost.example.org, mail.example.org, example.org, mailserver.example.org, localhost.example.org, mail.example.org, localhost, pcre:/etc/postfix/mydestination myhostname = mail.example.org mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128 10.0.0.0/26 192.168.0.0/24 192.168.2.0/24 myorigin = /etc/mailname recipient_delimiter = + relocated_maps = hash:/etc/postfix/relocated show_user_unknown_table_name = no smtpd_authorized_verp_clients = localhost localhost.$mydomain $myhostname smtpd_authorized_xforward_hosts = 127.0.0.1 10.0.0.25 10.0.0.28 smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
Logrotate with Postfix
Hi, Does anyone have logrotate working correctly for maillog on a weekly basis? I'm not sure if its my logrotate config: /var/log/maillog { rotate 100 compress weekly dateext notifempty copytruncate postrotate /etc/init.d/postfix reload endscript } Can someone who has this working correctly post their logrotate config. Thanks, James
Re: max length of pcre rule?
On Mon, Mar 29, 2010 at 05:17:22PM +0200, Louis-David Mitterrand wrote: On Mon, Mar 29, 2010 at 04:55:19PM +0200, Steve wrote: You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ Yes. You are right. But to be honest this should be enough (just an example): 001) if /^Received|X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ 002) /\b(127\.0.\d+\.\d+)\b/ REJECT aviso.ci junk 2 003) endif * Rule 001 will match a specific header. * Rule 002 will match 127.0.xxx.xxx * 127.0.xxx.xxx could be anchored with ^ but the rule/if-condition in 001 is already taking care of that 127.0.xxx.xxx is not part of the header name. So you can shorten the regexp to just /\b(ip you check/rule)/b REJECT blah-blah-blah Indeed, on second thought the anchoring is useless in individual rules, making it much more readable/managable. Thanks for taking to time to de-parse my giga-rule into its component parts! In theory that's quite inefficient. Given your traffic it might not make a difference. A better approach would be keeping all the IPs etc in a file and generating the rule using for example perl + Regexp::Assemble.
Re: Logrotate with Postfix
On Mon, Mar 29, 2010 at 11:54:54AM -0400, James R. Marcus wrote: Does anyone have logrotate working correctly for maillog on a weekly basis? I'm not sure if its my logrotate config: It is. /var/log/maillog { rotate 100 compress weekly dateext notifempty copytruncate postrotate /etc/init.d/postfix reload Why? This is the error. You need to restart your syslog daemon. endscript } Can someone who has this working correctly post their logrotate config. This works out of the box with Slackware, and probably any other OS which ships logrotate. My config would not be useful to you. You should be looking in your OS documentation and follow up to a forum for your OS. -- Offlist mail to this address is discarded unless /dev/rob0 or not-spam is in Subject: header
Re: max length of pcre rule?
Original-Nachricht Datum: Mon, 29 Mar 2010 19:00:36 +0300 Von: Henrik K h...@hege.li An: postfix-users@postfix.org Betreff: Re: max length of pcre rule? On Mon, Mar 29, 2010 at 05:17:22PM +0200, Louis-David Mitterrand wrote: On Mon, Mar 29, 2010 at 04:55:19PM +0200, Steve wrote: You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ Yes. You are right. But to be honest this should be enough (just an example): 001) if /^Received|X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ 002) /\b(127\.0.\d+\.\d+)\b/ REJECT aviso.ci junk 2 003) endif * Rule 001 will match a specific header. * Rule 002 will match 127.0.xxx.xxx * 127.0.xxx.xxx could be anchored with ^ but the rule/if-condition in 001 is already taking care of that 127.0.xxx.xxx is not part of the header name. So you can shorten the regexp to just /\b(ip you check/rule)/b REJECT blah-blah-blah Indeed, on second thought the anchoring is useless in individual rules, making it much more readable/managable. Thanks for taking to time to de-parse my giga-rule into its component parts! In theory that's quite inefficient. What is inefficient? The combining of rules or the splitting? Given your traffic it might not make a difference. A better approach would be keeping all the IPs etc in a file and generating the rule using for example perl + Regexp::Assemble. -- Sicherer, schneller und einfacher. Die aktuellen Internet-Browser - jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/chbrowser
bounce email
Hello, Lately I had been getting bounce email ( spam), I do not know how to effectively proceed to solve this problem. Below is the actual email that one of the users is getting constantly, the spam filer is unable to detected. The administrator said we can't do nothing other than create a rule in outlook to trash this email. Anybody have other suggestions, please? I'm using postfix+amavisd-new to combat spam. System Specs, 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009 r...@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 From: Mail Delivery Subsystem [mailto:mailer-dae...@singnet.com.sg] Sent: Monday, March 29, 2010 9:07 AM To: u...@example.com Subject: Returned mail: see transcript for details The original message was received at Mon, 29 Mar 2010 23:59:29 +0800 from mx17.singnet.com.sg [165.21.74.117] - The following addresses had permanent fatal errors - james...@singnet.com.sg (reason: 550 5.1.1 User unknown) - Transcript of session follows - 550 5.1.1 james...@singnet.com.sg... User unknown Thanks in Advance, -Motty
Re: max length of pcre rule?
On Mon, Mar 29, 2010 at 06:13:15PM +0200, Steve wrote: Original-Nachricht Datum: Mon, 29 Mar 2010 19:00:36 +0300 Von: Henrik K h...@hege.li An: postfix-users@postfix.org Betreff: Re: max length of pcre rule? On Mon, Mar 29, 2010 at 05:17:22PM +0200, Louis-David Mitterrand wrote: On Mon, Mar 29, 2010 at 04:55:19PM +0200, Steve wrote: You if/endif suggestion for the prefix is interesting. For added safety, the individual rules should be anchored with ^ and the bracketed atom plussed, no? /^[^:]+:.+ Yes. You are right. But to be honest this should be enough (just an example): 001) if /^Received|X\-((Origin(ating)?|Client|MDRemote|Sender)\-?IP|(Client|Remote_)Addr|PHP\-Script):/ 002) /\b(127\.0.\d+\.\d+)\b/ REJECT aviso.ci junk 2 003) endif * Rule 001 will match a specific header. * Rule 002 will match 127.0.xxx.xxx * 127.0.xxx.xxx could be anchored with ^ but the rule/if-condition in 001 is already taking care of that 127.0.xxx.xxx is not part of the header name. So you can shorten the regexp to just /\b(ip you check/rule)/b REJECT blah-blah-blah Indeed, on second thought the anchoring is useless in individual rules, making it much more readable/managable. Thanks for taking to time to de-parse my giga-rule into its component parts! In theory that's quite inefficient. What is inefficient? The combining of rules or the splitting? Executing a bunch of expressions instead of one.
Re: bounce email
On 3/29/2010 11:23 AM, motty.cruz wrote: Hello, Lately I had been getting bounce email ( spam), I do not know how to effectively proceed to solve this problem. Below is the actual email that one of the users is getting constantly, the spam filer is unable to detected. The administrator said we can’t do nothing other than create a rule in outlook to trash this email. Anybody have other suggestions, please? I’m using postfix+amavisd-new to combat spam. System Specs, 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC 2009 r...@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 From: Mail Delivery Subsystem [mailto:mailer-dae...@singnet.com.sg] Sent: Monday, March 29, 2010 9:07 AM To: u...@example.com Subject: Returned mail: see transcript for details This might help: http://www.postfix.org/BACKSCATTER_README.html You can probably find more discussions about this if you search the mail list archives for backscatter. If you need more help, please see: http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones
Re: Postfix 2.5.1 cleanup(8) Date: issue?
Matthias Andree: and timezone are wrong, timezone name is missing). Interestingly, the time logged in Received: is correct. I would have hoped that the Date: header produces the same timestamp as in the Received: header. ... Return-Path: X-Original-To: ma+direct Delivered-To: ma+dir...@example.org Received: from x (localhost [127.0.0.1]) by mail.example.org (Postfix) with ESMTP id A3F59481E3 for ma+direct; Mon, 29 Mar 2010 16:38:10 +0200 (CEST) Subject: yet another Postfix test Message-Id: 20100329143810.a3f5948...@mail.example.org Date: Mon, 29 Mar 2010 16:38:10 +0200 (CEST) From: MAILER-DAEMON To: undisclosed-recipients:; In the above message: Received header date = Mon, 29 Mar 2010 16:38:10 +0200 (CEST) Date header date = Mon, 29 Mar 2010 16:38:10 +0200 (CEST) These time stamps are identical, and all headers have the form that I would expect from Postfix. Your postfix-users submission has: Received: from [131.234.21.116] (baloo.cs.uni-paderborn.de [131.234.21.116]) (authenticated bits=0) by unimail.uni-dortmund.de (8.14.4/8.14.4) with ESMTP id o2TFXok8003087 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT) for postfix-users@postfix.org; Mon, 29 Mar 2010 17:33:51 +0200 (CEST) Message-ID: 4bb0c85c.7030...@dt.e-technik.uni-dortmund.de Date: Mon, 29 Mar 2010 17:33:48 +0200 This has a NON-POSTFIX Message-ID: header, and a Date: header without time zone. Wietse
Re: notification message size to receiver
Robert Bude: Hi ! Is there a possibility to configure postfix to send an email notification to the sender and receiver of an email, which is not accepted because of exceeding the message size limit ? We have a client, who wants to get notified if someone send him an email, which was rejected because of the message size limit. Postfix never sends mail for messages that it does not accept. That would make it very easy to flood someone with notifications. Wietse
[SOLVED] Re: Postfix 2.5.1 cleanup(8) Date: issue?
Wietse Venema wrote on 2010-03-29: Matthias Andree: and timezone are wrong, timezone name is missing). Interestingly, the time logged in Received: is correct. I would have hoped that the Date: header produces the same timestamp as in the Received: header. ... Return-Path: X-Original-To: ma+direct Delivered-To: ma+dir...@example.org Received: from x (localhost [127.0.0.1]) by mail.example.org (Postfix) with ESMTP id A3F59481E3 for ma+direct; Mon, 29 Mar 2010 16:38:10 +0200 (CEST) Subject: yet another Postfix test Message-Id: 20100329143810.a3f5948...@mail.example.org Date: Mon, 29 Mar 2010 16:38:10 +0200 (CEST) From: MAILER-DAEMON To: undisclosed-recipients:; In the above message: Received header date = Mon, 29 Mar 2010 16:38:10 +0200 (CEST) Date header date = Mon, 29 Mar 2010 16:38:10 +0200 (CEST) These time stamps are identical, and all headers have the form that I would expect from Postfix. Thank you. It matches what I'd read in the source (the strftime format string). This has a NON-POSTFIX Message-ID: header, and a Date: header without time zone. That's ok, and wasn't what I'd tested. Now that's embarrassing, for me (not noticing the discrepancy between mailer's display and Maildir contents), and for the Opera guys (for goofing up the time zone). Here's the story: I was looking at what Opera 10.51's mail client was presenting me in all headers and body view (whatever the exact name is, I'm using a localized version). Original: Return-Path: X-Original-To: ma+direct Delivered-To: ma+dir...@example.org Received: from x (localhost [127.0.0.1]) by mail.example.org (Postfix) with ESMTP id E753548DA6 for ma+direct; Mon, 29 Mar 2010 19:19:04 +0200 (CEST) Subject: yet another Postfix test Message-Id: 20100329171904.e753548...@mail.example.org Date: Mon, 29 Mar 2010 19:19:04 +0200 (CEST) From: MAILER-DAEMON To: undisclosed-recipients:; Opera representation (Note Return-path misspelling, b0rked Date timezone, and omitted To - it's not in the headline either): Return-path: X-Original-To: ma+direct Delivered-To: ma+dir...@example.org Received: from x (localhost [127.0.0.1]) by mail.example.org (Postfix) with ESMTP id E753548DA6 for ma+direct; Mon, 29 Mar 2010 19:19:04 +0200 (CEST) Subject: yet another Postfix test Message-ID: 20100329171904.e753548...@mail.example.org Date: Mon, 29 Mar 2010 20:19:04 +0300 From: MAILER-DAEMON Looks like a one of the many Opera mail bugs. Filed as bug #291618 with Opera, and that bug address in Bcc: so they know this is being discussed in public. Sorry for the lack of displomacy, but you get to share the embarrassment anyways :) Off-topic: Anyone know a Thunderbird add-in that auto-creates virtual folders for mailing lists? It's the sole reason why I'm still using Opera M2. -- Matthias Andree
Re: catch-all local mail
Charlie Root a écrit : I've been fighting with it for a long time but still can't get the desirable: - forward all local mail sent to valid unix users (+postmaster and abuse redirects of course) to specific email address. I.e. forward all mail sent to: [any-valid-unix-name-from-etc-pass...@[any-ip-address-of-the-host] [valid-us...@[any-hostname-of-the-server] just [valid-user] without domain part In other words any address which local service would accept. I've tried luser_relay but it local service still desperately wants to deliver to local unix mailbox first. I've tried mailbox_transport = virtual and localredir_alias_maps = static:redirect-h...@example.org but then virtual service failed to deliver to redirect-h...@example.org with User unknown in virtual alias table. Is it possible to setup catch-all for local mail without specifing each valid local user and/or each valid IP/hostname of the mail server? Untested maybe try real_alias_maps = hash:/etc/aliases local_recipient_maps = proxy:unix:passwd.byname $real_alias_maps alias_maps = static:redirect-h...@example.org (without overriding local configuration).
Auto blacklist email addresses
Hello. One spammer has tried about 300 times send me email, always from the same address, but from about 20 different IP . Never pass verify sender, always get 450 errormy question is...when one email fail postfix verify_sender 4 or 5 times..will be possible auto-blacklist this email for one week, for example? I use postfix 2.6.5 and postgrey 1.32 Thanks Josep
Re: Auto blacklist email addresses
* Josep M. websur...@navegants.com: Hello. One spammer has tried about 300 times send me email, always from the same address, but from about 20 different IP . Never pass verify sender, always get 450 errormy question is...when one email fail postfix verify_sender 4 or 5 times..will be possible auto-blacklist this email for one week, for example? You could use fail2ban for that -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: Auto blacklist email addresses
On Mon, Mar 29, 2010 at 09:34:56PM +0200, Josep M. wrote: Hello. One spammer has tried about 300 times send me email, always from the same address, but from about 20 different IP . Never pass verify sender, always get 450 errormy question is...when one email fail postfix verify_sender 4 or 5 times..will be possible auto-blacklist this email for one week, for example? I use postfix 2.6.5 and postgrey 1.32 Thanks Josep Wouldn't that open you up to a DoS attack vector against valid E-mail addresses sending to you? Cheers, Ken
Re: Auto blacklist email addresses
On 3/29/2010 3:34 PM, Josep M. wrote: Hello. One spammer has tried about 300 times send me email, always from the same address, but from about 20 different IP . Never pass verify sender, always get 450 errormy question is...when one email fail postfix verify_sender 4 or 5 times..will be possible auto-blacklist this email for one week, for example? I use postfix 2.6.5 and postgrey 1.32 Google fail2ban or similar log scanning utility. Postfix only ever looks into a single transaction.
procmail hitting sometimes but not others?
I know it's overkill, but I run my own postfix (2.6.2) on my server at home. My domain, my mail. Just me. Just switched to IMAP, and figured I'd also like to sync filtering rules, so best way I could see was use procmail. So far, sometimes so good. But every once in a while, a message 'slips' past the procmail and into my mailbox. I've attached postconf -n below, and I've put the filter, header, and verbose procmail output at http://www.espphotography.com/proc.txt . Any obvious reason it isn't hitting? I could gather a few more times it's not hitting - it seems to be literally hit or miss. Same rule, sometimes it hits sometimes it doesn't. Thanks. :) Evan # postconf -n alias_maps = hash:/etc/postfix/aliases biff = no command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks inet_interfaces = all mail_owner = postfix mailbox_command = /usr/bin/procmail mailbox_size_limit = 10 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 10 mydomain = espphotography.com myhostname = espphotography.com mynetworks = 168.100.189.0/28, 127.0.0.0/8,192.168.1.0/28,206.176.229.254,216.200.134.0/24,192.168.1.0/24,99.11.230.251 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = [smtp.comcast.net]:587 sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtpd_client_event_limit_exceptions = static:everyone smtpd_sasl_path = smtpd smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access smtpd_tls_cert_file = /System/Library/OpenSSL/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_use_tls = yes unknown_local_recipient_reject_code = 550
Re: Auto blacklist email addresses
Hello Ralph. Fail2ban can blacklist email addresses too? I want reject email addresses, not block IPs. Thanks Josep El lun, 29-03-2010 a las 21:41 +0200, Ralf Hildebrandt escribió: * Josep M. websur...@navegants.com: Hello. One spammer has tried about 300 times send me email, always from the same address, but from about 20 different IP . Never pass verify sender, always get 450 errormy question is...when one email fail postfix verify_sender 4 or 5 times..will be possible auto-blacklist this email for one week, for example? You could use fail2ban for that
Re: Auto blacklist email addresses
* Josep M. websur...@navegants.com: Hello Ralph. Fail2ban can blacklist email addresses too? I want reject email addresses, not block IPs. All you have to do is call a script instead of iptables. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
Re: procmail hitting sometimes but not others?
Evan Platt(e...@espphotography.com)@Mon, Mar 29, 2010 at 02:05:31PM -0700: I know it's overkill, but I run my own postfix (2.6.2) on my server at home. My domain, my mail. Just me. Just switched to IMAP, and figured I'd also like to sync filtering rules, so best way I could see was use procmail. So far, sometimes so good. But every once in a while, a message 'slips' past the procmail and into my mailbox. I've attached postconf -n below, and I've put the filter, header, and verbose procmail output at http://www.espphotography.com/proc.txt . Any obvious reason it isn't hitting? I could gather a few more times it's not hitting - it seems to be literally hit or miss. Same rule, sometimes it hits sometimes it doesn't. Thanks. :) If you're seeing the message in your procmail log, it's not missing procmail. In fact, given your mailbox_command there, I don't see how you would have a message end up anywhere else. I'll bet that those messages are hitting procmail, not matching any rules, and ending up on your mailbox. If not, how about log messages (from procmail, non-verbose, and from postfix) showing a message that works as expected, and a message that doesn't? Also, why is your mynetworks so huge? You've got a lot of space listed there for a home server with one user. Evan # postconf -n alias_maps = hash:/etc/postfix/aliases biff = no command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 header_checks = regexp:/etc/postfix/header_checks inet_interfaces = all mail_owner = postfix mailbox_command = /usr/bin/procmail mailbox_size_limit = 10 mailq_path = /usr/bin/mailq manpage_directory = /usr/share/man message_size_limit = 10 mydomain = espphotography.com myhostname = espphotography.com mynetworks = 168.100.189.0/28, 127.0.0.0/8,192.168.1.0/28,206.176.229.254,216.200.134.0/24,192.168.1.0/24,99.11.230.251 mynetworks_style = subnet newaliases_path = /usr/bin/newaliases queue_directory = /private/var/spool/postfix readme_directory = /usr/share/doc/postfix relayhost = [smtp.comcast.net]:587 sample_directory = /usr/share/doc/postfix/examples sendmail_path = /usr/sbin/sendmail setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = smtpd_client_event_limit_exceptions = static:everyone smtpd_sasl_path = smtpd smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access smtpd_tls_cert_file = /System/Library/OpenSSL/certs/smtpd.pem smtpd_tls_key_file = $smtpd_tls_cert_file smtpd_use_tls = yes unknown_local_recipient_reject_code = 550 -- Bill Weiss The ten commandments of hooking anything to anything VIII. Never screw with something thou cannot replace.
Rate control for SMTP delivery to speicific domain
Hello Everyone. Our company sends out newsletters to people who have subscribed their mail address in-store (retail). I have been working in attempt to slow down E-Mail deliveries to Hotmail, as our server attempts deliveries too quickly and will get blocked by their servers. I have googled and found some decent information and have even applied it, but it does not appear to do a single thing to slow delivery down for the domain. I have in my configuration files: Master.cf: smtphotmail unix - - - - 3 smtp Transport: hotmail.com smtphotmail:hotmail.com Main.cf: smtphotmail_destination_concurrency_limit = 2 smtphotmail_destination_rate_delay = 3s I was using the global limiters and these were working just fine - we were able to deliver OK, until I commented them out: #initial_destination_concurrency = 3 #local_destination_concurrency_limit = 3 #smtp_destination_concurrency_limit = 3 #smtp_destination_rate_delay = 2s It appears that whenever I use the smtphotmail transport rules, instead of the global ones, delivery attempts to the domain increase as if there was no limitation.. Ie: after a Postfix reload, I follow the mail.info log and find straight after the reload that there are instantly pages and pages of delivery attempts to hotmail.com. To me this doesn't make sense - the rate limit means I should only see a few, every couple of seconds, right? Am I missing something here? Thanks in advance, Yours Sincerely, Michael Hutchinson
Re: Rate control for SMTP delivery to speicific domain
On Tue, 30 Mar 2010, Mike Hutchinson wrote: It appears that whenever I use the smtphotmail transport rules, instead of the global ones, delivery attempts to the domain increase as if there was no limitation.. Ie: after a Postfix reload, I follow the mail.info log and find straight after the reload that there are instantly pages and pages of delivery attempts to hotmail.com. To me this doesn't make sense - the rate limit means I should only see a few, every couple of seconds, right? Am I missing something here? http://www.postfix.org/QSHAPE_README.html#backlog http://www.postfix.org/DEBUG_README.html#mail -- Sahil Tandon sa...@tandon.net
Re: Rate control for SMTP delivery to speicific domain
Mike Hutchinson: Hello Everyone. Our company sends out newsletters to people who have subscribed their mail address in-store (retail). I have been working in attempt to slow down E-Mail deliveries to Hotmail, as our server attempts deliveries too quickly and will get blocked by their servers. I have googled and found some decent information and have even applied it, but it does not appear to do a single thing to slow delivery down for the domain. I have in my configuration files: Master.cf: smtphotmail unix - - - - 3smtp Who told you to set a wakeup timer of 3 seconds? Remove it. Transport: hotmail.com smtphotmail:hotmail.com How do you know that Postfix uses this? The cut-and-paste fragments from the main.cf file show no evidence of that. As requested in the mailing list welcome message (see below) do NOT send cut-and-paste fragments from the main.cf file. Wietse TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html Thank you for using Postfix.
RE: Rate control for SMTP delivery to speicific domain
smtphotmail unix - - - - 3 smtp Who told you to set a wakeup timer of 3 seconds? Remove it. No-one did. I had intended to set a max processes limit.. As I understand it, this would be setting the Max Processes limit. smtphotmail unix- - - - 3 smtp And setting the wakeup timer would be like this: smtphotmail unix- - - 3 - smtp Transport: hotmail.com smtphotmail:hotmail.com How do you know that Postfix uses this? The cut-and-paste fragments from the main.cf file show no evidence of that. I have the transport referenced in main.cf, and have used postmap to build the db. As requested in the mailing list welcome message (see below) do NOT send cut-and-paste fragments from the main.cf file. My apologies. Ill go back and start from scratch. Cheers, Michael
Re: Rate control for SMTP delivery to speicific domain
On Tue, 30 Mar 2010, Mike Hutchinson wrote: As I understand it, this would be setting the Max Processes limit. smtphotmail unix- - - - 3 smtp That is how you set maxproc, but why do you need 3 for this transport? And setting the wakeup timer would be like this: smtphotmail unix- - - 3 - smtp That is how you set the timer. My apologies. Ill go back and start from scratch. What version of Postfix is this? -- Sahil Tandon sa...@tandon.net