Re: X-Original-To: and smtpd_proxy_filter
Jeroen Geilman wrote: On 12/28/10 7:58 AM, Alexander Moisseev wrote: m...@domain.tld has an alias al...@domain.tld and mail sent to alias. X-Original-To: al...@domain.tld prepends to the message. It's OK. If the before-queue content filter enabled as shown below then X-Original-To: is m...@domain.tld. Why did this happen? Stop resolving aliases in your before-queue content filter and the problem will go away. -o receive_override_options=no_unknown_recipient_checks You might want to set that to no_address_mappings for the smtpd proxy listener. Thanks. I was expanding aliases twice in before-queue and after-queue content filter. -- Alexander Moisseev
Re: Postfix queue in Mysql ?
On 29/12/2010, at 4:02 PM, Joan Moreau wrote: > Well, I am surprised by the tone of those emails. Why? Do you tell you mechanic how to fix your car before he's even been informed what vehicle you drive? > I am just asking if it exists a back-end that would replace the storage and > management of the queue into mysql (i.e. put /var/spool/postfix into mysql > tables). As you've bene told - no. Not unless you replace your backend with a dedicated DB system which you ruled out in your initial post. Cheers, James smime.p7s Description: S/MIME cryptographic signature
Re: Postfix queue in Mysql ?
Well, I am surprised by the tone of those emails. I am just asking if it exists a back-end that would replace the storage and management of the queue into mysql (i.e. put /var/spool/postfix into mysql tables). (yes, a file system is made for storing files, but it is not at all made to execute queries on teh file tree (hey, it is a tree! not a rdbms ) On Wed, 29 Dec 2010 09:29:12 +1100, James Gray wrote: >> On Tue, 28 Dec 2010 12:28:57 -0500 (EST), Wietse Venema wrote: >> >>> Joan Moreau: >>> Well, more clearly, my question is : How can I plug Mysql as a backend of postfix to handle the mailq ? >>> Please state the PROBLEM instead of the SOLUTION. Wietse > On 29/12/2010, at 8:29 AM, Joan Moreau wrote: > >> I am just looking for a MySQL bakcend to replace the hard-disk storage of the postfix mailqueue. This is not a problem, this is something I am looking for. > (Top posting fixed...quoting might not be - curse you Apple Mail!) So where exactly will the MySQL backend live if not on disk?? If your qmgr is choking on I/O, then throwing a DB at it wont help, in fact I can think of a number of ways this will make an I/O-challenged systems WORSE. I guess you could find some tool (or write one) that abstracts a MySQL database out to a file system, heck, I've seen all manner of weird things abstracted to file systems. At the end of the day, a file system is essentially an extremely specialised DB...for storing, accessing and manipulating files. So far the list has asked for specifics about the problem. You keep demanding a specific solution. Without knowing anything about your setup, what testing you've done, heck, even the version of Postfix you're on, how do you expect us to help you? Without being rude, have a read of http://www.catb.org/~esr/faqs/smart-questions.html [1] - specifically about half way down titled: "Be precise and informative about your problem". Good luck, James Links: -- [1] http://www.catb.org/~esr/faqs/smart-questions.html
Re: Postfix queue in Mysql ?
Joan Moreau put forth on 12/28/2010 3:29 PM: > > > Well, no need to get angry. No one is angry. You're misreading "tone" as you're not a regular member of this list. Replace "angry" with "direct" and you've got the correct tone. > I am just looking for a MySQL bakcend to replace the hard-disk storage of > the postfix mailqueue. This is not a problem, this is something I am > looking for. You are telling us that you want the queue somewhere else than on the local disk in the Postfix server chassis. You cannot use a remote database for this, as you've been told already. The queue is filesystem based, and always will be. You have a couple of options for remote storage: 1. NFS mounted filesystem Can be inexpensive, usually lower performance w/low price solution You (one with knowledge) can easily build an NFS server, esp w/Linux Staring price < $500 USD if "home built" 2. SAN LUN via iSCSI, fiber channel, infiniband Local filesystem, acts like "local" SCSI disk More expensive than NFS, usually higher performance More difficult to setup, staring price ~$8k USD My guess is, in absence of further details, that you should simply purchase another disk, install it in your Postfix server chassis, and move the mail spool directory to the new disk. These recommendations are based on the limited amount of current detail you've given us. More accurate details will allow for a more accurate or better recommendation, especially if you do indeed have a clogged deferred queue. In such a case more hardware will not solve the problem. In such a case, you need to find out why your messages aren't being delivered. If you have been marked as a spammer by various places, this could be one explanation for your backed up queue. Again, providing more details would allow us to actually assist you instead of guessing. -- Stan
postscreen STARTTLS support
I have built an event-driven TLS proxy for postscreen(8). This addresses the problem that postscreen(8) could not be used when SMTP clients require STARTTLS support. The new daemon is called starttlsd(8). When a non-whitelisted (*) SMTP client sends a STARTTLS command, postscreen(8) will hand off the connection to starttlsd(8) and read/write the plaintext to/from starttlsd(8). The challenge was that one starttlsd(8) must be able to handle the TLS <=> plaintext translation for more than one SMTP client, but thanks to careful planning, it worked out of the box. Next on the agenda is AUTH support, and that is a lot simpler. Wietse (*) A complete stranger, or a known client whose whitelisting needs to be renewed.
Re: Postfix queue in Mysql ?
> On Tue, 28 Dec 2010 12:28:57 -0500 (EST), Wietse Venema wrote: > >> Joan Moreau: >>> Well, more clearly, my question is : How can I plug Mysql as a backend >>> of postfix to handle the mailq ? >> >> Please state the PROBLEM instead of the SOLUTION. Wietse On 29/12/2010, at 8:29 AM, Joan Moreau wrote: > I am just looking for a MySQL bakcend to replace the hard-disk storage of > the postfix mailqueue. This is not a problem, this is something I am > looking for. (Top posting fixed...quoting might not be - curse you Apple Mail!) So where exactly will the MySQL backend live if not on disk?? If your qmgr is choking on I/O, then throwing a DB at it wont help, in fact I can think of a number of ways this will make an I/O-challenged systems WORSE. I guess you could find some tool (or write one) that abstracts a MySQL database out to a file system, heck, I've seen all manner of weird things abstracted to file systems. At the end of the day, a file system is essentially an extremely specialised DB...for storing, accessing and manipulating files. So far the list has asked for specifics about the problem. You keep demanding a specific solution. Without knowing anything about your setup, what testing you've done, heck, even the version of Postfix you're on, how do you expect us to help you? Without being rude, have a read of http://www.catb.org/~esr/faqs/smart-questions.html - specifically about half way down titled: "Be precise and informative about your problem". Good luck, James smime.p7s Description: S/MIME cryptographic signature
Re: Postfix queue in Mysql ?
On Tue, Dec 28, 2010 at 04:29:34PM -0500, Joan Moreau wrote: > > I am just looking for a MySQL bakcend to replace the hard-disk storage of > the postfix mailqueue. This is not a problem, this is something I am > looking for. This is surely a "means" and not an "end". What real purpose would storing the queue in MySQL serve? -- Viktor.
Re: Postfix queue in Mysql ?
On Tuesday, December 28, 2010 at 22:29 CET, Joan Moreau wrote: > I am just looking for a MySQL bakcend to replace the hard-disk storage > of the postfix mailqueue. This is not a problem, this is something I > am looking for. Judging by your initial message in this thread I'd say your problem is that qmgr is requiring too much resources (of some kind), or at least that's what you think is the problem. Let us help you address that problem and figure out the root cause. This is done by answering our questions. Please do not top-post. -- Magnus Bäck mag...@dsek.lth.se
Re: Milter for handling messages bound for non-TLS-capable hosts?
> > 1) does the milter API and its placement in the server's execution provide > > a > > > place where I can determine that STARTTLS has failed? > > No. Milter processing happens as mail enters the queue, delivery and STARTTLS > success or failure happen when mail is leaving the queue. > > > (and where I can manually redirect the message and remove it from normal > > processing) (milter against the STARTTLS command?) > > Milters process mail being received, not mail going out. DUH!!! I'm so embarrassed. Got caught thinking too much without realizing this simple fact. Sorry about that and thank you for pointing it out. > > 2) does anyone know of a milter that might serve as a good example so I >don't > > > have to start from scratch? > > Outgoing TLS policy failure is a non-milter problem. If you want traffic > that fails mandatory TLS delivery to be re-routed for alternative processing, > you can use a custom transport for mandatory tls: > > main.cf: > indexed = ${default_database_type}:${config_directory}/ > transport_maps = ${indexed}transport > > transport: > example.com tlssmtp > > master.cf: > tlssmtp unix - - n- -smtp > -o smtp_tls_security_level=encrypt > -o smtp_fallback_relay=[127.0.0.1]:12345 > > Note that not all failures will be starttls failures, so the fallback > relay will also receive mail when the remote peer is down, or tempfails > a particular recipient, ... THANK YOU, Viktor, for the good tip. I think that smtp_fallback_relay was the setting that I didn't know about. That's perfect (although it's NOT perfect as you rightly note... sadly, the boss types don't care even if they understand all the caveats... frustrating!). THANK YOU again
Re: Postfix queue in Mysql ?
Well, no need to get angry. I am just looking for a MySQL bakcend to replace the hard-disk storage of the postfix mailqueue. This is not a problem, this is something I am looking for. Best, Joan On Tue, 28 Dec 2010 12:28:57 -0500 (EST), Wietse Venema wrote: Joan Moreau: Well, more clearly, my question is : How can I plug Mysql as a backend of postfix to handle the mailq ? Please state the PROBLEM instead of the SOLUTION. Wietse
Re: Postfix and Myvzw.com POP3 email
On Tue, Dec 28, 2010 at 06:51:23PM +0100, mouss wrote: > > I have never had a problem with cyrus-sasl configuration and usage. I > > am presently using cyrus-sasl with mysql and it works flawlessly. I have > > had problems in the past with Dovecot and authentication when Dovecot > > was updated. I honestly don't remember the last time that I had to > > update cyrus though. In any case, I prefer to keep things isolated in a > > situation like this. It makes debugging easier, or at least for me it > > does. > > > > on the other side, with cyrus-sasl, you are linking complex code with > postfix. with dovecot, only a small portion to implemented dovecot-auth > protocol is included. Let's not hijack the user's thread into a discussion of Cyrus SASL or Dovecot SASL pros and cons. The OP, if he still needs help needs to be more explicit about the client configuration and capabilities, and needs to read http://www.postfix.org/SASL_README.html to learn more about SASL support in the Postfix SMTP server. -- Viktor.
Re: Postfix and Myvzw.com POP3 email
Le 28/12/2010 15:25, Jerry a écrit : > On Tue, 28 Dec 2010 14:45:16 +0100 > Jeroen Geilman articulated: > >> On 12/28/10 2:41 PM, mouss wrote: >>> >>> your postfix has support for AUTH. If you also have dovecot, then >>> it's easier to use dovecot-auth. otherwise, use cyrus sasl. >> >> If he doesn't have dovecot, it is still easier than cyrus :) > > I have never had a problem with cyrus-sasl configuration and usage. I > am presently using cyrus-sasl with mysql and it works flawlessly. I have > had problems in the past with Dovecot and authentication when Dovecot > was updated. I honestly don't remember the last time that I had to > update cyrus though. In any case, I prefer to keep things isolated in a > situation like this. It makes debugging easier, or at least for me it > does. > on the other side, with cyrus-sasl, you are linking complex code with postfix. with dovecot, only a small portion to implemented dovecot-auth protocol is included. so from a security and isolation viewpoint, dovecot-auth seems better to me. (my experience with cyrus sasl dates back to a long time. at the time, debugging was a nightmare. the location of smtpd.conf was hardcoded, and it was to be put with cyrus libraries, which was ugly. some distros used to change this but that made finding it a first barrier to getting things working. things have changed since then though). > As a side note, there appears to be a problem on FreeBSD with the > recent update of MySQL-5.5.8 and Postfix/Dovecot. I cannot confirm this > since I have not updated to that version of MySQL as of yet myself. > nor did I, so I can't tell. I hope to "upgrade" to postgres instead;-p
Re: Postfix queue in Mysql ?
On Tue, Dec 28, 2010 at 12:19:23PM -0500, Joan Moreau wrote: > Well, more clearly, my question is : > > How can I plug Mysql as a > backend of postfix to handle the mailq ? It was clear enough before. The answer is that this is not possible. The queue is file-based by design. The queue design is performant for deferred queues up to a few hundred thousand messages. Beyond that, indeed you will have problems, but then the real question is why does your deferred queue have 100k+ messages? So if you want help, get help with keeping your incoming queue nearly empty, your active queue at a few hundreds messages, and your deferred queue at less than a few thousand messages. -- Viktor.
Re: Postfix queue in Mysql ?
Joan Moreau: > Well, more clearly, my question is : > > How can I plug Mysql as a > backend of postfix to handle the mailq ? Please state the PROBLEM instead of the SOLUTION. Wietse > On Tue, 28 Dec 2010 12:00:04 > -0500 (EST), Wietse Venema wrote: > > > Joan Moreau: > >> Hi, the postfix > queue manager (qmgr) is taking far too much resources when the number of > email pending is growing. > > Sorry, you are jumping to conclusions. There > are many reasons why mail can pile up in the queue, and you have not > given a shred of information that allows people here to help you. For > more support, please see the mailing list welcome message, repeated > below. Wietse TO REPORT A PROBLEM see > http://www.postfix.org/DEBUG_README.html#mail [1] TO (UN)SUBSCRIBE see > http://www.postfix.org/lists.html [2] Thank you for using > Postfix. > > > Links: > -- > [1] > http://www.postfix.org/DEBUG_README.html#mail > [2] > http://www.postfix.org/lists.html
Re: Postfix queue in Mysql ?
Well, more clearly, my question is : How can I plug Mysql as a backend of postfix to handle the mailq ? On Tue, 28 Dec 2010 12:00:04 -0500 (EST), Wietse Venema wrote: > Joan Moreau: >> Hi, the postfix queue manager (qmgr) is taking far too much resources when the number of email pending is growing. > Sorry, you are jumping to conclusions. There are many reasons why mail can pile up in the queue, and you have not given a shred of information that allows people here to help you. For more support, please see the mailing list welcome message, repeated below. Wietse TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail [1] TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html [2] Thank you for using Postfix. Links: -- [1] http://www.postfix.org/DEBUG_README.html#mail [2] http://www.postfix.org/lists.html
Re: Postfix queue in Mysql ?
Joan Moreau: > Hi, > > the postfix queue manager (qmgr) is taking far too much > resources when the number of email pending is growing. Sorry, you are jumping to conclusions. There are many reasons why mail can pile up in the queue, and you have not given a shred of information that allows people here to help you. For more support, please see the mailing list welcome message, repeated below. Wietse TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html Thank you for using Postfix.
Re: Milter for handling messages bound for non-TLS-capable hosts?
On Tue, Dec 28, 2010 at 01:19:49AM -0800, email builder wrote: > I might need to learn how to write a milter that tries to divert outgoing > messages (so a smtp/client milter) that have been sent with > smtp_tls_security_level = encrypt but failed because the destination server > doesn't support STARTTLS (I understand that this is something of a false > flag, > because even successful TLS message transmission is NOT necessarily secure, > but > bear with me if you will). > > I haven't yet looked in detail at the milter API, but was wondering if I > could > ask two preliminary questions about this: > > 1) does the milter API and its placement in the server's execution provide a > place where I can determine that STARTTLS has failed? No. Milter processing happens as mail enters the queue, delivery and STARTTLS success or failure happen when mail is leaving the queue. > (and where I can manually redirect the message and remove it from normal > processing) (milter against the STARTTLS command?) Milters process mail being received, not mail going out. > 2) does anyone know of a milter that might serve as a good example so I don't > have to start from scratch? Outgoing TLS policy failure is a non-milter problem. If you want traffic that fails mandatory TLS delivery to be re-routed for alternative processing, you can use a custom transport for mandatory tls: main.cf: indexed = ${default_database_type}:${config_directory}/ transport_maps = ${indexed}transport transport: example.com tlssmtp master.cf: tlssmtp unix - - n - - smtp -o smtp_tls_security_level=encrypt -o smtp_fallback_relay=[127.0.0.1]:12345 Note that not all failures will be starttls failures, so the fallback relay will also receive mail when the remote peer is down, or tempfails a particular recipient, ... -- Viktor.
Re: Postfix queue in Mysql ?
On Tue, Dec 28, 2010 at 08:28:48AM -0500, Joan Moreau wrote: > the postfix queue manager (qmgr) is taking far too much > resources What does "too much resources" mean? CPU? disk I/O? RAM? > when the number of email pending is growing. Treat the disease not the symptoms, why is the deferred queue large in the first place? > Is there a way to move "/var/spool/postfix" in a MySQL database ? No, the Postfix queue uses the unix filesystem. Your mailstore can be a database if you have suitable delivery agents, but the Postfix queue cannot. This is a good thing. Now solve the real problem. -- Viktor.
Re: Postfix and Myvzw.com POP3 email
On Tue, 28 Dec 2010 14:45:16 +0100 Jeroen Geilman articulated: > On 12/28/10 2:41 PM, mouss wrote: > > > > your postfix has support for AUTH. If you also have dovecot, then > > it's easier to use dovecot-auth. otherwise, use cyrus sasl. > > If he doesn't have dovecot, it is still easier than cyrus :) I have never had a problem with cyrus-sasl configuration and usage. I am presently using cyrus-sasl with mysql and it works flawlessly. I have had problems in the past with Dovecot and authentication when Dovecot was updated. I honestly don't remember the last time that I had to update cyrus though. In any case, I prefer to keep things isolated in a situation like this. It makes debugging easier, or at least for me it does. As a side note, there appears to be a problem on FreeBSD with the recent update of MySQL-5.5.8 and Postfix/Dovecot. I cannot confirm this since I have not updated to that version of MySQL as of yet myself. -- Jerry ✌ postfix-u...@seibercom.net _ TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html
Postfix queue in Mysql ?
Hi, the postfix queue manager (qmgr) is taking far too much resources when the number of email pending is growing. Is there a wait to move "/var/spool/postfix" in a MySQL database ? (dont tell me "dbmail", I want to keep my dovecot imap/pop sever) Thanks Joan
Re: Postfix and Myvzw.com POP3 email
On 12/28/10 2:41 PM, mouss wrote: your postfix has support for AUTH. If you also have dovecot, then it's easier to use dovecot-auth. otherwise, use cyrus sasl. If he doesn't have dovecot, it is still easier than cyrus :) -- J.
Re: Postfix and Myvzw.com POP3 email
Le 28/12/2010 13:34, Mark Khan a écrit : > Hi Victor: > > Thank you again for your response. I used the following package to install > postfix: > > CNDpostfix-2.7.1,REV=100609-SunOS5.10-sparc.pkg. > > If you could please review the information below ,I am hoping that you or > someone else in the postfix world can provide some direction on how to > enable AUTH based on what I have so far. Please let me know if you need > anymore information and I will be more than happy to provide it. > > According to documentation I should be able to tell what AUTH support is > enabled by telneting to the systems mail port (25) and issuing an EHLO > command which should list the supported options including AUTH. Here is my > output: > > telnet www.lancertech.com 25 > Trying 73.79.104.11... > Connected to www.lancertech.com. > Escape character is '^]'. > 220 mail.lancertech.com ESMTP Postfix > ehlo lancertech.com > 250-mail.lancertech.com > 250-PIPELINING > 250-SIZE 4048 > 250-ETRN > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN > > As you can see AUTH does not seem to be listed. I am not sure if this is > because my main.cf file is not correctly configured or AUTH was not complied > into this package. So I decided to look at the smtpd executable to see what > AUTH was compiled into it by using the following strings command: > your postfix has support for AUTH. If you also have dovecot, then it's easier to use dovecot-auth. otherwise, use cyrus sasl. The documentation is at http://www.postfix.org/SASL_README.html > [snip] >
Re: X-Original-To: and smtpd_proxy_filter
On 12/28/10 7:58 AM, Alexander Moisseev wrote: m...@domain.tld has an alias al...@domain.tld and mail sent to alias. X-Original-To: al...@domain.tld prepends to the message. It's OK. If the before-queue content filter enabled as shown below then X-Original-To: is m...@domain.tld. Why did this happen? Because a before-queue content filter (I am assuming you mean the smtpd_proxy feature of postfix) puts a complete SMTP hop in front of the postfix smtpd listener. This means that envelope information is re-set to whatever the smtpd proxy provides to postfix. Stop resolving aliases in your before-queue content filter and the problem will go away. I suppose it must be al...@domain.tld anyway. But if REDIRECT to other mailbox configured in header_checks (in addition to content filter) then X-Original-To: is al...@domain.tld as supposed. diff master.cf.bak master.cf That's utterly useless. Please include postconf -n and the entire master.cf file you are using NOW. Some relevant logs would also come in handy. -o receive_override_options=no_unknown_recipient_checks You might want to set that to no_address_mappings for the smtpd proxy listener. -- J.
Re: Postfix and Myvzw.com POP3 email
Hi Victor: Thank you again for your response. I used the following package to install postfix: CNDpostfix-2.7.1,REV=100609-SunOS5.10-sparc.pkg. If you could please review the information below ,I am hoping that you or someone else in the postfix world can provide some direction on how to enable AUTH based on what I have so far. Please let me know if you need anymore information and I will be more than happy to provide it. According to documentation I should be able to tell what AUTH support is enabled by telneting to the systems mail port (25) and issuing an EHLO command which should list the supported options including AUTH. Here is my output: telnet www.lancertech.com 25 Trying 73.79.104.11... Connected to www.lancertech.com. Escape character is '^]'. 220 mail.lancertech.com ESMTP Postfix ehlo lancertech.com 250-mail.lancertech.com 250-PIPELINING 250-SIZE 4048 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN As you can see AUTH does not seem to be listed. I am not sure if this is because my main.cf file is not correctly configured or AUTH was not complied into this package. So I decided to look at the smtpd executable to see what AUTH was compiled into it by using the following strings command: rambo-new# strings /usr/libexec/postfix/smtpd | grep -i auth 550 5.7.0 Error: insufficient authorization 550 5.7.0 Error: insufficient authorization smtpd_sasl_auth_enable smtpd_sasl_authenticated_header broken_sasl_auth_clients smtpd_tls_auth_only permit_mynetworks, reject_unauth_destination smtpd_authorized_verp_clients $authorized_verp_clients smtpd_authorized_xclient_hosts smtpd_authorized_xforward_hosts i {auth_type} {auth_authen} {auth_author} {mail_addr} {mail_host} {mail_mailer} reject_unauth_destination reject_authenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch permit_auth_destination reject_unauth_destination reject_unauth_pipelining all_auth_mx_addr reject_unauth_pipelining reject_authenticated_sender_login_mismatch reject_unauthenticated_sender_login_mismatch permit_auth_destination reject_unauth_destination permit_sasl_authenticated permit_sasl_authenticated cannot load Certificate Authority data: disabling TLS support AUTH MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqp d_authorized_clients,relay_domains,smtpd_access_maps send_cyrus_sasl_authzid no_unauth auth smtpd_sasl_auth_enable reject_unauth_destination rambo-new# I know probably not much help from above because I don't know what I am looking for to validate that AUTH is configured properly. Finally, I decided to see what LDD showed. Again there aren't a lot of examples of what these commands should look like if AUTH is installed correctly: libssl.so.0.9.7 => /usr/sfw/lib/libssl.so.0.9.7 libcrypto.so.0.9.7 =>/usr/sfw/lib/libcrypto.so.0.9.7 libldap.so.5 => /usr/lib/libldap.so.5 libresolv.so.2 =>/lib/libresolv.so.2 libsocket.so.1 =>/lib/libsocket.so.1 libnsl.so.1 => /lib/libnsl.so.1 libc.so.1 => /lib/libc.so.1 libsasl.so.1 => /usr/lib/libsasl.so.1 libmd.so.1 =>/lib/libmd.so.1 libnspr4.so => /usr/lib/mps/libnspr4.so libplc4.so =>/usr/lib/mps/libplc4.so libnss3.so =>/usr/lib/mps/libnss3.so libssl3.so =>/usr/lib/mps/libssl3.so libmp.so.2 =>/lib/libmp.so.2 libscf.so.1 => /lib/libscf.so.1 libpthread.so.1 => /lib/libpthread.so.1 librt.so.1 =>/lib/librt.so.1 libdl.so.1 =>/lib/libdl.so.1 libnssutil3.so =>/usr/lib/mps/libnssutil3.so libplds4.so => /usr/lib/mps/libplds4.so libthread.so.1 =>/lib/libthread.so.1 libdoor.so.1 => /lib/libdoor.so.1 libuutil.so.1 => /lib/libuutil.so.1 libgen.so.1 => /lib/libgen.so.1 libaio.so.1 => /lib/libaio.so.1 libssl_extra.so.0.9.7 => /usr/sfw/lib/libssl_extra.so.0.9.7 libcrypto_extra.so.0.9.7 => /usr/sfw/lib/libcrypto_extra.so.0.9.7 libm.so.2 => /lib/libm.so.2 /platform/SUNW,Sun-Blade-100/lib/libc_psr.so.1 /platform/SUNW,Sun-Blade-100/lib/libmd_psr.so.1 /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so : On 12/27/10 5:45 PM, "Victor Duchovni" wrote: > On Mon, Dec 27, 2010 at 05:29:18PM -0500, Mark Khan wrote: > >> My postfix server works with all other POP3 email providers (AOL, >> Meaasgelabs, etc) except Verizon?s myvzw.com which of course is what my new >> droid X uses. >> POP3 is configured with just login and password. No TLS. > > What does POP3 have to do with Postfix? Postfix is NOT a POP server. > >> Here is the the mynetworks configuration line entries from main.cf: >> >> # Added verizon wireless IP 174.252.0.0 to MYNETWORKS >> mynetworks = 174.252.134.106 > > 106.134.252.174.in-addr.arpa. 7157 IN PTR 106
Milter for handling messages bound for non-TLS-capable hosts?
Hello, I might need to learn how to write a milter that tries to divert outgoing messages (so a smtp/client milter) that have been sent with smtp_tls_security_level = encrypt but failed because the destination server doesn't support STARTTLS (I understand that this is something of a false flag, because even successful TLS message transmission is NOT necessarily secure, but bear with me if you will). I haven't yet looked in detail at the milter API, but was wondering if I could ask two preliminary questions about this: 1) does the milter API and its placement in the server's execution provide a place where I can determine that STARTTLS has failed? (and where I can manually redirect the message and remove it from normal processing) (milter against the STARTTLS command?) 2) does anyone know of a milter that might serve as a good example so I don't have to start from scratch? Thank you kindly in advance!