Re: Current header check
On Jun 27, 2011, at 9:16 PM, Noel Jones wrote: > On 6/27/2011 6:54 PM, jeffrey j donovan wrote: >> greetings >> does anyone have a good current header check they would be willing to share, >> specifically Im looking for correct fundamentals like date and time? >> >> -j > > Years ago this used to be useful, but not anymore. The false positive rate > is fairly high -- nearly 50% last time I tried it here with a WARN. Not very > many messages were caught, but about half of those caught were not spam. > Seems the spammers have gotten better and the legit mail clients and mail > list software have gotten worse. > > Much better to use a scoring system such as SpamAssassin for header checking. > > If you're having trouble blocking spam, show your "postconf -n" and some > samples of what you'd like to block to trigger a long-running discussion of > the best way to block whatever it is. (post spam samples to pastebin.com or > similar, not to the list). Or just search the archives for many similar > discussions. > > -- Noel Jones thank you thats exactly what I was looking at. I had some very old lines in my header checks. are there any that are still useful prior to spamassassin? This systems relays to an internal system running amavis. -j
Re: Current header check
On 6/27/2011 6:54 PM, jeffrey j donovan wrote: greetings does anyone have a good current header check they would be willing to share, specifically Im looking for correct fundamentals like date and time? -j Years ago this used to be useful, but not anymore. The false positive rate is fairly high -- nearly 50% last time I tried it here with a WARN. Not very many messages were caught, but about half of those caught were not spam. Seems the spammers have gotten better and the legit mail clients and mail list software have gotten worse. Much better to use a scoring system such as SpamAssassin for header checking. If you're having trouble blocking spam, show your "postconf -n" and some samples of what you'd like to block to trigger a long-running discussion of the best way to block whatever it is. (post spam samples to pastebin.com or similar, not to the list). Or just search the archives for many similar discussions. -- Noel Jones
Re: problems with authorized_submit_users
Le 27/06/2011 21:14, Bartłomiej Solarz-Niesłuchowski a écrit : > Good mornig! > > We want to block any mail locally seded from apache account. > > Many years ago we set in main.cf: > authorized_submit_users = !apache,static:all > but after upgrading postfix from 2.7.4 to 2.8.3 > this option suddenly stop working. > : > > This is the mail system at host dervish.wsisiz.edu.pl. > > I'm sorry to have to inform you that your message could not > be delivered to one or more recipients. It's attached below. > > For further assistance, please send mail to postmaster. > > If you do so, please include this problem report. You can > delete your own text from the attached returned message. > > The mail system > > <43keratintrea...@gmail.com>: host gmail-smtp-in.l.google.com[74.125.39.27] > said: 550-5.1.1 The email account that you tried to reach does not exist. > Please try 550-5.1.1 double-checking the recipient's email address for > typos or 550-5.1.1 unnecessary spaces. Learn more at > 550 5.1.1http://mail.google.com/support/bin/answer.py?answer=6596 > y5si7317166faf.142 (in reply to RCPT TO command) > Read this again. Google refused your email. nothing to do with authorized_submit_users. > > Reporting-MTA: dns; dervish.wsisiz.edu.pl > X-Postfix-Queue-ID: 55683C54256 > X-Postfix-Sender: rfc822;apa...@dervish.wsisiz.edu.pl > Arrival-Date: Mon, 27 Jun 2011 20:41:15 +0200 (CEST) > > Final-Recipient: rfc822;43keratintrea...@gmail.com > Original-Recipient:rfc822;43keratintrea...@gmail.com > Action: failed > > Does somebody has clue why it stop working? >
Re: Current header check
Le 28/06/2011 01:54, jeffrey j donovan a écrit : > greetings > does anyone have a good current header check they would be willing to share, > specifically Im looking for correct fundamentals like date and time? > just forget about that. if you're after date&time, use spamassassin, which takes a score based approach. the question is: - what is the ratio of spam that you get with a Date you would block? - what is the ratio of... that you would block (at postfix level)? i these give a high number, then you probably are not using safer checks, such as zen.spamhaus.org, ... etc. please show your 'postconf -n' output.
Re: Blocking web mail
Le 28/06/2011 00:25, Jerry a écrit : > On Mon, 27 Jun 2011 18:06:19 -0400 (EDT) > Wietse Venema articulated: > >> Jerry: >>> I saw a configuration for blocking web mail from Apache from >>> accessing Postfix. I think it was something like: !www or something >>> like that. I forgot to write it down and now I cannot locate it. >>> Does anyone know what the recipe is. Thanks! >> >> This was discussed here three postings before your question. > > OK, I found it: > > authorized_submit_users = !apache,static:all > > Since I am running Apache on FreeBSD with user/group ownership of "www" > I assume I would use this instead: > > authorized_submit_users = !www, static:all > > Would that be correct? > that would. but it doesn't prevent users from using the smtp interface. users can even send outbout smtp without using your relay... oh, unless you use different servers for different roles...
Re: How to restrict local users to use the sendmail command?
Le 27/06/2011 01:35, Noel Jones a écrit : > On 6/26/2011 3:12 PM, Ralf Hildebrandt wrote: >> * Georg Sauthoff: >> Since procmail(1), and other utilities need to be able to forward mail while retaining the original envelope sender address, restricting the envelope sender address in sendmail would be quite disruptive. Postfix does not provide such a feature. >>> >>> Ok, that makes sense. >>> >>> Thanks for the clarification. >> >> You might be able to use mini_sendmail (which uses SMTP) and SMTP-AUTH >> to restrict the envelope sender a certain users can use. But I'm not >> sure if it can use SMTP-AUTH :» >> > > mini_sendmail doesn't do AUTH, so it wouldn't be possible to restrict > which users are able to send mail. and it doesn't do queue mgmt. so it's either the mail gets out now or it is lost. sigh. > > Maybe Georg can use the postfix sendmail(1) command to limit which users > can send mail, and a content_filter (which can be a postfix listener) to > reject unauthorized MAIL FROM names. > > > -- Noel Jones >
Current header check
greetings does anyone have a good current header check they would be willing to share, specifically Im looking for correct fundamentals like date and time? -j
Re: Blocking web mail
On Mon, 27 Jun 2011 18:38:58 -0400 Sahil Tandon articulated: > On Mon, 2011-06-27 at 18:25:18 -0400, Jerry wrote: > > > OK, I found it: > > > > authorized_submit_users = !apache,static:all > > > > Since I am running Apache on FreeBSD with user/group ownership of > > "www" I assume I would use this instead: > > > > authorized_submit_users = !www, static:all > > Yes, and incidentally, that is the example provided in the postconf(5) > manual. Thanks, that is where I probably first saw it.
Re: Blocking web mail
Jerry: [ Charset UTF-8 unsupported, converting... ] > On Mon, 27 Jun 2011 18:06:19 -0400 (EDT) > Wietse Venema articulated: > > > Jerry: > > > I saw a configuration for blocking web mail from Apache from > > > accessing Postfix. I think it was something like: !www or something > > > like that. I forgot to write it down and now I cannot locate it. > > > Does anyone know what the recipe is. Thanks! > > > > This was discussed here three postings before your question. > > OK, I found it: > > authorized_submit_users = !apache,static:all > > Since I am running Apache on FreeBSD with user/group ownership of "www" > I assume I would use this instead: > > authorized_submit_users = !www, static:all > > Would that be correct? If in doubt, read the manpage: $ man 5 postconf authorized_submit_users (default: static:anyone) ... Specify a list of user names, "/file/name" or "type:table" patterns, separated by commas and/or whitespace... Wietse
Re: Blocking web mail
On Mon, 2011-06-27 at 18:25:18 -0400, Jerry wrote: > OK, I found it: > > authorized_submit_users = !apache,static:all > > Since I am running Apache on FreeBSD with user/group ownership of "www" > I assume I would use this instead: > > authorized_submit_users = !www, static:all Yes, and incidentally, that is the example provided in the postconf(5) manual. -- Sahil Tandon
Re: Blocking web mail
On Mon, 27 Jun 2011 18:06:19 -0400 (EDT) Wietse Venema articulated: > Jerry: > > I saw a configuration for blocking web mail from Apache from > > accessing Postfix. I think it was something like: !www or something > > like that. I forgot to write it down and now I cannot locate it. > > Does anyone know what the recipe is. Thanks! > > This was discussed here three postings before your question. OK, I found it: authorized_submit_users = !apache,static:all Since I am running Apache on FreeBSD with user/group ownership of "www" I assume I would use this instead: authorized_submit_users = !www, static:all Would that be correct? Thanks!
Re: Blocking web mail
On Mon, 27 Jun 2011 23:47:50 +0200 Reindl Harald articulated: > Am 27.06.2011 23:44, schrieb Jerry: > > I saw a configuration for blocking web mail from Apache from > > accessing Postfix. I think it was something like: !www or something > > like that. I forgot to write it down and now I cannot locate it. > > Does anyone know what the recipe is. Thanks! > > i guess nobody has an idea about what you are speaking! > > what webmail? > why block? > block in which direction? There is this possible setting: authorized_submit_users = !www, static:all However, I thought I saw something with "smtpd_mumble_restrictions" or something like that. Sorry, I don't remember what it was and I am unable to locate it presently. I'll keep looking. Specifically, I wanted to insure if Apache was somehow hijacked that mail could not be relayed from it through Postfix. Thanks anyway.
RE: Blocking web mail
On Behalf Of Reindl Harald > > Am 27.06.2011 23:44, schrieb Jerry: > > I saw a configuration for blocking web mail from Apache from accessing > > Postfix. I think it was something like: !www or something like that. I > > forgot to write it down and now I cannot locate it. Does anyone know > > what the recipe is. Thanks! > > i guess nobody has an idea about what you are speaking! > > what webmail? > why block? > block in which direction? *g I hope he mean authorized_submit_users = !www-data, static:anyone Mit freundlichen Grüßen Drießen -- Software & Computer Uwe Drießen Lembergstraße 33 67824 Feilbingert Tel.: +49 06708 / 660045 Fax: +49 06708 / 661397
Re: Blocking web mail
Jerry: > I saw a configuration for blocking web mail from Apache from accessing > Postfix. I think it was something like: !www or something like that. I > forgot to write it down and now I cannot locate it. Does anyone know > what the recipe is. Thanks! This was discussed here three postings before your question. Wietse
Re: Blocking web mail
Am 27.06.2011 23:44, schrieb Jerry: > I saw a configuration for blocking web mail from Apache from accessing > Postfix. I think it was something like: !www or something like that. I > forgot to write it down and now I cannot locate it. Does anyone know > what the recipe is. Thanks! i guess nobody has an idea about what you are speaking! what webmail? why block? block in which direction? signature.asc Description: OpenPGP digital signature
Blocking web mail
I saw a configuration for blocking web mail from Apache from accessing Postfix. I think it was something like: !www or something like that. I forgot to write it down and now I cannot locate it. Does anyone know what the recipe is. Thanks!
Re: Multiple Instances Question
I was having trouble getting that to work but with your example I might try it again... On 27-Jun-11 3:25 PM, Christian Roessner wrote: I have multiple domains and need to set up each domain with its own TLS certificate. Can you explain this a little bit more? You could add several w1.x1.y1.z1:smtp ... smtpd w1.x1.y1.z1:submission ... smtpd w2.x2.y2.z2:smtp ... smtpd w2.x2.y2.z2:submission ... smtpd Example from my server: 88.198.xx.yy:smtp inet n - - - - smtpd [...] -o myhostname=mail. [...] -o smtpd_tls_cert_file=/ca/mail./newcert.pem -o smtpd_tls_key_file=/ca/mail./newkey.pem [...] 88.198.xx.yy:submission inet n - - - - smtpd [...] -o myhostname=mail. [...] -o smtpd_tls_cert_file=/ca/mail./newcert.pem -o smtpd_tls_key_file=/ca/mail./newkey.pem -o smtpd_tls_security_level=encrypt [...] with each having its own certificates in master.cf. Maybe I did not get the point yet :-) Christian
Re: problems with authorized_submit_users
On 6/27/2011 2:14 PM, Bartłomiej Solarz-Niesłuchowski wrote: Good mornig! We want to block any mail locally seded from apache account. Many years ago we set in main.cf: authorized_submit_users = !apache,static:all but after upgrading postfix from 2.7.4 to 2.8.3 this option suddenly stop working. : That is still a valid option. http://www.postfix.org/postconf.5.html#authorized_submit_users Please see http://www.postfix.org/DEBUG_README.html#mail show us "postconf -n" output. show us postfix logging of the unwanted behavior. -- Noel Jones
Re: Multiple Instances Question
> I have multiple domains and need to set up each domain with its own TLS > certificate. Can you explain this a little bit more? You could add several w1.x1.y1.z1:smtp ... smtpd w1.x1.y1.z1:submission ... smtpd w2.x2.y2.z2:smtp ... smtpd w2.x2.y2.z2:submission ... smtpd Example from my server: 88.198.xx.yy:smtp inet n - - - - smtpd [...] -o myhostname=mail. [...] -o smtpd_tls_cert_file=/ca/mail./newcert.pem -o smtpd_tls_key_file=/ca/mail./newkey.pem [...] 88.198.xx.yy:submission inet n - - - - smtpd [...] -o myhostname=mail. [...] -o smtpd_tls_cert_file=/ca/mail./newcert.pem -o smtpd_tls_key_file=/ca/mail./newkey.pem -o smtpd_tls_security_level=encrypt [...] with each having its own certificates in master.cf. Maybe I did not get the point yet :-) Christian -- Roessner-Network-Solutions Bachelor of Science Informatik 50°34.725'N, 08°40.904'O, Nahrungsberg 81, 35390 Giessen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com signature.asc Description: OpenPGP digital signature
problems with authorized_submit_users
Good mornig! We want to block any mail locally seded from apache account. Many years ago we set in main.cf: authorized_submit_users = !apache,static:all but after upgrading postfix from 2.7.4 to 2.8.3 this option suddenly stop working. : This is the mail system at host dervish.wsisiz.edu.pl. I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below. For further assistance, please send mail to postmaster. If you do so, please include this problem report. You can delete your own text from the attached returned message. The mail system <43keratintrea...@gmail.com>: host gmail-smtp-in.l.google.com[74.125.39.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://mail.google.com/support/bin/answer.py?answer=6596 y5si7317166faf.142 (in reply to RCPT TO command) Reporting-MTA: dns; dervish.wsisiz.edu.pl X-Postfix-Queue-ID: 55683C54256 X-Postfix-Sender: rfc822; apa...@dervish.wsisiz.edu.pl Arrival-Date: Mon, 27 Jun 2011 20:41:15 +0200 (CEST) Final-Recipient: rfc822; 43keratintrea...@gmail.com Original-Recipient: rfc822;43keratintrea...@gmail.com Action: failed Does somebody has clue why it stop working? Best Regards Status: 5.1.1 -- Bartłomiej Solarz-Niesłuchowski, Administrator WSISiZ e-mail: bartlomiej.solarz-niesluchow...@wit.edu.pl tel. 223486547, 223810247, fax 223486501 JID: sol...@jabber.wit.edu.pl 01-447 Warszawa, ul. Newelska 6, pokój 404, pon.-pt. 8-16 Motto - Jak sobie pościelisz tak sie wyśpisz smime.p7s Description: S/MIME Cryptographic Signature
Re: Multiple Instances Question
Mark Moellering: > Does each instance need its own uid and gid? Wietse: > The documentation does not say that different instances must have > different mail_owner and setgid_group settings, so don't do that. Mark Moellering: > It says that "The default instance is responsible for local mail > submission" Does this mean that only the default instance needs > virtual_mailbox_domain and virtual_mailbox_maps entries? Wietse: > It says: local *submission*. Not: local *delivery*. Mark Moellering: > Ahh I see... What about the sql files? Can each instance point > to the same directory or do I need different directories per > instance? Since everything is already set to handle multiple > domains, I can use the same sql for each... Where different servers are responsible for different domains, there is no need to share user/domain databases. Wietse
Re: Multiple Instances Question
On 6/27/2011 12:01 PM, Mark Moellering wrote: Ahh I see... What about the sql files? Can each instance point to the same directory or do I need different directories per instance? Since everything is already set to handle multiple domains, I can use the same sql for each... Multiple instances can share read-only maps such as virtual, transport, or access maps. It may or may not make sense to share these maps in any particular instance. Multiple instances cannot share maps that postfix itself writes to, such as the tls session cache, the address_verify_map cache or the postscreen cache. The type of map (*sql, hash, whatever) makes no difference.
Re: Multiple Instances Question
On 27-Jun-11 12:50 PM, Wietse Venema wrote: Mark Moellering: I am running a postfix server on Freebsd 8.1 I have multiple domains and need to set up each domain with its own TLS certificate. I emailed this list and the best solution seems to be to run multiple instances. I read through the documentation and I want to clarify things before I start making changes on the server. Does each instance need its own uid and gid? The documentation does not say that different instances must have different mail_owner and setgid_group settings, so don't do that. It says that "The default instance is responsible for local mail submission" Does this mean that only the default instance needs virtual_mailbox_domain and virtual_mailbox_maps entries? It says: local *submission*. Not: local *delivery*. Wietse Ahh I see... What about the sql files? Can each instance point to the same directory or do I need different directories per instance? Since everything is already set to handle multiple domains, I can use the same sql for each... Mark
Re: Multiple Instances Question
Mark Moellering: > I am running a postfix server on Freebsd 8.1 > I have multiple domains and need to set up each domain with its own TLS > certificate. > I emailed this list and the best solution seems to be to run multiple > instances. > I read through the documentation and I want to clarify things before I > start making changes on the server. > > Does each instance need its own uid and gid? The documentation does not say that different instances must have different mail_owner and setgid_group settings, so don't do that. > It says that "The default instance is responsible for local mail > submission" Does this mean that only the default instance needs > virtual_mailbox_domain and virtual_mailbox_maps entries? It says: local *submission*. Not: local *delivery*. Wietse
Multiple Instances Question
I am running a postfix server on Freebsd 8.1 I have multiple domains and need to set up each domain with its own TLS certificate. I emailed this list and the best solution seems to be to run multiple instances. I read through the documentation and I want to clarify things before I start making changes on the server. Does each instance need its own uid and gid? It says that "The default instance is responsible for local mail submission" Does this mean that only the default instance needs virtual_mailbox_domain and virtual_mailbox_maps entries? What about sender_dependent_default_transport_maps = mysql:/usr/local/etc/postfix/sql/mailbox_transport.cf ? Would each instance need its own entry? If so, can I leave it the same or do I need to have each instance have its own ../etc/postfix-instance/sql/ directory? If each instance needs its own sql directory, can they all be links to the same directory? I apologize for the barrage of nitpicking questions but this is a big change and I can't let the server be down too long and I want to have an idea of what settings I need before I go changing them. Any other help is greatly appreciated. I am including my current postconf -n and master.cf entries for completeness. Thanks for everyone's help Mark Moellering # # Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # == # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # == smtp inet n - n - - smtpd #smtp inet n - n - 1 postscreen #smtpd pass - - n - - smtpd #dnsblog unix - - n - 0 dnsblog #tlsproxy unix - - n - 0 tlsproxy submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #smtps inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING saline1990 unix - - n - - smtp -o smtp_bind_address=69.41.172.100 -o smtp_helo_name=mail.saline1990.com -o syslog_name=postfix-saline1990 # pioneer86 unix -- n - - smtp -o smtp_bind_address=69.41.172.249 -o smtp_helo_name=mail.pioneer86.com -o syslog_name=postfix-pioneer86 # class-creator unix -- n - - smtp -o syslog_name=postfix-class_creator # grissomhigh1981 unix - - n - - smtp -o smtp_bind_address=69.41.172.62 -o smtp_helo_name=mail.grissomhigh1981.org -o syslog_name=postfix-grissomhigh1981 # 69.41.172.62:smtp inet n -n - - smtpd -o smtpd_tls_key_file=/etc/ssl/private/grissomhigh1981.key -o smtpd_tls_cert_file=/etc/ssl/certs/grissomhigh1981.crt # anadarkohs60 unix - - n - - smtp -o smtp_bind_address=69.41.172.174 -o smtp_helo_name=mail.anadarkohs60.com -o syslog_name=postfix-anadarkohs60 # porthuronhighschool unix - -n - - smtp -o smtp_bind_address=69.41.172.180 -o smtp_helo_name=mail.porthuronhighschool.info -o syslog_name=postfix-porthuronhighschool # #628 inet n - n - - qmqpd pickupfifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgrunix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounceunix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verifyunix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - n - - smtp # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 show
Re: Questions about queue cli commands
Nicolas Michel: > OK. So if I understand well, "postsuper -r ALL" puts mails into the > starting point of the postfix delivery process (as like the mail were > just arrived on the server) but "postqueue -f" only try to deliver them? > (without reprocessing all the headers of each mail?) > > If this is correct, I don't really see in which context a "postsuper -r > ALL" should be used instead of "postqueue -f" To reprocess headers, to reprocess the queue file envelope, and to recompute other queue file metadata such as content filter records, delayed mail warning timer, etc. Wietse
Re: Questions about queue cli commands
On 06/27/2011 11:24 AM, Patrick Proniewski wrote: Salut, On 27 juin 2011, at 11:09, Nicolas Michel wrote: I have mails in the queue (I can see them with mailq). A) I want to delete them - postqueue -f nope, it will just flush the queue (force a new delivery attempt) - postsuper -d ALL - mailq | awk '{if (NF == 7) print $1'} | postsuper -d - both do almost the same, but the second one will fail on messages with particular status ("on delivery", or "on hold"), because a "*" or a "!" is appended to the ID of the message. B) I want to move queued mail in the delivery process of postfix (to force the retry of the delivery) - postsuper -r ALL -r is not for retry, it's for requeue. Don't use it unless you really want the requeue process to be done. Use postqueue -f instead. Patrick PRONIEWSKI OK. So if I understand well, "postsuper -r ALL" puts mails into the starting point of the postfix delivery process (as like the mail were just arrived on the server) but "postqueue -f" only try to deliver them? (without reprocessing all the headers of each mail?) If this is correct, I don't really see in which context a "postsuper -r ALL" should be used instead of "postqueue -f"
Re: Questions about queue cli commands
Salut, On 27 juin 2011, at 11:09, Nicolas Michel wrote: > I have mails in the queue (I can see them with mailq). > > A) I want to delete them > - postqueue -f nope, it will just flush the queue (force a new delivery attempt) > - postsuper -d ALL > - mailq | awk '{if (NF == 7) print $1'} | postsuper -d - both do almost the same, but the second one will fail on messages with particular status ("on delivery", or "on hold"), because a "*" or a "!" is appended to the ID of the message. > B) I want to move queued mail in the delivery process of postfix (to force > the retry of the delivery) > > - postsuper -r ALL -r is not for retry, it's for requeue. Don't use it unless you really want the requeue process to be done. Use postqueue -f instead. Patrick PRONIEWSKI -- Administrateur Système - DSI - Université Lumière Lyon 2 smime.p7s Description: S/MIME cryptographic signature
Questions about queue cli commands
Hello, I have a few simple questions to be sure using the right commands to do what I want : Situation - I have mails in the queue (I can see them with mailq). A) I want to delete them - postqueue -f - postsuper -d ALL - mailq | awk '{if (NF == 7) print $1'} | postsuper -d - Are these three commands doing stricly the same job but in a different way? B) I want to move queued mail in the delivery process of postfix (to force the retry of the delivery) - postsuper -r ALL (is there any other way doing it?) Thank you a lot, nm