Re: Forbid .forward but be able to use vacation ?

[Frank Bonnet]

Le 29/07/2011 16:53, Wietse Venema a écrit :

Frank Bonnet:

Hello

I'm facing an egg and chicken problem ,,,

We have received the following instructions "From Above" :

1 - Forbid the email forwarding for our users
2 - Some kind of vacation program must be still available for users
   that are Out Of Office

We use "real" unix users with LDAP backend ( pam_ldap + nss_ldap )

Thanks for any info/links/idea


grep @ /home/*/.forward

Wietse


Hi Wiese

Yes I know how grep for @ in */.forward files
but I think it is misunderstanding due to me

I would like to disable the forwarding capabilities
for some users ( mainly students )

For now the only solution I found is to create an empty
.forward file in their home directories owned by root
and chmoded 444 ...

not very elegant but it seems to work

Now ... how to have a vacation utility that still works ?
maybe sieve could be usable with dovecot LDA ?

Thanks for your answer

Re: misunderstanding with dovecot

[Victor Duchovni]

On Fri, Jul 29, 2011 at 11:34:54PM +0200, Andrea Ganduglia wrote:

> > This is not difficult, as long as you don't override postfix' default
> > behaviour with silly transport_maps that don't work.
> 
> Without transport_maps it doesn't works. If I set virtual_transport =
> dovecot log returns relay=none

The "virtual_transport" setting only applies to domains that are listed
in virtual_mailbox_domains. If adding the domain to the transport table
works, while setting virtual_transport does not, clearly the domain
is not listed in virtual_mailbox_domains.

-- 
Viktor.

Re: misunderstanding with dovecot

[Andrea Ganduglia]

On Fri, Jul 29, 2011 at 11:04 PM, Jeroen Geilman  wrote:
> On 2011-07-29 21:20, Andrea Ganduglia wrote:
>>
>> On Fri, Jul 29, 2011 at 7:05 PM, Jeroen Geilman  wrote:
>>>
>>> On 2011-07-29 18:37, Andrea Ganduglia wrote:

 my outbound traffic try to authenticate recipients and delivery fails
>>>
>>> My god, why is this so complicated ?
>>>
>>> You're adding extra transport maps to a transport that is already the
>>> default virtual transport, to override transport maps that are empty.
>>
>> I don't understand this point. The only way that Dovecot works is use
>> transpot_maps, if I use just virtual_transport = dovecot it doesn't
>> works.
>
> Then you did something wrong.
> As long as the dovecot transport knows how to handle the mail sent to it,
> virtual_transport = dovecot will work fine.

I agree but I don't understand where.

In any case, I have try this query:

SELECT "dovecot" AS transport FROM mailbox WHERE domain = '%d' LIMIT 1

and then:

transport_maps = mysql:/etc/postfix/mysql_virtual_transport.cf
maildrop_destination_recipient_limit = 1
virtual_transport = virtual

In my thinking if query failed postfix ignore dovecot and move on. Look here:

FROM u...@example.com TO nonews@gmail.com (webmail)

Jul 29 22:44:29 host postfix/pickup[4481]: 7177C2548187: uid=33
from=
Jul 29 22:44:29 host postfix/qmgr[2470]: 7177C2548187:
from=, size=549, nrcpt=1 (queue active)
Jul 29 22:44:31 host postfix/smtp[4570]: 7177C2548187:
to=,
relay=gmail-smtp-in.l.google.com[209.85.229.27]:25, delay=1.9,
delays=0/0/0.1/1.8, dsn=2.0.0, status=sent (250 2.0.0 OK 1311972297
y56si4711252wec.111)

FROM u...@example.com TO u...@example.com (webmail)

Jul 29 22:45:46 host postfix/pickup[4481]: D3A602548187: uid=33
from=
Jul 29 22:45:46 host postfix/qmgr[2470]: D3A602548187:
from=, size=543, nrcpt=1 (queue active)
Jul 29 22:45:47 host postfix/pipe[4472]: D3A602548187:
to=, relay=dovecot, delay=0.5, delays=0.39/0/0/0.11,
dsn=2.0.0, status=sent (delivered via dovecot service)

FROM nonews@gmail.com TO u...@example.com

Jul 29 22:46:45 host postfix/qmgr[2470]: B23322548178:
from=, size=1516, nrcpt=1 (queue active)
Jul 29 22:46:46 host postfix/pickup[4481]: 52F01254818B: uid=5001
from=
Jul 29 22:46:46 host postfix/pipe[3388]: B23322548178:
to=, relay=spamassassin, delay=0.73,
delays=0.36/0/0/0.37, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Jul 29 22:46:46 host postfix/pipe[4028]: 52F01254818B:
to=, relay=dovecot, delay=0.02, delays=0/0/0/0.02,
dsn=2.0.0, status=sent (delivered via dovecot service)

FROM u...@example.com TO nonews@gmail.com (authenticated smtp)

Jul 29 22:48:15 host postfix/smtpd[2548]: AFD0D2548187:
client=myconnection.domain.tld[**.**.***.***], sasl_method=CRAM-MD5,
sasl_username=u...@example.com
Jul 29 22:48:15 host postfix/cleanup[3988]: AFD0D2548187:
message-id=<4e331c9c.3050...@example.com>
Jul 29 22:48:15 host postfix/qmgr[2470]: AFD0D2548187:
from=, size=614, nrcpt=1 (queue active)
Jul 29 22:48:15 host postfix/pickup[4481]: D9A76254818C: uid=5001
from=
Jul 29 22:48:15 host postfix/pipe[2702]: AFD0D2548187:
to=, relay=spamassassin, delay=0.22,
delays=0.14/0/0/0.07, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Jul 29 22:48:15 host postfix/cleanup[4020]: D9A76254818C:
message-id=<4e331c9c.3050...@example.com>
Jul 29 22:48:15 host postfix/qmgr[2470]: D9A76254818C:
from=, size=913, nrcpt=1 (queue active)
Jul 29 22:48:17 host postfix/smtp[4570]: D9A76254818C:
to=,
relay=gmail-smtp-in.l.google.com[209.85.229.27]:25, delay=1.6,
delays=0/0/0.1/1.5, dsn=2.0.0, status=sent (250 2.0.0 OK 1311972523
fu20si4710924wbb.118)

It seems to work.


> The problem is that you have not sufficiently explained what "this" is.
> I gather you're trying to use dovecot to deliver incoming mail, and want to
> avoid that on outgoing mail.

It is.

> This is not difficult, as long as you don't override postfix' default
> behaviour with silly transport_maps that don't work.

Without transport_maps it doesn't works. If I set virtual_transport =
dovecot log returns relay=none

It was my first problem.
http://www.linux-archive.org/debian-user/76-postfix-virtual_transport-maildrop.html

then here
http://www.linux-archive.org/debian-user/557551-sieve-dovecot-squeeze-help.html

and here
http://www.dovecot.org/list/dovecot/2011-July/060313.html

>> I post this issue through out 3  world wide
>> mailing list {debian,dovecot,postfix}-user in last two weeks, I read
>> much about "talk", but no one said me where I wrong, why and how I can
>> fix it.
>
> Nobody is being paid to help you, surely.

I have not said this, you know. I'm here from a decade to now, I know
how it works! :-D

Well...

Thank your for your time. Now it works, but my solution taste of hack
and I'm worried about.

Re: Restricting sendmail

[Jeroen Geilman]

On 2011-07-29 23:00, kianoush wrote:

Hello,

I've searched alot in the documents, sorry if I missed anything, BUT 
MY QUESTION IS:


I want to restrict Unix/Linux System user  such as  XYZ  of using 
sendmail to certain domains:

in example:
xyz.com 
xyt.com 
ztq.com 

and have it rejected if he tried to use other domains as sender


You can use a milter: http://www.postfix.org/MILTER_README.html

There is nothing native that can arbitrate locally-submitted mail (apart 
from disallowing certain users to use it at all).





Somewhat preventing forgery,   Is there any solution right now for 
that or sendmail (postfix) should be modified?


Also is there any solution to prevent this using SASL,  I tried alot 
of header checking, it is possible but very messy and too many checks 
are required,



SASL is used on SMTP connections; sendmail doesn't use it.

--
J.

Re: misunderstanding with dovecot

[Jeroen Geilman]

On 2011-07-29 21:20, Andrea Ganduglia wrote:

On Fri, Jul 29, 2011 at 7:05 PM, Jeroen Geilman  wrote:

On 2011-07-29 18:37, Andrea Ganduglia wrote:

my outbound traffic try to authenticate recipients and delivery fails

My god, why is this so complicated ?

You're adding extra transport maps to a transport that is already the
default virtual transport, to override transport maps that are empty.

I don't understand this point. The only way that Dovecot works is use
transpot_maps, if I use just virtual_transport = dovecot it doesn't
works.


Then you did something wrong.
As long as the dovecot transport knows how to handle the mail sent to 
it, virtual_transport = dovecot will work fine.



And to top it off, you're using a mysql map to return a static result.

Yeah, it's hack for now. On next future, I want select transport by
domain name (like: select tranport from transports where domain =
'%d').



Then it has no place in this config.
Get simple working first, then make it more complex.


Also, you're not using maildrop as a transport, so the above recipient limit
is never applied.

Seriously, consider unfscking this config.

It's not the goal of this issue. This is an experimental and
transitional config file. My goal for now is understand how split
outbound and inbound mail and using Dovecot/Sieve for inbound mails.
I'm not using dropmail here, I opted for dovecot.


Again, it only obfuscates any real issues.


With dovecot inbound mail follows this route postfix ->spamassassin
->dovecot ->sieve ->Maildir (it works!)

but outbound mail follows the same way, while I think should be
postfix ->smptd ->send (in any case with virtual pipe on
spamassissin!).

So apply your spam filter to the incoming connection only.

No. Apply dovecot to the incoming connection only.


...what ? That makes absolutely zero sense.
Dovecot is a mail store server, not a content filter.
If you apply the dovecot transport to all mail, then yes, this goes 
wrong. So don't do that.



I assume you're using submission (port 587, SASL +TLS) for mail submission -
and if you're not, you should.
This leaves you free to add your content_filter to the port 25 smtpd(8)
listener.

Currently I'm not using :submission. If I do:

Jul 29 20:20:30 hostname postfix/smtp[17437]: 998E02548187:
to=, relay=none, delay=0.02,
delays=0.01/0/0/0, dsn=4.4.1, status=deferred (connect to
127.0.0.1[127.0.0.1]:587: Connection refused)

I have no more investigated.


Then I suggest you do so.
Submission is well documented, as is smtpd(8) SASL and TLS:

http://www.postfix.org/SASL_README.html and
http://www.postfix.org/TLS_README.html

It is one half of separating your incoming and outgoing mail streams.


How can I split delivery into two distinct paths for outbound and
inbound messages?

By using submission to submit outbound mail.


--master.cf--
smtp  inet  n   -   n   -   -   smtpd
 -o content_filter=spamassassin

That should be inbound only; prevent outbound users from using it by
REJECTing envelope senders in your domain(s).

uhm... I don't understant. How? Why?


With the appropriate restrictions, as documented here:

http://www.postfix.org/SMTPD_ACCESS_README.html

Pay particular attention to the check_sender_access restriction; if you 
apply that to your domain(s), before accepting any mail, people will not 
be able to use port 25 to send mail from your domain(s).



Never used.
This is used.

I know.

Jeroen, you was very nice, but I need to understand what is the right
way to make work this.


The problem is that you have not sufficiently explained what "this" is.
I gather you're trying to use dovecot to deliver incoming mail, and want 
to avoid that on outgoing mail.


This is not difficult, as long as you don't override postfix' default 
behaviour with silly transport_maps that don't work.


But without more detailed requirements it is very hard to tell you what 
to do.




I post this issue through out 3  world wide
mailing list {debian,dovecot,postfix}-user in last two weeks, I read
much about "talk", but no one said me where I wrong, why and how I can
fix it.


Nobody is being paid to help you, surely.

Postfix has excellent documentation; if you have questions it does not 
answer, feel free to come here and ask them, and provide as much 
relevant information as you can.


For reference, see the DEBUG help you also received when joining this list:

http://www.postfix.org/DEBUG_README.html#mail

--
J.

Restricting sendmail

[kianoush]

Hello,

I've searched alot in the documents, sorry if I missed anything, BUT MY
QUESTION IS:

I want to restrict Unix/Linux System user  such as  XYZ  of using sendmail
to certain domains:
in example:
xyz.com
xyt.com
ztq.com

and have it rejected if he tried to use other domains as sender

Somewhat preventing forgery,   Is there any solution right now for that or
sendmail (postfix) should be modified?

Also is there any solution to prevent this using SASL,  I tried alot of
header checking, it is possible but very messy and too many checks are
required,

I'm feeling I'm missing something any simple hash somewhere to do the job?

Thanks

Kia

Re: Postfix Bug, virtual transport

[Wietse Venema]

kianoush:
[ Charset ISO-8859-1 unsupported, converting... ]
> Hello,
> 
> if you put this in file:   virtual (used for virtual transport)
> 
> ___
> t...@example.com   t...@example.com, i...@example.com
> ___
> 
> And you have Both Virtual Mailboxes:
> t...@example.com
> i...@example.com
> in your virtual mailbox map
> 
> 
> And when you send locally from anyem...@example.com on the same server using
> SMTP, SASL Authentication or local sendmail (pickup) to t...@example.com
> 
> i...@example.com will receive two copies of the message

See http://www.postfix.org/FILTER_README.html, look for
the text with receive_override_options.

Wietse
 
> I know it is possible to achieve this behavior using sender and receiver bcc
>  but  virtual doesn't seem to work fine in such case,
> 
> if you put something like:
> 
> ___
> t...@example.com   t...@example.com, i...@example.com@
> sometransport.example.com
> ___
> 
> 
> and sometransport.example.com  is a transport pipe  it will work properly
> 
> 
> Best
> 
> Kianoush

Re: misunderstanding with dovecot

[Andrea Ganduglia]

On Fri, Jul 29, 2011 at 7:05 PM, Jeroen Geilman  wrote:
> On 2011-07-29 18:37, Andrea Ganduglia wrote:
>> my outbound traffic try to authenticate recipients and delivery fails
> My god, why is this so complicated ?
>
> You're adding extra transport maps to a transport that is already the
> default virtual transport, to override transport maps that are empty.

I don't understand this point. The only way that Dovecot works is use
transpot_maps, if I use just virtual_transport = dovecot it doesn't
works.

> And to top it off, you're using a mysql map to return a static result.

Yeah, it's hack for now. On next future, I want select transport by
domain name (like: select tranport from transports where domain =
'%d').

> Also, you're not using maildrop as a transport, so the above recipient limit
> is never applied.
>
> Seriously, consider unfscking this config.

It's not the goal of this issue. This is an experimental and
transitional config file. My goal for now is understand how split
outbound and inbound mail and using Dovecot/Sieve for inbound mails.
I'm not using dropmail here, I opted for dovecot.

>> With dovecot inbound mail follows this route postfix ->  spamassassin
>> ->  dovecot ->  sieve ->  Maildir (it works!)
>>
>> but outbound mail follows the same way, while I think should be
>> postfix ->  smptd ->  send (in any case with virtual pipe on
>> spamassissin!).
>
> So apply your spam filter to the incoming connection only.

No. Apply dovecot to the incoming connection only.

> I assume you're using submission (port 587, SASL +TLS) for mail submission -
> and if you're not, you should.
> This leaves you free to add your content_filter to the port 25 smtpd(8)
> listener.

Currently I'm not using :submission. If I do:

Jul 29 20:20:30 hostname postfix/smtp[17437]: 998E02548187:
to=, relay=none, delay=0.02,
   delays=0.01/0/0/0, dsn=4.4.1, status=deferred (connect to
127.0.0.1[127.0.0.1]:587: Connection refused)

I have no more investigated.

>> How can I split delivery into two distinct paths for outbound and
>> inbound messages?
>
> By using submission to submit outbound mail.
>
>> --master.cf--
>> smtp      inet  n       -       n       -       -       smtpd
>>     -o content_filter=spamassassin
>
> That should be inbound only; prevent outbound users from using it by
> REJECTing envelope senders in your domain(s).

uhm... I don't understant. How? Why?

> Never used.
> This is used.

I know.

Jeroen, you was very nice, but I need to understand what is the right
way to make work this. I post this issue through out 3  world wide
mailing list {debian,dovecot,postfix}-user in last two weeks, I read
much about "talk", but no one said me where I wrong, why and how I can
fix it.

Someone can help me? please? :-/

-Andrea

Postfix Bug, virtual transport

[kianoush]

Hello,

if you put this in file:   virtual (used for virtual transport)

___
t...@example.com   t...@example.com, i...@example.com
___

And you have Both Virtual Mailboxes:
t...@example.com
i...@example.com
in your virtual mailbox map


And when you send locally from anyem...@example.com on the same server using
SMTP, SASL Authentication or local sendmail (pickup) to t...@example.com

i...@example.com will receive two copies of the message


I know it is possible to achieve this behavior using sender and receiver bcc
 but  virtual doesn't seem to work fine in such case,

if you put something like:

___
t...@example.com   t...@example.com, i...@example.com@
sometransport.example.com
___


and sometransport.example.com  is a transport pipe  it will work properly


Best

Kianoush

Re: misunderstanding with dovecot

[Jeroen Geilman]

On 2011-07-29 18:37, Andrea Ganduglia wrote:

Hi. I have a little issue with postfix and dovecot. Below you can find
my actual configuration, this works well if I use virtual_transport =
virtual but if I add those lines:

transport_maps = mysql:/etc/postfix/mysql_virtual_transport.cf
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot

my outbound traffic try to authenticate recipients and delivery fails

Jul 27 23:01:24 boxnic postfix/pipe[27788]: 1C3B525481B4:
to=, relay=spamassassin, delay=0.22,
delays=0.15/0/0/0.07, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Jul 27 23:01:24 boxnic dovecot: auth(default): master in:
USER#0111#011u...@example.com#011service=deliver
Jul 27 23:01:24 boxnic dovecot: auth-worker(default):
sql(u...@example.com): SELECT maildir, 1001 AS uid, 1001 AS gid FROM
mailbox WHERE username = 'u...@example.com'
Jul 27 23:01:24 boxnic dovecot: auth-worker(default):
sql(u...@example.com): Unknown user
Jul 27 23:01:24 boxnic postfix/pipe[27704]: 47DF825481B6:
to=, relay=dovecot, delay=0.01, delays=0/0/0/0.01,
dsn=5.1.1, status=bounced (user unknown)

in /etc/postfix/mysql_virtual_transport.cf I'm using this fake query:

SELECT "dovecot" AS transport;


My god, why is this so complicated ?

You're adding extra transport maps to a transport that is already the 
default virtual transport, to override transport maps that are empty.

And to top it off, you're using a mysql map to return a static result.

Also, you're not using maildrop as a transport, so the above recipient 
limit is never applied.


Seriously, consider unfscking this config.

If you set virtual_transport to dovecot (and I'm not saying that you 
should), don't put it in a transport map.
Vice versa, if you put dovecot in a transport map, don't set it as your 
virtual_transport.


When in doubt, do not hijack the default workings of postfix - it will 
only cause trouble.




With dovecot inbound mail follows this route postfix ->  spamassassin
->  dovecot ->  sieve ->  Maildir (it works!)

but outbound mail follows the same way, while I think should be
postfix ->  smptd ->  send (in any case with virtual pipe on
spamassissin!).


So apply your spam filter to the incoming connection only.

I assume you're using submission (port 587, SASL +TLS) for mail 
submission - and if you're not, you should.
This leaves you free to add your content_filter to the port 25 smtpd(8) 
listener.





How can I split delivery into two distinct paths for outbound and
inbound messages?


By using submission to submit outbound mail.


--master.cf--
smtp  inet  n   -   n   -   -   smtpd
 -o content_filter=spamassassin


That should be inbound only; prevent outbound users from using it by 
REJECTing envelope senders in your domain(s).



maildrop  unix  -   n   n   -   -   pipe
   flags=DRhu user=postfix argv=/usr/bin/maildrop -d ${recipient}


Never used.


dovecot   unix  -   n   n   -   -   pipe
   flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f
${sender} -d ${recipient}


This is used.

--
J.

misunderstanding with dovecot

[Andrea Ganduglia]

Hi. I have a little issue with postfix and dovecot. Below you can find
my actual configuration, this works well if I use virtual_transport =
virtual but if I add those lines:

transport_maps = mysql:/etc/postfix/mysql_virtual_transport.cf
maildrop_destination_recipient_limit = 1
virtual_transport = dovecot

my outbound traffic try to authenticate recipients and delivery fails

Jul 27 23:01:24 boxnic postfix/pipe[27788]: 1C3B525481B4:
to=, relay=spamassassin, delay=0.22,
delays=0.15/0/0/0.07, dsn=2.0.0, status=sent (delivered via
spamassassin service)
Jul 27 23:01:24 boxnic dovecot: auth(default): master in:
USER#0111#011u...@example.com#011service=deliver
Jul 27 23:01:24 boxnic dovecot: auth-worker(default):
sql(u...@example.com): SELECT maildir, 1001 AS uid, 1001 AS gid FROM
mailbox WHERE username = 'u...@example.com'
Jul 27 23:01:24 boxnic dovecot: auth-worker(default):
sql(u...@example.com): Unknown user
Jul 27 23:01:24 boxnic postfix/pipe[27704]: 47DF825481B6:
to=, relay=dovecot, delay=0.01, delays=0/0/0/0.01,
dsn=5.1.1, status=bounced (user unknown)

in /etc/postfix/mysql_virtual_transport.cf I'm using this fake query:

SELECT "dovecot" AS transport;

With dovecot inbound mail follows this route postfix -> spamassassin
-> dovecot -> sieve -> Maildir (it works!)

but outbound mail follows the same way, while I think should be
postfix -> smptd -> send (in any case with virtual pipe on
spamassissin!).

How can I split delivery into two distinct paths for outbound and
inbound messages?


Thanks!


postfinger - postfix configuration on Fri Jul 29 18:20:00 CEST 2011
version: 1.30

--System Parameters--
mail_version = 2.7.1
hostname = example.net
uname = Linux example.net 2.6.32-5-amd64 #1 SMP Mon Mar 7 21:35:22 UTC
2011 x86_64 GNU/Linux

--Packaging information--
looks like this postfix comes from deb package: postfix-2.7.1-1+squeeze1

--main.cf non-default parameters--
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
header_checks = regexp:/etc/postfix/header_checks
mailbox_size_limit = 0
message_size_limit = 2048
mydestination = example.net, localhost.net, localhost
mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = no
recipient_delimiter = +
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_hostname,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_unauth_destination, reject_unauth_pipelining,
reject_invalid_hostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_uid_maps = static:1001

--master.cf--
smtp  inet  n   -   n   -   -   smtpd
-o content_filter=spamassassin
pickupfifo  n   -   n   60  1   pickup
cleanup   unix  n   -   n   -   0   cleanup
qmgr  fifo  n   -   n   300 1   qmgr
tlsmgrunix  -   -   n   1000?   1   tlsmgr
rewrite   unix  -   -   n   -   -   trivial-rewrite
bounceunix  -   -   n   -   0   bounce
defer unix  -   -   n   -   0   bounce
trace unix  -   -   n   -   0   bounce
verifyunix  -   -   n   -   1   verify
flush unix  n   -   n   1000?   0   flush
proxymap  unix  -   -   n   -   -   proxymap
proxywrite unix -   -   n   -   1   proxymap
smtp  unix  -   -   n   -   -   smtp
relay unix  -   -   n   -   -   smtp
-o smtp_fallback_relay=
showq unix  n   -   n   -   -   showq
error unix  -   -   n   -   -   error
retry unix  -   -   n   -   -   error
discard   unix  -   -   n   -   -   discard
local unix  -   n   n   -   -   local
virtual   unix  -   n   n   -   -   virtual
lmtp  unix  -   -   n   -   -   lmtp
anvil unix  -   -   n   -   1   anvil
scacheunix  -   -   n   -   1   scache
maildrop  unix  -   n   n   -   -   pipe
  flags=DRhu user=postfix argv=/usr/bin/maildrop -d ${recipient}
uucp  unix  -

Re: Forbid .forward but be able to use vacation ?

[Frank Bonnet]

well I haven't installed procmail
on this server ;-)

Envoyé de mon iPhone.


Le 29 juil. 2011 à 17:55, Ben McGinnes  a écrit :

> On 30/07/11 12:53 AM, Wietse Venema wrote:
>> Frank Bonnet:
>>> 
>>> Thanks for any info/links/idea
>> 
>> grep @ /home/*/.forward
> 
> And pray that none of them are using procmail.  ;)
> 
> 
> Regards,
> Ben
> 

Re: Forbid .forward but be able to use vacation ?

[Ben McGinnes]

On 30/07/11 12:53 AM, Wietse Venema wrote:
> Frank Bonnet:
>>
>> Thanks for any info/links/idea
> 
> grep @ /home/*/.forward

And pray that none of them are using procmail.  ;)


Regards,
Ben



signature.asc
Description: OpenPGP digital signature

Re: Forbid .forward but be able to use vacation ?

[Wietse Venema]

Frank Bonnet:
> Hello
> 
> I'm facing an egg and chicken problem ,,,
> 
> We have received the following instructions "From Above" :
> 
> 1 - Forbid the email forwarding for our users
> 2 - Some kind of vacation program must be still available for users
>   that are Out Of Office
> 
> We use "real" unix users with LDAP backend ( pam_ldap + nss_ldap )
> 
> Thanks for any info/links/idea

grep @ /home/*/.forward

Wietse

Forbid .forward but be able to use vacation ?

[Frank Bonnet]

Hello

I'm facing an egg and chicken problem ,,,

We have received the following instructions "From Above" :

1 - Forbid the email forwarding for our users
2 - Some kind of vacation program must be still available for users
 that are Out Of Office

We use "real" unix users with LDAP backend ( pam_ldap + nss_ldap )

Thanks for any info/links/idea

-

Re: constant relay access denied on VPS

[Benny Pedersen]

On Thu, 14 Jul 2011 00:42:09 +, aly.khi...@gmail.com wrote:

Sent from my BlackBerry device on the Rogers Wireless Network


remove mynetworks line in main.cf, only add it if its not ok by default

postconf -n and post logs on pastebin if it still not working