Access Policy Server And Sendmail
Hi Guys, I would like to know that does email send by sendmail check by access policy server? BEST, -- afshin
Re: Access Policy Server And Sendmail
Am 08.09.2011 08:56, schrieb afshin afzali: Hi Guys, I would like to know that does email send by sendmail check by access policy server? no do not allow users terminal access and in the case of a webserver use smtp with authentication on the ethernet-ip and disable listening on 127.0.0.1 if you want to enforce policies signature.asc Description: OpenPGP digital signature
Re: Force postfix to query listed DNS servers instead system DNS
On 9/7/2011 5:00 AM, David Touzeau wrote: Is there a parameter to force postfix to not use the system DNS but query a specified DNS servers in a list ? Assuming you don't run one already, you may want to consider installing a lightweight local caching resolver on your Postfix host(s), such as pdns recursor. Many, maybe most, on this list run a local resolver on MTAs. -- Stan
Postfix 2.5.6-x and change SMTP error code
Good day everybody, could I change SMTP error message ? For example email doesn't exists, email return message like 5.1.1 smtp; 550 5.1.1 noem...@fn.ca: Recipient address rejected: User unknown in local recipient table #SMTP#. Could I change this message, for my own message in the czech language ? (without diacritics of course:) Thank you for your advices. J.Karliak -- Ma domena pouziva zabezpeceni a kontrolu SPF (www.openspf.org) a DomainKeys/DKIM (with ADSP) . Pokud mate problemy s dorucenim emailu, zacnete pouzivat metody overeni puvody emailu zminene vyse. Dekuji. My domain use SPF (www.openspf.org) and DomainKeys/DKIM (with ADSP) policy and check. If you've problem with sending emails to me, start using email origin methods mentioned above. Thank you. This message was sent using IMP, the Internet Messaging Program. binbv3KAeKL2T.bin Description: Veřejný PGP klíč
Re: Postfix 2.5.6-x and change SMTP error code
Am 08.09.2011 09:47, schrieb Josef Karliak: Good day everybody, could I change SMTP error message ? For example email doesn't exists, email return message like 5.1.1 smtp; 550 5.1.1 noem...@fn.ca: Recipient address rejected: User unknown in local recipient table #SMTP#. Could I change this message, for my own message in the czech language ? (without diacritics of course:) Thank you for your advices. J.Karliak even if - please do not! as example we are running automatic bounce-managment by parsing the maillog and to make sure that there really only invalid addresses removed and not hard-fail with other reasons we have a list of answer-messages this list is currently way too large because out there too many people using something wired as answers without leave the User unknown as minimum czech is very very bad because i as admin do not understand any word and onet.pl is as example a personal hate-candidate because they are blocking everything, refer to a polish contact form and anser in polish, so you make it hard for every people out there if something goes wrong server answers should always be a) english and b) as short and clear as possible signature.asc Description: OpenPGP digital signature
Re: Postfix 2.5.6-x and change SMTP error code
Hi, thanks for answer. Don't worry, I wanna keep english message and Czech message will be added (english error message will be translated to a Czech). My boss want it :-/ Thanks and regards J.K. Cituji Reindl Harald h.rei...@thelounge.net: Am 08.09.2011 09:47, schrieb Josef Karliak: Good day everybody, could I change SMTP error message ? For example email doesn't exists, email return message like 5.1.1 smtp; 550 5.1.1 noem...@fn.ca: Recipient address rejected: User unknown in local recipient table #SMTP#. Could I change this message, for my own message in the czech language ? (without diacritics of course:) Thank you for your advices. J.Karliak even if - please do not! as example we are running automatic bounce-managment by parsing the maillog and to make sure that there really only invalid addresses removed and not hard-fail with other reasons we have a list of answer-messages this list is currently way too large because out there too many people using something wired as answers without leave the User unknown as minimum czech is very very bad because i as admin do not understand any word and onet.pl is as example a personal hate-candidate because they are blocking everything, refer to a polish contact form and anser in polish, so you make it hard for every people out there if something goes wrong server answers should always be a) english and b) as short and clear as possible -- Ma domena pouziva zabezpeceni a kontrolu SPF (www.openspf.org) a DomainKeys/DKIM (with ADSP) . Pokud mate problemy s dorucenim emailu, zacnete pouzivat metody overeni puvody emailu zminene vyse. Dekuji. My domain use SPF (www.openspf.org) and DomainKeys/DKIM (with ADSP) policy and check. If you've problem with sending emails to me, start using email origin methods mentioned above. Thank you. This message was sent using IMP, the Internet Messaging Program. binY9LFz93TIx.bin Description: Veřejný PGP klíč
Re: Postfix 2.5.6-x and change SMTP error code
Josef Karliak: Good day everybody, could I change SMTP error message ? For example email doesn't exists, email return message like 5.1.1 smtp; 550 5.1.1 noem...@fn.ca: Recipient address rejected: User unknown in local recipient table #SMTP#. Could I change this message, for my own message in the czech language ? (without diacritics of course:) No. However, you can APPEND a local text to the reply if you upgrade to Postfix 2.8. Wietse smtpd_reject_footer (default: empty) Optional information that is appended after each SMTP server 4XX or 5XX response. Example: /etc/postfix/main.cf: smtpd_reject_footer = For assistance, call 800-555-0101. Please provide the following information in your problem report: time ($localtime), client ($client_address) and server ($server_name). Server response: 550-5.5.1 user@example Recipient address rejected: User unknown 550 5.5.1 For assistance, call 800-555-0101. Please provide the following information in your problem report: time (Jan 4 15:42:00), client (192.168.1.248) and server (mail1.example.com). More details: http://www.postfix.org/postconf.5.html#smtpd_reject_footer
Re: Postfix 2.5.6-x and change SMTP error code
Am 08.09.2011 12:57, schrieb Wietse Venema: Josef Karliak: Good day everybody, could I change SMTP error message ? For example email doesn't exists, email return message like 5.1.1 smtp; 550 5.1.1 noem...@fn.ca: Recipient address rejected: User unknown in local recipient table #SMTP#. Could I change this message, for my own message in the czech language ? (without diacritics of course:) No. However, you can APPEND a local text to the reply if you upgrade to Postfix 2.8. Wietse smtpd_reject_footer (default: empty) Optional information that is appended after each SMTP server 4XX or 5XX response. Example: /etc/postfix/main.cf: smtpd_reject_footer = For assistance, call 800-555-0101. Please provide the following information in your problem report: time ($localtime), client ($client_address) and server ($server_name). Server response: 550-5.5.1 user@example Recipient address rejected: User unknown 550 5.5.1 For assistance, call 800-555-0101. Please provide the following information in your problem report: time (Jan 4 15:42:00), client (192.168.1.248) and server (mail1.example.com). More details: http://www.postfix.org/postconf.5.html#smtpd_reject_footer this is a nice feature and active here since 2011-01 but be careful if you use postfix behind a barracuda-spamfirewall the firewall has to be exlcuded from smtpd_reject_footer because it will answer only the last line (reject footer) to a sending server if the rcpt does not exist and the sender does not get User unknown main.cf: barracuda_smtpd_recipient_restrictions = permit_mynetworks, reject master.cf: 10.0.0.15:10026 inet n - n - - smtpd -o mynetworks=10.0.0.20 -o smtpd_client_connection_count_limit=75 -o smtpd_recipient_restrictions=$barracuda_smtpd_recipient_restrictions -o receive_override_options=no_header_body_checks,no_milters -o local_header_rewrite_clients= -o sender_dependent_relayhost_maps= -o content_filter= -o smtpd_delay_reject=no -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_helo_required=no -o smtpd_sender_restrictions= -o smtpd_sender_login_maps= -o smtpd_data_restrictions= -o smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_rate_limit=0 -o smtpd_peername_lookup=no -o smtpd_use_tls=no -o smtpd_tls_security_level=none -o smtpd_sasl_auth_enable=no -o smtpd_reject_footer= -o max_idle=1h -o max_use=1000 signature.asc Description: OpenPGP digital signature
unverified recipient tempfail response
Hi, Is it possible to define a custom tempfail response for unverified recipients? For example: unverified_recipient_reject_reason = User unknown unverified_recipient_reject_code = 550 rcpt to: t...@example.org 550 5.1.1 t...@example.org: Recipient address rejected: undeliverable address: User unknown That's right so far. But if the backend server is not available, postfix also responds with User unknown. 450 4.1.1 te...@example.org: Recipient address rejected: unverified address: User unknown I would expect something like this: 450 4.1.1 te...@example.org: Recipient address rejected: tempfail: please try again later Is that possible? Something like unverified_recipient_tempfail_reject_reason = tempfail: please try again later Thank you. Best regards, Morten
Re: Postfix 2.5.6-x and change SMTP error code
Josef Karliak: Good day everybody, could I change SMTP error message ? For example email doesn't exists, email return message like 5.1.1 smtp; 550 5.1.1 noem...@fn.ca: Recipient address rejected: User unknown in local recipient table #SMTP#. Could I change this message, for my own message in the czech language ? (without diacritics of course:) Wietse: No. However, you can APPEND a local text to the reply if you upgrade to Postfix 2.8. Reindl Harald: this is a nice feature and active here since 2011-01 but be careful if you use postfix behind a barracuda-spamfirewall the firewall has to be exlcuded from smtpd_reject_footer because it will answer only the last line (reject footer) to a sending server if the rcpt does not exist and the sender does not get User unknown For automated processing, 550 5.1.1 at the beginning of the last line should be sufficient to determine that the address is invalid. For human processing, it matters little what the text says... Wietse
Re: unverified recipient tempfail response
Morten Stevens: Hi, Is it possible to define a custom tempfail response for unverified recipients? For example: unverified_recipient_reject_reason = User unknown unverified_recipient_reject_code = 550 There are no undocumented or invisible unverified_recipient_** configuration parameters, so your question can be answered 100% by reading the find documentation, and by doing postconf | grep unverified_recipient_ Wietse rcpt to: t...@example.org 550 5.1.1 t...@example.org: Recipient address rejected: undeliverable address: User unknown That's right so far. But if the backend server is not available, postfix also responds with User unknown. 450 4.1.1 te...@example.org: Recipient address rejected: unverified address: User unknown I would expect something like this: 450 4.1.1 te...@example.org: Recipient address rejected: tempfail: please try again later Is that possible? Something like unverified_recipient_tempfail_reject_reason = tempfail: please try again later Thank you. Best regards, Morten
Re: Postfix 2.5.6-x and change SMTP error code
Am 08.09.2011 14:20, schrieb Wietse Venema: Josef Karliak: Good day everybody, could I change SMTP error message ? For example email doesn't exists, email return message like 5.1.1 smtp; 550 5.1.1 noem...@fn.ca: Recipient address rejected: User unknown in local recipient table #SMTP#. Could I change this message, for my own message in the czech language ? (without diacritics of course:) Wietse: No. However, you can APPEND a local text to the reply if you upgrade to Postfix 2.8. Reindl Harald: this is a nice feature and active here since 2011-01 but be careful if you use postfix behind a barracuda-spamfirewall the firewall has to be exlcuded from smtpd_reject_footer because it will answer only the last line (reject footer) to a sending server if the rcpt does not exist and the sender does not get User unknown For automated processing, 550 5.1.1 at the beginning of the last line should be sufficient to determine that the address is invalid. For human processing, it matters little what the text says... Wietse not really because this string does never exist on the receiving server and there are way too much servers answering with 550 for other errors too :-( status=bounced (host somlay.org[72.9.231.10] said: 550 No Such User Here (in reply to RCPT TO command)) status=bounced (host gmail-smtp-in.l.google.com[74.125.39.27] said: 550-5.1.1 The email account that you tried to reach does not exist status=bounced (host mx1.hotmail.com[65.55.37.120] said: 550 Requested action not taken: mailbox unavailable signature.asc Description: OpenPGP digital signature
Postfix NDR
Hello, I believe my request is very simple, but I don't find how I can do that. When you receive a NDR from postfix server, the mail is sent by MAILER-DAEMON@hostname.local. I would to change the sender. I've seen you can modify master.cf, by adding null_sender= values in a pipe, but it does not work. Is it really possible? Here you can find an example: maildrop unix - n n - - pipe flags=DRhu null_sender=jean...@gmail.com user=vmail argv=/usr/local/bin/maildrop -d ${recipient} Thanks, Jean-Luc
Re: Postfix 2.5.6-x and change SMTP error code
Reindl Harald: No. However, you can APPEND a local text to the reply if you upgrade to Postfix 2.8. Reindl Harald: this is a nice feature and active here since 2011-01 but be careful if you use postfix behind a barracuda-spamfirewall the firewall has to be exlcuded from smtpd_reject_footer because it will answer only the last line (reject footer) to a sending server if the rcpt does not exist and the sender does not get User unknown For automated processing, 550 5.1.1 at the beginning of the last line should be sufficient to determine that the address is invalid. For human processing, it matters little what the text says... not really because this string does never exist on the receiving server and there are way too much servers answering with 550 for other errors too :-( With Postfix, the last line of the custom reply starts with 550 5.1.1. Bounce parsers have enough information to decide that the user does not exist, regardless of the text that follows. Your issues with your bounce parser due to custom replies from non-Postfix MTAs are outside the scope of the Postfix mailing list. Wietse
Re: Postfix NDR
Jean-Luc CHANDEZON: Hello, I believe my request is very simple, but I don't find how I can do that. When you receive a NDR from postfix server, the mail is sent by MAILER-DAEMON@hostname.local. I would to change the sender. I've seen you can modify master.cf, by adding null_sender= values in a pipe, but it does not work. The null_sender option works as documented. It sets the ENVELOPE SENDER ADDRESS not the FROM header. Setting the FROM header of (non-)delivery notifications is unsafe, as it may cause mail error messages to go into a loop. Wietse
Re: Access Policy Server And Sendmail
afshin afzali: Hi Guys, I would like to know that does email send by sendmail check by access policy server? The Postfix sendmail command does not use a policy server, but it has its own access mechanism by username. /etc/postfix/main.cf: authorized_submit_users = !foo, !bar, static:all http://www.postfix.org/postconf.5.html#authorized_submit_users Wietse
Re: Postfix 2.5.6-x and change SMTP error code
Am 08.09.2011 15:16, schrieb Wietse Venema: Reindl Harald: No. However, you can APPEND a local text to the reply if you upgrade to Postfix 2.8. Reindl Harald: this is a nice feature and active here since 2011-01 but be careful if you use postfix behind a barracuda-spamfirewall the firewall has to be exlcuded from smtpd_reject_footer because it will answer only the last line (reject footer) to a sending server if the rcpt does not exist and the sender does not get User unknown For automated processing, 550 5.1.1 at the beginning of the last line should be sufficient to determine that the address is invalid. For human processing, it matters little what the text says... not really because this string does never exist on the receiving server and there are way too much servers answering with 550 for other errors too :-( With Postfix, the last line of the custom reply starts with 550 5.1.1. Bounce parsers have enough information to decide that the user does not exist, regardless of the text that follows. Your issues with your bounce parser due to custom replies from non-Postfix MTAs are outside the scope of the Postfix mailing list yes but that is why i see User unknown as a must to make all paresers happy as long we must live with other daemons than postfix and adjust our parsers to be happy with them :-) signature.asc Description: OpenPGP digital signature
Re: unverified recipient tempfail response
On Thu, 8 Sep 2011 08:21:26 -0400 (EDT), Wietse Venema wrote: Morten Stevens: Hi, Is it possible to define a custom tempfail response for unverified recipients? There are no undocumented or invisible unverified_recipient_** configuration parameters, so your question can be answered 100% by reading the find documentation, and by doing Hi Wietse, That's why I ask here... # postconf | grep unverified_recipient_ unverified_recipient_defer_code = 450 unverified_recipient_reject_code = 550 unverified_recipient_reject_reason = User unknown unverified_recipient_tempfail_action = $reject_tempfail_action So there is no way to define a defer reject reason. That would be an idea for postfix 2.9? For example: unverified_recipient_defer_reason Thanks. Best regards, Morten
Re: unverified recipient tempfail response
Morten Stevens: On Thu, 8 Sep 2011 08:21:26 -0400 (EDT), Wietse Venema wrote: Morten Stevens: Hi, Is it possible to define a custom tempfail response for unverified recipients? There are no undocumented or invisible unverified_recipient_** configuration parameters, so your question can be answered 100% by reading the find documentation, and by doing Hi Wietse, That's why I ask here... # postconf | grep unverified_recipient_ unverified_recipient_defer_code = 450 unverified_recipient_reject_code = 550 unverified_recipient_reject_reason = User unknown unverified_recipient_tempfail_action = $reject_tempfail_action So there is no way to define a defer reject reason. There is no unverified_recipient_defer_reason parameter, because there is no defer_unverified_recipient action. You are using reject_unverified_recipient. As documented, unverified_recipient_reject_reason applies to all mail that is rejected with reject_unverified_recipient. Wietse That would be an idea for postfix 2.9? For example: unverified_recipient_defer_reason Thanks. Best regards, Morten
Re: Postfix NDR
On Thu, Sep 8, 2011 at 10:22 AM, Wietse Venema wie...@porcupine.org wrote: Jean-Luc CHANDEZON: Hello, I believe my request is very simple, but I don't find how I can do that. When you receive a NDR from postfix server, the mail is sent by MAILER-DAEMON@hostname.local. I would to change the sender. I've seen you can modify master.cf, by adding null_sender= values in a pipe, but it does not work. The null_sender option works as documented. It sets the ENVELOPE SENDER ADDRESS not the FROM header. Setting the FROM header of (non-)delivery notifications is unsafe, as it may cause mail error messages to go into a loop. Wietse Hi Jean-Luc, Let me try to understand, you want to change MAILER-DAEMON@hostname.local for something else? In that case, what do you have for parameters mydomain and myhostname? Also, did you get a look at http://www.postfix.org/SOHO_README.html;? Perhaps you may find it interesting the parameter smtp_generic_maps. Best regards, --- Fernando Maciel Souto Maior LPIC/1(31908), LinuxCounter(391325)
Re: Issue integrating with Cyrus-SASL
Quite right. However, my question is, what do I do with it now? I followed patrick's suggestions and got the same results. Any help appreciated :) From: Charles Marcus cmar...@media-brokers.com To: postfix-users@postfix.org Sent: Wednesday, September 7, 2011 1:02 PM Subject: Re: Issue integrating with Cyrus-SASL On 2011-09-07 1:01 PM, Crazedfred crazedf...@yahoo.com wrote: I ran saslfinger -c and saslfinger -s and it does appear that many of the relevant services are chrooted. Either they are or they aren't... As your master.cf shows, most are... Anything without an 'n' in the chroot column IS chrooted (it does NOT have to have a 'y')... -- Best regards, Charles
Re: Issue integrating with Cyrus-SASL
Please don't top post... On 2011-09-08 1:33 PM, Crazedfred crazedf...@yahoo.com wrote: On Wednesday, September 7, 2011 1:02 PM, Charles Marcus wrote: On 2011-09-07 1:01 PM, Crazedfred crazedf...@yahoo.com wrote: I ran saslfinger -c and saslfinger -s and it does appear that many of the relevant services are chrooted. Either they are or they aren't... As your master.cf shows, most are... Anything without an 'n' in the chroot column IS chrooted (it does NOT have to have a 'y')... Quite right. However, my question is, what do I do with it now? I followed patrick's suggestions and got the same results. Any help appreciated :) Eliminate the chroot until you get it working, *then* work on chrooting everything - *if* you really feel you need it (most people don't). -- Best regards, Charles
Re: Issue integrating with Cyrus-SASL
Please don't top post... Whoops, sorry, web-client defaults :) It doesn't even quote correctly. Eliminate the chroot until you get it working, *then* work on chrooting everything - *if* you really feel you need it (most people don't). I would agree that I most likely don't need chroot (and it is strange that the default config has issues with chroot?). How can I disable the feature for all of postfix's components?
Re: Issue integrating with Cyrus-SASL
On 2011-09-08 2:05 PM, Crazedfred crazedf...@yahoo.com wrote: I would agree that I most likely don't need chroot (and it is strange that the default config has issues with chroot?). How can I disable the feature for all of postfix's components? As I said... place an 'n' in the chroot column for each service... Rtfm might be a good idea... -- Best regards, Charles
libsrs patch for Postfix
Hey! I'm currently working up a patch for Postfix which implements support for libsrs2 functionality in the Postfix core. I've gotten to some design decisions I'm currently somewhat... undecided about: 1) Rewriting the recipient Basically, rewriting the recipient (in case of a valid SRS address) is a task for trivial-rewrite, as I gather. smtpd and qmgr talk to trivial-rewrite at some point in time, requesting either a rewrite of the address to normal form, or a resolution of the address for mail transport, and I'm not entirely certain where resolution of the recipient to the actual source form should be placed. I'm currently somewhat in favor of placing it in rewrite_tree(), simply because SRS is only a means to obfuscate an address, and the deobfuscation of an address bound for the local srs domain is generally not a transport resolution thing, but just a rewriting, but rewrite_tree() currently does not call out to any maps or such. What would real Postfix developers do? 2) Rewriting the sender This part is finished and working (in the patch I'm currently running on one of my testing mailservers), and is implemented directly in smtp, right after the hook that pipes the smtp sender through generics maps. This means that only the SMTP/LMTP transports receive actual treatment for source rewriting, but there's really nothing more protocol-wise that actually requires SRS. Does this make sense? 3) String lists Is there any API documentation for configuration parameters which are lists of strings, separated by some separator? I currently parse a configuration parameter with strchr() into separate components, but that's error prone, and I guess there's some form of infrastructure that deals with this (for parsing mydestination, etc.). Anyway, if there's interest in the patch, I'll make it available as soon as I fix up the recipient rewriting stuff, and I'd love to get some feedback on the above. Thanks! -- --- Heiko.
Re: libsrs patch for Postfix
Heiko Wundram: Hey! I'm currently working up a patch for Postfix which implements support for libsrs2 functionality in the Postfix core. Instead of tearing up Postfix, consider implementing sender and recipient address manipulations with a Milter plugin. This would do all the work at the time the message is stored into the mail queue. Thus, you'd always verify+unobfuscate local envelope recipients, and you'd always sign+obfuscate local envelope senders, for some suitable definition of local. Support for sender replacement (SMFIR_CHGFROM) is available with Postfix 2.5 and later; recipient manipulation has been available since Postfix 2.3. Wietse
Re: libsrs patch for Postfix
On 08.09.2011, at 22:17, Wietse Venema wrote: Heiko Wundram: Hey! I'm currently working up a patch for Postfix which implements support for libsrs2 functionality in the Postfix core. Instead of tearing up Postfix, consider implementing sender and recipient address manipulations with a Milter plugin. This would do all the work at the time the message is stored into the mail queue. Thus, you'd always verify+unobfuscate local envelope recipients, and you'd always sign+obfuscate local envelope senders, for some suitable definition of local. Support for sender replacement (SMFIR_CHGFROM) is available with Postfix 2.5 and later; recipient manipulation has been available since Postfix 2.3. Wietse And I would be interested in a working Milter plugin but not a patch... Yves
Bouncing an undeliverable message without waiting?
I have been trying to deduce if it is possible to force a message waiting in the mail queue with temporary errors (domain name resolution failures) to bounce right now instead of waiting for the timeout. The mail queue has messages addressed to unreachable addresses. I know that if I do nothing that eventually they will expire normally and a delivery status notification will be produced back to the sender. But having investigated them in detail I know that those addresses can never be delivered. I would like them to bounce back to the sender now so that they are notified now of their undeliverability instead of waiting. The sender is a local user. Is it possible to do this such as through using the postsuper command? I know I can delete the messages. But can I cause them to bounce without waiting? I don't want to delete them but want the sender to get a normal bounce back so that they are notified normally that the addresses are undeliverable. I have been reading the man page documentation for postsuper in as much detail as I can muster and if it is in there I do not see it. But it seems like this is something that is very likely to be possible. If so I would love to be educated on how to do it. Thanks, Bob
Re: libsrs patch for Postfix
Yves Kreis: On 08.09.2011, at 22:17, Wietse Venema wrote: Heiko Wundram: Hey! I'm currently working up a patch for Postfix which implements support for libsrs2 functionality in the Postfix core. Instead of tearing up Postfix, consider implementing sender and recipient address manipulations with a Milter plugin. This would do all the work at the time the message is stored into the mail queue. Thus, you'd always verify+unobfuscate local envelope recipients, and you'd always sign+obfuscate local envelope senders, for some suitable definition of local. Support for sender replacement (SMFIR_CHGFROM) is available with Postfix 2.5 and later; recipient manipulation has been available since Postfix 2.3. And I would be interested in a working Milter plugin but not a patch... I agree. I forgot to mention that I would be happy to point to a working plugin, but I would prefer not adopt a patch. Wietse
Re: Bouncing an undeliverable message without waiting?
On 2011-09-08 22:33, Bob Proulx wrote: I have been trying to deduce if it is possible to force a message waiting in the mail queue with temporary errors (domain name resolution failures) to bounce right now instead of waiting for the timeout. The mail queue has messages addressed to unreachable addresses. I know that if I do nothing that eventually they will expire normally and a delivery status notification will be produced back to the sender. But having investigated them in detail I know that those addresses can never be delivered. I would like them to bounce back to the sender now so that they are notified now of their undeliverability instead of waiting. The sender is a local user. Is it possible to do this such as through using the postsuper command? I know I can delete the messages. But can I cause them to bounce without waiting? I don't want to delete them but want the sender to get a normal bounce back so that they are notified normally that the addresses are undeliverable. I have been reading the man page documentation for postsuper in as much detail as I can muster and if it is in there I do not see it. But it seems like this is something that is very likely to be possible. If so I would love to be educated on how to do it. Altering the status in-queue will be difficult, so you will have to devise a trick. You can try setting maximal_queue_lifetime to 0, and forcing a queue run. This will immediately bounce any messages already in the deferred queue, and not influence new mail unduly (since one presumes not a lot of messages will have this problem over a short window of time). Remember to set it back to normal after the queues are cleared! -- J.
Re: Bouncing an undeliverable message without waiting?
Bob Proulx: I have been trying to deduce if it is possible to force a message waiting in the mail queue with temporary errors (domain name resolution failures) to bounce right now instead of waiting for the timeout. It would be incorrect to force a message to bounce. Messages can have multiple recipients. It would be more correct to force-bounce a recipient. To flag a destination or recipient as undeliverable: /etc/postfix/main.cf: transport_maps = hash:/etc/postfix/transport /etc/postfix/transport: typodomain.example error:5.1.2 Bad destination system address Flagging one recipient in a queue file as undeliverable requires a lot of code that currently does not exist: 1) a way for postsuper to mark as expired one recipient in the middle of a list of recipients, 2) a way to extract from the defer logfile the record that says why that recipient was not yet delivered for use in the non-delivery notification, and 3) a way to mark that defer logfile record as deleted so that the problem won't be reported again. Wietse
Re: Postfix NDR
2011/9/8 Fernando Maior fernando.souto.ma...@gmail.com On Thu, Sep 8, 2011 at 10:22 AM, Wietse Venema wie...@porcupine.org wrote: Jean-Luc CHANDEZON: Hello, I believe my request is very simple, but I don't find how I can do that. When you receive a NDR from postfix server, the mail is sent by MAILER-DAEMON@hostname.local. I would to change the sender. I've seen you can modify master.cf, by adding null_sender= values in a pipe, but it does not work. The null_sender option works as documented. It sets the ENVELOPE SENDER ADDRESS not the FROM header. Setting the FROM header of (non-)delivery notifications is unsafe, as it may cause mail error messages to go into a loop. Wietse Hi Jean-Luc, Let me try to understand, you want to change MAILER-DAEMON@hostname.local for something else? In that case, what do you have for parameters mydomain and myhostname? Also, did you get a look at http://www.postfix.org/SOHO_README.html;? Perhaps you may find it interesting the parameter smtp_generic_maps. Best regards, --- Fernando Maciel Souto Maior LPIC/1(31908), LinuxCounter(391325) Hi Fernando, Yes, for end user, the MAILER-DAEMON appears like the sender, which is empty (). Yes, you're right, I want to change this value. The mydomain and my hostname values are no used on my postfix configuration file main.cf. I'll try to investigate smtp_generic_maps. Best Regards, Jean-Luc
Receive for virtual AND forward to another SMTP per domain.
I have a primary SMTP-server that receives for domain.tld (duuuh) and it stores it in Maildirs. I also want to forward every mail received for the domain to another server that will do the exact same thing. I know that i can forward mail to another address via the virtual_mailbox_maps file but i wonder if there is another way of doing it because it seems like a simple thing to to. I have looked into transport_maps but i cant figure out how to also handle local virtual part of it because transport_maps seems to only be able to forward to another server. Suggestions?
Re: Receive for virtual AND forward to another SMTP per domain.
Jay Ess: I have a primary SMTP-server that receives for domain.tld (duuuh) and it stores it in Maildirs. I also want to forward every mail received for the domain to another server that will do the exact same thing. Use pcre-based recipient_bcc_maps. /etc/postfix/main.cf: recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc /etc/postfix/recipient_bcc: /^(.+)@example\.com$/ $1...@other.example.com Wietse
What does Postfix stamp...
What does Postfix stamp in the email headers when email comes into it? I need to control this for spam filtering purposes. I started using amavis and a header line I was depending on, X-Originating-IP, disappeared. I thought postfix was adding this header line, but maybe it wasn't. I need something like that that sticks out. What I'm trying to do is rip the IP address that connected to my server out of spam email and build a list. Then I'm using iptables QUEUE target to attempt to block spam before it even gets on to my system. With amavis, I guess that postfix receives a message, throws it to amavis, and then amavis throws it back to postfix on another port. Why isn't postfix stamping the remote IP address before it hands the email off?
RE: What does Postfix stamp...
-Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Michael C. Robinson Sent: Thursday, September 08, 2011 4:31 PM To: postfix-users@postfix.org Subject: What does Postfix stamp... With amavis, I guess that postfix receives a message, throws it to amavis, and then amavis throws it back to postfix on another port. Why isn't postfix stamping the remote IP address before it hands the email off? X-Originating-IP: isn't standard, so I'm not surprised postfix isn't adding it by default. And I wouldn't trust it anyway; how do you know it contains a true value? However, Received: is, which very likely contains the information you want, and I'm fairly certain postfix does add that.
Re: What does Postfix stamp...
Michael C. Robinson: What does Postfix stamp in the email headers when email comes into it? As required by the SMTP standard (RFC 821, RFC 2821, RFC 5321), Postfix prepends exactly one Received: header. Received: from helo_name (fcrdns_name [address]) ... Wietse
Re: Receive for virtual AND forward to another SMTP per domain.
On 2011-09-09 01:17, Wietse Venema wrote: Jay Ess: I have a primary SMTP-server that receives for domain.tld (duuuh) and it stores it in Maildirs. I also want to forward every mail received for the domain to another server that will do the exact same thing. Use pcre-based recipient_bcc_maps. /etc/postfix/main.cf: recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc /etc/postfix/recipient_bcc: /^(.+)@example\.com$/ $1...@other.example.com Wietse Thanx for the reply! There are no other way doing it without rewriting the destination address? I will explain why i want to do this. We shall migrate to another mail server and i want to iron out almost every thing that can go wrong before i move the users to the new server. This is the last step for me where i receive incoming mail on both servers and maybe let some users try the new server.
Re: Receive for virtual AND forward to another SMTP per domain.
Jay Ess: On 2011-09-09 01:17, Wietse Venema wrote: Jay Ess: I have a primary SMTP-server that receives for domain.tld (duuuh) and it stores it in Maildirs. I also want to forward every mail received for the domain to another server that will do the exact same thing. Use pcre-based recipient_bcc_maps. /etc/postfix/main.cf: recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc /etc/postfix/recipient_bcc: /^(.+)@example\.com$/ $1...@other.example.com Wietse Thanx for the reply! There are no other way doing it without rewriting the destination address? I do not recall that this was a requirement. I will explain why i want to do this. We shall migrate to another mail server and i want to iron out almost every thing that can go wrong before i move the users to the new server. This is the last step for me where i receive incoming mail on both servers and maybe let some users try the new server. Use an smtpd_proxy_filter program that splits the mail into two streams, without doing content inspection. This program should reply to end-of-data only after both destinations reply with 250 to their end-of-data. This could be done with a tiny Net::SMTP perl script. Wietse
Re: Receive for virtual AND forward to another SMTP per domain.
On 9/8/2011 6:44 PM, Jay Ess wrote: On 2011-09-09 01:17, Wietse Venema wrote: Jay Ess: I have a primary SMTP-server that receives for domain.tld (duuuh) and it stores it in Maildirs. I also want to forward every mail received for the domain to another server that will do the exact same thing. Use pcre-based recipient_bcc_maps. /etc/postfix/main.cf: recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc /etc/postfix/recipient_bcc: /^(.+)@example\.com$/$1...@other.example.com Wietse Thanx for the reply! There are no other way doing it without rewriting the destination address? I will explain why i want to do this. We shall migrate to another mail server and i want to iron out almost every thing that can go wrong before i move the users to the new server. This is the last step for me where i receive incoming mail on both servers and maybe let some users try the new server. Use smtp_generic_maps to rewrite the new address back to the original during delivery. http://www.postfix.org/postconf.5.html#smtp_generic_maps @other.example.com @example.com This can be done either globally or with an -o override in a dedicated master.cf transport. -- Noel Jones
Re: Receive for virtual AND forward to another SMTP per domain.
On 2011-09-09 02:00, Wietse Venema wrote: Jay Ess: On 2011-09-09 01:17, Wietse Venema wrote: Jay Ess: I have a primary SMTP-server that receives for domain.tld (duuuh) and it stores it in Maildirs. I also want to forward every mail received for the domain to another server that will do the exact same thing. Use pcre-based recipient_bcc_maps. /etc/postfix/main.cf: recipient_bcc_maps = pcre:/etc/postfix/recipient_bcc /etc/postfix/recipient_bcc: /^(.+)@example\.com$/ $1...@other.example.com Wietse Thanx for the reply! There are no other way doing it without rewriting the destination address? I do not recall that this was a requirement. Not a requirement but it would be nice to be able to have a final configuration on the new server and just be able to change DNS MX records when i feel it works not having to change config (virtual data stored in MySQL) and possible screw things up ;) I will explain why i want to do this. We shall migrate to another mail server and i want to iron out almost every thing that can go wrong before i move the users to the new server. This is the last step for me where i receive incoming mail on both servers and maybe let some users try the new server. Use an smtpd_proxy_filter program that splits the mail into two streams, without doing content inspection. This program should reply to end-of-data only after both destinations reply with 250 to their end-of-data. This could be done with a tiny Net::SMTP perl script. Ill try the bcc rewrite when i wake up tomorrow and make scripts for changing the config to minimize the risk of screwing things up. Writing some kind of proxy script was in my thoughts but in my mind Postfix would have this feature and i was just tired enough not to find it. Having it in transport and making destination take more values like perhaps : domain.tld local,smtp:mail2.domain.tld Anyhow i appreciate you taking time to answer. :)
Re: Receive for virtual AND forward to another SMTP per domain.
On 2011-09-09 02:06, Noel Jones wrote: Use smtp_generic_maps to rewrite the new address back to the original during delivery. http://www.postfix.org/postconf.5.html#smtp_generic_maps @other.example.com @example.com This can be done either globally or with an -o override in a dedicated master.cf transport. -- Noel Jones Kickass! Thanx guys!