Re: Sender address rejected
Well after i made some changes the postfix dont want to start. I mean the smpt, it says it that connect timeout exceeded. # tail /var/log/maillog Jul 19 09:01:54 szarlej postfix/master[4428]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Jul 19 09:02:54 szarlej postfix/smtpd[4549]: fatal: parameter smtpd_recipient_restrictions: specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit Jul 19 09:02:55 szarlej postfix/master[4428]: warning: process /usr/libexec/postfix/smtpd pid 4549 exit status 1 Jul 19 09:02:55 szarlej postfix/master[4428]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling my recipient restrictions now: smtpd_recipient_restrictions = reject_non_fqdn_recipient, check_relay_domains, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit
Re: Possibly deprecated parameters
On Fri, Jul 19, 2013 at 12:18:24PM +0200, Mgr. Peter Tuharsky, MsU Banska Bystrica wrote: Hi, I'm new to the list. I'm searching for some information on suppossedly deprecated parameters, however I couldn't find anything. I have upgraded Debian Squeeze (Postfix 2.7.1) to Wheezy (Postfix 2.9.6). I'm using previous configuration files. Now the new Postfix complains: /usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: smtp_tls_received_header=yes /usr/sbin/postconf: warning: /etc/postfix/main.cf: unused parameter: proxy_interface=195.80.161.10 Howto's from before 2009 mention the proxy_interface parameter as being important. I don't find anythink about being deprecated or so. The smtp_tls_received_headers parameter is taken from an old (2007) book on Postfix. Please, are these parameters unnecessarry now, or are they superseded by some new ones? Thank You Peter You have a typo in one of them. proxy_interfaces (default: empty) The network interface addresses that this mail system receives mail on by way of a proxy or network address translation unit. This feature is available in Postfix 2.0 and later. You must specify your outside proxy/NAT addresses when your system is a backup MX host for other domains, otherwise mail delivery loops will happen when the primary MX host is down. Example: proxy_interfaces = 1.2.3.4 http://www.postfix.org/postconf.5.html#proxy_interfaces smtp_tls_received_header doesn't even exist in the postconf docs. -- staticsafe O ascii ribbon campaign - stop html mail - www.asciiribbon.org Please don't top post. Please don't CC! I'm subscribed to whatever list I just posted on.
Re: Possibly deprecated parameters
Oh another typo, I suppose: smtpd_tls_received_header (default: no) Request that the Postfix SMTP server produces Received: message headers that include information about the protocol and cipher used, as well as the remote SMTP client CommonName and client certificate issuer CommonName. This is disabled by default, as the information may be modified in transit through other mail servers. Only information that was recorded by the final destination can be trusted. This feature is available in Postfix 2.2 and later. -- staticsafe O ascii ribbon campaign - stop html mail - www.asciiribbon.org Please don't top post. Please don't CC! I'm subscribed to whatever list I just posted on.
Re: Possibly deprecated parameters
* staticsafe m...@staticsafe.ca: Oh another typo, I suppose: smtpd_tls_received_header (default: no) There's also smtp_tls_received_header. p@rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: Possibly deprecated parameters
* Patrick Ben Koetter postfix-users@postfix.org: * staticsafe m...@staticsafe.ca: Oh another typo, I suppose: smtpd_tls_received_header (default: no) There's also smtp_tls_received_header. Of course there isn't. Excuse the noise. I'll go hiding in a deep dark hole. :/ p@rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Re: Error 550
It appears that this message is a way that the target server responds to email not found. Thanks for everyone's help on this. On Thu, Jul 18, 2013 at 12:54 PM, Wietse Venema wie...@porcupine.org wrote: Roman Gelfand: I am sorry. I posted this only to Stan before. Looking at the rejected line, it seems to be postfix/smtp. 550 #5.1.0 Address rejected. (in reply to RCPT TO command) Wietse: THAT is qmail not Postfix. Roman Gelfand: would you have more info on this, as far as, how to go about researching this? Ask the person responsible for this system why they reject this recipient. Wietse
Re: Possibly deprecated parameters
Thank You, both were probably a typo. After correcting, Postfix stopped complaining. (Well, they were probably not so important, since postfix was running fine for 5 years now :-) Peter Dňa 19.07.2013 13:11, Patrick Ben Koetter wrote / napísal(a): * Patrick Ben Koetter postfix-users@postfix.org: * staticsafe m...@staticsafe.ca: Oh another typo, I suppose: smtpd_tls_received_header (default: no) There's also smtp_tls_received_header. Of course there isn't. Excuse the noise. I'll go hiding in a deep dark hole. :/ p@rick attachment: tuharsky.vcf
Re: Error 550
Roman Gelfand: 550 #5.1.0 Address rejected. (in reply to RCPT TO command) Wietse: THAT is qmail not Postfix. Roman Gelfand: would you have more info on this, as far as, how to go about researching this? Wietse: Ask the person responsible for this system why they reject this recipient. Roman Gelfand: It appears that this message is a way that the target server responds to email not found. This appears to be a common qmail patch bug. The correct status code for user unknown is 5.1.1, not 5.1.0. Wietse RFC 3463: X.1.1 Bad destination mailbox address The mailbox specified in the address does not exist. For Internet mail names, this means the address portion to the left of the @ sign is invalid. This code is only useful for permanent failures.
Whitelisting from reverse DNS checks
Hello list, I have configured postfix to not accept connections from clients that fail the reverse dns check. But I want to be able to whitelist specific clients, even if the reverse hostname check fails. To achieve this I configured the following: smtpd_client_restrictions = check_client_access hash:/etc/postfix/client-whitelist, reject_unknown_reverse_client_hostname /etc/postfix/client-whitelist contains comment lines (starting with #) and entries, like this: # mail.acipol.ac.mz 197.218.14.50 OK The file is compiled with postmap: # postmap /etc/postfix/client-whitelist This is the result: # ls -alF /etc/postfix/client-whitelist* -rw-r--r--. 1 root root 1.6K Jul 19 12:07 /etc/postfix/client-whitelist -rw-r--r--. 1 root root 12K Jul 19 12:07 /etc/postfix/client-whitelist.db I reloaded the postfix configuration: # service postfix reload The log shows the reload and no further errors or warnings. However, connections from the addresses in /etc/postfix/client-whitelist are still rejected: Jul 19 12:33:02 christoffel postfix/smtpd[12614]: NOQUEUE: reject: RCPT from unknown[197.218.14.50]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [197.218.14.50]; from= to=/MASKED/ proto=ESMTP helo=mail.acipol.ac.mz So my question is: What am I doing wrong? Any help would be appreciated. Some background information: I am running Postfix 2.7.1 on Debian Squeeze My full configuration is as follows: smtpd_banner = $myhostname ESMTP $mail_name biff = no append_dot_mydomain = no readme_directory = no # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache myhostname = /MASKED/ relay_domains = myorigin = /etc/mailname # /MASKED/ is the primary domain mydestination = /MASKED/ # We are not interested in delivering mail to local system accounts local_recipient_maps = mynetworks_style = host mailbox_command = procmail -a $EXTENSION mailbox_size_limit = 0 recipient_delimiter = * inet_interfaces = all delay_warning_time = 4h unknown_local_recipient_reject_code = 550 maximal_queue_lifetime = 7d minimal_backoff_time = 300s maximal_backoff_time = 4000s smtp_helo_timeout = 60s smtpd_recipient_limit = 16 smtpd_soft_error_limit = 3 smtpd_hard_error_limit = 12 smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit smtpd_sender_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_sender, check_sender_access hash:/etc/postfix/access, permit # Using smtpd_client_restrictions to implement basic filtering of badly configured clients. # Currently only reject_unknown_client_hostname is used to ensure that no clients can send # mail to us using a host / domain that does not pass the DNS hostname - IP mapping and the # IP - hostname reverse mapping test smtpd_client_restrictions = check_client_access hash:/etc/postfix/client-whitelist, reject_unknown_reverse_client_hostname # WARNING: The following placement of check_recipient_access implies that # /etc/postfix/access may ONLY contain REJECT results. Any other results # may lead to an open relay. # See http://tech.groups.yahoo.com/group/postfix-users/message/207679 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, check_recipient_access hash:/etc/postfix/access, check_sender_access hash:/etc/postfix/sender_access, check_policy_service inet:127.0.0.1:10023, reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client relays.ordb.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client proxies.blackholes.wirehub.net, reject_rbl_client bl.spamcop.net, reject_rbl_client sbl.spamhaus.org, permit smtpd_data_restrictions = reject_unauth_pipelining smtpd_helo_required = yes smtpd_delay_reject = yes disable_vrfy_command = yes # smtpd_log_access_permit_actions # Setting this to static:all will enable logging of all explicit permit actions using the above rules # See http://www.postfix.org/postconf.5.html#smtpd_log_access_permit_actions smtpd_log_access_permit_actions = static:all alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases # alias_database specifies which databases are rebuilt when the # newaliases command is invoked. Obviously, only maps that need # to be rebuilt (hash, btree, dbm) are to be listed here. # alias_maps specifies where Postfix looks for aliases. alias_database = $alias_maps # De UID en
Re: Whitelisting from reverse DNS checks
On 07/19/2013 08:19 AM, L.W. van Braam van Vloten wrote: Hello list, I have configured postfix to not accept connections from clients that fail the reverse dns check. But I want to be able to whitelist specific clients, even if the reverse hostname check fails. To achieve this I configured the following: smtpd_client_restrictions = check_client_access hash:/etc/postfix/client-whitelist, reject_unknown_reverse_client_hostname /etc/postfix/client-whitelist contains comment lines (starting with #) and entries, like this: # mail.acipol.ac.mz 197.218.14.50 OK What you probably want is, smtpd_client_restrictions = check_client_access cidr:/etc/postfix/client_access and then, $ cat /etc/postfix/client_access # Legitimate clients without rDNS. 197.218.14.50 DUNNO # Default action 0.0.0.0/0 reject_unknown_reverse_client_hostname The first matching entry in /etc/postfix/client_access is what will be used, so the whitelist entries will hit first. If none of the whitelist entries are matched, then the default will kick in. If you ever add more smtpd_client_restrictions, this method avoids skipping the entire set of tests for hosts which should only be whitelisted against the reject_unknown_reverse_client_hostname test.
Catchall Mailbox and deliver to original recipient
Hello list, I have a question regarding virtual alias maps. I currently implement this table to allow me to keep an offsite copy of all incoming mails for users in the following manner u...@example.comu...@example.com,u...@offsite.com So the user will receive the original message and a copy will sent to the offsite mailbox (Which has webmail access). The idea being that if their local mail server dies a terrible death then they still have access to incoming mail via the webmail. Now I have a domain where they would like to implement a catchall mailbox for their offsite access. If this was the only delivery location I'd do something like: @example.comcatch...@offsite.com However I would still like the original recipient to receive a copy of the message. Short of listing all the user accounts and aliasing them all to the catchall mailbox is there any variable I can use to alias the message back to it's original recipient as well? The wording on that is inelegant so perhaps I should put an example of what I am trying to achieve: @example.com$u...@example.com,catch...@offiste.com So if a message were to come into john.sm...@example.com it would be aliased to john.sm...@example.com and catch...@offsite.com Thanks in advance. Kind regards, James Day
Re: Sender address rejected
On Fri, Jul 19, 2013 at 09:05:52AM +0200, Krzysztof Szarlej wrote: Well after i made some changes the postfix dont want to start. I mean the smpt, it says it that connect timeout exceeded. # tail /var/log/maillog Jul 19 09:01:54 szarlej postfix/master[4428]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Jul 19 09:02:54 szarlej postfix/smtpd[4549]: fatal: parameter smtpd_recipient_restrictions: specify at least one working instance of: check_relay_domains, reject_unauth_destination, reject, defer or defer_if_permit Jul 19 09:02:55 szarlej postfix/master[4428]: warning: process /usr/libexec/postfix/smtpd pid 4549 exit status 1 Jul 19 09:02:55 szarlej postfix/master[4428]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling my recipient restrictions now: Not likely so, look at postconf smtpd_recipient_restrictions. smtpd_recipient_restrictions = reject_non_fqdn_recipient, check_relay_domains, permit_sasl_authenticated, permit_mynetworks, Leading whitespace is required for line continuations. See man 5 postconf for file syntax. Also, remove check_relay_domains. It's deprecated and not needed anyway. reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit Before posting again, review Noel's post and the URL given. Your followup was inadequate without postconf -n output. -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if /dev/rob0 is in the Subject:
Sending a lot of emails
Hey guys i have finally set my mail server with dovecot and postfix. I configured also a tls and sasl authentication. I have revdns and txt record also. I have a database with 5000 mails and I want to send to each address a mail with my company offer(not a spam just offer to companies with the same profile that my company have) How to achive this? Do I need to use for example PHP? I was thinking of a cron script that would each 30 minuts send i.e 200mails. but i dont know wheter it is possible to send those mails only by cron, or i need a for example php script that would be execed each 20 minutes? Afaik it is not possible to use apache with postfix? Only with default linux sendmail program? Thank you for your suggestions
Re: Sending a lot of emails
On 2013-07-19 1:23 PM, Krzysztof Szarlej kszarle...@gmail.com wrote: I have a database with 5000 mails and I want to send to each address a mail with my company offer(not a spam just offer to companies with the same profile that my company have) Do you have their explicit permission to send them this offer? If not, IT IS SPAM.
Re: Sending a lot of emails
I received this database from a government organization because I joined a export support program held by polish gov organizations . Those companies I have mails to had to apply for this also because afaik it is also a project supported by EU. Because sendmail and postfix cannot run simulatenusely and I am using my email. Also my postfix is configured with ssl certs and it would look much more trusted than simple sendmail i think? Correct me if i am wrong. 2013/7/19 Charles Marcus cmar...@media-brokers.com On 2013-07-19 1:23 PM, Krzysztof Szarlej kszarle...@gmail.com wrote: I have a database with 5000 mails and I want to send to each address a mail with my company offer(not a spam just offer to companies with the same profile that my company have) Do you have their explicit permission to send them this offer? If not, IT IS SPAM.
Re: Sending a lot of emails
In an older episode, on 2013-07-19 20:06, Dominik George wrote: Hi, the key is that by sendmail, we mean the sendmail command. Postfix has a sendmail-compatible frontend. You can just use the mail command like so: $ mail -a From: Your Name yourm...@example.com -s Your Subject recpm...@example.com EOT Your Text EOT Run $ mail --help to see the precise syntax. Newer mail(x) versions use -a to attach files. Hope this helps. wolfgang
Re: Sending a lot of emails
Hi, the key is that by sendmail, we mean the sendmail command. Postfix has a sendmail-compatible frontend. You can just use the mail command like so: $ mail -a From: Your Name yourm...@example.com -s Your Subject recpm...@example.com EOT Your Text EOT -nik Krzysztof Szarlej kszarle...@gmail.com schrieb: I received this database from a government organization because I joined a export support program held by polish gov organizations . Those companies I have mails to had to apply for this also because afaik it is also a project supported by EU. Because sendmail and postfix cannot run simulatenusely and I am using my email. Also my postfix is configured with ssl certs and it would look much more trusted than simple sendmail i think? Correct me if i am wrong. 2013/7/19 Charles Marcus cmar...@media-brokers.com On 2013-07-19 1:23 PM, Krzysztof Szarlej kszarle...@gmail.com wrote: I have a database with 5000 mails and I want to send to each address a mail with my company offer(not a spam just offer to companies with the same profile that my company have) Do you have their explicit permission to send them this offer? If not, IT IS SPAM. -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
Re: Whitelisting from reverse DNS checks
On 7/19/2013 7:19 AM, L.W. van Braam van Vloten wrote: Hello list, I have configured postfix to not accept connections from clients that fail the reverse dns check. But I want to be able to whitelist specific clients, even if the reverse hostname check fails. To achieve this I configured the following: smtpd_client_restrictions = check_client_access hash:/etc/postfix/client-whitelist, reject_unknown_reverse_client_hostname /etc/postfix/client-whitelist contains comment lines (starting with #) and entries, like this: # mail.acipol.ac.mz 197.218.14.50 OK The file is compiled with postmap: # postmap /etc/postfix/client-whitelist This is the result: # ls -alF /etc/postfix/client-whitelist* -rw-r--r--. 1 root root 1.6K Jul 19 12:07 /etc/postfix/client-whitelist -rw-r--r--. 1 root root 12K Jul 19 12:07 /etc/postfix/client-whitelist.db I reloaded the postfix configuration: # service postfix reload The log shows the reload and no further errors or warnings. However, connections from the addresses in /etc/postfix/client-whitelist are still rejected: Jul 19 12:33:02 christoffel postfix/smtpd[12614]: NOQUEUE: reject: RCPT from unknown[197.218.14.50]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [197.218.14.50]; from= to=/*masked*/ proto=ESMTP helo=mail.acipol.ac.mz So my question is: What am I doing wrong? Any help would be appreciated. The general procedure you describe is correct. I suspect a typo in your main.cf. Please show your postconf -n output for further help. -- Noel Jones
Re: Catchall Mailbox and deliver to original recipient
On 7/19/2013 8:12 AM, James Day wrote: Hello list, I have a question regarding virtual alias maps. I currently implement this table to allow me to keep an offsite copy of all incoming mails for users in the following manner u...@example.com u...@example.com,u...@offsite.com So the user will receive the original message and a copy will sent to the offsite mailbox (Which has webmail access). The idea being that if their local mail server dies a terrible death then they still have access to incoming mail via the webmail. Now I have a domain where they would like to implement a catchall mailbox for their offsite access. If this was the only delivery location I'd do something like: @example.com catch...@offsite.com However I would still like the original recipient to receive a copy of the message. You're probably looking for: http://www.postfix.org/postconf.5.html#recipient_bcc_maps a quick example: # main.cf recipient_bcc_maps = hash:/etc/postfix/recipient_bcc # recipient_bcc @example.com catch...@offsite.example.com -- Noel Jones
Re: Possibly deprecated parameters
On 07/19/2013 02:04 PM, Mgr. Peter Tuharsky, MsU Banska Bystrica wrote: Thank You, both were probably a typo. After correcting, Postfix stopped complaining. (Well, they were probably not so important, since postfix was running fine for 5 years now :-) As documented, postfix 2.9 introduced main.cf checks for unused user-defined parameters. A typo in a real parameter will always match that test. The typoed parameters were always ineffectual, since they don't exist, but your postfix versions pre-2.9 did not alert you to this fact. -- J.
Re: Postfix not accepting remote connections
On 19 Jul 2013 23:28, Sam Flint harmonicn...@gmail.com wrote: my postfix will not accept remote connections, but it will accept local. postconf -n: broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4, ipv6 message_size_limit = 3072 mydestination = $myhostname, localhost, localhost.localdomain mydomain = flintfam.org myhostname = mail.flintfam.org mynetworks = all myorigin = $mydomain proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps relay_domains = .com .org .net .info $mydestination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains. Do you see the issue? Simon smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem smtpd_use_tls = yes virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysq l:/etc/postfix/mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/ mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 Log entry: none. Sam -- Sam Flint flintfam.org/~swflint
Re: Sending a lot of emails
On 07/19/2013 08:01 PM, Krzysztof Szarlej wrote: Because sendmail and postfix cannot run simulatenusely That refers to the postfix sendmail(1)-compatibility interface. It works even when postfix is not running. and I am using my email. Also my postfix is configured with ssl certs and it would look much more trusted than simple sendmail i think? You've misunderstood what the certificate is for. The certificate is for your submission clients, to verify the identity of the postfix server, and to initiate TLS. It explicitly is NOT for remote servers to somehow trust your postfix *client* Correct me if i am wrong. You're wrong :) Receiving MTAs don't use TLS, and they wouldn't care about your certificate's veracity if they did. -- J.
Re: Postfix not accepting remote connections
I see, but it does nothing. Sam On Fri, Jul 19, 2013 at 4:32 PM, Simon B simon.buongio...@gmail.com wrote: On 19 Jul 2013 23:28, Sam Flint harmonicn...@gmail.com wrote: my postfix will not accept remote connections, but it will accept local. postconf -n: broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4, ipv6 message_size_limit = 3072 mydestination = $myhostname, localhost, localhost.localdomain mydomain = flintfam.org myhostname = mail.flintfam.org mynetworks = all myorigin = $mydomain proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps relay_domains = .com .org .net .info $mydestination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains. Do you see the issue? Simon smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem smtpd_use_tls = yes virtual_alias_maps = proxy:mysql:/etc/postfix/ mysql-virtual_forwardings.cf, mysq l:/etc/postfix/mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/ mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/ mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 Log entry: none. Sam -- Sam Flint flintfam.org/~swflint -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
relay_domains = .com .org .net .info $mydestination The above is very bad, change it to empty: relay_domains = smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains. Do you see the issue? No issue with this entry, this is normal. (well, the final permit is unneeded, but won't hurt anything.) -- Noel Jones
Re: Postfix not accepting remote connections
On 7/19/2013 4:58 PM, Sam Flint wrote: I'm running on a linode, and I'm sorry. Netstat: Proto Recv-Q Send-Q Local Address Foreign Address State tcp0232 flintfam.org:ssh ip98-161-54-206.om.om:52460 http://ip98-161-54-206.om.om:52460 ESTABLISHED tcp0 0 localhost:44273 localhost:mysql TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47988 TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47975 TIME_WAIT Stop top posting. And plain-text only please -- the HTML makes tables and logs impossible to read. Doesn't look as if postfix is listening at all. How are you testing postfix? Check the postfix log for errors. http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#logging -- Noel Jones
Re: Postfix not accepting remote connections
it's already like that On Fri, Jul 19, 2013 at 4:42 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 7/19/2013 4:26 PM, Sam Flint wrote: my postfix will not accept remote connections, but it will accept local. Some linux distros configure postfix to only listen on localhost, forcing you to edit master.cf to listen remotely. Look for a line in msater.cf something like: 127.0.0.1:smtp inet n - n - - smtpd and take out the 127.0.0.1: part so the line starts with smtp inet smtp inet n - n - - smtpd Then do a postfix stop ; postfix start -- Noel Jones postconf -n: broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4, ipv6 message_size_limit = 3072 mydestination = $myhostname, localhost, localhost.localdomain mydomain = flintfam.org http://flintfam.org myhostname = mail.flintfam.org http://mail.flintfam.org mynetworks = all myorigin = $mydomain proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps relay_domains = .com .org .net .info $mydestination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem smtpd_use_tls = yes virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf http://mysql-virtual_forwardings.cf, mysq l:/etc/postfix/mysql-virtual_email2email.cf http://mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf http://mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf http://mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 Log entry: none. Sam -- Sam Flint flintfam.org/~swflint http://flintfam.org/~swflint -- Sam Flint flintfam.org/~swflint
Re: Look up tables (lists)
Lynn Dobbs: different places, I read that it is best to have the query return 1 if a match is found because postfix might not be happy with anything else. The Postfix documentation is correct. And whatever you read is incorrect. That is, the text is flawed, or your reading skills. When searching a list, Postfix requires that the key exists, and discards the result. When reading a table, Postfix does use the result. Wietse
Re: Postfix not accepting remote connections
On 19 Jul 2013 23:39, Sam Flint harmonicn...@gmail.com wrote: I see, but it does nothing. Don't top-post please. Rob explained this perfectly in the archives.. http://postfix.1071664.n5.nabble.com/smtpd-recipient-restrictions-Best-Practices-td10171.html Sam On Fri, Jul 19, 2013 at 4:32 PM, Simon B simon.buongio...@gmail.com wrote: On 19 Jul 2013 23:28, Sam Flint harmonicn...@gmail.com wrote: my postfix will not accept remote connections, but it will accept local. postconf -n: broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4, ipv6 message_size_limit = 3072 mydestination = $myhostname, localhost, localhost.localdomain mydomain = flintfam.org myhostname = mail.flintfam.org mynetworks = all myorigin = $mydomain proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps relay_domains = .com .org .net .info $mydestination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains. Do you see the issue? Simon smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem smtpd_use_tls = yes virtual_alias_maps = proxy:mysql:/etc/postfix/ mysql-virtual_forwardings.cf, mysq l:/etc/postfix/mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/ mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/ mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 Log entry: none. Sam -- Sam Flint flintfam.org/~swflint -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
On 7/19/2013 4:53 PM, Sam Flint wrote: Still nothing On Fri, Jul 19, 2013 at 4:46 PM, Noel Jones njo...@megan.vbhcs.org mailto:njo...@megan.vbhcs.org wrote: relay_domains = .com .org .net .info $mydestination The above is very bad, change it to empty: relay_domains = Stop top posting. And maybe more than one-line answers would get you better help. BTW, the above correction (relay_domains = )is to keep you from being an open relay, and was not expected to fix the apparent problem of postfix not listening on outside interfaces. -- Noel Jones
Re: Postfix not accepting remote connections
On 7/19/2013 4:45 PM, Sam Flint wrote: it's already like that stop top posting. Sorry, my crystal ball is at the cleaners. Maybe start with describing how you're testing. Also note some ISPs block port 25 on consumer connections, making running or testing a mail server impossible. You didn't mention what kind of connection you have. Also, master.cf contents, and netstat or lsof output showing what's listening on port 25 might be helpful. -- Noel Jones
Re: Postfix not accepting remote connections
Still nothing On Fri, Jul 19, 2013 at 4:46 PM, Noel Jones njo...@megan.vbhcs.org wrote: relay_domains = .com .org .net .info $mydestination The above is very bad, change it to empty: relay_domains = smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit So, you permit your networks, and if that condition is satisfied, you permit if sasl authenticated, and if that's satisfied you reject non-local domains. Do you see the issue? No issue with this entry, this is normal. (well, the final permit is unneeded, but won't hurt anything.) -- Noel Jones -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
Sorry, Gmail. I'm testing by attempting to connect with my android tablet On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 7/19/2013 4:58 PM, Sam Flint wrote: I'm running on a linode, and I'm sorry. Netstat: Proto Recv-Q Send-Q Local Address Foreign Address State tcp0232 flintfam.org:ssh ip98-161-54-206.om.om:52460 http://ip98-161-54-206.om.om:52460 ESTABLISHED tcp0 0 localhost:44273 localhost:mysql TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47988 TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47975 TIME_WAIT Stop top posting. And plain-text only please -- the HTML makes tables and logs impossible to read. Doesn't look as if postfix is listening at all. How are you testing postfix? Check the postfix log for errors. http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#logging -- Noel Jones -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
Ok, well thanks. I'm sorry, I will try. On Fri, Jul 19, 2013 at 5:01 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 7/19/2013 4:53 PM, Sam Flint wrote: Still nothing On Fri, Jul 19, 2013 at 4:46 PM, Noel Jones njo...@megan.vbhcs.org mailto:njo...@megan.vbhcs.org wrote: relay_domains = .com .org .net .info $mydestination The above is very bad, change it to empty: relay_domains = Stop top posting. And maybe more than one-line answers would get you better help. BTW, the above correction (relay_domains = )is to keep you from being an open relay, and was not expected to fix the apparent problem of postfix not listening on outside interfaces. -- Noel Jones -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
I'm running on a linode, and I'm sorry. Netstat: Proto Recv-Q Send-Q Local Address Foreign Address State tcp0232 flintfam.org:ssh ip98-161-54-206.om.om:52460ESTABLISHED tcp0 0 localhost:44273 localhost:mysql TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47988 TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47975 TIME_WAIT Active UNIX domain sockets (w/o servers) Proto RefCnt Flags Type State I-Node Path unix 10 [ ] DGRAM7440743 /dev/log unix 2 [ ] DGRAM415 @/org/kernel/udev/udevd unix 3 [ ] STREAM CONNECTED 8377567 unix 2 [ ] DGRAM8377484 unix 2 [ ] DGRAM7451169 unix 3 [ ] STREAM CONNECTED 8377566 unix 3 [ ] STREAM CONNECTED 8377572 unix 3 [ ] STREAM CONNECTED 8377569 unix 3 [ ] STREAM CONNECTED 8377570 unix 3 [ ] STREAM CONNECTED 2424 unix 3 [ ] STREAM CONNECTED 2425 unix 2 [ ] DGRAM7466181 unix 3 [ ] STREAM CONNECTED 1963 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 2427 unix 3 [ ] DGRAM419 unix 3 [ ] DGRAM418 unix 3 [ ] STREAM CONNECTED 8377519 unix 3 [ ] STREAM CONNECTED 8377545 unix 3 [ ] STREAM CONNECTED 2600219 unix 3 [ ] STREAM CONNECTED 8377546 unix 2 [ ] DGRAM2600213 unix 3 [ ] STREAM CONNECTED 8377518 unix 3 [ ] STREAM CONNECTED 8377548 unix 3 [ ] STREAM CONNECTED 8377524 unix 3 [ ] STREAM CONNECTED 8377542 unix 3 [ ] STREAM CONNECTED 8377521 unix 3 [ ] STREAM CONNECTED 8377543 unix 3 [ ] STREAM CONNECTED 8377522 unix 3 [ ] STREAM CONNECTED 2600220 unix 2 [ ] DGRAM8367934 unix 3 [ ] STREAM CONNECTED 8377531 unix 3 [ ] STREAM CONNECTED 8377530 unix 3 [ ] STREAM CONNECTED 8377528 unix 3 [ ] STREAM CONNECTED 8377527 unix 3 [ ] STREAM CONNECTED 8377525 unix 3 [ ] STREAM CONNECTED 8377573 unix 3 [ ] STREAM CONNECTED 8377576 unix 3 [ ] STREAM CONNECTED 8377575 unix 2 [ ] DGRAM8377284 unix 3 [ ] STREAM CONNECTED 8377551 unix 3 [ ] STREAM CONNECTED 8319 unix 3 [ ] STREAM CONNECTED 8377552 unix 3 [ ] STREAM CONNECTED 8377549 unix 2 [ ] DGRAM8367964 unix 3 [ ] STREAM CONNECTED 8377555 unix 3 [ ] STREAM CONNECTED 8377505 unix 3 [ ] STREAM CONNECTED 8377554 unix 3 [ ] STREAM CONNECTED 8377563 unix 3 [ ] STREAM CONNECTED 8377564 unix 3 [ ] STREAM CONNECTED 8377561 unix 2 [ ] DGRAM2602460 unix 3 [ ] STREAM CONNECTED 8377560 unix 3 [ ] STREAM CONNECTED 8377557 unix 2 [ ] DGRAM2538 unix 3 [ ] STREAM CONNECTED 8377508 unix 3 [ ] STREAM CONNECTED 8377558 unix 2 [ ] DGRAM908 unix 3 [ ] STREAM CONNECTED 8377516 unix 3 [ ] STREAM CONNECTED 8377536 unix 3 [ ] STREAM CONNECTED 8377515 unix 3 [ ] STREAM CONNECTED 8377533 unix 3 [ ] STREAM CONNECTED 8377534 unix 3 [ ] STREAM CONNECTED 8377513 unix 3 [ ] STREAM CONNECTED 2519 /var/run/dbus/system_bus_socket unix 3 [ ] STREAM CONNECTED 8377539 unix 3 [ ] STREAM CONNECTED 8377512 unix 3 [ ] STREAM CONNECTED 8377540 unix 3 [ ] STREAM CONNECTED 8377511 unix 3 [ ] STREAM CONNECTED 8377537 unix 3 [ ] STREAM CONNECTED 8377510 unix 2 [ ] DGRAM8370780 unix 3 [ ] STREAM CONNECTED 8365739 unix 3 [ ] STREAM CONNECTED 8377653 /var/run/dovecot/anvil-auth-penalty unix 3 [ ] STREAM CONNECTED 8377507 unix 2 [ ] DGRAM4939556 unix 3
Postfix not accepting remote connections
my postfix will not accept remote connections, but it will accept local. postconf -n: broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4, ipv6 message_size_limit = 3072 mydestination = $myhostname, localhost, localhost.localdomain mydomain = flintfam.org myhostname = mail.flintfam.org mynetworks = all myorigin = $mydomain proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps relay_domains = .com .org .net .info $mydestination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem smtpd_use_tls = yes virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysq l:/etc/postfix/mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 Log entry: none. Sam -- Sam Flint flintfam.org/~swflint
Re: Look up tables (lists)
On Fri, Jul 19, 2013 at 03:02:49PM -0700, Lynn Dobbs wrote: After I figured out that my pgsql query was returning an empty row for virtual_mailbox_maps used to reject_unlisted_recipient, I started thinking about what the query returned when there was an address match. It is clear that smtpd is looking for row or no row. And I've read on this mailing list and elsewhere that the query result value is ignored. smtpd(8) ignores the value. virtual(8) uses it. http://www.postfix.org/postconf.5.html#virtual_mailbox_maps http://www.postfix.org/virtual.8.html I've been happy with that answer for several years. Then, in two different places, I read that it is best to have the query return 1 if a match is found because postfix might not be happy with anything else. Since neither of those places were Postfix documentation, I'd consider them both discredited. Any virtual_mailbox_maps result, for smtpd, is the same as any other result. It seems like a good idea, on the face of it, to always return a known and benign value. I'd have it return what is documented for virtual_mailbox_maps: the remainder of the path that virtual(8) would use for delivery. Even if you're using a third-party delivery agent, it's nice to be able to fall back on the native agents if/when necessary. So, does it matter in any way whatsoever? Is it be possible for the return value to somehow confuse smtpd or break something? -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if /dev/rob0 is in the Subject:
Look up tables (lists)
After I figured out that my pgsql query was returning an empty row for virtual_mailbox_maps used to reject_unlisted_recipient, I started thinking about what the query returned when there was an address match. It is clear that smtpd is looking for row or no row. And I've read on this mailing list and elsewhere that the query result value is ignored. I've been happy with that answer for several years. Then, in two different places, I read that it is best to have the query return 1 if a match is found because postfix might not be happy with anything else. It seems like a good idea, on the face of it, to always return a known and benign value. So, does it matter in any way whatsoever? Is it be possible for the return value to somehow confuse smtpd or break something? Lynn -- Chief Technical Officer CreditLink Corporation
Re: Postfix not accepting remote connections
On 7/19/2013 4:46 PM, Simon B wrote: On 19 Jul 2013 23:39, Sam Flint harmonicn...@gmail.com mailto:harmonicn...@gmail.com wrote: I see, but it does nothing. Don't top-post please. Rob explained this perfectly in the archives.. http://postfix.1071664.n5.nabble.com/smtpd-recipient-restrictions-Best-Practices-td10171.html Simon, You're solving the wrong problem. The OP's postfix is not accessible from outside. This has nothing to do with with smtpd_recipient_restrictions. -- Noel Jones
Re: Postfix not accepting remote connections
On Fri, Jul 19, 2013 at 05:51:20PM -0500, Sam Flint wrote: On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint harmonicn...@gmail.com wrote: On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 7/19/2013 4:58 PM, Sam Flint wrote: I'm running on a linode, and I'm sorry. Netstat: snip Stop top posting. And plain-text only please -- the HTML makes tables and logs impossible to read. Doesn't look as if postfix is listening at all. How are you testing postfix? Sorry, Gmail. I'm testing by attempting to connect with my android tablet snip Postfix is listening, I can still recieve email. $ telnet mail.flintfam.org 25 Trying 50.116.25.174... Connected to mail.flintfam.org. Escape character is '^]'. 220 mail.flintfam.org ESMTP Postfix quit 221 2.0.0 Bye Connection closed by foreign host. $ telnet mail.flintfam.org 587 Trying 50.116.25.174... telnet: connect to address 50.116.25.174: Connection refused Port 25 is fine (or at least as far as I tested.) 587 is not. Perhaps your ISP is blocking port 25 outbound from the android tablet? Check the postfix log for errors. http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#logging -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if /dev/rob0 is in the Subject:
Re: Sending a lot of emails
Hi, what is wrong with the sendmail program and a simple shell script? What is wrong with sending all mails in a batch? Last but not least, what aspect of your plan dos NOT match plain spamming? Cheers, Nik Krzysztof Szarlej kszarle...@gmail.com schrieb: Hey guys i have finally set my mail server with dovecot and postfix. I configured also a tls and sasl authentication. I have revdns and txt record also. I have a database with 5000 mails and I want to send to each address a mail with my company offer(not a spam just offer to companies with the same profile that my company have) How to achive this? Do I need to use for example PHP? I was thinking of a cron script that would each 30 minuts send i.e 200mails. but i dont know wheter it is possible to send those mails only by cron, or i need a for example php script that would be execed each 20 minutes? Afaik it is not possible to use apache with postfix? Only with default linux sendmail program? Thank you for your suggestions -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
Re: Postfix not accepting remote connections
On Fri, Jul 19, 2013 at 6:02 PM, Wietse Venema wie...@porcupine.org wrote: Sam Flint: Postfix is listening, I can still recieve email. Hi. I wrote most of Postfix. What evidence do you have (SHOW POSTFIX LOGGING) that Postfix is receiving mail for you? Wietse It arrives in my inbox, delivered by dovecot. Postfix says: Jul 19 23:09:47 bell postfix/smtpd[29578]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled Jul 19 23:09:47 bell postfix/smtpd[29578]: connect from mail-qc0-f170.google.com[209.85.216.170] Jul 19 23:09:48 bell postfix/smtpd[29578]: 2809696BF: client=mail-qc0-f170.google.com[209.85.216.170] Jul 19 23:09:48 bell postfix/cleanup[29588]: 2809696BF: message-id=cal-xtg5se-n0mw8b2wkp1nppamcgskf_hcfj04yh9krhw1t...@mail.gmail.com Jul 19 23:09:48 bell postfix/qmgr[28887]: 2809696BF: from=harmonicn...@gmail.com, size=1493, nrcpt=1 (queue active) Jul 19 23:09:48 bell postfix/smtpd[29578]: disconnect from mail-qc0-f170.google.com[209.85.216.170] Jul 19 23:09:48 bell postfix/pipe[29590]: 2809696BF: to=swfl...@flintfam.org, relay=dovecot, delay=0.2, delays=0.13/0.01/0/0.05, dsn=2.0.0, status=sent (delivered via dovecot service) Jul 19 23:09:48 bell postfix/qmgr[28887]: 2809696BF: removed dovecot's delivery log shows: 2013-07-19 23:09:48 lda(swfl...@flintfam.org): Info: msgid=cal-xtg5se-n0mw8b2wkp1nppamcgskf_hcfj04yh9krhw1t...@mail.gmail.com: saved mail to INBOX Sam -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
Sam Flint: Postfix is listening, I can still recieve email. Hi. I wrote most of Postfix. What evidence do you have (SHOW POSTFIX LOGGING) that Postfix is receiving mail for you? Wietse
Re: Postfix not accepting remote connections
On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint harmonicn...@gmail.com wrote: Sorry, Gmail. I'm testing by attempting to connect with my android tablet On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 7/19/2013 4:58 PM, Sam Flint wrote: I'm running on a linode, and I'm sorry. Netstat: Proto Recv-Q Send-Q Local Address Foreign Address State tcp0232 flintfam.org:ssh ip98-161-54-206.om.om:52460 http://ip98-161-54-206.om.om:52460 ESTABLISHED tcp0 0 localhost:44273 localhost:mysql TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47988 TIME_WAIT tcp0 0 flintfam.org:http 89-145-108-208.as2901:47975 TIME_WAIT Stop top posting. And plain-text only please -- the HTML makes tables and logs impossible to read. Doesn't look as if postfix is listening at all. How are you testing postfix? Check the postfix log for errors. http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#logging -- Noel Jones -- Sam Flint flintfam.org/~swflint Postfix is listening, I can still recieve email. Sam -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
It shouldn't be... On Fri, Jul 19, 2013 at 5:59 PM, /dev/rob0 r...@gmx.co.uk wrote: On Fri, Jul 19, 2013 at 05:51:20PM -0500, Sam Flint wrote: On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint harmonicn...@gmail.com wrote: On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 7/19/2013 4:58 PM, Sam Flint wrote: I'm running on a linode, and I'm sorry. Netstat: snip Stop top posting. And plain-text only please -- the HTML makes tables and logs impossible to read. Doesn't look as if postfix is listening at all. How are you testing postfix? Sorry, Gmail. I'm testing by attempting to connect with my android tablet snip Postfix is listening, I can still recieve email. $ telnet mail.flintfam.org 25 Trying 50.116.25.174... Connected to mail.flintfam.org. Escape character is '^]'. 220 mail.flintfam.org ESMTP Postfix quit 221 2.0.0 Bye Connection closed by foreign host. $ telnet mail.flintfam.org 587 Trying 50.116.25.174... telnet: connect to address 50.116.25.174: Connection refused Port 25 is fine (or at least as far as I tested.) 587 is not. Perhaps your ISP is blocking port 25 outbound from the android tablet? Check the postfix log for errors. http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#logging -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if /dev/rob0 is in the Subject: -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
On Fri, Jul 19, 2013 at 6:02 PM, Sam Flint harmonicn...@gmail.com wrote: It shouldn't be... On Fri, Jul 19, 2013 at 5:59 PM, /dev/rob0 r...@gmx.co.uk wrote: On Fri, Jul 19, 2013 at 05:51:20PM -0500, Sam Flint wrote: On Fri, Jul 19, 2013 at 5:11 PM, Sam Flint harmonicn...@gmail.com wrote: On Fri, Jul 19, 2013 at 5:08 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 7/19/2013 4:58 PM, Sam Flint wrote: I'm running on a linode, and I'm sorry. Netstat: snip Stop top posting. And plain-text only please -- the HTML makes tables and logs impossible to read. Doesn't look as if postfix is listening at all. How are you testing postfix? Sorry, Gmail. I'm testing by attempting to connect with my android tablet snip Postfix is listening, I can still recieve email. $ telnet mail.flintfam.org 25 Trying 50.116.25.174... Connected to mail.flintfam.org. Escape character is '^]'. 220 mail.flintfam.org ESMTP Postfix quit 221 2.0.0 Bye Connection closed by foreign host. $ telnet mail.flintfam.org 587 Trying 50.116.25.174... telnet: connect to address 50.116.25.174: Connection refused Port 25 is fine (or at least as far as I tested.) 587 is not. Perhaps your ISP is blocking port 25 outbound from the android tablet? Check the postfix log for errors. http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#logging -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if /dev/rob0 is in the Subject: What can I do to fix this on the server end? how can I run on both? Sam -- Sam Flint flintfam.org/~swflint
Re: Postfix not accepting remote connections
Sam Flint: On Fri, Jul 19, 2013 at 6:02 PM, Wietse Venema wie...@porcupine.org wrote: Sam Flint: Postfix is listening, I can still recieve email. Hi. I wrote most of Postfix. What evidence do you have (SHOW POSTFIX LOGGING) that Postfix is receiving mail for you? Wietse It arrives in my inbox, delivered by dovecot. Postfix says: Jul 19 23:09:47 bell postfix/smtpd[29578]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled Jul 19 23:09:47 bell postfix/smtpd[29578]: connect from mail-qc0-f170.google.com[209.85.216.170] Google connects to port 25, so Postfix clearly accepts remote connections. Congratulations. Wietse
Re: Postfix not accepting remote connections
On 7/19/2013 5:11 PM, Sam Flint wrote: Sorry, Gmail. I'm testing by attempting to connect with my android tablet Ok, so this is the real problem you're trying to solve. You believe you cannot connect to Postfix with the Android tablet, correct? What operation are you performing that is failing? 1. Are you attempting to send an email from the tablet to a mailbox on the Postfix server, and it's failing? 2. Are you trying to read your IMAP mailbox and it's failing? 3. Are you trying to send an email through Postfix to some other address, say exam...@yahoo.com? Answering these questions should allow us to get you on the right path pretty quickly. -- Stan
Re: Postfix not accepting remote connections
On 7/19/2013 4:26 PM, Sam Flint wrote: my postfix will not accept remote connections, but it will accept local. Some linux distros configure postfix to only listen on localhost, forcing you to edit master.cf to listen remotely. Look for a line in msater.cf something like: 127.0.0.1:smtp inet n - n - - smtpd and take out the 127.0.0.1: part so the line starts with smtp inet smtp inet n - n - - smtpd Then do a postfix stop ; postfix start -- Noel Jones postconf -n: broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4, ipv6 message_size_limit = 3072 mydestination = $myhostname, localhost, localhost.localdomain mydomain = flintfam.org http://flintfam.org myhostname = mail.flintfam.org http://mail.flintfam.org mynetworks = all myorigin = $mydomain proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt ual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipien t_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonica l_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps relay_domains = .com .org .net .info $mydestination smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, rej ect_unauth_destination, permit smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem smtpd_use_tls = yes virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf http://mysql-virtual_forwardings.cf, mysq l:/etc/postfix/mysql-virtual_email2email.cf http://mysql-virtual_email2email.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf http://mysql-virtual_domains.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf http://mysql-virtual_mailboxes.cf virtual_transport = dovecot virtual_uid_maps = static:5000 Log entry: none. Sam -- Sam Flint flintfam.org/~swflint http://flintfam.org/~swflint