Re: AAAA requests on IPv6-disconnected system: bug of feature?
On Thursday, May 04, 2017 12:56:05 PM Wietse Venema wrote: > Marat Khalili: > > > Postfix from me installs with IPv6 turned off. Complain with your > > > distributor if they change that. > > > > Indeed default inet_protocols value in my distribution is "all", both in > > configuration created by install script and when corresponding line is > > commented out. Do you mean, it is not supposed to be this way? > > I am not talking about the default. > > I am talking about "Postfix from me INSTALLS with ipv6 turned off". Since this is about Postfix as shipped by Ubuntu and as packaged by Debian, the bug tracker for one of those distributions is the appropriate place for this discussion, not here. Apologies for not noticing which distro this was about sooner. Scott K
Re: AAAA requests on IPv6-disconnected system: bug of feature?
Marat Khalili: > > Postfix from me installs with IPv6 turned off. Complain with your > > distributor if they change that. > > Indeed default inet_protocols value in my distribution is "all", both in > configuration created by install script and when corresponding line is > commented out. Do you mean, it is not supposed to be this way? I am not talking about the default. I am talking about "Postfix from me INSTALLS with ipv6 turned off". Wietse
Re: AAAA requests on IPv6-disconnected system: bug of feature?
On Thu, May 04, 2017 at 05:18:55PM +0300, Marat Khalili wrote: > > Postfix from me installs with IPv6 turned off. Complain with your > > distributor if they change that. > > Indeed default inet_protocols value in my distribution is "all", both in > configuration created by install script and when corresponding line is > commented out. Do you mean, it is not supposed to be this way? The compiled in default is "all", but the prototype "main.cf" file included with Postfix sources has "ipv4". $ postconf -d inet_protocols inet_protocols = all $ grep inet_protocols conf/main.cf inet_protocols = ipv4 On Thu, May 04, 2017 at 05:17:01PM +0300, Marat Khalili wrote: > > To disable outbound IPv6 in Postfix set "inet_protocols = ipv4". If you set > > "inet_protocols" to some other value, then Postfix will do nexthop IPv6 > > lookups. > > What will happen in my current setup if response suddenly becomes > non-empty? Will it fail to send the message? Since IPv6 connections can't/won't complete, all messages will of course be sent via IPv4. With the address family not enabled in the kernel, IPv6 failure will be fast (likely the socket(PF_INET6, ...) system call will fail) and the only effect is a bit more logging in some cases and the time it takes to do the lookups. -- Viktor.
Re: AAAA requests on IPv6-disconnected system: bug of feature?
Postfix from me installs with IPv6 turned off. Complain with your distributor if they change that. Indeed default inet_protocols value in my distribution is "all", both in configuration created by install script and when corresponding line is commented out. Do you mean, it is not supposed to be this way? -- With Best Regards, Marat Khalili
Re: AAAA requests on IPv6-disconnected system: bug of feature?
To disable outbound IPv6 in Postfix set "inet_protocols = ipv4". If you set "inet_protocols" to some other value, then Postfix will do nexthop IPv6 lookups. What will happen in my current setup if response suddenly becomes non-empty? Will it fail to send the message? -- With Best Regards, Marat Khalili
Re: AAAA requests on IPv6-disconnected system: bug of feature?
> On May 4, 2017, at 4:05 AM, Marat Khaliliwrote: > > Postfix is installed as forwarder to a fixed relay in a system with > no IPv6 addresses (disabled system-wide by net.ipv6.conf.*.disable_ipv6 > lines in sysctl). Still, for each message it separately requests both > A and records of the relay from DNS, as I verified by tcpdump. > Is it a bug or feature? To disable outbound IPv6 in Postfix set "inet_protocols = ipv4". If you set "inet_protocols" to some other value, then Postfix will do nexthop IPv6 lookups. > (Yes I know I can explicitly disable IPv6 in postfix configuration too, but > that's not the point.) Actually, that is the point. If IPv6 lookups are enabled, then they are performed. > My investigation actually started with the following lines in mail.log, which > may or may not be related: > >> May 4 07:52:16 postfix postfix/scache[1518]: statistics: domain lookup >> hits=0 miss=3 success=0% > > (3 messages were sent in this interval; there are always 0 hits and 0% > success rate.) This is unrelated to the IPv6 question. -- Viktor.
Re: AAAA requests on IPv6-disconnected system: bug of feature?
Marat Khalili: > Postfix is installed as forwarder to a fixed relay in a system with no > IPv6 addresses (disabled system-wide by net.ipv6.conf.*.disable_ipv6 > lines in sysctl). Still, for each message it separately requests both A > and records of the relay from DNS, as I verified by tcpdump. Is it > a bug or feature? (Yes I know I can explicitly disable IPv6 in postfix > configuration too, but that's not the point.) Postfix from me installs with IPv6 turned off. Complain with your distributor if they change that. Wietse > My investigation actually started with the following lines in mail.log, > which may or may not be related: > > > May 4 07:52:16 postfix postfix/scache[1518]: statistics: domain > > lookup hits=0 miss=3 success=0% > > (3 messages were sent in this interval; there are always 0 hits and 0% > success rate.) > > I'm using Postfix 3.1.0-3 under Ubuntu 16.04. Relay is secure.emailsrvr.com. > > -- > > With Best Regards, > Marat Khalili >
Re: transport_maps
> On May 4, 2017, at 8:31 AM, volodymyr.lytvyne...@ukrsotsbank.com wrote: > > transport_maps = pipemap:{ > inline:{unicredit.ua=x, ukrsotsbank.com=x}, > randmap:{smtp:[mx1.ukrsotsbank.com], smtp:[mx2.ukrsotsbank.com]} >} > > How can I add another domain to the another randmap destinations ? The transport_maps parameter takes a list of tables, so you could append another pipemap to the list that handles the additional domain that uses a different list of smtp nexthop values. However, I think this is a fairly clumsy way of doing MX load-balancing. Instead I would: * Run a local DNS resolver on the MTA listening for requests on the loopback address (127.0.0.1) and configured with an local data for the "localhost" TLD (https://tools.ietf.org/html/rfc2606#section-2) * Configure /etc/resolv.conf to use only the local (127.0.0.1) resolver. * Configure the resolver (BIND syntax) to serve: unicredit.ua.localhost. IN MX 0 mx1.ukrsotsbank.com. unicredit.ua.localhost. IN MX 0 mx2.ukrsotsbank.com. ; ukrsotsbank.com.localhost. IN MX 0 mx1.ukrsotsbank.com. ukrsotsbank.com.localhost. IN MX 0 mx2.ukrsotsbank.com. ; # More domains with arbitrary custom MX hosts * Configure a regular file-based transport table as follows: transport: # RHS values without [] around an smtp nexthop do MX lookups unicredit.uasmtp:unicredit.ua.localhost ukrsotsbank.com smtp:ukrsotsbank.com.localhost ... Don't forget to postmap the table after it changes and set: main.cf: indexed = ${default_database_type}:${config_directory}/ transport_maps = ${indexed}transport -- Viktor.
transport_maps
Hi. I have next transport_maps in main.cf: /etc/postfix/main.cf: transport_maps = pipemap:{ inline:{unicredit.ua=x, ukrsotsbank.com=x}, randmap:{smtp:[mx1.ukrsotsbank.com], smtp:[mx2.ukrsotsbank.com]} } How can I add another domain to the another randmap destinations ? Best regards, Vladimir Litvinenko SSO Delivery Technical Support Specialist "IT Innovations Ukraine" Ltd.
AAAA requests on IPv6-disconnected system: bug of feature?
Postfix is installed as forwarder to a fixed relay in a system with no IPv6 addresses (disabled system-wide by net.ipv6.conf.*.disable_ipv6 lines in sysctl). Still, for each message it separately requests both A and records of the relay from DNS, as I verified by tcpdump. Is it a bug or feature? (Yes I know I can explicitly disable IPv6 in postfix configuration too, but that's not the point.) My investigation actually started with the following lines in mail.log, which may or may not be related: May 4 07:52:16 postfix postfix/scache[1518]: statistics: domain lookup hits=0 miss=3 success=0% (3 messages were sent in this interval; there are always 0 hits and 0% success rate.) I'm using Postfix 3.1.0-3 under Ubuntu 16.04. Relay is secure.emailsrvr.com. -- With Best Regards, Marat Khalili
Re: Different LMTP configuration for different clients
El 03/05/17 a las 16:40, Wietse Venema escribió: Angel L. Mateo: Hello, I have a postfix mail relay server for my domain. This mail server delivered mail to my imap server via LMTP. Now I want that all mail received from a client to the same imap server, but with a different LMTP configuration. That is because this client is a massive mailer and I want to deliver its mail with low concurrency (I don't mind getting higher delays). Is this possible without deploying a new postfix server? Yes, with a transport map that resolves the recipient to an LMTP service with a different (master.cf) name, for example slow_lmtp, plus a main.cf setting for slow_lmtp_destination_concurrency_limit. My problem is that I can't classify by recipient. I should do it by client IP. Is this possible in a transport map? -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 86337
Re: Different LMTP configuration for different clients
El 03/05/17 a las 16:44, Viktor Dukhovni escribió: On May 3, 2017, at 7:56 AM, Angel L. Mateowrote: I have a postfix mail relay server for my domain. This mail server delivered mail to my imap server via LMTP. Now I want that all mail received from a client to the same imap server, but with a different LMTP configuration. That is because this client is a massive mailer and I want to deliver its mail with low concurrency (I don't mind getting higher delays). Is this possible without deploying a new postfix server? The answer depends on information you have not provided. * How is this client distinguished from other clients? By IP * How big (message count) are the mail "bursts" from this sender? Thousand of mails (10k-30k), all directed to my own domain. * At what rate are messages arriving during a "burst"? I don't know. The only limitation we have in the postfix receiving these mails are: smtpd_client_connection_count_limit = 5 smtpd_client_connection_rate_limit = 100 smtpd_client_message_rate_limit = 500 smtpd_recipient_limit = 150 My problem is not in the postfix side, but delivering to the IMAP server. Because these bursts are of messages directed all of them to my domain, when I receive one I have problems delivering them to the imap server via LMTP. * How many such bursts a day? Depends, but it is not rare days with 2 or 3 bursts When you slow down mail delivery below the burst arrival rate, a backlog develops somewhere along the pipeline. Depending on the size of the bursts, the choice of the right place to buffer the bursts may change. -- Angel L. Mateo Martínez Sección de Telemática Área de Tecnologías de la Información y las Comunicaciones Aplicadas (ATICA) http://www.um.es/atica Tfo: 868889150 Fax: 86337