Re: Which user lookup wins?

2018-03-27 Thread Wietse Venema 
Matus UHLAR - fantomas:
> >Matus UHLAR - fantomas:
> >> On 26.03.18 14:15, Wietse Venema wrote:
> >> >Again, it says that
> >> >
> >> >If the domain matches virtual_alias_domains
> >> >then look up the user in virtual_alias_maps
> >> >
> >> >The text does not say:
> >> >
> >> >If the domain matches virtual_alias_domains
> >> >then look up the user in virtual_alias_maps
> >> >else don't use virtual_alias_maps
> >>
> >> but that is exactly what "if" means.
> >> What you say here is a perfect example of misleading.
> 
> On 27.03.18 13:17, Wietse Venema wrote:
> >Sorry, you are confusing 'if X then Y' with 'only if X then Y'
> >or 'if and only if X then Y'.
> 
> people say this to trick others into Y saing that X is a condition even if
> it's not.
> 
> Please don't do that.

I'm abanding this thread because a) we don't agree on the meaning
of simple words, and b) you're maligning my attempts to educate.

Over and out.

Wietse

Re: Which user lookup wins?

2018-03-27 Thread Matus UHLAR - fantomas 

Matus UHLAR - fantomas:

On 26.03.18 14:15, Wietse Venema wrote:
>Again, it says that
>
>If the domain matches virtual_alias_domains
>then look up the user in virtual_alias_maps
>
>The text does not say:
>
>If the domain matches virtual_alias_domains
>then look up the user in virtual_alias_maps
>else don't use virtual_alias_maps

but that is exactly what "if" means.
What you say here is a perfect example of misleading.


On 27.03.18 13:17, Wietse Venema wrote:

Sorry, you are confusing 'if X then Y' with 'only if X then Y'
or 'if and only if X then Y'.


people say this to trick others into Y saing that X is a condition even if
it's not.

Please don't do that.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I'm not interested in your website anymore.
If you need cookies, bake them yourself.

Re: Which user lookup wins?

2018-03-27 Thread Wietse Venema 
Matus UHLAR - fantomas:
> On 26.03.18 14:15, Wietse Venema wrote:
> >Again, it says that
> >
> >If the domain matches virtual_alias_domains
> >then look up the user in virtual_alias_maps
> >
> >The text does not say:
> >
> >If the domain matches virtual_alias_domains
> >then look up the user in virtual_alias_maps
> >else don't use virtual_alias_maps
> 
> but that is exactly what "if" means.
> What you say here is a perfect example of misleading.

Sorry, you are confusing 'if X then Y' with 'only if X then Y'
or 'if and only if X then Y'.

Wietse

Re: Which user lookup wins?

2018-03-27 Thread Matus UHLAR - fantomas 

Matus UHLAR - fantomas:

>Matus UHLAR - fantomas:
>> virtual_alias_domains and virtual_alias_maps are described in
>> "The virtual alias domain class." section.
>>
>> * Domain names are listed in virtual_alias_domains. The default value is
>> $virtual_alias_maps for Postfix 1.1 compatibility.
>>
>> * Valid recipient addresses are listed with the virtual_alias_maps parameter.
>> The Postfix SMTP server rejects invalid recipients with "User unknown in
>> virtual alias table". The default value is $virtual_maps for Postfix 1.1
>> compatibility.


On 26.03.18 14:15, Wietse Venema wrote:

Again, it says that

   If the domain matches virtual_alias_domains
   then look up the user in virtual_alias_maps

The text does not say:

   If the domain matches virtual_alias_domains
   then look up the user in virtual_alias_maps
   else don't use virtual_alias_maps


but that is exactly what "if" means.
What you say here is a perfect example of misleading.

Using "if" in case where a condition does NOT have to be met only leads to
mistakes.

there are many ifs in postfix documentation, should I understand that
they are all useless and all "then" apply even when their "if" doesn't
succeed?


The program behaves as promised.


IMHO the documentation should make it more clear.  I have only found this
information in:
http://www.postfix.org/ADDRESS_REWRITING_README.html#overview
but the virtual_alias_maps is documented in other docs to.

Note that the original poster also did miss this information, that's why we
have this thread.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Holmes, what kind of school did you study to be a detective?
- Elementary, Watson.  -- Daffy Duck & Porky Pig

Re: Postfix - catchall

2018-03-27 Thread Bill Cole 

On 27 Mar 2018, at 9:55, Michaux Julien wrote:


Hi Everyone,

I'm facing a problem with the way postfix handle my catchall.

I am running Postfix 2.10.1 with Cyrus 2.4.17.
I use virtual_mailbox and virtual_alias to handle mailboxes. 
Everything works fine with users.
I would like to implement a catchall mailbox (I know it's not a good 
idea, but this is essential in my business) BUT only for alias that do 
not already exist.

Everything is flat file.

If I send a mail to us...@mail.domain.tld , this mail go to user1 
mailbox. A mail to name1.surna...@mail.domain.tld go to user1 mailbox.
A mail to t...@mail.domain.tld should be redirect to the user mailbox 
I want.


Actually I put something like "@mail.domain.tld  user1" in 
virtual_alias_maps. The problem is that it actually catches ALL mail 
that arrive on the server. User1 gets all unknown mails AND user2 
mail.


How can user1 receive mail that are normally bounced because of " 
Recipient address rejected: mailbox does not exist"


Use a pcre (or regexp) table for virtual_alias_maps. That gives you the 
ability to use the order of rules to implement a default for everything 
not matched specifically.


When doing that, you probably will eventually want a pcre or regexp 
check_recipient_access map to make the catchall a catch-most.

Re: Postfix - catchall

2018-03-27 Thread Wietse Venema 
Michaux Julien:
> Actually I put something like "@mail.domain.tld  user1" in
> virtual_alias_maps. The problem is that it actually catches ALL
> mail that arrive on the server. User1 gets all unknown mails AND
> user2 mail.

To prevent this, create 1:1 aliases for addresses that should not
be aliased.

first.la...@mail.example.com  us...@mail.example.com
first.la...@mail.example.com  us...@mail.example.com
us...@mail.example.com  us...@mail.example.com
us...@mail.example.com  us...@mail.example.com
@mail.example.com   us...@mail.example.com

Wietse

Postfix - catchall

2018-03-27 Thread Michaux Julien 
Hi Everyone,

I'm facing a problem with the way postfix handle my catchall.

I am running Postfix 2.10.1 with Cyrus 2.4.17.
I use virtual_mailbox and virtual_alias to handle mailboxes. Everything works 
fine with users.
I would like to implement a catchall mailbox (I know it's not a good idea, but 
this is essential in my business) BUT only for alias that do not already exist.
Everything is flat file.

If I send a mail to us...@mail.domain.tld , this mail go to user1 mailbox. A 
mail to name1.surna...@mail.domain.tld go to user1 mailbox.
A mail to t...@mail.domain.tld should be redirect to the user mailbox I want.

Actually I put something like "@mail.domain.tld  user1" in virtual_alias_maps. 
The problem is that it actually catches ALL mail that arrive on the server. 
User1 gets all unknown mails AND user2 mail.

How can user1 receive mail that are normally bounced because of " Recipient 
address rejected: mailbox does not exist" 

Here is my conf : 

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
append_dot_mydomain = no
myhostname = mail.domain.tld
myorigin = $myhostname
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
local_recipient_maps = $alias_maps
mydestination = localhost
virtual_transport = error:mailbox does not exist
virtual_mailbox_domains = hash:/etc/postfix/virtual_domains
virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox
virtual_alias_maps = hash:/etc/postfix/virtual_alias
transport_maps = hash:/etc/postfix/transport
recipient_delimiter = +
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.domain.tld /fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mail.domain.tld /privkey.pem
smtp_tls_security_level = may
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes

Virtual_domains : 
mail.domain.tld   OK

virtual_mailbox :
us...@mail.domain.tld OK
us...@mail.domain.tld  OK

virtual_alias: 
name1.surna...@mail.domain.tld  us...@mail.domain.tld
hostmas...@mail.domain.tld  us...@mail.domain.tld
name2.surna...@mail.domain.tld  us...@mail.domain.tld

Cordialement / Best Regards,


Julien MICHAUX

Re: clamav as a milter

2018-03-27 Thread André Rodier 
On 27/03/18 03:18, Alex Bruce wrote:
> Thing is clamav-milter is a before-queue filter (used as milter in
> postfix) whereas ClamSMTP is after-queue filter (uses content filter in
> postfix)
> 
> These are fundamentally different ways of providing filtering in Postfix.
> 
> Before-Queue filtering can reject emails if they have a virus in the
> SMTP transaction (after DATA) whereas After-Queue cannot or should not
> without a bounce message (please no backscatter) so After-Queue should
> only quarantine or discard a virus email not reject/bounce.
> 
> Before-Queue requires more memory upfront to handle multiple connections
> as each connection is going to need realtime-access to clamav whereas
> After-Queue does not have such stringent requirements and can get away
> with lower memory as email can be processed slower but not perceived to
> be slower (as emails are accepted immediately but later discarded if
> virus etc).
> 
> See Pros and Cons of Before Queue --
> http://www.postfix.org/SMTPD_PROXY_README.html
> 
> With clamav-milter it must wait for the milter to say virus or no virus
> before it can end the SMTP transaction which leads to potential
> performance issues if the mail server is not well speced for
> before-queue scanning but it has the advantage of rejecting mail in SMTP
> transaction.
> 
> 
> 
> From:        "André Rodier" 
> To:        postfix-users@postfix.org
> Date:        27/03/2018 12:10 PM
> Subject:        Re: clamav as a milter
> Sent by:        owner-postfix-us...@postfix.org
> 
> 
> 
> 
> On 26/03/18 23:35, Scott Kitterman wrote:
>> On Monday, March 26, 2018 10:27:57 PM André Rodier wrote:
>>> Hello all,
>>>
>>> Does anyone suffered performance loss when using clamav as a milter for
>>> postfix?
>>>
>>> I would like to scan archives and emails with attachments. Is there any
>>> other way to do than using a milter?
>>>
>>> Thanks for your advices.
>> 
>> I use http://thewalter.net/stef/software/clamsmtp/- it hasn't been updated in
>> a long time, but it does what it needs to do.
>> 
>> Scott K
>> 
> Thank you.
> 
> 
Thank you, Alex,

Now I remember the fundamental difference, I will make sure to use the
appropriate one.

I might use dovecot sieve and custom scripts as well, I will post on the
other list.

Kind regards,
André

-- 
https://github.com/progmaticltd/homebox