Re: SOLVED Re: Puzzling error: Mailbox file "too large"

[Benny Pedersen]

Phil Stracchino skrev den 2018-10-29 00:14:


Never mind, never mind - I just found the right search term to identify
the problem.  It's running into the hardcoded *DEFAULT* of 50MB for
mailbox_size_limit.

Of course, once I know *that*, the problem is easily solved.


is it mbox local lda setup ?

change it to maildir to get that limit pr mail not pr file

postfix does not pr default accept 50MB emails

if thats a helping hint

so never mind ?

Multiple delivery of queued message to local alias

[kousou+postfix]

Hello all,
For the past week I have been puzzled with the following case .
In local aliases I have defined an alias
alias1: user1, user2, user3
User2 is overquota and messages destined to user2 are deferred.
When a message is sent to alias1 it is delivered to user1 and user3,
deferred for user2 and put in queue with user2 AND alias as recipients !!!

"postqueue -p"  looks like this (pseudo anonymized)

-Queue ID- --Size-- Arrival Time -Sender/Recipient---
B09367FF67  475 Fri Oct 26 17:19:13  kou...@aueb.gr
(temporary failure. Command output: maildrop: maildir over
quota.)
 us...@example.dm
 ali...@example.dm


-- 1 Kbytes in 1 Request.

This results to user1 and user3 receiving the same queued message again and
again each time postfix tries to deliver the message out of the queue into
user3 maildir .!!!

This behavior happens in debian 8 and debian 9 with
default-debian-postfix-package installed.

Full postconf is attached (zipped and slightly edited for anonymization and
readability .)
(I tried to send it inline but the message bounced ... Message too long
(>4 chars))

At your disposal for any further relevant information you may need.
I thank you in advance for your support.


Constantinos Kousouris
Network Operation Centre
Athens University of Economics and Business

<>

Re: Multiple delivery of queued message to local alias

[Wietse Venema]

kousou+post...@aueb.gr:
> Hello all,
> For the past week I have been puzzled with the following case .
> In local aliases I have defined an alias
> alias1: user1, user2, user3
> User2 is overquota and messages destined to user2 are deferred.
> When a message is sent to alias1 it is delivered to user1 and user3,
> deferred for user2 and put in queue with user2 AND alias as recipients !!!

Has worked this way for 20 years. The problem is that there is
only one queue file record (for alias1). That record cannot be
deleted as long as one of (user1, user2, user3) is deferred.

The solution is to force Postfix to write the addresses to a queue
file before attempting delivery, so that it can delete individual
recipients from the queue file.

Add an "owner-alias1: address" entry to the local aliases file,
or use virtual_alias_maps instead.

Wietse

RE: Multiple delivery of queued message to local alias

[kousou+postfix]

I do appreciate your prompt response.

Your first suggestion (to add an "owner-alias1: address" entry to the local
aliases file) creates a new problem ...
The queue entry has owner-ali...@example.dm as sender address, instead of
the real sender address of the initial message. 

-Queue ID- --Size-- Arrival Time -Sender/Recipient---
A87037FE0A  597 Mon Oct 29 14:12:39  owner-ali...@example.dm
(temporary failure. Command output: maildrop: maildir over
quota.)
 us...@example.dm

So ... after the expiration of the maximal_queue_lifetime the DSN message
will not be sent to correct recipient ...

Your second suggestion works like a charm ... with a little risk of
confusion from the administrators point of view (distinct local and virtual
domains with distinct local and virtual aliases ... but in the end all
aliases treated as virtual aliases ...)

In the meantime I realized/discovered that when the alias1 is defined in
local alias file using the include file notation, i.e. 
alias1:  :include:/full/path/to/alias1_members
the message is queued with the initial sender address and with only the
overquota recipient (as it is when virtual aliases are used ... and as I
would expect ...)

Anyway I will go for the 'treat as virtual aliases' solution.

Yet, with all respect, I do believe that you should reconsider the issue so
that no such 'tricks' would be necessary and hence the deployment and
administration of the system would be more straightforward.

Thanks a lot again for your support.

Constantinos


Constantinos Kousouris
Network Operation Centre
Athens University of Economics and Business


-Original Message-
From: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema
Sent: Monday, October 29, 2018 1:49 PM
To: Postfix users 
Subject: Re: Multiple delivery of queued message to local alias

kousou+post...@aueb.gr:
> Hello all,
> For the past week I have been puzzled with the following case .
> In local aliases I have defined an alias
> alias1: user1, user2, user3
> User2 is overquota and messages destined to user2 are deferred.
> When a message is sent to alias1 it is delivered to user1 and user3, 
> deferred for user2 and put in queue with user2 AND alias as recipients !!!

Has worked this way for 20 years. The problem is that there is only one
queue file record (for alias1). That record cannot be deleted as long as one
of (user1, user2, user3) is deferred.

The solution is to force Postfix to write the addresses to a queue file
before attempting delivery, so that it can delete individual recipients from
the queue file.

Add an "owner-alias1: address" entry to the local aliases file, or use
virtual_alias_maps instead.

Wietse

Re: Multiple delivery of queued message to local alias

[Viktor Dukhovni]

> On Oct 29, 2018, at 10:59 AM, kousou+post...@aueb.gr wrote:
> 
> Yet, with all respect, I do believe that you should reconsider the issue so
> that no such 'tricks' would be necessary and hence the deployment and
> administration of the system would be more straightforward.

Unfortunately, the tricks are a necessary architectural consequence of:

  * Sendmail-compatible aliases files
  * Performance, i.e. parallel delivery of distinct local recipients

Therefore, this part of the design won't change.  If users read the
documentation, we could perhaps find a few more places to encourage
them to avoid aliases(5) and use virtual(5) for all rewriting that
maps addresses to other addresses.  The aliases(5) file should ONLY
be used for:

* addresses that expand to pipes
* addresses that expand to ":include:" lists
* addresses with an "owner-" alias.

Furthermore, to reduce unintentional deliveries to the legacy
local(8) mailer, all bare addresses ("user" rather "u...@example.com")
should qualify via "$myorigin" to a virtual alias domain, that does
all the requisite rewriting, and only final addresses that rewrite
into a non-default local domain "@localhost.$mydomain" or "@$myhostname"
should go to the local mailer.

That is:

   main.cf:

# Uncomment zero or more, fewer generally better
mydestination =
# $myhostname
# localhost.$mydomain
# localhost.invalid
# localhost.local

# Make sure this is not listed in $mydestination
myorigin = $mydomain
virtual_alias_domains = $myorigin

# Explicit rewrites for all local(8) deliveries:
indexed = ${default_database_type}:${config_directory}/
virtual_alias_maps = ${indexed}virtual

# Local aliases for just pipes, include files, ...
alias_database = ${indexed}aliases
alias_maps = $alias_database

# Automatically qualify "localhost" (revert Postfix 3.0 default)
append_dot_mydomain = yes

   virtual:
# Joe has a local(8) mailbox, and may have a .forward file, ...
j...@example.comjoe@localhost

# mypipe expands to "|command" running as ${default_privs} (nobody)
#
myp...@example.com  mypipe@localhost

# mylist has an owner-alias, and expands via a ":include:" path
#
myl...@example.com  mylist@localhost

-- 
-- 
Viktor.

how to specify approved senders for recipient?

[Chad M Stewart]

I want to setup a method by which only senders which are in a defined 
list can send a message to a given recipient.


Something like the following (in pseudo code)

accept if sender   and recipient 

The idea being that each recipient will have their own whitelist, and 
only messages from those addresses on the whitelist will be approved.  I 
get how to generate each list of addresses, what I'm missing is how I 
combine them into a accept if statement, if you will.  Doable?  How?


Thank you,

Chad

Re: how to specify approved senders for recipient?

[John Stoffel]

> "Chad" == Chad M Stewart  writes:

Chad> I want to setup a method by which only senders which are in a defined 
Chad> list can send a message to a given recipient.

External or internal recipient?  And wouldn't the simplest method just
be a procmail or sieve filter on the receivers end?  


Chad> Something like the following (in pseudo code)

Chad> accept if sender   and recipient 

Chad> The idea being that each recipient will have their own whitelist, and 
Chad> only messages from those addresses on the whitelist will be approved.  I 
Chad> get how to generate each list of addresses, what I'm missing is how I 
Chad> combine them into a accept if statement, if you will.  Doable?  How?

Chad> Thank you,

Chad> Chad

Re: how to specify approved senders for recipient?

[Wietse Venema]

Chad M Stewart:
> I want to setup a method by which only senders which are in a defined 
> list can send a message to a given recipient.
> 
> Something like the following (in pseudo code)
> 
> accept if sender   and recipient 

http://www.postfwd.org/

I decided 10+ years ago to leave complex policies and content
inspection to plugins.

Wietse